Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Trojan horses


  • This topic is locked This topic is locked
5 replies to this topic

#1 Lakes

Lakes

  • Members
  • 71 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Southport, England
  • Local time:01:58 PM

Posted 06 October 2008 - 04:03 PM

I am bieng peppered by viruses just for using mininova. I have stopped using it and have made these logs.....
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:37:42 PM, on 10/4/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\system32\bmwebcfg.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe
C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Google\Google Talk\googletalk.exe
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Vodafone\Vodafone Mobile Connect\Optimization Client\bmctl.exe
C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\ConAppM.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe
C:\WINDOWS\system32\rsvp.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.live.com/sphome.aspx
R3 - URLSearchHook: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: (no name) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: ZoneAlarm Spy Blocker BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL
O3 - Toolbar: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O3 - Toolbar: ZoneAlarm Spy Blocker - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [MobileConnect] C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe /silent
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe /autostart
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O10 - Unknown file in Winsock LSP: bmnet.dll
O10 - Unknown file in Winsock LSP: bmnet.dll
O10 - Unknown file in Winsock LSP: bmnet.dll
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{0F6722A2-51A8-4FFE-8545-E9CED16EF22B}: NameServer = 10.203.129.68 10.203.129.68
O17 - HKLM\System\CS1\Services\Tcpip\..\{0F6722A2-51A8-4FFE-8545-E9CED16EF22B}: NameServer = 10.203.129.68 10.203.129.68
O20 - AppInit_DLLs: nielvp.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Bytemobile Web Configurator (bmwebcfg) - Bytemobile, Inc. - C:\WINDOWS\system32\bmwebcfg.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Vodafone Mobile Connect Service (VMCService) - Vodafone - C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 8672 bytes

Malwarebytes' Anti-Malware 1.28
Database version: 1226
Windows 5.1.2600 Service Pack 3

10/2/2008 10:24:35 PM
mbam-log-2008-10-02 (22-24-18).txt

Scan type: Quick Scan
Objects scanned: 55947
Time elapsed: 10 minute(s), 6 second(s)

Memory Processes Infected: 1
Memory Modules Infected: 4
Registry Keys Infected: 27
Registry Values Infected: 5
Registry Data Items Infected: 4
Folders Infected: 3
Files Infected: 34

Memory Processes Infected:
C:\WINDOWS\faceback.exe (Trojan.Agent) -> No action taken.

Memory Modules Infected:
C:\WINDOWS\system32\fccaYrqR.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\pkjmhtjx.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\nielvp.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\tuvUNeeb.dll (Trojan.Vundo.H) -> No action taken.

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{51359b71-3093-459d-a496-cf77eb1365e0} (Trojan.Vundo.H) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\tuvuneeb (Trojan.Vundo.H) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{51359b71-3093-459d-a496-cf77eb1365e0} (Trojan.Vundo.H) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{68ecab3f-019e-47f6-8ae1-fa0b7861b3ae} (Trojan.Vundo.H) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{68ecab3f-019e-47f6-8ae1-fa0b7861b3ae} (Trojan.Vundo.H) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{f0df302b-aa61-4345-8997-32a70f5b6d42} (Trojan.Vundo.H) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{f0df302b-aa61-4345-8997-32a70f5b6d42} (Trojan.Vundo.H) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{015dc505-1660-4526-b638-a5ba82bf9fed} (Trojan.BHO.H) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{015dc505-1660-4526-b638-a5ba82bf9fed} (Trojan.BHO.H) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{514a5c49-0c7d-42c3-a71b-38864a269b7a} (Trojan.BHO.H) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{514a5c49-0c7d-42c3-a71b-38864a269b7a} (Trojan.BHO.H) -> No action taken.
HKEY_CLASSES_ROOT\bho_myjavacore.mjcore (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\bho_myjavacore.mjcore.1 (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{17e44256-51e0-4d46-a0c8-44e80ab4ba5b} (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{e0f01490-dcf3-4357-95aa-169a8c2b2190} (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\AppID\{80ef304a-b1c4-425c-8535-95ab6f1eefb8} (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\AppID\BHO_MyJavaCore.DLL (Trojan.BHO) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\tdssdata (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\tdss (Trojan.Agent) -> No action taken.
HKEY_CLASSES_ROOT\WR (Malware.Trace) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\dslcnnct (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IProxyProvider (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> No action taken.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\506dab9b (Trojan.Vundo.H) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{51359b71-3093-459d-a496-cf77eb1365e0} (Trojan.Vundo.H) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\runner1 (Trojan.Agent) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\bm535e9807 (Trojan.Agent) -> No action taken.

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Security Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\fccayrqr -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\fccayrqr -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Trojan.Agent) -> Data: c:\windows\system32\ -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Trojan.Agent) -> Data: system32\ -> No action taken.

Folders Infected:
C:\Program Files\Registry Defender Platinum (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Registry Defender Platinum\backup (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Mjcore (Trojan.BHO) -> No action taken.

Files Infected:
C:\WINDOWS\system32\tuvUNeeb.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\fccaYrqR.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\RqrYaccf.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\RqrYaccf.ini2 (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\nielvp.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\esjgtnax.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\xantgjse.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\pkjmhtjx.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\xjthmjkp.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\evatiolj.dll (Trojan.BHO.H) -> No action taken.
C:\WINDOWS\system32\jpiuvedl.dll (Trojan.BHO.H) -> No action taken.
C:\Program Files\Mjcore\Mjcore.dll (Trojan.BHO) -> No action taken.
C:\WINDOWS\system32\jkkIYoMG.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\hgGxXrRH.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\sojwovxs.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\yvdqyrfr.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\yvyddy.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\iifcYSLf.dll (Trojan.Vundo.H) -> No action taken.
C:\Documents and Settings\Simon Lake.BADCARDZ-7E7BD3\Local Settings\Temporary Internet Files\Content.IE5\RF1XMDBI\upd105320[1] (Trojan.Vundo.H) -> No action taken.
C:\Documents and Settings\Simon Lake.BADCARDZ-7E7BD3\Local Settings\Temporary Internet Files\Content.IE5\RF1XMDBI\file[1].exe (Trojan.Vundo) -> No action taken.
C:\Documents and Settings\Simon Lake.BADCARDZ-7E7BD3\Local Settings\Temporary Internet Files\Content.IE5\Z83DFRF2\nd82m0[1] (Trojan.Vundo.H) -> No action taken.
C:\Program Files\Registry Defender Platinum\report.csv (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Registry Defender Platinum\backup\10_1_2008.reg (Rogue.RegistryDefender) -> No action taken.
C:\WINDOWS\faceback.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\ (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\ (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\akfoqsud.dll (Trojan.Agent) -> No action taken.
C:\WINDOWS\pskt.ini (Trojan.Vundo) -> No action taken.
C:\WINDOWS\BM535e9807.xml (Trojan.Vundo) -> No action taken.
C:\WINDOWS\BM535e9807.txt (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\tdssinit.dll (Rootkit.Agent) -> No action taken.
C:\WINDOWS\system32\tdssmain.dll (Rootkit.Agent) -> No action taken.
C:\WINDOWS\system32\tdssserf.dll (Rootkit.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\tdssserv.sys (Rootkit.Agent) -> No action taken.



Avira AntiVir Personal
Report file date: Saturday, October 04, 2008 14:45

Scanning for 1658825 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 3) [5.1.2600]
Boot mode: Normally booted
Username: SYSTEM
Computer name: BADCARDZ-7E7BD3

Version information:
BUILD.DAT : 8.1.0.331 16934 Bytes 8/12/2008 11:46:00
AVSCAN.EXE : 8.1.4.7 315649 Bytes 6/26/2008 09:57:53
AVSCAN.DLL : 8.1.4.0 40705 Bytes 5/26/2008 08:56:40
LUKE.DLL : 8.1.4.5 164097 Bytes 6/12/2008 13:44:19
LUKERES.DLL : 8.1.4.0 12033 Bytes 5/26/2008 08:58:52
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 7/18/2007 11:33:34
ANTIVIR1.VDF : 7.0.5.1 8182784 Bytes 6/24/2008 14:54:15
ANTIVIR2.VDF : 7.0.6.217 3773440 Bytes 9/26/2008 14:13:39
ANTIVIR3.VDF : 7.0.6.243 186368 Bytes 10/4/2008 13:37:35
Engineversion : 8.1.1.35
AEVDF.DLL : 8.1.0.5 102772 Bytes 2/25/2008 10:58:21
AESCRIPT.DLL : 8.1.0.76 319867 Bytes 9/27/2008 14:14:50
AESCN.DLL : 8.1.0.23 119156 Bytes 7/10/2008 13:44:49
AERDL.DLL : 8.1.1.2 438644 Bytes 9/27/2008 14:14:49
AEPACK.DLL : 8.1.2.3 364918 Bytes 9/27/2008 14:14:47
AEOFFICE.DLL : 8.1.0.25 196986 Bytes 9/27/2008 14:14:45
AEHEUR.DLL : 8.1.0.59 1438071 Bytes 9/27/2008 14:14:44
AEHELP.DLL : 8.1.0.15 115063 Bytes 7/10/2008 13:44:48
AEGEN.DLL : 8.1.0.36 315764 Bytes 9/27/2008 14:14:41
AEEMU.DLL : 8.1.0.7 430452 Bytes 7/31/2008 09:33:21
AECORE.DLL : 8.1.1.11 172406 Bytes 9/27/2008 14:14:40
AEBB.DLL : 8.1.0.1 53617 Bytes 7/10/2008 13:44:48
AVWINLL.DLL : 1.0.0.12 15105 Bytes 7/9/2008 09:40:05
AVPREF.DLL : 8.0.2.0 38657 Bytes 5/16/2008 10:28:01
AVREP.DLL : 8.0.0.2 98344 Bytes 9/27/2008 14:14:39
AVREG.DLL : 8.0.0.1 33537 Bytes 5/9/2008 12:26:40
AVARKT.DLL : 1.0.0.23 307457 Bytes 2/12/2008 09:29:23
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 6/12/2008 13:27:49
SQLITE3.DLL : 3.3.17.1 339968 Bytes 1/22/2008 18:28:02
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 6/12/2008 13:49:40
NETNT.DLL : 8.0.0.1 7937 Bytes 1/25/2008 13:05:10
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 6/12/2008 14:48:07
RCTEXT.DLL : 8.0.52.0 86273 Bytes 6/27/2008 14:34:37

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:,
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: Saturday, October 04, 2008 14:45

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'agent.exe' - '1' Module(s) have been scanned
Scan process 'usnsvc.exe' - '1' Module(s) have been scanned
Scan process 'ConAppM.exe' - '1' Module(s) have been scanned
Scan process 'bmctl.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'TeaTimer.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'msmsgs.exe' - '1' Module(s) have been scanned
Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
Scan process 'zlclient.exe' - '0' Module(s) have been scanned
Scan process 'Communications_Helper.exe' - '1' Module(s) have been scanned
Scan process 'BJMYPRT.EXE' - '1' Module(s) have been scanned
Scan process 'googletalk.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'VMCService.exe' - '1' Module(s) have been scanned
Scan process 'MobileConnect.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'ijplmsvc.exe' - '1' Module(s) have been scanned
Scan process 'mDNSResponder.exe' - '1' Module(s) have been scanned
Scan process 'bmwebcfg.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'aawservice.exe' - '1' Module(s) have been scanned
Scan process 'vsmon.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
37 processes with 37 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!
[WARNING] System error [21]: The device is not ready.

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!

Starting to scan the registry.
The registry was scanned ( '52' files ).


Starting the file scan:

Begin scan in 'C:\'
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Documents and Settings\Simon Lake.BADCARDZ-7E7BD3\Local Settings\Temporary Internet Files\Content.IE5\Z83DFRF2\file[1].exe
[DETECTION] Contains a recognition pattern of the (harmful) BDS/TDss.MV back-door program
[NOTE] The file was deleted!
C:\System Volume Information\_restore{32C14B74-F222-425C-ABCF-8AF221CC25BD}\RP59\A0013363.exe
[0] Archive type: ZIP SFX (self extracting)
--> WINDOWS6.0-KB929547-V2-X64.MSU
[1] Archive type: CAB (Microsoft)
--> Windows6.0-KB929547-v2-x64.cab
[WARNING] No further files can be extracted from this archive. The archive will be closed


End of the scan: Saturday, October 04, 2008 16:45
Used time: 2:00:19 Hour(s)

The scan has been done completely.

6612 Scanning directories
257091 Files were scanned
1 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
1 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
1 Files cannot be scanned
257089 Files not concerned
1833 Archives were scanned
3 Warnings
1 Notes



Avira AntiVir Personal
Report file date: Sunday, October 05, 2008 21:17

Scanning for 1658825 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 3) [5.1.2600]
Boot mode: Normally booted
Username: SYSTEM
Computer name: BADCARDZ-7E7BD3

Version information:
BUILD.DAT : 8.1.0.331 16934 Bytes 8/12/2008 11:46:00
AVSCAN.EXE : 8.1.4.7 315649 Bytes 6/26/2008 09:57:53
AVSCAN.DLL : 8.1.4.0 40705 Bytes 5/26/2008 08:56:40
LUKE.DLL : 8.1.4.5 164097 Bytes 6/12/2008 13:44:19
LUKERES.DLL : 8.1.4.0 12033 Bytes 5/26/2008 08:58:52
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 7/18/2007 11:33:34
ANTIVIR1.VDF : 7.0.5.1 8182784 Bytes 6/24/2008 14:54:15
ANTIVIR2.VDF : 7.0.6.217 3773440 Bytes 9/26/2008 14:13:39
ANTIVIR3.VDF : 7.0.6.243 186368 Bytes 10/4/2008 13:37:35
Engineversion : 8.1.1.35
AEVDF.DLL : 8.1.0.5 102772 Bytes 2/25/2008 10:58:21
AESCRIPT.DLL : 8.1.0.76 319867 Bytes 9/27/2008 14:14:50
AESCN.DLL : 8.1.0.23 119156 Bytes 7/10/2008 13:44:49
AERDL.DLL : 8.1.1.2 438644 Bytes 9/27/2008 14:14:49
AEPACK.DLL : 8.1.2.3 364918 Bytes 9/27/2008 14:14:47
AEOFFICE.DLL : 8.1.0.25 196986 Bytes 9/27/2008 14:14:45
AEHEUR.DLL : 8.1.0.59 1438071 Bytes 9/27/2008 14:14:44
AEHELP.DLL : 8.1.0.15 115063 Bytes 7/10/2008 13:44:48
AEGEN.DLL : 8.1.0.36 315764 Bytes 9/27/2008 14:14:41
AEEMU.DLL : 8.1.0.7 430452 Bytes 7/31/2008 09:33:21
AECORE.DLL : 8.1.1.11 172406 Bytes 9/27/2008 14:14:40
AEBB.DLL : 8.1.0.1 53617 Bytes 7/10/2008 13:44:48
AVWINLL.DLL : 1.0.0.12 15105 Bytes 7/9/2008 09:40:05
AVPREF.DLL : 8.0.2.0 38657 Bytes 5/16/2008 10:28:01
AVREP.DLL : 8.0.0.2 98344 Bytes 9/27/2008 14:14:39
AVREG.DLL : 8.0.0.1 33537 Bytes 5/9/2008 12:26:40
AVARKT.DLL : 1.0.0.23 307457 Bytes 2/12/2008 09:29:23
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 6/12/2008 13:27:49
SQLITE3.DLL : 3.3.17.1 339968 Bytes 1/22/2008 18:28:02
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 6/12/2008 13:49:40
NETNT.DLL : 8.0.0.1 7937 Bytes 1/25/2008 13:05:10
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 6/12/2008 14:48:07
RCTEXT.DLL : 8.0.52.0 86273 Bytes 6/27/2008 14:34:37

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:,
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: Sunday, October 05, 2008 21:17

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'wuauclt.exe' - '1' Module(s) have been scanned
Scan process 'agent.exe' - '1' Module(s) have been scanned
Scan process 'usnsvc.exe' - '1' Module(s) have been scanned
Scan process 'ConAppM.exe' - '1' Module(s) have been scanned
Scan process 'bmctl.exe' - '1' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '1' Module(s) have been scanned
Scan process 'TeaTimer.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'msmsgs.exe' - '1' Module(s) have been scanned
Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
Scan process 'zlclient.exe' - '0' Module(s) have been scanned
Scan process 'Communications_Helper.exe' - '1' Module(s) have been scanned
Scan process 'BJMYPRT.EXE' - '1' Module(s) have been scanned
Scan process 'googletalk.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'MobileConnect.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'VMCService.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'ijplmsvc.exe' - '1' Module(s) have been scanned
Scan process 'mDNSResponder.exe' - '1' Module(s) have been scanned
Scan process 'bmwebcfg.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'aawservice.exe' - '1' Module(s) have been scanned
Scan process 'vsmon.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
38 processes with 38 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!
[WARNING] System error [21]: The device is not ready.

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!

Starting to scan the registry.
The registry was scanned ( '52' files ).


Starting the file scan:

Begin scan in 'C:\'
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{32C14B74-F222-425C-ABCF-8AF221CC25BD}\RP59\A0013363.exe
[0] Archive type: ZIP SFX (self extracting)
--> WINDOWS6.0-KB929547-V2-X64.MSU
[1] Archive type: CAB (Microsoft)
--> Windows6.0-KB929547-v2-x64.cab
[WARNING] No further files can be extracted from this archive. The archive will be closed


End of the scan: Sunday, October 05, 2008 23:39
Used time: 2:22:12 Hour(s)

The scan has been done completely.

