Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

cannot open D , E drives resycled\boot.com is not a valid win32 application


  • Please log in to reply
3 replies to this topic

#1 TheOnlyOn3

TheOnlyOn3

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:05:51 AM

Posted 16 November 2008 - 01:02 PM

OTViewIT.txt :

OTViewIt logfile created on: 11/16/2008 2:38:03 PM - Run 2
OTViewIt by OldTimer - Version 1.0.20.0 Folder = C:\Documents and Settings\TheOnlyOn3\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 50.19% Memory free
3.85 Gb Paging File | 2.49 Gb Available in Paging File | 64.82% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 9.31 Gb Total Space | 1.40 Gb Free Space | 15.06% Space Free | Partition Type: FAT32
Drive D: | 18.62 Gb Total Space | 0.16 Gb Free Space | 0.85% Space Free | Partition Type: FAT32
Drive E: | 18.62 Gb Total Space | 0.45 Gb Free Space | 2.43% Space Free | Partition Type: FAT32
Drive F: | 13.97 Gb Total Space | 1.03 Gb Free Space | 7.34% Space Free | Partition Type: NTFS
Drive G: | 13.97 Gb Total Space | 0.24 Gb Free Space | 1.71% Space Free | Partition Type: FAT32
H: Drive not present or media not loaded
Drive I: | 3.75 Gb Total Space | 0.04 Gb Free Space | 1.19% Space Free | Partition Type: FAT32

Computer Name: CODENAME
Current User Name: TheOnlyOn3
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Whitelist: On
File Age = 30 Days

========== Processes ==========

[2008/11/13 14:40:34 | 00,231,704 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
[2007/12/05 01:41:00 | 00,155,716 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
[2006/08/14 12:00:04 | 16,050,176 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.EXE
[2006/09/07 13:19:28 | 00,015,872 | ---- | M] () -- C:\Program Files\Unlocker\UnlockerAssistant.exe
[2004/09/19 12:27:46 | 00,065,536 | ---- | M] () -- C:\Program Files\LClock\LClock.exe
[2004/08/04 00:56:56 | 00,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\RUNDLL32.EXE
[2008/11/13 14:51:18 | 01,234,712 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\PROGRA~1\AVG\AVG8\avgtray.exe
[2008/11/13 14:40:34 | 00,287,000 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\PROGRA~1\AVG\AVG8\avgrsx.exe
[2008/11/13 14:40:34 | 00,875,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\PROGRA~1\AVG\AVG8\avgemc.exe
[2008/11/14 08:30:46 | 05,724,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
[2008/11/11 16:49:56 | 00,065,536 | ---- | M] () -- D:\G@me$\Silkroad\bot\srobot.exe
[2008/11/12 12:31:54 | 09,457,664 | ---- | M] () -- D:\G@me$\Silkroad\sro_client.exe
[2008/11/12 12:31:54 | 09,457,664 | ---- | M] () -- D:\G@me$\Silkroad\sro_client.exe
[2008/08/04 06:04:00 | 01,345,376 | ---- | M] (Nullsoft) -- C:\Program Files\Winamp\winamp.exe
[2006/10/17 13:04:40 | 00,622,080 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
[2008/11/16 14:36:48 | 00,422,400 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\TheOnlyOn3\Desktop\OTViewIt.exe

========== (O23) Win32 Services ==========

[2005/09/23 07:28:32 | 00,029,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
[2008/11/13 14:40:34 | 00,875,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\PROGRA~1\AVG\AVG8\avgemc.exe -- (avg8emc [Auto | Running])
[2008/11/13 14:40:34 | 00,231,704 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe -- (avg8wd [Auto | Running])
[2005/09/23 07:28:56 | 00,066,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
[2007/12/05 01:41:00 | 00,155,716 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc [Auto | Running])
[2007/10/18 11:31:54 | 00,098,328 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\usnsvc.exe -- (usnjsvc [On_Demand | Stopped])
[2007/10/25 15:27:54 | 00,266,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\installer\WLSetupSvc.exe -- (WLSetupSvc [On_Demand | Stopped])
[2006/11/23 14:45:28 | 00,055,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wudfsvc.dll -- (WudfSvc [On_Demand | Stopped])

========== Driver Services ==========

[2008/11/13 14:40:38 | 00,097,928 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86 [System | Running])
[2008/11/13 14:40:38 | 00,026,824 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86 [System | Running])
[2008/11/13 14:40:42 | 00,076,040 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX [Auto | Running])
[2006/11/23 14:44:12 | 00,138,752 | ---- | M] (Windows ® Server 2003 DDK provider) -- C:\WINDOWS\system32\DRIVERS\HDAudBus.sys -- (HDAudBus [On_Demand | Running])
[2006/08/15 12:41:16 | 04,368,896 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService [On_Demand | Running])
[2001/08/17 13:51:32 | 00,018,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\irsir.sys -- (irsir [On_Demand | Running])
[2004/12/06 20:08:24 | 00,032,768 | ---- | M] (NextSecurity.NET) -- C:\WINDOWS\system32\drivers\nspacket.sys -- (NSPacket [On_Demand | Stopped])
[2005/02/23 15:08:16 | 00,003,584 | ---- | M] () -- D:\G@me$\Silkroad\bot\NtProcDrv.sys -- (NTProcDrv [On_Demand | Running])
[2007/12/05 01:41:00 | 07,435,392 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\DRIVERS\nv4_mini.sys -- (nv [On_Demand | Running])
[2006/04/24 15:52:28 | 00,100,736 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\DRIVERS\nvata.sys -- (nvata [Boot | Running])
[2006/12/16 15:00:46 | 00,100,736 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\drivers\nvatabus.sys -- (nvatabus [Boot | Running])
[2006/02/17 09:28:30 | 00,034,176 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\DRIVERS\NVENETFD.sys -- (NVENETFD [On_Demand | Running])
[2006/02/17 09:28:32 | 00,013,056 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\DRIVERS\nvnetbus.sys -- (nvnetbus [On_Demand | Running])
[2004/08/03 23:03:36 | 00,088,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys -- (NwlnkIpx [Auto | Running])
[2004/08/04 21:00:00 | 00,063,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\nwlnknb.sys -- (NwlnkNb [Auto | Running])
[2004/08/04 21:00:00 | 00,055,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys -- (NwlnkSpx [Auto | Running])
[2004/08/04 21:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])
[2007/03/08 06:51:00 | 00,043,528 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20 [Boot | Running])
[2006/11/23 14:44:02 | 00,163,644 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\DRIVERS\secdrv.sys -- (Secdrv [Auto | Running])

========== (R ) Internet Explorer ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main]
"Default_Page_URL"=http://go.microsoft.com/fwlink/?LinkId=69157
"Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896
"Default_Secondary_Page_URL"=
"Extensions Off Page"=about:NoAdd-ons
"Local Page"=%SystemRoot%\system32\blank.htm
"Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896
"Security Risk Page"=about:SecurityRisk
"Start Page"=http://go.microsoft.com/fwlink/?LinkId=69157

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search]
"CustomizeSearch"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
"SearchAssistant"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main]
"AlwaysUseDefaultPrinter"=yes
"Local Page"=C:\WINDOWS\system32\blank.htm
"Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896
"Start Page"=about:blank

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main]
"AlwaysUseDefaultPrinter"=yes
"Start Page"=about:blank

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main]
"AlwaysUseDefaultPrinter"=yes
"Start Page"=about:blank

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main]
"AlwaysUseDefaultPrinter"=yes
"Start Page"=about:blank

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main]
"AlwaysUseDefaultPrinter"=yes
"Start Page"=about:blank

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0

[HKEY_USERS\S-1-5-21-1220945662-630328440-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main]
"AlwaysUseDefaultPrinter"=yes
"Local Page"=C:\WINDOWS\system32\blank.htm
"Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896
"Start Page"=about:blank

[HKEY_USERS\S-1-5-21-1220945662-630328440-839522115-1003\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-1220945662-630328440-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0

========== (O1) Hosts File ==========

HOSTS File = (734 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
First 25 entries...
127.0.0.1 localhost

========== (O2) BHO's ==========

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\]
{3049C3E9-B461-4BC5-8870-4C09146192CA} (HKLM) -- C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} (HKLM) -- C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)
{7E853D72-626A-48EC-A868-BA8D5E23E045} (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

========== (O4) Run Keys ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Alcmtr"=ALCMTR.EXE (Realtek Semiconductor Corp.)
"AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
"EPSON Stylus CX3600 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE /P26 "EPSON Stylus CX3600 Series" /O6 "USB001" /M "Stylus CX3600" (SEIKO EPSON CORPORATION)
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 (Microsoft Corporation)
"LClock"=C:\Program Files\LClock\LClock.exe ()
"MSPY2002"=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC ()
"NvCplDaemon"=RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup (NVIDIA Corporation)
"NvMediaCenter"=RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit (NVIDIA Corporation)
"nwiz"=nwiz.exe /install ()
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName (Microsoft Corporation)
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC (Microsoft Corporation)
"RTHDCPL"=RTHDCPL.EXE (Realtek Semiconductor Corp.)
"SkyTel"=SkyTel.EXE (Realtek Semiconductor Corp.)
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe (Sun Microsystems, Inc.)
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot (RealNetworks, Inc.)
"UnlockerAssistant"=C:\Program Files\Unlocker\UnlockerAssistant.exe -H ()
"Vistadrv"=C:\WINDOWS\system32\vsdrv.exe ()
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" File not found

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background (Microsoft Corporation)
"Steam"="C:\Program Files\Steam\Steam.exe" -silent (Valve Corporation)
"Yahoo! Pager"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet (Yahoo! Inc.)

[HKEY_USERS\S-1-5-21-1220945662-630328440-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background (Microsoft Corporation)
"Steam"="C:\Program Files\Steam\Steam.exe" -silent (Valve Corporation)
"Yahoo! Pager"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet (Yahoo! Inc.)

========== (O4) RunOnce Keys ==========

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide2"=cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,L,,4,N (Microsoft Corporation)
"nltide3"=cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (Microsoft Corporation)

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide2"=cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,L,,4,N (Microsoft Corporation)
"nltide3"=cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (Microsoft Corporation)

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide1"=cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (Microsoft Corporation)
"nltide2"=cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,L,,4,N (Microsoft Corporation)
"nltide3"=cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (Microsoft Corporation)

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide1"=cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (Microsoft Corporation)
"nltide2"=cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,L,,4,N (Microsoft Corporation)
"nltide3"=cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (Microsoft Corporation)

========== (O4) Startup Folders ==========


========== (O6 & O7) Current Version Policies ==========

[HKEY_CURRENT_USER\Software\policies\microsoft\internet explorer]
"Windows Update Menu Text"=Microsoft Update

[HKEY_USERS\.DEFAULT\Software\policies\microsoft\internet explorer]
"Windows Update Menu Text"=Microsoft Update

[HKEY_USERS\S-1-5-18\Software\policies\microsoft\internet explorer]
"Windows Update Menu Text"=Microsoft Update

[HKEY_USERS\S-1-5-19\Software\policies\microsoft\internet explorer]
"Windows Update Menu Text"=Microsoft Update

[HKEY_USERS\S-1-5-20\Software\policies\microsoft\internet explorer]
"Windows Update Menu Text"=Microsoft Update

[HKEY_USERS\S-1-5-21-1220945662-630328440-839522115-1003\Software\policies\microsoft\internet explorer]
"Windows Update Menu Text"=Microsoft Update

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145
"NoLowDiskSpaceChecks"=1
"NoRecentDocsMenu"=1
"NoRecentDocsHistory"=1
"NoSMConfigurePrograms"=1

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145
"NoLowDiskSpaceChecks"=1
"NoRecentDocsMenu"=1
"NoRecentDocsHistory"=1
"NoSMConfigurePrograms"=1

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145
"NoLowDiskSpaceChecks"=1
"NoRecentDocsMenu"=1
"NoRecentDocsHistory"=1
"NoSMConfigurePrograms"=1

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145
"NoLowDiskSpaceChecks"=1
"NoRecentDocsMenu"=1
"NoRecentDocsHistory"=1
"NoSMConfigurePrograms"=1

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145
"NoLowDiskSpaceChecks"=1
"NoRecentDocsMenu"=1
"NoRecentDocsHistory"=1
"NoSMConfigurePrograms"=1

[HKEY_USERS\S-1-5-21-1220945662-630328440-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145
"NoLowDiskSpaceChecks"=1
"NoRecentDocsMenu"=1
"NoRecentDocsHistory"=1
"NoSMConfigurePrograms"=1

========== (O9) IE Extensions ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}: Menu: Sun Java Console -- %ProgramFiles%\Java\jre1.5.0_04\bin\npjpi150_04.dll [2005/06/03 04:09:54 | 00,069,746 | ---- | M] (Sun Microsystems, Inc.)
{e2e2dd38-d088-4134-82b7-f2ba38496583}: Menu: @xpsp3res.dll,-20001 -- %SystemRoot%\Network Diagnostic\xpnetdiag.exe [2006/11/23 14:44:28 | 00,557,568 | ---- | M] (Microsoft Corporation)

========== (O12) Internet Explorer Plugins ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\]
PluginsPage: "" = http://activex.microsoft.com/controls/find...=%s&mime=%s
PluginsPageFriendlyName: "" = Microsoft ActiveX Gallery

========== (O13) Default Prefixes ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix]
""=http://

========== (O15) Trusted Sites ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
1 domain(s) and sub-domain(s) not assigned to a zone.

