Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected with Trojan downloader and possibly worm


  • This topic is locked This topic is locked
17 replies to this topic

#1 Andy8

Andy8

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:01:31 AM

Posted 04 December 2008 - 07:17 AM

After i have not succeeded in this topic http://www.bleepingcomputer.com/forums/t/183198/tricky-virus/ ,i was sent here to post my problem.Here you have my log:

Logfile of random's system information tool 1.04 (written by random/random)
Run by Andy at 2008-12-04 14:09:48
Microsoft Windows XP Professional Service Pack 2
System drive C: has 4 GB (42%) free of 9 GB
Total RAM: 1023 MB (63% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:10:22 PM, on 12/4/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Documents and Settings\Andy\Desktop\RSIT.exe
C:\Program Files\trend micro\Andy.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ro/
O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{A785CF2B-1000-4BA2-B4CF-CD9C79D243C0}: NameServer = 193.231.249.1 193.231.249.6
O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - Unknown owner - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe

--
End of file - 2449 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NVMixerTray"=C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe [2004-06-03 131072]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2003-04-24 54784]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [2008-12-04 1797880]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-05-16 13529088]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-05-16 86016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"=" C:\WINDOWS\system32\guard32.dll"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\Program Files\Xfire\Xfire.exe"="C:\Program Files\Xfire\Xfire.exe:*:Enabled:Xfire"
"D:\Call of Duty\CoDMP.exe"="D:\Call of Duty\CoDMP.exe:*:Enabled:CoDMP"
"D:\Call of Duty\CoDUOMP.exe"="D:\Call of Duty\CoDUOMP.exe:*:Enabled:CoDUOMP"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 1 months======

2008-12-04 14:09:48 ----D---- C:\rsit
2008-12-04 14:09:48 ----D---- C:\Program Files\trend micro
2008-12-03 07:17:56 ----D---- C:\WINDOWS\ERUNT
2008-12-03 07:16:21 ----A---- C:\WINDOWS\ntbtlog.txt
2008-12-03 07:13:13 ----D---- C:\SDFix
2008-12-02 22:57:48 ----D---- C:\Program Files\HD Tune Pro
2008-12-02 07:08:12 ----D---- C:\Documents and Settings\Andy\Application Data\Malwarebytes
2008-12-02 07:08:06 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2008-12-02 07:08:06 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-12-01 15:07:58 ----D---- C:\Documents and Settings\Andy\Application Data\Xfire
2008-12-01 15:07:54 ----D---- C:\Program Files\Xfire
2008-12-01 15:07:02 ----D---- C:\Documents and Settings\Andy\Application Data\teamspeak2
2008-12-01 15:06:45 ----D---- C:\Program Files\Teamspeak2_RC2
2008-12-01 15:01:41 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2008-12-01 15:01:29 ----D---- C:\WINDOWS\system32\LogFiles
2008-12-01 15:01:29 ----A---- C:\WINDOWS\system32\PnkBstrA.exe
2008-12-01 14:47:09 ----D---- C:\Program Files\WinRAR
2008-12-01 14:32:44 ----A---- C:\WINDOWS\CoDUO.INI
2008-12-01 14:21:39 ----A---- C:\WINDOWS\CoD.INI
2008-12-01 14:18:00 ----A---- C:\WINDOWS\system32\h323log.txt
2008-12-01 14:16:01 ----A---- C:\WINDOWS\system32\nv4_disp.dll
2008-12-01 14:15:38 ----A---- C:\WINDOWS\system32\ksuser.dll
2008-12-01 14:15:20 ----A---- C:\WINDOWS\system32\usbui.dll
2008-12-01 14:14:07 ----SHD---- C:\WINDOWS\Installer
2008-12-01 14:14:07 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-12-01 14:14:06 ----D---- C:\Program Files\Common Files\ODBC
2008-12-01 14:14:06 ----A---- C:\WINDOWS\ODBCINST.INI
2008-12-01 14:14:03 ----D---- C:\Program Files\Common Files\SpeechEngines
2008-12-01 14:14:02 ----RD---- C:\Program Files
2008-12-01 14:14:02 ----D---- C:\Program Files\Common Files\Microsoft Shared
2008-12-01 14:14:02 ----D---- C:\Program Files\Common Files
2008-12-01 14:13:59 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2008-12-01 14:13:58 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2008-12-01 14:13:58 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2008-12-01 14:13:56 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2008-12-01 14:13:56 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2008-12-01 14:13:55 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2008-12-01 14:13:55 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2008-12-01 14:13:55 ----RA---- C:\WINDOWS\system32\kbdur.dll
2008-12-01 14:13:55 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2008-12-01 14:13:55 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2008-12-01 14:13:55 ----RA---- C:\WINDOWS\system32\kbdru.dll
2008-12-01 14:13:55 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2008-12-01 14:13:55 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2008-12-01 14:13:55 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2008-12-01 14:13:55 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2008-12-01 14:13:52 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2008-12-01 14:13:52 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2008-12-01 14:13:52 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2008-12-01 14:13:52 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2008-12-01 14:13:52 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2008-12-01 14:13:52 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2008-12-01 14:13:52 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2008-12-01 14:13:49 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2008-12-01 14:13:49 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2008-12-01 14:13:49 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2008-12-01 14:13:49 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2008-12-01 14:13:49 ----RA---- C:\WINDOWS\system32\kbdest.dll
2008-12-01 14:13:46 ----RA---- C:\WINDOWS\system32\kbdsl1.dll
2008-12-01 14:13:46 ----RA---- C:\WINDOWS\system32\kbdsl.dll
2008-12-01 14:13:46 ----RA---- C:\WINDOWS\system32\kbdro.dll
2008-12-01 14:13:46 ----RA---- C:\WINDOWS\system32\kbdpl1.dll
2008-12-01 14:13:46 ----RA---- C:\WINDOWS\system32\kbdpl.dll
2008-12-01 14:13:46 ----RA---- C:\WINDOWS\system32\kbdhu1.dll
2008-12-01 14:13:46 ----RA---- C:\WINDOWS\system32\kbdhu.dll
2008-12-01 14:13:46 ----RA---- C:\WINDOWS\system32\kbdcz2.dll
2008-12-01 14:13:46 ----RA---- C:\WINDOWS\system32\kbdcz1.dll
2008-12-01 14:13:46 ----RA---- C:\WINDOWS\system32\kbdcz.dll
2008-12-01 14:13:45 ----RA---- C:\WINDOWS\system32\kbdycl.dll
2008-12-01 14:13:45 ----RA---- C:\WINDOWS\system32\kbdcr.dll
2008-12-01 14:13:45 ----RA---- C:\WINDOWS\system32\KBDAL.DLL
2008-12-01 14:13:43 ----A---- C:\WINDOWS\system32\irclass.dll
2008-12-01 14:13:43 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2008-12-01 14:13:42 ----A---- C:\WINDOWS\system32\spxcoins.dll
2008-12-01 14:13:42 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2008-12-01 14:13:42 ----A---- C:\WINDOWS\system32\dgsetup.dll
2008-12-01 14:13:39 ----N---- C:\WINDOWS\system32\CONFIG.TMP
2008-12-01 14:13:39 ----A---- C:\WINDOWS\TASKMAN.EXE
2008-12-01 14:13:38 ----A---- C:\WINDOWS\system32\batt.dll
2008-12-01 14:13:38 ----A---- C:\WINDOWS\NOTEPAD.EXE
2008-12-01 14:13:37 ----A---- C:\WINDOWS\system32\storprop.dll
2008-12-01 14:13:29 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini
2008-12-01 14:13:24 ----RA---- C:\WINDOWS\SET8.tmp
2008-12-01 14:13:21 ----RA---- C:\WINDOWS\SET4.tmp
2008-12-01 14:13:20 ----RA---- C:\WINDOWS\SET3.tmp
2008-12-01 14:13:13 ----D---- C:\WINDOWS\system32\CatRoot2
2008-12-01 14:13:13 ----D---- C:\WINDOWS\system32\CatRoot
2008-12-01 14:13:07 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2008-12-01 14:12:39 ----A---- C:\WINDOWS\setuplog.txt
2008-12-01 14:12:36 ----D---- C:\Documents and Settings
2008-12-01 14:12:35 ----SHD---- C:\System Volume Information
2008-12-01 14:11:39 ----SH---- C:\boot.ini
2008-12-01 14:04:27 ----D---- C:\Program Files\Lavasoft
2008-12-01 14:04:26 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-12-01 14:04:07 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2008-12-01 14:03:51 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-12-01 14:03:51 ----RSD---- C:\WINDOWS\Fonts
2008-12-01 14:03:51 ----RD---- C:\WINDOWS\Web
2008-12-01 14:03:51 ----HD---- C:\WINDOWS\inf
2008-12-01 14:03:51 ----D---- C:\WINDOWS\WinSxS
2008-12-01 14:03:51 ----D---- C:\WINDOWS\twain_32
2008-12-01 14:03:51 ----D---- C:\WINDOWS\Temp
2008-12-01 14:03:51 ----D---- C:\WINDOWS\system32\wins
2008-12-01 14:03:51 ----D---- C:\WINDOWS\system32\wbem
2008-12-01 14:03:51 ----D---- C:\WINDOWS\system32\usmt
2008-12-01 14:03:51 ----D---- C:\WINDOWS\system32\spool
2008-12-01 14:03:51 ----D---- C:\WINDOWS\system32\ShellExt
2008-12-01 14:03:51 ----D---- C:\WINDOWS\system32\Setup
2008-12-01 14:03:51 ----D---- C:\WINDOWS\system32\ras
2008-12-01 14:03:51 ----D---- C:\WINDOWS\system32\oobe
2008-12-01 14:03:51 ----D---- C:\WINDOWS\system32\npp
2008-12-01 14:03:51 ----D---- C:\WINDOWS\system32\mui
2008-12-01 14:03:51 ----D---- C:\WINDOWS\system32\inetsrv
2008-12-01 14:03:51 ----D---- C:\WINDOWS\system32\IME
2008-12-01 14:03:51 ----D---- C:\WINDOWS\system32\icsxml
2008-12-01 14:03:51 ----D---- C:\WINDOWS\system32\ias
2008-12-01 14:03:51 ----D---- C:\WINDOWS\system32\export
2008-12-01 14:03:51 ----D---- C:\WINDOWS\system32\drivers
2008-12-01 14:03:51 ----D---- C:\WINDOWS\system32\dhcp
2008-12-01 14:03:51 ----D---- C:\WINDOWS\system32\config
2008-12-01 14:03:51 ----D---- C:\WINDOWS\system32\3com_dmi
2008-12-01 14:03:51 ----D---- C:\WINDOWS\system32\3076
2008-12-01 14:03:51 ----D---- C:\WINDOWS\system32\2052
2008-12-01 14:03:51 ----D---- C:\WINDOWS\system32\1054
2008-12-01 14:03:51 ----D---- C:\WINDOWS\system32\1042
2008-12-01 14:03:51 ----D---- C:\WINDOWS\system32\1041
2008-12-01 14:03:51 ----D---- C:\WINDOWS\system32\1037
2008-12-01 14:03:51 ----D---- C:\WINDOWS\system32\1033
2008-12-01 14:03:51 ----D---- C:\WINDOWS\system32\1031
2008-12-01 14:03:51 ----D---- C:\WINDOWS\system32\1028
2008-12-01 14:03:51 ----D---- C:\WINDOWS\system32\1025
2008-12-01 14:03:51 ----D---- C:\WINDOWS\system32
2008-12-01 14:03:51 ----D---- C:\WINDOWS\system
2008-12-01 14:03:51 ----D---- C:\WINDOWS\security
2008-12-01 14:03:51 ----D---- C:\WINDOWS\Resources
2008-12-01 14:03:51 ----D---- C:\WINDOWS\repair
2008-12-01 14:03:51 ----D---- C:\WINDOWS\Provisioning
2008-12-01 14:03:51 ----D---- C:\WINDOWS\PeerNet
2008-12-01 14:03:51 ----D---- C:\WINDOWS\pchealth
2008-12-01 14:03:51 ----D---- C:\WINDOWS\mui
2008-12-01 14:03:51 ----D---- C:\WINDOWS\msapps
2008-12-01 14:03:51 ----D---- C:\WINDOWS\msagent
2008-12-01 14:03:51 ----D---- C:\WINDOWS\Media
2008-12-01 14:03:51 ----D---- C:\WINDOWS\java
2008-12-01 14:03:51 ----D---- C:\WINDOWS\ime
2008-12-01 14:03:51 ----D---- C:\WINDOWS\Help
2008-12-01 14:03:51 ----D---- C:\WINDOWS\ehome
2008-12-01 14:03:51 ----D---- C:\WINDOWS\Driver Cache
2008-12-01 14:03:51 ----D---- C:\WINDOWS\Debug
2008-12-01 14:03:51 ----D---- C:\WINDOWS\Cursors
2008-12-01 14:03:51 ----D---- C:\WINDOWS\Connection Wizard
2008-12-01 14:03:51 ----D---- C:\WINDOWS\Config
2008-12-01 14:03:51 ----D---- C:\WINDOWS\AppPatch
2008-12-01 14:03:51 ----D---- C:\WINDOWS\addins
2008-12-01 14:03:51 ----D---- C:\WINDOWS
2008-12-01 13:32:54 ----D---- C:\Documents and Settings\Andy\Application Data\Macromedia
2008-12-01 13:32:27 ----D---- C:\Documents and Settings\Andy\Application Data\Adobe
2008-12-01 13:30:28 ----D---- C:\Documents and Settings\All Users\Application Data\Yahoo!
2008-12-01 13:30:22 ----D---- C:\Program Files\Yahoo!
2008-12-01 13:22:28 ----D---- C:\Documents and Settings\All Users\Application Data\Avira
2008-12-01 13:17:02 ----D---- C:\WINDOWS\system32\appmgmt
2008-12-01 13:14:23 ----D---- C:\WINDOWS\nview
2008-12-01 13:10:30 ----D---- C:\Documents and Settings\Andy\Application Data\Mozilla
2008-12-01 13:10:19 ----D---- C:\Program Files\Mozilla Firefox
2008-12-01 13:10:00 ----D---- C:\Documents and Settings\Andy\Application Data\Comodo
2008-12-01 12:49:08 ----D---- C:\Documents and Settings\All Users\Application Data\comodo
2008-12-01 12:49:08 ----A---- C:\WINDOWS\system32\guard32.dll
2008-12-01 12:48:48 ----D---- C:\Program Files\COMODO
2008-12-01 12:48:07 ----A---- C:\WINDOWS\system32\Audio3D.dll
2008-12-01 12:48:07 ----A---- C:\WINDOWS\system32\a3d.dll
2008-12-01 12:48:06 ----A---- C:\WINDOWS\SOUNDMAN.EXE
2008-12-01 12:48:05 ----N---- C:\WINDOWS\alcupd.exe
2008-12-01 12:48:05 ----N---- C:\WINDOWS\alcrmv.exe
2008-12-01 12:41:45 ----D---- C:\Program Files\DirectX
2008-12-01 12:39:23 ----D---- C:\Program Files\NVIDIA Corporation
2008-12-01 12:39:23 ----D---- C:\Program Files\Common Files\NVIDIA Shared
2008-12-01 12:39:22 ----HD---- C:\Program Files\InstallShield Installation Information
2008-12-01 12:38:49 ----A---- C:\WINDOWS\system32\nvuaudio.exe
2008-12-01 12:38:44 ----A---- C:\WINDOWS\system32\nvuide.exe
2008-12-01 12:38:05 ----A---- C:\WINDOWS\system32\nvuenet.exe
2008-12-01 12:38:03 ----A---- C:\WINDOWS\system32\nvusmb.exe
2008-12-01 12:38:00 ----A---- C:\WINDOWS\system32\NVUNINST.EXE
2008-12-01 12:38:00 ----A---- C:\WINDOWS\system32\nvumctl.exe
2008-12-01 12:37:42 ----A---- C:\WINDOWS\system32\nvugart.exe
2008-12-01 12:37:41 ----D---- C:\WINDOWS\system32\ReinstallBackups
2008-12-01 12:37:04 ----D---- C:\Program Files\Common Files\InstallShield
2008-12-01 12:36:24 ----D---- C:\NVIDIA
2008-12-01 12:35:40 ----SHD---- C:\RECYCLER
2008-12-01 12:35:12 ----A---- C:\WINDOWS\system32\XAudio2_2.dll
2008-12-01 12:35:12 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll
2008-12-01 12:35:12 ----A---- C:\WINDOWS\system32\xactengine3_2.dll
2008-12-01 12:35:11 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
2008-12-01 12:35:11 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll
2008-12-01 12:35:10 ----A---- C:\WINDOWS\system32\D3DX9_39.dll
2008-12-01 12:35:09 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
2008-12-01 12:35:09 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
2008-12-01 12:35:09 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
2008-12-01 12:35:08 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
2008-12-01 12:35:08 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
2008-12-01 12:35:08 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
2008-12-01 12:35:07 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
2008-12-01 12:35:06 ----A---- C:\WINDOWS\system32\XAudio2_0.dll
2008-12-01 12:35:06 ----A---- C:\WINDOWS\system32\xactengine3_0.dll
2008-12-01 12:35:06 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll
2008-12-01 12:35:05 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
2008-12-01 12:35:05 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll
2008-12-01 12:35:04 ----A---- C:\WINDOWS\system32\xactengine2_10.dll
2008-12-01 12:35:04 ----A---- C:\WINDOWS\system32\D3DX9_37.dll
2008-12-01 12:35:02 ----A---- C:\WINDOWS\system32\d3dx9_36.dll
2008-12-01 12:35:02 ----A---- C:\WINDOWS\system32\d3dx10_36.dll
2008-12-01 12:35:02 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll
2008-12-01 12:35:01 ----A---- C:\WINDOWS\system32\xactengine2_9.dll
2008-12-01 12:35:00 ----A---- C:\WINDOWS\system32\d3dx9_35.dll
2008-12-01 12:35:00 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
2008-12-01 12:35:00 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll
2008-12-01 12:34:59 ----A---- C:\WINDOWS\system32\xactengine2_8.dll
2008-12-01 12:34:59 ----A---- C:\WINDOWS\system32\X3DAudio1_2.dll
2008-12-01 12:34:58 ----A---- C:\WINDOWS\system32\d3dx9_34.dll
2008-12-01 12:34:58 ----A---- C:\WINDOWS\system32\d3dx10_34.dll
2008-12-01 12:34:58 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll
2008-12-01 12:34:57 ----A---- C:\WINDOWS\system32\xinput1_3.dll
2008-12-01 12:34:57 ----A---- C:\WINDOWS\system32\xactengine2_7.dll
2008-12-01 12:34:56 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
2008-12-01 12:34:56 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
2008-12-01 12:34:54 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
2008-12-01 12:34:53 ----A---- C:\WINDOWS\system32\xactengine2_6.dll
2008-12-01 12:34:53 ----A---- C:\WINDOWS\system32\xactengine2_5.dll
2008-12-01 12:34:53 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2008-12-01 12:34:52 ----A---- C:\WINDOWS\system32\xactengine2_4.dll
2008-12-01 12:34:52 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
2008-12-01 12:34:52 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll
2008-12-01 12:34:52 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
2008-12-01 12:34:51 ----A---- C:\WINDOWS\system32\xinput1_2.dll
2008-12-01 12:34:51 ----A---- C:\WINDOWS\system32\xinput1_1.dll
2008-12-01 12:34:51 ----A---- C:\WINDOWS\system32\xactengine2_2.dll
2008-12-01 12:34:51 ----A---- C:\WINDOWS\system32\xactengine2_1.dll
2008-12-01 12:34:50 ----A---- C:\WINDOWS\system32\xactengine2_0.dll
2008-12-01 12:34:50 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll
2008-12-01 12:34:50 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2008-12-01 12:34:49 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
2008-12-01 12:34:49 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
2008-12-01 12:34:49 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
2008-12-01 12:34:49 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
2008-12-01 12:34:48 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
2008-12-01 12:34:48 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
2008-12-01 12:34:47 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
2008-12-01 12:34:40 ----D---- C:\WINDOWS\Logs
2008-12-01 12:32:14 ----D---- C:\Documents and Settings\Andy\Application Data\ESET
2008-12-01 12:31:31 ----D---- C:\Documents and Settings\All Users\Application Data\ESET
2008-12-01 12:30:08 ----D---- C:\Documents and Settings\Andy\Application Data\Identities
2008-12-01 12:30:07 ----HD---- C:\Program Files\Uninstall Information
2008-12-01 12:30:03 ----ASH---- C:\Documents and Settings\Andy\Application Data\desktop.ini
2008-12-01 12:30:02 ----SD---- C:\Documents and Settings\Andy\Application Data\Microsoft
2008-12-01 12:29:13 ----D---- C:\WINDOWS\SoftwareDistribution
2008-12-01 12:29:11 ----SD---- C:\WINDOWS\system32\Microsoft
2008-12-01 12:29:11 ----D---- C:\WINDOWS\Prefetch
2008-12-01 12:29:10 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-12-01 12:25:11 ----D---- C:\WINDOWS\system32\xircom
2008-12-01 12:25:11 ----D---- C:\Program Files\xerox
2008-12-01 12:25:11 ----D---- C:\Program Files\microsoft frontpage
2008-12-01 12:24:48 ----A---- C:\WINDOWS\control.ini
2008-12-01 12:24:48 ----A---- C:\AUTOEXEC.BAT
2008-12-01 12:24:33 ----A---- C:\WINDOWS\OEWABLog.txt
2008-12-01 12:24:28 ----A---- C:\WINDOWS\system32\mapi32.dll
2008-12-01 12:23:32 ----SD---- C:\WINDOWS\Downloaded Program Files
2008-12-01 12:23:32 ----RD---- C:\WINDOWS\Offline Web Pages
2008-12-01 12:23:32 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2008-12-01 12:23:26 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2008-12-01 12:23:21 ----HD---- C:\Program Files\WindowsUpdate
2008-12-01 12:22:53 ----D---- C:\WINDOWS\system32\DirectX
2008-12-01 12:22:27 ----A---- C:\WINDOWS\system32\atrace.dll
2008-12-01 12:22:24 ----A---- C:\WINDOWS\system32\desktop.ini
2008-12-01 12:22:24 ----A---- C:\WINDOWS\desktop.ini
2008-12-01 12:22:16 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2008-12-01 12:22:14 ----D---- C:\Program Files\Common Files\Services
2008-12-01 12:22:14 ----A---- C:\WINDOWS\system32\acctres.dll
2008-12-01 12:22:10 ----SD---- C:\WINDOWS\Tasks
2008-12-01 12:22:10 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2008-12-01 12:22:09 ----D---- C:\Program Files\Common Files\MSSoap
2008-12-01 12:22:05 ----D---- C:\WINDOWS\srchasst
2008-12-01 12:22:04 ----D---- C:\WINDOWS\system32\Macromed
2008-12-01 12:22:00 ----A---- C:\WINDOWS\system32\wuweb.dll
2008-12-01 12:22:00 ----A---- C:\WINDOWS\system32\wucltui.dll
2008-12-01 12:22:00 ----A---- C:\WINDOWS\system32\wuauserv.dll
2008-12-01 12:22:00 ----A---- C:\WINDOWS\system32\wuaueng1.dll
2008-12-01 12:21:59 ----A---- C:\WINDOWS\system32\wups.dll
2008-12-01 12:21:59 ----A---- C:\WINDOWS\system32\wuaueng.dll
2008-12-01 12:21:59 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2008-12-01 12:21:59 ----A---- C:\WINDOWS\system32\wuauclt.exe
2008-12-01 12:21:59 ----A---- C:\WINDOWS\system32\wuapi.dll
2008-12-01 12:21:59 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2008-12-01 12:21:59 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2008-12-01 12:21:58 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2008-12-01 12:21:58 ----A---- C:\WINDOWS\system32\qmgr.dll
2008-12-01 12:21:54 ----D---- C:\Program Files\Movie Maker
2008-12-01 12:21:50 ----A---- C:\WINDOWS\system32\safrslv.dll
2008-12-01 12:21:49 ----A---- C:\WINDOWS\system32\safrdm.dll
2008-12-01 12:21:49 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2008-12-01 12:21:49 ----A---- C:\WINDOWS\system32\racpldlg.dll
2008-12-01 12:21:46 ----A---- C:\WINDOWS\system32\fltlib.dll
2008-12-01 12:21:45 ----D---- C:\WINDOWS\system32\Restore
2008-12-01 12:21:45 ----A---- C:\WINDOWS\system32\srsvc.dll
2008-12-01 12:21:45 ----A---- C:\WINDOWS\system32\srrstr.dll
2008-12-01 12:21:45 ----A---- C:\WINDOWS\system32\srclient.dll
2008-12-01 12:21:45 ----A---- C:\WINDOWS\system32\fltMc.exe
2008-12-01 12:21:44 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2008-12-01 12:21:44 ----A---- C:\WINDOWS\system32\ils.dll
2008-12-01 12:21:43 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2008-12-01 12:21:43 ----A---- C:\WINDOWS\system32\msconf.dll
2008-12-01 12:21:43 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2008-12-01 12:21:43 ----A---- C:\WINDOWS\system32\mnmdd.dll
2008-12-01 12:21:40 ----D---- C:\Program Files\NetMeeting
2008-12-01 12:21:40 ----A---- C:\WINDOWS\system32\msoert2.dll
2008-12-01 12:21:40 ----A---- C:\WINDOWS\system32\msoeacct.dll
2008-12-01 12:21:39 ----A---- C:\WINDOWS\system32\inetres.dll
2008-12-01 12:21:38 ----A---- C:\WINDOWS\system32\inetcomm.dll
2008-12-01 12:21:37 ----D---- C:\Program Files\Outlook Express
2008-12-01 12:21:36 ----A---- C:\WINDOWS\system32\schedsvc.dll
2008-12-01 12:21:36 ----A---- C:\WINDOWS\system32\mstinit.exe
2008-12-01 12:21:36 ----A---- C:\WINDOWS\system32\mstask.dll
2008-12-01 12:21:36 ----A---- C:\WINDOWS\system32\icwphbk.dll
2008-12-01 12:21:35 ----A---- C:\WINDOWS\system32\isign32.dll
2008-12-01 12:21:35 ----A---- C:\WINDOWS\system32\inetcfg.dll
2008-12-01 12:21:35 ----A---- C:\WINDOWS\system32\icwdial.dll
2008-12-01 12:21:27 ----D---- C:\Program Files\Common Files\System
2008-12-01 12:21:26 ----D---- C:\Program Files\Internet Explorer
2008-12-01 12:20:48 ----D---- C:\Program Files\ComPlus Applications
2008-12-01 12:20:46 ----A---- C:\WINDOWS\vbaddin.ini
2008-12-01 12:20:46 ----A---- C:\WINDOWS\vb.ini
2008-12-01 12:20:40 ----D---- C:\WINDOWS\Registration
2008-12-01 12:20:32 ----D---- C:\Program Files\Online Services
2008-12-01 12:20:31 ----D---- C:\Program Files\Windows Media Player
2008-12-01 12:20:24 ----D---- C:\Program Files\Messenger
2008-12-01 12:20:20 ----D---- C:\Program Files\MSN Gaming Zone
2008-12-01 12:20:20 ----A---- C:\WINDOWS\system32\write.exe
2008-12-01 12:20:06 ----A---- C:\WINDOWS\system32\sndvol32.exe
2008-12-01 12:20:06 ----A---- C:\WINDOWS\system32\hticons.dll
2008-12-01 12:20:05 ----A---- C:\WINDOWS\system32\avwav.dll
2008-12-01 12:20:05 ----A---- C:\WINDOWS\system32\avtapi.dll
2008-12-01 12:20:05 ----A---- C:\WINDOWS\system32\avmeter.dll
2008-12-01 12:20:04 ----A---- C:\WINDOWS\system32\winchat.exe
2008-12-01 12:19:54 ----A---- C:\WINDOWS\system32\getuname.dll
2008-12-01 12:19:54 ----A---- C:\WINDOWS\system32\charmap.exe
2008-12-01 12:19:54 ----A---- C:\WINDOWS\system32\calc.exe
2008-12-01 12:19:53 ----A---- C:\WINDOWS\system32\winmine.exe
2008-12-01 12:19:53 ----A---- C:\WINDOWS\system32\sol.exe
2008-12-01 12:19:53 ----A---- C:\WINDOWS\system32\mshearts.exe
2008-12-01 12:19:52 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2008-12-01 12:19:52 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2008-12-01 12:19:52 ----A---- C:\WINDOWS\system32\tslabels.ini
2008-12-01 12:19:52 ----A---- C:\WINDOWS\system32\tskill.exe
2008-12-01 12:19:52 ----A---- C:\WINDOWS\system32\reset.exe
2008-12-01 12:19:52 ----A---- C:\WINDOWS\system32\freecell.exe
2008-12-01 12:19:51 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2008-12-01 12:19:51 ----A---- C:\WINDOWS\system32\tscon.exe
2008-12-01 12:19:51 ----A---- C:\WINDOWS\system32\shadow.exe
2008-12-01 12:19:51 ----A---- C:\WINDOWS\system32\rwinsta.exe
2008-12-01 12:19:51 ----A---- C:\WINDOWS\system32\regini.exe
2008-12-01 12:19:51 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2008-12-01 12:19:51 ----A---- C:\WINDOWS\system32\qwinsta.exe
2008-12-01 12:19:51 ----A---- C:\WINDOWS\system32\qappsrv.exe
2008-12-01 12:19:51 ----A---- C:\WINDOWS\system32\msg.exe
2008-12-01 12:19:50 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2008-12-01 12:19:50 ----A---- C:\WINDOWS\system32\logoff.exe
2008-12-01 12:19:50 ----A---- C:\WINDOWS\system32\cdmodem.dll
2008-12-01 12:19:49 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2008-12-01 12:19:49 ----A---- C:\WINDOWS\system32\mtxex.dll
2008-12-01 12:19:49 ----A---- C:\WINDOWS\system32\mtxdm.dll
2008-12-01 12:19:49 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2008-12-01 12:19:49 ----A---- C:\WINDOWS\system32\comrepl.dll
2008-12-01 12:19:49 ----A---- C:\WINDOWS\system32\comaddin.dll
2008-12-01 12:19:48 ----A---- C:\WINDOWS\system32\stclient.dll
2008-12-01 12:19:48 ----A---- C:\WINDOWS\system32\comsnap.dll
2008-12-01 12:19:41 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2008-12-01 12:19:30 ----D---- C:\Program Files\MSN
2008-12-01 12:19:29 ----A---- C:\WINDOWS\system32\accwiz.exe
2008-12-01 12:19:28 ----D---- C:\Program Files\Windows NT
2008-12-01 12:19:28 ----A---- C:\WINDOWS\system32\sndrec32.exe
2008-12-01 12:19:28 ----A---- C:\WINDOWS\system32\mplay32.exe
2008-12-01 12:19:28 ----A---- C:\WINDOWS\system32\hypertrm.dll
2008-12-01 12:19:27 ----A---- C:\WINDOWS\system32\spider.exe
2008-12-01 12:19:27 ----A---- C:\WINDOWS\system32\mspaint.exe
2008-12-01 12:19:27 ----A---- C:\WINDOWS\system32\clipbrd.exe
2008-12-01 12:19:26 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2008-12-01 12:19:26 ----A---- C:\WINDOWS\system32\remotepg.dll
2008-12-01 12:19:26 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2008-12-01 12:19:26 ----A---- C:\WINDOWS\system32\mstscax.dll
2008-12-01 12:19:26 ----A---- C:\WINDOWS\system32\mstsc.exe
2008-12-01 12:19:25 ----A---- C:\WINDOWS\system32\tscupgrd.exe
2008-12-01 12:19:25 ----A---- C:\WINDOWS\system32\termsrv.dll
2008-12-01 12:19:25 ----A---- C:\WINDOWS\system32\sessmgr.exe
2008-12-01 12:19:25 ----A---- C:\WINDOWS\system32\rdshost.exe
2008-12-01 12:19:25 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2008-12-01 12:19:25 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2008-12-01 12:19:25 ----A---- C:\WINDOWS\system32\rdpclip.exe
2008-12-01 12:19:25 ----A---- C:\WINDOWS\system32\rdchost.dll
2008-12-01 12:19:24 ----D---- C:\WINDOWS\system32\MsDtc
2008-12-01 12:19:24 ----A---- C:\WINDOWS\system32\qprocess.exe
2008-12-01 12:19:24 ----A---- C:\WINDOWS\system32\mtxoci.dll
2008-12-01 12:19:24 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2008-12-01 12:19:24 ----A---- C:\WINDOWS\system32\icaapi.dll
2008-12-01 12:19:24 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2008-12-01 12:19:23 ----A---- C:\WINDOWS\system32\xolehlp.dll
2008-12-01 12:19:23 ----A---- C:\WINDOWS\system32\msdtctm.dll
2008-12-01 12:19:23 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2008-12-01 12:19:23 ----A---- C:\WINDOWS\system32\msdtclog.dll
2008-12-01 12:19:23 ----A---- C:\WINDOWS\system32\msdtc.exe
2008-12-01 12:19:22 ----D---- C:\WINDOWS\system32\Com
2008-12-01 12:19:22 ----A---- C:\WINDOWS\system32\colbact.dll
2008-12-01 12:19:22 ----A---- C:\WINDOWS\system32\clbcatex.dll
2008-12-01 12:19:22 ----A---- C:\WINDOWS\system32\catsrvut.dll
2008-12-01 12:19:22 ----A---- C:\WINDOWS\system32\catsrvps.dll
2008-12-01 12:19:21 ----A---- C:\WINDOWS\system32\comuid.dll
2008-12-01 12:19:21 ----A---- C:\WINDOWS\system32\comsvcs.dll
2008-12-01 12:19:21 ----A---- C:\WINDOWS\system32\clbcatq.dll
2008-12-01 12:19:21 ----A---- C:\WINDOWS\system32\catsrv.dll
2008-12-01 12:19:12 ----A---- C:\WINDOWS\system32\servdeps.dll
2008-12-01 12:19:12 ----A---- C:\WINDOWS\system32\mmfutil.dll
2008-12-01 12:19:12 ----A---- C:\WINDOWS\system32\licwmi.dll
2008-12-01 12:19:12 ----A---- C:\WINDOWS\system32\cmprops.dll
2008-11-20 22:45:30 ----A---- C:\WINDOWS\system32\xfcodec.dll

======List of files/folders modified in the last 1 months======

2008-12-01 14:14:01 ----A---- C:\WINDOWS\system.ini
2008-12-01 12:24:48 ----A---- C:\WINDOWS\win.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK7;AMD K7 Processor Driver; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2004-08-04 37376]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [2008-12-04 101776]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\WINDOWS\System32\DRIVERS\cmdhlp.sys [2008-12-01 31504]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2003-04-24 730092]
R3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-05-16 6557408]
R3 NVENET;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENET.sys [2004-01-29 93764]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-04 26624]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-04 57600]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-04 17024]
S3 catchme;catchme; \??\C:\DOCUME~1\Andy\LOCALS~1\Temp\catchme.sys []
S3 nvax;Service for NVIDIA® nForce™ Audio Enumerator; C:\WINDOWS\system32\drivers\nvax.sys [2004-05-25 48640]
S3 nvnforce;Service for NVIDIA® nForce™ Audio; C:\WINDOWS\system32\drivers\nvapu.sys [2004-05-25 396032]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-04 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aawservice;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [2008-09-10 611664]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2008-12-04 618232]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-05-16 159812]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2008-12-01 66872]

-----------------EOF-----------------


info.txt logfile of random's system information tool 1.04 2008-12-04 14:10:24

======Uninstall list======

-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Ad-Aware-->MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Call of Duty - United Offensive-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{A662E280-64A8-4CF5-8407-13D0808602B3}
Call of Duty-->D:\CALLOF~1\Uninstall\Unwise.exe /u D:\CALLOF~1\Uninstall\Install.log
COMODO Internet Security-->C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe -u
HD Tune Pro 3.10-->"C:\Program Files\HD Tune Pro\unins000.exe"
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Mozilla Firefox (3.0.4)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
NVIDIA Drivers-->C:\WINDOWS\system32\nvuninst.exe UninstallGUI
NvMixer-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D7A6C517-11F2-419F-B5BB-27772B939698}\Setup.exe" -uninstall
Realtek AC'97 Audio-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" REMOVE
TeamSpeak 2 RC2-->"C:\Program Files\Teamspeak2_RC2\unins000.exe"
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe
Xfire (remove only)-->"C:\Program Files\Xfire\uninst.exe"
Yahoo! Messenger-->C:\PROGRA~1\Yahoo!\MESSEN~1\UNWISE.EXE /U C:\PROGRA~1\Yahoo!\MESSEN~1\INSTALL.LOG

======Hosts File======

127.0.0.1 localhost

======Security center information======

FW: COMODO Firewall

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 10 Stepping 0, AuthenticAMD
"PROCESSOR_REVISION"=0a00
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP

-----------------EOF-----------------

I would really like to know if i have more infections,how do i get rid of them and with what kind of program will i manage to stop them from entering in my pc.