6429 Scanning directories
256121 Files were scanned
0 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
1 Files cannot be scanned
256120 Files not concerned
1791 Archives were scanned
3 Warnings
0 Notes

BC AdBot (Login to Remove)

 


#2 PropagandaPanda

PropagandaPanda


  • Malware Response Team
  • 10,433 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:58 PM

Posted 10 October 2008 - 07:23 AM

Hello. I am PropagandaPanda (Panda or PP for short), and I will be helping you with your log.

I apologize for the delay in response. We get overwhelmed with logs at times, but we are trying our best to keep up. If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following so I can have a look at the current condition of your machine.

If you do not make a reply in 5 days, we will need to close your topic.

I am still in training so my responses to you must be checked by an instructor first.

You may want to keep the link to this topic in your favourites. Alternatively, you can click the Posted Image button at the top bar of this topic and Track this Topic, where you can choose email notifications. The topics you are tracking are shown here.

Please take note of some guidelines for this fix:
  • Refrain from making any changes to your computer including installing/uninstall programs, deleting files, modifying the registry, and running scanners or tools. Doing so could cause changes to the directions I have to give you and prolong the time required. Further more, you should not be taking any advice relating to this computer from any other source throughout the course of this fix.
  • If you do not understand any step(s) provided, please do not hesitate to ask before continuing. I would much rather clarify instructions or explain them differently than have something important broken.
  • Even if things appear to be better, it might not mean we are finished. Please continue to follow my instructions and reply back until I give you the "all clean". We do not want to clean you part-way, only to have the system re-infect itself.
  • Finally, please reply using the Posted Image button in the lower right hand corner of your screen. Do not start a new topic. The logs that you post should be pasted directly into the reply. Only attach them if requested or if they do not fit into the post.
Download and Run OTViewIt
  • Please download OTViewIt by OldTimer to your desktop.
  • Double click on the OTViewIt.exe icon on your desktop. If you are using Windows Vista, right click the icon and select Run as Administrator.
  • Check the Scan All Users checkbox and leave Use Whitelist checked. Set the File Age to 30 days.
  • Click on the Run Scan button. Two reports that are located in the same location as OTViewIt will open.OTViewIt.txt <-- Will be opened
    Extra.txt <-- Will be minimized
Copy and Paste the logs into your next reply.
Please also tell me of any changes you have made to your computer since your topic was started.

With Regards,
The Panda

Important Note to Other Users Reading this Topic: The instructions provided in this topic below this point are for the original topic starter only. Even if you have similar problems or log entries to those given here, please do not follow the directions, especially those involving specific tools and scripts. Doing so can result in serious damage to your computer. Instead, please start your own topic. Feel free to link to any relevant topics as needed.

#3 Lakes

Lakes
  • Topic Starter

  • Members
  • 71 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Southport, England
  • Local time:01:58 PM

Posted 11 October 2008 - 06:41 AM

Thank you very much for your response. Here is the result of the scan.
OTViewIt logfile created on: 10/11/2008 12:29:04 PM - Run
OTViewIt by OldTimer - Version 1.0.10.1 Folder = C:\Documents and Settings\Simon Lake.BADCARDZ-7E7BD3\Local Settings\Temporary Internet Files\Content.IE5\ATQ40MG2
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

511.48 Mb Total Physical Memory | 85.85 Mb Available Physical Memory | 16.78% Memory free
1.22 Gb Paging File | 0.62 Gb Available in Paging File | 50.43% Paging File free
Paging file location(s): c:\pagefile.sys 768 1536;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 17.89 Gb Total Space | 2.84 Gb Free Space | 15.88% Space Free | Partition Type: NTFS
Drive D: | 26.04 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: BADCARDZ-7E7BD3
Current User Name: Simon Lake
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Whitelist: On
File Age = 30 Days

========== Processes ==========

[2008/08/21 20:41:32 | 02,405,776 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\system32\ZoneLabs\vsmon.exe
[2008/10/06 22:53:27 | 00,611,664 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
[2006/06/26 18:33:42 | 00,099,888 | ---- | M] (Logitech Inc.) -- c:\Program Files\Common Files\Logitech\LVMVFM\LVPrcSrv.exe
[2008/06/12 14:46:25 | 00,068,865 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
[2008/08/07 09:17:00 | 00,149,761 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
[2007/04/03 12:49:44 | 00,118,784 | ---- | M] (Bytemobile, Inc.) -- C:\WINDOWS\system32\bmwebcfg.exe
[2008/08/29 10:18:44 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
[2007/04/13 07:49:00 | 00,101,528 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe
[2008/03/13 19:09:10 | 02,060,288 | ---- | M] (Vodafone) -- C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe
[2008/06/10 04:27:04 | 00,144,784 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
[2008/06/12 14:28:45 | 00,266,497 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
[2007/01/01 22:22:02 | 03,739,648 | ---- | M] (Google) -- C:\Program Files\Google\Google Talk\googletalk.exe
[2007/04/03 17:50:00 | 01,603,152 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
[2006/06/26 17:46:04 | 00,497,200 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe
[2008/08/21 20:41:32 | 00,981,904 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
[2006/06/26 10:34:40 | 00,614,960 | ---- | M] () -- C:\Program Files\Logitech\QuickCam10\QuickCam10.exe
[2006/06/26 18:33:32 | 00,243,248 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe
[2007/10/18 11:34:02 | 05,724,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
[2008/04/14 05:42:30 | 01,695,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe
[2008/09/16 12:16:08 | 01,833,296 | RHS- | M] (Safer Networking Limited) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
[2008/10/05 22:38:19 | 00,036,864 | ---- | M] (Logitech) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
[2008/03/13 19:08:58 | 00,024,576 | ---- | M] (Vodafone) -- C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
[2006/06/26 10:34:58 | 00,166,448 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\QuickCam10\COCIManager.exe
[2007/04/03 12:49:16 | 00,339,968 | ---- | M] (Bytemobile, Inc.) -- C:\Program Files\Vodafone\Vodafone Mobile Connect\Optimization Client\bmctl.exe
[2008/03/13 19:08:50 | 00,208,896 | ---- | M] (Vodafone) -- C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\ConAppM.exe
[2006/09/11 04:40:30 | 00,992,176 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe
[2007/10/18 11:31:54 | 00,098,328 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\usnsvc.exe
[2008/06/23 10:20:52 | 00,625,664 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
[2007/09/20 10:35:36 | 00,118,336 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
[2008/10/11 12:28:00 | 00,421,376 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Simon Lake.BADCARDZ-7E7BD3\Local Settings\Temporary Internet Files\Content.IE5\ATQ40MG2\OTViewIt[1].exe

========== (O23) Win32 Services ==========

[2008/10/06 22:53:27 | 00,611,664 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe -- (aawservice [Auto | Running])
[2008/06/12 14:46:25 | 00,068,865 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe -- (AntiVirScheduler [Auto | Running])
[2008/08/07 09:17:00 | 00,149,761 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe -- (AntiVirService [Auto | Running])
[2005/09/23 07:28:32 | 00,029,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
[2007/04/03 12:49:44 | 00,118,784 | ---- | M] (Bytemobile, Inc.) -- C:\WINDOWS\system32\bmwebcfg.exe -- (bmwebcfg [Auto | Running])
[2008/08/29 10:18:44 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Running])
[2005/09/23 07:28:56 | 00,066,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
[2007/04/13 07:49:00 | 00,101,528 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC [Auto | Running])
[2006/06/26 18:33:42 | 00,099,888 | ---- | M] (Logitech Inc.) -- c:\Program Files\Common Files\Logitech\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv [Auto | Running])
[2006/06/26 10:33:56 | 00,091,696 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\Logitech\SrvLnch\SrvLnch.exe -- (LVSrvLauncher [Auto | Stopped])
[2008/09/28 21:50:34 | 00,068,096 | ---- | M] () -- C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe -- (Macromedia Licensing Service [On_Demand | Stopped])
[2007/10/18 11:31:54 | 00,098,328 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\usnsvc.exe -- (usnjsvc [On_Demand | Running])
[2008/03/13 19:08:58 | 00,024,576 | ---- | M] (Vodafone) -- C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe -- (VMCService [Auto | Running])
[2008/08/21 20:41:32 | 02,405,776 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\system32\ZoneLabs\vsmon.exe -- (vsmon [Auto | Running])
[2007/10/25 15:27:54 | 00,266,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\installer\WLSetupSvc.exe -- (WLSetupSvc [On_Demand | Stopped])

========== Driver Services ==========

[2004/08/03 23:29:28 | 00,701,440 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag [On_Demand | Running])
[2007/02/27 15:25:01 | 00,011,840 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys -- (avgio [System | Running])
[2008/05/20 16:29:41 | 00,052,032 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys -- (avgntflt [On_Demand | Running])
[2008/06/27 15:03:55 | 00,075,072 | ---- | M] (Avira GmbH) -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb [System | Running])
[2008/04/14 00:15:30 | 00,010,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum [On_Demand | Running])
[2008/03/07 21:46:38 | 00,101,120 | R--- | M] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard [On_Demand | Running])
[2006/06/26 10:33:28 | 01,587,632 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\drivers\Lvckap.sys -- (LVcKap [On_Demand | Stopped])
[2006/06/26 10:33:36 | 01,952,816 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\drivers\LVMVdrv.sys -- (LVMVDrv [On_Demand | Stopped])
[2006/06/26 10:33:40 | 00,023,472 | ---- | M] () -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon [On_Demand | Running])
[2006/06/22 23:29:46 | 00,038,960 | R--- | M] (Logitech Inc.) -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta [On_Demand | Stopped])
[2001/08/17 15:00:04 | 00,002,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401 [On_Demand | Running])
[2008/04/14 00:26:08 | 00,088,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx [Auto | Running])
[2004/09/01 09:00:00 | 00,063,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb [Auto | Running])
[2004/09/01 09:00:00 | 00,055,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx [Auto | Running])
[2008/04/14 00:04:14 | 00,163,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\nwrdr.sys -- (NWRDR [On_Demand | Running])
[2006/06/22 23:29:30 | 00,293,808 | R--- | M] (Logitech Inc.) -- C:\WINDOWS\system32\drivers\LV561AV.SYS -- (PID_0928 [On_Demand | Stopped])
[2004/09/01 09:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink [On_Demand | Running])
[2008/04/13 22:09:16 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv [On_Demand | Stopped])
[2001/08/17 13:20:16 | 00,297,728 | ---- | M] (Silicon Integrated Systems Corp.) -- C:\WINDOWS\system32\drivers\ac97sis.sys -- (SiS7018 [On_Demand | Running])
[2008/04/14 00:06:40 | 00,040,960 | ---- | M] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\system32\drivers\sisagp.sys -- (sisagp [Boot | Running])
[2004/08/03 23:31:36 | 00,032,768 | ---- | M] (SiS Corporation) -- C:\WINDOWS\system32\drivers\sisnic.sys -- (SISNIC [On_Demand | Running])
[2008/04/21 07:19:58 | 00,051,648 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\system32\ZoneLabs\srescan.sys -- (srescan [Boot | Running])
[2007/03/01 10:34:22 | 00,028,352 | ---- | M] (Avira GmbH) -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv [System | Running])
[2007/04/03 12:46:08 | 00,018,816 | ---- | M] (Bytemobile, Inc.) -- C:\WINDOWS\System32\drivers\tcpipBM.sys -- (tcpipBM [System | Running])
[2008/08/21 20:41:40 | 00,353,680 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\system32\vsdatant.sys -- (vsdatant [System | Running])
[2004/09/01 09:00:00 | 00,012,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ws2ifsl.sys -- (WS2IFSL [System | Running])

========== (R ) Internet Explorer ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main]
"Default_Page_URL"=http://go.microsoft.com/fwlink/?LinkId=69157
"Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896
"Default_Secondary_Page_URL"=
"Extensions Off Page"=about:NoAdd-ons
"Local Page"=%SystemRoot%\system32\blank.htm
"Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896
"Security Risk Page"=about:SecurityRisk
"Start Page"=http://go.microsoft.com/fwlink/?LinkId=69157

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search]
"CustomizeSearch"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
"Default_Search_URL"=http://www.google.com/ie
"SearchAssistant"=http://search.live.com/sphome.aspx

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main]
"Default"=
"Local Page"=C:\WINDOWS\system32\blank.htm
"Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
"SearchMigratedDefaultName"=Live Search
"SearchMigratedDefaultURL"=http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
"Start Page"=http://go.microsoft.com/fwlink/?LinkId=69157

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Search]
"AutoSearch"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/saautosearch.aspx
"CustomizeSearch"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
"SearchAssistant"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURL]
""=http://home.microsoft.com/access/autosearch.asp?p=%s

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{EF99BD32-C1FB-11D2-892F-0090271D4F88}" (HKLM) -- C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main]

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main]

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main]

[HKEY_USERS\S-1-5-21-1214440339-1993962763-1343024091-1003\SOFTWARE\Microsoft\Internet Explorer\Main]
"Default"=
"Local Page"=C:\WINDOWS\system32\blank.htm
"Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
"SearchMigratedDefaultName"=Live Search
"SearchMigratedDefaultURL"=http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
"Start Page"=http://go.microsoft.com/fwlink/?LinkId=69157

[HKEY_USERS\S-1-5-21-1214440339-1993962763-1343024091-1003\SOFTWARE\Microsoft\Internet Explorer\Search]
"AutoSearch"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/saautosearch.aspx
"CustomizeSearch"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
"SearchAssistant"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

[HKEY_USERS\S-1-5-21-1214440339-1993962763-1343024091-1003\Software\Microsoft\Internet Explorer\SearchURL]
""=http://home.microsoft.com/access/autosearch.asp?p=%s

[HKEY_USERS\S-1-5-21-1214440339-1993962763-1343024091-1003\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-1214440339-1993962763-1343024091-1003\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{EF99BD32-C1FB-11D2-892F-0090271D4F88}" (HKLM) -- C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)

[HKEY_USERS\S-1-5-21-1214440339-1993962763-1343024091-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0

========== (O1) Hosts File ==========

HOSTS File = (734 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
First 25 entries...
127.0.0.1 localhost

========== (O2) BHO's ==========

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\]
{02478D38-C3F9-4EFB-9B51-7695ECA05670} (HKLM) -- C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
{18DF081C-E8AD-4283-A596-FA578C2EBDC3} (HKLM) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
{53707962-6F74-2D53-2644-206D7942484F} (HKLM) -- C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (HKLM) -- C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.)
{7E853D72-626A-48EC-A868-BA8D5E23E045} (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found
{9030D464-4C02-4ABF-8ECC-5164760863C6} (HKLM) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} (HKLM) -- C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
{F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} (HKLM) -- C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL (ZoneAlarm)

========== (O3) Toolbars ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
"{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}" (HKLM) -- C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
"{EF99BD32-C1FB-11D2-892F-0090271D4F88}" (HKLM) -- C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
"{F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA}" (HKLM) -- C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL (ZoneAlarm)

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}" (HKLM) -- C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{EF99BD32-C1FB-11D2-892F-0090271D4F88}" (HKLM) -- C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA}" (HKLM) -- C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL (ZoneAlarm)

[HKEY_USERS\S-1-5-21-1214440339-1993962763-1343024091-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}" (HKLM) -- C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-1214440339-1993962763-1343024091-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{EF99BD32-C1FB-11D2-892F-0090271D4F88}" (HKLM) -- C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)

[HKEY_USERS\S-1-5-21-1214440339-1993962763-1343024091-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA}" (HKLM) -- C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL (ZoneAlarm)

========== (O4) Run Keys ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" (Adobe Systems Incorporated)
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min (Avira GmbH)
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon (CANON INC.)
"CanonSolutionMenu"=C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon (CANON INC.)
"googletalk"=C:\Program Files\Google\Google Talk\googletalk.exe /autostart (Google)
"LogitechCommunicationsManager"="C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe" (Logitech Inc.)
"LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide ()
"LVCOMSX"="C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe" (Logitech Inc.)
"MobileConnect"=C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe /silent (Vodafone)
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" (Sun Microsystems, Inc.)
"WinampAgent"=E:\Winamp\winampa.exe File not found
"ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" (Check Point Software Technologies LTD)

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LDM"=C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe (Logitech)
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" /background (Microsoft Corporation)
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background (Microsoft Corporation)
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)

[HKEY_USERS\S-1-5-21-1214440339-1993962763-1343024091-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LDM"=C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe (Logitech)
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" /background (Microsoft Corporation)
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background (Microsoft Corporation)
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)

========== (O4) Startup Folders ==========

File not found -- C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\Logitech . Product Registration.lnk = C:\Program Files\Logitech\QuickCam\eReg.exe
[2003/09/17 23:11:36 | 00,110,592 | ---- | M] (Adobe Systems, Inc.) -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
[2008/10/05 22:38:17 | 00,196,608 | ---- | M] (Logitech) -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe

========== (O6 & O7) Current Version Policies ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145

[HKEY_USERS\S-1-5-21-1214440339-1993962763-1343024091-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145