========== (O16) DPF ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\]
{6414512B-B978-451D-A0D8-FCFDF33E833C}: http://www.update.microsoft.com/microsoftu...b?1226523359062 -- WUWebControl Class
{6E32070A-766D-4EE6-879C-DC1FA91D2FC3}: http://www.update.microsoft.com/microsoftu...b?1226522877437 -- MUWebControl Class
{8AD9C840-044E-11D1-B3E9-00805F499D93}: http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab -- Java Plug-in 1.5.0_04
{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA}: http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab -- Java Plug-in 1.5.0_04
{D27CDB6E-AE6D-11CF-96B8-444553540000}: http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab -- Shockwave Flash Object

========== (O17) DNS Name Servers ==========

{57474412-D279-4178-A80B-26CB8C1979AC} (Servers: | Description: NVIDIA nForce Networking Controller)

========== (O20) AppInit_DLLs ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_Dlls"=avgrsstx.dll
>[2008/11/13 14:40:42 | 00,010,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\system32\avgrsstx.dll

========== Safeboot Options ==========

"AlternateShell"=cmd.exe

========== CDRom AutoRun Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]
"AutoRun" = 1

========== Autorun Files on Drives ==========

AUTOEXEC.BAT []
[2008/11/13 03:07:28 | 00,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT -- [ FAT32 ]

autorun.inf [[autorun] | shellexecute="resycled\boot.com d:" | shell\Open\command="resycled\boot.com d:" | shell=Open | ]
[2008/11/12 07:03:44 | 00,000,103 | RHS- | M] () -- D:\autorun.inf -- [ FAT32 ]

autorun.inf [[autorun] | shellexecute="resycled\boot.com e:" | shell\Open\command="resycled\boot.com e:" | shell=Open | ]
[2008/11/12 07:03:44 | 00,000,103 | RHS- | M] () -- E:\autorun.inf -- [ FAT32 ]

autorun.inf []
[2008/11/12 07:04:45 | 00,000,103 | RHS- | M] () -- F:\autorun.inf -- [ NTFS ]

========== MountPoints2 ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{83f0b2d3-b12c-11dd-9883-806d6172696f}\Shell]
""=Autorun

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{83f0b2d3-b12c-11dd-9883-806d6172696f}\Shell\AutoRun]
""=Auto&Play


[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{83f0b2d3-b12c-11dd-9883-806d6172696f}\Shell\AutoRun\command]
""=C:\WINDOWS\system32\Shell32.DLL -- [2006/12/16 14:42:30 | 10,846,208 | ---- | M] (Microsoft Corporation)


[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{83f0b2d3-b12c-11dd-9883-806d6172696f}\Shell\Open\command]
""=D:\resycled\boot.com -- [2008/11/12 02:28:58 | 00,000,000 | RHS- | M] ()

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{83f0b2d4-b12c-11dd-9883-806d6172696f}\Shell]
""=Autorun

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{83f0b2d4-b12c-11dd-9883-806d6172696f}\Shell\AutoRun]
""=Auto&Play


[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{83f0b2d4-b12c-11dd-9883-806d6172696f}\Shell\AutoRun\command]
""=C:\WINDOWS\system32\Shell32.DLL -- [2006/12/16 14:42:30 | 10,846,208 | ---- | M] (Microsoft Corporation)


[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{83f0b2d4-b12c-11dd-9883-806d6172696f}\Shell\Open\command]
""=E:\resycled\boot.com -- [2008/11/12 02:28:58 | 00,000,000 | RHS- | M] ()