BC AdBot (Login to Remove)

 


#2 extremeboy

extremeboy

  • Malware Response Team
  • 12,975 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:31 PM

Posted 09 December 2008 - 08:23 PM

Hi

My name is Extremeboy (or EB for short), and I will be helping you with your log.

I apologize for the delay in response. We get overwhelmed with logs at times, but we are trying our best to keep up. If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following so I can have a look at the current condition of your machine.

If you do not make a reply in 5 days, we will need to close your topic.

You may want to keep the link to this topic in your favourites. Alternatively, you can click the Posted Image button at the top bar of this topic and Track this Topic. The topics you are tracking can be found here.

Please take note of some guidelines for this fix:
  • Refrain from making any changes to your computer including installing/uninstall programs, deleting files, modifying the registry, and running scanners or tools. Doing so could cause changes to the directions I have to give you and prolong the time required. Further more, you should not be taking any advice relating to this computer from any other source throughout the course of this fix.
  • If you do not understand any step(s) provided, please do not hesitate to ask before continuing. I would much rather clarify instructions or explain them differently than have something important broken.
  • Even if things appear to be better, it might not mean we are finished. Please continue to follow my instructions and reply back until I give you the "all clean". We do not want to clean you part-way, only to have the system re-infect itself.
  • Please reply using the Posted Image button in the lower right hand corner of your screen. Do not start a new topic. The logs that you post should be pasted directly into the reply. Only attach them if requested or if they do not fit into the post.
  • Old topics are closed after 3 days with no reply, and working topics are closed after 5 days. If for any reason you cannot complete instructions within that time, that's fine, just post back here so that we know you're still here.
Download and Run OTViewit
  • Please download OTViewIt by OldTimer.
  • Save it to your desktop.
  • Double click on the Posted Image icon on your desktop.
  • Click the "Scan All Users" checkbox.
  • Push the Posted Image button.
  • Two reports will open, copy and paste them in a reply here:
  • OTViewIt.txt <-- Will be opened
  • Extra.txt <-- Will be minimized
Run Kaspersky Online Scanner
Please do a scan with Kaspersky Online Scanner.

This scan is for Internet Explorer only.

If you are using Windows Vista, open your browser by right-clicking on its icon and select Run as administrator to perform this scan.
  • Open the Kaspersky Scanner page.
  • Click on Accept and install any components it needs.
  • The program will install and then begin downloading the latest definition files.
  • After the files have been downloaded on the left side of the page in the Scan section select My Computer
  • This will start the program and scan your system.
  • The scan will take a while, so be patient and let it run.
  • Once the scan is complete, click on View scan report
  • Now, click on the Save Report as button.
  • Save the file to your desktop.
  • Copy and paste that information in your next post.
You can refer to this animation by sundavis.

In your next reply please include the following:
  • OTViewIt.txt
  • Extra.txt
  • Kaspersky's Log

Important Note: For other users who are reading this topic,the instructions provided in this topic are for the original topic starter ONLY. Even if you have similar problems or even log entries to those given here, please do not follow the directions, especially those involving specific tools and scripts. Doing so can result in serious damage to your computer. Instead, please start your own topic and feel free to link to any relevant topics as needed.Please Do NOT follow the instructions provided for this topic.

With Regards,
Extremeboy
Note: Please do not PM me asking for help, instead please post it in the correct forum requesting for help. Help requests via the PM system will be ignored.

If I'm helping you and I don't reply within 48 hours please feel free to send me a PM.

The help you receive here is always free but if you wish to show your appreciation, you may wish to Posted Image.

#3 Andy8

Andy8
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:01:31 AM

Posted 10 December 2008 - 09:06 AM

Hi extremeboy,
First of all,no apologies are needed.I see that @ 30-40 logs appear everyday and it is hard to check all of them,i understand that.Thank you for you answer.Now,since i had posted my log,i think i had installed maybe 1 program and one game and also i have deleted like .txt files created by me but that's all.I have not cleaned or scanned my pc with another program and i have not created changements in my pc. Here are the logs:
Kaspersky:
--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7 REPORT
Wednesday, December 10, 2008
Operating System: Microsoft Windows XP Professional Service Pack 2 (build 2600)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Wednesday, December 10, 2008 09:05:56
Records in database: 1449457
--------------------------------------------------------------------------------

Scan settings:
Scan using the following database: extended
Scan archives: yes
Scan mail databases: yes

Scan area - My Computer:
C:\
D:\
E:\
F:\

Scan statistics:
Files scanned: 18916
Threat name: 1
Infected objects: 2
Suspicious objects: 0
Duration of the scan: 00:49:26


File name / Threat name / Threats count
C:\Documents and Settings\Andy\Desktop\coduo_minimizer.exe Infected: Backdoor.Win32.Delf.ijc 1
C:\Documents and Settings\Andy\Desktop\coduo_minimizer115a.zip Infected: Backdoor.Win32.Delf.ijc 1

The selected area was scanned.

and the two reports
Attached File  Extras.Txt   21.19KB   6 downloads
Attached File  OTViewIt.Txt   325.78KB   31 downloads

#4 extremeboy

extremeboy

  • Malware Response Team
  • 12,975 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:31 PM

Posted 10 December 2008 - 04:44 PM

Hello Andy8.

First of all,no apologies are needed.I see that @ 30-40 logs appear everyday and it is hard to check all of them,i understand that.Thank you for you answer.Now,since i had posted my log,i think i had installed maybe 1 program and one game and also i have deleted like .txt files created by me but that's all.I have not cleaned or scanned my pc with another program and i have not created changements in my pc. Here are the logs:

Thanks for understanding the situation here, there are over 600 logs that needs to be answered :thumbsup:

Don't worry about that one program, just refrain from making any changes from now on. Also can you please re-run with OTViewIT and this time don't attach it, it's harder to read and analyze that way. Just post it directly onto this topic.

With Regards,
Extremeboy
Note: Please do not PM me asking for help, instead please post it in the correct forum requesting for help. Help requests via the PM system will be ignored.

If I'm helping you and I don't reply within 48 hours please feel free to send me a PM.

The help you receive here is always free but if you wish to show your appreciation, you may wish to Posted Image.

#5 Andy8

Andy8
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:01:31 AM

Posted 11 December 2008 - 04:41 AM

Sorry because i didn't paste the log directly here,but i didn't want to "charge" the page up with the long log.I did the scan again and here are my logs:
OTViewIt logfile created on: 12/11/2008 11:39:05 AM - Run 2
OTViewIt by OldTimer - Version 1.0.20.1 Folder = C:\Documents and Settings\Andy\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1023.48 Mb Total Physical Memory | 623.02 Mb Available Physical Memory | 60.87% Memory free
2.40 Gb Paging File | 2.09 Gb Available in Paging File | 86.89% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 8.69 Gb Total Space | 3.16 Gb Free Space | 36.35% Space Free | Partition Type: NTFS
Drive D: | 29.59 Gb Total Space | 22.84 Gb Free Space | 77.20% Space Free | Partition Type: NTFS
Drive E: | 3.94 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ANDY-65D25A1FE7
Current User Name: Andy
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Whitelist: On
File Age = 30 Days

========== Processes ==========

[2008/09/10 13:01:28 | 00,611,664 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
[2003/04/24 16:53:54 | 00,054,784 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE
[2008/12/04 07:03:36 | 01,797,880 | ---- | M] () -- C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
[2004/08/04 14:00:00 | 00,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rundll32.exe
[2008/12/07 21:26:56 | 00,136,600 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
[2008/12/04 07:03:35 | 00,618,232 | ---- | M] () -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
[2008/12/07 21:26:55 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
[2008/05/16 14:01:00 | 00,159,812 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
[2008/12/01 15:01:29 | 00,066,872 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrA.exe
[2004/08/04 14:00:00 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe
[2004/08/04 14:00:00 | 00,138,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sndvol32.exe
[2008/10/31 22:55:59 | 00,307,712 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
[2008/11/05 21:59:00 | 04,347,120 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
[2004/08/04 14:00:00 | 00,218,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvse.exe
[2008/12/10 14:35:48 | 00,423,424 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Andy\Desktop\OTViewIt.exe

========== (O23) Win32 Services ==========

[2008/09/10 13:01:28 | 00,611,664 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe -- (aawservice [Auto | Running])
[2008/12/04 07:03:35 | 00,618,232 | ---- | M] () -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent [Auto | Running])
[2008/12/07 21:26:55 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running])
[2008/05/16 14:01:00 | 00,159,812 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc [Auto | Running])
[2008/12/01 15:01:29 | 00,066,872 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrA.exe -- (PnkBstrA [Auto | Running])

========== Driver Services ==========

[2003/04/24 23:48:02 | 00,730,092 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM [On_Demand | Running])
[2004/08/04 14:00:00 | 00,037,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\amdk7.sys -- (AmdK7 [System | Running])
[2004/11/05 04:17:52 | 00,334,816 | ---- | M] (Philips Semiconductors) -- C:\WINDOWS\system32\drivers\Cap7134.sys -- (Cap7134 [On_Demand | Running])
[2008/12/04 07:03:37 | 00,101,776 | ---- | M] (COMODO) -- C:\WINDOWS\system32\drivers\cmdguard.sys -- (cmdGuard [System | Running])
[2008/12/01 13:11:07 | 00,031,504 | ---- | M] (COMODO) -- C:\WINDOWS\system32\drivers\cmdhlp.sys -- (cmdHlp [System | Running])
[2008/05/29 12:33:10 | 00,027,672 | R--- | M] (EnTech Taiwan) -- C:\WINDOWS\system32\drivers\Entech.sys -- (ENTECH [On_Demand | Stopped])
[2003/10/10 12:06:40 | 00,004,134 | ---- | M] () -- C:\WINDOWS\system32\drivers\FlyPCI.sys -- (FlyPCI [On_Demand | Stopped])
[2004/08/04 01:08:22 | 00,010,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum [On_Demand | Running])
[2008/12/01 13:11:07 | 00,079,504 | ---- | M] (COMODO) -- C:\WINDOWS\system32\drivers\inspect.sys -- (Inspect [Boot | Running])
[2001/08/17 16:00:04 | 00,002,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401 [On_Demand | Running])
[2008/05/16 14:01:00 | 06,557,408 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv [On_Demand | Running])
[2004/06/03 10:40:46 | 00,079,360 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nvatabus.sys -- (nvatabus [Boot | Running])
[2004/05/25 15:58:02 | 00,048,640 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nvax.sys -- (nvax [On_Demand | Stopped])
[2004/01/29 01:45:50 | 00,093,764 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\NVENET.sys -- (NVENET [On_Demand | Running])
[2004/05/25 15:58:04 | 00,396,032 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nvapu.sys -- (nvnforce [On_Demand | Stopped])
[2004/04/02 15:40:00 | 00,021,760 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nv_agp.SYS -- (nv_agp [Boot | Running])
[2004/08/04 14:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink [On_Demand | Running])
[2004/08/04 14:00:00 | 00,027,440 | ---- | M] () -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv [On_Demand | Stopped])
[2008/12/10 17:20:19 | 00,611,064 | ---- | M] () -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd [Boot | Running])
[2004/08/04 14:00:00 | 00,012,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ws2ifsl.sys -- (WS2IFSL [Disabled | Stopped])

========== (R ) Internet Explorer ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main]
"Default_Page_URL"=http://go.microsoft.com/fwlink/?LinkId=69157
"Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896
"Default_Secondary_Page_URL"=
"Extensions Off Page"=about:NoAdd-ons
"Local Page"=%SystemRoot%\system32\blank.htm
"Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896
"Security Risk Page"=about:SecurityRisk
"Start Page"=http://go.microsoft.com/fwlink/?LinkId=69157

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search]
"CustomizeSearch"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
"SearchAssistant"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main]
"Local Page"=C:\WINDOWS\system32\blank.htm
"Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
"Start Page"=http://www.google.ro/

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main]

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main]

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main]

[HKEY_USERS\S-1-5-21-57989841-2000478354-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main]
"Local Page"=C:\WINDOWS\system32\blank.htm
"Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
"Start Page"=http://www.google.ro/

[HKEY_USERS\S-1-5-21-57989841-2000478354-839522115-1003\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-57989841-2000478354-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0

========== (O1) Hosts File ==========

HOSTS File = (686 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
First 25 entries...
127.0.0.1 localhost

========== (O2) BHO's ==========

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (HKLM) -- C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
{DBC80044-A445-435b-BC74-9C25C1C588A9} (HKLM) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
{E7E6F031-17CE-4C07-BC86-EABFE594F69C} (HKLM) -- C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)

========== (O4) Run Keys ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"COMODO Internet Security"="C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h ()
"DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 (DT Soft Ltd.)
"NvCplDaemon"=RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup (NVIDIA Corporation)
"NvMediaCenter"=RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit (NVIDIA Corporation)
"NVMixerTray"="C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe" (NVIDIA Corporation)
"nwiz"=nwiz.exe /install ()
"SoundMan"=SOUNDMAN.EXE (Realtek Semiconductor Corp.)
"SunJavaUpdateSched"="C:\Program Files\Java\jre6\bin\jusched.exe" (Sun Microsystems, Inc.)

========== (O4) Startup Folders ==========


========== (O6 & O7) Current Version Policies ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145

[HKEY_USERS\S-1-5-21-57989841-2000478354-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145

========== (O9) IE Extensions ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
{FB5F1910-F110-11d2-BB9E-00C04F795683}: Button: Messenger -- %ProgramFiles%\Messenger\msmsgs.exe [2004/08/04 01:06:34 | 01,667,584 | ---- | M] (Microsoft Corporation)
{FB5F1910-F110-11d2-BB9E-00C04F795683}: Menu: Windows Messenger -- %ProgramFiles%\Messenger\msmsgs.exe [2004/08/04 01:06:34 | 01,667,584 | ---- | M] (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2004/08/04 01:06:34 | 01,667,584 | ---- | M] (Microsoft Corporation)

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2004/08/04 01:06:34 | 01,667,584 | ---- | M] (Microsoft Corporation)

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2004/08/04 01:06:34 | 01,667,584 | ---- | M] (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-57989841-2000478354-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2004/08/04 01:06:34 | 01,667,584 | ---- | M] (Microsoft Corporation)

========== (O12) Internet Explorer Plugins ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\]
PluginsPage: "" = http://activex.microsoft.com/controls/find...=%s&mime=%s
PluginsPageFriendlyName: "" = Microsoft ActiveX Gallery

========== (O13) Default Prefixes ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix]
""=http://

========== (O15) Trusted Sites ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
1 domain(s) and sub-domain(s) not assigned to a zone.

========== (O16) DPF ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\]
{8AD9C840-044E-11D1-B3E9-00805F499D93}: http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab -- Java Plug-in 1.6.0_11
{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab -- Java Plug-in 1.6.0_11
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab -- Java Plug-in 1.6.0_11

========== (O17) DNS Name Servers ==========

{1594793C-A9D9-4254-A96C-BBE67072DF96} (Servers: | Description: NVIDIA nForce Networking Controller)
{94469ED7-F758-4CA1-B43D-3CE01B03E6C8} (Servers: | Description: )

========== (O20) AppInit_DLLs ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_Dlls"=C:\WINDOWS\system32\guard32.dll
>[2008/12/04 07:03:37 | 00,147,192 | ---- | M] () -- C:\WINDOWS\system32\guard32.dll

========== Safeboot Options ==========

"AlternateShell"=cmd.exe

========== CDRom AutoRun Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]
"AutoRun" = 1

========== Autorun Files on Drives ==========

AUTOEXEC.BAT []
[2008/12/01 12:24:48 | 00,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT -- [ NTFS ]