========== (O8) IE Context Menu Extensions ==========

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\]
&Windows Live Search: C:\Program Files\Windows Live Toolbar\msntb.dll [2007/10/19 11:20:48 | 00,546,320 | ---- | M] (Microsoft Corporation)
Add to Windows &Live Favorites: File not found

[HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\MenuExt\]
Add to Windows &Live Favorites: File not found

[HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\MenuExt\]
Add to Windows &Live Favorites: File not found

[HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\MenuExt\]
Add to Windows &Live Favorites: Reg Error: Key does not exist or could not be opened. File not found

[HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\MenuExt\]
Add to Windows &Live Favorites: Reg Error: Key does not exist or could not be opened. File not found

[HKEY_USERS\S-1-5-21-1214440339-1993962763-1343024091-1003\Software\Microsoft\Internet Explorer\MenuExt\]
&Windows Live Search: C:\Program Files\Windows Live Toolbar\msntb.dll [2007/10/19 11:20:48 | 00,546,320 | ---- | M] (Microsoft Corporation)
Add to Windows &Live Favorites: File not found

========== (O9) IE Extensions ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}: Menu: Sun Java Console -- %ProgramFiles%\Java\jre1.6.0_07\bin\npjpi160_07.dll [2008/06/10 04:27:02 | 00,132,496 | ---- | M] (Sun Microsystems, Inc.)
{219C3416-8CB2-491a-A3C7-D9FCDDC9D600}: Button: Blog This -- %ProgramFiles%\Windows Live\Writer\WriterBrowserExtension.dll [2007/10/26 18:09:54 | 00,154,640 | ---- | M] (Microsoft Corporation)
{219C3416-8CB2-491a-A3C7-D9FCDDC9D600}: Menu: &Blog This in Windows Live Writer -- %ProgramFiles%\Windows Live\Writer\WriterBrowserExtension.dll [2007/10/26 18:09:54 | 00,154,640 | ---- | M] (Microsoft Corporation)
{DFB852A3-47F8-48C4-A200-58CAB36FD2A2}: Menu: Spybot - Search && Destroy Configuration -- %ProgramFiles%\Spybot - Search & Destroy\SDHelper.dll [2008/09/15 14:25:44 | 01,562,960 | RHS- | M] (Safer Networking Limited)
{e2e2dd38-d088-4134-82b7-f2ba38496583}: Menu: @xpsp3res.dll,-20001 -- %SystemRoot%\network diagnostic\xpnetdiag.exe [2008/04/14 00:23:34 | 00,558,080 | ---- | M] (Microsoft Corporation)
{FB5F1910-F110-11d2-BB9E-00C04F795683}: Button: Messenger -- %ProgramFiles%\Messenger\msmsgs.exe [2008/04/14 05:42:30 | 01,695,232 | ---- | M] (Microsoft Corporation)
{FB5F1910-F110-11d2-BB9E-00C04F795683}: Menu: Windows Messenger -- %ProgramFiles%\Messenger\msmsgs.exe [2008/04/14 05:42:30 | 01,695,232 | ---- | M] (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> %ProgramFiles%\Java\jre1.6.0_07\bin\npjpi160_07.dll [Sun Java Console] -> [2008/06/10 04:27:02 | 00,132,496 | ---- | M] (Sun Microsystems, Inc.)
CmdMapping\\{219C3416-8CB2-491a-A3C7-D9FCDDC9D600} [HKLM] -> %ProgramFiles%\Windows Live\Writer\WriterBrowserExtension.dll [Blog This] -> [2007/10/26 18:09:54 | 00,154,640 | ---- | M] (Microsoft Corporation)
CmdMapping\\{e2e2dd38-d088-4134-82b7-f2ba38496583} [HKLM] -> %SystemRoot%\network diagnostic\xpnetdiag.exe [@xpsp3res.dll,-20001] -> [2008/04/14 00:23:34 | 00,558,080 | ---- | M] (Microsoft Corporation)
CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2008/04/14 05:42:30 | 01,695,232 | ---- | M] (Microsoft Corporation)

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> %ProgramFiles%\Java\jre1.6.0_07\bin\npjpi160_07.dll [Sun Java Console] -> [2008/06/10 04:27:02 | 00,132,496 | ---- | M] (Sun Microsystems, Inc.)
CmdMapping\\{e2e2dd38-d088-4134-82b7-f2ba38496583} [HKLM] -> %SystemRoot%\network diagnostic\xpnetdiag.exe [@xpsp3res.dll,-20001] -> [2008/04/14 00:23:34 | 00,558,080 | ---- | M] (Microsoft Corporation)
CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2008/04/14 05:42:30 | 01,695,232 | ---- | M] (Microsoft Corporation)

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> %ProgramFiles%\Java\jre1.6.0_07\bin\npjpi160_07.dll [Sun Java Console] -> [2008/06/10 04:27:02 | 00,132,496 | ---- | M] (Sun Microsystems, Inc.)
CmdMapping\\{e2e2dd38-d088-4134-82b7-f2ba38496583} [HKLM] -> %SystemRoot%\network diagnostic\xpnetdiag.exe [@xpsp3res.dll,-20001] -> [2008/04/14 00:23:34 | 00,558,080 | ---- | M] (Microsoft Corporation)
CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2008/04/14 05:42:30 | 01,695,232 | ---- | M] (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-1214440339-1993962763-1343024091-1003\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> %ProgramFiles%\Java\jre1.6.0_07\bin\npjpi160_07.dll [Sun Java Console] -> [2008/06/10 04:27:02 | 00,132,496 | ---- | M] (Sun Microsystems, Inc.)
CmdMapping\\{219C3416-8CB2-491a-A3C7-D9FCDDC9D600} [HKLM] -> %ProgramFiles%\Windows Live\Writer\WriterBrowserExtension.dll [Blog This] -> [2007/10/26 18:09:54 | 00,154,640 | ---- | M] (Microsoft Corporation)
CmdMapping\\{e2e2dd38-d088-4134-82b7-f2ba38496583} [HKLM] -> %SystemRoot%\network diagnostic\xpnetdiag.exe [@xpsp3res.dll,-20001] -> [2008/04/14 00:23:34 | 00,558,080 | ---- | M] (Microsoft Corporation)
CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2008/04/14 05:42:30 | 01,695,232 | ---- | M] (Microsoft Corporation)

========== (O12) Internet Explorer Plugins ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\]
PluginsPage: "" = http://activex.microsoft.com/controls/find...=%s&mime=%s
PluginsPageFriendlyName: "" = Microsoft ActiveX Gallery

========== (O13) Default Prefixes ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix]
""=http://

========== (O15) Trusted Sites ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
46 domain(s) and sub-domain(s) not assigned to a zone.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
internet: about in Internet
45 domain(s) and sub-domain(s) not assigned to a zone.

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
45 domain(s) and sub-domain(s) not assigned to a zone.

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
45 domain(s) and sub-domain(s) not assigned to a zone.

[HKEY_USERS\S-1-5-21-1214440339-1993962763-1343024091-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
internet: about in Internet
45 domain(s) and sub-domain(s) not assigned to a zone.

========== (O16) DPF ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\]
{30528230-99f7-4bb4-88d8-fa1d4f56a2ab}: C:\Program Files\Yahoo!\Common\yinsthelper.dll -- YInstStarter Class
{8AD9C840-044E-11D1-B3E9-00805F499D93}: http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab -- Java Plug-in 1.6.0_07
{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab -- Java Plug-in 1.6.0_07
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab -- Java Plug-in 1.6.0_07

========== (O17) DNS Name Servers ==========

{8A4BA27C-6259-4F89-BEE5-66F77E8404A5} (Servers: | Description: SiS 900 PCI Fast Ethernet Adapter)
{E5823889-3A56-4CD9-B923-89AE62CD48DF} (Servers: | Description: )

========== (O20) AppInit_DLLs ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_Dlls"=nielvp.dll
>File not found --

========== LSA *Authentication Packages* ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"Authentication Packages"=msv1_0,nwprovau,
>[2008/04/14 05:42:04 | 00,142,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\nwprovau.dll

========== Safeboot Options ==========

"AlternateShell"=cmd.exe

========== CDRom AutoRun Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]
"AutoRun" = 1

========== Autorun Files on Drives ==========

AUTOEXEC.BAT []
[2008/09/16 05:28:12 | 00,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT -- [ NTFS ]

autorun.inf [[autorun] | open=StartVMCLite.exe | icon=icon.ico | label=VMCLite V3.2.2.182 | action=Run VMCLite | ]
[2007/11/07 22:01:06 | 00,000,095 | R--- | M] () -- D:\autorun.inf -- [ CDFS ]

========== MountPoints2 ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{15bbfc80-8c3a-11dd-84b0-0007951134ba}\Shell]
""=AutoRun

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{15bbfc80-8c3a-11dd-84b0-0007951134ba}\Shell\AutoRun]
""=Auto&Play


[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{15bbfc80-8c3a-11dd-84b0-0007951134ba}\Shell\AutoRun\command]
""=D:\setup.exe -- [2007/11/07 22:09:18 | 16,792,054 | R--- | M] ()

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2b8b3277-8d6d-11dd-84c7-0007951134ba}\Shell]
""=AutoRun

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2b8b3277-8d6d-11dd-84c7-0007951134ba}\Shell\AutoRun]
""=Auto&Play


[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2b8b3277-8d6d-11dd-84c7-0007951134ba}\Shell\AutoRun\command]
""=D:\setup.exe -- [2007/11/07 22:09:18 | 16,792,054 | R--- | M] ()

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7667b310-8c46-11dd-84b5-0007951134ba}\Shell]
""=AutoRun

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7667b310-8c46-11dd-84b5-0007951134ba}\Shell\AutoRun]
""=Auto&Play


[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7667b310-8c46-11dd-84b5-0007951134ba}\Shell\AutoRun\command]
""=D:\setup.exe -- [2007/11/07 22:09:18 | 16,792,054 | R--- | M] ()

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a601ec52-972f-11dd-8544-0007951134ba}\Shell]
""=AutoRun

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a601ec52-972f-11dd-8544-0007951134ba}\Shell\AutoRun]
""=Auto&Play


[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a601ec52-972f-11dd-8544-0007951134ba}\Shell\AutoRun\command]
""=D:\StartVMCLite.exe -- [2007/11/07 22:04:28 | 00,204,800 | R--- | M] (Vodafone)

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a8d61b00-8c37-11dd-84ae-0007951134ba}\Shell]
""=AutoRun

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a8d61b00-8c37-11dd-84ae-0007951134ba}\Shell\AutoRun]
""=Auto&Play


[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a8d61b00-8c37-11dd-84ae-0007951134ba}\Shell\AutoRun\command]
""=D:\setup.exe -- [2007/11/07 22:09:18 | 16,792,054 | R--- | M] ()

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b6892c21-83a7-11dd-9078-806d6172696f}\Shell]
""=AutoRun

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b6892c21-83a7-11dd-9078-806d6172696f}\Shell\AutoRun]
""=Auto&Play


[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b6892c21-83a7-11dd-9078-806d6172696f}\Shell\AutoRun\command]
""=D:\setup.exe -- [2007/11/07 22:09:18 | 16,792,054 | R--- | M] ()