========== Files/Folders - Created Within 30 Days ==========

[1 C:\WINDOWS\System32\*.tmp files]
[3 C:\WINDOWS\*.tmp files]
[2008/11/16 14:36:47 | 00,422,400 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\TheOnlyOn3\Desktop\OTViewIt.exe
[2008/11/16 12:33:18 | 05,091,490 | ---- | C] () -- C:\Documents and Settings\TheOnlyOn3\Desktop\We Rock-Camp Rock.flv
[2008/11/16 12:04:37 | 07,499,007 | ---- | C] () -- C:\Documents and Settings\TheOnlyOn3\Desktop\This Is Me-Camp Rock.flv
[2008/11/15 15:11:52 | 00,388,960 | ---- | C] () -- C:\Documents and Settings\TheOnlyOn3\Desktop\File0001.jpg
[2008/11/15 15:09:31 | 00,000,029 | ---- | C] () -- C:\WINDOWS\DEBUGSM.INI
[2008/11/15 15:09:28 | 00,000,000 | ---D | C] -- C:\Documents and Settings\TheOnlyOn3\Application Data\Smart Panel
[2008/11/15 15:07:48 | 00,000,000 | ---D | C] -- C:\WINDOWS\EPSON CardMonitor Essential
[2008/11/15 15:07:29 | 00,000,000 | ---D | C] -- C:\WINDOWS\EPSON PhotoStarter Essential
[2008/11/15 15:07:04 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\UDL
[2008/11/15 15:06:32 | 00,131,072 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\WINDOWS\System32\Epcmlib.dll
[2008/11/15 15:03:22 | 00,001,479 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\EPSON Smart Panel.lnk
[2008/11/15 15:02:02 | 00,096,768 | ---- | C] () -- C:\WINDOWS\SlantAdj.dll
[2008/11/15 15:02:02 | 00,073,216 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\WINDOWS\ADE.DLL
[2008/11/15 15:02:02 | 00,003,136 | ---- | C] () -- C:\WINDOWS\Ade001.bin
[2008/11/15 15:02:02 | 00,000,072 | ---- | C] () -- C:\WINDOWS\System32\epDPE.ini
[2008/11/15 15:01:52 | 00,000,000 | ---D | C] -- C:\Program Files\Smart Panel
[2008/11/15 15:00:58 | 00,413,696 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\WINDOWS\System32\PICSDK.dll
[2008/11/15 15:00:58 | 00,114,688 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\WINDOWS\System32\EpPicPrt.dll
[2008/11/15 15:00:58 | 00,065,536 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\WINDOWS\System32\EPPicMgr.dll
[2008/11/15 15:00:58 | 00,038,028 | ---- | C] () -- C:\WINDOWS\System32\EPPICPrinterDB.dat
[2008/11/15 15:00:58 | 00,027,030 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern1.dat
[2008/11/15 15:00:58 | 00,013,230 | ---- | C] () -- C:\WINDOWS\System32\EPPICLocal_EN.cfg
[2008/11/15 15:00:58 | 00,000,022 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2008/11/15 15:00:19 | 00,079,622 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\WINDOWS\System32\E_FLM9BE.DLL
[2008/11/15 15:00:19 | 00,064,000 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\WINDOWS\System32\E_FBCB9BE.DLL
[2008/11/15 15:00:19 | 00,034,304 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\WINDOWS\System32\E_FBCH9BE.DLL
[2008/11/15 15:00:19 | 00,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\E_DCINST.DLL
[2008/11/15 15:00:14 | 00,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbprint.sys
[2008/11/15 15:00:09 | 00,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbscan.sys
[2008/11/15 15:00:04 | 00,031,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbccgp.sys
[2008/11/15 14:58:49 | 00,000,000 | ---D | C] -- C:\Program Files\epson
[2008/11/15 14:58:47 | 00,022,528 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\esccmd.dll
[2008/11/15 14:58:46 | 00,046,080 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\escimgd.dll
[2008/11/15 14:58:46 | 00,029,184 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\escwiadn.dll
[2008/11/15 14:58:17 | 00,000,027 | ---- | C] () -- C:\WINDOWS\CDE CX3600E.ini
[2008/11/15 12:17:00 | 00,000,000 | ---D | C] -- C:\Documents and Settings\TheOnlyOn3\Desktop\SROmap
[2008/11/15 10:41:04 | 00,174,465 | ---- | C] () -- C:\Documents and Settings\TheOnlyOn3\Desktop\SRO[2008-10-02 11-11-42]_72.jpg
[2008/11/14 16:07:22 | 00,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmpns.dll
[2008/11/14 12:18:12 | 00,000,000 | ---D | C] -- C:\Documents and Settings\TheOnlyOn3\Application Data\Adobe
[2008/11/14 11:44:32 | 00,032,564 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2008/11/14 08:22:00 | 00,004,608 | ---- | C] () -- C:\Documents and Settings\TheOnlyOn3\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/11/14 05:22:24 | 00,000,468 | ---- | C] () -- C:\Documents and Settings\TheOnlyOn3\Desktop\SROKiller(Modern).exe.lnk
[2008/11/14 05:17:57 | 01,677,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\chsbrkr.dll
[2008/11/14 05:17:57 | 00,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\chtbrkr.dll
[2008/11/14 05:17:57 | 00,001,486 | ---- | C] () -- C:\WINDOWS\System32\noise.kor
[2008/11/14 05:17:56 | 01,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msir3jp.lex
[2008/11/14 05:17:56 | 01,158,818 | ---- | C] () -- C:\WINDOWS\System32\korwbrkr.lex
[2008/11/14 05:17:56 | 00,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msir3jp.dll
[2008/11/14 05:17:56 | 00,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\korwbrkr.dll
[2008/11/14 05:17:56 | 00,002,060 | ---- | C] () -- C:\WINDOWS\System32\noise.jpn
[2008/11/14 05:17:47 | 00,211,938 | ---- | C] () -- C:\WINDOWS\System32\lcphrase.tbl
[2008/11/14 05:17:47 | 00,146,126 | ---- | C] () -- C:\WINDOWS\System32\array30.tab
[2008/11/14 05:17:47 | 00,110,566 | ---- | C] () -- C:\WINDOWS\System32\arphr.tbl
[2008/11/14 05:17:47 | 00,043,242 | ---- | C] () -- C:\WINDOWS\System32\phoncode.tbl
[2008/11/14 05:17:47 | 00,024,114 | ---- | C] () -- C:\WINDOWS\System32\lcptr.tbl
[2008/11/14 05:17:47 | 00,018,600 | ---- | C] () -- C:\WINDOWS\System32\arrayhw.tab
[2008/11/14 05:17:47 | 00,016,312 | ---- | C] () -- C:\WINDOWS\System32\arptr.tbl
[2008/11/14 05:17:47 | 00,004,071 | ---- | C] () -- C:\WINDOWS\System32\phon.tbl
[2008/11/14 05:17:47 | 00,002,714 | ---- | C] () -- C:\WINDOWS\System32\phonptr.tbl
[2008/11/14 05:17:47 | 00,000,520 | ---- | C] () -- C:\WINDOWS\System32\dayiphr.tbl
[2008/11/14 05:17:46 | 00,116,285 | ---- | C] () -- C:\WINDOWS\System32\msdayi.tbl
[2008/11/14 05:17:46 | 00,044,370 | ---- | C] () -- C:\WINDOWS\System32\acode.tbl
[2008/11/14 05:17:46 | 00,044,370 | ---- | C] () -- C:\WINDOWS\System32\a234.tbl
[2008/11/14 05:17:46 | 00,001,460 | ---- | C] () -- C:\WINDOWS\System32\a15.tbl
[2008/11/14 05:17:46 | 00,000,700 | ---- | C] () -- C:\WINDOWS\System32\dayiptr.tbl
[2008/11/14 05:17:40 | 01,783,864 | ---- | C] () -- C:\WINDOWS\System32\WINPY.MB
[2008/11/14 05:17:40 | 01,564,868 | ---- | C] () -- C:\WINDOWS\System32\WINSP.MB
[2008/11/14 05:17:40 | 01,223,500 | ---- | C] () -- C:\WINDOWS\System32\WINZM.MB
[2008/11/14 05:17:39 | 00,218,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\c_g18030.dll
[2008/11/14 05:17:38 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbd101a.dll
[2008/11/14 05:17:29 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdnecAT.dll
[2008/11/14 05:17:29 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdnecNT.dll
[2008/11/14 05:17:29 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdnec95.dll
[2008/11/14 05:17:29 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlk41a.dll
[2008/11/14 05:17:29 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlk41j.dll
[2008/11/14 05:17:28 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdibm02.dll
[2008/11/14 05:17:28 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\f3ahvoas.dll
[2008/11/14 05:17:28 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdax2.dll
[2008/11/14 05:17:28 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbd106n.dll
[2008/11/14 05:17:28 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbd101.dll
[2008/11/14 05:17:05 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\c_is2022.dll
[2008/11/14 05:17:04 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\WINGB.IME
[2008/11/14 05:16:04 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\CINTLGNT.IME
[2008/11/14 05:16:02 | 00,571,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\TINTLGNT.IME
[2008/11/14 05:16:02 | 00,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winar30.ime
[2008/11/14 05:16:02 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\quick.ime
[2008/11/14 05:15:54 | 00,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\phon.ime
[2008/11/14 05:15:54 | 00,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dayi.ime
[2008/11/14 05:15:54 | 00,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\chajei.ime
[2008/11/14 05:15:54 | 00,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\uniime.dll
[2008/11/14 05:15:54 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winime.ime
[2008/11/14 05:15:54 | 00,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\unicdime.ime
[2008/11/14 05:15:54 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\romanime.ime
[2008/11/14 05:15:54 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\miniime.tpl
[2008/11/14 05:15:47 | 00,482,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\PINTLGNT.IME
[2008/11/14 05:15:47 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\WINZM.IME
[2008/11/14 05:15:47 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\WINSP.IME
[2008/11/14 05:15:47 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\WINPY.IME
[2008/11/14 05:15:47 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\imekr61.ime
[2008/11/14 05:15:46 | 00,811,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\imjp81k.dll
[2008/11/14 05:15:46 | 00,340,023 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\imjp81.ime
[2008/11/14 05:15:41 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdjpn.dll
[2008/11/14 05:15:41 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkor.dll
[2008/11/14 05:15:41 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbd106.dll
[2008/11/14 05:15:41 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbd101c.dll
[2008/11/14 05:15:41 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbd101b.dll
[2008/11/14 05:15:41 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbd103.dll
[2008/11/13 22:58:26 | 00,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat
[2008/11/13 22:58:22 | 00,000,000 | ---D | C] -- C:\Documents and Settings\TheOnlyOn3\Application Data\Wildfire
[2008/11/13 15:58:25 | 00,000,000 | ---D | C] -- C:\Documents and Settings\TheOnlyOn3\Local Settings\Application Data\Apple Computer
[2008/11/13 15:58:25 | 00,000,000 | ---D | C] -- C:\Documents and Settings\TheOnlyOn3\Application Data\Apple Computer
[2008/11/13 15:01:49 | 00,000,043 | ---- | C] () -- C:\Documents and Settings\TheOnlyOn3\Desktop\iniupdater.ini
[2008/11/13 14:56:07 | 00,000,822 | ---- | C] () -- C:\Documents and Settings\TheOnlyOn3\My Documents\My Sharing Folders.lnk
[2008/11/13 14:55:28 | 00,001,731 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Windows Live Messenger .lnk
[2008/11/13 14:54:47 | 00,525,824 | ---- | C] (Nube Coder) -- C:\Documents and Settings\TheOnlyOn3\Desktop\iniUpdater.exe
[2008/11/13 14:40:57 | 00,000,000 | -HSD | C] -- C:\Program Files\Common Files\WindowsLiveInstaller
[2008/11/13 14:40:41 | 00,076,040 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2008/11/13 14:40:41 | 00,010,520 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2008/11/13 14:40:41 | 00,001,411 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AVG Free 8.0.lnk
[2008/11/13 14:40:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\WLInstaller
[2008/11/13 14:40:37 | 00,097,928 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2008/11/13 14:40:37 | 00,026,824 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
[2008/11/13 14:40:36 | 30,137,019 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2008/11/13 14:40:36 | 06,061,540 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\avi7.avg
[2008/11/13 14:40:36 | 00,334,743 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\miniavi.avg
[2008/11/13 14:40:36 | 00,031,102 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg
[2008/11/13 14:40:36 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\Avg
[2008/11/13 14:40:33 | 00,000,000 | ---D | C] -- C:\Program Files\AVG
[2008/11/13 14:40:33 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\avg8
[2008/11/13 14:38:16 | 00,001,496 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Safari.lnk
[2008/11/13 14:38:09 | 00,000,000 | ---D | C] -- C:\Program Files\Safari
[2008/11/13 14:38:03 | 00,032,768 | ---- | C] (NextSecurity.NET) -- C:\WINDOWS\System32\drivers\nspacket.sys
[2008/11/13 14:38:03 | 00,000,651 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Launch WinArpSpoofer.lnk
[2008/11/13 14:38:03 | 00,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2008/11/13 14:38:03 | 00,000,000 | ---D | C] -- C:\Program Files\NextSecurity.NET
[2008/11/13 14:38:01 | 00,000,000 | ---D | C] -- C:\Documents and Settings\TheOnlyOn3\Local Settings\Application Data\Apple
[2008/11/13 14:37:59 | 00,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2008/11/13 14:37:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple
[2008/11/13 14:28:24 | 00,000,000 | ---D | C] -- C:\Documents and Settings\TheOnlyOn3\Application Data\Media Player Classic
[2008/11/13 11:57:33 | 00,159,458 | ---- | C] () -- C:\WINDOWS\System32\nvapps.nvb
[2008/11/13 11:55:37 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Messenger Plus!
[2008/11/13 07:53:39 | 05,881,218 | -H-- | C] () -- C:\Documents and Settings\TheOnlyOn3\Local Settings\Application Data\IconCache.db
[2008/11/13 07:48:09 | 00,026,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\USBSTOR.SYS
[2008/11/13 04:34:55 | 00,000,000 | ---D | C] -- C:\Documents and Settings\TheOnlyOn3\My Documents\My Chat Logs
[2008/11/13 04:34:32 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2008/11/13 04:34:31 | 00,000,000 | ---D | C] -- C:\Program Files\Messenger Plus! Live
[2008/11/13 04:11:53 | 00,000,000 | ---D | C] -- C:\Documents and Settings\TheOnlyOn3\My Documents\My Received Files
[2008/11/13 04:11:36 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
[2008/11/13 04:11:31 | 00,000,000 | ---D | C] -- C:\Program Files\MSN Messenger
[2008/11/13 03:57:06 | 00,034,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll.mui
[2008/11/13 03:57:05 | 00,025,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaucpl.cpl.mui
[2008/11/13 03:57:05 | 00,025,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll.mui
[2008/11/13 03:57:05 | 00,020,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng.dll.mui
[2008/11/13 03:57:05 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2008/11/13 03:44:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\TheOnlyOn3\Local Settings\Application Data\WMTools Downloaded Files
[2008/11/13 03:44:31 | 00,000,000 | R--D | C] -- C:\Documents and Settings\TheOnlyOn3\My Documents\My Videos
[2008/11/13 03:42:38 | 00,000,395 | ---- | C] () -- C:\Documents and Settings\TheOnlyOn3\Desktop\ScreenShot.lnk
[2008/11/13 03:41:45 | 00,000,441 | ---- | C] () -- C:\Documents and Settings\TheOnlyOn3\Desktop\Silkroad.lnk
[2008/11/13 03:41:40 | 00,000,493 | ---- | C] () -- C:\Documents and Settings\TheOnlyOn3\Desktop\Loader.lnk
[2008/11/13 03:41:40 | 00,000,433 | ---- | C] () -- C:\Documents and Settings\TheOnlyOn3\Desktop\Loader(Testosterone).lnk
[2008/11/13 03:41:34 | 00,000,493 | ---- | C] () -- C:\Documents and Settings\TheOnlyOn3\Desktop\srobot.lnk
[2008/11/13 03:38:23 | 00,000,000 | ---D | C] -- C:\Documents and Settings\TheOnlyOn3\Application Data\Ventrilo
[2008/11/13 03:38:18 | 00,000,534 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Ventrilo.lnk
[2008/11/13 03:38:18 | 00,000,000 | ---D | C] -- C:\Program Files\Ventrilo
[2008/11/13 03:38:08 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2008/11/13 03:37:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\TheOnlyOn3\Desktop\new songs
[2008/11/13 03:34:38 | 00,000,000 | ---D | C] -- C:\Program Files\Java
[2008/11/13 03:34:38 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2008/11/13 03:34:27 | 00,000,000 | ---D | C] -- C:\Documents and Settings\TheOnlyOn3\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}
[2008/11/13 03:33:49 | 00,000,000 | ---D | C] -- C:\Documents and Settings\TheOnlyOn3\Application Data\Macromedia