========== Files/Folders - Created Within 30 Days ==========

[1 C:\WINDOWS\System32\*.tmp files]
[3 C:\WINDOWS\*.tmp files]
[2008/12/10 21:54:50 | 00,090,624 | ---- | C] () -- C:\Documents and Settings\Andy\My Documents\referat...sistemul muscular.doc
[2008/12/10 21:45:57 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Andy\Desktop\www.referat.ro-aditivi0947d
[2008/12/10 21:45:27 | 00,067,580 | ---- | C] () -- C:\Documents and Settings\Andy\Desktop\www.referat.ro-aditivi0947d.zip
[2008/12/10 21:24:44 | 00,004,134 | ---- | C] () -- C:\WINDOWS\System32\drivers\FlyPCI.sys
[2008/12/10 21:24:09 | 00,000,000 | ---D | C] -- C:\Program Files\FLY2000TV
[2008/12/10 21:23:57 | 00,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\MSTEE.sys
[2008/12/10 21:23:57 | 00,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstee.sys
[2008/12/10 21:23:54 | 00,010,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\NdisIP.sys
[2008/12/10 21:23:54 | 00,010,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndisip.sys
[2008/12/10 21:23:53 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipsink.ax
[2008/12/10 21:23:53 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipsink.ax
[2008/12/10 21:23:53 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\StreamIP.sys
[2008/12/10 21:23:53 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\streamip.sys
[2008/12/10 21:23:51 | 00,011,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\SLIP.sys
[2008/12/10 21:23:51 | 00,011,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\slip.sys
[2008/12/10 21:23:49 | 00,019,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\WSTCODEC.SYS
[2008/12/10 21:23:49 | 00,019,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wstcodec.sys
[2008/12/10 21:23:47 | 00,085,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\NABTSFEC.sys
[2008/12/10 21:23:47 | 00,085,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nabtsfec.sys
[2008/12/10 21:23:45 | 00,017,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\CCDECODE.sys
[2008/12/10 21:23:45 | 00,017,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ccdecode.sys
[2008/12/10 21:22:26 | 00,090,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kswdmcap.ax
[2008/12/10 21:22:26 | 00,090,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kswdmcap.ax
[2008/12/10 21:22:26 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kstvtune.ax
[2008/12/10 21:22:26 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kstvtune.ax
[2008/12/10 21:22:26 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vidcap.ax
[2008/12/10 21:22:26 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vidcap.ax
[2008/12/10 21:22:25 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vfwwdm32.dll
[2008/12/10 21:22:25 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vfwwdm32.dll
[2008/12/10 21:22:23 | 00,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksxbar.ax
[2008/12/10 21:22:23 | 00,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksxbar.ax
[2008/12/10 21:21:45 | 00,334,816 | ---- | C] (Philips Semiconductors) -- C:\WINDOWS\System32\drivers\Cap7134.sys
[2008/12/10 21:21:45 | 00,135,168 | ---- | C] (Philips Semiconductors) -- C:\WINDOWS\System32\34api.dll
[2008/12/10 21:21:45 | 00,114,688 | ---- | C] (Philips Semiconductors) -- C:\WINDOWS\System32\34com.dll
[2008/12/10 21:21:45 | 00,110,592 | ---- | C] (Philips Semiconductors) -- C:\WINDOWS\System32\prop7134.dll
[2008/12/10 21:21:44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Andy\Desktop\saa713x_2310
[2008/12/10 21:17:32 | 01,390,337 | ---- | C] () -- C:\Documents and Settings\Andy\Desktop\flysetup.exe
[2008/12/10 21:17:28 | 00,328,244 | ---- | C] () -- C:\Documents and Settings\Andy\Desktop\saa713x_2310.zip
[2008/12/10 17:21:44 | 00,000,698 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\DAEMON Tools.lnk
[2008/12/10 17:21:44 | 00,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools
[2008/12/10 17:20:19 | 00,611,064 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2008/12/10 17:15:09 | 01,530,776 | ---- | C] (DT Soft Ltd.) -- C:\Documents and Settings\Andy\My Documents\daemon406-x86.exe
[2008/12/10 14:42:57 | 00,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2008/12/10 14:42:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US
[2008/12/10 14:42:29 | 00,000,000 | -H-D | C] -- C:\WINDOWS\ie7
[2008/12/10 14:42:14 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
[2008/12/10 14:41:54 | 00,022,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spupdsvc.exe
[2008/12/10 14:41:53 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
[2008/12/10 14:41:16 | 00,014,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2008/12/10 14:41:12 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$
[2008/12/10 14:41:08 | 00,121,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xmllite.dll
[2008/12/10 14:40:29 | 15,452,536 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Andy\Desktop\IE7-WindowsXP-x86-enu.exe
[2008/12/10 14:35:47 | 00,423,424 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Andy\Desktop\OTViewIt.exe
[2008/12/07 21:32:32 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Futuremark
[2008/12/07 21:32:32 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Futuremark Shared
[2008/12/07 21:31:41 | 00,000,000 | ---D | C] -- C:\WINDOWS\Sun
[2008/12/07 21:26:52 | 00,000,000 | ---D | C] -- C:\Program Files\Java
[2008/12/07 21:26:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Andy\Application Data\Sun
[2008/12/07 21:20:10 | 00,151,954 | ---- | C] () -- C:\Documents and Settings\Andy\Desktop\614-94490-danciulescu.jpg
[2008/12/07 21:17:02 | 00,163,946 | ---- | C] () -- C:\Documents and Settings\Andy\My Documents\RRomina.JPG
[2008/12/07 21:16:58 | 00,109,033 | ---- | C] () -- C:\Documents and Settings\Andy\My Documents\RRomina 4.JPG
[2008/12/07 21:16:54 | 00,105,703 | ---- | C] () -- C:\Documents and Settings\Andy\My Documents\RRomina 3.JPG
[2008/12/07 21:16:49 | 00,118,002 | ---- | C] () -- C:\Documents and Settings\Andy\My Documents\RRomina 2.JPG
[2008/12/07 00:01:52 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Andy\Desktop\coduo_mappack
[2008/12/06 23:52:53 | 39,240,452 | ---- | C] () -- C:\Documents and Settings\Andy\Desktop\coduo_mappack.zip
[2008/12/06 22:53:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Andy\My Documents\cod minimizer
[2008/12/06 22:53:25 | 00,239,320 | ---- | C] () -- C:\Documents and Settings\Andy\My Documents\cod minimizer.rar
[2008/12/06 13:36:47 | 00,120,917 | ---- | C] () -- C:\Documents and Settings\Andy\My Documents\cod.JPG
[2008/12/04 22:41:32 | 00,218,777 | ---- | C] () -- C:\Documents and Settings\Andy\My Documents\untitled.JPG
[2008/12/04 22:03:41 | 00,088,773 | ---- | C] () -- C:\Documents and Settings\Andy\My Documents\latina 002.jpg
[2008/12/04 22:03:39 | 00,098,566 | ---- | C] () -- C:\Documents and Settings\Andy\My Documents\latina 001.jpg
[2008/12/04 14:09:48 | 00,000,000 | ---D | C] -- C:\rsit
[2008/12/04 14:09:48 | 00,000,000 | ---D | C] -- C:\Program Files\trend micro
[2008/12/04 14:08:58 | 00,305,705 | ---- | C] () -- C:\Documents and Settings\Andy\Desktop\RSIT.exe
[2008/12/03 20:03:58 | 00,245,681 | ---- | C] () -- C:\Documents and Settings\Andy\My Documents\Call Of Duty 4(128x160)-64970.jar
[2008/12/03 07:20:42 | 10,732,70784 | -HS- | C] () -- C:\hiberfil.sys
[2008/12/03 07:17:56 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2008/12/03 07:13:13 | 00,000,000 | ---D | C] -- C:\SDFix
[2008/12/03 07:12:54 | 01,529,241 | ---- | C] () -- C:\Documents and Settings\Andy\Desktop\SDFix.exe
[2008/12/03 07:11:42 | 00,049,208 | ---- | C] () -- C:\Documents and Settings\Andy\Desktop\topic131299.html
[2008/12/03 07:11:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Andy\Desktop\topic131299_files
[2008/12/02 22:57:48 | 00,000,000 | ---D | C] -- C:\Program Files\HD Tune Pro
[2008/12/02 22:57:32 | 01,138,609 | ---- | C] (EFD Software ) -- C:\Documents and Settings\Andy\Desktop\hdtunepro_310_trial.exe
[2008/12/02 15:32:33 | 00,023,980 | ---- | C] () -- C:\Documents and Settings\Andy\Desktop\1227515655-Revolver.zip
[2008/12/02 07:08:12 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Andy\Application Data\Malwarebytes
[2008/12/02 07:08:10 | 00,015,504 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2008/12/02 07:08:07 | 00,038,496 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2008/12/02 07:08:06 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2008/12/02 07:08:06 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2008/12/02 07:07:47 | 02,372,472 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Andy\Desktop\mbam-setup.exe
[2008/12/01 22:53:14 | 00,000,031 | ---- | C] () -- C:\Documents and Settings\Andy\Desktop\coduo_minimizer.ini
[2008/12/01 22:04:07 | 30,718,383 | ---- | C] () -- C:\Documents and Settings\Andy\My Documents\adrian prisecaru.wmv
[2008/12/01 20:04:09 | 00,230,912 | ---- | C] () -- C:\Documents and Settings\Andy\Desktop\coduo_minimizer.exe
[2008/12/01 20:03:49 | 00,223,940 | ---- | C] () -- C:\Documents and Settings\Andy\Desktop\coduo_minimizer115a.zip
[2008/12/01 17:09:05 | 00,012,328 | ---- | C] () -- C:\Documents and Settings\Andy\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2008/12/01 15:27:23 | 37,853,246 | ---- | C] () -- C:\Documents and Settings\Andy\Desktop\call-of-duty-1-5-patch.exe
[2008/12/01 15:07:58 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Andy\Application Data\Xfire
[2008/12/01 15:07:54 | 00,000,000 | ---D | C] -- C:\Program Files\Xfire
[2008/12/01 15:07:14 | 05,736,952 | ---- | C] () -- C:\Documents and Settings\Andy\Desktop\xfire_installer_35044.exe
[2008/12/01 15:07:02 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Andy\Application Data\teamspeak2
[2008/12/01 15:06:57 | 00,034,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\lhacm.acm
[2008/12/01 15:06:53 | 00,000,665 | ---- | C] () -- C:\Documents and Settings\Andy\Desktop\Teamspeak 2 RC2.lnk
[2008/12/01 15:06:45 | 00,000,000 | ---D | C] -- C:\Program Files\Teamspeak2_RC2
[2008/12/01 15:06:19 | 05,862,994 | ---- | C] () -- C:\Documents and Settings\Andy\Desktop\ts2_client_rc2_2032.exe
[2008/12/01 15:02:04 | 00,022,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2008/12/01 15:01:41 | 00,107,832 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2008/12/01 15:01:29 | 00,066,872 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2008/12/01 15:01:29 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles
[2008/12/01 14:56:26 | 00,278,528 | ---- | C] (By UberGames) -- C:\Documents and Settings\Andy\My Documents\Q3E Minimizer_v1.51.exe
[2008/12/01 14:48:15 | 01,483,054 | ---- | C] (Colonel Cow) -- C:\Documents and Settings\Andy\Desktop\codminimizer.exe
[2008/12/01 14:47:09 | 00,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2008/12/01 14:46:38 | 00,944,797 | ---- | C] () -- C:\Documents and Settings\Andy\Desktop\wrar300.exe
[2008/12/01 14:45:28 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Andy\Desktop\q3eminimizerv130
[2008/12/01 14:45:10 | 00,151,679 | ---- | C] () -- C:\Documents and Settings\Andy\Desktop\q3eminimizerv130.zip
[2008/12/01 14:37:54 | 12,150,6833 | ---- | C] () -- C:\Documents and Settings\Andy\Desktop\call-of-duty-united-offensive-1-51-patch.exe
[2008/12/01 14:32:44 | 00,000,319 | ---- | C] () -- C:\WINDOWS\CoDUO.INI
[2008/12/01 14:21:39 | 00,000,709 | ---- | C] () -- C:\WINDOWS\CoD.INI
[2008/12/01 14:17:10 | 00,006,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\splitter.sys
[2008/12/01 14:17:09 | 00,002,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmkaud.sys
[2008/12/01 14:17:07 | 00,142,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\aec.sys
[2008/12/01 14:17:03 | 00,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\swmidi.sys
[2008/12/01 14:17:01 | 00,004,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\MSPQM.sys
[2008/12/01 14:16:59 | 00,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\wdmaud.sys
[2008/12/01 14:16:57 | 00,052,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\DMusic.sys
[2008/12/01 14:16:56 | 00,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\MSKSSRV.sys
[2008/12/01 14:16:54 | 00,171,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\kmixer.sys
[2008/12/01 14:16:52 | 00,060,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sysaudio.sys
[2008/12/01 14:16:50 | 00,005,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\MSPCLOCK.sys
[2008/12/01 14:16:46 | 00,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\audstub.sys
[2008/12/01 14:16:14 | 00,057,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\redbook.sys
[2008/12/01 14:15:39 | 00,002,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\msmpu401.sys
[2008/12/01 14:15:38 | 00,145,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\portcls.sys
[2008/12/01 14:15:38 | 00,145,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\portcls.sys
[2008/12/01 14:15:38 | 00,130,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksproxy.ax
[2008/12/01 14:15:38 | 00,130,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksproxy.ax
[2008/12/01 14:15:38 | 00,060,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmk.sys
[2008/12/01 14:15:38 | 00,060,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmk.sys
[2008/12/01 14:15:38 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksuser.dll
[2008/12/01 14:15:38 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksuser.dll
[2008/12/01 14:15:36 | 00,010,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\gameenum.sys
[2008/12/01 14:15:20 | 00,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\usbui.dll
[2008/12/01 14:14:10 | 00,001,393 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2008/12/01 14:14:07 | 00,356,120 | ---- | C] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2008/12/01 14:14:07 | 00,000,000 | -HSD | C] -- C:\WINDOWS\Installer
[2008/12/01 14:14:06 | 00,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008/12/01 14:14:06 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC
[2008/12/01 14:14:05 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spcommon.dll
[2008/12/01 14:14:05 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spcplui.dll
[2008/12/01 14:14:04 | 01,685,606 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.spd
[2008/12/01 14:14:04 | 00,774,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spttseng.dll
[2008/12/01 14:14:04 | 00,000,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.sdf
[2008/12/01 14:14:03 | 00,643,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa
[2008/12/01 14:14:03 | 00,605,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa
[2008/12/01 14:14:03 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapisvr.exe
[2008/12/01 14:14:03 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeechEngines
[2008/12/01 14:14:02 | 00,741,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapi.dll
[2008/12/01 14:14:02 | 00,155,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapi.cpl
[2008/12/01 14:14:02 | 00,000,000 | R--D | C] -- C:\Program Files
[2008/12/01 14:14:02 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Shared
[2008/12/01 14:14:02 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files
[2008/12/01 14:14:01 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt041f.dll
[2008/12/01 14:13:59 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdazel.dll
[2008/12/01 14:13:59 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdazel.dll
[2008/12/01 14:13:58 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0419.dll
[2008/12/01 14:13:58 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuq.dll
[2008/12/01 14:13:58 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuf.dll
[2008/12/01 14:13:58 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtuq.dll
[2008/12/01 14:13:58 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtuf.dll
[2008/12/01 14:13:56 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmon.dll
[2008/12/01 14:13:56 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkyr.dll
[2008/12/01 14:13:56 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdmon.dll
[2008/12/01 14:13:56 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkyr.dll
[2008/12/01 14:13:55 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycc.dll
[2008/12/01 14:13:55 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbduzb.dll
[2008/12/01 14:13:55 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdur.dll
[2008/12/01 14:13:55 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtat.dll
[2008/12/01 14:13:55 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru1.dll
[2008/12/01 14:13:55 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru.dll
[2008/12/01 14:13:55 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkaz.dll
[2008/12/01 14:13:55 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbu.dll
[2008/12/01 14:13:55 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdblr.dll
[2008/12/01 14:13:55 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdaze.dll
[2008/12/01 14:13:55 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdycc.dll
[2008/12/01 14:13:55 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbduzb.dll
[2008/12/01 14:13:55 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdur.dll
[2008/12/01 14:13:55 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtat.dll
[2008/12/01 14:13:55 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdru1.dll
[2008/12/01 14:13:55 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdru.dll
[2008/12/01 14:13:55 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkaz.dll
[2008/12/01 14:13:55 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdbu.dll
[2008/12/01 14:13:55 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdblr.dll
[2008/12/01 14:13:55 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdaze.dll
[2008/12/01 14:13:54 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0408.dll
[2008/12/01 14:13:52 | 00,008,192 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhept.dll
[2008/12/01 14:13:52 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhept.dll
[2008/12/01 14:13:52 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela3.dll
[2008/12/01 14:13:52 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhela3.dll
[2008/12/01 14:13:52 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela2.dll
[2008/12/01 14:13:52 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdgkl.dll
[2008/12/01 14:13:52 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhela2.dll
[2008/12/01 14:13:52 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgkl.dll
[2008/12/01 14:13:52 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe319.dll
[2008/12/01 14:13:52 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe220.dll
[2008/12/01 14:13:52 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe.dll
[2008/12/01 14:13:52 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe319.dll
[2008/12/01 14:13:52 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe220.dll
[2008/12/01 14:13:52 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe.dll
[2008/12/01 14:13:49 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv1.dll
[2008/12/01 14:13:49 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv.dll
[2008/12/01 14:13:49 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdest.dll
[2008/12/01 14:13:49 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlv1.dll
[2008/12/01 14:13:49 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlv.dll
[2008/12/01 14:13:49 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdest.dll
[2008/12/01 14:13:49 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt1.dll
[2008/12/01 14:13:49 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt.dll
[2008/12/01 14:13:49 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlt1.dll
[2008/12/01 14:13:49 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlt.dll
[2008/12/01 14:13:48 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt040e.dll
[2008/12/01 14:13:48 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0415.dll
[2008/12/01 14:13:48 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0405.dll
[2008/12/01 14:13:46 | 00,007,168 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz.dll
[2008/12/01 14:13:46 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz.dll
[2008/12/01 14:13:46 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl1.dll
[2008/12/01 14:13:46 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl.dll
[2008/12/01 14:13:46 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpl.dll
[2008/12/01 14:13:46 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu.dll
[2008/12/01 14:13:46 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz2.dll
[2008/12/01 14:13:46 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz1.dll
[2008/12/01 14:13:46 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsl1.dll
[2008/12/01 14:13:46 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsl.dll
[2008/12/01 14:13:46 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdpl.dll
[2008/12/01 14:13:46 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhu.dll
[2008/12/01 14:13:46 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz2.dll
[2008/12/01 14:13:46 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz1.dll
[2008/12/01 14:13:46 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdro.dll
[2008/12/01 14:13:46 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpl1.dll
[2008/12/01 14:13:46 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu1.dll
[2008/12/01 14:13:46 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdro.dll
[2008/12/01 14:13:46 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdpl1.dll
[2008/12/01 14:13:46 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhu1.dll
[2008/12/01 14:13:45 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycl.dll
[2008/12/01 14:13:45 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcr.dll
[2008/12/01 14:13:45 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\KBDAL.DLL
[2008/12/01 14:13:45 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdycl.dll
[2008/12/01 14:13:45 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcr.dll
[2008/12/01 14:13:45 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdal.dll
[2008/12/01 14:13:43 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irclass.dll
[2008/12/01 14:13:43 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irclass.dll
[2008/12/01 14:13:42 | 00,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\spxcoins.dll
[2008/12/01 14:13:42 | 00,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxcoins.dll
[2008/12/01 14:13:42 | 00,013,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\WFWNET.DRV
[2008/12/01 14:13:42 | 00,009,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VER.DLL
[2008/12/01 14:13:42 | 00,002,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VGA.DRV
[2008/12/01 14:13:41 | 00,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLECLI.DLL
[2008/12/01 14:13:41 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLESVR.DLL
[2008/12/01 14:13:41 | 00,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TAPI.DLL
[2008/12/01 14:13:41 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SHELL.DLL
[2008/12/01 14:13:41 | 00,004,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TIMER.DRV
[2008/12/01 14:13:41 | 00,003,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SYSTEM.DRV
[2008/12/01 14:13:41 | 00,001,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SOUND.DRV
[2008/12/01 14:13:40 | 00,126,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MSVIDEO.DLL
[2008/12/01 14:13:40 | 00,073,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIAVI.DRV
[2008/12/01 14:13:40 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIWAVE.DRV
[2008/12/01 14:13:40 | 00,025,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCISEQ.DRV
[2008/12/01 14:13:40 | 00,009,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\LZEXPAND.DLL
[2008/12/01 14:13:40 | 00,002,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MOUSE.DRV
[2008/12/01 14:13:40 | 00,002,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\KEYBOARD.DRV
[2008/12/01 14:13:40 | 00,001,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MMTASK.TSK
[2008/12/01 14:13:39 | 00,109,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVIFILE.DLL
[2008/12/01 14:13:39 | 00,069,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVICAP.DLL
[2008/12/01 14:13:39 | 00,032,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\COMMDLG.DLL
[2008/12/01 14:13:39 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\TASKMAN.EXE
[2008/12/01 14:13:39 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\taskman.exe
[2008/12/01 14:13:39 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\irenum.sys
[2008/12/01 14:13:39 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irenum.sys
[2008/12/01 14:13:39 | 00,001,688 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2008/12/01 14:13:38 | 00,146,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\WINSPOOL.DRV
[2008/12/01 14:13:38 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\NOTEPAD.EXE
[2008/12/01 14:13:38 | 00,068,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MMSYSTEM.DLL
[2008/12/01 14:13:38 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\batt.dll
[2008/12/01 14:13:38 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\batt.dll
[2008/12/01 14:13:37 | 00,074,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\storprop.dll
[2008/12/01 14:13:29 | 00,000,084 | -HS- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\desktop.ini
[2008/12/01 14:13:29 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Documents\desktop.ini
[2008/12/01 14:13:29 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\desktop.ini
[2008/12/01 14:13:28 | 00,141,702 | ---- | C] () -- C:\WINDOWS\System32\dllcache\netfx.cat
[2008/12/01 14:13:28 | 00,110,116 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tabletpc.cat
[2008/12/01 14:13:28 | 00,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2008/12/01 14:13:28 | 00,031,965 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mediactr.cat
[2008/12/01 14:13:28 | 00,024,209 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn7.cat
[2008/12/01 14:13:28 | 00,013,753 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IMS.CAT
[2008/12/01 14:13:28 | 00,011,651 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn9.cat
[2008/12/01 14:13:28 | 00,009,581 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSMSGS.CAT
[2008/12/01 14:13:28 | 00,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2008/12/01 14:13:28 | 00,007,382 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2008/12/01 14:13:28 | 00,007,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat
[2008/12/01 14:13:28 | 00,007,245 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSTSWEB.CAT
[2008/12/01 14:13:27 | 02,012,670 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5.CAT
[2008/12/01 14:13:27 | 01,086,058 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NTPRINT.CAT
[2008/12/01 14:13:27 | 01,042,903 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP2.CAT
[2008/12/01 14:13:27 | 00,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2008/12/01 14:13:27 | 00,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2008/12/01 14:13:27 | 00,031,281 | ---- | C] () -- C:\WINDOWS\System32\dllcache\FP4.CAT
[2008/12/01 14:13:26 | 00,502,724 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5INF.CAT
[2008/12/01 14:13:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2008/12/01 14:13:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot
[2008/12/01 14:13:07 | 00,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2008/12/01 14:12:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings
[2008/12/01 14:12:35 | 00,000,000 | -HSD | C] -- C:\System Volume Information
[2008/12/01 14:12:34 | 00,095,864 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008/12/01 14:11:39 | 00,000,211 | -HS- | C] () -- C:\boot.ini
[2008/12/01 14:11:35 | 00,000,315 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf
[2008/12/01 14:04:27 | 00,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2008/12/01 14:04:26 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
[2008/12/01 14:04:07 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2008/12/01 14:03:51 | 00,000,000 | R-SD | C] -- C:\WINDOWS\Fonts
[2008/12/01 14:03:51 | 00,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2008/12/01 14:03:51 | 00,000,000 | R--D | C] -- C:\WINDOWS\Web
[2008/12/01 14:03:51 | 00,000,000 | -H-D | C] -- C:\WINDOWS\inf
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\WinSxS
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\twain_32
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\wins
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\spool
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ras
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\npp
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\mui
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\IME
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ias
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\export
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\config
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\3076
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\2052
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1054
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1042
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1041
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1037
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1033
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1031
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1028
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1025
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\system32
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\system
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\security
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\Resources
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\repair
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\Provisioning
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\PeerNet
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\pchealth
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\mui
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\msapps
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\msagent
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\Media
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\java
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\ime
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\Help
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\ehome
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\Debug
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\Cursors
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\Config
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\AppPatch
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\addins
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS
[2008/12/01 14:02:17 | 23,804,784 | ---- | C] () -- C:\Documents and Settings\Andy\Desktop\aaw2008.exe
[2008/12/01 13:32:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Andy\Application Data\Macromedia
[2008/12/01 13:32:43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Andy\Local Settings\Application Data\Yahoo
[2008/12/01 13:32:27 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Andy\Application Data\Adobe
[2008/12/01 13:30:28 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Yahoo!
[2008/12/01 13:30:22 | 00,000,000 | ---D | C] -- C:\Program Files\Yahoo!
[2008/12/01 13:22:28 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Avira
[2008/12/01 13:20:05 | 27,462,344 | ---- | C] () -- C:\Documents and Settings\Andy\Desktop\setupeng.exe
[2008/12/01 13:17:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2008/12/01 13:14:24 | 00,186,097 | ---- | C] () -- C:\WINDOWS\System32\nvapps.xml
[2008/12/01 13:14:23 | 00,018,070 | ---- | C] () -- C:\WINDOWS\System32\nvdisp.nvu
[2008/12/01 13:14:23 | 00,000,000 | ---D | C] -- C:\WINDOWS\nview
[2008/12/01 13:10:54 | 00,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2008/12/01 13:10:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Andy\Local Settings\Application Data\Mozilla
[2008/12/01 13:10:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Andy\Application Data\Mozilla
[2008/12/01 13:10:19 | 00,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2008/12/01 13:10:00 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Andy\Application Data\Comodo
[2008/12/01 13:09:16 | 07,508,624 | ---- | C] (Mozilla) -- C:\Documents and Settings\Andy\Desktop\Firefox Setup 3.0.4.exe
[2008/12/01 12:49:08 | 00,147,192 | ---- | C] () -- C:\WINDOWS\System32\guard32.dll
[2008/12/01 12:49:08 | 00,101,776 | ---- | C] (COMODO) -- C:\WINDOWS\System32\drivers\cmdguard.sys
[2008/12/01 12:49:08 | 00,079,504 | ---- | C] (COMODO) -- C:\WINDOWS\System32\drivers\inspect.sys
[2008/12/01 12:49:08 | 00,031,504 | ---- | C] (COMODO) -- C:\WINDOWS\System32\drivers\cmdhlp.sys
[2008/12/01 12:49:08 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\comodo
[2008/12/01 12:48:48 | 00,000,000 | ---D | C] -- C:\Program Files\COMODO
[2008/12/01 12:48:06 | 00,141,016 | ---- | C] () -- C:\WINDOWS\System32\ALSNDMGR.WAV
[2008/12/01 12:47:49 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Andy\Desktop\wdm
[2008/12/01 12:41:45 | 00,000,000 | ---D | C] -- C:\Program Files\DirectX
[2008/12/01 12:39:33 | 06,413,124 | -H-- | C] () -- C:\Documents and Settings\Andy\Local Settings\Application Data\IconCache.db
[2008/12/01 12:39:23 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\NVIDIA Shared
[2008/12/01 12:39:22 | 00,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2008/12/01 12:38:49 | 00,003,787 | ---- | C] () -- C:\WINDOWS\System32\nvaudio.nvu
[2008/12/01 12:38:44 | 00,000,464 | ---- | C] () -- C:\WINDOWS\System32\nvide.nvu
[2008/12/01 12:38:05 | 00,001,556 | ---- | C] () -- C:\WINDOWS\System32\nvenet.nvu
[2008/12/01 12:38:03 | 00,000,789 | ---- | C] () -- C:\WINDOWS\System32\nvsmb.nvu
[2008/12/01 12:38:00 | 00,001,217 | ---- | C] () -- C:\WINDOWS\System32\nvmctl.nvu
[2008/12/01 12:37:42 | 00,002,124 | ---- | C] () -- C:\WINDOWS\System32\nvgart.nvu
[2008/12/01 12:37:41 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups
[2008/12/01 12:37:04 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2008/12/01 12:36:24 | 00,000,000 | ---D | C] -- C:\NVIDIA
[2008/12/01 12:35:40 | 00,000,000 | -HSD | C] -- C:\RECYCLER
[2008/12/01 12:35:12 | 00,509,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_2.dll
[2008/12/01 12:35:12 | 00,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_2.dll
[2008/12/01 12:35:12 | 00,068,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_1.dll
[2008/12/01 12:35:11 | 01,493,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_39.dll
[2008/12/01 12:35:11 | 00,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_39.dll
[2008/12/01 12:35:10 | 03,851,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_39.dll
[2008/12/01 12:35:09 | 00,507,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_1.dll
[2008/12/01 12:35:09 | 00,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_1.dll
[2008/12/01 12:35:09 | 00,065,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_0.dll
[2008/12/01 12:35:08 | 01,491,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_38.dll
[2008/12/01 12:35:08 | 00,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_38.dll
[2008/12/01 12:35:08 | 00,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_4.dll
[2008/12/01 12:35:07 | 03,850,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_38.dll
[2008/12/01 12:35:06 | 00,479,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_0.dll
[2008/12/01 12:35:06 | 00,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_0.dll
[2008/12/01 12:35:06 | 00,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_3.dll
[2008/12/01 12:35:05 | 01,420,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_37.dll
[2008/12/01 12:35:05 | 00,462,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_37.dll
[2008/12/01 12:35:04 | 03,786,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_37.dll
[2008/12/01 12:35:04 | 00,267,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_10.dll
[2008/12/01 12:35:02 | 03,734,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_36.dll
[2008/12/01 12:35:02 | 01,374,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_36.dll
[2008/12/01 12:35:02 | 00,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_36.dll
[2008/12/01 12:35:01 | 00,267,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_9.dll
[2008/12/01 12:35:00 | 03,727,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_35.dll
[2008/12/01 12:35:00 | 01,358,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_35.dll
[2008/12/01 12:35:00 | 00,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_35.dll
[2008/12/01 12:34:59 | 00,266,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_8.dll
[2008/12/01 12:34:59 | 00,017,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_2.dll
[2008/12/01 12:34:58 | 03,497,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_34.dll
[2008/12/01 12:34:58 | 01,124,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_34.dll
[2008/12/01 12:34:58 | 00,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_34.dll
[2008/12/01 12:34:57 | 00,261,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_7.dll
[2008/12/01 12:34:57 | 00,081,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_3.dll
[2008/12/01 12:34:56 | 01,123,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_33.dll
[2008/12/01 12:34:56 | 00,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_33.dll
[2008/12/01 12:34:54 | 03,495,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_33.dll
[2008/12/01 12:34:53 | 03,426,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_32.dll
[2008/12/01 12:34:53 | 00,255,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_6.dll
[2008/12/01 12:34:53 | 00,251,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_5.dll
[2008/12/01 12:34:52 | 02,414,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_31.dll
[2008/12/01 12:34:52 | 00,237,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_4.dll
[2008/12/01 12:34:52 | 00,236,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_3.dll
[2008/12/01 12:34:52 | 00,015,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_1.dll
[2008/12/01 12:34:51 | 00,230,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_2.dll
[2008/12/01 12:34:51 | 00,229,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_1.dll
[2008/12/01 12:34:51 | 00,062,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_2.dll
[2008/12/01 12:34:51 | 00,062,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_1.dll
[2008/12/01 12:34:50 | 02,388,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_30.dll
[2008/12/01 12:34:50 | 00,230,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_0.dll
[2008/12/01 12:34:50 | 00,014,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_0.dll
[2008/12/01 12:34:49 | 02,332,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_29.dll
[2008/12/01 12:34:49 | 02,323,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_28.dll
[2008/12/01 12:34:49 | 02,319,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_27.dll
[2008/12/01 12:34:49 | 00,061,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput9_1_0.dll
[2008/12/01 12:34:48 | 02,337,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_25.dll
[2008/12/01 12:34:48 | 02,297,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_26.dll
[2008/12/01 12:34:47 | 02,222,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_24.dll
[2008/12/01 12:34:40 | 00,000,000 | ---D | C] -- C:\WINDOWS\Logs
[2008/12/01 12:32:14 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Andy\Application Data\ESET
[2008/12/01 12:31:31 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ESET
[2008/12/01 12:30:08 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Andy\Application Data\Identities
[2008/12/01 12:30:07 | 00,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
[2008/12/01 12:30:06 | 00,000,075 | -HS- | C] () -- C:\Documents and Settings\Andy\My Documents\desktop.ini
[2008/12/01 12:30:06 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Andy\My Documents\My Pictures
[2008/12/01 12:30:06 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Andy\My Documents\My Music
[2008/12/01 12:30:03 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\Andy\Application Data\desktop.ini
[2008/12/01 12:30:02 | 00,000,084 | -HS- | C] () -- C:\Documents and Settings\Andy\Start Menu\Programs\Startup\desktop.ini
[2008/12/01 12:30:02 | 00,000,000 | --SD | C] -- C:\Documents and Settings\Andy\Application Data\Microsoft
[2008/12/01 12:30:02 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Andy\Local Settings\Application Data\Microsoft
[2008/12/01 12:29:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2008/12/01 12:29:11 | 00,000,006 | -H-- | C] () -- C:\WINDOWS\tasks\SA.DAT
[2008/12/01 12:29:11 | 00,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft
[2008/12/01 12:29:11 | 00,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2008/12/01 12:29:04 | 00,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2008/12/01 12:28:05 | 00,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2008/12/01 12:27:49 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winzm.ime
[2008/12/01 12:27:48 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winsp.ime
[2008/12/01 12:27:48 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winpy.ime
[2008/12/01 12:27:48 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winime.ime
[2008/12/01 12:27:47 | 00,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winar30.ime
[2008/12/01 12:27:47 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wingb.ime
[2008/12/01 12:27:46 | 00,041,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.dll
[2008/12/01 12:27:46 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.sys
[2008/12/01 12:27:44 | 00,363,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3svc.dll
[2008/12/01 12:27:44 | 00,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wam51.dll
[2008/12/01 12:27:44 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamreg51.dll
[2008/12/01 12:27:44 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamps51.dll
[2008/12/01 12:27:43 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ext.dll
[2008/12/01 12:27:43 | 00,048,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32.dll
[2008/12/01 12:27:43 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3svapi.dll
[2008/12/01 12:27:43 | 00,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ctrs51.dll
[2008/12/01 12:27:42 | 00,426,041 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicepad.dll
[2008/12/01 12:27:42 | 00,086,073 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicesub.dll
[2008/12/01 12:27:40 | 00,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniime.dll
[2008/12/01 12:27:40 | 00,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unicdime.ime
[2008/12/01 12:27:39 | 00,103,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uihelper.dll
[2008/12/01 12:27:39 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe
[2008/12/01 12:27:38 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tools.dll
[2008/12/01 12:27:37 | 00,455,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintsetp.exe
[2008/12/01 12:27:37 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlphr.exe
[2008/12/01 12:27:37 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmigrate.dll
[2008/12/01 12:27:36 | 00,571,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlgnt.ime
[2008/12/01 12:27:36 | 00,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\thawbrkr.dll
[2008/12/01 12:27:35 | 00,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdipx.sys
[2008/12/01 12:27:35 | 00,019,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdspx.sys
[2008/12/01 12:27:35 | 00,013,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdasync.sys
[2008/12/01 12:27:33 | 00,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\svcext51.dll
[2008/12/01 12:27:33 | 00,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sspifilt.dll
[2008/12/01 12:27:33 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\status.dll
[2008/12/01 12:27:32 | 00,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusbusd.dll
[2008/12/01 12:27:32 | 00,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ssinc51.dll
[2008/12/01 12:27:30 | 00,143,422 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\softkey.dll
[2008/12/01 12:27:29 | 00,040,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpthrd.dll
[2008/12/01 12:27:29 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpstup.dll
[2008/12/01 12:27:29 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmptrap.exe
[2008/12/01 12:27:29 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll
[2008/12/01 12:27:28 | 00,358,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpincl.dll
[2008/12/01 12:27:28 | 00,259,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpcl.dll
[2008/12/01 12:27:28 | 00,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpsmir.dll
[2008/12/01 12:27:28 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmp.exe
[2008/12/01 12:27:28 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpmib.dll
[2008/12/01 12:27:27 | 00,456,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpsvc.dll
[2008/12/01 12:27:27 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll
[2008/12/01 12:27:27 | 00,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpapi.dll
[2008/12/01 12:27:26 | 00,236,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smi2smir.exe
[2008/12/01 12:27:26 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb6w.dll
[2008/12/01 12:27:26 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma3w.dll
[2008/12/01 12:27:26 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsm.dll
[2008/12/01 12:27:26 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smimsgif.dll
[2008/12/01 12:27:26 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsy.dll
[2008/12/01 12:27:25 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm9aw.dll
[2008/12/01 12:27:25 | 00,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8cw.dll
[2008/12/01 12:27:25 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm93w.dll
[2008/12/01 12:27:25 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm92w.dll
[2008/12/01 12:27:25 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm90w.dll
[2008/12/01 12:27:25 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8dw.dll
[2008/12/01 12:27:24 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm87w.dll
[2008/12/01 12:27:24 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm81w.dll
[2008/12/01 12:27:24 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8aw.dll
[2008/12/01 12:27:24 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm89w.dll
[2008/12/01 12:27:24 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm59w.dll
[2008/12/01 12:27:23 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\simptcp.dll
[2008/12/01 12:27:20 | 00,221,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\seo.dll
[2008/12/01 12:27:20 | 00,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_scripto.dll
[2008/12/01 12:27:20 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seos.dll
[2008/12/01 12:27:19 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rwnh.dll
[2008/12/01 12:27:18 | 00,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2008/12/01 12:27:18 | 00,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2008/12/01 12:27:18 | 00,026,624 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll
[2008/12/01 12:27:18 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rw001ext.dll
[2008/12/01 12:27:17 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\romanime.ime
[2008/12/01 12:27:17 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcref.dll
[2008/12/01 12:27:16 | 00,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe
[2008/12/01 12:27:16 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe
[2008/12/01 12:27:14 | 00,020,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ramdisk.sys
[2008/12/01 12:27:14 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quser.exe
[2008/12/01 12:27:13 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quick.ime
[2008/12/01 12:27:13 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe
[2008/12/01 12:27:12 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pwsdata.dll
[2008/12/01 12:27:11 | 00,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxviceo.dll
[2008/12/01 12:27:10 | 00,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlphr.exe
[2008/12/01 12:27:10 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmigrate.dll
[2008/12/01 12:27:10 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxmcro.dll
[2008/12/01 12:27:10 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxgl.dll
[2008/12/01 12:27:09 | 00,482,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlgnt.ime
[2008/12/01 12:27:09 | 00,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2008/12/01 12:27:09 | 00,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phon.ime
[2008/12/01 12:27:09 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlcsd.dll
[2008/12/01 12:27:08 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pagecnt.dll
[2008/12/01 12:27:08 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\permchk.dll
[2008/12/01 12:27:07 | 00,036,927 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs411.dll
[2008/12/01 12:27:07 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs404.dll
[2008/12/01 12:27:07 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs804.dll
[2008/12/01 12:27:07 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs412.dll
[2008/12/01 12:27:04 | 00,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nsepm.dll
[2008/12/01 12:27:04 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll
[2008/12/01 12:27:03 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nextlink.dll
[2008/12/01 12:27:01 | 00,229,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\multibox.dll
[2008/12/01 12:27:00 | 00,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtstocom.exe
[2008/12/01 12:26:58 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msiregmv.exe
[2008/12/01 12:26:57 | 01,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.lex
[2008/12/01 12:26:57 | 00,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.dll
[2008/12/01 12:26:51 | 00,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.sys
[2008/12/01 12:26:51 | 00,092,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.dll
[2008/12/01 12:26:51 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migregdb.exe
[2008/12/01 12:26:50 | 00,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\metada51.dll
[2008/12/01 12:26:50 | 00,037,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\md5filt.dll
[2008/12/01 12:26:50 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mdsync.dll
[2008/12/01 12:26:49 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll
[2008/12/01 12:26:48 | 00,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lpdsvc.dll
[2008/12/01 12:26:48 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logscrpt.dll
[2008/12/01 12:26:48 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lprmon.dll
[2008/12/01 12:26:48 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lonsint.dll
[2008/12/01 12:26:47 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lmmib2.dll
[2008/12/01 12:26:46 | 01,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2008/12/01 12:26:46 | 00,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\korwbrkr.dll
[2008/12/01 12:26:45 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdvntc.dll
[2008/12/01 12:26:45 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdusa.dll
[2008/12/01 12:26:45 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdurdu.dll
[2008/12/01 12:26:44 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth3.dll
[2008/12/01 12:26:44 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth2.dll
[2008/12/01 12:26:44 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth1.dll
[2008/12/01 12:26:44 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth0.dll
[2008/12/01 12:26:44 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr2.dll
[2008/12/01 12:26:44 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr1.dll
[2008/12/01 12:26:43 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecat.dll
[2008/12/01 12:26:43 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecnt.dll
[2008/12/01 12:26:43 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnec95.dll
[2008/12/01 12:26:43 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41j.dll
[2008/12/01 12:26:42 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41a.dll
[2008/12/01 12:26:42 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinpun.dll
[2008/12/01 12:26:42 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintel.dll
[2008/12/01 12:26:42 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintam.dll
[2008/12/01 12:26:42 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinmar.dll
[2008/12/01 12:26:41 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdibm02.dll
[2008/12/01 12:26:41 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinkan.dll
[2008/12/01 12:26:41 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinhin.dll
[2008/12/01 12:26:41 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinguj.dll
[2008/12/01 12:26:41 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdindev.dll
[2008/12/01 12:26:40 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdheb.dll
[2008/12/01 12:26:40 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdfa.dll
[2008/12/01 12:26:40 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv2.dll
[2008/12/01 12:26:40 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgeo.dll
[2008/12/01 12:26:39 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdax2.dll
[2008/12/01 12:26:39 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv1.dll
[2008/12/01 12:26:39 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda3.dll
[2008/12/01 12:26:39 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarmw.dll
[2008/12/01 12:26:39 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarme.dll
[2008/12/01 12:26:38 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd106n.dll
[2008/12/01 12:26:38 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101a.dll
[2008/12/01 12:26:38 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101.dll
[2008/12/01 12:26:38 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda2.dll
[2008/12/01 12:26:38 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda1.dll
[2008/12/01 12:26:37 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iscomlog.dll
[2008/12/01 12:26:37 | 00,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jupiw.dll
[2008/12/01 12:26:37 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iwrps.dll
[2008/12/01 12:26:37 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isapips.dll
[2008/12/01 12:26:36 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iprip.dll
[2008/12/01 12:26:35 | 00,257,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infocomm.dll
[2008/12/01 12:26:35 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetin51.exe
[2008/12/01 12:26:35 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infoctrs.dll
[2008/12/01 12:26:34 | 00,471,102 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskdic.dll
[2008/12/01 12:26:34 | 00,315,452 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskf.dll
[2008/12/01 12:26:34 | 00,102,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imlang.dll
[2008/12/01 12:26:34 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imkrinst.exe
[2008/12/01 12:26:34 | 00,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2008/12/01 12:26:33 | 00,274,489 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputyc.dll
[2008/12/01 12:26:33 | 00,262,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputy.exe
[2008/12/01 12:26:33 | 00,233,527 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjprw.exe
[2008/12/01 12:26:33 | 00,208,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpmig.exe
[2008/12/01 12:26:33 | 00,045,109 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpuex.exe
[2008/12/01 12:26:32 | 00,307,257 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.exe
[2008/12/01 12:26:32 | 00,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2008/12/01 12:26:32 | 00,155,705 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdsvr.exe
[2008/12/01 12:26:32 | 00,081,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.dll
[2008/12/01 12:26:31 | 00,716,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcus.dll
[2008/12/01 12:26:31 | 00,368,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcic.dll
[2008/12/01 12:26:31 | 00,057,398 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdadm.exe
[2008/12/01 12:26:30 | 00,811,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81k.dll
[2008/12/01 12:26:30 | 00,340,023 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81.ime
[2008/12/01 12:26:30 | 00,311,359 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsv.exe
[2008/12/01 12:26:30 | 00,102,463 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsm.dll
[2008/12/01 12:26:30 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmig.exe
[2008/12/01 12:26:29 | 00,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2008/12/01 12:26:29 | 00,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrcic.dll
[2008/12/01 12:26:29 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekr61.ime
[2008/12/01 12:26:29 | 00,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmbx.dll
[2008/12/01 12:26:29 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iissync.exe
[2008/12/01 12:26:28 | 00,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iislog51.dll
[2008/12/01 12:26:28 | 00,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisclex4.dll
[2008/12/01 12:26:28 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iiscrmap.dll
[2008/12/01 12:26:28 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisfecnv.dll
[2008/12/01 12:26:28 | 00,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iismui.dll
[2008/12/01 12:26:27 | 00,145,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iische51.dll
[2008/12/01 12:26:27 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisadmin.dll
[2008/12/01 12:26:22 | 10,129,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxkor.dll
[2008/12/01 12:26:17 | 13,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2008/12/01 12:26:13 | 10,096,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxcht.dll
[2008/12/01 12:26:13 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpod51.dll
[2008/12/01 12:26:12 | 00,268,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpext.dll
[2008/12/01 12:26:12 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hostmib.dll
[2008/12/01 12:26:12 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpmb51.dll
[2008/12/01 12:26:11 | 00,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2008/12/01 12:26:11 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hanjadic.dll
[2008/12/01 12:26:11 | 00,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gzip.dll
[2008/12/01 12:26:10 | 00,400,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsxp32.dll
[2008/12/01 12:26:09 | 00,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxstiff.dll
[2008/12/01 12:26:09 | 00,246,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxst30.dll
[2008/12/01 12:26:09 | 00,192,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxswzrd.dll
[2008/12/01 12:26:09 | 00,154,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsui.dll
[2008/12/01 12:26:08 | 00,562,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsst.dll
[2008/12/01 12:26:08 | 00,267,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssvc.exe