========== Files/Folders - Created Within 30 Days ==========

[1 C:\WINDOWS\System32\*.tmp files]
[7 C:\WINDOWS\*.tmp files]
[2008/10/11 01:56:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Simon Lake.BADCARDZ-7E7BD3\Desktop\Winamp
[2008/10/11 01:37:52 | 72,817,892 | ---- | C] () -- C:\Documents and Settings\Simon Lake.BADCARDZ-7E7BD3\Desktop\2Pac - Until The End Of Time by zapadl0.mpg
[2008/10/10 22:54:02 | 01,307,648 | ---- | C] (Nullsoft) -- C:\Documents and Settings\Simon Lake.BADCARDZ-7E7BD3\Desktop\winamp.exe
[2008/10/10 20:51:16 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Simon Lake.BADCARDZ-7E7BD3\Application Data\Winamp
[2008/10/10 16:49:05 | 00,009,216 | ---- | C] () -- C:\Documents and Settings\Simon Lake.BADCARDZ-7E7BD3\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/10/10 13:51:35 | 00,000,000 | ---D | C] -- C:\Program Files\Yahoo!
[2008/10/06 22:52:41 | 00,000,793 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Ad-Aware.lnk
[2008/10/06 22:52:36 | 00,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2008/10/06 22:51:55 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2008/10/06 15:44:23 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Plus!
[2008/10/05 22:39:35 | 00,022,334 | R--- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2008/10/05 22:39:35 | 00,004,770 | R--- | C] () -- C:\WINDOWS\System32\Repository.reg
[2008/10/05 22:38:37 | 00,001,885 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\Logitech Desktop Messenger.lnk
[2008/10/05 22:38:13 | 00,118,784 | R--- | C] () -- C:\WINDOWS\bwUnin-7.2.0.157-8876480SL.exe
[2008/10/05 22:30:54 | 00,001,887 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Logitech QuickCam 10.0.lnk
[2008/10/05 20:45:00 | 00,000,106 | ---- | C] () -- C:\Documents and Settings\Simon Lake.BADCARDZ-7E7BD3\Desktop\Windows Live Hotmail.URL
[2008/10/04 22:36:04 | 00,001,734 | ---- | C] () -- C:\Documents and Settings\Simon Lake.BADCARDZ-7E7BD3\Desktop\HijackThis.lnk
[2008/10/04 13:58:54 | 00,001,839 | ---- | C] () -- C:\Documents and Settings\Simon Lake.BADCARDZ-7E7BD3\Desktop\Windows Live Messenger .lnk
[2008/10/04 12:56:58 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Simon Lake.BADCARDZ-7E7BD3\Local Settings\Application Data\PCHealth
[2008/10/03 11:11:25 | 00,000,734 | ---- | C] () -- C:\WINDOWS\System32\drivers\etc\hosts.msn
[2008/10/02 23:25:36 | 00,000,264 | ---- | C] () -- C:\WINDOWS\tasks\Check Updates for Windows Live Toolbar.job
[2008/10/02 23:24:37 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Live Favorites
[2008/10/02 23:16:53 | 00,001,863 | ---- | C] () -- C:\Documents and Settings\Simon Lake.BADCARDZ-7E7BD3\Desktop\Start Avira AntiVir Personal.lnk
[2008/10/02 22:36:05 | 00,000,933 | ---- | C] () -- C:\Documents and Settings\Simon Lake.BADCARDZ-7E7BD3\Desktop\Spybot - Search & Destroy.lnk
[2008/10/02 22:35:44 | 00,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2008/10/02 22:35:44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy
[2008/10/02 21:04:12 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Simon Lake.BADCARDZ-7E7BD3\Application Data\Malwarebytes
[2008/10/02 21:03:45 | 00,017,200 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2008/10/02 21:03:45 | 00,000,696 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Malwarebytes' Anti-Malware.lnk
[2008/10/02 21:03:44 | 00,038,528 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2008/10/02 21:03:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Malwarebytes
[2008/10/02 21:03:41 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2008/10/02 20:34:19 | 00,000,000 | ---D | C] -- C:\Program Files\ZoneAlarmSB
[2008/10/02 20:30:52 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ZoneLabs
[2008/10/02 20:30:52 | 00,000,000 | ---D | C] -- C:\Program Files\Zone Labs
[2008/10/02 20:30:48 | 00,348,371 | ---- | C] () -- C:\WINDOWS\System32\vsconfig.xml
[2008/10/02 17:28:00 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2008/10/02 17:24:25 | 00,104,448 | ---- | C] () -- C:\WINDOWS\System32\cjpoieuv.dll
[2008/10/02 15:05:20 | 00,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2008/10/02 14:11:50 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Lavasoft
[2008/10/01 23:01:58 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Simon Lake.BADCARDZ-7E7BD3\Desktop\Music
[2008/10/01 17:49:02 | 00,001,602 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Mozilla Firefox.lnk
[2008/10/01 17:25:45 | 00,111,616 | ---- | C] () -- C:\WINDOWS\System32\xjwaqt.dll
[2008/10/01 17:25:44 | 00,111,616 | ---- | C] () -- C:\WINDOWS\System32\wlfibhxa.dll
[2008/10/01 11:24:23 | 00,923,712 | -HS- | C] () -- C:\WINDOWS\System32\myvaqeox.ini
[2008/10/01 11:21:24 | 00,111,616 | ---- | C] () -- C:\WINDOWS\System32\uunxpb.dll
[2008/10/01 11:21:23 | 00,111,616 | ---- | C] () -- C:\WINDOWS\System32\kwuounhk.dll
[2008/10/01 11:19:13 | 00,104,448 | ---- | C] () -- C:\WINDOWS\System32\qsnsgltt.dll
[2008/10/01 10:35:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Macromedia
[2008/10/01 10:35:14 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\QuickTime
[2008/10/01 10:31:01 | 00,000,000 | ---D | C] -- C:\WINDOWS\Downloaded Installations
[2008/10/01 07:16:46 | 00,000,609 | ---- | C] () -- C:\Documents and Settings\Simon Lake.BADCARDZ-7E7BD3\Desktop\Windows Messenger.lnk
[2008/10/01 06:11:06 | 00,459,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2008/10/01 06:11:06 | 00,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2008/10/01 06:11:01 | 00,267,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2008/10/01 06:10:58 | 00,063,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icardie.dll
[2008/10/01 06:10:58 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieudinit.exe
[2008/10/01 06:10:57 | 00,383,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieapfltr.dll
[2008/10/01 06:10:55 | 02,455,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieapfltr.dat
[2008/10/01 06:10:53 | 00,991,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll.mui
[2008/10/01 06:10:48 | 06,066,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2008/09/30 17:53:10 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Simon Lake.BADCARDZ-7E7BD3\Application Data\Canon
[2008/09/30 17:22:15 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Simon Lake.BADCARDZ-7E7BD3\Desktop\Tutorials
[2008/09/30 16:33:15 | 00,001,548 | ---- | C] () -- C:\Documents and Settings\Simon Lake.BADCARDZ-7E7BD3\Desktop\CCleaner.lnk
[2008/09/30 14:21:31 | 16,208,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe
[2008/09/30 14:20:30 | 00,000,000 | ---D | C] -- C:\WINDOWS\Media
[2008/09/30 13:47:19 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Simon Lake.BADCARDZ-7E7BD3\My Documents\Downloads
[2008/09/30 13:14:15 | 00,000,000 | ---D | C] -- C:\Program Files\uTorrent
[2008/09/30 02:48:18 | 00,004,212 | -H-- | C] () -- C:\WINDOWS\System32\zllictbl.dat
[2008/09/30 02:46:09 | 00,000,000 | ---D | C] -- C:\WINDOWS\Internet Logs
[2008/09/30 01:54:29 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Live Toolbar
[2008/09/30 01:23:27 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2008/09/30 01:23:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Documents\microsoft
[2008/09/30 00:30:36 | 00,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2008/09/29 23:39:49 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Simon Lake.BADCARDZ-7E7BD3\Application Data\Apple Computer
[2008/09/29 23:37:49 | 00,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2008/09/29 23:36:14 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Apple
[2008/09/29 23:17:46 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Simon Lake.BADCARDZ-7E7BD3\Local Settings\Application Data\Scansoft
[2008/09/29 22:41:22 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Simon Lake.BADCARDZ-7E7BD3\Application Data\LimeWire
[2008/09/29 22:39:53 | 00,000,000 | ---D | C] -- C:\Program Files\LimeWire
[2008/09/29 21:35:52 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Simon Lake.BADCARDZ-7E7BD3\Application Data\uTorrent
[2008/09/29 20:54:48 | 00,000,779 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\QuarkXPress Passport 5.0.lnk
[2008/09/29 20:54:18 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Color
[2008/09/29 20:54:03 | 00,000,000 | ---D | C] -- C:\Program Files\Quark
[2008/09/29 20:49:19 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Simon Lake.BADCARDZ-7E7BD3\Local Settings\Application Data\Adobe
[2008/09/29 20:47:14 | 00,000,539 | ---- | C] () -- C:\Documents and Settings\Simon Lake.BADCARDZ-7E7BD3\Desktop\Adobe InDesign CS.lnk
[2008/09/29 20:28:38 | 00,000,814 | ---- | C] () -- C:\Documents and Settings\Simon Lake.BADCARDZ-7E7BD3\Desktop\Adobe Photoshop 7.0.lnk
[2008/09/29 20:28:22 | 00,001,950 | ---- | C] () -- C:\Documents and Settings\Simon Lake.BADCARDZ-7E7BD3\Desktop\CorelDRAW 11.lnk
[2008/09/29 20:28:08 | 00,002,140 | ---- | C] () -- C:\Documents and Settings\Simon Lake.BADCARDZ-7E7BD3\Desktop\Adobe Illustrator 10.lnk
[2008/09/29 20:17:28 | 00,016,384 | ---- | C] () -- C:\WINDOWS\System32\FileOps.exe
[2008/09/29 20:12:38 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Adobe
[2008/09/29 19:44:37 | 00,000,000 | ---D | C] -- C:\Program Files\Corel
[2008/09/29 18:19:28 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Simon Lake.BADCARDZ-7E7BD3\My Documents\My Videos
[2008/09/29 18:05:10 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Logitech
[2008/09/29 14:32:23 | 00,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\MSTEE.sys
[2008/09/29 14:32:23 | 00,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstee.sys
[2008/09/29 14:32:12 | 00,010,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\NdisIP.sys
[2008/09/29 14:32:12 | 00,010,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndisip.sys
[2008/09/29 14:32:09 | 00,015,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\StreamIP.sys
[2008/09/29 14:32:09 | 00,015,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\streamip.sys
[2008/09/29 14:32:08 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipsink.ax
[2008/09/29 14:32:08 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipsink.ax
[2008/09/29 14:32:04 | 00,011,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\SLIP.sys
[2008/09/29 14:32:04 | 00,011,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\slip.sys
[2008/09/29 14:31:56 | 00,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\WSTCODEC.SYS
[2008/09/29 14:31:56 | 00,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wstcodec.sys
[2008/09/29 14:31:49 | 00,085,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\NABTSFEC.sys
[2008/09/29 14:31:49 | 00,085,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nabtsfec.sys
[2008/09/29 14:31:44 | 00,017,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\CCDECODE.sys
[2008/09/29 14:31:44 | 00,017,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ccdecode.sys
[2008/09/29 14:31:06 | 00,348,160 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System\msvcr71.dll
[2008/09/29 14:31:01 | 00,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kswdmcap.ax
[2008/09/29 14:31:01 | 00,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kswdmcap.ax
[2008/09/29 14:31:01 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kstvtune.ax
[2008/09/29 14:31:01 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kstvtune.ax
[2008/09/29 14:31:00 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vfwwdm32.dll
[2008/09/29 14:31:00 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vfwwdm32.dll
[2008/09/29 14:30:53 | 00,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksxbar.ax
[2008/09/29 14:30:53 | 00,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksxbar.ax
[2008/09/29 13:29:33 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Yahoo! Companion
[2008/09/28 22:23:51 | 00,000,000 | R-SD | C] -- C:\Documents and Settings\Simon Lake.BADCARDZ-7E7BD3\My Documents\My Stationery
[2008/09/28 21:51:15 | 00,001,825 | ---- | C] () -- C:\Documents and Settings\Simon Lake.BADCARDZ-7E7BD3\Desktop\Macromedia Dreamweaver MX 2004.lnk
[2008/09/28 21:50:34 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Macromedia Shared
[2008/09/28 21:49:43 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Macromedia
[2008/09/28 21:46:49 | 00,000,000 | ---D | C] -- C:\Program Files\Macromedia
[2008/09/28 20:44:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Simon Lake.BADCARDZ-7E7BD3\Local Settings\Application Data\Apple
[2008/09/28 20:41:46 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Simon Lake.BADCARDZ-7E7BD3\Local Settings\Application Data\Apple Computer
[2008/09/28 18:50:42 | 00,000,000 | ---D | C] -- C:\Program Files\NewTek
[2008/09/28 17:07:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\CanonIJPLM
[2008/09/28 17:03:53 | 00,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbprint.sys
[2008/09/28 17:03:53 | 00,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbprint.sys
[2008/09/28 17:03:23 | 00,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbscan.sys
[2008/09/28 17:03:23 | 00,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbscan.sys
[2008/09/28 16:57:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\ScanSoft
[2008/09/28 16:50:17 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\CanonBJ
[2008/09/28 16:31:50 | 00,000,890 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
[2008/09/28 14:10:24 | 00,210,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\muweb.dll
[2008/09/28 14:10:24 | 00,029,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll.mui
[2008/09/28 14:10:23 | 00,270,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll
[2008/09/27 18:44:19 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Simon Lake.BADCARDZ-7E7BD3\Local Settings\Application Data\Windows Live Writer
[2008/09/27 18:41:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Simon Lake.BADCARDZ-7E7BD3\Local Settings\Application Data\Identities
[2008/09/27 18:37:23 | 00,000,595 | ---- | C] () -- C:\Documents and Settings\Simon Lake.BADCARDZ-7E7BD3\My Documents\My Sharing Folders.lnk
[2008/09/27 18:29:26 | 03,426,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_32.dll
[2008/09/27 18:29:18 | 00,000,268 | -H-- | C] () -- C:\sqmdata00.sqm
[2008/09/27 18:29:18 | 00,000,244 | -H-- | C] () -- C:\sqmnoopt00.sqm
[2008/09/27 18:25:40 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Simon Lake.BADCARDZ-7E7BD3\My Documents\My Received Files
[2008/09/27 18:20:26 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\WLInstaller
[2008/09/27 18:12:29 | 00,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmpns.dll
[2008/09/27 18:10:50 | 00,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2008/09/27 17:58:07 | 01,306,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6.dll
[2008/09/27 17:58:07 | 00,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml6r.dll
[2008/09/27 17:58:07 | 00,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6r.dll
[2008/09/27 17:58:06 | 01,306,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml6.dll
[2008/09/27 17:58:00 | 00,010,457 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.hta
[2008/09/27 17:58:00 | 00,001,771 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.css
[2008/09/27 17:58:00 | 00,000,855 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpocm.inf
[2008/09/27 17:58:00 | 00,000,420 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmploc.js
[2008/09/27 17:57:59 | 00,613,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.chm
[2008/09/27 17:57:59 | 00,067,374 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.adm
[2008/09/27 17:57:59 | 00,023,195 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplay.chm
[2008/09/27 17:57:58 | 00,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud7.wav
[2008/09/27 17:57:58 | 00,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud6.wav
[2008/09/27 17:57:58 | 00,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud9.wav
[2008/09/27 17:57:58 | 00,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud8.wav
[2008/09/27 17:57:57 | 00,354,468 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud1.wav
[2008/09/27 17:57:57 | 00,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud3.wav
[2008/09/27 17:57:57 | 00,086,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud5.wav
[2008/09/27 17:57:57 | 00,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud4.wav
[2008/09/27 17:57:57 | 00,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud2.wav
[2008/09/27 17:57:57 | 00,029,070 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmp.inf
[2008/09/27 17:57:55 | 00,017,272 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmdm.inf
[2008/09/27 17:57:55 | 00,006,769 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmfsdk.inf
[2008/09/27 17:57:54 | 00,008,677 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm7.gif
[2008/09/27 17:57:54 | 00,007,892 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm9.gif
[2008/09/27 17:57:54 | 00,007,636 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm2.gif
[2008/09/27 17:57:54 | 00,007,369 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm4.gif
[2008/09/27 17:57:54 | 00,006,241 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm3.gif
[2008/09/27 17:57:54 | 00,006,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm6.gif
[2008/09/27 17:57:54 | 00,005,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm1.gif
[2008/09/27 17:57:54 | 00,004,193 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm8.gif
[2008/09/27 17:57:54 | 00,002,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm5.gif
[2008/09/27 17:57:53 | 00,300,969 | ---- | C] () -- C:\WINDOWS\System32\dllcache\viz.wmv
[2008/09/27 17:57:53 | 00,023,829 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tourbg.gif
[2008/09/27 17:57:53 | 00,017,489 | ---- | C] () -- C:\WINDOWS\System32\dllcache\videobg.gif
[2008/09/27 17:57:53 | 00,005,290 | ---- | C] () -- C:\WINDOWS\System32\dllcache\vidsamp.gif
[2008/09/27 17:57:53 | 00,003,187 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tour.js
[2008/09/27 17:57:53 | 00,002,469 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplay.gif
[2008/09/27 17:57:53 | 00,002,450 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpause.gif
[2008/09/27 17:57:53 | 00,002,375 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplayh.gif
[2008/09/27 17:57:53 | 00,002,371 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpauseh.gif
[2008/09/27 17:57:53 | 00,001,398 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taon.gif
[2008/09/27 17:57:53 | 00,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taonh.gif
[2008/09/27 17:57:52 | 00,086,016 | ---- | C] (Sipro Lab Telecom Inc.) -- C:\WINDOWS\System32\dllcache\sl_anet.acm
[2008/09/27 17:57:52 | 00,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoff.gif
[2008/09/27 17:57:52 | 00,001,367 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoffh.gif
[2008/09/27 17:57:52 | 00,001,148 | ---- | C] () -- C:\WINDOWS\System32\dllcache\snd.htm
[2008/09/27 17:57:52 | 00,000,908 | ---- | C] () -- C:\WINDOWS\System32\dllcache\skins.inf
[2008/09/27 17:57:51 | 00,572,557 | ---- | C] () -- C:\WINDOWS\System32\dllcache\rtuner.wmv
[2008/09/27 17:57:51 | 00,077,307 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plyr_err.chm
[2008/09/27 17:57:51 | 00,066,725 | ---- | C] () -- C:\WINDOWS\System32\dllcache\revert.wmz
[2008/09/27 17:57:51 | 00,001,036 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst8.wpl
[2008/09/27 17:57:51 | 00,000,784 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst9.wpl
[2008/09/27 17:57:50 | 00,375,519 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nuskin.wmv
[2008/09/27 17:57:50 | 00,022,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npds.zip
[2008/09/27 17:57:50 | 00,001,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst6.wpl
[2008/09/27 17:57:50 | 00,001,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst5.wpl
[2008/09/27 17:57:50 | 00,001,474 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst3.wpl
[2008/09/27 17:57:50 | 00,001,451 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst12.wpl
[2008/09/27 17:57:50 | 00,001,448 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst4.wpl
[2008/09/27 17:57:50 | 00,001,250 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst1.wpl
[2008/09/27 17:57:50 | 00,001,049 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst2.wpl
[2008/09/27 17:57:50 | 00,001,046 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst7.wpl
[2008/09/27 17:57:50 | 00,000,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst11.wpl
[2008/09/27 17:57:50 | 00,000,787 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst10.wpl
[2008/09/27 17:57:50 | 00,000,783 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst13.wpl
[2008/09/27 17:57:50 | 00,000,775 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst14.wpl
[2008/09/27 17:57:50 | 00,000,733 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst15.wpl
[2008/09/27 17:57:49 | 00,000,403 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npdrmv2.zip
[2008/09/27 17:57:48 | 00,294,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msaud32.acm
[2008/09/27 17:57:47 | 00,018,286 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.inf
[2008/09/27 17:57:47 | 00,002,778 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogoh.gif
[2008/09/27 17:57:47 | 00,002,545 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogo.gif
[2008/09/27 17:57:46 | 00,457,607 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mdlib.wmv
[2008/09/27 17:57:45 | 00,290,816 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\WINDOWS\System32\dllcache\l3codeca.acm
[2008/09/27 17:57:45 | 00,005,971 | ---- | C] () -- C:\WINDOWS\System32\dllcache\events.js
[2008/09/27 17:57:44 | 00,381,425 | ---- | C] () -- C:\WINDOWS\System32\dllcache\copycd.wmv
[2008/09/27 17:57:44 | 00,009,585 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.css
[2008/09/27 17:57:44 | 00,008,298 | ---- | C] () -- C:\WINDOWS\System32\dllcache\contents.htm
[2008/09/27 17:57:44 | 00,006,878 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.js
[2008/09/27 17:57:43 | 00,184,959 | ---- | C] () -- C:\WINDOWS\System32\dllcache\compact.wmz
[2008/09/27 17:57:43 | 00,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnth.gif
[2008/09/27 17:57:43 | 00,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnt.gif
[2008/09/27 17:57:43 | 00,000,772 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cntd.gif
[2008/09/27 17:57:43 | 00,000,760 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapph.gif
[2008/09/27 17:57:43 | 00,000,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapp.gif
[2008/09/27 17:57:42 | 00,000,999 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bktrh.gif
[2008/09/27 17:57:22 | 00,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpcdll.dll
[2008/09/27 17:56:57 | 00,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\irbus.sys
[2008/09/27 17:56:57 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rwnh.dll
[2008/09/27 17:56:57 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsdupd.exe
[2008/09/27 17:56:56 | 00,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\smtpapi.dll