[2008/11/13 03:32:57 | 00,001,872 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Steam.lnk
[2008/11/13 03:32:57 | 00,000,000 | ---D | C] -- C:\Program Files\Steam
[2008/11/13 03:31:34 | 00,000,025 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2008/11/13 03:31:19 | 01,213,440 | ---- | C] () -- C:\WINDOWS\System32\opengl.dll
[2008/11/13 03:31:19 | 00,315,904 | ---- | C] () -- C:\WINDOWS\System32\glu.dll
[2008/11/13 03:31:18 | 00,000,000 | ---D | C] -- C:\OGLSDK
[2008/11/13 03:29:17 | 00,299,008 | ---- | C] (InstallShield Corporation, Inc.) -- C:\WINDOWS\uninst.exe
[2008/11/13 03:28:26 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared
[2008/11/13 03:28:17 | 00,499,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcp71.dll
[2008/11/13 03:28:16 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Real
[2008/11/13 03:28:14 | 00,000,000 | ---D | C] -- C:\Program Files\Real
[2008/11/13 03:25:36 | 00,000,000 | ---D | C] -- C:\Program Files\Winamp
[2008/11/13 03:25:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\TheOnlyOn3\Application Data\Winamp
[2008/11/13 03:25:10 | 00,000,000 | ---D | C] -- C:\Program Files\BitComet
[2008/11/13 03:24:52 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Yahoo!
[2008/11/13 03:24:45 | 00,000,716 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Yahoo! Messenger.lnk
[2008/11/13 03:24:39 | 00,000,000 | ---D | C] -- C:\Program Files\Yahoo!
[2008/11/13 03:23:53 | 00,000,000 | R-SD | C] -- C:\WINDOWS\assembly
[2008/11/13 03:23:35 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups
[2008/11/13 03:23:20 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2008/11/13 03:23:11 | 00,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET
[2008/11/13 03:22:22 | 00,000,000 | ---D | C] -- C:\NVIDIA
[2008/11/13 03:21:58 | 00,278,528 | ---- | C] (Real Networks, Inc) -- C:\WINDOWS\System32\pncrt.dll
[2008/11/13 03:21:58 | 00,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2008/11/13 03:21:51 | 00,000,414 | ---- | C] () -- C:\WINDOWS\System32\lame_acm.xml
[2008/11/13 03:21:51 | 00,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2008/11/13 03:21:50 | 00,389,120 | ---- | C] (http://www.mp3dev.org/) -- C:\WINDOWS\System32\lameACM.acm
[2008/11/13 03:21:50 | 00,217,088 | ---- | C] (www.helixcommunity.org) -- C:\WINDOWS\System32\yv12vfw.dll
[2008/11/13 03:21:50 | 00,118,784 | ---- | C] (fccHandler) -- C:\WINDOWS\System32\ac3acm.acm
[2008/11/13 03:21:49 | 00,755,027 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2008/11/13 03:21:49 | 00,159,839 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2008/11/13 03:21:48 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008/11/13 03:21:48 | 00,081,920 | ---- | C] (DivX, Inc.) -- C:\WINDOWS\System32\dpl100.dll
[2008/11/13 03:21:45 | 00,682,496 | ---- | C] (DivX, Inc.) -- C:\WINDOWS\System32\divx.dll
[2008/11/13 03:21:40 | 00,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2008/11/13 03:21:39 | 00,348,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcr71.dll
[2008/11/13 03:21:39 | 00,000,000 | ---D | C] -- C:\Program Files\K-Lite Codec Pack
[2008/11/13 03:21:39 | 00,000,000 | ---D | C] -- C:\Documents and Settings\TheOnlyOn3\Local Settings\Application Data\Real
[2008/11/13 03:21:39 | 00,000,000 | ---D | C] -- C:\Documents and Settings\TheOnlyOn3\Application Data\Real
[2008/11/13 03:21:39 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Real
[2008/11/13 03:19:43 | 00,000,000 | -HSD | C] -- C:\Recycled
[2008/11/13 03:17:11 | 00,034,616 | ---- | C] () -- C:\Documents and Settings\TheOnlyOn3\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2008/11/13 03:17:06 | 00,940,794 | ---- | C] () -- C:\WINDOWS\System32\LoopyMusic.wav
[2008/11/13 03:17:06 | 00,146,650 | ---- | C] () -- C:\WINDOWS\System32\BuzzingBee.wav
[2008/11/13 03:17:05 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Lang
[2008/11/13 03:16:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\TheOnlyOn3\Application Data\Identities
[2008/11/13 03:16:39 | 00,000,081 | -HS- | C] () -- C:\Documents and Settings\TheOnlyOn3\My Documents\desktop.ini
[2008/11/13 03:16:39 | 00,000,000 | R--D | C] -- C:\Documents and Settings\TheOnlyOn3\My Documents\My Pictures
[2008/11/13 03:16:39 | 00,000,000 | R--D | C] -- C:\Documents and Settings\TheOnlyOn3\My Documents\My Music
[2008/11/13 03:16:39 | 00,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
[2008/11/13 03:15:57 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\TheOnlyOn3\Application Data\desktop.ini
[2008/11/13 03:15:56 | 00,000,084 | -HS- | C] () -- C:\Documents and Settings\TheOnlyOn3\Start Menu\Programs\Startup\desktop.ini
[2008/11/13 03:15:56 | 00,000,000 | --SD | C] -- C:\Documents and Settings\TheOnlyOn3\Application Data\Microsoft
[2008/11/13 03:15:56 | 00,000,000 | ---D | C] -- C:\Documents and Settings\TheOnlyOn3\Local Settings\Application Data\Microsoft
[2008/11/13 03:15:55 | 21,468,81536 | -HS- | C] () -- C:\hiberfil.sys
[2008/11/13 03:12:56 | 00,000,000 | -HSD | C] -- C:\System Volume Information
[2008/11/13 03:12:49 | 00,000,006 | -H-- | C] () -- C:\WINDOWS\tasks\SA.DAT
[2008/11/13 03:12:49 | 00,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2008/11/13 03:12:48 | 00,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft
[2008/11/13 03:12:43 | 00,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2008/11/13 03:11:28 | 00,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2008/11/13 03:09:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2008/11/13 03:09:54 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US
[2008/11/13 03:09:29 | 00,022,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spupdsvc.exe
[2008/11/13 03:09:14 | 00,014,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2008/11/13 03:09:13 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$
[2008/11/13 03:07:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2008/11/13 03:07:41 | 00,074,715 | ---- | C] () -- C:\WINDOWS\System32\IE7Eula.rtf
[2008/11/13 03:07:39 | 01,383,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.tlb
[2008/11/13 03:07:39 | 00,066,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdc.ocx
[2008/11/13 03:07:39 | 00,008,798 | ---- | C] () -- C:\WINDOWS\System32\icrav03.rat
[2008/11/13 03:07:39 | 00,001,988 | ---- | C] () -- C:\WINDOWS\System32\ticrf.rat
[2008/11/13 03:07:38 | 01,162,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\urlmon.dll
[2008/11/13 03:07:38 | 00,991,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ieframe.dll.mui
[2008/11/13 03:07:38 | 00,818,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wininet.dll
[2008/11/13 03:07:38 | 00,765,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\VGX.dll
[2008/11/13 03:07:38 | 00,622,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iexplore.exe
[2008/11/13 03:07:38 | 00,413,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vbscript.dll
[2008/11/13 03:07:38 | 00,231,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\webcheck.dll
[2008/11/13 03:07:38 | 00,206,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\WinFXDocObj.exe
[2008/11/13 03:07:38 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedw.exe
[2008/11/13 03:07:38 | 00,054,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ie4uinit.exe
[2008/11/13 03:07:38 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshta.exe
[2008/11/13 03:07:38 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ieudinit.exe
[2008/11/13 03:07:38 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeedssync.exe
[2008/11/13 03:07:38 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\advpack.dll.mui
[2008/11/13 03:07:37 | 01,497,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shdocvw.dll
[2008/11/13 03:07:37 | 00,670,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstime.dll
[2008/11/13 03:07:37 | 00,475,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtmled.dll
[2008/11/13 03:07:37 | 00,474,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shlwapi.dll
[2008/11/13 03:07:37 | 00,192,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msrating.dll
[2008/11/13 03:07:37 | 00,156,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msls31.dll
[2008/11/13 03:07:37 | 00,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\url.dll
[2008/11/13 03:07:37 | 00,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\occache.dll
[2008/11/13 03:07:37 | 00,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtmler.dll
[2008/11/13 03:07:37 | 00,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pngfilt.dll
[2008/11/13 03:07:36 | 03,577,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll
[2008/11/13 03:07:36 | 00,491,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jscript.dll
[2008/11/13 03:07:36 | 00,458,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeeds.dll
[2008/11/13 03:07:36 | 00,266,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\iertutil.dll
[2008/11/13 03:07:36 | 00,191,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iepeers.dll
[2008/11/13 03:07:36 | 00,180,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ieui.dll
[2008/11/13 03:07:36 | 00,092,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inseng.dll
[2008/11/13 03:07:36 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iesetup.dll
[2008/11/13 03:07:36 | 00,050,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeedsbs.dll
[2008/11/13 03:07:36 | 00,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iernonce.dll
[2008/11/13 03:07:36 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\licmgr10.dll
[2008/11/13 03:07:36 | 00,036,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imgutil.dll
[2008/11/13 03:07:36 | 00,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsproxy.dll
[2008/11/13 03:07:35 | 06,049,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ieframe.dll
[2008/11/13 03:07:35 | 00,382,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedkcs32.dll
[2008/11/13 03:07:35 | 00,380,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ieapfltr.dll
[2008/11/13 03:07:35 | 00,346,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dxtmsft.dll
[2008/11/13 03:07:35 | 00,229,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieaksie.dll
[2008/11/13 03:07:35 | 00,214,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dxtrans.dll
[2008/11/13 03:07:35 | 00,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieakui.dll
[2008/11/13 03:07:35 | 00,152,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieakeng.dll
[2008/11/13 03:07:35 | 00,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\extmgr.dll
[2008/11/13 03:07:35 | 00,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieencode.dll
[2008/11/13 03:07:35 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icardie.dll
[2008/11/13 03:07:35 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hmmapi.dll
[2008/11/13 03:07:35 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\custsat.dll
[2008/11/13 03:07:35 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\corpol.dll
[2008/11/13 03:07:34 | 02,451,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ieapfltr.dat
[2008/11/13 03:07:34 | 01,817,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcpl.cpl
[2008/11/13 03:07:34 | 01,022,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\browseui.dll
[2008/11/13 03:07:34 | 00,123,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\advpack.dll
[2008/11/13 03:07:34 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admparse.dll
[2008/11/13 03:07:26 | 00,002,577 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT
[2008/11/13 03:07:26 | 00,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2008/11/13 03:07:26 | 00,000,000 | RHS- | C] () -- C:\IO.SYS
[2008/11/13 03:07:26 | 00,000,000 | ---- | C] () -- C:\WINDOWS\control.ini
[2008/11/13 03:07:26 | 00,000,000 | ---- | C] () -- C:\CONFIG.SYS
[2008/11/13 03:07:26 | 00,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT
[2008/11/13 03:07:23 | 00,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2008/11/13 03:07:23 | 00,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2008/11/13 03:07:21 | 00,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2008/11/13 03:07:12 | 00,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mapi32.dll
[2008/11/13 03:07:12 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\dllcache
[2008/11/13 03:06:18 | 00,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages
[2008/11/13 03:06:17 | 00,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files
[2008/11/13 03:06:06 | 00,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate
[2008/11/13 03:06:02 | 00,000,000 | ---D | C] -- C:\Program Files\Online Services
[2008/11/13 03:05:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX
[2008/11/13 03:05:29 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\atrace.dll
[2008/11/13 03:05:27 | 00,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2008/11/13 03:05:27 | 00,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2008/11/13 03:05:27 | 00,000,002 | ---- | C] () -- C:\WINDOWS\System32\desktop.ini
[2008/11/13 03:05:27 | 00,000,002 | ---- | C] () -- C:\WINDOWS\desktop.ini
[2008/11/13 03:05:21 | 00,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\acctres.dll
[2008/11/13 03:05:21 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Services
[2008/11/13 03:05:19 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icfgnt5.dll
[2008/11/13 03:05:19 | 00,000,065 | RH-- | C] () -- C:\WINDOWS\tasks\desktop.ini
[2008/11/13 03:05:19 | 00,000,000 | --SD | C] -- C:\WINDOWS\Tasks
[2008/11/13 03:05:18 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap
[2008/11/13 03:05:15 | 00,000,000 | ---D | C] -- C:\WINDOWS\srchasst
[2008/11/13 03:05:13 | 00,325,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll
[2008/11/13 03:05:13 | 00,203,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuweb.dll
[2008/11/13 03:05:13 | 00,194,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng1.dll
[2008/11/13 03:05:13 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauserv.dll
[2008/11/13 03:05:12 | 01,712,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng.dll
[2008/11/13 03:05:12 | 00,549,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll
[2008/11/13 03:05:12 | 00,382,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qmgr.dll
[2008/11/13 03:05:12 | 00,216,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaucpl.cpl
[2008/11/13 03:05:12 | 00,172,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauclt1.exe
[2008/11/13 03:05:12 | 00,053,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauclt.exe
[2008/11/13 03:05:12 | 00,033,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wups.dll
[2008/11/13 03:05:12 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qmgrprxy.dll
[2008/11/13 03:05:12 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx2.dll
[2008/11/13 03:05:12 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx3.dll
[2008/11/13 03:05:09 | 00,000,000 | ---D | C] -- C:\Program Files\Movie Maker
[2008/11/13 03:05:06 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrslv.dll
[2008/11/13 03:05:06 | 00,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrdm.dll
[2008/11/13 03:05:05 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrcdlg.dll
[2008/11/13 03:05:05 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\racpldlg.dll
[2008/11/13 03:05:02 | 00,239,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srrstr.dll
[2008/11/13 03:05:02 | 00,170,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srsvc.dll
[2008/11/13 03:05:02 | 00,128,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\fltMgr.sys
[2008/11/13 03:05:02 | 00,073,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sr.sys
[2008/11/13 03:05:02 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srclient.dll
[2008/11/13 03:05:02 | 00,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fltMc.exe
[2008/11/13 03:05:02 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fltlib.dll
[2008/11/13 03:05:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore
[2008/11/13 03:05:01 | 00,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoeacct.dll