[2008/12/01 12:26:08 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsroute.dll
[2008/12/01 12:26:08 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssend.exe
[2008/12/01 12:26:08 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsperf.dll
[2008/12/01 12:26:08 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsres.dll
[2008/12/01 12:26:07 | 00,229,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscover.exe
[2008/12/01 12:26:07 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsevent.dll
[2008/12/01 12:26:07 | 00,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsdrv.dll
[2008/12/01 12:26:07 | 00,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsmon.dll
[2008/12/01 12:26:07 | 00,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsext32.dll
[2008/12/01 12:26:06 | 00,285,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscomex.dll
[2008/12/01 12:26:06 | 00,143,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclnt.exe
[2008/12/01 12:26:06 | 00,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclntr.dll
[2008/12/01 12:26:06 | 00,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscfgwz.dll
[2008/12/01 12:26:06 | 00,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscom.dll
[2008/12/01 12:26:05 | 00,452,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsapi.dll
[2008/12/01 12:26:05 | 00,125,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpsv251.dll
[2008/12/01 12:26:05 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpctrs2.dll
[2008/12/01 12:26:05 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpmib.dll
[2008/12/01 12:26:04 | 00,094,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fpencode.dll
[2008/12/01 12:26:04 | 00,024,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmcgi.exe
[2008/12/01 12:26:04 | 00,020,541 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmdll.dll
[2008/12/01 12:26:04 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftlx041e.dll
[2008/12/01 12:26:03 | 00,618,605 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4autl.dll
[2008/12/01 12:26:03 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe
[2008/12/01 12:26:02 | 00,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntwin.exe
[2008/12/01 12:26:02 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll
[2008/12/01 12:26:02 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\exstrace.dll
[2008/12/01 12:26:02 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\f3ahvoas.dll
[2008/12/01 12:26:01 | 00,101,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntagnt.dll
[2008/12/01 12:26:01 | 00,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll
[2008/12/01 12:26:01 | 00,045,056 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll
[2008/12/01 12:26:01 | 00,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\et4000.sys
[2008/12/01 12:26:01 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntcmd.exe
[2008/12/01 12:26:00 | 00,514,587 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\edb500.dll
[2008/12/01 12:26:00 | 00,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll
[2008/12/01 12:25:56 | 00,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dayi.ime
[2008/12/01 12:25:55 | 00,042,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\davcdata.exe
[2008/12/01 12:25:54 | 00,057,399 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cplexe.exe
[2008/12/01 12:25:54 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\counters.dll
[2008/12/01 12:25:54 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cprofile.exe
[2008/12/01 12:25:53 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\convlog.exe
[2008/12/01 12:25:53 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\controt.dll
[2008/12/01 12:25:52 | 00,480,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintsetp.exe
[2008/12/01 12:25:52 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\compfilt.dll
[2008/12/01 12:25:51 | 00,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintime.dll
[2008/12/01 12:25:51 | 00,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2008/12/01 12:25:51 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintlgnt.ime
[2008/12/01 12:25:50 | 00,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtbrkr.dll
[2008/12/01 12:25:50 | 00,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtmbx.dll
[2008/12/01 12:25:50 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtskdic.dll
[2008/12/01 12:25:49 | 01,677,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chsbrkr.dll
[2008/12/01 12:25:48 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgport.exe
[2008/12/01 12:25:48 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgusr.exe
[2008/12/01 12:25:48 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chglogon.exe
[2008/12/01 12:25:48 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\change.exe
[2008/12/01 12:25:47 | 00,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chajei.ime
[2008/12/01 12:25:46 | 00,218,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_g18030.dll
[2008/12/01 12:25:46 | 00,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2008/12/01 12:25:46 | 00,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_iscii.dll
[2008/12/01 12:25:46 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_is2022.dll
[2008/12/01 12:25:36 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\browscap.dll
[2008/12/01 12:25:34 | 00,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asptxn.dll
[2008/12/01 12:25:34 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aspperf.dll
[2008/12/01 12:25:34 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\authfilt.dll
[2008/12/01 12:25:33 | 00,369,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asp51.dll
[2008/12/01 12:25:33 | 00,331,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aqueue.dll
[2008/12/01 12:25:33 | 00,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll
[2008/12/01 12:25:32 | 00,108,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\appconf.dll
[2008/12/01 12:25:32 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0804.dll
[2008/12/01 12:25:32 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0412.dll
[2008/12/01 12:25:32 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0411.dll
[2008/12/01 12:25:32 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt040d.dll
[2008/12/01 12:25:31 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0404.dll
[2008/12/01 12:25:31 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0401.dll
[2008/12/01 12:25:31 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll
[2008/12/01 12:25:30 | 00,049,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adrot.dll
[2008/12/01 12:25:30 | 00,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admexs.dll
[2008/12/01 12:25:30 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admxprox.dll
[2008/12/01 12:25:27 | 00,032,827 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptest.exe
[2008/12/01 12:25:27 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptsat.dll
[2008/12/01 12:25:27 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamregps.dll
[2008/12/01 12:25:26 | 02,134,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpsnap.dll
[2008/12/01 12:25:26 | 00,189,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpadm.dll
[2008/12/01 12:25:26 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\staxmem.dll
[2008/12/01 12:25:25 | 00,020,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.dll
[2008/12/01 12:25:25 | 00,016,437 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.exe
[2008/12/01 12:25:22 | 00,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logui.ocx
[2008/12/01 12:25:22 | 00,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isatq.dll
[2008/12/01 12:25:21 | 00,829,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmgr.dll
[2008/12/01 12:25:21 | 00,169,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisui.dll
[2008/12/01 12:25:21 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetsloc.dll
[2008/12/01 12:25:21 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infoadmn.dll
[2008/12/01 12:25:21 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmgr.exe
[2008/12/01 12:25:20 | 00,133,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrtl.dll
[2008/12/01 12:25:20 | 00,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisext51.dll
[2008/12/01 12:25:20 | 00,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iismap.dll
[2008/12/01 12:25:20 | 00,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrstas.exe
[2008/12/01 12:25:20 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisreset.exe
[2008/12/01 12:25:20 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrstap.dll
[2008/12/01 12:25:19 | 00,020,538 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpremadm.exe
[2008/12/01 12:25:19 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpsapi2.dll
[2008/12/01 12:25:18 | 00,598,071 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmc.dll
[2008/12/01 12:25:18 | 00,208,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmcsat.dll
[2008/12/01 12:25:18 | 00,188,494 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpcount.exe
[2008/12/01 12:25:18 | 00,109,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98swin.exe
[2008/12/01 12:25:18 | 00,020,541 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpexedll.dll
[2008/12/01 12:25:17 | 00,876,653 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4awel.dll
[2008/12/01 12:25:17 | 00,102,509 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4atxt.dll
[2008/12/01 12:25:17 | 00,049,212 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4awebs.dll
[2008/12/01 12:25:17 | 00,041,020 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4avnb.dll
[2008/12/01 12:25:17 | 00,032,826 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4avss.dll
[2008/12/01 12:25:17 | 00,014,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98sadm.exe
[2008/12/01 12:25:16 | 00,184,435 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4amsft.dll
[2008/12/01 12:25:16 | 00,147,513 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4apws.dll
[2008/12/01 12:25:16 | 00,082,035 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4anscp.dll
[2008/12/01 12:25:16 | 00,049,210 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4areg.dll
[2008/12/01 12:25:15 | 00,275,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\certwiz.ocx
[2008/12/01 12:25:15 | 00,188,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cfgwiz.exe
[2008/12/01 12:25:15 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\certmap.ocx
[2008/12/01 12:25:15 | 00,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cnfgprts.ocx
[2008/12/01 12:25:15 | 00,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\coadmin.dll
[2008/12/01 12:25:14 | 00,290,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adsiis51.dll
[2008/12/01 12:25:14 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admwprox.dll
[2008/12/01 12:25:14 | 00,020,540 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.dll
[2008/12/01 12:25:14 | 00,016,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.exe
[2008/12/01 12:25:13 | 00,020,540 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.dll
[2008/12/01 12:25:13 | 00,016,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.exe
[2008/12/01 12:25:11 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom
[2008/12/01 12:25:11 | 00,000,000 | ---D | C] -- C:\Program Files\xerox
[2008/12/01 12:25:11 | 00,000,000 | ---D | C] -- C:\Program Files\microsoft frontpage
[2008/12/01 12:24:48 | 00,002,577 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT
[2008/12/01 12:24:48 | 00,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2008/12/01 12:24:48 | 00,000,000 | RHS- | C] () -- C:\IO.SYS
[2008/12/01 12:24:48 | 00,000,000 | ---- | C] () -- C:\WINDOWS\control.ini
[2008/12/01 12:24:48 | 00,000,000 | ---- | C] () -- C:\CONFIG.SYS
[2008/12/01 12:24:48 | 00,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT
[2008/12/01 12:24:40 | 00,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2008/12/01 12:24:40 | 00,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2008/12/01 12:24:39 | 00,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2008/12/01 12:24:28 | 00,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mapi32.dll
[2008/12/01 12:23:32 | 00,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files
[2008/12/01 12:23:32 | 00,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages
[2008/12/01 12:23:21 | 00,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate
[2008/12/01 12:23:07 | 04,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex
[2008/12/01 12:22:53 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX
[2008/12/01 12:22:28 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoobe.exe
[2008/12/01 12:22:27 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\notiflag.exe
[2008/12/01 12:22:27 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\brpinfo.dll
[2008/12/01 12:22:27 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atrace.dll
[2008/12/01 12:22:27 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\atrace.dll
[2008/12/01 12:22:26 | 00,099,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helphost.exe
[2008/12/01 12:22:26 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hcappres.dll
[2008/12/01 12:22:24 | 00,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2008/12/01 12:22:24 | 00,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2008/12/01 12:22:24 | 00,000,002 | ---- | C] () -- C:\WINDOWS\System32\desktop.ini
[2008/12/01 12:22:24 | 00,000,002 | ---- | C] () -- C:\WINDOWS\desktop.ini
[2008/12/01 12:22:17 | 00,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srdiag.exe
[2008/12/01 12:22:16 | 00,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msg723.acm
[2008/12/01 12:22:16 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmevtmsg.dll
[2008/12/01 12:22:16 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmevtmsg.dll
[2008/12/01 12:22:16 | 00,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf
[2008/12/01 12:22:15 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msinfo32.exe
[2008/12/01 12:22:15 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wb32.exe
[2008/12/01 12:22:15 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cb32.exe
[2008/12/01 12:22:14 | 00,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\acctres.dll
[2008/12/01 12:22:14 | 00,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\acctres.dll
[2008/12/01 12:22:14 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Services
[2008/12/01 12:22:10 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwtutor.exe
[2008/12/01 12:22:10 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwres.dll
[2008/12/01 12:22:10 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trialoc.dll
[2008/12/01 12:22:10 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icfgnt5.dll
[2008/12/01 12:22:10 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icfgnt5.dll
[2008/12/01 12:22:10 | 00,000,065 | RH-- | C] () -- C:\WINDOWS\tasks\desktop.ini
[2008/12/01 12:22:10 | 00,000,000 | --SD | C] -- C:\WINDOWS\Tasks
[2008/12/01 12:22:09 | 00,235,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssoap1.dll
[2008/12/01 12:22:09 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wisc10.dll
[2008/12/01 12:22:09 | 00,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssoapr.dll
[2008/12/01 12:22:09 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isignup.exe
[2008/12/01 12:22:09 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap
[2008/12/01 12:22:08 | 00,093,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieinfo5.ocx
[2008/12/01 12:22:05 | 03,166,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msgr3en.dll
[2008/12/01 12:22:05 | 00,725,566 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srchui.dll
[2008/12/01 12:22:05 | 00,058,434 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srchctls.dll
[2008/12/01 12:22:05 | 00,000,000 | ---D | C] -- C:\WINDOWS\srchasst
[2008/12/01 12:22:04 | 00,765,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\VGX.dll
[2008/12/01 12:22:04 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed
[2008/12/01 12:22:03 | 00,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpband.dll
[2008/12/01 12:22:02 | 00,786,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migrate.exe
[2008/12/01 12:22:02 | 00,774,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setup_wm.exe
[2008/12/01 12:22:02 | 00,368,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpvis.dll
[2008/12/01 12:22:02 | 00,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpns.dll
[2008/12/01 12:22:02 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\custsat.dll
[2008/12/01 12:22:01 | 00,364,544 | ---- | C] (Microsoft Corporation (written by Digital Renaissance Inc.)) -- C:\WINDOWS\System32\dllcache\npdsplay.dll
[2008/12/01 12:22:01 | 00,226,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npdrmv2.dll
[2008/12/01 12:22:01 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmplayer.exe
[2008/12/01 12:22:01 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npwmsdrm.dll
[2008/12/01 12:22:01 | 00,004,639 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.exe
[2008/12/01 12:22:00 | 00,183,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng1.dll
[2008/12/01 12:22:00 | 00,183,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaueng1.dll
[2008/12/01 12:22:00 | 00,120,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuweb.dll
[2008/12/01 12:22:00 | 00,120,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuweb.dll
[2008/12/01 12:22:00 | 00,112,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll
[2008/12/01 12:22:00 | 00,112,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wucltui.dll
[2008/12/01 12:22:00 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauserv.dll
[2008/12/01 12:22:00 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauserv.dll
[2008/12/01 12:21:59 | 01,134,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng.dll
[2008/12/01 12:21:59 | 01,134,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaueng.dll
[2008/12/01 12:21:59 | 00,430,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll
[2008/12/01 12:21:59 | 00,430,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuapi.dll
[2008/12/01 12:21:59 | 00,165,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauclt1.exe
[2008/12/01 12:21:59 | 00,165,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauclt1.exe
[2008/12/01 12:21:59 | 00,162,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaucpl.cpl
[2008/12/01 12:21:59 | 00,162,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaucpl.cpl
[2008/12/01 12:21:59 | 00,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauclt.exe
[2008/12/01 12:21:59 | 00,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauclt.exe
[2008/12/01 12:21:59 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wups.dll
[2008/12/01 12:21:59 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wups.dll
[2008/12/01 12:21:59 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bitsprx2.dll
[2008/12/01 12:21:59 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx2.dll
[2008/12/01 12:21:59 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bitsprx3.dll
[2008/12/01 12:21:59 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx3.dll
[2008/12/01 12:21:58 | 00,382,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qmgr.dll
[2008/12/01 12:21:58 | 00,382,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qmgr.dll
[2008/12/01 12:21:58 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qmgrprxy.dll
[2008/12/01 12:21:58 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qmgrprxy.dll
[2008/12/01 12:21:57 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2res2.dll
[2008/12/01 12:21:56 | 04,256,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2res.dll
[2008/12/01 12:21:56 | 00,502,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2fxa.dll
[2008/12/01 12:21:56 | 00,325,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2fxb.dll
[2008/12/01 12:21:56 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2eres.dll
[2008/12/01 12:21:55 | 00,402,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2filt.dll
[2008/12/01 12:21:55 | 00,167,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2ae.dll
[2008/12/01 12:21:55 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2ext.dll
[2008/12/01 12:21:54 | 03,555,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\moviemk.exe
[2008/12/01 12:21:54 | 00,000,000 | ---D | C] -- C:\Program Files\Movie Maker
[2008/12/01 12:21:53 | 00,561,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobmain.dll
[2008/12/01 12:21:53 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobdl.dll
[2008/12/01 12:21:52 | 00,122,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobcomm.dll
[2008/12/01 12:21:52 | 00,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oobebaln.exe
[2008/12/01 12:21:52 | 00,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobshel.dll
[2008/12/01 12:21:52 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobweb.dll
[2008/12/01 12:21:50 | 00,150,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uploadm.exe
[2008/12/01 12:21:50 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrslv.dll
[2008/12/01 12:21:50 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\safrslv.dll
[2008/12/01 12:21:49 | 00,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pchshell.dll
[2008/12/01 12:21:49 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrcdlg.dll
[2008/12/01 12:21:49 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\racpldlg.dll
[2008/12/01 12:21:49 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\safrcdlg.dll
[2008/12/01 12:21:49 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\racpldlg.dll
[2008/12/01 12:21:49 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pchsvc.dll
[2008/12/01 12:21:49 | 00,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrdm.dll
[2008/12/01 12:21:49 | 00,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\safrdm.dll
[2008/12/01 12:21:47 | 00,376,320 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msinfo.dll
[2008/12/01 12:21:47 | 00,158,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msconfig.exe
[2008/12/01 12:21:47 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hscupd.exe
[2008/12/01 12:21:46 | 00,768,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpctr.exe
[2008/12/01 12:21:46 | 00,743,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe
[2008/12/01 12:21:46 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fltlib.dll
[2008/12/01 12:21:46 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fltlib.dll
[2008/12/01 12:21:45 | 00,380,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rstrui.exe
[2008/12/01 12:21:45 | 00,239,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srrstr.dll
[2008/12/01 12:21:45 | 00,239,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srrstr.dll
[2008/12/01 12:21:45 | 00,170,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srsvc.dll
[2008/12/01 12:21:45 | 00,170,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srsvc.dll
[2008/12/01 12:21:45 | 00,124,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\fltMgr.sys
[2008/12/01 12:21:45 | 00,124,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fltmgr.sys
[2008/12/01 12:21:45 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srclient.dll
[2008/12/01 12:21:45 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srclient.dll
[2008/12/01 12:21:45 | 00,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fltMc.exe
[2008/12/01 12:21:45 | 00,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fltmc.exe
[2008/12/01 12:21:45 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore
[2008/12/01 12:21:44 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ils.dll
[2008/12/01 12:21:44 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ils.dll
[2008/12/01 12:21:44 | 00,073,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sr.sys
[2008/12/01 12:21:44 | 00,073,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sr.sys
[2008/12/01 12:21:43 | 00,229,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmas.dll
[2008/12/01 12:21:43 | 00,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msh261.drv
[2008/12/01 12:21:43 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msconf.dll
[2008/12/01 12:21:43 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msconf.dll
[2008/12/01 12:21:43 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dcap32.dll
[2008/12/01 12:21:43 | 00,034,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mnmdd.dll
[2008/12/01 12:21:43 | 00,034,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mnmdd.dll
[2008/12/01 12:21:43 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mnmsrvc.exe
[2008/12/01 12:21:43 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mnmsrvc.exe
[2008/12/01 12:21:43 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmmkcert.dll
[2008/12/01 12:21:43 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmmkcert.dll
[2008/12/01 12:21:42 | 00,385,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\callcont.dll
[2008/12/01 12:21:42 | 00,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nac.dll
[2008/12/01 12:21:42 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rrcm.dll
[2008/12/01 12:21:42 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\h323cc.dll
[2008/12/01 12:21:42 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmasnt.dll
[2008/12/01 12:21:41 | 00,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mst120.dll
[2008/12/01 12:21:41 | 00,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmwb.dll
[2008/12/01 12:21:41 | 00,151,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmft.dll
[2008/12/01 12:21:41 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmchat.dll
[2008/12/01 12:21:41 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmcom.dll
[2008/12/01 12:21:41 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mst123.dll
[2008/12/01 12:21:41 | 00,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\confmrsl.dll
[2008/12/01 12:21:40 | 01,032,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\conf.exe
[2008/12/01 12:21:40 | 00,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoeacct.dll
[2008/12/01 12:21:40 | 00,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoeacct.dll
[2008/12/01 12:21:40 | 00,172,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmoldwb.dll
[2008/12/01 12:21:40 | 00,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoert2.dll
[2008/12/01 12:21:40 | 00,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoert2.dll
[2008/12/01 12:21:40 | 00,046,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab.exe
[2008/12/01 12:21:40 | 00,000,000 | ---D | C] -- C:\Program Files\NetMeeting
[2008/12/01 12:21:39 | 00,504,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab32.dll
[2008/12/01 12:21:39 | 00,249,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab32res.dll
[2008/12/01 12:21:39 | 00,084,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wabimp.dll
[2008/12/01 12:21:39 | 00,081,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\directdb.dll
[2008/12/01 12:21:39 | 00,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetres.dll
[2008/12/01 12:21:39 | 00,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetres.dll
[2008/12/01 12:21:39 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wabfind.dll
[2008/12/01 12:21:39 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wabmig.exe
[2008/12/01 12:21:38 | 01,311,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoe.dll
[2008/12/01 12:21:38 | 00,678,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcomm.dll
[2008/12/01 12:21:38 | 00,678,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcomm.dll
[2008/12/01 12:21:38 | 00,104,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oeimport.dll
[2008/12/01 12:21:38 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msimn.exe
[2008/12/01 12:21:37 | 02,479,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoeres.dll
[2008/12/01 12:21:37 | 00,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setup50.exe
[2008/12/01 12:21:37 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oemig50.exe
[2008/12/01 12:21:37 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oemiglib.dll
[2008/12/01 12:21:37 | 00,000,000 | ---D | C] -- C:\Program Files\Outlook Express
[2008/12/01 12:21:36 | 00,274,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstask.dll
[2008/12/01 12:21:36 | 00,274,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstask.dll
[2008/12/01 12:21:36 | 00,190,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\schedsvc.dll
[2008/12/01 12:21:36 | 00,190,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\schedsvc.dll
[2008/12/01 12:21:36 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwphbk.dll
[2008/12/01 12:21:36 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwphbk.dll
[2008/12/01 12:21:36 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstinit.exe
[2008/12/01 12:21:36 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstinit.exe
[2008/12/01 12:21:35 | 00,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcfg.dll
[2008/12/01 12:21:35 | 00,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcfg.dll
[2008/12/01 12:21:35 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\isign32.dll
[2008/12/01 12:21:35 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isign32.dll
[2008/12/01 12:21:35 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwdial.dll
[2008/12/01 12:21:35 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwdial.dll
[2008/12/01 12:21:34 | 00,172,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwhelp.dll
[2008/12/01 12:21:34 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwconn.dll
[2008/12/01 12:21:34 | 00,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwutil.dll
[2008/12/01 12:21:34 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwdl.dll
[2008/12/01 12:21:34 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwrmind.exe
[2008/12/01 12:21:33 | 00,561,179 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dao360.dll
[2008/12/01 12:21:33 | 00,217,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sqlxmlx.dll
[2008/12/01 12:21:33 | 00,214,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwconn1.exe
[2008/12/01 12:21:33 | 00,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwconn2.exe
[2008/12/01 12:21:33 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetwiz.exe
[2008/12/01 12:21:32 | 00,487,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oledb32.dll
[2008/12/01 12:21:32 | 00,204,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaps.dll
[2008/12/01 12:21:32 | 00,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdatl3.dll
[2008/12/01 12:21:32 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaosp.dll
[2008/12/01 12:21:32 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oledb32r.dll
[2008/12/01 12:21:31 | 00,315,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdasql.dll
[2008/12/01 12:21:31 | 00,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaora.dll
[2008/12/01 12:21:31 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxactps.dll
[2008/12/01 12:21:31 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdatt.dll
[2008/12/01 12:21:31 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdasqlr.dll
[2008/12/01 12:21:31 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaorar.dll
[2008/12/01 12:21:31 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaurl.dll
[2008/12/01 12:21:31 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdasc.dll
[2008/12/01 12:21:31 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaer.dll
[2008/12/01 12:21:31 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaenum.dll
[2008/12/01 12:21:30 | 00,200,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadox.dll
[2008/12/01 12:21:30 | 00,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadomd.dll
[2008/12/01 12:21:30 | 00,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msjro.dll
[2008/12/01 12:21:30 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado27.tlb
[2008/12/01 12:21:30 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado26.tlb
[2008/12/01 12:21:30 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado25.tlb
[2008/12/01 12:21:30 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado21.tlb
[2008/12/01 12:21:30 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado20.tlb
[2008/12/01 12:21:30 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadrh15.dll
[2008/12/01 12:21:30 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msador15.dll
[2008/12/01 12:21:30 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdadc.dll
[2008/12/01 12:21:29 | 00,536,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado15.dll
[2008/12/01 12:21:29 | 00,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdarem.dll
[2008/12/01 12:21:29 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdfmap.dll
[2008/12/01 12:21:29 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msader15.dll
[2008/12/01 12:21:29 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaremr.dll
[2008/12/01 12:21:28 | 00,200,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaprst.dll
[2008/12/01 12:21:28 | 00,155,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadds.dll
[2008/12/01 12:21:28 | 00,143,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadco.dll
[2008/12/01 12:21:28 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcf.dll
[2008/12/01 12:21:28 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcs.dll
[2008/12/01 12:21:28 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msaddsr.dll
[2008/12/01 12:21:28 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcer.dll
[2008/12/01 12:21:28 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaprsr.dll
[2008/12/01 12:21:28 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcor.dll
[2008/12/01 12:21:28 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcfr.dll
[2008/12/01 12:21:27 | 00,331,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadce.dll
[2008/12/01 12:21:27 | 00,153,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\triedit.dll
[2008/12/01 12:21:27 | 00,128,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dhtmled.ocx
[2008/12/01 12:21:27 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\System
[2008/12/01 12:21:26 | 00,622,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iexplore.exe
[2008/12/01 12:21:26 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedw.exe
[2008/12/01 12:21:26 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hmmapi.dll
[2008/12/01 12:21:26 | 00,000,000 | ---D | C] -- C:\Program Files\Internet Explorer
[2008/12/01 12:21:24 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Pictures
[2008/12/01 12:21:00 | 00,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008/12/01 12:20:48 | 00,000,000 | ---D | C] -- C:\Program Files\ComPlus Applications
[2008/12/01 12:20:46 | 00,000,037 | ---- | C] () -- C:\WINDOWS\vbaddin.ini
[2008/12/01 12:20:46 | 00,000,036 | ---- | C] () -- C:\WINDOWS\vb.ini
[2008/12/01 12:20:40 | 00,000,000 | ---D | C] -- C:\WINDOWS\Registration
[2008/12/01 12:20:32 | 00,000,000 | ---D | C] -- C:\Program Files\Online Services
[2008/12/01 12:20:31 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Music
[2008/12/01 12:20:31 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Media Player
[2008/12/01 12:20:24 | 00,042,577 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgzm.exe
[2008/12/01 12:20:24 | 00,000,000 | ---D | C] -- C:\Program Files\Messenger
[2008/12/01 12:20:23 | 01,817,687 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgres.dll
[2008/12/01 12:20:23 | 00,780,885 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrres.dll
[2008/12/01 12:20:23 | 00,753,236 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvseres.dll
[2008/12/01 12:20:23 | 00,082,501 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckg.dll
[2008/12/01 12:20:23 | 00,048,706 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvse.dll
[2008/12/01 12:20:23 | 00,042,575 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrzm.exe
[2008/12/01 12:20:23 | 00,042,574 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvsezm.exe
[2008/12/01 12:20:22 | 02,178,131 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlres.dll
[2008/12/01 12:20:22 | 01,175,635 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzres.dll
[2008/12/01 12:20:22 | 00,066,113 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvl.dll
[2008/12/01 12:20:22 | 00,057,409 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtz.dll
[2008/12/01 12:20:22 | 00,042,573 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlzm.exe
[2008/12/01 12:20:22 | 00,042,573 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzzm.exe
[2008/12/01 12:20:22 | 00,040,515 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkr.dll
[2008/12/01 12:20:22 | 00,004,677 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zeeverm.dll
[2008/12/01 12:20:21 | 01,039,955 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnresm.dll
[2008/12/01 12:20:21 | 00,113,222 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zoneclim.dll
[2008/12/01 12:20:21 | 00,041,029 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zcorem.dll
[2008/12/01 12:20:21 | 00,032,339 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniansi.dll
[2008/12/01 12:20:21 | 00,013,894 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zonelibm.dll
[2008/12/01 12:20:20 | 00,217,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnclim.dll
[2008/12/01 12:20:20 | 00,036,937 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zclientm.exe
[2008/12/01 12:20:20 | 00,029,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\znetm.dll
[2008/12/01 12:20:20 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\write.exe
[2008/12/01 12:20:20 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\write.exe
[2008/12/01 12:20:20 | 00,000,000 | ---D | C] -- C:\Program Files\MSN Gaming Zone
[2008/12/01 12:20:06 | 00,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndvol32.exe
[2008/12/01 12:20:06 | 00,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndvol32.exe
[2008/12/01 12:20:05 | 00,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avtapi.dll
[2008/12/01 12:20:05 | 00,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avtapi.dll
[2008/12/01 12:20:05 | 00,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avwav.dll
[2008/12/01 12:20:05 | 00,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avwav.dll
[2008/12/01 12:20:05 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avmeter.dll
[2008/12/01 12:20:05 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avmeter.dll
[2008/12/01 12:20:04 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winchat.exe
[2008/12/01 12:20:04 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winchat.exe
[2008/12/01 12:19:57 | 00,065,832 | ---- | C] () -- C:\WINDOWS\Santa Fe Stucco.bmp
[2008/12/01 12:19:57 | 00,026,680 | ---- | C] () -- C:\WINDOWS\River Sumida.bmp
[2008/12/01 12:19:57 | 00,009,522 | ---- | C] () -- C:\WINDOWS\Zapotec.bmp
[2008/12/01 12:19:56 | 00,065,978 | ---- | C] () -- C:\WINDOWS\Soap Bubbles.bmp
[2008/12/01 12:19:56 | 00,065,954 | ---- | C] () -- C:\WINDOWS\Prairie Wind.bmp
[2008/12/01 12:19:56 | 00,026,582 | ---- | C] () -- C:\WINDOWS\Greenstone.bmp
[2008/12/01 12:19:56 | 00,017,362 | ---- | C] () -- C:\WINDOWS\Rhododendron.bmp
[2008/12/01 12:19:56 | 00,017,336 | ---- | C] () -- C:\WINDOWS\Gone Fishing.bmp
[2008/12/01 12:19:56 | 00,017,062 | ---- | C] () -- C:\WINDOWS\Coffee Bean.bmp
[2008/12/01 12:19:56 | 00,016,730 | ---- | C] () -- C:\WINDOWS\FeatherTexture.bmp
[2008/12/01 12:19:55 | 00,001,272 | ---- | C] () -- C:\WINDOWS\Blue Lace 16.bmp
[2008/12/01 12:19:54 | 00,605,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\getuname.dll
[2008/12/01 12:19:54 | 00,605,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\getuname.dll
[2008/12/01 12:19:54 | 00,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\calc.exe
[2008/12/01 12:19:54 | 00,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\calc.exe
[2008/12/01 12:19:54 | 00,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\charmap.exe
[2008/12/01 12:19:54 | 00,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\charmap.exe
[2008/12/01 12:19:53 | 00,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mshearts.exe
[2008/12/01 12:19:53 | 00,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshearts.exe
[2008/12/01 12:19:53 | 00,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winmine.exe
[2008/12/01 12:19:53 | 00,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmine.exe
[2008/12/01 12:19:53 | 00,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sol.exe
[2008/12/01 12:19:53 | 00,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sol.exe
[2008/12/01 12:19:52 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\freecell.exe
[2008/12/01 12:19:52 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\freecell.exe
[2008/12/01 12:19:52 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsshutdn.exe
[2008/12/01 12:19:52 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsshutdn.exe
[2008/12/01 12:19:52 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tskill.exe
[2008/12/01 12:19:52 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tskill.exe
[2008/12/01 12:19:52 | 00,013,223 | ---- | C] () -- C:\WINDOWS\System32\tslabels.ini
[2008/12/01 12:19:52 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\reset.exe
[2008/12/01 12:19:52 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\reset.exe
[2008/12/01 12:19:52 | 00,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h
[2008/12/01 12:19:52 | 00,001,161 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2008/12/01 12:19:51 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\regini.exe
[2008/12/01 12:19:51 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\regini.exe
[2008/12/01 12:19:51 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qwinsta.exe
[2008/12/01 12:19:51 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qwinsta.exe
[2008/12/01 12:19:51 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msg.exe
[2008/12/01 12:19:51 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msg.exe
[2008/12/01 12:19:51 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qappsrv.exe
[2008/12/01 12:19:51 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qappsrv.exe
[2008/12/01 12:19:51 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rwinsta.exe
[2008/12/01 12:19:51 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rwinsta.exe
[2008/12/01 12:19:51 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsdiscon.exe
[2008/12/01 12:19:51 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscon.exe
[2008/12/01 12:19:51 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\shadow.exe
[2008/12/01 12:19:51 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsdiscon.exe
[2008/12/01 12:19:51 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscon.exe
[2008/12/01 12:19:51 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shadow.exe
[2008/12/01 12:19:51 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpcfgex.dll
[2008/12/01 12:19:51 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpcfgex.dll
[2008/12/01 12:19:50 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtsadmin.tlb
[2008/12/01 12:19:50 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cdmodem.dll
[2008/12/01 12:19:50 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cdmodem.dll
[2008/12/01 12:19:50 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\logoff.exe
[2008/12/01 12:19:50 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logoff.exe
[2008/12/01 12:19:50 | 00,001,931 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.ini
[2008/12/01 12:19:50 | 00,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h
[2008/12/01 12:19:49 | 00,082,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrepl.dll
[2008/12/01 12:19:49 | 00,082,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comrepl.dll
[2008/12/01 12:19:49 | 00,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comaddin.dll
[2008/12/01 12:19:49 | 00,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comaddin.dll
[2008/12/01 12:19:49 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxlegih.dll
[2008/12/01 12:19:49 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxlegih.dll
[2008/12/01 12:19:49 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxdm.dll
[2008/12/01 12:19:49 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxdm.dll
[2008/12/01 12:19:49 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dcomcnfg.exe
[2008/12/01 12:19:49 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrereg.exe
[2008/12/01 12:19:49 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dcomcnfg.exe
[2008/12/01 12:19:49 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxex.dll
[2008/12/01 12:19:49 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxex.dll
[2008/12/01 12:19:48 | 00,147,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comsnap.dll
[2008/12/01 12:19:48 | 00,147,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsnap.dll
[2008/12/01 12:19:48 | 00,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\stclient.dll
[2008/12/01 12:19:48 | 00,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\stclient.dll
[2008/12/01 12:19:48 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmi2xml.dll
[2008/12/01 12:19:44 | 00,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmitimep.dll
[2008/12/01 12:19:43 | 00,075,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipicmp.dll
[2008/12/01 12:19:43 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmimsg.dll
[2008/12/01 12:19:43 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemdisp.tlb
[2008/12/01 12:19:43 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.tlb
[2008/12/01 12:19:43 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmtr.dll
[2008/12/01 12:19:43 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmt.exe
[2008/12/01 12:19:43 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.dll
[2008/12/01 12:19:42 | 00,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\updprov.dll
[2008/12/01 12:19:42 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmplprov.dll
[2008/12/01 12:19:42 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trnsprov.dll
[2008/12/01 12:19:42 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpcons.dll
[2008/12/01 12:19:42 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unsecapp.exe
[2008/12/01 12:19:41 | 00,273,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msiprov.dll
[2008/12/01 12:19:41 | 00,120,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsprov.dll
[2008/12/01 12:19:41 | 00,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc
[2008/12/01 12:19:41 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fwdprov.dll
[2008/12/01 12:19:30 | 00,000,000 | ---D | C] -- C:\Program Files\MSN
[2008/12/01 12:19:29 | 00,281,088 | ---- | C] (Cinematronics) -- C:\WINDOWS\System32\dllcache\pinball.exe
[2008/12/01 12:19:29 | 00,214,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wordpad.exe
[2008/12/01 12:19:29 | 00,183,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\accwiz.exe
[2008/12/01 12:19:29 | 00,183,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\accwiz.exe
[2008/12/01 12:19:28 | 00,539,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dialer.exe
[2008/12/01 12:19:28 | 00,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndrec32.exe
[2008/12/01 12:19:28 | 00,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndrec32.exe
[2008/12/01 12:19:28 | 00,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mplay32.exe
[2008/12/01 12:19:28 | 00,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplay32.exe
[2008/12/01 12:19:28 | 00,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\access.cpl
[2008/12/01 12:19:28 | 00,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\access.cpl
[2008/12/01 12:19:28 | 00,000,000 | ---D | C] -- C:\Program Files\Windows NT
[2008/12/01 12:19:27 | 00,538,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spider.exe
[2008/12/01 12:19:27 | 00,538,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spider.exe
[2008/12/01 12:19:27 | 00,343,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mspaint.exe
[2008/12/01 12:19:27 | 00,343,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspaint.exe
[2008/12/01 12:19:27 | 00,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clipbrd.exe
[2008/12/01 12:19:27 | 00,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clipbrd.exe
[2008/12/01 12:19:27 | 00,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tdtcp.sys
[2008/12/01 12:19:27 | 00,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdtcp.sys
[2008/12/01 12:19:27 | 00,012,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tdpipe.sys
[2008/12/01 12:19:27 | 00,012,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdpipe.sys
[2008/12/01 12:19:26 | 00,655,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstscax.dll
[2008/12/01 12:19:26 | 00,655,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstscax.dll
[2008/12/01 12:19:26 | 00,407,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstsc.exe
[2008/12/01 12:19:26 | 00,407,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstsc.exe
[2008/12/01 12:19:26 | 00,139,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rdpwd.sys
[2008/12/01 12:19:26 | 00,139,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwd.sys
[2008/12/01 12:19:26 | 00,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscfgwmi.dll
[2008/12/01 12:19:26 | 00,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscfgwmi.dll
[2008/12/01 12:19:26 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\remotepg.dll
[2008/12/01 12:19:26 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\remotepg.dll
[2008/12/01 12:19:26 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdsaddin.exe
[2008/12/01 12:19:26 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdsaddin.exe
[2008/12/01 12:19:25 | 00,295,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\termsrv.dll
[2008/12/01 12:19:25 | 00,295,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\termsrv.dll
[2008/12/01 12:19:25 | 00,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdchost.dll
[2008/12/01 12:19:25 | 00,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdchost.dll
[2008/12/01 12:19:25 | 00,140,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sessmgr.exe
[2008/12/01 12:19:25 | 00,140,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sessmgr.exe
[2008/12/01 12:19:25 | 00,087,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpwsx.dll
[2008/12/01 12:19:25 | 00,087,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwsx.dll
[2008/12/01 12:19:25 | 00,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdshost.exe
[2008/12/01 12:19:25 | 00,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdshost.exe
[2008/12/01 12:19:25 | 00,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpclip.exe
[2008/12/01 12:19:25 | 00,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpclip.exe
[2008/12/01 12:19:25 | 00,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscupgrd.exe
[2008/12/01 12:19:25 | 00,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscupgrd.exe
[2008/12/01 12:19:25 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpsnd.dll
[2008/12/01 12:19:25 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpsnd.dll
[2008/12/01 12:19:24 | 00,161,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcuiu.dll
[2008/12/01 12:19:24 | 00,161,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtcuiu.dll
[2008/12/01 12:19:24 | 00,090,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxoci.dll
[2008/12/01 12:19:24 | 00,090,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxoci.dll
[2008/12/01 12:19:24 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cfgbkend.dll
[2008/12/01 12:19:24 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cfgbkend.dll
[2008/12/01 12:19:24 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qprocess.exe
[2008/12/01 12:19:24 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qprocess.exe
[2008/12/01 12:19:24 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icaapi.dll
[2008/12/01 12:19:24 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icaapi.dll
[2008/12/01 12:19:24 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc
[2008/12/01 12:19:23 | 00,949,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtctm.dll
[2008/12/01 12:19:23 | 00,949,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtctm.dll
[2008/12/01 12:19:23 | 00,425,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcprx.dll
[2008/12/01 12:19:23 | 00,425,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtcprx.dll
[2008/12/01 12:19:23 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtclog.dll
[2008/12/01 12:19:23 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtclog.dll
[2008/12/01 12:19:23 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xolehlp.dll
[2008/12/01 12:19:23 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xolehlp.dll
[2008/12/01 12:19:23 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtc.exe
[2008/12/01 12:19:23 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtc.exe
[2008/12/01 12:19:22 | 00,628,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\catsrvut.dll
[2008/12/01 12:19:22 | 00,628,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvut.dll
[2008/12/01 12:19:22 | 00,195,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comadmin.dll
[2008/12/01 12:19:22 | 00,110,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clbcatex.dll
[2008/12/01 12:19:22 | 00,110,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clbcatex.dll
[2008/12/01 12:19:22 | 00,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\catsrvps.dll
[2008/12/01 12:19:22 | 00,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvps.dll
[2008/12/01 12:19:22 | 00,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\colbact.dll
[2008/12/01 12:19:22 | 00,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\colbact.dll
[2008/12/01 12:19:22 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrepl.exe
[2008/12/01 12:19:22 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Com
[2008/12/01 12:19:21 | 01,251,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comsvcs.dll
[2008/12/01 12:19:21 | 01,251,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsvcs.dll
[2008/12/01 12:19:21 | 00,540,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comuid.dll
[2008/12/01 12:19:21 | 00,540,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comuid.dll
[2008/12/01 12:19:21 | 00,501,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clbcatq.dll
[2008/12/01 12:19:21 | 00,501,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clbcatq.dll
[2008/12/01 12:19:21 | 00,229,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\catsrv.dll
[2008/12/01 12:19:21 | 00,229,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrv.dll
[2008/12/01 12:19:19 | 00,218,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprvse.exe
[2008/12/01 12:19:19 | 00,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmisvc.dll
[2008/12/01 12:19:19 | 00,095,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiutils.dll
[2008/12/01 12:19:19 | 00,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipsess.dll
[2008/12/01 12:19:18 | 00,437,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprvsd.dll
[2008/12/01 12:19:18 | 00,358,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmic.exe
[2008/12/01 12:19:18 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipcima.dll
[2008/12/01 12:19:18 | 00,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprov.dll
[2008/12/01 12:19:18 | 00,140,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmidcprv.dll
[2008/12/01 12:19:18 | 00,132,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipdskq.dll
[2008/12/01 12:19:18 | 00,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipjobj.dll
[2008/12/01 12:19:18 | 00,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipiprt.dll
[2008/12/01 12:19:18 | 00,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmicookr.dll
[2008/12/01 12:19:17 | 00,530,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcore.dll
[2008/12/01 12:19:17 | 00,273,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemess.dll
[2008/12/01 12:19:17 | 00,197,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemupgd.dll
[2008/12/01 12:19:17 | 00,196,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiadap.exe
[2008/12/01 12:19:17 | 00,178,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemdisp.dll
[2008/12/01 12:19:17 | 00,126,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiapsrv.exe
[2008/12/01 12:19:17 | 00,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemtest.exe
[2008/12/01 12:19:17 | 00,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiaprpl.dll
[2008/12/01 12:19:17 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcons.dll
[2008/12/01 12:19:17 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemsvc.dll
[2008/12/01 12:19:17 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemprox.dll
[2008/12/01 12:19:17 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiapres.dll
[2008/12/01 12:19:16 | 00,214,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcomn.dll
[2008/12/01 12:19:16 | 00,196,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcntl.dll
[2008/12/01 12:19:16 | 00,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\viewprov.dll
[2008/12/01 12:19:16 | 00,086,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\stdprov.dll
[2008/12/01 12:19:16 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scrcons.exe
[2008/12/01 12:19:15 | 00,237,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\provthrd.dll
[2008/12/01 12:19:15 | 00,212,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntevt.dll
[2008/12/01 12:19:15 | 00,177,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\repdrvfs.dll
[2008/12/01 12:19:15 | 00,092,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\policman.dll
[2008/12/01 12:19:14 | 00,123,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mofd.dll
[2008/12/01 12:19:14 | 00,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ncprov.dll
[2008/12/01 12:19:14 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\krnlprov.dll
[2008/12/01 12:19:14 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mofcomp.exe
[2008/12/01 12:19:13 | 00,472,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fastprox.dll
[2008/12/01 12:19:13 | 00,247,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\esscli.dll
[2008/12/01 12:19:13 | 00,185,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\framedyn.dll
[2008/12/01 12:19:12 | 01,352,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cimwin32.dll
[2008/12/01 12:19:12 | 00,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmprops.dll
[2008/12/01 12:19:12 | 00,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmprops.dll
[2008/12/01 12:19:12 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\licwmi.dll
[2008/12/01 12:19:12 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\licwmi.dll
[2008/12/01 12:19:12 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\servdeps.dll
[2008/12/01 12:19:12 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\servdeps.dll
[2008/12/01 12:19:12 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmfutil.dll
[2008/12/01 12:19:12 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mmfutil.dll
[2008/12/01 12:19:10 | 00,196,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rdpdr.sys
[2008/12/01 12:19:10 | 00,040,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\termdd.sys
[2008/12/01 12:19:09 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Videos
[2008/11/20 22:45:30 | 00,042,320 | ---- | C] () -- C:\WINDOWS\System32\xfcodec.dll