[2008/09/27 17:56:47 | 00,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\aaclient.dll
[2008/09/27 17:56:43 | 00,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\azroles.dll
[2008/09/27 17:56:42 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx4.dll
[2008/09/27 17:56:41 | 00,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dhcpqec.dll
[2008/09/27 17:56:41 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dimsroam.dll
[2008/09/27 17:56:41 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dimsntfy.dll
[2008/09/27 17:56:41 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\credssp.dll
[2008/09/27 17:56:40 | 00,650,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3ui.dll
[2008/09/27 17:56:40 | 00,132,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3svc.dll
[2008/09/27 17:56:40 | 00,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3cfg.dll
[2008/09/27 17:56:40 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3msm.dll
[2008/09/27 17:56:40 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3gpclnt.dll
[2008/09/27 17:56:40 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3api.dll
[2008/09/27 17:56:40 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3dlg.dll
[2008/09/27 17:56:39 | 00,184,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapp3hst.dll
[2008/09/27 17:56:39 | 00,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapphost.dll
[2008/09/27 17:56:39 | 00,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappcfg.dll
[2008/09/27 17:56:39 | 00,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappgnui.dll
[2008/09/27 17:56:39 | 00,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapolqec.dll
[2008/09/27 17:56:38 | 00,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapqec.dll
[2008/09/27 17:56:38 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappprxy.dll
[2008/09/27 17:56:38 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapsvc.dll
[2008/09/27 17:56:37 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\hccoin.dll
[2008/09/27 17:56:34 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdiultn.dll
[2008/09/27 17:56:34 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbhc.dll
[2008/09/27 17:56:33 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kmsvc.dll
[2008/09/27 17:56:33 | 00,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\l2gpstore.dll
[2008/09/27 17:56:33 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpash.dll
[2008/09/27 17:56:33 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdnepr.dll
[2008/09/27 17:56:32 | 00,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\microsoft.managementconsole.dll
[2008/09/27 17:56:31 | 00,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcex.dll
[2008/09/27 17:56:31 | 00,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcfxcommon.dll
[2008/09/27 17:56:31 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcperf.exe
[2008/09/27 17:56:30 | 00,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mssha.dll
[2008/09/27 17:56:30 | 00,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msshavmsg.dll
[2008/09/27 17:56:29 | 00,193,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napmontr.dll
[2008/09/27 17:56:29 | 00,176,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napstat.exe
[2008/09/27 17:56:29 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napipsec.dll
[2008/09/27 17:56:28 | 00,144,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\onex.dll
[2008/09/27 17:56:27 | 00,412,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\photometadatahandler.dll
[2008/09/27 17:56:27 | 00,150,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qagent.dll
[2008/09/27 17:56:26 | 00,291,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qagentrt.dll
[2008/09/27 17:56:26 | 00,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rhttpaa.dll
[2008/09/27 17:56:26 | 00,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qutil.dll
[2008/09/27 17:56:26 | 00,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qcliprov.dll
[2008/09/27 17:56:26 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rasqec.dll
[2008/09/27 17:56:25 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\setupn.exe
[2008/09/27 17:56:24 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsgqec.dll
[2008/09/27 17:56:24 | 00,050,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tspkg.dll
[2008/09/27 17:56:24 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vidcap.ax
[2008/09/27 17:56:24 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\verclsid.exe
[2008/09/27 17:56:24 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vidcap.ax
[2008/09/27 17:56:23 | 00,712,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\windowscodecs.dll
[2008/09/27 17:56:23 | 00,347,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\windowscodecsext.dll
[2008/09/27 17:56:22 | 00,276,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmphoto.dll
[2008/09/27 17:56:22 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wlanapi.dll
[2008/09/27 17:56:20 | 00,121,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xmllite.dll
[2008/09/27 17:45:11 | 00,294,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dlimport.exe
[2008/09/27 17:40:23 | 00,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod
[2008/09/27 17:40:22 | 00,037,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthmodem.sys
[2008/09/27 17:40:22 | 00,017,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthenum.sys
[2008/09/27 17:40:21 | 00,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty
[2008/09/27 17:40:21 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthusb.sys
[2008/09/27 17:40:20 | 00,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\hidbth.sys
[2008/09/27 17:40:20 | 00,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\hidir.sys
[2008/09/27 17:40:17 | 00,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img
[2008/09/27 17:40:15 | 00,059,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rfcomm.sys
[2008/09/27 17:40:15 | 00,030,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rndismpx.sys
[2008/09/27 17:40:15 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sffp_mmc.sys
[2008/09/27 17:40:13 | 00,005,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\smbali.sys
[2008/09/27 17:40:12 | 00,121,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbvideo.sys
[2008/09/27 17:40:12 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbehci.sys
[2008/09/27 17:40:12 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usb8023x.sys
[2008/09/27 17:40:11 | 00,014,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\wacompen.sys
[2008/09/27 17:28:03 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2008/09/27 16:20:55 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Simon Lake.BADCARDZ-7E7BD3\Application Data\Macromedia
[2008/09/27 16:20:52 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Simon Lake.BADCARDZ-7E7BD3\Application Data\Adobe
[2008/09/27 16:16:10 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Adobe
[2008/09/27 15:11:22 | 00,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2008/09/27 15:10:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Simon Lake.BADCARDZ-7E7BD3\Local Settings\Application Data\Mozilla
[2008/09/27 15:10:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Simon Lake.BADCARDZ-7E7BD3\Application Data\Mozilla
[2008/09/27 15:02:54 | 00,203,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rmcast.sys
[2008/09/27 15:02:42 | 00,691,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcomm.dll
[2008/09/27 14:41:04 | 00,026,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spupdsvc.exe
[2008/09/27 14:35:55 | 00,045,376 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys
[2008/09/27 14:35:55 | 00,022,336 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys
[2008/09/27 14:35:54 | 00,028,352 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2008/09/27 14:35:50 | 00,075,072 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2008/09/27 14:35:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Avira
[2008/09/27 14:26:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Simon Lake.BADCARDZ-7E7BD3\Application Data\Sun
[2008/09/27 08:43:25 | 00,000,024 | ---- | C] () -- C:\url_history.xml
[2008/09/27 06:04:40 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winzm.ime
[2008/09/27 06:04:39 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winsp.ime
[2008/09/27 06:04:38 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winpy.ime
[2008/09/27 06:04:38 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winime.ime
[2008/09/27 06:04:37 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wingb.ime
[2008/09/27 06:04:36 | 00,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winar30.ime
[2008/09/27 06:04:34 | 00,041,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.dll
[2008/09/27 06:04:34 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.sys
[2008/09/27 06:04:31 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamps51.dll
[2008/09/27 06:04:29 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ext.dll
[2008/09/27 06:04:29 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3svapi.dll
[2008/09/27 06:04:28 | 00,048,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32.dll
[2008/09/27 06:04:28 | 00,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ctrs51.dll
[2008/09/27 06:04:27 | 00,086,073 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicesub.dll
[2008/09/27 06:04:26 | 00,426,041 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicepad.dll
[2008/09/27 06:04:20 | 00,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniime.dll
[2008/09/27 06:04:20 | 00,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unicdime.ime
[2008/09/27 06:04:18 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe
[2008/09/27 06:04:15 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmigrate.dll
[2008/09/27 06:04:14 | 00,455,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintsetp.exe
[2008/09/27 06:04:14 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlphr.exe
[2008/09/27 06:04:13 | 00,571,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlgnt.ime
[2008/09/27 06:04:13 | 00,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\thawbrkr.dll
[2008/09/27 06:04:11 | 00,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdipx.sys
[2008/09/27 06:04:11 | 00,019,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdspx.sys
[2008/09/27 06:04:10 | 00,013,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdasync.sys
[2008/09/27 06:04:05 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\status.dll
[2008/09/27 06:04:02 | 00,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusbusd.dll
[2008/09/27 06:03:58 | 00,143,422 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\softkey.dll
[2008/09/27 06:03:57 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll
[2008/09/27 06:03:56 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpstup.dll
[2008/09/27 06:03:53 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll
[2008/09/27 06:03:52 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsm.dll
[2008/09/27 06:03:52 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smimsgif.dll
[2008/09/27 06:03:52 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsy.dll
[2008/09/27 06:03:51 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb6w.dll
[2008/09/27 06:03:50 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm9aw.dll
[2008/09/27 06:03:50 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma3w.dll
[2008/09/27 06:03:50 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm93w.dll
[2008/09/27 06:03:50 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm92w.dll
[2008/09/27 06:03:49 | 00,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8cw.dll
[2008/09/27 06:03:49 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm90w.dll
[2008/09/27 06:03:49 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8dw.dll
[2008/09/27 06:03:48 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm87w.dll
[2008/09/27 06:03:48 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8aw.dll
[2008/09/27 06:03:48 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm89w.dll
[2008/09/27 06:03:47 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm81w.dll
[2008/09/27 06:03:47 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm59w.dll
[2008/09/27 06:03:46 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\simptcp.dll
[2008/09/27 06:03:39 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seos.dll
[2008/09/27 06:03:37 | 00,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_scripto.dll
[2008/09/27 06:03:34 | 00,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2008/09/27 06:03:34 | 00,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2008/09/27 06:03:30 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\romanime.ime
[2008/09/27 06:03:28 | 00,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe
[2008/09/27 06:03:28 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe
[2008/09/27 06:03:24 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quser.exe
[2008/09/27 06:03:23 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quick.ime
[2008/09/27 06:03:23 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe
[2008/09/27 06:03:18 | 00,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxviceo.dll
[2008/09/27 06:03:17 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmigrate.dll
[2008/09/27 06:03:17 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxmcro.dll
[2008/09/27 06:03:17 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxgl.dll
[2008/09/27 06:03:16 | 00,482,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlgnt.ime
[2008/09/27 06:03:16 | 00,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlphr.exe
[2008/09/27 06:03:15 | 00,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2008/09/27 06:03:15 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlcsd.dll
[2008/09/27 06:03:14 | 00,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phon.ime
[2008/09/27 06:03:14 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\permchk.dll
[2008/09/27 06:03:12 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pagecnt.dll
[2008/09/27 06:03:12 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs804.dll
[2008/09/27 06:03:11 | 00,036,927 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs411.dll
[2008/09/27 06:03:11 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs404.dll
[2008/09/27 06:03:11 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs412.dll
[2008/09/27 06:03:04 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll
[2008/09/27 06:03:00 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nextlink.dll
[2008/09/27 06:02:55 | 00,229,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\multibox.dll
[2008/09/27 06:02:45 | 01,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.lex
[2008/09/27 06:02:44 | 00,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.dll
[2008/09/27 06:02:27 | 00,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.sys
[2008/09/27 06:02:27 | 00,092,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.dll
[2008/09/27 06:02:26 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mdsync.dll
[2008/09/27 06:02:23 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll
[2008/09/27 06:02:21 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logscrpt.dll
[2008/09/27 06:02:17 | 01,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2008/09/27 06:02:17 | 00,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\korwbrkr.dll
[2008/09/27 06:02:16 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdvntc.dll
[2008/09/27 06:02:15 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth3.dll
[2008/09/27 06:02:15 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdusa.dll
[2008/09/27 06:02:15 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdurdu.dll
[2008/09/27 06:02:14 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth2.dll
[2008/09/27 06:02:14 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth1.dll
[2008/09/27 06:02:14 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth0.dll
[2008/09/27 06:02:14 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr2.dll
[2008/09/27 06:02:13 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr1.dll
[2008/09/27 06:02:12 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecat.dll
[2008/09/27 06:02:12 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecnt.dll
[2008/09/27 06:02:12 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnec95.dll
[2008/09/27 06:02:11 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintel.dll
[2008/09/27 06:02:10 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinpun.dll
[2008/09/27 06:02:10 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintam.dll
[2008/09/27 06:02:10 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinmar.dll
[2008/09/27 06:02:09 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinkan.dll
[2008/09/27 06:02:09 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinhin.dll
[2008/09/27 06:02:09 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinguj.dll
[2008/09/27 06:02:08 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdindev.dll
[2008/09/27 06:02:08 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdheb.dll
[2008/09/27 06:02:07 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdfa.dll
[2008/09/27 06:02:07 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgeo.dll
[2008/09/27 06:02:06 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv2.dll
[2008/09/27 06:02:06 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv1.dll
[2008/09/27 06:02:05 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda3.dll
[2008/09/27 06:02:05 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarmw.dll
[2008/09/27 06:02:05 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarme.dll
[2008/09/27 06:02:04 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda2.dll
[2008/09/27 06:02:04 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda1.dll
[2008/09/27 06:02:03 | 00,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jupiw.dll
[2008/09/27 06:02:03 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101a.dll
[2008/09/27 06:02:02 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iwrps.dll
[2008/09/27 06:02:01 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isapips.dll
[2008/09/27 06:01:58 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infoctrs.dll
[2008/09/27 06:01:56 | 00,315,455 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskf.dll
[2008/09/27 06:01:55 | 00,471,102 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskdic.dll
[2008/09/27 06:01:55 | 00,102,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imlang.dll
[2008/09/27 06:01:55 | 00,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2008/09/27 06:01:54 | 00,274,489 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputyc.dll
[2008/09/27 06:01:54 | 00,262,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputy.exe
[2008/09/27 06:01:54 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imkrinst.exe
[2008/09/27 06:01:53 | 00,233,527 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjprw.exe
[2008/09/27 06:01:53 | 00,208,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpmig.exe
[2008/09/27 06:01:53 | 00,045,109 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpuex.exe
[2008/09/27 06:01:52 | 00,307,257 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.exe
[2008/09/27 06:01:52 | 00,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2008/09/27 06:01:52 | 00,155,705 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdsvr.exe
[2008/09/27 06:01:51 | 00,716,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcus.dll
[2008/09/27 06:01:51 | 00,081,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.dll
[2008/09/27 06:01:51 | 00,057,398 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdadm.exe
[2008/09/27 06:01:50 | 00,811,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81k.dll
[2008/09/27 06:01:50 | 00,368,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcic.dll
[2008/09/27 06:01:49 | 00,340,023 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81.ime
[2008/09/27 06:01:49 | 00,311,359 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsv.exe
[2008/09/27 06:01:49 | 00,102,463 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsm.dll
[2008/09/27 06:01:48 | 00,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrcic.dll
[2008/09/27 06:01:48 | 00,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmbx.dll
[2008/09/27 06:01:48 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmig.exe
[2008/09/27 06:01:47 | 00,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2008/09/27 06:01:47 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekr61.ime
[2008/09/27 06:01:46 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iissync.exe
[2008/09/27 06:01:46 | 00,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iismui.dll
[2008/09/27 06:01:45 | 00,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisclex4.dll
[2008/09/27 06:01:45 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iiscrmap.dll
[2008/09/27 06:01:36 | 10,129,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxkor.dll
[2008/09/27 06:01:30 | 13,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2008/09/27 06:01:22 | 10,096,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxcht.dll
[2008/09/27 06:01:18 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hanjadic.dll
[2008/09/27 06:01:17 | 00,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2008/09/27 06:01:11 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsroute.dll
[2008/09/27 06:01:11 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssend.exe
[2008/09/27 06:01:08 | 00,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclntr.dll
[2008/09/27 06:01:07 | 00,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscfgwz.dll
[2008/09/27 06:01:06 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpctrs2.dll
[2008/09/27 06:01:06 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftlx041e.dll
[2008/09/27 06:01:03 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe
[2008/09/27 06:01:01 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll
[2008/09/27 06:00:58 | 00,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\et4000.sys
[2008/09/27 06:00:57 | 00,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll
[2008/09/27 06:00:57 | 00,045,056 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll
[2008/09/27 06:00:57 | 00,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll
[2008/09/27 06:00:41 | 00,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dayi.ime
[2008/09/27 06:00:37 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cprofile.exe
[2008/09/27 06:00:36 | 00,057,399 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cplexe.exe
[2008/09/27 06:00:36 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\counters.dll
[2008/09/27 06:00:35 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\convlog.exe
[2008/09/27 06:00:35 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\controt.dll
[2008/09/27 06:00:30 | 00,480,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintsetp.exe
[2008/09/27 06:00:29 | 00,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintime.dll