[2008/11/13 03:05:01 | 00,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoert2.dll
[2008/11/13 03:05:00 | 00,679,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcomm.dll
[2008/11/13 03:05:00 | 00,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetres.dll
[2008/11/13 03:04:59 | 00,274,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstask.dll
[2008/11/13 03:04:59 | 00,190,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\schedsvc.dll
[2008/11/13 03:04:59 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstinit.exe
[2008/11/13 03:04:59 | 00,000,000 | ---D | C] -- C:\Program Files\Outlook Express
[2008/11/13 03:04:58 | 00,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcfg.dll
[2008/11/13 03:04:58 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\isign32.dll
[2008/11/13 03:04:58 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwdial.dll
[2008/11/13 03:04:58 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwphbk.dll
[2008/11/13 03:04:54 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\System
[2008/11/13 03:04:52 | 00,000,000 | ---D | C] -- C:\Program Files\Internet Explorer
[2008/11/13 03:04:48 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Pictures
[2008/11/13 03:04:21 | 00,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008/11/13 03:04:10 | 00,000,000 | ---D | C] -- C:\Program Files\ComPlus Applications
[2008/11/13 03:04:08 | 00,000,037 | ---- | C] () -- C:\WINDOWS\vbaddin.ini
[2008/11/13 03:04:08 | 00,000,036 | ---- | C] () -- C:\WINDOWS\vb.ini
[2008/11/13 03:04:05 | 00,000,000 | ---D | C] -- C:\WINDOWS\Registration
[2008/11/13 03:03:52 | 00,172,032 | ---- | C] () -- C:\WINDOWS\System32\LClock.cpl
[2008/11/13 03:03:50 | 00,000,000 | ---D | C] -- C:\Program Files\LClock
[2008/11/13 03:03:36 | 00,121,089 | ---- | C] () -- C:\WINDOWS\System32\vsdrv.exe
[2008/11/13 03:03:36 | 00,009,662 | ---- | C] () -- C:\WINDOWS\System32\s99.ico
[2008/11/13 03:03:36 | 00,009,662 | ---- | C] () -- C:\WINDOWS\System32\s92.ico
[2008/11/13 03:03:36 | 00,009,662 | ---- | C] () -- C:\WINDOWS\System32\s83.ico
[2008/11/13 03:03:35 | 00,009,662 | ---- | C] () -- C:\WINDOWS\System32\s75.ico
[2008/11/13 03:03:35 | 00,009,662 | ---- | C] () -- C:\WINDOWS\System32\s67.ico
[2008/11/13 03:03:35 | 00,009,662 | ---- | C] () -- C:\WINDOWS\System32\s58.ico
[2008/11/13 03:03:35 | 00,009,662 | ---- | C] () -- C:\WINDOWS\System32\s50.ico
[2008/11/13 03:03:35 | 00,009,662 | ---- | C] () -- C:\WINDOWS\System32\s41.ico
[2008/11/13 03:03:35 | 00,009,662 | ---- | C] () -- C:\WINDOWS\System32\s33.ico
[2008/11/13 03:03:35 | 00,009,662 | ---- | C] () -- C:\WINDOWS\System32\s25.ico
[2008/11/13 03:03:35 | 00,009,662 | ---- | C] () -- C:\WINDOWS\System32\s16.ico
[2008/11/13 03:03:35 | 00,009,662 | ---- | C] () -- C:\WINDOWS\System32\s08.ico
[2008/11/13 03:03:35 | 00,009,662 | ---- | C] () -- C:\WINDOWS\System32\99.ico
[2008/11/13 03:03:35 | 00,009,662 | ---- | C] () -- C:\WINDOWS\System32\92.ico
[2008/11/13 03:03:35 | 00,009,662 | ---- | C] () -- C:\WINDOWS\System32\83.ico
[2008/11/13 03:03:35 | 00,009,662 | ---- | C] () -- C:\WINDOWS\System32\75.ico
[2008/11/13 03:03:34 | 00,009,662 | ---- | C] () -- C:\WINDOWS\System32\67.ico
[2008/11/13 03:03:34 | 00,009,662 | ---- | C] () -- C:\WINDOWS\System32\58.ico
[2008/11/13 03:03:34 | 00,009,662 | ---- | C] () -- C:\WINDOWS\System32\50.ico
[2008/11/13 03:03:34 | 00,009,662 | ---- | C] () -- C:\WINDOWS\System32\41.ico
[2008/11/13 03:03:34 | 00,009,662 | ---- | C] () -- C:\WINDOWS\System32\33.ico
[2008/11/13 03:03:34 | 00,009,662 | ---- | C] () -- C:\WINDOWS\System32\25.ico
[2008/11/13 03:03:34 | 00,009,662 | ---- | C] () -- C:\WINDOWS\System32\16.ico
[2008/11/13 03:03:34 | 00,009,662 | ---- | C] () -- C:\WINDOWS\System32\08.ico
[2008/11/13 03:03:34 | 00,009,662 | ---- | C] () -- C:\WINDOWS\System32\00.ico
[2008/11/13 03:03:29 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Media Connect 2
[2008/11/13 03:03:28 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Media Player
[2008/11/13 03:03:27 | 00,000,000 | ---D | C] -- C:\Program Files\HashTab Shell Extension
[2008/11/13 03:03:26 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\write.exe
[2008/11/13 03:03:26 | 00,000,000 | ---D | C] -- C:\Program Files\Unlocker
[2008/11/13 03:03:26 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft PowerToys
[2008/11/13 03:03:18 | 00,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndvol32.exe
[2008/11/13 03:03:18 | 00,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avwav.dll
[2008/11/13 03:03:17 | 00,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avtapi.dll
[2008/11/13 03:03:17 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winchat.exe
[2008/11/13 03:03:17 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avmeter.dll
[2008/11/13 03:03:13 | 00,065,978 | ---- | C] () -- C:\WINDOWS\Soap Bubbles.bmp
[2008/11/13 03:03:13 | 00,065,954 | ---- | C] () -- C:\WINDOWS\Prairie Wind.bmp
[2008/11/13 03:03:13 | 00,065,832 | ---- | C] () -- C:\WINDOWS\Santa Fe Stucco.bmp
[2008/11/13 03:03:13 | 00,026,680 | ---- | C] () -- C:\WINDOWS\River Sumida.bmp
[2008/11/13 03:03:13 | 00,026,582 | ---- | C] () -- C:\WINDOWS\Greenstone.bmp
[2008/11/13 03:03:13 | 00,017,362 | ---- | C] () -- C:\WINDOWS\Rhododendron.bmp
[2008/11/13 03:03:13 | 00,017,336 | ---- | C] () -- C:\WINDOWS\Gone Fishing.bmp
[2008/11/13 03:03:13 | 00,017,062 | ---- | C] () -- C:\WINDOWS\Coffee Bean.bmp
[2008/11/13 03:03:13 | 00,016,730 | ---- | C] () -- C:\WINDOWS\FeatherTexture.bmp
[2008/11/13 03:03:13 | 00,009,522 | ---- | C] () -- C:\WINDOWS\Zapotec.bmp
[2008/11/13 03:03:13 | 00,001,272 | ---- | C] () -- C:\WINDOWS\Blue Lace 16.bmp
[2008/11/13 03:03:12 | 00,605,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\getuname.dll
[2008/11/13 03:03:12 | 00,083,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\charmap.exe
[2008/11/13 03:03:11 | 00,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mshearts.exe
[2008/11/13 03:03:11 | 00,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winmine.exe
[2008/11/13 03:03:11 | 00,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\calc.exe
[2008/11/13 03:03:11 | 00,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sol.exe
[2008/11/13 03:03:11 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\freecell.exe
[2008/11/13 03:03:10 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\regini.exe
[2008/11/13 03:03:10 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qwinsta.exe
[2008/11/13 03:03:10 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msg.exe
[2008/11/13 03:03:10 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsshutdn.exe
[2008/11/13 03:03:10 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qappsrv.exe
[2008/11/13 03:03:10 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tskill.exe
[2008/11/13 03:03:10 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rwinsta.exe
[2008/11/13 03:03:10 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\logoff.exe
[2008/11/13 03:03:10 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsdiscon.exe
[2008/11/13 03:03:10 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscon.exe
[2008/11/13 03:03:10 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\shadow.exe
[2008/11/13 03:03:10 | 00,013,223 | ---- | C] () -- C:\WINDOWS\System32\tslabels.ini
[2008/11/13 03:03:10 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\reset.exe
[2008/11/13 03:03:10 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpcfgex.dll
[2008/11/13 03:03:10 | 00,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h
[2008/11/13 03:03:10 | 00,001,161 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2008/11/13 03:03:09 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxlegih.dll
[2008/11/13 03:03:09 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxdm.dll
[2008/11/13 03:03:09 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cdmodem.dll
[2008/11/13 03:03:09 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dcomcnfg.exe
[2008/11/13 03:03:09 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxex.dll
[2008/11/13 03:03:09 | 00,001,931 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.ini
[2008/11/13 03:03:09 | 00,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h
[2008/11/13 03:03:08 | 00,147,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsnap.dll
[2008/11/13 03:03:08 | 00,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comrepl.dll
[2008/11/13 03:03:08 | 00,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\stclient.dll
[2008/11/13 03:03:08 | 00,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comaddin.dll
[2008/11/13 03:03:04 | 00,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc
[2008/11/13 03:03:03 | 00,183,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\accwiz.exe
[2008/11/13 03:03:03 | 00,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndrec32.exe
[2008/11/13 03:03:03 | 00,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mplay32.exe
[2008/11/13 03:03:03 | 00,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\access.cpl
[2008/11/13 03:03:02 | 00,538,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spider.exe
[2008/11/13 03:03:02 | 00,360,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mspaint.exe
[2008/11/13 03:03:02 | 00,139,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rdpwd.sys
[2008/11/13 03:03:02 | 00,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clipbrd.exe
[2008/11/13 03:03:02 | 00,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscfgwmi.dll
[2008/11/13 03:03:02 | 00,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tdtcp.sys
[2008/11/13 03:03:02 | 00,012,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tdpipe.sys
[2008/11/13 03:03:02 | 00,000,000 | ---D | C] -- C:\Program Files\Windows NT
[2008/11/13 03:03:01 | 00,753,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstscax.dll
[2008/11/13 03:03:01 | 00,420,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstsc.exe
[2008/11/13 03:03:01 | 00,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdchost.dll
[2008/11/13 03:03:01 | 00,140,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sessmgr.exe
[2008/11/13 03:03:01 | 00,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdshost.exe
[2008/11/13 03:03:01 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\remotepg.dll
[2008/11/13 03:03:01 | 00,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscupgrd.exe
[2008/11/13 03:03:01 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdsaddin.exe
[2008/11/13 03:03:00 | 00,427,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcprx.dll
[2008/11/13 03:03:00 | 00,295,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\termsrv.dll
[2008/11/13 03:03:00 | 00,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcuiu.dll
[2008/11/13 03:03:00 | 00,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxoci.dll
[2008/11/13 03:03:00 | 00,087,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpwsx.dll
[2008/11/13 03:03:00 | 00,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpclip.exe
[2008/11/13 03:03:00 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cfgbkend.dll
[2008/11/13 03:03:00 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qprocess.exe
[2008/11/13 03:03:00 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpsnd.dll
[2008/11/13 03:03:00 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icaapi.dll
[2008/11/13 03:03:00 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc
[2008/11/13 03:02:59 | 00,956,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtctm.dll
[2008/11/13 03:02:59 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\colbact.dll
[2008/11/13 03:02:59 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtclog.dll
[2008/11/13 03:02:59 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xolehlp.dll
[2008/11/13 03:02:59 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtc.exe
[2008/11/13 03:02:59 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Com
[2008/11/13 03:02:58 | 01,269,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsvcs.dll
[2008/11/13 03:02:58 | 00,625,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvut.dll
[2008/11/13 03:02:58 | 00,539,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comuid.dll
[2008/11/13 03:02:58 | 00,498,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clbcatq.dll
[2008/11/13 03:02:58 | 00,225,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrv.dll
[2008/11/13 03:02:58 | 00,110,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clbcatex.dll
[2008/11/13 03:02:58 | 00,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvps.dll
[2008/11/13 03:02:53 | 00,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmprops.dll
[2008/11/13 03:02:53 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\licwmi.dll
[2008/11/13 03:02:53 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\servdeps.dll
[2008/11/13 03:02:53 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmfutil.dll
[2008/11/13 03:02:48 | 00,196,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rdpdr.sys
[2008/11/13 03:02:48 | 00,040,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\termdd.sys
[2008/11/13 03:02:47 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Videos
[2008/11/13 02:59:16 | 00,002,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmkaud.sys
[2008/11/13 02:59:14 | 00,004,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\MSPQM.sys
[2008/11/13 02:59:12 | 00,006,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\splitter.sys
[2008/11/13 02:59:10 | 00,142,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\aec.sys
[2008/11/13 02:59:09 | 00,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\wdmaud.sys
[2008/11/13 02:59:07 | 00,172,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\kmixer.sys
[2008/11/13 02:59:05 | 00,060,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sysaudio.sys
[2008/11/13 02:59:03 | 00,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\swmidi.sys
[2008/11/13 02:59:01 | 00,005,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\MSPCLOCK.sys
[2008/11/13 02:58:59 | 00,052,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\DMusic.sys
[2008/11/13 02:58:58 | 00,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\MSKSSRV.sys
[2008/11/13 02:58:54 | 00,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\audstub.sys
[2008/11/13 02:58:19 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\RTCOM
[2008/11/13 02:58:18 | 00,146,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\portcls.sys
[2008/11/13 02:58:18 | 00,130,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksproxy.ax
[2008/11/13 02:58:18 | 00,060,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmk.sys
[2008/11/13 02:58:18 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksuser.dll
[2008/11/13 02:57:49 | 00,057,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\redbook.sys
[2008/11/13 02:57:34 | 00,152,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irftp.exe
[2008/11/13 02:57:34 | 00,087,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\irda.sys
[2008/11/13 02:57:34 | 00,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irmon.dll
[2008/11/13 02:57:34 | 00,019,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rasirda.sys
[2008/11/13 02:57:34 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wshirda.dll
[2008/11/13 02:57:33 | 00,018,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\irsir.sys
[2008/11/13 02:57:07 | 00,164,175 | ---- | C] () -- C:\WINDOWS\System32\nvapps.xml
[2008/11/13 02:57:06 | 01,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2008/11/13 02:57:06 | 01,626,112 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2008/11/13 02:57:06 | 01,474,560 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2008/11/13 02:57:06 | 01,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2008/11/13 02:57:06 | 01,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2008/11/13 02:57:06 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008/11/13 02:57:06 | 00,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2008/11/13 02:57:06 | 00,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2008/11/13 02:57:06 | 00,073,728 | ---- | C] () -- C:\WINDOWS\System32\nvtuicpl.cpl