========== Files - Modified Within 30 Days ==========

[1 C:\WINDOWS\System32\*.tmp files]
[3 C:\WINDOWS\*.tmp files]
[2008/12/11 11:31:15 | 00,186,097 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2008/12/11 11:30:54 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2008/12/11 11:30:47 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2008/12/11 11:30:45 | 10,732,70784 | -HS- | M] () -- C:\hiberfil.sys
[2008/12/11 06:49:23 | 00,095,864 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008/12/10 21:54:55 | 00,090,624 | ---- | M] () -- C:\Documents and Settings\Andy\My Documents\referat...sistemul muscular.doc
[2008/12/10 21:45:36 | 00,067,580 | ---- | M] () -- C:\Documents and Settings\Andy\Desktop\www.referat.ro-aditivi0947d.zip
[2008/12/10 21:17:49 | 01,390,337 | ---- | M] () -- C:\Documents and Settings\Andy\Desktop\flysetup.exe
[2008/12/10 21:17:31 | 00,328,244 | ---- | M] () -- C:\Documents and Settings\Andy\Desktop\saa713x_2310.zip
[2008/12/10 17:21:44 | 00,000,698 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\DAEMON Tools.lnk
[2008/12/10 17:20:19 | 00,611,064 | ---- | M] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2008/12/10 17:15:44 | 01,530,776 | ---- | M] (DT Soft Ltd.) -- C:\Documents and Settings\Andy\My Documents\daemon406-x86.exe
[2008/12/10 14:46:43 | 00,000,075 | -HS- | M] () -- C:\Documents and Settings\Andy\My Documents\desktop.ini
[2008/12/10 14:42:18 | 00,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2008/12/10 14:40:32 | 15,452,536 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Andy\Desktop\IE7-WindowsXP-x86-enu.exe
[2008/12/10 14:35:48 | 00,423,424 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Andy\Desktop\OTViewIt.exe
[2008/12/07 21:20:10 | 00,151,954 | ---- | M] () -- C:\Documents and Settings\Andy\Desktop\614-94490-danciulescu.jpg
[2008/12/07 21:17:07 | 00,163,946 | ---- | M] () -- C:\Documents and Settings\Andy\My Documents\RRomina.JPG
[2008/12/07 21:17:01 | 00,109,033 | ---- | M] () -- C:\Documents and Settings\Andy\My Documents\RRomina 4.JPG
[2008/12/07 21:16:57 | 00,105,703 | ---- | M] () -- C:\Documents and Settings\Andy\My Documents\RRomina 3.JPG
[2008/12/07 21:16:53 | 00,118,002 | ---- | M] () -- C:\Documents and Settings\Andy\My Documents\RRomina 2.JPG
[2008/12/07 20:52:57 | 00,022,328 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2008/12/07 20:52:50 | 00,107,832 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2008/12/07 00:01:44 | 39,240,452 | ---- | M] () -- C:\Documents and Settings\Andy\Desktop\coduo_mappack.zip
[2008/12/06 22:53:32 | 00,239,320 | ---- | M] () -- C:\Documents and Settings\Andy\My Documents\cod minimizer.rar
[2008/12/06 13:36:52 | 00,120,917 | ---- | M] () -- C:\Documents and Settings\Andy\My Documents\cod.JPG
[2008/12/04 22:41:39 | 00,218,777 | ---- | M] () -- C:\Documents and Settings\Andy\My Documents\untitled.JPG
[2008/12/04 22:03:41 | 00,088,773 | ---- | M] () -- C:\Documents and Settings\Andy\My Documents\latina 002.jpg
[2008/12/04 22:03:40 | 00,098,566 | ---- | M] () -- C:\Documents and Settings\Andy\My Documents\latina 001.jpg
[2008/12/04 14:08:58 | 00,305,705 | ---- | M] () -- C:\Documents and Settings\Andy\Desktop\RSIT.exe
[2008/12/04 07:03:37 | 00,147,192 | ---- | M] () -- C:\WINDOWS\System32\guard32.dll
[2008/12/04 07:03:37 | 00,101,776 | ---- | M] (COMODO) -- C:\WINDOWS\System32\drivers\cmdguard.sys
[2008/12/03 20:04:05 | 00,245,681 | ---- | M] () -- C:\Documents and Settings\Andy\My Documents\Call Of Duty 4(128x160)-64970.jar
[2008/12/03 07:19:12 | 00,000,686 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\HOSTS
[2008/12/03 07:12:54 | 01,529,241 | ---- | M] () -- C:\Documents and Settings\Andy\Desktop\SDFix.exe
[2008/12/03 07:11:44 | 00,049,208 | ---- | M] () -- C:\Documents and Settings\Andy\Desktop\topic131299.html
[2008/12/02 22:57:34 | 01,138,609 | ---- | M] (EFD Software ) -- C:\Documents and Settings\Andy\Desktop\hdtunepro_310_trial.exe
[2008/12/02 21:53:37 | 06,413,124 | -H-- | M] () -- C:\Documents and Settings\Andy\Local Settings\Application Data\IconCache.db
[2008/12/02 15:32:35 | 00,023,980 | ---- | M] () -- C:\Documents and Settings\Andy\Desktop\1227515655-Revolver.zip
[2008/12/02 07:07:47 | 02,372,472 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Andy\Desktop\mbam-setup.exe
[2008/12/01 22:53:14 | 00,000,031 | ---- | M] () -- C:\Documents and Settings\Andy\Desktop\coduo_minimizer.ini
[2008/12/01 22:11:33 | 30,718,383 | ---- | M] () -- C:\Documents and Settings\Andy\My Documents\adrian prisecaru.wmv
[2008/12/01 20:03:51 | 00,223,940 | ---- | M] () -- C:\Documents and Settings\Andy\Desktop\coduo_minimizer115a.zip
[2008/12/01 17:09:05 | 00,012,328 | ---- | M] () -- C:\Documents and Settings\Andy\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2008/12/01 15:28:33 | 37,853,246 | ---- | M] () -- C:\Documents and Settings\Andy\Desktop\call-of-duty-1-5-patch.exe
[2008/12/01 15:07:28 | 05,736,952 | ---- | M] () -- C:\Documents and Settings\Andy\Desktop\xfire_installer_35044.exe
[2008/12/01 15:06:57 | 00,034,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\lhacm.acm
[2008/12/01 15:06:53 | 00,000,665 | ---- | M] () -- C:\Documents and Settings\Andy\Desktop\Teamspeak 2 RC2.lnk
[2008/12/01 15:06:23 | 05,862,994 | ---- | M] () -- C:\Documents and Settings\Andy\Desktop\ts2_client_rc2_2032.exe
[2008/12/01 15:01:29 | 00,066,872 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2008/12/01 14:56:43 | 00,278,528 | ---- | M] (By UberGames) -- C:\Documents and Settings\Andy\My Documents\Q3E Minimizer_v1.51.exe
[2008/12/01 14:46:38 | 00,944,797 | ---- | M] () -- C:\Documents and Settings\Andy\Desktop\wrar300.exe
[2008/12/01 14:45:11 | 00,151,679 | ---- | M] () -- C:\Documents and Settings\Andy\Desktop\q3eminimizerv130.zip
[2008/12/01 14:41:55 | 12,150,6833 | ---- | M] () -- C:\Documents and Settings\Andy\Desktop\call-of-duty-united-offensive-1-51-patch.exe
[2008/12/01 14:41:13 | 00,000,319 | ---- | M] () -- C:\WINDOWS\CoDUO.INI
[2008/12/01 14:31:43 | 00,000,709 | ---- | M] () -- C:\WINDOWS\CoD.INI
[2008/12/01 14:14:01 | 00,000,231 | ---- | M] () -- C:\WINDOWS\system.ini
[2008/12/01 14:13:29 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\All Users\Documents\desktop.ini
[2008/12/01 14:13:29 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\desktop.ini
[2008/12/01 14:13:28 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\Andy\Application Data\desktop.ini
[2008/12/01 14:03:46 | 23,804,784 | ---- | M] () -- C:\Documents and Settings\Andy\Desktop\aaw2008.exe
[2008/12/01 13:21:33 | 27,462,344 | ---- | M] () -- C:\Documents and Settings\Andy\Desktop\setupeng.exe
[2008/12/01 13:11:07 | 00,079,504 | ---- | M] (COMODO) -- C:\WINDOWS\System32\drivers\inspect.sys
[2008/12/01 13:11:07 | 00,031,504 | ---- | M] (COMODO) -- C:\WINDOWS\System32\drivers\cmdhlp.sys
[2008/12/01 13:10:54 | 00,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2008/12/01 13:09:52 | 07,508,624 | ---- | M] (Mozilla) -- C:\Documents and Settings\Andy\Desktop\Firefox Setup 3.0.4.exe
[2008/12/01 12:49:10 | 00,356,120 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2008/12/01 12:49:10 | 00,311,604 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2008/12/01 12:49:10 | 00,039,992 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2008/12/01 12:29:57 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2008/12/01 12:29:04 | 00,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD
[2008/12/01 12:28:05 | 00,000,315 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2008/12/01 12:24:55 | 00,000,084 | -HS- | M] () -- C:\Documents and Settings\Andy\Start Menu\Programs\Startup\desktop.ini
[2008/12/01 12:24:55 | 00,000,084 | -HS- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\desktop.ini
[2008/12/01 12:24:48 | 00,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2008/12/01 12:24:48 | 00,000,477 | ---- | M] () -- C:\WINDOWS\win.ini
[2008/12/01 12:24:48 | 00,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2008/12/01 12:24:48 | 00,000,000 | RHS- | M] () -- C:\IO.SYS
[2008/12/01 12:24:48 | 00,000,000 | ---- | M] () -- C:\WINDOWS\control.ini
[2008/12/01 12:24:48 | 00,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2008/12/01 12:24:48 | 00,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2008/12/01 12:24:40 | 00,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2008/12/01 12:24:40 | 00,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2008/12/01 12:24:40 | 00,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2008/12/01 12:24:28 | 00,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2008/12/01 12:21:00 | 00,021,640 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008/12/01 12:20:46 | 00,000,037 | ---- | M] () -- C:\WINDOWS\vbaddin.ini
[2008/12/01 12:20:46 | 00,000,036 | ---- | M] () -- C:\WINDOWS\vb.ini
[2008/12/01 12:18:17 | 00,000,211 | -HS- | M] () -- C:\boot.ini
[2008/11/20 22:45:30 | 00,042,320 | ---- | M] () -- C:\WINDOWS\System32\xfcodec.dll
< End of report >

OTViewIt Extras logfile created on: 12/11/2008 11:39:05 AM - Run 2
OTViewIt by OldTimer - Version 1.0.20.1 Folder = C:\Documents and Settings\Andy\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1023.48 Mb Total Physical Memory | 623.02 Mb Available Physical Memory | 60.87% Memory free
2.40 Gb Paging File | 2.09 Gb Available in Paging File | 86.89% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 8.69 Gb Total Space | 3.16 Gb Free Space | 36.35% Space Free | Partition Type: NTFS
Drive D: | 29.59 Gb Total Space | 22.84 Gb Free Space | 77.20% Space Free | Partition Type: NTFS
Drive E: | 3.94 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ANDY-65D25A1FE7
Current User Name: Andy
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Whitelist: On
File Age = 30 Days

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled"=1
"AntiVirusDisableNotify"=0
"FirewallDisableNotify"=0
"UpdatesDisableNotify"=0
"AntiVirusOverride"=0
"FirewallOverride"=0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"EnableFirewall"=1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[2004/08/04 14:00:00 | 00,140,800 | ---- | M] (Microsoft Corporation) -- %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
[2004/08/04 14:00:00 | 00,140,800 | ---- | M] (Microsoft Corporation) -- %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
[2008/11/05 21:59:00 | 04,347,120 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger
[2008/11/20 22:45:26 | 02,986,320 | ---- | M] (Xfire Inc.) -- C:\Program Files\Xfire\Xfire.exe:*:Enabled:Xfire
[2004/11/18 21:43:44 | 01,830,912 | ---- | M] () -- D:\Call of Duty\CoDMP.exe:*:Enabled:CoDMP
[2004/12/07 07:13:54 | 01,904,640 | ---- | M] () -- D:\Call of Duty\CoDUOMP.exe:*:Enabled:CoDUOMP

========== (O18) Protocol Handlers ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
ipp: [HKLM - No CLSID value]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\] - Protocol Handlers
[2002/05/24 12:22:16 | 00,532,480 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL ipp\0x00000001:{E1D2BF42-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - Microsoft OLE DB Moniker Binder for Internet Publishing]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
msdaipp: [HKLM - No CLSID value]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\] - Protocol Handlers
[2002/05/24 12:22:16 | 00,532,480 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL msdaipp\0x00000001:{E1D2BF42-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - Microsoft OLE DB Moniker Binder for Internet Publishing]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\] - Protocol Handlers
[2002/05/24 12:22:16 | 00,532,480 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL msdaipp\oledb:{E1D2BF40-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - MSDAIPP.BINDER]

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}"=Java™ 6 Update 11
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}"=WebFldrs XP
"{7299052b-02a4-4627-81f2-1818da5d550d}"=Microsoft Visual C++ 2005 Redistributable
"{A662E280-64A8-4CF5-8407-13D0808602B3}"=Call of Duty - United Offensive
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}"=Futuremark SystemInfo
"{D7A6C517-11F2-419F-B5BB-27772B939698}"=NvMixer
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}"=Ad-Aware
"{FB08F381-6533-4108-B7DD-039E11FBC27E}"=Realtek AC'97 Audio
"Adobe Flash Player ActiveX"=Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin"=Adobe Flash Player 10 Plugin
"Call of Duty"=Call of Duty
"COMODO Internet Security"=COMODO Internet Security
"FLY2000TV"=FLY 2000 TV v2.38 RC2
"HD Tune Pro_is1"=HD Tune Pro 3.10
"HijackThis"=HijackThis 2.0.2
"IDNMitigationAPIs"=Microsoft Internationalized Domain Names Mitigation APIs
"ie7"=Windows Internet Explorer 7
"InstallShield_{A662E280-64A8-4CF5-8407-13D0808602B3}"=Call of Duty - United Offensive
"Malwarebytes' Anti-Malware_is1"=Malwarebytes' Anti-Malware
"Mozilla Firefox (3.0.4)"=Mozilla Firefox (3.0.4)
"NLSDownlevelMapping"=Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers"=NVIDIA Drivers
"Teamspeak 2 RC2_is1"=TeamSpeak 2 RC2
"WinRAR archiver"=WinRAR archiver
"Xfire"=Xfire (remove only)
"Yahoo! Messenger"=Yahoo! Messenger

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 12/1/2008 9:15:11 AM | Computer Name = ANDY-65D25A1FE7 | Source = Application Hang | ID = 1002
Description = Hanging application YahooMessenger.exe, version 9.0.0.2034, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 12/1/2008 9:19:07 AM | Computer Name = ANDY-65D25A1FE7 | Source = EventSystem | ID = 4609
Description = The COM+ Event System detected a bad return code during its internal
processing. HRESULT was 800706BA from line 44 of d:\qxp_slp\com\com1x\src\events\tier1\eventsystemobj.cpp.
Please contact Microsoft Product Support Services to report this erro

[ System Events ]
Error - 12/3/2008 1:18:17 AM | Computer Name = ANDY-65D25A1FE7 | Source = Service Control Manager | ID = 7001
Description = The DNS Client service depends on the TCP/IP Protocol Driver service
which failed to start because of the following error: %%31

Error - 12/3/2008 1:18:17 AM | Computer Name = ANDY-65D25A1FE7 | Source = Service Control Manager | ID = 7001
Description = The TCP/IP NetBIOS Helper service depends on the AFD service which
failed to start because of the following error: %%31

Error - 12/3/2008 1:18:17 AM | Computer Name = ANDY-65D25A1FE7 | Source = Service Control Manager | ID = 7001
Description = The IPSEC Services service depends on the IPSEC driver service which
failed to start because of the following error: %%31

Error - 12/3/2008 1:18:17 AM | Computer Name = ANDY-65D25A1FE7 | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
AFD AmdK7 cmdGuard cmdHlp Fips IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss Tcpip

Error - 12/8/2008 7:36:21 AM | Computer Name = ANDY-65D25A1FE7 | Source = W32Time | ID = 39452689
Description = Time Provider NtpClient: An error occurred during DNS lookup of the
manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
again in 15 minutes. The error was: A socket operation was attempted to an unreachable
host. (0x80072751)

Error - 12/8/2008 7:36:21 AM | Computer Name = ANDY-65D25A1FE7 | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 14 minutes. NtpClient has no source of accurate
time.

Error - 12/8/2008 7:36:23 AM | Computer Name = ANDY-65D25A1FE7 | Source = W32Time | ID = 39452689
Description = Time Provider NtpClient: An error occurred during DNS lookup of the
manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
again in 15 minutes. The error was: A socket operation was attempted to an unreachable
host. (0x80072751)

Error - 12/8/2008 7:36:23 AM | Computer Name = ANDY-65D25A1FE7 | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 15 minutes. NtpClient has no source of accurate
time.

Error - 12/8/2008 7:38:35 AM | Computer Name = ANDY-65D25A1FE7 | Source = W32Time | ID = 39452689
Description = Time Provider NtpClient: An error occurred during DNS lookup of the
manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
again in 15 minutes. The error was: A socket operation was attempted to an unreachable
host. (0x80072751)

Error - 12/8/2008 7:38:35 AM | Computer Name = ANDY-65D25A1FE7 | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 14 minutes. NtpClient has no source of accurate
time.


< End of report >

#6 extremeboy

extremeboy

  • Malware Response Team
  • 12,975 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:31 PM

Posted 12 December 2008 - 01:05 PM

Hello Andy8.

From your previous topic in the "Am I Infected" forum your Ad-aware found 2 files located on your desktop related to a backdoor(read below for more information). Kaspersky also flagged those 2 files. I hope you didn't run those files yet? Have you ran those files that you have on your desktop?

I would want you to remove those 2 files/folders right now please.

On your desktop there should be two files/folders called: coduo_minimizer.exe and coduo_minimizer115a.zip

Please delete it and then empty your recycling bin.

Just out of curiosity, did you download those? I do not know what happened before but since you have a backdoor file, I'm going to give you the backdoor warning and let you decide whether you wish to proceed or not.

Posted ImageBackdoor Threat
Unfortunately One or more of the identified infections is a backdoor trojan.

This allows hackers to remotely control your computer, steal critical system information and download and execute files.

I would counsel you to disconnect this PC from the Internet immediately. If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation.

Though the trojan has been identified and can be killed, because of it's backdoor functionality, your PC is very likely compromised and there is no way to be sure your computer can ever again be trusted. Many experts in the security community believe that once infected with this type of trojan, the best course of action would be a reformat and reinstall of the OS. Please read these for more information:

How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?
When Should I Format, How Should I Reinstall

We can still clean this machine but I can't guarantee that it will be 100% secure afterwards. Let me know what you decide to do.

If you wish to continue please continue with the instructions below.

Download and Run Scan with GMER

We will use GMER to scan for rootkits.
  • Download gmer.zip and save to your desktop.
    Alternate Download Site 1
    Alternate Download Site 2
  • Unzip/extract the file to its own folder. (Click here for information on how to do this if not sure. Win 2000 users click here.
  • When you have done this, disconnect from the Internet and close all running programs.
    There is a small chance this application may crash your computer so save any work you have open.
  • Double-click on Gmer.exe to start the program.
  • Allow the gmer.sys driver to load if asked.
  • If it gives you a warning at program start about rootkit activity and asks if you want to run a scan...click NO.
  • Click on Settings, then check the first five settings:
    • System Protection and Tracing
    • Processes
    • Save created processes to the log
    • Drivers
    • Save loaded drivers to the log
  • You will be prompted to restart your computer. Please do so.
After the reboot, run Gmer again and click on the Rootkit tab.
  • Look at the right hand side (under Files) and uncheck all drives with the exception of your C drive.
  • Make sure all other boxes on the right of the screen are checked, EXCEPT for Show All.
  • Click on the Scan and wait for the scan to finish.
    Note: Before scanning, make sure all other running programs are closed and no other actions like a scheduled antivirus scan will occur while this scan completes. Also do not use your computer during the scan. You will know that the scan is done when the Stop buttons turns back to Scan.
  • When completed, click on the Copy button and right-click on your Desktop, choose New>Text document. Once the file is created, open it and right-click again and choose Paste. Save the file as gmer.txt and copy the information in your next reply.
Important!:Please do not select the Show all checkbox during the scan..

Run Malwarebytes Anti-Malware with Full Scan

Please run Malwarebytes Anti-Malware one more time.

This time it is slightly different, instead of doing a quick/fast scan please do a Full Scan.

If you removed the program or need to download it again please do so by downloading from one of the links below:
Link 1
alternate download link 1
alternate download link 2


Install it and do a Full Scan after the scan is finished please post back with the log.

Please post back with:
-GMER log
-Malwarebytes Anti-malware log
-Fresh/New OTViewIT log


With Regards,
Extremeboy
Note: Please do not PM me asking for help, instead please post it in the correct forum requesting for help. Help requests via the PM system will be ignored.

If I'm helping you and I don't reply within 48 hours please feel free to send me a PM.

The help you receive here is always free but if you wish to show your appreciation, you may wish to Posted Image.

#7 Andy8

Andy8
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:01:31 AM

Posted 12 December 2008 - 02:44 PM

Hi extremeboy ,

Thank you once again for your reply.I have deleted the 2 infected files.Unfortunately,i had opened them for 4-5 times before i had found out that they were infected and i stopped using them.I was using an older version of the program and i thought it was safe,but it turned out not to be that safe.I see this backdoor thing is a serious problem and i hope i can get rid of it.Please feel free to recommend any programs and any solutions as i am willing to sell this pc soon and i don't want to sell it with infections on it.Here are the logs you requested:

Malwarebytes' Anti-Malware 1.30
Database version: 1443
Windows 5.1.2600 Service Pack 2

12/12/2008 9:34:50 PM
mbam-log-2008-12-12 (21-34-50).txt

Scan type: Full Scan (C:\|D:\|)
Objects scanned: 60831
Time elapsed: 11 minute(s), 45 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)




OTViewIt logfile created on: 12/12/2008 9:35:10 PM - Run 3
OTViewIt by OldTimer - Version 1.0.20.1 Folder = C:\Documents and Settings\Andy\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1023.48 Mb Total Physical Memory | 678.17 Mb Available Physical Memory | 66.26% Memory free
2.40 Gb Paging File | 2.16 Gb Available in Paging File | 89.89% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 8.69 Gb Total Space | 2.96 Gb Free Space | 34.07% Space Free | Partition Type: NTFS
Drive D: | 29.59 Gb Total Space | 22.43 Gb Free Space | 75.80% Space Free | Partition Type: NTFS
Drive E: | 3.94 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ANDY-65D25A1FE7
Current User Name: Andy
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Whitelist: On
File Age = 30 Days

========== Processes ==========

[2008/09/10 13:01:28 | 00,611,664 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
[2003/04/24 16:53:54 | 00,054,784 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE
[2008/12/04 07:03:36 | 01,797,880 | ---- | M] () -- C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
[2004/08/04 14:00:00 | 00,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rundll32.exe
[2008/12/07 21:26:56 | 00,136,600 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
[2006/09/14 22:09:07 | 00,157,592 | ---- | M] (DT Soft Ltd.) -- C:\Program Files\DAEMON Tools\daemon.exe
[2008/12/04 07:03:35 | 00,618,232 | ---- | M] () -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
[2008/12/07 21:26:55 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
[2008/05/16 14:01:00 | 00,159,812 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
[2008/12/01 15:01:29 | 00,066,872 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrA.exe
[2004/08/04 14:00:00 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe
[2008/10/31 22:55:59 | 00,307,712 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
[2008/10/22 16:10:20 | 01,261,200 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
[2004/08/04 14:00:00 | 00,069,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\notepad.exe
[2008/12/10 14:35:48 | 00,423,424 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Andy\Desktop\OTViewIt.exe

========== (O23) Win32 Services ==========

[2008/09/10 13:01:28 | 00,611,664 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe -- (aawservice [Auto | Running])
[2008/12/04 07:03:35 | 00,618,232 | ---- | M] () -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent [Auto | Running])
[2008/12/07 21:26:55 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running])
[2008/05/16 14:01:00 | 00,159,812 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc [Auto | Running])
[2008/12/01 15:01:29 | 00,066,872 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrA.exe -- (PnkBstrA [Auto | Running])

========== Driver Services ==========

[2003/04/24 23:48:02 | 00,730,092 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM [On_Demand | Running])
[2004/08/04 14:00:00 | 00,037,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\amdk7.sys -- (AmdK7 [System | Running])
[2004/11/05 04:17:52 | 00,334,816 | ---- | M] (Philips Semiconductors) -- C:\WINDOWS\system32\drivers\Cap7134.sys -- (Cap7134 [On_Demand | Running])
[2008/12/04 07:03:37 | 00,101,776 | ---- | M] (COMODO) -- C:\WINDOWS\system32\drivers\cmdguard.sys -- (cmdGuard [System | Running])
[2008/12/01 13:11:07 | 00,031,504 | ---- | M] (COMODO) -- C:\WINDOWS\system32\drivers\cmdhlp.sys -- (cmdHlp [System | Running])
[2008/05/29 12:33:10 | 00,027,672 | R--- | M] (EnTech Taiwan) -- C:\WINDOWS\system32\drivers\Entech.sys -- (ENTECH [On_Demand | Stopped])
[2003/10/10 12:06:40 | 00,004,134 | ---- | M] () -- C:\WINDOWS\system32\drivers\FlyPCI.sys -- (FlyPCI [On_Demand | Stopped])
[2004/08/04 01:08:22 | 00,010,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum [On_Demand | Running])
[2008/12/12 21:13:34 | 00,085,969 | ---- | M] (GMER) -- C:\WINDOWS\system32\drivers\gmer.sys -- (gmer [System | Running])
[2008/12/01 13:11:07 | 00,079,504 | ---- | M] (COMODO) -- C:\WINDOWS\system32\drivers\inspect.sys -- (Inspect [Boot | Running])
[2001/08/17 16:00:04 | 00,002,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401 [On_Demand | Running])
[2008/05/16 14:01:00 | 06,557,408 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv [On_Demand | Running])
[2004/06/03 10:40:46 | 00,079,360 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nvatabus.sys -- (nvatabus [Boot | Running])
[2004/05/25 15:58:02 | 00,048,640 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nvax.sys -- (nvax [On_Demand | Stopped])
[2004/01/29 01:45:50 | 00,093,764 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\NVENET.sys -- (NVENET [On_Demand | Running])
[2004/05/25 15:58:04 | 00,396,032 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nvapu.sys -- (nvnforce [On_Demand | Stopped])
[2004/04/02 15:40:00 | 00,021,760 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nv_agp.SYS -- (nv_agp [Boot | Running])
[2004/08/04 14:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink [On_Demand | Running])
[2004/08/04 14:00:00 | 00,027,440 | ---- | M] () -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv [On_Demand | Stopped])
[2008/12/10 17:20:19 | 00,611,064 | ---- | M] () -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd [Boot | Running])
[2004/08/04 14:00:00 | 00,012,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ws2ifsl.sys -- (WS2IFSL [Disabled | Stopped])
[2008/10/22 16:10:38 | 00,038,496 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy [On_Demand | Running])

========== (R ) Internet Explorer ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main]
"Default_Page_URL"=http://go.microsoft.com/fwlink/?LinkId=69157
"Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896
"Default_Secondary_Page_URL"=
"Extensions Off Page"=about:NoAdd-ons
"Local Page"=%SystemRoot%\system32\blank.htm
"Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896
"Security Risk Page"=about:SecurityRisk
"Start Page"=http://go.microsoft.com/fwlink/?LinkId=69157

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search]
"CustomizeSearch"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
"SearchAssistant"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main]
"Local Page"=C:\WINDOWS\system32\blank.htm
"Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
"Start Page"=http://www.google.ro/

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main]

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main]

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main]

[HKEY_USERS\S-1-5-21-57989841-2000478354-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main]
"Local Page"=C:\WINDOWS\system32\blank.htm
"Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
"Start Page"=http://www.google.ro/

[HKEY_USERS\S-1-5-21-57989841-2000478354-839522115-1003\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-57989841-2000478354-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0

========== (O1) Hosts File ==========

HOSTS File = (686 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
First 25 entries...
127.0.0.1 localhost

========== (O2) BHO's ==========

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (HKLM) -- C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
{DBC80044-A445-435b-BC74-9C25C1C588A9} (HKLM) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
{E7E6F031-17CE-4C07-BC86-EABFE594F69C} (HKLM) -- C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)

========== (O4) Run Keys ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"COMODO Internet Security"="C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h ()
"DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 (DT Soft Ltd.)
"NvCplDaemon"=RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup (NVIDIA Corporation)
"NvMediaCenter"=RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit (NVIDIA Corporation)
"NVMixerTray"="C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe" (NVIDIA Corporation)
"nwiz"=nwiz.exe /install ()
"SoundMan"=SOUNDMAN.EXE (Realtek Semiconductor Corp.)
"SunJavaUpdateSched"="C:\Program Files\Java\jre6\bin\jusched.exe" (Sun Microsystems, Inc.)

========== (O4) Startup Folders ==========


========== (O6 & O7) Current Version Policies ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145

[HKEY_USERS\S-1-5-21-57989841-2000478354-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145

========== (O9) IE Extensions ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
{FB5F1910-F110-11d2-BB9E-00C04F795683}: Button: Messenger -- %ProgramFiles%\Messenger\msmsgs.exe [2004/08/04 01:06:34 | 01,667,584 | ---- | M] (Microsoft Corporation)
{FB5F1910-F110-11d2-BB9E-00C04F795683}: Menu: Windows Messenger -- %ProgramFiles%\Messenger\msmsgs.exe [2004/08/04 01:06:34 | 01,667,584 | ---- | M] (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2004/08/04 01:06:34 | 01,667,584 | ---- | M] (Microsoft Corporation)

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2004/08/04 01:06:34 | 01,667,584 | ---- | M] (Microsoft Corporation)

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2004/08/04 01:06:34 | 01,667,584 | ---- | M] (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-57989841-2000478354-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2004/08/04 01:06:34 | 01,667,584 | ---- | M] (Microsoft Corporation)

========== (O12) Internet Explorer Plugins ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\]
PluginsPage: "" = http://activex.microsoft.com/controls/find...=%s&mime=%s
PluginsPageFriendlyName: "" = Microsoft ActiveX Gallery

========== (O13) Default Prefixes ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix]
""=http://

========== (O15) Trusted Sites ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
1 domain(s) and sub-domain(s) not assigned to a zone.