[2008/09/27 06:00:29 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintlgnt.ime
[2008/09/27 06:00:28 | 00,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2008/09/27 06:00:28 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtskdic.dll
[2008/09/27 06:00:27 | 00,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtbrkr.dll
[2008/09/27 06:00:27 | 00,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtmbx.dll
[2008/09/27 06:00:26 | 01,677,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chsbrkr.dll
[2008/09/27 06:00:25 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgport.exe
[2008/09/27 06:00:25 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgusr.exe
[2008/09/27 06:00:25 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chglogon.exe
[2008/09/27 06:00:24 | 00,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chajei.ime
[2008/09/27 06:00:24 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\change.exe
[2008/09/27 06:00:22 | 00,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2008/09/27 06:00:21 | 00,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_iscii.dll
[2008/09/27 06:00:20 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_is2022.dll
[2008/09/27 06:00:00 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\browscap.dll
[2008/09/27 05:59:56 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\authfilt.dll
[2008/09/27 05:59:53 | 00,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asptxn.dll
[2008/09/27 05:59:53 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aspperf.dll
[2008/09/27 05:59:51 | 00,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll
[2008/09/27 05:59:45 | 00,049,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adrot.dll
[2008/09/27 05:59:45 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll
[2008/09/27 05:59:44 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admxprox.dll
[2008/09/27 05:59:36 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamregps.dll
[2008/09/27 05:59:20 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetsloc.dll
[2008/09/27 05:59:19 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmgr.exe
[2008/09/27 05:59:18 | 00,169,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisui.dll
[2008/09/27 05:59:17 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisreset.exe
[2008/09/27 05:59:17 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrstap.dll
[2008/09/27 05:59:16 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpsapi2.dll
[2008/09/27 05:59:05 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\certmap.ocx
[2008/09/27 05:52:14 | 00,006,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\splitter.sys
[2008/09/27 05:52:08 | 00,004,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mspqm.sys
[2008/09/27 05:52:00 | 00,052,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\dmusic.sys
[2008/09/27 05:51:52 | 00,005,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mspclock.sys
[2008/09/27 05:51:48 | 00,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mskssrv.sys
[2008/09/27 05:43:05 | 00,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\spxcoins.dll
[2008/09/27 05:43:05 | 00,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxcoins.dll
[2008/09/27 05:43:05 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irclass.dll
[2008/09/27 05:43:05 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irclass.dll
[2008/09/27 05:42:47 | 00,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2008/09/27 05:42:47 | 00,007,382 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2008/09/27 05:42:46 | 00,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2008/09/27 05:42:46 | 00,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2008/09/27 05:42:46 | 00,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2008/09/27 05:42:45 | 01,042,903 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP2.CAT
[2008/09/27 04:46:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel
[2008/09/27 04:04:08 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Logitech
[2008/09/27 04:03:54 | 00,000,000 | ---D | C] -- C:\Program Files\Logitech
[2008/09/27 03:08:09 | 00,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\audstub.sys
[2008/09/27 03:06:42 | 00,057,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\redbook.sys
[2008/09/27 03:06:00 | 00,002,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\msmpu401.sys
[2008/09/27 03:05:36 | 00,297,728 | ---- | C] (Silicon Integrated Systems Corp.) -- C:\WINDOWS\System32\drivers\ac97sis.sys
[2008/09/27 03:05:33 | 00,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksproxy.ax
[2008/09/27 03:05:33 | 00,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksproxy.ax
[2008/09/27 03:05:33 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksuser.dll
[2008/09/27 03:05:33 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksuser.dll
[2008/09/27 03:05:19 | 00,032,768 | ---- | C] (SiS Corporation) -- C:\WINDOWS\System32\drivers\sisnic.sys
[2008/09/27 03:02:02 | 00,458,340 | ---- | C] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2008/09/27 03:02:00 | 00,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008/09/27 03:01:28 | 00,013,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\WFWNET.DRV
[2008/09/27 03:01:28 | 00,002,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VGA.DRV
[2008/09/27 03:01:27 | 00,004,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TIMER.DRV
[2008/09/27 03:01:27 | 00,003,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SYSTEM.DRV
[2008/09/27 03:01:27 | 00,001,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SOUND.DRV
[2008/09/27 03:01:26 | 00,002,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MOUSE.DRV
[2008/09/27 03:01:25 | 00,002,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\KEYBOARD.DRV
[2008/09/27 03:01:24 | 00,069,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVICAP.DLL
[2008/09/27 03:01:23 | 00,146,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\winspool.drv
[2008/09/27 03:01:23 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\irenum.sys
[2008/09/27 03:01:23 | 00,001,789 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2008/09/27 03:01:20 | 00,074,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\storprop.dll
[2008/09/27 03:01:04 | 00,000,084 | -HS- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\desktop.ini
[2008/09/27 03:01:04 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Documents\desktop.ini
[2008/09/27 03:01:04 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Application Data\desktop.ini
[2008/09/27 03:01:02 | 00,007,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat
[2008/09/27 03:00:32 | 00,225,296 | ---- | C] () -- C:\WINDOWS\setupapi.old
[2008/09/27 03:00:32 | 00,000,000 | --SD | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft
[2008/09/27 02:59:51 | 00,114,968 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008/09/27 02:58:50 | 00,015,437 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf
[2008/09/27 02:57:20 | 00,101,120 | R--- | C] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\System32\drivers\ewusbmdm.sys
[2008/09/27 02:52:52 | 00,023,488 | ---- | C] () -- C:\Documents and Settings\Simon Lake.BADCARDZ-7E7BD3\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2008/09/27 02:52:31 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Simon Lake.BADCARDZ-7E7BD3\Application Data\Vodafone
[2008/09/27 02:50:44 | 04,838,896 | -H-- | C] () -- C:\Documents and Settings\Simon Lake.BADCARDZ-7E7BD3\Local Settings\Application Data\IconCache.db
[2008/09/27 02:50:06 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\InstallShield
[2008/09/27 02:48:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Vodafone
[2008/09/27 02:47:31 | 00,008,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\SpOrder.dll
[2008/09/27 02:37:49 | 00,017,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2008/09/27 02:33:33 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Simon Lake.BADCARDZ-7E7BD3\Application Data\Identities
[2008/09/27 02:33:24 | 00,000,081 | -HS- | C] () -- C:\Documents and Settings\Simon Lake.BADCARDZ-7E7BD3\My Documents\desktop.ini
[2008/09/27 02:33:24 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Simon Lake.BADCARDZ-7E7BD3\My Documents\My Pictures
[2008/09/27 02:33:24 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Simon Lake.BADCARDZ-7E7BD3\My Documents\My Music
[2008/09/27 02:33:19 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\Simon Lake.BADCARDZ-7E7BD3\Application Data\desktop.ini
[2008/09/27 02:33:18 | 00,000,084 | -HS- | C] () -- C:\Documents and Settings\Simon Lake.BADCARDZ-7E7BD3\Start Menu\Programs\Startup\desktop.ini
[2008/09/27 02:33:18 | 00,000,000 | --SD | C] -- C:\Documents and Settings\Simon Lake.BADCARDZ-7E7BD3\Application Data\Microsoft
[2008/09/27 02:33:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Simon Lake.BADCARDZ-7E7BD3\Local Settings\Application Data\Microsoft
[2008/09/27 02:31:09 | 00,000,006 | -H-- | C] () -- C:\WINDOWS\tasks\SA.DAT
[2008/09/27 02:30:54 | 00,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2008/09/27 02:29:33 | 00,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2008/09/27 02:22:11 | 00,002,577 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT
[2008/09/27 02:22:11 | 00,000,000 | ---- | C] () -- C:\WINDOWS\control.ini
[2008/09/27 02:21:57 | 00,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2008/09/27 02:21:57 | 00,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2008/09/27 02:21:54 | 00,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2008/09/27 02:21:32 | 00,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mapi32.dll
[2008/09/27 02:18:25 | 04,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex
[2008/09/27 02:17:31 | 00,099,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helphost.exe
[2008/09/27 02:17:31 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\notiflag.exe
[2008/09/27 02:17:31 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\brpinfo.dll
[2008/09/27 02:17:31 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atrace.dll
[2008/09/27 02:17:31 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\atrace.dll
[2008/09/27 02:17:31 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hcappres.dll
[2008/09/27 02:17:23 | 00,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2008/09/27 02:17:23 | 00,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2008/09/27 02:17:23 | 00,000,002 | ---- | C] () -- C:\WINDOWS\System32\desktop.ini
[2008/09/27 02:17:23 | 00,000,002 | ---- | C] () -- C:\WINDOWS\desktop.ini
[2008/09/27 02:17:15 | 00,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srdiag.exe
[2008/09/27 02:17:14 | 00,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msg723.acm
[2008/09/27 02:17:14 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmevtmsg.dll
[2008/09/27 02:17:14 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmevtmsg.dll
[2008/09/27 02:17:14 | 00,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf
[2008/09/27 02:17:13 | 00,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\acctres.dll
[2008/09/27 02:17:13 | 00,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\acctres.dll
[2008/09/27 02:17:11 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icfgnt5.dll
[2008/09/27 02:17:11 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isignup.exe
[2008/09/27 02:17:11 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icfgnt5.dll
[2008/09/27 02:17:11 | 00,000,065 | RH-- | C] () -- C:\WINDOWS\tasks\desktop.ini
[2008/09/27 02:17:01 | 00,325,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll
[2008/09/27 02:17:01 | 00,325,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wucltui.dll
[2008/09/27 02:17:01 | 00,205,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuweb.dll
[2008/09/27 02:17:01 | 00,205,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuweb.dll
[2008/09/27 02:17:00 | 01,811,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng.dll
[2008/09/27 02:17:00 | 01,811,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaueng.dll
[2008/09/27 02:17:00 | 00,215,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaucpl.cpl
[2008/09/27 02:17:00 | 00,215,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaucpl.cpl
[2008/09/27 02:17:00 | 00,183,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng1.dll
[2008/09/27 02:17:00 | 00,036,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wups.dll
[2008/09/27 02:17:00 | 00,036,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wups.dll
[2008/09/27 02:17:00 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauserv.dll
[2008/09/27 02:16:59 | 00,563,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll
[2008/09/27 02:16:59 | 00,563,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuapi.dll
[2008/09/27 02:16:59 | 00,165,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauclt1.exe
[2008/09/27 02:16:59 | 00,053,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauclt.exe
[2008/09/27 02:16:59 | 00,053,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauclt.exe
[2008/09/27 02:16:59 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx2.dll
[2008/09/27 02:16:59 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx3.dll
[2008/09/27 02:16:58 | 00,409,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qmgr.dll
[2008/09/27 02:16:58 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qmgrprxy.dll
[2008/09/27 02:16:53 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrslv.dll
[2008/09/27 02:16:53 | 00,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrdm.dll
[2008/09/27 02:16:52 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrcdlg.dll
[2008/09/27 02:16:52 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\racpldlg.dll
[2008/09/27 02:16:48 | 00,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fltmc.exe
[2008/09/27 02:16:48 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fltlib.dll
[2008/09/27 02:16:47 | 00,239,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srrstr.dll
[2008/09/27 02:16:47 | 00,171,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srsvc.dll
[2008/09/27 02:16:47 | 00,129,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\fltmgr.sys
[2008/09/27 02:16:46 | 00,073,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sr.sys
[2008/09/27 02:16:46 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srclient.dll
[2008/09/27 02:16:45 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ils.dll
[2008/09/27 02:16:44 | 00,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoeacct.dll
[2008/09/27 02:16:44 | 00,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msh261.drv
[2008/09/27 02:16:44 | 00,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoert2.dll
[2008/09/27 02:16:44 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msconf.dll
[2008/09/27 02:16:44 | 00,034,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mnmdd.dll
[2008/09/27 02:16:44 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mnmsrvc.exe
[2008/09/27 02:16:44 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmmkcert.dll
[2008/09/27 02:16:43 | 00,691,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcomm.dll
[2008/09/27 02:16:43 | 00,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetres.dll
[2008/09/27 02:16:41 | 00,274,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstask.dll
[2008/09/27 02:16:41 | 00,192,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\schedsvc.dll
[2008/09/27 02:16:41 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstinit.exe
[2008/09/27 02:16:40 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\isign32.dll
[2008/09/27 02:16:40 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwdial.dll
[2008/09/27 02:16:40 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwphbk.dll
[2008/09/27 02:16:39 | 00,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcfg.dll
[2008/09/27 02:16:26 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users.WINDOWS\Documents\My Pictures
[2008/09/27 02:15:23 | 00,022,720 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008/09/27 02:15:06 | 00,000,037 | ---- | C] () -- C:\WINDOWS\vbaddin.ini
[2008/09/27 02:15:06 | 00,000,036 | ---- | C] () -- C:\WINDOWS\vb.ini
[2008/09/27 02:14:43 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users.WINDOWS\Documents\My Music
[2008/09/27 02:14:31 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\write.exe
[2008/09/27 02:14:31 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\write.exe
[2008/09/27 02:14:19 | 00,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndvol32.exe
[2008/09/27 02:14:19 | 00,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndvol32.exe
[2008/09/27 02:14:18 | 00,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avtapi.dll
[2008/09/27 02:14:18 | 00,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avtapi.dll
[2008/09/27 02:14:18 | 00,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avwav.dll
[2008/09/27 02:14:18 | 00,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avwav.dll
[2008/09/27 02:14:18 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avmeter.dll
[2008/09/27 02:14:18 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avmeter.dll
[2008/09/27 02:14:17 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winchat.exe
[2008/09/27 02:14:17 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winchat.exe
[2008/09/27 02:14:09 | 00,065,954 | ---- | C] () -- C:\WINDOWS\Prairie Wind.bmp
[2008/09/27 02:14:09 | 00,065,832 | ---- | C] () -- C:\WINDOWS\Santa Fe Stucco.bmp
[2008/09/27 02:14:09 | 00,026,680 | ---- | C] () -- C:\WINDOWS\River Sumida.bmp
[2008/09/27 02:14:09 | 00,026,582 | ---- | C] () -- C:\WINDOWS\Greenstone.bmp
[2008/09/27 02:14:09 | 00,017,362 | ---- | C] () -- C:\WINDOWS\Rhododendron.bmp
[2008/09/27 02:14:09 | 00,009,522 | ---- | C] () -- C:\WINDOWS\Zapotec.bmp
[2008/09/27 02:14:08 | 00,065,978 | ---- | C] () -- C:\WINDOWS\Soap Bubbles.bmp
[2008/09/27 02:14:08 | 00,017,336 | ---- | C] () -- C:\WINDOWS\Gone Fishing.bmp
[2008/09/27 02:14:08 | 00,017,062 | ---- | C] () -- C:\WINDOWS\Coffee Bean.bmp
[2008/09/27 02:14:08 | 00,016,730 | ---- | C] () -- C:\WINDOWS\FeatherTexture.bmp
[2008/09/27 02:14:08 | 00,001,272 | ---- | C] () -- C:\WINDOWS\Blue Lace 16.bmp
[2008/09/27 02:14:07 | 00,605,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\getuname.dll
[2008/09/27 02:14:07 | 00,605,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\getuname.dll
[2008/09/27 02:14:06 | 00,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\calc.exe
[2008/09/27 02:14:06 | 00,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\calc.exe
[2008/09/27 02:14:06 | 00,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\charmap.exe
[2008/09/27 02:14:06 | 00,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\charmap.exe
[2008/09/27 02:14:05 | 00,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sol.exe
[2008/09/27 02:14:05 | 00,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sol.exe
[2008/09/27 02:14:04 | 00,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mshearts.exe
[2008/09/27 02:14:04 | 00,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshearts.exe
[2008/09/27 02:14:04 | 00,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winmine.exe
[2008/09/27 02:14:04 | 00,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmine.exe
[2008/09/27 02:14:03 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\freecell.exe
[2008/09/27 02:14:03 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\freecell.exe
[2008/09/27 02:14:03 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsshutdn.exe
[2008/09/27 02:14:03 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsshutdn.exe
[2008/09/27 02:14:03 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tskill.exe
[2008/09/27 02:14:03 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tskill.exe
[2008/09/27 02:14:03 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsdiscon.exe
[2008/09/27 02:14:03 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscon.exe
[2008/09/27 02:14:03 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsdiscon.exe
[2008/09/27 02:14:03 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscon.exe
[2008/09/27 02:14:03 | 00,013,223 | ---- | C] () -- C:\WINDOWS\System32\tslabels.ini
[2008/09/27 02:14:03 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\reset.exe
[2008/09/27 02:14:03 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\reset.exe
[2008/09/27 02:14:03 | 00,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h
[2008/09/27 02:14:03 | 00,001,161 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2008/09/27 02:14:02 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\regini.exe
[2008/09/27 02:14:02 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\regini.exe
[2008/09/27 02:14:02 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qwinsta.exe
[2008/09/27 02:14:02 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qwinsta.exe
[2008/09/27 02:14:02 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msg.exe
[2008/09/27 02:14:02 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msg.exe
[2008/09/27 02:14:02 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qappsrv.exe
[2008/09/27 02:14:02 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qappsrv.exe
[2008/09/27 02:14:02 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rwinsta.exe
[2008/09/27 02:14:02 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rwinsta.exe
[2008/09/27 02:14:02 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\logoff.exe
[2008/09/27 02:14:02 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logoff.exe
[2008/09/27 02:14:02 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\shadow.exe
[2008/09/27 02:14:02 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shadow.exe
[2008/09/27 02:14:02 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpcfgex.dll
[2008/09/27 02:14:02 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpcfgex.dll
[2008/09/27 02:14:01 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cdmodem.dll
[2008/09/27 02:14:01 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cdmodem.dll
[2008/09/27 02:14:01 | 00,001,931 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.ini
[2008/09/27 02:14:01 | 00,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h
[2008/09/27 02:14:00 | 00,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxlegih.dll
[2008/09/27 02:14:00 | 00,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxdm.dll
[2008/09/27 02:14:00 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtsadmin.tlb
[2008/09/27 02:14:00 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dcomcnfg.exe
[2008/09/27 02:14:00 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxex.dll
[2008/09/27 02:13:59 | 00,167,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsnap.dll
[2008/09/27 02:13:59 | 00,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comrepl.dll
[2008/09/27 02:13:59 | 00,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\stclient.dll
[2008/09/27 02:13:59 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmi2xml.dll
[2008/09/27 02:13:59 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comaddin.dll