[2008/11/13 02:57:06 | 00,017,737 | ---- | C] () -- C:\WINDOWS\System32\nvdisp.nvu
[2008/11/13 02:57:06 | 00,000,000 | ---D | C] -- C:\WINDOWS\nview
[2008/11/13 02:56:21 | 00,001,570 | ---- | C] () -- C:\WINDOWS\System32\nvide.nvu
[2008/11/13 02:56:18 | 00,003,657 | ---- | C] () -- C:\WINDOWS\System32\nvnrm.nvu
[2008/11/13 02:56:09 | 00,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\usbui.dll
[2008/11/13 02:53:13 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Music
[2008/11/13 02:53:08 | 00,396,022 | ---- | C] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2008/11/13 02:53:08 | 00,000,000 | -HSD | C] -- C:\WINDOWS\Installer
[2008/11/13 02:53:07 | 00,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008/11/13 02:53:07 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC
[2008/11/13 02:53:04 | 00,000,000 | R--D | C] -- C:\Program Files
[2008/11/13 02:53:04 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeechEngines
[2008/11/13 02:53:04 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Shared
[2008/11/13 02:53:04 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files
[2008/11/13 02:53:01 | 00,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\Thawbrkr.dll
[2008/11/13 02:53:01 | 00,005,120 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdgeo.dll
[2008/11/13 02:53:01 | 00,005,120 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdarmw.dll
[2008/11/13 02:53:01 | 00,005,120 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdarme.dll
[2008/11/13 02:53:00 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdinpun.dll
[2008/11/13 02:53:00 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdintel.dll
[2008/11/13 02:53:00 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdinkan.dll
[2008/11/13 02:53:00 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdinguj.dll
[2008/11/13 02:52:59 | 00,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\c_iscii.dll
[2008/11/13 02:52:59 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdvntc.dll
[2008/11/13 02:52:59 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdintam.dll
[2008/11/13 02:52:59 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdinmar.dll
[2008/11/13 02:52:59 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdinhin.dll
[2008/11/13 02:52:59 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdindev.dll
[2008/11/13 02:52:56 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdurdu.dll
[2008/11/13 02:52:56 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsyr2.dll
[2008/11/13 02:52:56 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsyr1.dll
[2008/11/13 02:52:56 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdfa.dll
[2008/11/13 02:52:56 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbddiv2.dll
[2008/11/13 02:52:56 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbddiv1.dll
[2008/11/13 02:52:56 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbda3.dll
[2008/11/13 02:52:56 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbda2.dll
[2008/11/13 02:52:56 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbda1.dll
[2008/11/13 02:52:56 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdusa.dll
[2008/11/13 02:52:52 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdheb.dll
[2008/11/13 02:52:46 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdth3.dll
[2008/11/13 02:52:45 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdth2.dll
[2008/11/13 02:52:45 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ftlx041e.dll
[2008/11/13 02:52:45 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdth1.dll
[2008/11/13 02:52:45 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdth0.dll
[2008/11/13 02:52:43 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuq.dll
[2008/11/13 02:52:43 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuf.dll
[2008/11/13 02:52:43 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdazel.dll
[2008/11/13 02:52:42 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycc.dll
[2008/11/13 02:52:42 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbduzb.dll
[2008/11/13 02:52:42 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdur.dll
[2008/11/13 02:52:42 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtat.dll
[2008/11/13 02:52:42 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru1.dll
[2008/11/13 02:52:42 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru.dll
[2008/11/13 02:52:42 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmon.dll
[2008/11/13 02:52:42 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkyr.dll
[2008/11/13 02:52:42 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkaz.dll
[2008/11/13 02:52:42 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbu.dll
[2008/11/13 02:52:42 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdblr.dll
[2008/11/13 02:52:42 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdaze.dll
[2008/11/13 02:52:40 | 00,008,192 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhept.dll
[2008/11/13 02:52:40 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela3.dll
[2008/11/13 02:52:40 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela2.dll
[2008/11/13 02:52:40 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdgkl.dll
[2008/11/13 02:52:40 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe319.dll
[2008/11/13 02:52:40 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe220.dll
[2008/11/13 02:52:40 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe.dll
[2008/11/13 02:52:39 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv1.dll
[2008/11/13 02:52:39 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv.dll
[2008/11/13 02:52:39 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdest.dll
[2008/11/13 02:52:39 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt1.dll
[2008/11/13 02:52:39 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt.dll
[2008/11/13 02:52:37 | 00,007,168 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz.dll
[2008/11/13 02:52:37 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycl.dll
[2008/11/13 02:52:37 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl1.dll
[2008/11/13 02:52:37 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl.dll
[2008/11/13 02:52:37 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpl.dll
[2008/11/13 02:52:37 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu.dll
[2008/11/13 02:52:37 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz2.dll
[2008/11/13 02:52:37 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz1.dll
[2008/11/13 02:52:37 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcr.dll
[2008/11/13 02:52:37 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\KBDAL.DLL
[2008/11/13 02:52:37 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdro.dll
[2008/11/13 02:52:37 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpl1.dll
[2008/11/13 02:52:37 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu1.dll
[2008/11/13 02:52:31 | 00,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\spxcoins.dll
[2008/11/13 02:52:31 | 00,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TAPI.DLL
[2008/11/13 02:52:31 | 00,013,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\WFWNET.DRV
[2008/11/13 02:52:31 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irclass.dll
[2008/11/13 02:52:31 | 00,009,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VER.DLL
[2008/11/13 02:52:31 | 00,004,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TIMER.DRV
[2008/11/13 02:52:31 | 00,002,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VGA.DRV
[2008/11/13 02:52:30 | 00,126,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MSVIDEO.DLL
[2008/11/13 02:52:30 | 00,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLECLI.DLL
[2008/11/13 02:52:30 | 00,073,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIAVI.DRV
[2008/11/13 02:52:30 | 00,032,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\COMMDLG.DLL
[2008/11/13 02:52:30 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIWAVE.DRV
[2008/11/13 02:52:30 | 00,025,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCISEQ.DRV
[2008/11/13 02:52:30 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLESVR.DLL
[2008/11/13 02:52:30 | 00,009,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\LZEXPAND.DLL
[2008/11/13 02:52:30 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SHELL.DLL
[2008/11/13 02:52:30 | 00,003,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SYSTEM.DRV
[2008/11/13 02:52:30 | 00,002,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MOUSE.DRV
[2008/11/13 02:52:30 | 00,002,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\KEYBOARD.DRV
[2008/11/13 02:52:30 | 00,001,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SOUND.DRV
[2008/11/13 02:52:30 | 00,001,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MMTASK.TSK
[2008/11/13 02:52:29 | 00,146,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\WINSPOOL.DRV
[2008/11/13 02:52:29 | 00,109,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVIFILE.DLL
[2008/11/13 02:52:29 | 00,069,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVICAP.DLL
[2008/11/13 02:52:29 | 00,068,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MMSYSTEM.DLL
[2008/11/13 02:52:29 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\TASKMAN.EXE
[2008/11/13 02:52:29 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\irenum.sys
[2008/11/13 02:52:29 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\batt.dll
[2008/11/13 02:52:29 | 00,001,688 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2008/11/13 02:52:28 | 00,074,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\storprop.dll
[2008/11/13 02:52:28 | 00,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\NOTEPAD.EXE
[2008/11/13 02:52:20 | 00,000,084 | -HS- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\desktop.ini
[2008/11/13 02:52:20 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Documents\desktop.ini
[2008/11/13 02:52:20 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\desktop.ini
[2008/11/13 02:51:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2008/11/13 02:51:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot
[2008/11/13 02:51:20 | 00,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2008/11/13 02:50:29 | 02,808,832 | ---- | C] (RealTek Semicoductor Corp.) -- C:\WINDOWS\ALCWZRD.EXE
[2008/11/13 02:48:59 | 00,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2008/11/13 02:48:58 | 00,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2008/11/13 02:48:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings
[2008/11/13 02:48:17 | 00,157,160 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008/11/13 02:47:21 | 00,000,211 | -HS- | C] () -- C:\boot.ini
[2008/11/13 02:47:18 | 00,001,842 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf
[2008/11/13 02:44:33 | 00,000,000 | R-SD | C] -- C:\WINDOWS\Fonts
[2008/11/13 02:44:33 | 00,000,000 | R--D | C] -- C:\WINDOWS\Web
[2008/11/13 02:44:33 | 00,000,000 | -H-D | C] -- C:\WINDOWS\inf
[2008/11/13 02:44:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\WinSxS
[2008/11/13 02:44:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\twain_32
[2008/11/13 02:44:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2008/11/13 02:44:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\wins
[2008/11/13 02:44:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem
[2008/11/13 02:44:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt
[2008/11/13 02:44:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\spool
[2008/11/13 02:44:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt
[2008/11/13 02:44:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup
[2008/11/13 02:44:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ras
[2008/11/13 02:44:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2008/11/13 02:44:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe
[2008/11/13 02:44:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\npp
[2008/11/13 02:44:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\mui
[2008/11/13 02:44:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed
[2008/11/13 02:44:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv
[2008/11/13 02:44:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\IME
[2008/11/13 02:44:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml
[2008/11/13 02:44:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ias
[2008/11/13 02:44:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\export
[2008/11/13 02:44:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\en
[2008/11/13 02:44:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\UMDF
[2008/11/13 02:44:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc
[2008/11/13 02:44:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn
[2008/11/13 02:44:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers
[2008/11/13 02:44:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp
[2008/11/13 02:44:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\config
[2008/11/13 02:44:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi
[2008/11/13 02:44:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\3076
[2008/11/13 02:44:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\2052
[2008/11/13 02:44:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1054
[2008/11/13 02:44:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1042
[2008/11/13 02:44:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1041
[2008/11/13 02:44:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1037
[2008/11/13 02:44:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1033
[2008/11/13 02:44:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1031
[2008/11/13 02:44:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1028
[2008/11/13 02:44:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1025
[2008/11/13 02:44:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\system32
[2008/11/13 02:44:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\system
[2008/11/13 02:44:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2008/11/13 02:44:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\security
[2008/11/13 02:44:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\Resources
[2008/11/13 02:44:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\repair
[2008/11/13 02:44:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\Provisioning
[2008/11/13 02:44:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\PeerNet
[2008/11/13 02:44:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\pchealth
[2008/11/13 02:44:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\Network Diagnostic
[2008/11/13 02:44:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\mui
[2008/11/13 02:44:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\msapps
[2008/11/13 02:44:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\msagent
[2008/11/13 02:44:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\Media
[2008/11/13 02:44:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\java
[2008/11/13 02:44:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\ime
[2008/11/13 02:44:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\Help
[2008/11/13 02:44:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\ehome
[2008/11/13 02:44:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache
[2008/11/13 02:44:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\Debug
[2008/11/13 02:44:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\Cursors
[2008/11/13 02:44:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard
[2008/11/13 02:44:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\Config
[2008/11/13 02:44:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\AppPatch
[2008/11/13 02:44:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\addins
[2008/11/13 02:44:33 | 00,000,000 | ---D | C] -- C:\WINDOWS