========== (O16) DPF ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\]
{8AD9C840-044E-11D1-B3E9-00805F499D93}: http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab -- Java Plug-in 1.6.0_11
{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab -- Java Plug-in 1.6.0_11
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab -- Java Plug-in 1.6.0_11

========== (O17) DNS Name Servers ==========

{1594793C-A9D9-4254-A96C-BBE67072DF96} (Servers: | Description: NVIDIA nForce Networking Controller)
{94469ED7-F758-4CA1-B43D-3CE01B03E6C8} (Servers: | Description: )

========== (O20) AppInit_DLLs ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_Dlls"=C:\WINDOWS\system32\guard32.dll
>[2008/12/04 07:03:37 | 00,147,192 | ---- | M] () -- C:\WINDOWS\system32\guard32.dll

========== Safeboot Options ==========

"AlternateShell"=cmd.exe

========== CDRom AutoRun Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]
"AutoRun" = 1

========== Autorun Files on Drives ==========

AUTOEXEC.BAT []
[2008/12/01 12:24:48 | 00,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT -- [ NTFS ]

========== Files/Folders - Created Within 30 Days ==========

[1 C:\WINDOWS\System32\*.tmp files]
[3 C:\WINDOWS\*.tmp files]
[2008/12/12 21:13:36 | 00,000,345 | ---- | C] () -- C:\WINDOWS\gmer.ini
[2008/12/12 21:13:34 | 00,884,736 | ---- | C] () -- C:\WINDOWS\gmer.dll
[2008/12/12 21:13:34 | 00,811,008 | ---- | C] () -- C:\WINDOWS\gmer.exe
[2008/12/12 21:13:34 | 00,085,969 | ---- | C] (GMER) -- C:\WINDOWS\System32\drivers\gmer.sys
[2008/12/12 21:13:34 | 00,000,080 | ---- | C] () -- C:\WINDOWS\gmer_uninstall.cmd
[2008/12/12 21:13:20 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Andy\Desktop\gmer
[2008/12/12 21:09:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Andy\Desktop\topic183980aaaa_files
[2008/12/12 21:09:35 | 00,320,482 | ---- | C] () -- C:\Documents and Settings\Andy\Desktop\topic183980aaaa.htm
[2008/12/12 21:08:50 | 00,747,873 | ---- | C] () -- C:\Documents and Settings\Andy\Desktop\gmer.zip
[2008/12/11 22:28:31 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Andy\Application Data\vlc
[2008/12/11 22:28:04 | 00,000,719 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\VLC media player.lnk
[2008/12/11 22:27:51 | 00,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2008/12/11 22:19:40 | 10,565,093 | ---- | C] () -- C:\Documents and Settings\Andy\My Documents\VLC Media Player 0.8.6a.exe
[2008/12/11 22:18:36 | 00,003,584 | ---- | C] () -- C:\Documents and Settings\Andy\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/12/11 21:50:17 | 89,980,928 | ---- | C] () -- C:\Documents and Settings\Andy\My Documents\Adi Prisecaru (macea).MPG
[2008/12/11 21:42:40 | 00,068,842 | ---- | C] () -- C:\Documents and Settings\Andy\My Documents\soramea.jpg
[2008/12/10 21:54:50 | 00,090,624 | ---- | C] () -- C:\Documents and Settings\Andy\My Documents\referat...sistemul muscular.doc
[2008/12/10 21:45:57 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Andy\Desktop\www.referat.ro-aditivi0947d
[2008/12/10 21:45:27 | 00,067,580 | ---- | C] () -- C:\Documents and Settings\Andy\Desktop\www.referat.ro-aditivi0947d.zip
[2008/12/10 21:24:44 | 00,004,134 | ---- | C] () -- C:\WINDOWS\System32\drivers\FlyPCI.sys
[2008/12/10 21:24:09 | 00,000,000 | ---D | C] -- C:\Program Files\FLY2000TV
[2008/12/10 21:23:57 | 00,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\MSTEE.sys
[2008/12/10 21:23:57 | 00,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstee.sys
[2008/12/10 21:23:54 | 00,010,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\NdisIP.sys
[2008/12/10 21:23:54 | 00,010,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndisip.sys
[2008/12/10 21:23:53 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipsink.ax
[2008/12/10 21:23:53 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipsink.ax
[2008/12/10 21:23:53 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\StreamIP.sys
[2008/12/10 21:23:53 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\streamip.sys
[2008/12/10 21:23:51 | 00,011,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\SLIP.sys
[2008/12/10 21:23:51 | 00,011,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\slip.sys
[2008/12/10 21:23:49 | 00,019,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\WSTCODEC.SYS
[2008/12/10 21:23:49 | 00,019,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wstcodec.sys
[2008/12/10 21:23:47 | 00,085,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\NABTSFEC.sys
[2008/12/10 21:23:47 | 00,085,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nabtsfec.sys
[2008/12/10 21:23:45 | 00,017,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\CCDECODE.sys
[2008/12/10 21:23:45 | 00,017,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ccdecode.sys
[2008/12/10 21:22:26 | 00,090,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kswdmcap.ax
[2008/12/10 21:22:26 | 00,090,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kswdmcap.ax
[2008/12/10 21:22:26 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kstvtune.ax
[2008/12/10 21:22:26 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kstvtune.ax
[2008/12/10 21:22:26 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vidcap.ax
[2008/12/10 21:22:26 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vidcap.ax
[2008/12/10 21:22:25 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vfwwdm32.dll
[2008/12/10 21:22:25 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vfwwdm32.dll
[2008/12/10 21:22:23 | 00,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksxbar.ax
[2008/12/10 21:22:23 | 00,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksxbar.ax
[2008/12/10 21:21:45 | 00,334,816 | ---- | C] (Philips Semiconductors) -- C:\WINDOWS\System32\drivers\Cap7134.sys
[2008/12/10 21:21:45 | 00,135,168 | ---- | C] (Philips Semiconductors) -- C:\WINDOWS\System32\34api.dll
[2008/12/10 21:21:45 | 00,114,688 | ---- | C] (Philips Semiconductors) -- C:\WINDOWS\System32\34com.dll
[2008/12/10 21:21:45 | 00,110,592 | ---- | C] (Philips Semiconductors) -- C:\WINDOWS\System32\prop7134.dll
[2008/12/10 21:21:44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Andy\Desktop\saa713x_2310
[2008/12/10 21:17:32 | 01,390,337 | ---- | C] () -- C:\Documents and Settings\Andy\Desktop\flysetup.exe
[2008/12/10 21:17:28 | 00,328,244 | ---- | C] () -- C:\Documents and Settings\Andy\Desktop\saa713x_2310.zip
[2008/12/10 17:21:44 | 00,000,698 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\DAEMON Tools.lnk
[2008/12/10 17:21:44 | 00,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools
[2008/12/10 17:20:19 | 00,611,064 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2008/12/10 17:15:09 | 01,530,776 | ---- | C] (DT Soft Ltd.) -- C:\Documents and Settings\Andy\My Documents\daemon406-x86.exe
[2008/12/10 14:42:57 | 00,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2008/12/10 14:42:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US
[2008/12/10 14:42:29 | 00,000,000 | -H-D | C] -- C:\WINDOWS\ie7
[2008/12/10 14:42:14 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
[2008/12/10 14:41:54 | 00,022,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spupdsvc.exe
[2008/12/10 14:41:53 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
[2008/12/10 14:41:16 | 00,014,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2008/12/10 14:41:12 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$
[2008/12/10 14:41:08 | 00,121,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xmllite.dll
[2008/12/10 14:40:29 | 15,452,536 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Andy\Desktop\IE7-WindowsXP-x86-enu.exe
[2008/12/10 14:35:47 | 00,423,424 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Andy\Desktop\OTViewIt.exe
[2008/12/07 21:32:32 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Futuremark
[2008/12/07 21:32:32 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Futuremark Shared
[2008/12/07 21:31:41 | 00,000,000 | ---D | C] -- C:\WINDOWS\Sun
[2008/12/07 21:26:52 | 00,000,000 | ---D | C] -- C:\Program Files\Java
[2008/12/07 21:26:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Andy\Application Data\Sun
[2008/12/07 21:20:10 | 00,151,954 | ---- | C] () -- C:\Documents and Settings\Andy\Desktop\614-94490-danciulescu.jpg
[2008/12/07 21:17:02 | 00,163,946 | ---- | C] () -- C:\Documents and Settings\Andy\My Documents\RRomina.JPG
[2008/12/07 21:16:58 | 00,109,033 | ---- | C] () -- C:\Documents and Settings\Andy\My Documents\RRomina 4.JPG
[2008/12/07 21:16:54 | 00,105,703 | ---- | C] () -- C:\Documents and Settings\Andy\My Documents\RRomina 3.JPG
[2008/12/07 21:16:49 | 00,118,002 | ---- | C] () -- C:\Documents and Settings\Andy\My Documents\RRomina 2.JPG
[2008/12/07 00:01:52 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Andy\Desktop\coduo_mappack
[2008/12/06 23:52:53 | 39,240,452 | ---- | C] () -- C:\Documents and Settings\Andy\Desktop\coduo_mappack.zip
[2008/12/06 22:53:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Andy\My Documents\cod minimizer
[2008/12/06 22:53:25 | 00,239,320 | ---- | C] () -- C:\Documents and Settings\Andy\My Documents\cod minimizer.rar
[2008/12/06 13:36:47 | 00,120,917 | ---- | C] () -- C:\Documents and Settings\Andy\My Documents\cod.JPG
[2008/12/04 22:41:32 | 00,218,777 | ---- | C] () -- C:\Documents and Settings\Andy\My Documents\untitled.JPG
[2008/12/04 22:03:41 | 00,088,773 | ---- | C] () -- C:\Documents and Settings\Andy\My Documents\latina 002.jpg
[2008/12/04 22:03:39 | 00,098,566 | ---- | C] () -- C:\Documents and Settings\Andy\My Documents\latina 001.jpg
[2008/12/04 14:09:48 | 00,000,000 | ---D | C] -- C:\rsit
[2008/12/04 14:09:48 | 00,000,000 | ---D | C] -- C:\Program Files\trend micro
[2008/12/04 14:08:58 | 00,305,705 | ---- | C] () -- C:\Documents and Settings\Andy\Desktop\RSIT.exe
[2008/12/03 20:03:58 | 00,245,681 | ---- | C] () -- C:\Documents and Settings\Andy\My Documents\Call Of Duty 4(128x160)-64970.jar
[2008/12/03 07:20:42 | 10,732,70784 | -HS- | C] () -- C:\hiberfil.sys
[2008/12/03 07:17:56 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2008/12/03 07:13:13 | 00,000,000 | ---D | C] -- C:\SDFix
[2008/12/03 07:12:54 | 01,529,241 | ---- | C] () -- C:\Documents and Settings\Andy\Desktop\SDFix.exe
[2008/12/03 07:11:42 | 00,049,208 | ---- | C] () -- C:\Documents and Settings\Andy\Desktop\topic131299.html
[2008/12/03 07:11:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Andy\Desktop\topic131299_files
[2008/12/02 22:57:48 | 00,000,000 | ---D | C] -- C:\Program Files\HD Tune Pro
[2008/12/02 22:57:32 | 01,138,609 | ---- | C] (EFD Software ) -- C:\Documents and Settings\Andy\Desktop\hdtunepro_310_trial.exe
[2008/12/02 15:32:33 | 00,023,980 | ---- | C] () -- C:\Documents and Settings\Andy\Desktop\1227515655-Revolver.zip
[2008/12/02 07:08:12 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Andy\Application Data\Malwarebytes
[2008/12/02 07:08:10 | 00,015,504 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2008/12/02 07:08:07 | 00,038,496 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2008/12/02 07:08:06 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2008/12/02 07:08:06 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2008/12/02 07:07:47 | 02,372,472 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Andy\Desktop\mbam-setup.exe
[2008/12/01 22:53:14 | 00,000,031 | ---- | C] () -- C:\Documents and Settings\Andy\Desktop\coduo_minimizer.ini
[2008/12/01 22:04:07 | 30,718,383 | ---- | C] () -- C:\Documents and Settings\Andy\My Documents\adrian prisecaru.wmv
[2008/12/01 17:09:05 | 00,012,328 | ---- | C] () -- C:\Documents and Settings\Andy\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2008/12/01 15:07:58 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Andy\Application Data\Xfire
[2008/12/01 15:07:54 | 00,000,000 | ---D | C] -- C:\Program Files\Xfire
[2008/12/01 15:07:14 | 05,736,952 | ---- | C] () -- C:\Documents and Settings\Andy\Desktop\xfire_installer_35044.exe
[2008/12/01 15:07:02 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Andy\Application Data\teamspeak2
[2008/12/01 15:06:57 | 00,034,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\lhacm.acm
[2008/12/01 15:06:53 | 00,000,665 | ---- | C] () -- C:\Documents and Settings\Andy\Desktop\Teamspeak 2 RC2.lnk
[2008/12/01 15:06:45 | 00,000,000 | ---D | C] -- C:\Program Files\Teamspeak2_RC2
[2008/12/01 15:06:19 | 05,862,994 | ---- | C] () -- C:\Documents and Settings\Andy\Desktop\ts2_client_rc2_2032.exe
[2008/12/01 15:02:04 | 00,022,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2008/12/01 15:01:41 | 00,107,832 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2008/12/01 15:01:29 | 00,066,872 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2008/12/01 15:01:29 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles
[2008/12/01 14:56:26 | 00,278,528 | ---- | C] (By UberGames) -- C:\Documents and Settings\Andy\My Documents\Q3E Minimizer_v1.51.exe
[2008/12/01 14:47:09 | 00,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2008/12/01 14:46:38 | 00,944,797 | ---- | C] () -- C:\Documents and Settings\Andy\Desktop\wrar300.exe
[2008/12/01 14:45:28 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Andy\Desktop\q3eminimizerv130
[2008/12/01 14:45:10 | 00,151,679 | ---- | C] () -- C:\Documents and Settings\Andy\Desktop\q3eminimizerv130.zip
[2008/12/01 14:32:44 | 00,000,319 | ---- | C] () -- C:\WINDOWS\CoDUO.INI
[2008/12/01 14:21:39 | 00,000,709 | ---- | C] () -- C:\WINDOWS\CoD.INI
[2008/12/01 14:17:10 | 00,006,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\splitter.sys
[2008/12/01 14:17:09 | 00,002,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmkaud.sys
[2008/12/01 14:17:07 | 00,142,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\aec.sys
[2008/12/01 14:17:03 | 00,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\swmidi.sys
[2008/12/01 14:17:01 | 00,004,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\MSPQM.sys
[2008/12/01 14:16:59 | 00,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\wdmaud.sys
[2008/12/01 14:16:57 | 00,052,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\DMusic.sys
[2008/12/01 14:16:56 | 00,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\MSKSSRV.sys
[2008/12/01 14:16:54 | 00,171,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\kmixer.sys
[2008/12/01 14:16:52 | 00,060,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sysaudio.sys
[2008/12/01 14:16:50 | 00,005,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\MSPCLOCK.sys
[2008/12/01 14:16:46 | 00,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\audstub.sys
[2008/12/01 14:16:14 | 00,057,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\redbook.sys
[2008/12/01 14:15:39 | 00,002,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\msmpu401.sys
[2008/12/01 14:15:38 | 00,145,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\portcls.sys
[2008/12/01 14:15:38 | 00,145,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\portcls.sys
[2008/12/01 14:15:38 | 00,130,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksproxy.ax
[2008/12/01 14:15:38 | 00,130,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksproxy.ax
[2008/12/01 14:15:38 | 00,060,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmk.sys
[2008/12/01 14:15:38 | 00,060,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmk.sys
[2008/12/01 14:15:38 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksuser.dll
[2008/12/01 14:15:38 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksuser.dll
[2008/12/01 14:15:36 | 00,010,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\gameenum.sys
[2008/12/01 14:15:20 | 00,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\usbui.dll
[2008/12/01 14:14:10 | 00,001,393 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2008/12/01 14:14:07 | 00,356,120 | ---- | C] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2008/12/01 14:14:07 | 00,000,000 | -HSD | C] -- C:\WINDOWS\Installer
[2008/12/01 14:14:06 | 00,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008/12/01 14:14:06 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC
[2008/12/01 14:14:05 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spcommon.dll
[2008/12/01 14:14:05 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spcplui.dll
[2008/12/01 14:14:04 | 01,685,606 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.spd
[2008/12/01 14:14:04 | 00,774,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spttseng.dll
[2008/12/01 14:14:04 | 00,000,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.sdf
[2008/12/01 14:14:03 | 00,643,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa
[2008/12/01 14:14:03 | 00,605,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa
[2008/12/01 14:14:03 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapisvr.exe
[2008/12/01 14:14:03 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeechEngines
[2008/12/01 14:14:02 | 00,741,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapi.dll
[2008/12/01 14:14:02 | 00,155,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapi.cpl
[2008/12/01 14:14:02 | 00,000,000 | R--D | C] -- C:\Program Files
[2008/12/01 14:14:02 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Shared
[2008/12/01 14:14:02 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files
[2008/12/01 14:14:01 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt041f.dll
[2008/12/01 14:13:59 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdazel.dll
[2008/12/01 14:13:59 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdazel.dll
[2008/12/01 14:13:58 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0419.dll
[2008/12/01 14:13:58 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuq.dll
[2008/12/01 14:13:58 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuf.dll
[2008/12/01 14:13:58 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtuq.dll
[2008/12/01 14:13:58 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtuf.dll
[2008/12/01 14:13:56 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmon.dll
[2008/12/01 14:13:56 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkyr.dll
[2008/12/01 14:13:56 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdmon.dll
[2008/12/01 14:13:56 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkyr.dll
[2008/12/01 14:13:55 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycc.dll
[2008/12/01 14:13:55 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbduzb.dll
[2008/12/01 14:13:55 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdur.dll
[2008/12/01 14:13:55 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtat.dll
[2008/12/01 14:13:55 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru1.dll
[2008/12/01 14:13:55 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru.dll
[2008/12/01 14:13:55 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkaz.dll
[2008/12/01 14:13:55 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbu.dll
[2008/12/01 14:13:55 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdblr.dll
[2008/12/01 14:13:55 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdaze.dll
[2008/12/01 14:13:55 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdycc.dll
[2008/12/01 14:13:55 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbduzb.dll
[2008/12/01 14:13:55 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdur.dll
[2008/12/01 14:13:55 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtat.dll
[2008/12/01 14:13:55 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdru1.dll
[2008/12/01 14:13:55 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdru.dll
[2008/12/01 14:13:55 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkaz.dll
[2008/12/01 14:13:55 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdbu.dll
[2008/12/01 14:13:55 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdblr.dll
[2008/12/01 14:13:55 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdaze.dll
[2008/12/01 14:13:54 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0408.dll
[2008/12/01 14:13:52 | 00,008,192 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhept.dll
[2008/12/01 14:13:52 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhept.dll
[2008/12/01 14:13:52 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela3.dll
[2008/12/01 14:13:52 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhela3.dll
[2008/12/01 14:13:52 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela2.dll
[2008/12/01 14:13:52 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdgkl.dll
[2008/12/01 14:13:52 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhela2.dll
[2008/12/01 14:13:52 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgkl.dll
[2008/12/01 14:13:52 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe319.dll
[2008/12/01 14:13:52 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe220.dll
[2008/12/01 14:13:52 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe.dll
[2008/12/01 14:13:52 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe319.dll
[2008/12/01 14:13:52 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe220.dll
[2008/12/01 14:13:52 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe.dll
[2008/12/01 14:13:49 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv1.dll
[2008/12/01 14:13:49 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv.dll
[2008/12/01 14:13:49 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdest.dll
[2008/12/01 14:13:49 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlv1.dll
[2008/12/01 14:13:49 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlv.dll
[2008/12/01 14:13:49 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdest.dll
[2008/12/01 14:13:49 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt1.dll
[2008/12/01 14:13:49 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt.dll
[2008/12/01 14:13:49 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlt1.dll
[2008/12/01 14:13:49 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlt.dll
[2008/12/01 14:13:48 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt040e.dll
[2008/12/01 14:13:48 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0415.dll
[2008/12/01 14:13:48 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0405.dll
[2008/12/01 14:13:46 | 00,007,168 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz.dll
[2008/12/01 14:13:46 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz.dll
[2008/12/01 14:13:46 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl1.dll
[2008/12/01 14:13:46 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl.dll
[2008/12/01 14:13:46 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpl.dll
[2008/12/01 14:13:46 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu.dll
[2008/12/01 14:13:46 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz2.dll
[2008/12/01 14:13:46 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz1.dll
[2008/12/01 14:13:46 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsl1.dll
[2008/12/01 14:13:46 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsl.dll
[2008/12/01 14:13:46 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdpl.dll
[2008/12/01 14:13:46 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhu.dll
[2008/12/01 14:13:46 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz2.dll
[2008/12/01 14:13:46 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz1.dll
[2008/12/01 14:13:46 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdro.dll
[2008/12/01 14:13:46 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpl1.dll
[2008/12/01 14:13:46 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu1.dll
[2008/12/01 14:13:46 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdro.dll
[2008/12/01 14:13:46 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdpl1.dll
[2008/12/01 14:13:46 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhu1.dll
[2008/12/01 14:13:45 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycl.dll
[2008/12/01 14:13:45 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcr.dll
[2008/12/01 14:13:45 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\KBDAL.DLL
[2008/12/01 14:13:45 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdycl.dll
[2008/12/01 14:13:45 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcr.dll
[2008/12/01 14:13:45 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdal.dll
[2008/12/01 14:13:43 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irclass.dll
[2008/12/01 14:13:43 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irclass.dll
[2008/12/01 14:13:42 | 00,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\spxcoins.dll
[2008/12/01 14:13:42 | 00,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxcoins.dll
[2008/12/01 14:13:42 | 00,013,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\WFWNET.DRV
[2008/12/01 14:13:42 | 00,009,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VER.DLL
[2008/12/01 14:13:42 | 00,002,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VGA.DRV
[2008/12/01 14:13:41 | 00,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLECLI.DLL
[2008/12/01 14:13:41 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLESVR.DLL
[2008/12/01 14:13:41 | 00,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TAPI.DLL
[2008/12/01 14:13:41 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SHELL.DLL
[2008/12/01 14:13:41 | 00,004,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TIMER.DRV
[2008/12/01 14:13:41 | 00,003,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SYSTEM.DRV
[2008/12/01 14:13:41 | 00,001,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SOUND.DRV
[2008/12/01 14:13:40 | 00,126,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MSVIDEO.DLL
[2008/12/01 14:13:40 | 00,073,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIAVI.DRV
[2008/12/01 14:13:40 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIWAVE.DRV
[2008/12/01 14:13:40 | 00,025,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCISEQ.DRV
[2008/12/01 14:13:40 | 00,009,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\LZEXPAND.DLL
[2008/12/01 14:13:40 | 00,002,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MOUSE.DRV
[2008/12/01 14:13:40 | 00,002,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\KEYBOARD.DRV
[2008/12/01 14:13:40 | 00,001,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MMTASK.TSK
[2008/12/01 14:13:39 | 00,109,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVIFILE.DLL
[2008/12/01 14:13:39 | 00,069,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVICAP.DLL
[2008/12/01 14:13:39 | 00,032,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\COMMDLG.DLL
[2008/12/01 14:13:39 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\TASKMAN.EXE
[2008/12/01 14:13:39 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\taskman.exe
[2008/12/01 14:13:39 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\irenum.sys
[2008/12/01 14:13:39 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irenum.sys
[2008/12/01 14:13:39 | 00,001,688 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2008/12/01 14:13:38 | 00,146,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\WINSPOOL.DRV
[2008/12/01 14:13:38 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\NOTEPAD.EXE
[2008/12/01 14:13:38 | 00,068,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MMSYSTEM.DLL
[2008/12/01 14:13:38 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\batt.dll
[2008/12/01 14:13:38 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\batt.dll
[2008/12/01 14:13:37 | 00,074,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\storprop.dll
[2008/12/01 14:13:29 | 00,000,084 | -HS- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\desktop.ini
[2008/12/01 14:13:29 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Documents\desktop.ini
[2008/12/01 14:13:29 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\desktop.ini
[2008/12/01 14:13:28 | 00,141,702 | ---- | C] () -- C:\WINDOWS\System32\dllcache\netfx.cat
[2008/12/01 14:13:28 | 00,110,116 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tabletpc.cat
[2008/12/01 14:13:28 | 00,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2008/12/01 14:13:28 | 00,031,965 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mediactr.cat
[2008/12/01 14:13:28 | 00,024,209 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn7.cat
[2008/12/01 14:13:28 | 00,013,753 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IMS.CAT
[2008/12/01 14:13:28 | 00,011,651 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn9.cat
[2008/12/01 14:13:28 | 00,009,581 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSMSGS.CAT
[2008/12/01 14:13:28 | 00,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2008/12/01 14:13:28 | 00,007,382 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2008/12/01 14:13:28 | 00,007,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat
[2008/12/01 14:13:28 | 00,007,245 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSTSWEB.CAT
[2008/12/01 14:13:27 | 02,012,670 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5.CAT
[2008/12/01 14:13:27 | 01,086,058 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NTPRINT.CAT
[2008/12/01 14:13:27 | 01,042,903 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP2.CAT
[2008/12/01 14:13:27 | 00,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2008/12/01 14:13:27 | 00,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2008/12/01 14:13:27 | 00,031,281 | ---- | C] () -- C:\WINDOWS\System32\dllcache\FP4.CAT
[2008/12/01 14:13:26 | 00,502,724 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5INF.CAT
[2008/12/01 14:13:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2008/12/01 14:13:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot
[2008/12/01 14:13:07 | 00,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2008/12/01 14:12:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings
[2008/12/01 14:12:35 | 00,000,000 | -HSD | C] -- C:\System Volume Information
[2008/12/01 14:12:34 | 00,095,864 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008/12/01 14:11:39 | 00,000,211 | -HS- | C] () -- C:\boot.ini
[2008/12/01 14:11:35 | 00,000,315 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf
[2008/12/01 14:04:27 | 00,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2008/12/01 14:04:26 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
[2008/12/01 14:04:07 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2008/12/01 14:03:51 | 00,000,000 | R-SD | C] -- C:\WINDOWS\Fonts
[2008/12/01 14:03:51 | 00,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2008/12/01 14:03:51 | 00,000,000 | R--D | C] -- C:\WINDOWS\Web
[2008/12/01 14:03:51 | 00,000,000 | -H-D | C] -- C:\WINDOWS\inf
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\WinSxS
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\twain_32
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\wins
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\spool
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ras
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\npp
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\mui
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\IME
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ias
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\export
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\config
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\3076
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\2052
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1054
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1042
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1041
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1037
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1033
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1031
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1028
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1025
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\system32
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\system
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\security
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\Resources
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\repair
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\Provisioning
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\PeerNet
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\pchealth
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\mui
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\msapps
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\msagent
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\Media
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\java
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\ime
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\Help
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\ehome
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\Debug
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\Cursors
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\Config
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\AppPatch
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\addins
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS
[2008/12/01 14:02:17 | 23,804,784 | ---- | C] () -- C:\Documents and Settings\Andy\Desktop\aaw2008.exe
[2008/12/01 13:32:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Andy\Application Data\Macromedia
[2008/12/01 13:32:43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Andy\Local Settings\Application Data\Yahoo
[2008/12/01 13:32:27 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Andy\Application Data\Adobe
[2008/12/01 13:30:28 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Yahoo!
[2008/12/01 13:30:22 | 00,000,000 | ---D | C] -- C:\Program Files\Yahoo!
[2008/12/01 13:22:28 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Avira
[2008/12/01 13:20:05 | 27,462,344 | ---- | C] () -- C:\Documents and Settings\Andy\Desktop\setupeng.exe
[2008/12/01 13:17:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2008/12/01 13:14:24 | 00,186,097 | ---- | C] () -- C:\WINDOWS\System32\nvapps.xml
[2008/12/01 13:14:23 | 00,018,070 | ---- | C] () -- C:\WINDOWS\System32\nvdisp.nvu
[2008/12/01 13:14:23 | 00,000,000 | ---D | C] -- C:\WINDOWS\nview
[2008/12/01 13:10:54 | 00,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2008/12/01 13:10:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Andy\Local Settings\Application Data\Mozilla
[2008/12/01 13:10:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Andy\Application Data\Mozilla
[2008/12/01 13:10:19 | 00,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2008/12/01 13:10:00 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Andy\Application Data\Comodo
[2008/12/01 13:09:16 | 07,508,624 | ---- | C] (Mozilla) -- C:\Documents and Settings\Andy\Desktop\Firefox Setup 3.0.4.exe
[2008/12/01 12:49:08 | 00,147,192 | ---- | C] () -- C:\WINDOWS\System32\guard32.dll
[2008/12/01 12:49:08 | 00,101,776 | ---- | C] (COMODO) -- C:\WINDOWS\System32\drivers\cmdguard.sys
[2008/12/01 12:49:08 | 00,079,504 | ---- | C] (COMODO) -- C:\WINDOWS\System32\drivers\inspect.sys
[2008/12/01 12:49:08 | 00,031,504 | ---- | C] (COMODO) -- C:\WINDOWS\System32\drivers\cmdhlp.sys
[2008/12/01 12:49:08 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\comodo
[2008/12/01 12:48:48 | 00,000,000 | ---D | C] -- C:\Program Files\COMODO
[2008/12/01 12:48:06 | 00,141,016 | ---- | C] () -- C:\WINDOWS\System32\ALSNDMGR.WAV
[2008/12/01 12:47:49 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Andy\Desktop\wdm
[2008/12/01 12:41:45 | 00,000,000 | ---D | C] -- C:\Program Files\DirectX
[2008/12/01 12:39:33 | 06,413,124 | -H-- | C] () -- C:\Documents and Settings\Andy\Local Settings\Application Data\IconCache.db
[2008/12/01 12:39:23 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\NVIDIA Shared
[2008/12/01 12:39:22 | 00,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2008/12/01 12:38:49 | 00,003,787 | ---- | C] () -- C:\WINDOWS\System32\nvaudio.nvu
[2008/12/01 12:38:44 | 00,000,464 | ---- | C] () -- C:\WINDOWS\System32\nvide.nvu
[2008/12/01 12:38:05 | 00,001,556 | ---- | C] () -- C:\WINDOWS\System32\nvenet.nvu
[2008/12/01 12:38:03 | 00,000,789 | ---- | C] () -- C:\WINDOWS\System32\nvsmb.nvu
[2008/12/01 12:38:00 | 00,001,217 | ---- | C] () -- C:\WINDOWS\System32\nvmctl.nvu
[2008/12/01 12:37:42 | 00,002,124 | ---- | C] () -- C:\WINDOWS\System32\nvgart.nvu
[2008/12/01 12:37:41 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups
[2008/12/01 12:37:04 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2008/12/01 12:36:24 | 00,000,000 | ---D | C] -- C:\NVIDIA
[2008/12/01 12:35:40 | 00,000,000 | -HSD | C] -- C:\RECYCLER
[2008/12/01 12:35:12 | 00,509,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_2.dll
[2008/12/01 12:35:12 | 00,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_2.dll
[2008/12/01 12:35:12 | 00,068,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_1.dll
[2008/12/01 12:35:11 | 01,493,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_39.dll
[2008/12/01 12:35:11 | 00,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_39.dll
[2008/12/01 12:35:10 | 03,851,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_39.dll
[2008/12/01 12:35:09 | 00,507,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_1.dll
[2008/12/01 12:35:09 | 00,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_1.dll
[2008/12/01 12:35:09 | 00,065,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_0.dll
[2008/12/01 12:35:08 | 01,491,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_38.dll
[2008/12/01 12:35:08 | 00,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_38.dll
[2008/12/01 12:35:08 | 00,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_4.dll
[2008/12/01 12:35:07 | 03,850,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_38.dll
[2008/12/01 12:35:06 | 00,479,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_0.dll
[2008/12/01 12:35:06 | 00,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_0.dll
[2008/12/01 12:35:06 | 00,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_3.dll
[2008/12/01 12:35:05 | 01,420,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_37.dll
[2008/12/01 12:35:05 | 00,462,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_37.dll
[2008/12/01 12:35:04 | 03,786,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_37.dll
[2008/12/01 12:35:04 | 00,267,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_10.dll
[2008/12/01 12:35:02 | 03,734,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_36.dll
[2008/12/01 12:35:02 | 01,374,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_36.dll
[2008/12/01 12:35:02 | 00,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_36.dll
[2008/12/01 12:35:01 | 00,267,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_9.dll
[2008/12/01 12:35:00 | 03,727,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_35.dll
[2008/12/01 12:35:00 | 01,358,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_35.dll
[2008/12/01 12:35:00 | 00,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_35.dll
[2008/12/01 12:34:59 | 00,266,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_8.dll
[2008/12/01 12:34:59 | 00,017,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_2.dll
[2008/12/01 12:34:58 | 03,497,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_34.dll
[2008/12/01 12:34:58 | 01,124,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_34.dll
[2008/12/01 12:34:58 | 00,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_34.dll
[2008/12/01 12:34:57 | 00,261,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_7.dll
[2008/12/01 12:34:57 | 00,081,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_3.dll
[2008/12/01 12:34:56 | 01,123,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_33.dll
[2008/12/01 12:34:56 | 00,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_33.dll
[2008/12/01 12:34:54 | 03,495,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_33.dll
[2008/12/01 12:34:53 | 03,426,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_32.dll
[2008/12/01 12:34:53 | 00,255,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_6.dll
[2008/12/01 12:34:53 | 00,251,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_5.dll
[2008/12/01 12:34:52 | 02,414,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_31.dll
[2008/12/01 12:34:52 | 00,237,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_4.dll
[2008/12/01 12:34:52 | 00,236,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_3.dll
[2008/12/01 12:34:52 | 00,015,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_1.dll
[2008/12/01 12:34:51 | 00,230,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_2.dll
[2008/12/01 12:34:51 | 00,229,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_1.dll
[2008/12/01 12:34:51 | 00,062,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_2.dll
[2008/12/01 12:34:51 | 00,062,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_1.dll
[2008/12/01 12:34:50 | 02,388,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_30.dll
[2008/12/01 12:34:50 | 00,230,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_0.dll
[2008/12/01 12:34:50 | 00,014,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_0.dll
[2008/12/01 12:34:49 | 02,332,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_29.dll
[2008/12/01 12:34:49 | 02,323,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_28.dll
[2008/12/01 12:34:49 | 02,319,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_27.dll
[2008/12/01 12:34:49 | 00,061,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput9_1_0.dll
[2008/12/01 12:34:48 | 02,337,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_25.dll
[2008/12/01 12:34:48 | 02,297,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_26.dll
[2008/12/01 12:34:47 | 02,222,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_24.dll
[2008/12/01 12:34:40 | 00,000,000 | ---D | C] -- C:\WINDOWS\Logs
[2008/12/01 12:32:14 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Andy\Application Data\ESET
[2008/12/01 12:31:31 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ESET
[2008/12/01 12:30:08 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Andy\Application Data\Identities
[2008/12/01 12:30:07 | 00,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
[2008/12/01 12:30:06 | 00,000,075 | -HS- | C] () -- C:\Documents and Settings\Andy\My Documents\desktop.ini
[2008/12/01 12:30:06 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Andy\My Documents\My Pictures
[2008/12/01 12:30:06 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Andy\My Documents\My Music
[2008/12/01 12:30:03 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\Andy\Application Data\desktop.ini
[2008/12/01 12:30:02 | 00,000,084 | -HS- | C] () -- C:\Documents and Settings\Andy\Start Menu\Programs\Startup\desktop.ini
[2008/12/01 12:30:02 | 00,000,000 | --SD | C] -- C:\Documents and Settings\Andy\Application Data\Microsoft
[2008/12/01 12:30:02 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Andy\Local Settings\Application Data\Microsoft
[2008/12/01 12:29:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2008/12/01 12:29:11 | 00,000,006 | -H-- | C] () -- C:\WINDOWS\tasks\SA.DAT
[2008/12/01 12:29:11 | 00,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft
[2008/12/01 12:29:11 | 00,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2008/12/01 12:29:04 | 00,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2008/12/01 12:28:05 | 00,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2008/12/01 12:27:49 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winzm.ime
[2008/12/01 12:27:48 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winsp.ime
[2008/12/01 12:27:48 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winpy.ime
[2008/12/01 12:27:48 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winime.ime
[2008/12/01 12:27:47 | 00,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winar30.ime
[2008/12/01 12:27:47 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wingb.ime
[2008/12/01 12:27:46 | 00,041,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.dll
[2008/12/01 12:27:46 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.sys
[2008/12/01 12:27:44 | 00,363,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3svc.dll
[2008/12/01 12:27:44 | 00,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wam51.dll
[2008/12/01 12:27:44 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamreg51.dll
[2008/12/01 12:27:44 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamps51.dll
[2008/12/01 12:27:43 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ext.dll
[2008/12/01 12:27:43 | 00,048,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32.dll
[2008/12/01 12:27:43 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3svapi.dll
[2008/12/01 12:27:43 | 00,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ctrs51.dll
[2008/12/01 12:27:42 | 00,426,041 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicepad.dll
[2008/12/01 12:27:42 | 00,086,073 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicesub.dll
[2008/12/01 12:27:40 | 00,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniime.dll
[2008/12/01 12:27:40 | 00,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unicdime.ime
[2008/12/01 12:27:39 | 00,103,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uihelper.dll
[2008/12/01 12:27:39 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe
[2008/12/01 12:27:38 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tools.dll
[2008/12/01 12:27:37 | 00,455,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintsetp.exe
[2008/12/01 12:27:37 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlphr.exe
[2008/12/01 12:27:37 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmigrate.dll
[2008/12/01 12:27:36 | 00,571,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlgnt.ime
[2008/12/01 12:27:36 | 00,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\thawbrkr.dll
[2008/12/01 12:27:35 | 00,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdipx.sys
[2008/12/01 12:27:35 | 00,019,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdspx.sys
[2008/12/01 12:27:35 | 00,013,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdasync.sys
[2008/12/01 12:27:33 | 00,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\svcext51.dll
[2008/12/01 12:27:33 | 00,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sspifilt.dll
[2008/12/01 12:27:33 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\status.dll
[2008/12/01 12:27:32 | 00,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusbusd.dll
[2008/12/01 12:27:32 | 00,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ssinc51.dll
[2008/12/01 12:27:30 | 00,143,422 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\softkey.dll
[2008/12/01 12:27:29 | 00,040,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpthrd.dll
[2008/12/01 12:27:29 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpstup.dll
[2008/12/01 12:27:29 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmptrap.exe
[2008/12/01 12:27:29 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll
[2008/12/01 12:27:28 | 00,358,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpincl.dll
[2008/12/01 12:27:28 | 00,259,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpcl.dll
[2008/12/01 12:27:28 | 00,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpsmir.dll
[2008/12/01 12:27:28 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmp.exe
[2008/12/01 12:27:28 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpmib.dll
[2008/12/01 12:27:27 | 00,456,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpsvc.dll
[2008/12/01 12:27:27 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll
[2008/12/01 12:27:27 | 00,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpapi.dll
[2008/12/01 12:27:26 | 00,236,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smi2smir.exe
[2008/12/01 12:27:26 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb6w.dll
[2008/12/01 12:27:26 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma3w.dll
[2008/12/01 12:27:26 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsm.dll
[2008/12/01 12:27:26 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smimsgif.dll
[2008/12/01 12:27:26 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsy.dll
[2008/12/01 12:27:25 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm9aw.dll
[2008/12/01 12:27:25 | 00,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8cw.dll
[2008/12/01 12:27:25 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm93w.dll
[2008/12/01 12:27:25 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm92w.dll
[2008/12/01 12:27:25 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm90w.dll
[2008/12/01 12:27:25 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8dw.dll
[2008/12/01 12:27:24 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm87w.dll
[2008/12/01 12:27:24 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm81w.dll
[2008/12/01 12:27:24 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8aw.dll
[2008/12/01 12:27:24 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm89w.dll
[2008/12/01 12:27:24 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm59w.dll
[2008/12/01 12:27:23 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\simptcp.dll
[2008/12/01 12:27:20 | 00,221,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\seo.dll
[2008/12/01 12:27:20 | 00,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_scripto.dll
[2008/12/01 12:27:20 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seos.dll
[2008/12/01 12:27:19 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rwnh.dll
[2008/12/01 12:27:18 | 00,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2008/12/01 12:27:18 | 00,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2008/12/01 12:27:18 | 00,026,624 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll
[2008/12/01 12:27:18 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rw001ext.dll
[2008/12/01 12:27:17 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\romanime.ime
[2008/12/01 12:27:17 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcref.dll
[2008/12/01 12:27:16 | 00,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe
[2008/12/01 12:27:16 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe
[2008/12/01 12:27:14 | 00,020,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ramdisk.sys
[2008/12/01 12:27:14 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quser.exe
[2008/12/01 12:27:13 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quick.ime
[2008/12/01 12:27:13 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe
[2008/12/01 12:27:12 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pwsdata.dll
[2008/12/01 12:27:11 | 00,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxviceo.dll
[2008/12/01 12:27:10 | 00,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlphr.exe
[2008/12/01 12:27:10 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmigrate.dll
[2008/12/01 12:27:10 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxmcro.dll
[2008/12/01 12:27:10 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxgl.dll
[2008/12/01 12:27:09 | 00,482,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlgnt.ime
[2008/12/01 12:27:09 | 00,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2008/12/01 12:27:09 | 00,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phon.ime
[2008/12/01 12:27:09 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlcsd.dll
[2008/12/01 12:27:08 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pagecnt.dll
[2008/12/01 12:27:08 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\permchk.dll
[2008/12/01 12:27:07 | 00,036,927 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs411.dll
[2008/12/01 12:27:07 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs404.dll
[2008/12/01 12:27:07 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs804.dll
[2008/12/01 12:27:07 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs412.dll
[2008/12/01 12:27:04 | 00,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nsepm.dll
[2008/12/01 12:27:04 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll
[2008/12/01 12:27:03 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nextlink.dll
[2008/12/01 12:27:01 | 00,229,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\multibox.dll
[2008/12/01 12:27:00 | 00,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtstocom.exe
[2008/12/01 12:26:58 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msiregmv.exe
[2008/12/01 12:26:57 | 01,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.lex
[2008/12/01 12:26:57 | 00,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.dll
[2008/12/01 12:26:51 | 00,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.sys
[2008/12/01 12:26:51 | 00,092,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.dll
[2008/12/01 12:26:51 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migregdb.exe
[2008/12/01 12:26:50 | 00,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\metada51.dll
[2008/12/01 12:26:50 | 00,037,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\md5filt.dll
[2008/12/01 12:26:50 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mdsync.dll
[2008/12/01 12:26:49 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll
[2008/12/01 12:26:48 | 00,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lpdsvc.dll
[2008/12/01 12:26:48 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logscrpt.dll
[2008/12/01 12:26:48 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lprmon.dll
[2008/12/01 12:26:48 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lonsint.dll
[2008/12/01 12:26:47 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lmmib2.dll
[2008/12/01 12:26:46 | 01,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2008/12/01 12:26:46 | 00,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\korwbrkr.dll
[2008/12/01 12:26:45 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdvntc.dll
[2008/12/01 12:26:45 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdusa.dll
[2008/12/01 12:26:45 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdurdu.dll
[2008/12/01 12:26:44 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth3.dll
[2008/12/01 12:26:44 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth2.dll
[2008/12/01 12:26:44 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth1.dll
[2008/12/01 12:26:44 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth0.dll
[2008/12/01 12:26:44 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr2.dll
[2008/12/01 12:26:44 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr1.dll
[2008/12/01 12:26:43 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecat.dll
[2008/12/01 12:26:43 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecnt.dll
[2008/12/01 12:26:43 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnec95.dll
[2008/12/01 12:26:43 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41j.dll
[2008/12/01 12:26:42 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41a.dll
[2008/12/01 12:26:42 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinpun.dll
[2008/12/01 12:26:42 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintel.dll
[2008/12/01 12:26:42 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintam.dll
[2008/12/01 12:26:42 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinmar.dll
[2008/12/01 12:26:41 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdibm02.dll
[2008/12/01 12:26:41 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinkan.dll
[2008/12/01 12:26:41 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinhin.dll
[2008/12/01 12:26:41 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinguj.dll
[2008/12/01 12:26:41 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdindev.dll
[2008/12/01 12:26:40 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdheb.dll
[2008/12/01 12:26:40 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdfa.dll
[2008/12/01 12:26:40 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv2.dll
[2008/12/01 12:26:40 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgeo.dll
[2008/12/01 12:26:39 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdax2.dll
[2008/12/01 12:26:39 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv1.dll
[2008/12/01 12:26:39 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda3.dll
[2008/12/01 12:26:39 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarmw.dll
[2008/12/01 12:26:39 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarme.dll
[2008/12/01 12:26:38 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd106n.dll
[2008/12/01 12:26:38 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101a.dll
[2008/12/01 12:26:38 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101.dll
[2008/12/01 12:26:38 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda2.dll
[2008/12/01 12:26:38 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda1.dll
[2008/12/01 12:26:37 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iscomlog.dll
[2008/12/01 12:26:37 | 00,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jupiw.dll
[2008/12/01 12:26:37 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iwrps.dll
[2008/12/01 12:26:37 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isapips.dll
[2008/12/01 12:26:36 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iprip.dll
[2008/12/01 12:26:35 | 00,257,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infocomm.dll
[2008/12/01 12:26:35 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetin51.exe
[2008/12/01 12:26:35 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infoctrs.dll
[2008/12/01 12:26:34 | 00,471,102 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskdic.dll
[2008/12/01 12:26:34 | 00,315,452 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskf.dll
[2008/12/01 12:26:34 | 00,102,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imlang.dll
[2008/12/01 12:26:34 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imkrinst.exe
[2008/12/01 12:26:34 | 00,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2008/12/01 12:26:33 | 00,274,489 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputyc.dll
[2008/12/01 12:26:33 | 00,262,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputy.exe
[2008/12/01 12:26:33 | 00,233,527 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjprw.exe
[2008/12/01 12:26:33 | 00,208,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpmig.exe
[2008/12/01 12:26:33 | 00,045,109 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpuex.exe
[2008/12/01 12:26:32 | 00,307,257 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.exe
[2008/12/01 12:26:32 | 00,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2008/12/01 12:26:32 | 00,155,705 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdsvr.exe
[2008/12/01 12:26:32 | 00,081,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.dll
[2008/12/01 12:26:31 | 00,716,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcus.dll
[2008/12/01 12:26:31 | 00,368,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcic.dll
[2008/12/01 12:26:31 | 00,057,398 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdadm.exe
[2008/12/01 12:26:30 | 00,811,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81k.dll
[2008/12/01 12:26:30 | 00,340,023 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81.ime
[2008/12/01 12:26:30 | 00,311,359 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsv.exe
[2008/12/01 12:26:30 | 00,102,463 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsm.dll
[2008/12/01 12:26:30 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmig.exe
[2008/12/01 12:26:29 | 00,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2008/12/01 12:26:29 | 00,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrcic.dll
[2008/12/01 12:26:29 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekr61.ime
[2008/12/01 12:26:29 | 00,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmbx.dll
[2008/12/01 12:26:29 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iissync.exe
[2008/12/01 12:26:28 | 00,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iislog51.dll
[2008/12/01 12:26:28 | 00,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisclex4.dll
[2008/12/01 12:26:28 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iiscrmap.dll
[2008/12/01 12:26:28 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisfecnv.dll
[2008/12/01 12:26:28 | 00,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iismui.dll
[2008/12/01 12:26:27 | 00,145,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iische51.dll
[2008/12/01 12:26:27 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisadmin.dll
[2008/12/01 12:26:22 | 10,129,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxkor.dll
[2008/12/01 12:26:17 | 13,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2008/12/01 12:26:13 | 10,096,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxcht.dll
[2008/12/01 12:26:13 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpod51.dll
[2008/12/01 12:26:12 | 00,268,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpext.dll