[2008/09/27 02:13:53 | 00,075,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipicmp.dll
[2008/09/27 02:13:53 | 00,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmitimep.dll
[2008/09/27 02:13:52 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmimsg.dll
[2008/09/27 02:13:52 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemdisp.tlb
[2008/09/27 02:13:52 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.tlb
[2008/09/27 02:13:52 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmtr.dll
[2008/09/27 02:13:52 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmt.exe
[2008/09/27 02:13:51 | 00,273,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msiprov.dll
[2008/09/27 02:13:51 | 00,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\updprov.dll
[2008/09/27 02:13:51 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmplprov.dll
[2008/09/27 02:13:51 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trnsprov.dll
[2008/09/27 02:13:51 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpcons.dll
[2008/09/27 02:13:51 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unsecapp.exe
[2008/09/27 02:13:51 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.dll
[2008/09/27 02:13:50 | 00,120,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsprov.dll
[2008/09/27 02:13:50 | 00,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc
[2008/09/27 02:13:50 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fwdprov.dll
[2008/09/27 02:13:49 | 00,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\accwiz.exe
[2008/09/27 02:13:49 | 00,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndrec32.exe
[2008/09/27 02:13:49 | 00,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\access.cpl
[2008/09/27 02:13:48 | 00,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mplay32.exe
[2008/09/27 02:13:48 | 00,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplay32.exe
[2008/09/27 02:13:47 | 00,538,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spider.exe
[2008/09/27 02:13:47 | 00,343,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mspaint.exe
[2008/09/27 02:13:47 | 00,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clipbrd.exe
[2008/09/27 02:13:46 | 00,139,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rdpwd.sys
[2008/09/27 02:13:46 | 00,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscfgwmi.dll
[2008/09/27 02:13:46 | 00,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tdtcp.sys
[2008/09/27 02:13:46 | 00,012,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tdpipe.sys
[2008/09/27 02:13:45 | 02,061,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstscax.dll
[2008/09/27 02:13:45 | 00,655,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstscax.dll
[2008/09/27 02:13:44 | 00,677,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstsc.exe
[2008/09/27 02:13:44 | 00,407,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstsc.exe
[2008/09/27 02:13:44 | 00,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdchost.dll
[2008/09/27 02:13:44 | 00,141,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sessmgr.exe
[2008/09/27 02:13:44 | 00,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdshost.exe
[2008/09/27 02:13:44 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\remotepg.dll
[2008/09/27 02:13:44 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdsaddin.exe
[2008/09/27 02:13:43 | 00,295,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\termsrv.dll
[2008/09/27 02:13:43 | 00,087,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpwsx.dll
[2008/09/27 02:13:43 | 00,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpclip.exe
[2008/09/27 02:13:43 | 00,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscupgrd.exe
[2008/09/27 02:13:43 | 00,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscupgrd.exe
[2008/09/27 02:13:43 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpsnd.dll
[2008/09/27 02:13:43 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qprocess.exe
[2008/09/27 02:13:42 | 00,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcuiu.dll
[2008/09/27 02:13:42 | 00,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxoci.dll
[2008/09/27 02:13:42 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cfgbkend.dll
[2008/09/27 02:13:42 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icaapi.dll
[2008/09/27 02:13:41 | 00,956,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtctm.dll
[2008/09/27 02:13:41 | 00,427,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcprx.dll
[2008/09/27 02:13:41 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtclog.dll
[2008/09/27 02:13:41 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xolehlp.dll
[2008/09/27 02:13:41 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtc.exe
[2008/09/27 02:13:40 | 00,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvps.dll
[2008/09/27 02:13:40 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\colbact.dll
[2008/09/27 02:13:39 | 00,625,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvut.dll
[2008/09/27 02:13:39 | 00,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrv.dll
[2008/09/27 02:13:39 | 00,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clbcatex.dll
[2008/09/27 02:13:38 | 01,267,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsvcs.dll
[2008/09/27 02:13:38 | 00,539,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comuid.dll
[2008/09/27 02:13:38 | 00,498,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clbcatq.dll
[2008/09/27 02:13:25 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\servdeps.dll
[2008/09/27 02:13:25 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmfutil.dll
[2008/09/27 02:13:24 | 00,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmprops.dll
[2008/09/27 02:13:24 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\licwmi.dll
[2008/09/27 02:13:21 | 00,196,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rdpdr.sys
[2008/09/27 02:13:20 | 00,040,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\termdd.sys
[2008/09/27 02:13:14 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users.WINDOWS\Documents\My Videos
[2008/09/25 19:32:07 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\IOSUBSYS
[2008/09/25 03:25:26 | 00,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2008/09/24 01:15:40 | 00,000,000 | ---D | C] -- C:\WINDOWS\Corel
[2008/09/24 01:13:36 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Corel
[2008/09/23 15:58:05 | 00,000,000 | -H-D | C] -- C:\WINDOWS\System32\CanonIJ Uninstaller Information
[2008/09/23 15:57:36 | 00,000,000 | -H-D | C] -- C:\Program Files\CanonBJ
[2008/09/23 00:44:08 | 00,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2008/09/21 08:20:26 | 00,000,000 | ---D | C] -- C:\Program Files\Vodafone
[2008/09/21 08:10:33 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
[2008/09/21 04:22:41 | 00,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2008/09/21 02:16:21 | 00,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2008/09/21 00:52:36 | 00,000,000 | ---D | C] -- C:\Program Files\Avira
[2008/09/21 00:46:22 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2008/09/20 21:08:58 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2008/09/20 16:48:45 | 00,042,577 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgzm.exe
[2008/09/20 16:48:44 | 01,817,687 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgres.dll
[2008/09/20 16:48:44 | 00,082,501 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckg.dll
[2008/09/20 16:48:44 | 00,042,574 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvsezm.exe
[2008/09/20 16:48:43 | 00,780,885 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrres.dll
[2008/09/20 16:48:43 | 00,753,236 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvseres.dll
[2008/09/20 16:48:43 | 00,048,706 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvse.dll
[2008/09/20 16:48:43 | 00,042,575 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrzm.exe
[2008/09/20 16:48:43 | 00,040,515 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkr.dll
[2008/09/20 16:48:42 | 02,178,131 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlres.dll
[2008/09/20 16:48:42 | 01,175,635 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzres.dll
[2008/09/20 16:48:42 | 00,066,113 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvl.dll
[2008/09/20 16:48:42 | 00,057,409 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtz.dll
[2008/09/20 16:48:42 | 00,042,573 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlzm.exe
[2008/09/20 16:48:42 | 00,042,573 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzzm.exe
[2008/09/20 16:48:41 | 00,041,029 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zcorem.dll
[2008/09/20 16:48:41 | 00,032,339 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniansi.dll
[2008/09/20 16:48:41 | 00,013,894 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zonelibm.dll
[2008/09/20 16:48:41 | 00,004,677 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zeeverm.dll
[2008/09/20 16:48:40 | 01,039,955 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnresm.dll
[2008/09/20 16:48:40 | 00,113,222 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zoneclim.dll
[2008/09/20 16:48:39 | 00,217,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnclim.dll
[2008/09/20 16:48:39 | 00,036,937 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zclientm.exe
[2008/09/20 16:48:39 | 00,029,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\znetm.dll
[2008/09/20 16:23:17 | 00,000,000 | ---D | C] -- C:\WINDOWS\setup.pss
[2008/09/20 00:53:24 | 00,000,000 | ---D | C] -- C:\797bd3be8eaaeb6484e4
[2008/09/17 23:49:13 | 00,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2008/09/17 23:48:23 | 00,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2008/09/17 12:59:11 | 00,000,000 | ---D | C] -- C:\Program Files\xerox
[2008/09/17 12:59:10 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom
[2008/09/17 12:59:09 | 00,000,000 | ---D | C] -- C:\Program Files\msn gaming zone
[2008/09/17 12:59:09 | 00,000,000 | ---D | C] -- C:\Program Files\microsoft frontpage
[2008/09/17 12:39:35 | 00,000,000 | ---D | C] -- C:\Program Files\Messenger
[2008/09/17 12:37:50 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting
[2008/09/17 12:37:45 | 00,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2008/09/17 12:37:42 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\en
[2008/09/17 12:37:41 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2008/09/17 12:22:41 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups
[2008/09/17 09:06:52 | 00,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2008/09/17 09:05:50 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Designer
[2008/09/17 09:05:35 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2008/09/17 08:46:15 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\CANON
[2008/09/17 08:39:31 | 00,000,000 | ---D | C] -- C:\Program Files\Canon
[2008/09/17 08:36:19 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2008/09/17 05:59:40 | 00,000,000 | ---D | C] -- C:\WINDOWS\ie7updates
[2008/09/17 05:58:36 | 00,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2008/09/17 05:58:34 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US
[2008/09/17 05:56:52 | 00,000,000 | -H-D | C] -- C:\WINDOWS\ie7
[2008/09/17 05:56:34 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
[2008/09/17 05:56:03 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
[2008/09/17 05:53:23 | 00,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2008/09/17 05:46:52 | 00,000,000 | RHSD | C] -- C:\WINDOWS\System32\DllCache
[2008/09/17 05:28:26 | 00,000,000 | ---D | C] -- C:\Program Files\Adobe
[2008/09/17 05:28:18 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2008/09/17 05:27:37 | 00,000,000 | ---D | C] -- C:\WINDOWS\Sun
[2008/09/17 05:23:54 | 00,000,000 | ---D | C] -- C:\Config.Msi
[2008/09/17 04:47:57 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2
[2008/09/16 17:30:38 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\logishrd
[2008/09/16 14:38:58 | 00,000,000 | ---D | C] -- C:\WINDOWS\RegisteredPackages
[2008/09/16 07:09:48 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
[2008/09/16 06:53:38 | 00,000,000 | -HSD | C] -- C:\RECYCLER
[2008/09/16 06:43:05 | 00,000,000 | -HSD | C] -- C:\Program Files\Common Files\WindowsLiveInstaller
[2008/09/16 06:42:00 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2008/09/16 06:32:37 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2008/09/16 06:20:20 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2008/09/16 06:12:35 | 00,000,000 | -HSD | C] -- C:\WINDOWS\Installer
[2008/09/16 06:12:34 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC
[2008/09/16 06:12:31 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spcommon.dll
[2008/09/16 06:12:31 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spcplui.dll
[2008/09/16 06:12:30 | 01,685,606 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.spd
[2008/09/16 06:12:30 | 00,774,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spttseng.dll
[2008/09/16 06:12:30 | 00,605,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa
[2008/09/16 06:12:30 | 00,000,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.sdf
[2008/09/16 06:12:29 | 00,643,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa
[2008/09/16 06:12:29 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapisvr.exe
[2008/09/16 06:12:29 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeechEngines
[2008/09/16 06:12:29 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Shared
[2008/09/16 06:12:28 | 00,000,000 | R--D | C] -- C:\Program Files
[2008/09/16 06:12:28 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files
[2008/09/16 06:11:19 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2008/09/16 06:11:19 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot
[2008/09/16 06:10:39 | 00,000,000 | ---D | C] -- C:\Documents and Settings
[2008/09/16 06:09:53 | 00,000,211 | -HS- | C] () -- C:\boot.ini
[2008/09/16 06:07:17 | 00,000,000 | ---D | C] -- C:\Program Files\Java
[2008/09/16 05:47:31 | 00,000,000 | ---D | C] -- C:\install
[2008/09/16 05:43:51 | 00,000,000 | -HSD | C] -- C:\System Volume Information
[2008/09/16 05:42:50 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2008/09/16 05:41:10 | 00,000,000 | R-SD | C] -- C:\WINDOWS\Fonts
[2008/09/16 05:41:10 | 00,000,000 | R--D | C] -- C:\WINDOWS\Web
[2008/09/16 05:41:10 | 00,000,000 | -H-D | C] -- C:\WINDOWS\inf
[2008/09/16 05:41:10 | 00,000,000 | ---D | C] -- C:\WINDOWS\WinSxS
[2008/09/16 05:41:10 | 00,000,000 | ---D | C] -- C:\WINDOWS\twain_32
[2008/09/16 05:41:10 | 00,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2008/09/16 05:41:10 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\wins
[2008/09/16 05:41:10 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem
[2008/09/16 05:41:10 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt
[2008/09/16 05:41:10 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\spool
[2008/09/16 05:41:10 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt
[2008/09/16 05:41:10 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup
[2008/09/16 05:41:10 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ras
[2008/09/16 05:41:10 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe
[2008/09/16 05:41:10 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\npp
[2008/09/16 05:41:10 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\mui
[2008/09/16 05:41:10 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv
[2008/09/16 05:41:10 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\IME
[2008/09/16 05:41:10 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml
[2008/09/16 05:41:10 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ias
[2008/09/16 05:41:10 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\export
[2008/09/16 05:41:10 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc
[2008/09/16 05:41:10 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn
[2008/09/16 05:41:10 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers
[2008/09/16 05:41:10 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp
[2008/09/16 05:41:10 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\config
[2008/09/16 05:41:10 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi
[2008/09/16 05:41:10 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\3076
[2008/09/16 05:41:10 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\2052
[2008/09/16 05:41:10 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1054
[2008/09/16 05:41:10 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1042
[2008/09/16 05:41:10 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1041
[2008/09/16 05:41:10 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1037
[2008/09/16 05:41:10 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1033
[2008/09/16 05:41:10 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1031
[2008/09/16 05:41:10 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1028
[2008/09/16 05:41:10 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1025
[2008/09/16 05:41:10 | 00,000,000 | ---D | C] -- C:\WINDOWS\system32
[2008/09/16 05:41:10 | 00,000,000 | ---D | C] -- C:\WINDOWS\system
[2008/09/16 05:41:10 | 00,000,000 | ---D | C] -- C:\WINDOWS\security
[2008/09/16 05:41:10 | 00,000,000 | ---D | C] -- C:\WINDOWS\Resources
[2008/09/16 05:41:10 | 00,000,000 | ---D | C] -- C:\WINDOWS\repair
[2008/09/16 05:41:10 | 00,000,000 | ---D | C] -- C:\WINDOWS\Provisioning
[2008/09/16 05:41:10 | 00,000,000 | ---D | C] -- C:\WINDOWS\PeerNet
[2008/09/16 05:41:10 | 00,000,000 | ---D | C] -- C:\WINDOWS\pchealth
[2008/09/16 05:41:10 | 00,000,000 | ---D | C] -- C:\WINDOWS\mui
[2008/09/16 05:41:10 | 00,000,000 | ---D | C] -- C:\WINDOWS\msapps
[2008/09/16 05:41:10 | 00,000,000 | ---D | C] -- C:\WINDOWS\msagent
[2008/09/16 05:41:10 | 00,000,000 | ---D | C] -- C:\WINDOWS\java
[2008/09/16 05:41:10 | 00,000,000 | ---D | C] -- C:\WINDOWS\ime
[2008/09/16 05:41:10 | 00,000,000 | ---D | C] -- C:\WINDOWS\Help
[2008/09/16 05:41:10 | 00,000,000 | ---D | C] -- C:\WINDOWS\ehome
[2008/09/16 05:41:10 | 00,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache
[2008/09/16 05:41:10 | 00,000,000 | ---D | C] -- C:\WINDOWS\Debug
[2008/09/16 05:41:10 | 00,000,000 | ---D | C] -- C:\WINDOWS\Cursors
[2008/09/16 05:41:10 | 00,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard
[2008/09/16 05:41:10 | 00,000,000 | ---D | C] -- C:\WINDOWS\Config
[2008/09/16 05:41:10 | 00,000,000 | ---D | C] -- C:\WINDOWS\AppPatch
[2008/09/16 05:41:10 | 00,000,000 | ---D | C] -- C:\WINDOWS\addins
[2008/09/16 05:41:10 | 00,000,000 | ---D | C] -- C:\WINDOWS
[2008/09/16 05:37:03 | 00,000,000 | R-SD | C] -- C:\WINDOWS\assembly
[2008/09/16 05:36:18 | 00,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET
[2008/09/16 05:32:52 | 00,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
[2008/09/16 05:32:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2008/09/16 05:31:58 | 00,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft
[2008/09/16 05:28:26 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$
[2008/09/16 05:28:12 | 00,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2008/09/16 05:28:12 | 00,000,000 | RHS- | C] () -- C:\IO.SYS
[2008/09/16 05:28:12 | 00,000,000 | ---- | C] () -- C:\CONFIG.SYS
[2008/09/16 05:28:12 | 00,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT
[2008/09/16 05:25:55 | 00,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files
[2008/09/16 05:25:55 | 00,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages
[2008/09/16 05:25:32 | 00,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate
[2008/09/16 05:25:26 | 00,000,000 | ---D | C] -- C:\Program Files\Online Services
[2008/09/16 05:24:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX
[2008/09/16 05:24:36 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msinfo32.exe
[2008/09/16 05:24:36 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wb32.exe
[2008/09/16 05:24:36 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cb32.exe
[2008/09/16 05:24:35 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Services
[2008/09/16 05:24:31 | 00,000,000 | --SD | C] -- C:\WINDOWS\Tasks
[2008/09/16 05:24:30 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwtutor.exe
[2008/09/16 05:24:30 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwres.dll
[2008/09/16 05:24:30 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trialoc.dll
[2008/09/16 05:24:30 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wisc10.dll
[2008/09/16 05:24:30 | 00,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssoapr.dll
[2008/09/16 05:24:29 | 00,235,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssoap1.dll
[2008/09/16 05:24:29 | 00,093,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieinfo5.ocx
[2008/09/16 05:24:29 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap
[2008/09/16 05:24:25 | 00,000,000 | ---D | C] -- C:\WINDOWS\srchasst
[2008/09/16 05:24:24 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed
[2008/09/16 05:24:23 | 00,774,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setup_wm.exe
[2008/09/16 05:24:23 | 00,368,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpvis.dll
[2008/09/16 05:24:23 | 00,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpband.dll
[2008/09/16 05:24:22 | 00,786,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migrate.exe
[2008/09/16 05:24:22 | 00,226,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npdrmv2.dll
[2008/09/16 05:24:22 | 00,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpns.dll
[2008/09/16 05:24:22 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmplayer.exe
[2008/09/16 05:24:22 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\custsat.dll
[2008/09/16 05:24:21 | 00,364,544 | ---- | C] (Microsoft Corporation (written by Digital Renaissance Inc.)) -- C:\WINDOWS\System32\dllcache\npdsplay.dll
[2008/09/16 05:24:21 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npwmsdrm.dll
[2008/09/16 05:24:21 | 00,004,639 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplayer2.exe
[2008/09/16 05:24:14 | 00,000,000 | ---D | C] -- C:\Program Files\Movie Maker
[2008/09/16 05:24:09 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore
[2008/09/16 05:24:04 | 00,000,000 | ---D | C] -- C:\Program Files\NetMeeting
[2008/09/16 05:24:00 | 00,000,000 | ---D | C] -- C:\Program Files\Outlook Express
[2008/09/16 05:23:56 | 00,554,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dao360.dll
[2008/09/16 05:23:50 | 00,331,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadce.dll
[2008/09/16 05:23:50 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\System
[2008/09/16 05:23:48 | 00,000,000 | ---D | C] -- C:\Program Files\Internet Explorer
[2008/09/16 05:22:30 | 00,000,000 | ---D | C] -- C:\Program Files\ComPlus Applications
[2008/09/16 05:22:19 | 00,000,000 | ---D | C] -- C:\WINDOWS\Registration
[2008/09/16 05:22:09 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Media Player
[2008/09/16 05:21:29 | 00,000,000 | ---D | C] -- C:\Program Files\Windows NT
[2008/09/16 05:21:25 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc
[2008/09/16 05:21:23 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Com