========== Files - Modified Within 30 Days ==========

[1 C:\WINDOWS\System32\*.tmp files]
[3 C:\WINDOWS\*.tmp files]
[2008/11/16 14:36:48 | 00,422,400 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\TheOnlyOn3\Desktop\OTViewIt.exe
[2008/11/16 12:36:14 | 05,091,490 | ---- | M] () -- C:\Documents and Settings\TheOnlyOn3\Desktop\We Rock-Camp Rock.flv
[2008/11/16 12:08:52 | 07,499,007 | ---- | M] () -- C:\Documents and Settings\TheOnlyOn3\Desktop\This Is Me-Camp Rock.flv
[2008/11/16 08:10:34 | 30,137,019 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2008/11/15 23:56:16 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2008/11/15 23:56:16 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2008/11/15 23:56:14 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2008/11/15 23:56:10 | 21,468,81536 | -HS- | M] () -- C:\hiberfil.sys
[2008/11/15 15:11:52 | 00,388,960 | ---- | M] () -- C:\Documents and Settings\TheOnlyOn3\Desktop\File0001.jpg
[2008/11/15 15:09:32 | 00,000,029 | ---- | M] () -- C:\WINDOWS\DEBUGSM.INI
[2008/11/15 15:03:24 | 00,001,479 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\EPSON Smart Panel.lnk
[2008/11/15 14:58:18 | 00,000,027 | ---- | M] () -- C:\WINDOWS\CDE CX3600E.ini
[2008/11/15 10:41:12 | 00,174,465 | ---- | M] () -- C:\Documents and Settings\TheOnlyOn3\Desktop\SRO[2008-10-02 11-11-42]_72.jpg
[2008/11/15 08:49:26 | 00,031,102 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg
[2008/11/14 11:44:34 | 00,032,564 | -H-- | M] () -- C:\WINDOWS\System32\mlfcache.dat
[2008/11/14 08:22:06 | 00,004,608 | ---- | M] () -- C:\Documents and Settings\TheOnlyOn3\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/11/14 05:22:26 | 00,000,468 | ---- | M] () -- C:\Documents and Settings\TheOnlyOn3\Desktop\SROKiller(Modern).exe.lnk
[2008/11/14 05:21:30 | 00,034,616 | ---- | M] () -- C:\Documents and Settings\TheOnlyOn3\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2008/11/14 05:20:42 | 00,157,160 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008/11/14 05:18:04 | 00,000,231 | ---- | M] () -- C:\WINDOWS\system.ini
[2008/11/14 02:05:08 | 05,881,218 | -H-- | M] () -- C:\Documents and Settings\TheOnlyOn3\Local Settings\Application Data\IconCache.db
[2008/11/13 22:58:28 | 00,004,096 | ---- | M] () -- C:\WINDOWS\d3dx.dat
[2008/11/13 15:01:50 | 00,000,043 | ---- | M] () -- C:\Documents and Settings\TheOnlyOn3\Desktop\iniupdater.ini
[2008/11/13 14:56:08 | 00,000,822 | ---- | M] () -- C:\Documents and Settings\TheOnlyOn3\My Documents\My Sharing Folders.lnk
[2008/11/13 14:55:30 | 00,001,731 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Windows Live Messenger .lnk
[2008/11/13 14:47:16 | 00,334,743 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\miniavi.avg
[2008/11/13 14:40:42 | 00,076,040 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2008/11/13 14:40:42 | 00,010,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2008/11/13 14:40:42 | 00,001,411 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG Free 8.0.lnk
[2008/11/13 14:40:38 | 06,061,540 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\avi7.avg
[2008/11/13 14:40:38 | 00,097,928 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2008/11/13 14:40:38 | 00,026,824 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
[2008/11/13 14:38:18 | 00,001,496 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Safari.lnk
[2008/11/13 14:38:04 | 00,000,651 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Launch WinArpSpoofer.lnk
[2008/11/13 12:03:56 | 00,164,175 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2008/11/13 03:42:40 | 00,000,395 | ---- | M] () -- C:\Documents and Settings\TheOnlyOn3\Desktop\ScreenShot.lnk
[2008/11/13 03:41:52 | 00,000,493 | ---- | M] () -- C:\Documents and Settings\TheOnlyOn3\Desktop\Loader.lnk
[2008/11/13 03:41:46 | 00,000,441 | ---- | M] () -- C:\Documents and Settings\TheOnlyOn3\Desktop\Silkroad.lnk
[2008/11/13 03:41:42 | 00,000,433 | ---- | M] () -- C:\Documents and Settings\TheOnlyOn3\Desktop\Loader(Testosterone).lnk
[2008/11/13 03:41:36 | 00,000,493 | ---- | M] () -- C:\Documents and Settings\TheOnlyOn3\Desktop\srobot.lnk
[2008/11/13 03:38:20 | 00,000,534 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Ventrilo.lnk
[2008/11/13 03:32:58 | 00,001,872 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Steam.lnk
[2008/11/13 03:31:36 | 00,000,025 | ---- | M] () -- C:\WINDOWS\cdplayer.ini
[2008/11/13 03:28:18 | 00,499,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcp71.dll
[2008/11/13 03:28:18 | 00,348,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcr71.dll
[2008/11/13 03:28:18 | 00,278,528 | ---- | M] (Real Networks, Inc) -- C:\WINDOWS\System32\pncrt.dll
[2008/11/13 03:25:48 | 00,396,022 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2008/11/13 03:25:48 | 00,386,146 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2008/11/13 03:25:48 | 00,056,500 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2008/11/13 03:24:46 | 00,000,716 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Yahoo! Messenger.lnk
[2008/11/13 03:17:08 | 00,940,794 | ---- | M] () -- C:\WINDOWS\System32\LoopyMusic.wav
[2008/11/13 03:17:08 | 00,146,650 | ---- | M] () -- C:\WINDOWS\System32\BuzzingBee.wav
[2008/11/13 03:16:52 | 00,000,081 | -HS- | M] () -- C:\Documents and Settings\TheOnlyOn3\My Documents\desktop.ini
[2008/11/13 03:12:44 | 00,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD
[2008/11/13 03:11:34 | 00,001,842 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2008/11/13 03:07:32 | 00,000,084 | -HS- | M] () -- C:\Documents and Settings\TheOnlyOn3\Start Menu\Programs\Startup\desktop.ini
[2008/11/13 03:07:32 | 00,000,084 | -HS- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\desktop.ini
[2008/11/13 03:07:28 | 00,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2008/11/13 03:07:28 | 00,000,507 | ---- | M] () -- C:\WINDOWS\win.ini
[2008/11/13 03:07:28 | 00,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2008/11/13 03:07:28 | 00,000,000 | RHS- | M] () -- C:\IO.SYS
[2008/11/13 03:07:28 | 00,000,000 | ---- | M] () -- C:\WINDOWS\control.ini
[2008/11/13 03:07:28 | 00,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2008/11/13 03:07:28 | 00,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2008/11/13 03:07:24 | 00,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2008/11/13 03:07:24 | 00,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2008/11/13 03:07:22 | 00,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2008/11/13 03:07:14 | 00,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2008/11/13 03:04:22 | 00,021,640 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008/11/13 03:04:10 | 00,000,037 | ---- | M] () -- C:\WINDOWS\vbaddin.ini
[2008/11/13 03:04:10 | 00,000,036 | ---- | M] () -- C:\WINDOWS\vb.ini
[2008/11/13 02:59:34 | 00,000,211 | -HS- | M] () -- C:\boot.ini
[2008/11/13 02:52:22 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\TheOnlyOn3\Application Data\desktop.ini
[2008/11/13 02:52:22 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\All Users\Documents\desktop.ini
[2008/11/13 02:52:22 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\desktop.ini
< End of report >

==============================================================================================

Extras.txt :

OTViewIt Extras logfile created on: 11/16/2008 2:38:03 PM - Run 2
OTViewIt by OldTimer - Version 1.0.20.0 Folder = C:\Documents and Settings\TheOnlyOn3\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 50.19% Memory free
3.85 Gb Paging File | 2.49 Gb Available in Paging File | 64.82% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 9.31 Gb Total Space | 1.40 Gb Free Space | 15.06% Space Free | Partition Type: FAT32
Drive D: | 18.62 Gb Total Space | 0.16 Gb Free Space | 0.85% Space Free | Partition Type: FAT32
Drive E: | 18.62 Gb Total Space | 0.45 Gb Free Space | 2.43% Space Free | Partition Type: FAT32
Drive F: | 13.97 Gb Total Space | 1.03 Gb Free Space | 7.34% Space Free | Partition Type: NTFS
Drive G: | 13.97 Gb Total Space | 0.24 Gb Free Space | 1.71% Space Free | Partition Type: FAT32
H: Drive not present or media not loaded
Drive I: | 3.75 Gb Total Space | 0.04 Gb Free Space | 1.19% Space Free | Partition Type: FAT32

Computer Name: CODENAME
Current User Name: TheOnlyOn3
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Whitelist: On
File Age = 30 Days

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled"=1
"AntiVirusDisableNotify"=1
"FirewallDisableNotify"=1
"UpdatesDisableNotify"=1
"AntiVirusOverride"=1
"FirewallOverride"=1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"EnableFirewall"=0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[2006/11/23 14:44:28 | 00,557,568 | ---- | M] (Microsoft Corporation) -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
[2004/08/04 07:56:58 | 00,140,800 | ---- | M] (Microsoft Corporation) -- %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
[2008/11/14 08:30:46 | 05,724,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger
[2007/10/02 17:18:24 | 00,304,488 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
[2006/11/23 14:44:28 | 00,557,568 | ---- | M] (Microsoft Corporation) -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
[2004/08/04 07:56:58 | 00,140,800 | ---- | M] (Microsoft Corporation) -- %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
[2007/08/30 17:43:18 | 04,670,704 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger
[2007/08/30 17:43:18 | 00,091,376 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server
[2008/11/13 14:40:34 | 00,875,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe
[2008/11/13 14:40:34 | 00,641,304 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe
[2008/11/14 08:30:46 | 05,724,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger
[2007/10/02 17:18:24 | 00,304,488 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)

========== (O10) Winsock2 Catalogs ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\]
NameSpace_Catalog5\Catalog_Entries\000000000004 [NWLink IPX/SPX/NetBIOS Compatible Transport Protocol] -- C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation)

========== (O18) Protocol Handlers ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
[2008/11/13 14:40:38 | 00,079,128 | ---- | M] (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG8\avgpp.dll (linkscanner:{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} (HKLM) [XPLPPFilter Class])

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
[2007/10/18 11:31:54 | 00,066,072 | ---- | M] (Microsoft Corporation) C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (livecall:{828030A1-22C1-4009-854F-8E305202313F} (HKLM) [Reg Error: Value does not exist or could not be read.])