[2008/12/01 12:26:12 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hostmib.dll
[2008/12/01 12:26:12 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpmb51.dll
[2008/12/01 12:26:11 | 00,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2008/12/01 12:26:11 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hanjadic.dll
[2008/12/01 12:26:11 | 00,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gzip.dll
[2008/12/01 12:26:10 | 00,400,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsxp32.dll
[2008/12/01 12:26:09 | 00,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxstiff.dll
[2008/12/01 12:26:09 | 00,246,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxst30.dll
[2008/12/01 12:26:09 | 00,192,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxswzrd.dll
[2008/12/01 12:26:09 | 00,154,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsui.dll
[2008/12/01 12:26:08 | 00,562,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsst.dll
[2008/12/01 12:26:08 | 00,267,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssvc.exe
[2008/12/01 12:26:08 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsroute.dll
[2008/12/01 12:26:08 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssend.exe
[2008/12/01 12:26:08 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsperf.dll
[2008/12/01 12:26:08 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsres.dll
[2008/12/01 12:26:07 | 00,229,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscover.exe
[2008/12/01 12:26:07 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsevent.dll
[2008/12/01 12:26:07 | 00,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsdrv.dll
[2008/12/01 12:26:07 | 00,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsmon.dll
[2008/12/01 12:26:07 | 00,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsext32.dll
[2008/12/01 12:26:06 | 00,285,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscomex.dll
[2008/12/01 12:26:06 | 00,143,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclnt.exe
[2008/12/01 12:26:06 | 00,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclntr.dll
[2008/12/01 12:26:06 | 00,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscfgwz.dll
[2008/12/01 12:26:06 | 00,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscom.dll
[2008/12/01 12:26:05 | 00,452,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsapi.dll
[2008/12/01 12:26:05 | 00,125,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpsv251.dll
[2008/12/01 12:26:05 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpctrs2.dll
[2008/12/01 12:26:05 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpmib.dll
[2008/12/01 12:26:04 | 00,094,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fpencode.dll
[2008/12/01 12:26:04 | 00,024,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmcgi.exe
[2008/12/01 12:26:04 | 00,020,541 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmdll.dll
[2008/12/01 12:26:04 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftlx041e.dll
[2008/12/01 12:26:03 | 00,618,605 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4autl.dll
[2008/12/01 12:26:03 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe
[2008/12/01 12:26:02 | 00,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntwin.exe
[2008/12/01 12:26:02 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll
[2008/12/01 12:26:02 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\exstrace.dll
[2008/12/01 12:26:02 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\f3ahvoas.dll
[2008/12/01 12:26:01 | 00,101,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntagnt.dll
[2008/12/01 12:26:01 | 00,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll
[2008/12/01 12:26:01 | 00,045,056 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll
[2008/12/01 12:26:01 | 00,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\et4000.sys
[2008/12/01 12:26:01 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntcmd.exe
[2008/12/01 12:26:00 | 00,514,587 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\edb500.dll
[2008/12/01 12:26:00 | 00,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll
[2008/12/01 12:25:56 | 00,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dayi.ime
[2008/12/01 12:25:55 | 00,042,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\davcdata.exe
[2008/12/01 12:25:54 | 00,057,399 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cplexe.exe
[2008/12/01 12:25:54 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\counters.dll
[2008/12/01 12:25:54 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cprofile.exe
[2008/12/01 12:25:53 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\convlog.exe
[2008/12/01 12:25:53 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\controt.dll
[2008/12/01 12:25:52 | 00,480,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintsetp.exe
[2008/12/01 12:25:52 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\compfilt.dll
[2008/12/01 12:25:51 | 00,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintime.dll
[2008/12/01 12:25:51 | 00,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2008/12/01 12:25:51 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintlgnt.ime
[2008/12/01 12:25:50 | 00,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtbrkr.dll
[2008/12/01 12:25:50 | 00,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtmbx.dll
[2008/12/01 12:25:50 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtskdic.dll
[2008/12/01 12:25:49 | 01,677,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chsbrkr.dll
[2008/12/01 12:25:48 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgport.exe
[2008/12/01 12:25:48 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgusr.exe
[2008/12/01 12:25:48 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chglogon.exe
[2008/12/01 12:25:48 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\change.exe
[2008/12/01 12:25:47 | 00,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chajei.ime
[2008/12/01 12:25:46 | 00,218,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_g18030.dll
[2008/12/01 12:25:46 | 00,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2008/12/01 12:25:46 | 00,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_iscii.dll
[2008/12/01 12:25:46 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_is2022.dll
[2008/12/01 12:25:36 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\browscap.dll
[2008/12/01 12:25:34 | 00,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asptxn.dll
[2008/12/01 12:25:34 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aspperf.dll
[2008/12/01 12:25:34 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\authfilt.dll
[2008/12/01 12:25:33 | 00,369,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asp51.dll
[2008/12/01 12:25:33 | 00,331,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aqueue.dll
[2008/12/01 12:25:33 | 00,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll
[2008/12/01 12:25:32 | 00,108,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\appconf.dll
[2008/12/01 12:25:32 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0804.dll
[2008/12/01 12:25:32 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0412.dll
[2008/12/01 12:25:32 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0411.dll
[2008/12/01 12:25:32 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt040d.dll
[2008/12/01 12:25:31 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0404.dll
[2008/12/01 12:25:31 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0401.dll
[2008/12/01 12:25:31 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll
[2008/12/01 12:25:30 | 00,049,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adrot.dll
[2008/12/01 12:25:30 | 00,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admexs.dll
[2008/12/01 12:25:30 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admxprox.dll
[2008/12/01 12:25:27 | 00,032,827 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptest.exe
[2008/12/01 12:25:27 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptsat.dll
[2008/12/01 12:25:27 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamregps.dll
[2008/12/01 12:25:26 | 02,134,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpsnap.dll
[2008/12/01 12:25:26 | 00,189,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpadm.dll
[2008/12/01 12:25:26 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\staxmem.dll
[2008/12/01 12:25:25 | 00,020,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.dll
[2008/12/01 12:25:25 | 00,016,437 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.exe
[2008/12/01 12:25:22 | 00,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logui.ocx
[2008/12/01 12:25:22 | 00,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isatq.dll
[2008/12/01 12:25:21 | 00,829,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmgr.dll
[2008/12/01 12:25:21 | 00,169,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisui.dll
[2008/12/01 12:25:21 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetsloc.dll
[2008/12/01 12:25:21 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infoadmn.dll
[2008/12/01 12:25:21 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmgr.exe
[2008/12/01 12:25:20 | 00,133,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrtl.dll
[2008/12/01 12:25:20 | 00,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisext51.dll
[2008/12/01 12:25:20 | 00,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iismap.dll
[2008/12/01 12:25:20 | 00,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrstas.exe
[2008/12/01 12:25:20 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisreset.exe
[2008/12/01 12:25:20 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrstap.dll
[2008/12/01 12:25:19 | 00,020,538 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpremadm.exe
[2008/12/01 12:25:19 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpsapi2.dll
[2008/12/01 12:25:18 | 00,598,071 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmc.dll
[2008/12/01 12:25:18 | 00,208,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmcsat.dll
[2008/12/01 12:25:18 | 00,188,494 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpcount.exe
[2008/12/01 12:25:18 | 00,109,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98swin.exe
[2008/12/01 12:25:18 | 00,020,541 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpexedll.dll
[2008/12/01 12:25:17 | 00,876,653 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4awel.dll
[2008/12/01 12:25:17 | 00,102,509 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4atxt.dll
[2008/12/01 12:25:17 | 00,049,212 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4awebs.dll
[2008/12/01 12:25:17 | 00,041,020 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4avnb.dll
[2008/12/01 12:25:17 | 00,032,826 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4avss.dll
[2008/12/01 12:25:17 | 00,014,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98sadm.exe
[2008/12/01 12:25:16 | 00,184,435 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4amsft.dll
[2008/12/01 12:25:16 | 00,147,513 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4apws.dll
[2008/12/01 12:25:16 | 00,082,035 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4anscp.dll
[2008/12/01 12:25:16 | 00,049,210 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4areg.dll
[2008/12/01 12:25:15 | 00,275,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\certwiz.ocx
[2008/12/01 12:25:15 | 00,188,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cfgwiz.exe
[2008/12/01 12:25:15 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\certmap.ocx
[2008/12/01 12:25:15 | 00,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cnfgprts.ocx
[2008/12/01 12:25:15 | 00,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\coadmin.dll
[2008/12/01 12:25:14 | 00,290,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adsiis51.dll
[2008/12/01 12:25:14 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admwprox.dll
[2008/12/01 12:25:14 | 00,020,540 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.dll
[2008/12/01 12:25:14 | 00,016,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.exe
[2008/12/01 12:25:13 | 00,020,540 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.dll
[2008/12/01 12:25:13 | 00,016,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.exe
[2008/12/01 12:25:11 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom
[2008/12/01 12:25:11 | 00,000,000 | ---D | C] -- C:\Program Files\xerox
[2008/12/01 12:25:11 | 00,000,000 | ---D | C] -- C:\Program Files\microsoft frontpage
[2008/12/01 12:24:48 | 00,002,577 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT
[2008/12/01 12:24:48 | 00,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2008/12/01 12:24:48 | 00,000,000 | RHS- | C] () -- C:\IO.SYS
[2008/12/01 12:24:48 | 00,000,000 | ---- | C] () -- C:\WINDOWS\control.ini
[2008/12/01 12:24:48 | 00,000,000 | ---- | C] () -- C:\CONFIG.SYS
[2008/12/01 12:24:48 | 00,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT
[2008/12/01 12:24:40 | 00,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2008/12/01 12:24:40 | 00,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2008/12/01 12:24:39 | 00,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2008/12/01 12:24:28 | 00,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mapi32.dll
[2008/12/01 12:23:32 | 00,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files
[2008/12/01 12:23:32 | 00,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages
[2008/12/01 12:23:21 | 00,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate
[2008/12/01 12:23:07 | 04,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex
[2008/12/01 12:22:53 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX
[2008/12/01 12:22:28 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoobe.exe
[2008/12/01 12:22:27 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\notiflag.exe
[2008/12/01 12:22:27 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\brpinfo.dll
[2008/12/01 12:22:27 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atrace.dll
[2008/12/01 12:22:27 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\atrace.dll
[2008/12/01 12:22:26 | 00,099,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helphost.exe
[2008/12/01 12:22:26 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hcappres.dll
[2008/12/01 12:22:24 | 00,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2008/12/01 12:22:24 | 00,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2008/12/01 12:22:24 | 00,000,002 | ---- | C] () -- C:\WINDOWS\System32\desktop.ini
[2008/12/01 12:22:24 | 00,000,002 | ---- | C] () -- C:\WINDOWS\desktop.ini
[2008/12/01 12:22:17 | 00,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srdiag.exe
[2008/12/01 12:22:16 | 00,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msg723.acm
[2008/12/01 12:22:16 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmevtmsg.dll
[2008/12/01 12:22:16 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmevtmsg.dll
[2008/12/01 12:22:16 | 00,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf
[2008/12/01 12:22:15 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msinfo32.exe
[2008/12/01 12:22:15 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wb32.exe
[2008/12/01 12:22:15 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cb32.exe
[2008/12/01 12:22:14 | 00,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\acctres.dll
[2008/12/01 12:22:14 | 00,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\acctres.dll
[2008/12/01 12:22:14 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Services
[2008/12/01 12:22:10 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwtutor.exe
[2008/12/01 12:22:10 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwres.dll
[2008/12/01 12:22:10 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trialoc.dll
[2008/12/01 12:22:10 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icfgnt5.dll
[2008/12/01 12:22:10 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icfgnt5.dll
[2008/12/01 12:22:10 | 00,000,065 | RH-- | C] () -- C:\WINDOWS\tasks\desktop.ini
[2008/12/01 12:22:10 | 00,000,000 | --SD | C] -- C:\WINDOWS\Tasks
[2008/12/01 12:22:09 | 00,235,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssoap1.dll
[2008/12/01 12:22:09 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wisc10.dll
[2008/12/01 12:22:09 | 00,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssoapr.dll
[2008/12/01 12:22:09 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isignup.exe
[2008/12/01 12:22:09 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap
[2008/12/01 12:22:08 | 00,093,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieinfo5.ocx
[2008/12/01 12:22:05 | 03,166,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msgr3en.dll
[2008/12/01 12:22:05 | 00,725,566 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srchui.dll
[2008/12/01 12:22:05 | 00,058,434 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srchctls.dll
[2008/12/01 12:22:05 | 00,000,000 | ---D | C] -- C:\WINDOWS\srchasst
[2008/12/01 12:22:04 | 00,765,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\VGX.dll
[2008/12/01 12:22:04 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed
[2008/12/01 12:22:03 | 00,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpband.dll
[2008/12/01 12:22:02 | 00,786,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migrate.exe
[2008/12/01 12:22:02 | 00,774,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setup_wm.exe
[2008/12/01 12:22:02 | 00,368,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpvis.dll
[2008/12/01 12:22:02 | 00,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpns.dll
[2008/12/01 12:22:02 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\custsat.dll
[2008/12/01 12:22:01 | 00,364,544 | ---- | C] (Microsoft Corporation (written by Digital Renaissance Inc.)) -- C:\WINDOWS\System32\dllcache\npdsplay.dll
[2008/12/01 12:22:01 | 00,226,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npdrmv2.dll
[2008/12/01 12:22:01 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmplayer.exe
[2008/12/01 12:22:01 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npwmsdrm.dll
[2008/12/01 12:22:01 | 00,004,639 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.exe
[2008/12/01 12:22:00 | 00,183,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng1.dll
[2008/12/01 12:22:00 | 00,183,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaueng1.dll
[2008/12/01 12:22:00 | 00,120,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuweb.dll
[2008/12/01 12:22:00 | 00,120,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuweb.dll
[2008/12/01 12:22:00 | 00,112,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll
[2008/12/01 12:22:00 | 00,112,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wucltui.dll
[2008/12/01 12:22:00 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauserv.dll
[2008/12/01 12:22:00 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauserv.dll
[2008/12/01 12:21:59 | 01,134,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng.dll
[2008/12/01 12:21:59 | 01,134,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaueng.dll
[2008/12/01 12:21:59 | 00,430,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll
[2008/12/01 12:21:59 | 00,430,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuapi.dll
[2008/12/01 12:21:59 | 00,165,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauclt1.exe
[2008/12/01 12:21:59 | 00,165,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauclt1.exe
[2008/12/01 12:21:59 | 00,162,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaucpl.cpl
[2008/12/01 12:21:59 | 00,162,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaucpl.cpl
[2008/12/01 12:21:59 | 00,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauclt.exe
[2008/12/01 12:21:59 | 00,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauclt.exe
[2008/12/01 12:21:59 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wups.dll
[2008/12/01 12:21:59 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wups.dll
[2008/12/01 12:21:59 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bitsprx2.dll
[2008/12/01 12:21:59 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx2.dll
[2008/12/01 12:21:59 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bitsprx3.dll
[2008/12/01 12:21:59 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx3.dll
[2008/12/01 12:21:58 | 00,382,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qmgr.dll
[2008/12/01 12:21:58 | 00,382,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qmgr.dll
[2008/12/01 12:21:58 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qmgrprxy.dll
[2008/12/01 12:21:58 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qmgrprxy.dll
[2008/12/01 12:21:57 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2res2.dll
[2008/12/01 12:21:56 | 04,256,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2res.dll
[2008/12/01 12:21:56 | 00,502,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2fxa.dll
[2008/12/01 12:21:56 | 00,325,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2fxb.dll
[2008/12/01 12:21:56 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2eres.dll
[2008/12/01 12:21:55 | 00,402,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2filt.dll
[2008/12/01 12:21:55 | 00,167,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2ae.dll
[2008/12/01 12:21:55 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2ext.dll
[2008/12/01 12:21:54 | 03,555,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\moviemk.exe
[2008/12/01 12:21:54 | 00,000,000 | ---D | C] -- C:\Program Files\Movie Maker
[2008/12/01 12:21:53 | 00,561,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobmain.dll
[2008/12/01 12:21:53 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobdl.dll
[2008/12/01 12:21:52 | 00,122,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobcomm.dll
[2008/12/01 12:21:52 | 00,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oobebaln.exe
[2008/12/01 12:21:52 | 00,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobshel.dll
[2008/12/01 12:21:52 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobweb.dll
[2008/12/01 12:21:50 | 00,150,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uploadm.exe
[2008/12/01 12:21:50 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrslv.dll
[2008/12/01 12:21:50 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\safrslv.dll
[2008/12/01 12:21:49 | 00,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pchshell.dll
[2008/12/01 12:21:49 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrcdlg.dll
[2008/12/01 12:21:49 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\racpldlg.dll
[2008/12/01 12:21:49 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\safrcdlg.dll
[2008/12/01 12:21:49 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\racpldlg.dll
[2008/12/01 12:21:49 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pchsvc.dll
[2008/12/01 12:21:49 | 00,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrdm.dll
[2008/12/01 12:21:49 | 00,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\safrdm.dll
[2008/12/01 12:21:47 | 00,376,320 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msinfo.dll
[2008/12/01 12:21:47 | 00,158,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msconfig.exe
[2008/12/01 12:21:47 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hscupd.exe
[2008/12/01 12:21:46 | 00,768,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpctr.exe
[2008/12/01 12:21:46 | 00,743,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe
[2008/12/01 12:21:46 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fltlib.dll
[2008/12/01 12:21:46 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fltlib.dll
[2008/12/01 12:21:45 | 00,380,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rstrui.exe
[2008/12/01 12:21:45 | 00,239,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srrstr.dll
[2008/12/01 12:21:45 | 00,239,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srrstr.dll
[2008/12/01 12:21:45 | 00,170,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srsvc.dll
[2008/12/01 12:21:45 | 00,170,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srsvc.dll
[2008/12/01 12:21:45 | 00,124,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\fltMgr.sys
[2008/12/01 12:21:45 | 00,124,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fltmgr.sys
[2008/12/01 12:21:45 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srclient.dll
[2008/12/01 12:21:45 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srclient.dll
[2008/12/01 12:21:45 | 00,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fltMc.exe
[2008/12/01 12:21:45 | 00,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fltmc.exe
[2008/12/01 12:21:45 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore
[2008/12/01 12:21:44 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ils.dll
[2008/12/01 12:21:44 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ils.dll
[2008/12/01 12:21:44 | 00,073,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sr.sys
[2008/12/01 12:21:44 | 00,073,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sr.sys
[2008/12/01 12:21:43 | 00,229,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmas.dll
[2008/12/01 12:21:43 | 00,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msh261.drv
[2008/12/01 12:21:43 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msconf.dll
[2008/12/01 12:21:43 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msconf.dll
[2008/12/01 12:21:43 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dcap32.dll
[2008/12/01 12:21:43 | 00,034,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mnmdd.dll
[2008/12/01 12:21:43 | 00,034,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mnmdd.dll
[2008/12/01 12:21:43 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mnmsrvc.exe
[2008/12/01 12:21:43 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mnmsrvc.exe
[2008/12/01 12:21:43 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmmkcert.dll
[2008/12/01 12:21:43 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmmkcert.dll
[2008/12/01 12:21:42 | 00,385,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\callcont.dll
[2008/12/01 12:21:42 | 00,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nac.dll
[2008/12/01 12:21:42 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rrcm.dll
[2008/12/01 12:21:42 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\h323cc.dll
[2008/12/01 12:21:42 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmasnt.dll
[2008/12/01 12:21:41 | 00,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mst120.dll
[2008/12/01 12:21:41 | 00,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmwb.dll
[2008/12/01 12:21:41 | 00,151,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmft.dll
[2008/12/01 12:21:41 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmchat.dll
[2008/12/01 12:21:41 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmcom.dll
[2008/12/01 12:21:41 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mst123.dll
[2008/12/01 12:21:41 | 00,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\confmrsl.dll
[2008/12/01 12:21:40 | 01,032,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\conf.exe
[2008/12/01 12:21:40 | 00,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoeacct.dll
[2008/12/01 12:21:40 | 00,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoeacct.dll
[2008/12/01 12:21:40 | 00,172,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmoldwb.dll
[2008/12/01 12:21:40 | 00,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoert2.dll
[2008/12/01 12:21:40 | 00,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoert2.dll
[2008/12/01 12:21:40 | 00,046,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab.exe
[2008/12/01 12:21:40 | 00,000,000 | ---D | C] -- C:\Program Files\NetMeeting
[2008/12/01 12:21:39 | 00,504,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab32.dll
[2008/12/01 12:21:39 | 00,249,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab32res.dll
[2008/12/01 12:21:39 | 00,084,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wabimp.dll
[2008/12/01 12:21:39 | 00,081,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\directdb.dll
[2008/12/01 12:21:39 | 00,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetres.dll
[2008/12/01 12:21:39 | 00,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetres.dll
[2008/12/01 12:21:39 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wabfind.dll
[2008/12/01 12:21:39 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wabmig.exe
[2008/12/01 12:21:38 | 01,311,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoe.dll
[2008/12/01 12:21:38 | 00,678,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcomm.dll
[2008/12/01 12:21:38 | 00,678,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcomm.dll
[2008/12/01 12:21:38 | 00,104,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oeimport.dll
[2008/12/01 12:21:38 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msimn.exe
[2008/12/01 12:21:37 | 02,479,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoeres.dll
[2008/12/01 12:21:37 | 00,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setup50.exe
[2008/12/01 12:21:37 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oemig50.exe
[2008/12/01 12:21:37 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oemiglib.dll
[2008/12/01 12:21:37 | 00,000,000 | ---D | C] -- C:\Program Files\Outlook Express
[2008/12/01 12:21:36 | 00,274,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstask.dll
[2008/12/01 12:21:36 | 00,274,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstask.dll
[2008/12/01 12:21:36 | 00,190,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\schedsvc.dll
[2008/12/01 12:21:36 | 00,190,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\schedsvc.dll
[2008/12/01 12:21:36 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwphbk.dll
[2008/12/01 12:21:36 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwphbk.dll
[2008/12/01 12:21:36 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstinit.exe
[2008/12/01 12:21:36 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstinit.exe
[2008/12/01 12:21:35 | 00,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcfg.dll
[2008/12/01 12:21:35 | 00,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcfg.dll
[2008/12/01 12:21:35 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\isign32.dll
[2008/12/01 12:21:35 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isign32.dll
[2008/12/01 12:21:35 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwdial.dll
[2008/12/01 12:21:35 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwdial.dll
[2008/12/01 12:21:34 | 00,172,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwhelp.dll
[2008/12/01 12:21:34 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwconn.dll
[2008/12/01 12:21:34 | 00,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwutil.dll
[2008/12/01 12:21:34 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwdl.dll
[2008/12/01 12:21:34 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwrmind.exe
[2008/12/01 12:21:33 | 00,561,179 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dao360.dll
[2008/12/01 12:21:33 | 00,217,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sqlxmlx.dll
[2008/12/01 12:21:33 | 00,214,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwconn1.exe
[2008/12/01 12:21:33 | 00,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwconn2.exe
[2008/12/01 12:21:33 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetwiz.exe
[2008/12/01 12:21:32 | 00,487,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oledb32.dll
[2008/12/01 12:21:32 | 00,204,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaps.dll
[2008/12/01 12:21:32 | 00,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdatl3.dll
[2008/12/01 12:21:32 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaosp.dll
[2008/12/01 12:21:32 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oledb32r.dll
[2008/12/01 12:21:31 | 00,315,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdasql.dll
[2008/12/01 12:21:31 | 00,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaora.dll
[2008/12/01 12:21:31 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxactps.dll
[2008/12/01 12:21:31 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdatt.dll
[2008/12/01 12:21:31 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdasqlr.dll
[2008/12/01 12:21:31 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaorar.dll
[2008/12/01 12:21:31 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaurl.dll
[2008/12/01 12:21:31 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdasc.dll
[2008/12/01 12:21:31 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaer.dll
[2008/12/01 12:21:31 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaenum.dll
[2008/12/01 12:21:30 | 00,200,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadox.dll
[2008/12/01 12:21:30 | 00,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadomd.dll
[2008/12/01 12:21:30 | 00,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msjro.dll
[2008/12/01 12:21:30 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado27.tlb
[2008/12/01 12:21:30 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado26.tlb
[2008/12/01 12:21:30 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado25.tlb
[2008/12/01 12:21:30 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado21.tlb
[2008/12/01 12:21:30 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado20.tlb
[2008/12/01 12:21:30 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadrh15.dll
[2008/12/01 12:21:30 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msador15.dll
[2008/12/01 12:21:30 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdadc.dll
[2008/12/01 12:21:29 | 00,536,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado15.dll
[2008/12/01 12:21:29 | 00,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdarem.dll
[2008/12/01 12:21:29 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdfmap.dll
[2008/12/01 12:21:29 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msader15.dll
[2008/12/01 12:21:29 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaremr.dll
[2008/12/01 12:21:28 | 00,200,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaprst.dll
[2008/12/01 12:21:28 | 00,155,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadds.dll
[2008/12/01 12:21:28 | 00,143,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadco.dll
[2008/12/01 12:21:28 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcf.dll
[2008/12/01 12:21:28 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcs.dll
[2008/12/01 12:21:28 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msaddsr.dll
[2008/12/01 12:21:28 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcer.dll
[2008/12/01 12:21:28 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaprsr.dll
[2008/12/01 12:21:28 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcor.dll
[2008/12/01 12:21:28 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcfr.dll
[2008/12/01 12:21:27 | 00,331,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadce.dll
[2008/12/01 12:21:27 | 00,153,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\triedit.dll
[2008/12/01 12:21:27 | 00,128,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dhtmled.ocx
[2008/12/01 12:21:27 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\System
[2008/12/01 12:21:26 | 00,622,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iexplore.exe
[2008/12/01 12:21:26 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedw.exe
[2008/12/01 12:21:26 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hmmapi.dll
[2008/12/01 12:21:26 | 00,000,000 | ---D | C] -- C:\Program Files\Internet Explorer
[2008/12/01 12:21:24 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Pictures
[2008/12/01 12:21:00 | 00,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008/12/01 12:20:48 | 00,000,000 | ---D | C] -- C:\Program Files\ComPlus Applications
[2008/12/01 12:20:46 | 00,000,037 | ---- | C] () -- C:\WINDOWS\vbaddin.ini
[2008/12/01 12:20:46 | 00,000,036 | ---- | C] () -- C:\WINDOWS\vb.ini
[2008/12/01 12:20:40 | 00,000,000 | ---D | C] -- C:\WINDOWS\Registration
[2008/12/01 12:20:32 | 00,000,000 | ---D | C] -- C:\Program Files\Online Services
[2008/12/01 12:20:31 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Music
[2008/12/01 12:20:31 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Media Player
[2008/12/01 12:20:24 | 00,042,577 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgzm.exe
[2008/12/01 12:20:24 | 00,000,000 | ---D | C] -- C:\Program Files\Messenger
[2008/12/01 12:20:23 | 01,817,687 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgres.dll
[2008/12/01 12:20:23 | 00,780,885 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrres.dll
[2008/12/01 12:20:23 | 00,753,236 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvseres.dll
[2008/12/01 12:20:23 | 00,082,501 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckg.dll
[2008/12/01 12:20:23 | 00,048,706 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvse.dll
[2008/12/01 12:20:23 | 00,042,575 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrzm.exe
[2008/12/01 12:20:23 | 00,042,574 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvsezm.exe
[2008/12/01 12:20:22 | 02,178,131 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlres.dll
[2008/12/01 12:20:22 | 01,175,635 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzres.dll
[2008/12/01 12:20:22 | 00,066,113 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvl.dll
[2008/12/01 12:20:22 | 00,057,409 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtz.dll
[2008/12/01 12:20:22 | 00,042,573 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlzm.exe
[2008/12/01 12:20:22 | 00,042,573 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzzm.exe
[2008/12/01 12:20:22 | 00,040,515 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkr.dll
[2008/12/01 12:20:22 | 00,004,677 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zeeverm.dll
[2008/12/01 12:20:21 | 01,039,955 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnresm.dll
[2008/12/01 12:20:21 | 00,113,222 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zoneclim.dll
[2008/12/01 12:20:21 | 00,041,029 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zcorem.dll
[2008/12/01 12:20:21 | 00,032,339 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniansi.dll
[2008/12/01 12:20:21 | 00,013,894 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zonelibm.dll
[2008/12/01 12:20:20 | 00,217,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnclim.dll
[2008/12/01 12:20:20 | 00,036,937 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zclientm.exe
[2008/12/01 12:20:20 | 00,029,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\znetm.dll
[2008/12/01 12:20:20 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\write.exe
[2008/12/01 12:20:20 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\write.exe
[2008/12/01 12:20:20 | 00,000,000 | ---D | C] -- C:\Program Files\MSN Gaming Zone
[2008/12/01 12:20:06 | 00,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndvol32.exe
[2008/12/01 12:20:06 | 00,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndvol32.exe
[2008/12/01 12:20:05 | 00,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avtapi.dll
[2008/12/01 12:20:05 | 00,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avtapi.dll
[2008/12/01 12:20:05 | 00,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avwav.dll
[2008/12/01 12:20:05 | 00,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avwav.dll
[2008/12/01 12:20:05 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avmeter.dll
[2008/12/01 12:20:05 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avmeter.dll
[2008/12/01 12:20:04 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winchat.exe
[2008/12/01 12:20:04 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winchat.exe
[2008/12/01 12:19:57 | 00,065,832 | ---- | C] () -- C:\WINDOWS\Santa Fe Stucco.bmp
[2008/12/01 12:19:57 | 00,026,680 | ---- | C] () -- C:\WINDOWS\River Sumida.bmp
[2008/12/01 12:19:57 | 00,009,522 | ---- | C] () -- C:\WINDOWS\Zapotec.bmp
[2008/12/01 12:19:56 | 00,065,978 | ---- | C] () -- C:\WINDOWS\Soap Bubbles.bmp
[2008/12/01 12:19:56 | 00,065,954 | ---- | C] () -- C:\WINDOWS\Prairie Wind.bmp
[2008/12/01 12:19:56 | 00,026,582 | ---- | C] () -- C:\WINDOWS\Greenstone.bmp
[2008/12/01 12:19:56 | 00,017,362 | ---- | C] () -- C:\WINDOWS\Rhododendron.bmp
[2008/12/01 12:19:56 | 00,017,336 | ---- | C] () -- C:\WINDOWS\Gone Fishing.bmp
[2008/12/01 12:19:56 | 00,017,062 | ---- | C] () -- C:\WINDOWS\Coffee Bean.bmp
[2008/12/01 12:19:56 | 00,016,730 | ---- | C] () -- C:\WINDOWS\FeatherTexture.bmp
[2008/12/01 12:19:55 | 00,001,272 | ---- | C] () -- C:\WINDOWS\Blue Lace 16.bmp
[2008/12/01 12:19:54 | 00,605,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\getuname.dll
[2008/12/01 12:19:54 | 00,605,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\getuname.dll
[2008/12/01 12:19:54 | 00,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\calc.exe
[2008/12/01 12:19:54 | 00,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\calc.exe
[2008/12/01 12:19:54 | 00,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\charmap.exe
[2008/12/01 12:19:54 | 00,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\charmap.exe
[2008/12/01 12:19:53 | 00,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mshearts.exe
[2008/12/01 12:19:53 | 00,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshearts.exe
[2008/12/01 12:19:53 | 00,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winmine.exe
[2008/12/01 12:19:53 | 00,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmine.exe
[2008/12/01 12:19:53 | 00,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sol.exe
[2008/12/01 12:19:53 | 00,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sol.exe
[2008/12/01 12:19:52 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\freecell.exe
[2008/12/01 12:19:52 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\freecell.exe
[2008/12/01 12:19:52 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsshutdn.exe
[2008/12/01 12:19:52 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsshutdn.exe
[2008/12/01 12:19:52 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tskill.exe
[2008/12/01 12:19:52 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tskill.exe
[2008/12/01 12:19:52 | 00,013,223 | ---- | C] () -- C:\WINDOWS\System32\tslabels.ini
[2008/12/01 12:19:52 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\reset.exe
[2008/12/01 12:19:52 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\reset.exe
[2008/12/01 12:19:52 | 00,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h
[2008/12/01 12:19:52 | 00,001,161 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2008/12/01 12:19:51 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\regini.exe
[2008/12/01 12:19:51 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\regini.exe
[2008/12/01 12:19:51 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qwinsta.exe
[2008/12/01 12:19:51 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qwinsta.exe
[2008/12/01 12:19:51 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msg.exe
[2008/12/01 12:19:51 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msg.exe
[2008/12/01 12:19:51 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qappsrv.exe
[2008/12/01 12:19:51 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qappsrv.exe
[2008/12/01 12:19:51 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rwinsta.exe
[2008/12/01 12:19:51 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rwinsta.exe
[2008/12/01 12:19:51 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsdiscon.exe
[2008/12/01 12:19:51 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscon.exe
[2008/12/01 12:19:51 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\shadow.exe
[2008/12/01 12:19:51 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsdiscon.exe
[2008/12/01 12:19:51 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscon.exe
[2008/12/01 12:19:51 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shadow.exe
[2008/12/01 12:19:51 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpcfgex.dll
[2008/12/01 12:19:51 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpcfgex.dll
[2008/12/01 12:19:50 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtsadmin.tlb
[2008/12/01 12:19:50 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cdmodem.dll
[2008/12/01 12:19:50 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cdmodem.dll
[2008/12/01 12:19:50 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\logoff.exe
[2008/12/01 12:19:50 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logoff.exe
[2008/12/01 12:19:50 | 00,001,931 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.ini
[2008/12/01 12:19:50 | 00,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h
[2008/12/01 12:19:49 | 00,082,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrepl.dll
[2008/12/01 12:19:49 | 00,082,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comrepl.dll
[2008/12/01 12:19:49 | 00,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comaddin.dll
[2008/12/01 12:19:49 | 00,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comaddin.dll
[2008/12/01 12:19:49 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxlegih.dll
[2008/12/01 12:19:49 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxlegih.dll
[2008/12/01 12:19:49 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxdm.dll
[2008/12/01 12:19:49 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxdm.dll
[2008/12/01 12:19:49 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dcomcnfg.exe
[2008/12/01 12:19:49 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrereg.exe
[2008/12/01 12:19:49 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dcomcnfg.exe
[2008/12/01 12:19:49 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxex.dll
[2008/12/01 12:19:49 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxex.dll
[2008/12/01 12:19:48 | 00,147,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comsnap.dll
[2008/12/01 12:19:48 | 00,147,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsnap.dll
[2008/12/01 12:19:48 | 00,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\stclient.dll
[2008/12/01 12:19:48 | 00,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\stclient.dll
[2008/12/01 12:19:48 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmi2xml.dll
[2008/12/01 12:19:44 | 00,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmitimep.dll
[2008/12/01 12:19:43 | 00,075,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipicmp.dll
[2008/12/01 12:19:43 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmimsg.dll
[2008/12/01 12:19:43 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemdisp.tlb
[2008/12/01 12:19:43 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.tlb
[2008/12/01 12:19:43 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmtr.dll
[2008/12/01 12:19:43 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmt.exe
[2008/12/01 12:19:43 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.dll
[2008/12/01 12:19:42 | 00,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\updprov.dll
[2008/12/01 12:19:42 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmplprov.dll
[2008/12/01 12:19:42 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trnsprov.dll
[2008/12/01 12:19:42 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpcons.dll
[2008/12/01 12:19:42 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unsecapp.exe
[2008/12/01 12:19:41 | 00,273,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msiprov.dll
[2008/12/01 12:19:41 | 00,120,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsprov.dll
[2008/12/01 12:19:41 | 00,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc
[2008/12/01 12:19:41 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fwdprov.dll
[2008/12/01 12:19:30 | 00,000,000 | ---D | C] -- C:\Program Files\MSN
[2008/12/01 12:19:29 | 00,281,088 | ---- | C] (Cinematronics) -- C:\WINDOWS\System32\dllcache\pinball.exe
[2008/12/01 12:19:29 | 00,214,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wordpad.exe
[2008/12/01 12:19:29 | 00,183,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\accwiz.exe
[2008/12/01 12:19:29 | 00,183,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\accwiz.exe
[2008/12/01 12:19:28 | 00,539,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dialer.exe
[2008/12/01 12:19:28 | 00,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndrec32.exe
[2008/12/01 12:19:28 | 00,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndrec32.exe
[2008/12/01 12:19:28 | 00,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mplay32.exe
[2008/12/01 12:19:28 | 00,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplay32.exe
[2008/12/01 12:19:28 | 00,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\access.cpl
[2008/12/01 12:19:28 | 00,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\access.cpl
[2008/12/01 12:19:28 | 00,000,000 | ---D | C] -- C:\Program Files\Windows NT
[2008/12/01 12:19:27 | 00,538,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spider.exe
[2008/12/01 12:19:27 | 00,538,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spider.exe
[2008/12/01 12:19:27 | 00,343,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mspaint.exe
[2008/12/01 12:19:27 | 00,343,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspaint.exe
[2008/12/01 12:19:27 | 00,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clipbrd.exe
[2008/12/01 12:19:27 | 00,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clipbrd.exe
[2008/12/01 12:19:27 | 00,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tdtcp.sys
[2008/12/01 12:19:27 | 00,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdtcp.sys
[2008/12/01 12:19:27 | 00,012,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tdpipe.sys
[2008/12/01 12:19:27 | 00,012,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdpipe.sys
[2008/12/01 12:19:26 | 00,655,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstscax.dll
[2008/12/01 12:19:26 | 00,655,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstscax.dll
[2008/12/01 12:19:26 | 00,407,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstsc.exe
[2008/12/01 12:19:26 | 00,407,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstsc.exe
[2008/12/01 12:19:26 | 00,139,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rdpwd.sys
[2008/12/01 12:19:26 | 00,139,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwd.sys
[2008/12/01 12:19:26 | 00,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscfgwmi.dll
[2008/12/01 12:19:26 | 00,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscfgwmi.dll
[2008/12/01 12:19:26 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\remotepg.dll
[2008/12/01 12:19:26 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\remotepg.dll
[2008/12/01 12:19:26 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdsaddin.exe
[2008/12/01 12:19:26 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdsaddin.exe
[2008/12/01 12:19:25 | 00,295,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\termsrv.dll
[2008/12/01 12:19:25 | 00,295,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\termsrv.dll
[2008/12/01 12:19:25 | 00,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdchost.dll
[2008/12/01 12:19:25 | 00,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdchost.dll
[2008/12/01 12:19:25 | 00,140,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sessmgr.exe
[2008/12/01 12:19:25 | 00,140,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sessmgr.exe
[2008/12/01 12:19:25 | 00,087,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpwsx.dll
[2008/12/01 12:19:25 | 00,087,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwsx.dll
[2008/12/01 12:19:25 | 00,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdshost.exe
[2008/12/01 12:19:25 | 00,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdshost.exe
[2008/12/01 12:19:25 | 00,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpclip.exe
[2008/12/01 12:19:25 | 00,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpclip.exe
[2008/12/01 12:19:25 | 00,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscupgrd.exe
[2008/12/01 12:19:25 | 00,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscupgrd.exe
[2008/12/01 12:19:25 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpsnd.dll
[2008/12/01 12:19:25 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpsnd.dll
[2008/12/01 12:19:24 | 00,161,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcuiu.dll
[2008/12/01 12:19:24 | 00,161,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtcuiu.dll
[2008/12/01 12:19:24 | 00,090,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxoci.dll
[2008/12/01 12:19:24 | 00,090,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxoci.dll
[2008/12/01 12:19:24 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cfgbkend.dll
[2008/12/01 12:19:24 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cfgbkend.dll
[2008/12/01 12:19:24 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qprocess.exe
[2008/12/01 12:19:24 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qprocess.exe
[2008/12/01 12:19:24 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icaapi.dll
[2008/12/01 12:19:24 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icaapi.dll
[2008/12/01 12:19:24 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc
[2008/12/01 12:19:23 | 00,949,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtctm.dll
[2008/12/01 12:19:23 | 00,949,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtctm.dll
[2008/12/01 12:19:23 | 00,425,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcprx.dll
[2008/12/01 12:19:23 | 00,425,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtcprx.dll
[2008/12/01 12:19:23 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtclog.dll
[2008/12/01 12:19:23 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtclog.dll
[2008/12/01 12:19:23 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xolehlp.dll
[2008/12/01 12:19:23 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xolehlp.dll
[2008/12/01 12:19:23 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtc.exe
[2008/12/01 12:19:23 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtc.exe
[2008/12/01 12:19:22 | 00,628,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\catsrvut.dll
[2008/12/01 12:19:22 | 00,628,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvut.dll
[2008/12/01 12:19:22 | 00,195,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comadmin.dll
[2008/12/01 12:19:22 | 00,110,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clbcatex.dll
[2008/12/01 12:19:22 | 00,110,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clbcatex.dll
[2008/12/01 12:19:22 | 00,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\catsrvps.dll
[2008/12/01 12:19:22 | 00,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvps.dll
[2008/12/01 12:19:22 | 00,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\colbact.dll
[2008/12/01 12:19:22 | 00,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\colbact.dll
[2008/12/01 12:19:22 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrepl.exe
[2008/12/01 12:19:22 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Com
[2008/12/01 12:19:21 | 01,251,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comsvcs.dll
[2008/12/01 12:19:21 | 01,251,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsvcs.dll
[2008/12/01 12:19:21 | 00,540,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comuid.dll
[2008/12/01 12:19:21 | 00,540,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comuid.dll
[2008/12/01 12:19:21 | 00,501,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clbcatq.dll
[2008/12/01 12:19:21 | 00,501,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clbcatq.dll
[2008/12/01 12:19:21 | 00,229,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\catsrv.dll
[2008/12/01 12:19:21 | 00,229,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrv.dll
[2008/12/01 12:19:19 | 00,218,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprvse.exe
[2008/12/01 12:19:19 | 00,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmisvc.dll
[2008/12/01 12:19:19 | 00,095,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiutils.dll
[2008/12/01 12:19:19 | 00,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipsess.dll
[2008/12/01 12:19:18 | 00,437,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprvsd.dll
[2008/12/01 12:19:18 | 00,358,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmic.exe
[2008/12/01 12:19:18 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipcima.dll
[2008/12/01 12:19:18 | 00,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprov.dll
[2008/12/01 12:19:18 | 00,140,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmidcprv.dll
[2008/12/01 12:19:18 | 00,132,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipdskq.dll
[2008/12/01 12:19:18 | 00,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipjobj.dll
[2008/12/01 12:19:18 | 00,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipiprt.dll
[2008/12/01 12:19:18 | 00,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmicookr.dll
[2008/12/01 12:19:17 | 00,530,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcore.dll
[2008/12/01 12:19:17 | 00,273,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemess.dll
[2008/12/01 12:19:17 | 00,197,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemupgd.dll
[2008/12/01 12:19:17 | 00,196,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiadap.exe
[2008/12/01 12:19:17 | 00,178,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemdisp.dll
[2008/12/01 12:19:17 | 00,126,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiapsrv.exe
[2008/12/01 12:19:17 | 00,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemtest.exe
[2008/12/01 12:19:17 | 00,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiaprpl.dll
[2008/12/01 12:19:17 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcons.dll
[2008/12/01 12:19:17 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemsvc.dll
[2008/12/01 12:19:17 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemprox.dll
[2008/12/01 12:19:17 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiapres.dll
[2008/12/01 12:19:16 | 00,214,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcomn.dll
[2008/12/01 12:19:16 | 00,196,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcntl.dll
[2008/12/01 12:19:16 | 00,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\viewprov.dll
[2008/12/01 12:19:16 | 00,086,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\stdprov.dll
[2008/12/01 12:19:16 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scrcons.exe
[2008/12/01 12:19:15 | 00,237,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\provthrd.dll
[2008/12/01 12:19:15 | 00,212,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntevt.dll
[2008/12/01 12:19:15 | 00,177,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\repdrvfs.dll
[2008/12/01 12:19:15 | 00,092,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\policman.dll
[2008/12/01 12:19:14 | 00,123,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mofd.dll
[2008/12/01 12:19:14 | 00,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ncprov.dll
[2008/12/01 12:19:14 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\krnlprov.dll
[2008/12/01 12:19:14 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mofcomp.exe
[2008/12/01 12:19:13 | 00,472,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fastprox.dll
[2008/12/01 12:19:13 | 00,247,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\esscli.dll
[2008/12/01 12:19:13 | 00,185,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\framedyn.dll
[2008/12/01 12:19:12 | 01,352,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cimwin32.dll
[2008/12/01 12:19:12 | 00,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmprops.dll
[2008/12/01 12:19:12 | 00,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmprops.dll
[2008/12/01 12:19:12 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\licwmi.dll
[2008/12/01 12:19:12 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\licwmi.dll
[2008/12/01 12:19:12 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\servdeps.dll
[2008/12/01 12:19:12 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\servdeps.dll
[2008/12/01 12:19:12 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmfutil.dll
[2008/12/01 12:19:12 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mmfutil.dll
[2008/12/01 12:19:10 | 00,196,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rdpdr.sys
[2008/12/01 12:19:10 | 00,040,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\termdd.sys
[2008/12/01 12:19:09 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Videos
[2008/11/20 22:45:30 | 00,042,320 | ---- | C] () -- C:\WINDOWS\System32\xfcodec.dll