========== Files - Modified Within 30 Days ==========

[1 C:\WINDOWS\System32\*.tmp files]
[7 C:\WINDOWS\*.tmp files]
[2008/10/11 12:05:16 | 00,000,595 | ---- | M] () -- C:\Documents and Settings\Simon Lake.BADCARDZ-7E7BD3\My Documents\My Sharing Folders.lnk
[2008/10/11 11:39:02 | 00,000,264 | ---- | M] () -- C:\WINDOWS\tasks\Check Updates for Windows Live Toolbar.job
[2008/10/11 02:51:04 | 00,009,216 | ---- | M] () -- C:\Documents and Settings\Simon Lake.BADCARDZ-7E7BD3\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/10/11 00:41:47 | 00,348,371 | ---- | M] () -- C:\WINDOWS\System32\vsconfig.xml
[2008/10/11 00:40:35 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2008/10/11 00:40:08 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2008/10/11 00:37:26 | 04,838,896 | -H-- | M] () -- C:\Documents and Settings\Simon Lake.BADCARDZ-7E7BD3\Local Settings\Application Data\IconCache.db
[2008/10/10 13:51:22 | 00,001,548 | ---- | M] () -- C:\Documents and Settings\Simon Lake.BADCARDZ-7E7BD3\Desktop\CCleaner.lnk
[2008/10/06 22:52:41 | 00,000,793 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Ad-Aware.lnk
[2008/10/06 12:47:54 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2008/10/05 22:38:37 | 00,001,885 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\Logitech Desktop Messenger.lnk
[2008/10/05 22:38:04 | 00,118,784 | R--- | M] () -- C:\WINDOWS\bwUnin-7.2.0.157-8876480SL.exe
[2008/10/05 22:30:54 | 00,001,887 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Logitech QuickCam 10.0.lnk
[2008/10/05 20:45:00 | 00,000,106 | ---- | M] () -- C:\Documents and Settings\Simon Lake.BADCARDZ-7E7BD3\Desktop\Windows Live Hotmail.URL
[2008/10/04 22:43:45 | 00,001,734 | ---- | M] () -- C:\Documents and Settings\Simon Lake.BADCARDZ-7E7BD3\Desktop\HijackThis.lnk
[2008/10/04 13:58:54 | 00,001,839 | ---- | M] () -- C:\Documents and Settings\Simon Lake.BADCARDZ-7E7BD3\Desktop\Windows Live Messenger .lnk
[2008/10/02 23:16:53 | 00,001,863 | ---- | M] () -- C:\Documents and Settings\Simon Lake.BADCARDZ-7E7BD3\Desktop\Start Avira AntiVir Personal.lnk
[2008/10/02 22:36:05 | 00,000,933 | ---- | M] () -- C:\Documents and Settings\Simon Lake.BADCARDZ-7E7BD3\Desktop\Spybot - Search & Destroy.lnk
[2008/10/02 21:03:45 | 00,000,696 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Malwarebytes' Anti-Malware.lnk
[2008/10/02 20:31:33 | 00,004,212 | -H-- | M] () -- C:\WINDOWS\System32\zllictbl.dat
[2008/10/02 17:24:27 | 00,104,448 | ---- | M] () -- C:\WINDOWS\System32\cjpoieuv.dll
[2008/10/01 17:49:02 | 00,001,602 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Mozilla Firefox.lnk
[2008/10/01 17:25:45 | 00,111,616 | ---- | M] () -- C:\WINDOWS\System32\xjwaqt.dll
[2008/10/01 17:25:45 | 00,111,616 | ---- | M] () -- C:\WINDOWS\System32\wlfibhxa.dll
[2008/10/01 11:24:27 | 00,923,712 | -HS- | M] () -- C:\WINDOWS\System32\myvaqeox.ini
[2008/10/01 11:21:23 | 00,111,616 | ---- | M] () -- C:\WINDOWS\System32\uunxpb.dll
[2008/10/01 11:21:23 | 00,111,616 | ---- | M] () -- C:\WINDOWS\System32\kwuounhk.dll
[2008/10/01 11:19:14 | 00,104,448 | ---- | M] () -- C:\WINDOWS\System32\qsnsgltt.dll
[2008/10/01 07:16:46 | 00,000,609 | ---- | M] () -- C:\Documents and Settings\Simon Lake.BADCARDZ-7E7BD3\Desktop\Windows Messenger.lnk
[2008/09/30 14:25:15 | 00,000,081 | -HS- | M] () -- C:\Documents and Settings\Simon Lake.BADCARDZ-7E7BD3\My Documents\desktop.ini
[2008/09/30 01:34:32 | 00,458,340 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2008/09/30 01:34:32 | 00,392,904 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2008/09/30 01:34:32 | 00,059,094 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2008/09/29 20:54:48 | 00,000,779 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\QuarkXPress Passport 5.0.lnk
[2008/09/29 20:47:14 | 00,000,539 | ---- | M] () -- C:\Documents and Settings\Simon Lake.BADCARDZ-7E7BD3\Desktop\Adobe InDesign CS.lnk
[2008/09/29 20:35:17 | 00,023,488 | ---- | M] () -- C:\Documents and Settings\Simon Lake.BADCARDZ-7E7BD3\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2008/09/29 20:33:40 | 00,114,968 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008/09/29 20:28:38 | 00,000,814 | ---- | M] () -- C:\Documents and Settings\Simon Lake.BADCARDZ-7E7BD3\Desktop\Adobe Photoshop 7.0.lnk
[2008/09/29 20:28:22 | 00,001,950 | ---- | M] () -- C:\Documents and Settings\Simon Lake.BADCARDZ-7E7BD3\Desktop\CorelDRAW 11.lnk
[2008/09/29 20:28:08 | 00,002,140 | ---- | M] () -- C:\Documents and Settings\Simon Lake.BADCARDZ-7E7BD3\Desktop\Adobe Illustrator 10.lnk
[2008/09/29 20:12:30 | 00,000,890 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
[2008/09/28 21:51:15 | 00,001,825 | ---- | M] () -- C:\Documents and Settings\Simon Lake.BADCARDZ-7E7BD3\Desktop\Macromedia Dreamweaver MX 2004.lnk
[2008/09/27 18:29:18 | 00,000,268 | -H-- | M] () -- C:\sqmdata00.sqm
[2008/09/27 18:29:18 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt00.sqm
[2008/09/27 18:13:23 | 00,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2008/09/27 15:11:22 | 00,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2008/09/27 08:43:25 | 00,000,024 | ---- | M] () -- C:\url_history.xml
[2008/09/27 06:05:45 | 00,015,437 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2008/09/27 05:58:43 | 00,000,084 | -HS- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\desktop.ini
[2008/09/27 05:58:33 | 00,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2008/09/27 05:58:33 | 00,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2008/09/27 05:58:12 | 00,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2008/09/27 05:56:03 | 00,000,477 | ---- | M] () -- C:\WINDOWS\win.ini
[2008/09/27 05:54:18 | 00,022,720 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008/09/27 05:52:21 | 00,000,211 | -HS- | M] () -- C:\boot.ini
[2008/09/27 05:43:13 | 00,000,250 | ---- | M] () -- C:\WINDOWS\system.ini
[2008/09/27 05:42:48 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Documents\desktop.ini
[2008/09/27 05:42:48 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Application Data\desktop.ini
[2008/09/27 05:15:55 | 00,225,296 | ---- | M] () -- C:\WINDOWS\setupapi.old
[2008/09/27 05:15:53 | 00,001,789 | ---- | M] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2008/09/27 03:01:04 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\Simon Lake.BADCARDZ-7E7BD3\Application Data\desktop.ini
[2008/09/27 02:47:31 | 00,008,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\SpOrder.dll
[2008/09/27 02:30:54 | 00,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD
[2008/09/27 02:22:21 | 00,000,084 | -HS- | M] () -- C:\Documents and Settings\Simon Lake.BADCARDZ-7E7BD3\Start Menu\Programs\Startup\desktop.ini
[2008/09/27 02:22:11 | 00,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2008/09/27 02:22:11 | 00,000,000 | ---- | M] () -- C:\WINDOWS\control.ini
[2008/09/27 02:15:06 | 00,000,037 | ---- | M] () -- C:\WINDOWS\vbaddin.ini
[2008/09/27 02:15:06 | 00,000,036 | ---- | M] () -- C:\WINDOWS\vb.ini
[2008/09/21 04:15:21 | 00,250,048 | RHS- | M] () -- C:\ntldr
[2008/09/16 05:28:12 | 00,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2008/09/16 05:28:12 | 00,000,000 | RHS- | M] () -- C:\IO.SYS
[2008/09/16 05:28:12 | 00,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2008/09/16 05:28:12 | 00,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
< End of report >
I have only installed winamp since I made my enquiry.

#4 PropagandaPanda

PropagandaPanda


  • Malware Response Team
  • 10,433 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:58 PM

Posted 11 October 2008 - 08:53 AM

Hello Lakes.

Seems like your computer was heavily infected. MBAM took out a huge chunk, but there are still some left.

I see that a toolbar was installed with your ZoneAlarm program. ZA is a great program, but the toolbar is considered adware. I suggest that you uninstall the toolbar using Add/Remove Programs.

Peer-to-Peer Programs Warning
Your log shows that you are using so called peer-to-peer or file-sharing programs (in your case LimeWire). These programs allow to share files between users as the name(s) suggest. In today's world cyber crime has come to an enormous dimension and any means is used to infect personal computers to make use of their stored data or machine power for further propagation of the malware files. A popular means is the use of file-sharing tools as a tremendous amount of prospective victims can be reached through it.

It is therefore possible to be infected by downloading manipulated files via peer-to-peer tools and thus suggested to be used with intense care. Some further readings on this subject, along the included links, are as follows: File-Sharing, otherwise known as Peer To Peer and Risks of File-Sharing Technology.

It is also important to note that sharing entertainment files and proprietary software infringes the copyright laws in many countries over the world and you are putting yourself at risk of being indicted through organizations watching over the rights of the authors of such files (i.e. the RIAA for music files, or the MPAA for movie files in the USA) or the authors of the files themselves.

Naturally there are also legal ways to use these services, such as downloading Linux distributions or office suites such as "Open Office."

It is your decision whether or not you wish to keep your program(s). However, please refrain from using them until your computer has been declared clean.

Install ERUNT
This tool will create a complete backup of your registry. After every reboot, a new backup is created to ensure we have a safety net after each step. Do not delete these backups until we are finished.
  • Please download erunt-setup.exe to your desktop.
  • Double click erunt-setup.exe. Follow the prompts and allow ERUNT to be installed with the settings at default. If you do not want a Desktop icon, feel free to uncheck that. When asked if you want to create an ERUNT entry in the startup folder, answer Yes. You can delete the installation file after use.
  • Erunt will open when the installation is finished. Check all items to be backed up in the default location and click OK.
You can find a complete guide to using the program here:
http://www.larshederer.homepage.t-online.de/erunt/erunt.txt

When we are finished with fixing your computer (I will make it clear when we are), you can uninstall ERUNT through Add/Remove Programs. The backups will be stored at C:\WINDOWS\erdnt, and will not be deleted when ERUNT is uninstalled.

How to Restore from the ERUNT Backup
Only restore from the backups if instructed to, or you need to do so. You need it if after doing something, your computer will only boot in Safe Mode and you are unable to contact us (or anyone else) for help by other means, or if your computer will not boot into Windows at all.

To restore when booted, navigate to C:\WINDOWS\erdnt (possibly WINNT), choose the folder with the most recent date, and double click ERDNT.EXE. Check all boxes in the restoration options.

To restore from the Recovery Console using the Windows CD:
  • Turn on your machine with the disk in the drive.
  • Type in the number of the Windows installation you want to repair (usually 1), then press Enter.
  • Type in the Administrator password (leave blank if you are unsure what it is or if you do not have one) and press Enter.
  • Type without quotes "cd erdnt" followed by Enter.
  • Type without quotes "dir" followed by Enter. This will list out the available folders, whose names are the date on which the backup was taken in (M)M-DD-YYYY format. Try the most recent dates first.
  • Type without quotes "cd **name of the folder**" followed by Enter.
  • Type without quotes "batch erdnt.con" followed by Enter.
  • Type without quotes "exit" followed by Enter.
  • Remove your CD from the drive and reboot your computer into the restored registry. If you still cannot boot, try again with an earlier restore date.
Disable Realtime Protection
Antimalware programs can interfere with the tools we need to run.

To disable Ad-Aware:
  • Right click on the Ad-Watch icon in the system tray.
  • At the bottom of the screen there will be two checkable items called "Active" and "Automatic".
    • Active: This will turn Ad-Watch On\Off without closing it.
    • Automatic: Suspicious activity will be blocked automatically.
  • Uncheck both of those boxes.
  • (When done, you can re-enable it using the same steps but this time check both boxes.)
To disable Avira:
  • Navigate to the system tray on the bottom right hand corner and look for an open white umbrella on red background (looks to this: Posted Image )
  • right click it-> untick the option AntiVir Guard enable.
  • You should now see a closed, white umbrella on a red background (looks to this: Posted Image )
To disable SpyBot's TeaTimer:
  • Run Spybot-S&D in Advanced Mode. If it is not already set to do this Go to the Mode menu select Advanced Mode.
  • On the left hand side, Click on Tools.
  • Click on the Resident icon in the list.
  • Uncheck Resident TeaTimer and OK any prompts.
  • Download ResetTeaTimer.bat and run it to remove entries set by TeaTimer. The file should take only a second to finish. Delete this file after use.
Restart your computer for the changes to take affect.

Be sure to re-enable these after we are done.

Download and Run OTMoveIT
  • Please download OTMoveIt3 by OldTimer to your desktop. It is important that select Save, not run when you download this.
  • Double-click OTMoveIt3.exe to run it. If you are running on Vista, right click on the file and choose Run As Administrator.
  • Copy the lines in the codebox below. Do not copy the word "code".
    :reg
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "AppInit_Dlls"=""
    
    :files
    C:\WINDOWS\System32\cjpoieuv.dll
    C:\WINDOWS\System32\xjwaqt.dll
    C:\WINDOWS\System32\wlfibhxa.dll
    C:\WINDOWS\System32\myvaqeox.ini
    C:\WINDOWS\System32\uunxpb.dll
    C:\WINDOWS\System32\kwuounhk.dll
    C:\WINDOWS\System32\qsnsgltt.dll
    
    :commands
    [emptytemp]
    [Reboot]
  • Return to OTMoveIt3, right click in the Paste List Of Files/Patterns To Move window (under the yellow bar) and choose Paste.
  • Close all open windows expect OTMoveIt.
  • Click the Posted Image button.
  • Copy everything in the Results window (under the green bar) to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
  • Close OTMoveIt3.
Note: If a file or folder cannot be moved immediately, you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes. In this case, after the reboot, open Notepad (Start->All Programs->Accessories->Notepad), click File->Open, in the File Name box enter *.log and press the Enter key. Navigate to the C:\_OTMoveIt\MovedFiles folder, and open the newest ".log" file present, and copy/paste the contents of that document back here in your next post.

Run Scan with Kaspersky
Please do a scan with Kaspersky Online Scanner.

This scan is for Internet Explorer Only.

If you are using Windows Vista, open your browser by right-clicking on its icon and select Run as administrator to perform this scan.
  • Please disable your realtime protection software before proceeding. Refer to this page if you are unsure how.
  • Open the Kaspersky Scanner page.
  • Click on Accept and install any components it needs.
  • The program will install and then begin downloading the latest definition files.
  • After the files have been downloaded on the left side of the page in the Scan section select My Computer
  • This will start the program and scan your system.
  • The scan will take a while, so be patient and let it run.
  • Once the scan is complete, click on View scan report
  • Now, click on the Save Report as button.
  • Save the file to your desktop.
  • Copy and paste that information in your next post.
You can refer to this animation by sundavis.

This scanner will only scan. It does not remove any malware it finds.


Please post back with:
-the OTMoveIt log
-the Kaspersky log
-a new OTViewIt log (link if you lost yours)

Also tell me how your computer is running now. Does your antivirus detect anything except cookies?

With Regards,
The Panda

#5 PropagandaPanda

PropagandaPanda


  • Malware Response Team
  • 10,433 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:58 PM

Posted 13 October 2008 - 08:48 AM

Hello Lakes.

Do you still need help? Please give me an update on the situation.

With Regards,
The Panda

#6 PropagandaPanda

PropagandaPanda


  • Malware Response Team
  • 10,433 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:58 PM

Posted 16 October 2008 - 07:25 AM

Hello.

There had been no reply from the topic starter in 5 days. Due to inactivity, this topic is now closed.
If you are the topic starter and need this topic reopened, send me a message.

Everyone else, please begin a new topic.

With Regards,
The Panda




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users