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
msdaipp: [HKLM - No CLSID value]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\] - Protocol Handlers
[2004/09/17 14:44:16 | 00,843,472 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\System\Ole DB\msdaipp.dll msdaipp\0x00000001:{E1D2BF42-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - MSDAMON.BINDER]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\] - Protocol Handlers
[2004/09/17 14:44:16 | 00,843,472 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\System\Ole DB\msdaipp.dll msdaipp\oledb:{E1D2BF40-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - MSDAIPP.BINDER]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
[2007/10/18 11:31:54 | 00,066,072 | ---- | M] (Microsoft Corporation) C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (msnim:{828030A1-22C1-4009-854F-8E305202313F} (HKLM) [Reg Error: Value does not exist or could not be read.])

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02DFF6B1-1654-411C-8D7B-FD6052EF016F}"=Apple Software Update
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}"=Steam
"{109D28C7-FB38-483A-9C91-001CB59E2699}"=EPSON CardMonitor
"{23B59ED4-C360-11D7-875B-0090CC005647}"=EPSON PRINT Image Framer Tool2.1
"{3248F0A8-6813-11D6-A77B-00B0D0150040}"=J2SE Runtime Environment 5.0 Update 4
"{508CE775-4BA4-4748-82DF-FE28DA9F03B0}"=Windows Live Messenger
"{65F5B7AF-3363-11D7-BB6B-00018021113F}"=EPSON PhotoQuicker3.5
"{67EDD823-135A-4D59-87BD-950616D6E857}"=EPSON Copy Utility 3
"{6C11D561-620B-47DA-A693-4C597F3CDF40}"=EPSON Smart Panel
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}"=Microsoft .NET Framework 2.0
"{7299052b-02a4-4627-81f2-1818da5d550d}"=Microsoft Visual C++ 2005 Redistributable
"{789289CA-F73A-4A16-A331-54D498CE069F}"=Ventrilo Client
"{7BD0A2D8-4EA0-43C6-BDF8-DDA87B8031C6}"=PIF DESIGNER2.1
"{7CCEBC24-62DB-4280-A8EC-BFA49F167920}"=Software Update for Web Folders
"{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}"=Windows Live installer
"{C48817E7-AA05-4151-A99D-1E1E550CE801}"=EPSON PhotoStarter3.1
"{C9D96682-5A4D-45FA-BA3E-DDCB2B0CB868}"=Safari
"{EBAE381B-60A6-4863-AA9F-FCAB755BC9E5}"=ScanToWeb
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}"=Realtek High Definition Audio Driver
"{FB90085B-59E4-40FA-81CA-CBE0E70A7183}"=Windows ARP Spoofer
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}"=Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX"=Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin"=Adobe Flash Player 10 Plugin
"AVG8Uninstall"=AVG Free 8.0
"BitComet"=BitComet 0.70
"EPSON Printer and Utilities"=EPSON Printer Software
"EPSON Scanner"=EPSON Scan
"ESCX3600 Software Guide"=ESCX3600 Software Guide
"IDNMitigationAPIs"=Microsoft Internationalized Domain Names Mitigation APIs
"ie7"=Windows Internet Explorer 7
"KLiteCodecPack_is1"=K-Lite Mega Codec Pack 3.8.0
"LClock"=LClock
"Messenger Plus! Live"=Messenger Plus! Live
"Microsoft .NET Framework 2.0"=Microsoft .NET Framework 2.0
"NLSDownlevelMapping"=Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers"=NVIDIA Drivers
"OpenGL"=OpenGL
"RealPlayer 6.0"=RealPlayer
"Winamp"=Winamp
"WinRAR archiver"=WinRAR archiver
"Yahoo! Messenger"=Yahoo! Messenger

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 11/12/2008 4:11:08 PM | Computer Name = CODENAME | Source = MsiInstaller | ID = 11406
Description = Product: Windows Live Messenger -- Error 1406. Could not write value
DW0200 to key \Software\Microsoft\PCHealth\ErrorReporting\DW\Installed. System
error . Verify that you have sufficient access to that key, or contact your support
personnel.

Error - 11/12/2008 4:11:10 PM | Computer Name = CODENAME | Source = MsiInstaller | ID = 11406
Description = Product: Windows Live Messenger -- Error 1406. Could not write value
DW0200 to key \Software\Microsoft\PCHealth\ErrorReporting\DW\Installed. System
error . Verify that you have sufficient access to that key, or contact your support
personnel.

Error - 11/13/2008 12:55:58 AM | Computer Name = CODENAME | Source = Application Error | ID = 1000
Description = Faulting application yahoomessenger.exe, version 8.1.0.421, faulting
module flash9b.ocx, version 9.0.28.0, fault address 0x00001e94.

Error - 11/13/2008 3:42:02 AM | Computer Name = CODENAME | Source = Application Error | ID = 1000
Description = Faulting application winarpspoof.exe, version 0.6.0.0, faulting module
winarpspoof.exe, version 0.6.0.0, fault address 0x00004bc9.

Error - 11/13/2008 8:15:26 AM | Computer Name = CODENAME | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 7.0.5730.11, faulting module
flash9b.ocx, version 9.0.28.0, fault address 0x00099589.

Error - 11/13/2008 10:12:05 AM | Computer Name = CODENAME | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 7.0.5730.11, faulting module
flash9b.ocx, version 9.0.28.0, fault address 0x00099589.

Error - 11/13/2008 2:45:37 PM | Computer Name = CODENAME | Source = Application Error | ID = 1000
Description = Faulting application realplay.exe, version 11.0.0.372, faulting module
ntdll.dll, version 5.1.2600.2180, fault address 0x00011e58.

Error - 11/15/2008 7:32:09 AM | Computer Name = CODENAME | Source = Application Error | ID = 1000
Description = Faulting application sro_client.exe, version 0.0.0.0, faulting module
sro_client.exe, version 0.0.0.0, fault address 0x005d4c03.

Error - 11/16/2008 1:09:24 AM | Computer Name = CODENAME | Source = Application Error | ID = 1000
Description = Faulting application realplay.exe, version 11.0.0.372, faulting module
rjbdll.dll, version 1.0.4.3038, fault address 0x0008a041.

Error - 11/16/2008 1:36:47 AM | Computer Name = CODENAME | Source = Application Error | ID = 1000
Description = Faulting application realplay.exe, version 11.0.0.372, faulting module
rjbdll.dll, version 1.0.4.3038, fault address 0x0008a041.

[ System Events ]
Error - 11/12/2008 4:08:46 PM | Computer Name = CODENAME | Source = DCOM | ID = 10005
Description = DCOM got error "%1083" attempting to start the service wuauserv with
arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}


< End of report >

==============================================================================================
kaspersky scanning report :


KASPERSKY ONLINE SCANNER 7 REPORT
Sunday, November 16, 2008
Operating System: Microsoft Windows XP Professional Service Pack 2 (build 2600)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Sunday, November 16, 2008 09:50:47
Records in database: 1387356
Scan settings
Scan using the following database extended
Scan archives yes
Scan mail databases yes
Scan area My Computer
A:\
C:\
D:\
E:\
F:\
G:\
H:\
I:\
Scan statistics
Files scanned 84708
Threat name 10
Infected objects 12
Suspicious objects 0
Duration of the scan 01:32:39

File name Threat name Threats count
D:\System Volume Information\_restore{50E9215C-3FA0-4594-8136-D0323C7BD090}\RP42\A0027282.inf Infected: Worm.Win32.AutoRun.onp 1
D:\System Volume Information\_restore{923B5D01-3F46-4262-9B41-3F48FD45BEB3}\RP12\A0006185.exe Infected: not-a-virus:Monitor.Win32.Ardamax.x 1
D:\System Volume Information\_restore{923B5D01-3F46-4262-9B41-3F48FD45BEB3}\RP12\A0006185.exe Infected: not-a-virus:Monitor.Win32.Ardamax.z 1
D:\System Volume Information\_restore{923B5D01-3F46-4262-9B41-3F48FD45BEB3}\RP12\A0006185.exe Infected: not-a-virus:Monitor.Win32.Ardamax.o 1
D:\System Volume Information\_restore{923B5D01-3F46-4262-9B41-3F48FD45BEB3}\RP12\A0006185.exe Infected: not-a-virus:Monitor.Win32.Ardamax.aa 1
D:\System Volume Information\_restore{923B5D01-3F46-4262-9B41-3F48FD45BEB3}\RP12\A0006185.exe Infected: Trojan-Spy.Win32.Ardamax.n 1
D:\System Volume Information\_restore{923B5D01-3F46-4262-9B41-3F48FD45BEB3}\RP12\A0006185.exe Infected: not-a-virus:Monitor.Win32.Ardamax.y 1
D:\System Volume Information\_restore{923B5D01-3F46-4262-9B41-3F48FD45BEB3}\RP29\A0006411.inf Infected: Worm.Win32.AutoRun.onp 1
E:\autorun.inf Infected: Worm.Win32.AutoRun.oni 1
E:\progs\cracklock-manager\cracklock-manager\CKLK381.EXE Infected: HackTool.Win32.Agent.hq 1
E:\progs\cracklock-manager\cracklock-manager.rar Infected: HackTool.Win32.Agent.hq 1
E:\progs\netcut\netcut 2.8\netcut.exe Infected: not-a-virus:NetTool.Win32.Netcut.a 1
The selected area was scanned.

Attached Files



BC AdBot (Login to Remove)

 


#2 DaChew

DaChew

    Visiting Alien


  • BC Advisor
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:06:51 AM

Posted 16 November 2008 - 10:29 PM

http://www.bleepingcomputer.com/forums/ind...mp;#entry798468

read this link for flash drive infections(autorun.inf)

http://www.bleepingcomputer.com/forums/ind...mp;#entry944365

See if you can install/update and scan with MBAM

Post that log if you can
Chewy

No. Try not. Do... or do not. There is no try.

#3 TheOnlyOn3

TheOnlyOn3
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:05:51 AM

Posted 18 November 2008 - 08:56 PM

umm the disinfector in the first link, the flash drive infections thing fixed it , ty alot .. ur the best =D

#4 DaChew

DaChew

    Visiting Alien


  • BC Advisor
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:06:51 AM

Posted 19 November 2008 - 08:25 AM

http://www.bleepingcomputer.com/forums/ind...mp;#entry943994

I would suggest reading this link about flushing restore point and malware prevention
Chewy

No. Try not. Do... or do not. There is no try.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users