========== Files - Modified Within 30 Days ==========

[1 C:\WINDOWS\System32\*.tmp files]
[3 C:\WINDOWS\*.tmp files]
[2008/12/12 21:16:37 | 00,000,345 | ---- | M] () -- C:\WINDOWS\gmer.ini
[2008/12/12 21:15:51 | 00,186,097 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2008/12/12 21:15:49 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2008/12/12 21:15:41 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2008/12/12 21:15:39 | 10,732,70784 | -HS- | M] () -- C:\hiberfil.sys
[2008/12/12 21:13:34 | 00,884,736 | ---- | M] () -- C:\WINDOWS\gmer.dll
[2008/12/12 21:13:34 | 00,085,969 | ---- | M] (GMER) -- C:\WINDOWS\System32\drivers\gmer.sys
[2008/12/12 21:13:34 | 00,000,080 | ---- | M] () -- C:\WINDOWS\gmer_uninstall.cmd
[2008/12/12 21:09:38 | 00,320,482 | ---- | M] () -- C:\Documents and Settings\Andy\Desktop\topic183980aaaa.htm
[2008/12/12 21:09:37 | 00,747,873 | ---- | M] () -- C:\Documents and Settings\Andy\Desktop\gmer.zip
[2008/12/12 19:44:58 | 00,022,328 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2008/12/12 19:44:51 | 00,107,832 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2008/12/11 22:28:04 | 00,000,719 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\VLC media player.lnk
[2008/12/11 22:22:11 | 10,565,093 | ---- | M] () -- C:\Documents and Settings\Andy\My Documents\VLC Media Player 0.8.6a.exe
[2008/12/11 22:18:37 | 00,003,584 | ---- | M] () -- C:\Documents and Settings\Andy\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/12/11 22:14:50 | 89,980,928 | ---- | M] () -- C:\Documents and Settings\Andy\My Documents\Adi Prisecaru (macea).MPG
[2008/12/11 21:53:22 | 00,218,777 | ---- | M] () -- C:\Documents and Settings\Andy\My Documents\untitled.JPG
[2008/12/11 21:42:44 | 00,068,842 | ---- | M] () -- C:\Documents and Settings\Andy\My Documents\soramea.jpg
[2008/12/11 06:49:23 | 00,095,864 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008/12/10 21:54:55 | 00,090,624 | ---- | M] () -- C:\Documents and Settings\Andy\My Documents\referat...sistemul muscular.doc
[2008/12/10 21:45:36 | 00,067,580 | ---- | M] () -- C:\Documents and Settings\Andy\Desktop\www.referat.ro-aditivi0947d.zip
[2008/12/10 21:17:49 | 01,390,337 | ---- | M] () -- C:\Documents and Settings\Andy\Desktop\flysetup.exe
[2008/12/10 21:17:31 | 00,328,244 | ---- | M] () -- C:\Documents and Settings\Andy\Desktop\saa713x_2310.zip
[2008/12/10 17:21:44 | 00,000,698 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\DAEMON Tools.lnk
[2008/12/10 17:20:19 | 00,611,064 | ---- | M] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2008/12/10 17:15:44 | 01,530,776 | ---- | M] (DT Soft Ltd.) -- C:\Documents and Settings\Andy\My Documents\daemon406-x86.exe
[2008/12/10 14:46:43 | 00,000,075 | -HS- | M] () -- C:\Documents and Settings\Andy\My Documents\desktop.ini
[2008/12/10 14:42:18 | 00,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2008/12/10 14:40:32 | 15,452,536 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Andy\Desktop\IE7-WindowsXP-x86-enu.exe
[2008/12/10 14:35:48 | 00,423,424 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Andy\Desktop\OTViewIt.exe
[2008/12/07 21:20:10 | 00,151,954 | ---- | M] () -- C:\Documents and Settings\Andy\Desktop\614-94490-danciulescu.jpg
[2008/12/07 21:17:07 | 00,163,946 | ---- | M] () -- C:\Documents and Settings\Andy\My Documents\RRomina.JPG
[2008/12/07 21:17:01 | 00,109,033 | ---- | M] () -- C:\Documents and Settings\Andy\My Documents\RRomina 4.JPG
[2008/12/07 21:16:57 | 00,105,703 | ---- | M] () -- C:\Documents and Settings\Andy\My Documents\RRomina 3.JPG
[2008/12/07 21:16:53 | 00,118,002 | ---- | M] () -- C:\Documents and Settings\Andy\My Documents\RRomina 2.JPG
[2008/12/07 00:01:44 | 39,240,452 | ---- | M] () -- C:\Documents and Settings\Andy\Desktop\coduo_mappack.zip
[2008/12/06 22:53:32 | 00,239,320 | ---- | M] () -- C:\Documents and Settings\Andy\My Documents\cod minimizer.rar
[2008/12/06 13:36:52 | 00,120,917 | ---- | M] () -- C:\Documents and Settings\Andy\My Documents\cod.JPG
[2008/12/04 22:03:41 | 00,088,773 | ---- | M] () -- C:\Documents and Settings\Andy\My Documents\latina 002.jpg
[2008/12/04 22:03:40 | 00,098,566 | ---- | M] () -- C:\Documents and Settings\Andy\My Documents\latina 001.jpg
[2008/12/04 14:08:58 | 00,305,705 | ---- | M] () -- C:\Documents and Settings\Andy\Desktop\RSIT.exe
[2008/12/04 07:03:37 | 00,147,192 | ---- | M] () -- C:\WINDOWS\System32\guard32.dll
[2008/12/04 07:03:37 | 00,101,776 | ---- | M] (COMODO) -- C:\WINDOWS\System32\drivers\cmdguard.sys
[2008/12/03 20:04:05 | 00,245,681 | ---- | M] () -- C:\Documents and Settings\Andy\My Documents\Call Of Duty 4(128x160)-64970.jar
[2008/12/03 07:19:12 | 00,000,686 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\HOSTS
[2008/12/03 07:12:54 | 01,529,241 | ---- | M] () -- C:\Documents and Settings\Andy\Desktop\SDFix.exe
[2008/12/03 07:11:44 | 00,049,208 | ---- | M] () -- C:\Documents and Settings\Andy\Desktop\topic131299.html
[2008/12/02 22:57:34 | 01,138,609 | ---- | M] (EFD Software ) -- C:\Documents and Settings\Andy\Desktop\hdtunepro_310_trial.exe
[2008/12/02 21:53:37 | 06,413,124 | -H-- | M] () -- C:\Documents and Settings\Andy\Local Settings\Application Data\IconCache.db
[2008/12/02 15:32:35 | 00,023,980 | ---- | M] () -- C:\Documents and Settings\Andy\Desktop\1227515655-Revolver.zip
[2008/12/02 07:07:47 | 02,372,472 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Andy\Desktop\mbam-setup.exe
[2008/12/01 22:53:14 | 00,000,031 | ---- | M] () -- C:\Documents and Settings\Andy\Desktop\coduo_minimizer.ini
[2008/12/01 22:11:33 | 30,718,383 | ---- | M] () -- C:\Documents and Settings\Andy\My Documents\adrian prisecaru.wmv
[2008/12/01 17:09:05 | 00,012,328 | ---- | M] () -- C:\Documents and Settings\Andy\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2008/12/01 15:07:28 | 05,736,952 | ---- | M] () -- C:\Documents and Settings\Andy\Desktop\xfire_installer_35044.exe
[2008/12/01 15:06:57 | 00,034,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\lhacm.acm
[2008/12/01 15:06:53 | 00,000,665 | ---- | M] () -- C:\Documents and Settings\Andy\Desktop\Teamspeak 2 RC2.lnk
[2008/12/01 15:06:23 | 05,862,994 | ---- | M] () -- C:\Documents and Settings\Andy\Desktop\ts2_client_rc2_2032.exe
[2008/12/01 15:01:29 | 00,066,872 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2008/12/01 14:56:43 | 00,278,528 | ---- | M] (By UberGames) -- C:\Documents and Settings\Andy\My Documents\Q3E Minimizer_v1.51.exe
[2008/12/01 14:46:38 | 00,944,797 | ---- | M] () -- C:\Documents and Settings\Andy\Desktop\wrar300.exe
[2008/12/01 14:45:11 | 00,151,679 | ---- | M] () -- C:\Documents and Settings\Andy\Desktop\q3eminimizerv130.zip
[2008/12/01 14:41:13 | 00,000,319 | ---- | M] () -- C:\WINDOWS\CoDUO.INI
[2008/12/01 14:31:43 | 00,000,709 | ---- | M] () -- C:\WINDOWS\CoD.INI
[2008/12/01 14:14:01 | 00,000,231 | ---- | M] () -- C:\WINDOWS\system.ini
[2008/12/01 14:13:29 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\All Users\Documents\desktop.ini
[2008/12/01 14:13:29 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\desktop.ini
[2008/12/01 14:13:28 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\Andy\Application Data\desktop.ini
[2008/12/01 14:03:46 | 23,804,784 | ---- | M] () -- C:\Documents and Settings\Andy\Desktop\aaw2008.exe
[2008/12/01 13:21:33 | 27,462,344 | ---- | M] () -- C:\Documents and Settings\Andy\Desktop\setupeng.exe
[2008/12/01 13:11:07 | 00,079,504 | ---- | M] (COMODO) -- C:\WINDOWS\System32\drivers\inspect.sys
[2008/12/01 13:11:07 | 00,031,504 | ---- | M] (COMODO) -- C:\WINDOWS\System32\drivers\cmdhlp.sys
[2008/12/01 13:10:54 | 00,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2008/12/01 13:09:52 | 07,508,624 | ---- | M] (Mozilla) -- C:\Documents and Settings\Andy\Desktop\Firefox Setup 3.0.4.exe
[2008/12/01 12:49:10 | 00,356,120 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2008/12/01 12:49:10 | 00,311,604 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2008/12/01 12:49:10 | 00,039,992 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2008/12/01 12:29:57 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2008/12/01 12:29:04 | 00,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD
[2008/12/01 12:28:05 | 00,000,315 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2008/12/01 12:24:55 | 00,000,084 | -HS- | M] () -- C:\Documents and Settings\Andy\Start Menu\Programs\Startup\desktop.ini
[2008/12/01 12:24:55 | 00,000,084 | -HS- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\desktop.ini
[2008/12/01 12:24:48 | 00,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2008/12/01 12:24:48 | 00,000,477 | ---- | M] () -- C:\WINDOWS\win.ini
[2008/12/01 12:24:48 | 00,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2008/12/01 12:24:48 | 00,000,000 | RHS- | M] () -- C:\IO.SYS
[2008/12/01 12:24:48 | 00,000,000 | ---- | M] () -- C:\WINDOWS\control.ini
[2008/12/01 12:24:48 | 00,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2008/12/01 12:24:48 | 00,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2008/12/01 12:24:40 | 00,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2008/12/01 12:24:40 | 00,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2008/12/01 12:24:40 | 00,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2008/12/01 12:24:28 | 00,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2008/12/01 12:21:00 | 00,021,640 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008/12/01 12:20:46 | 00,000,037 | ---- | M] () -- C:\WINDOWS\vbaddin.ini
[2008/12/01 12:20:46 | 00,000,036 | ---- | M] () -- C:\WINDOWS\vb.ini
[2008/12/01 12:18:17 | 00,000,211 | -HS- | M] () -- C:\boot.ini
[2008/11/20 22:45:30 | 00,042,320 | ---- | M] () -- C:\WINDOWS\System32\xfcodec.dll
< End of report >


OTViewIt Extras logfile created on: 12/12/2008 9:35:10 PM - Run 3
OTViewIt by OldTimer - Version 1.0.20.1 Folder = C:\Documents and Settings\Andy\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1023.48 Mb Total Physical Memory | 678.17 Mb Available Physical Memory | 66.26% Memory free
2.40 Gb Paging File | 2.16 Gb Available in Paging File | 89.89% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 8.69 Gb Total Space | 2.96 Gb Free Space | 34.07% Space Free | Partition Type: NTFS
Drive D: | 29.59 Gb Total Space | 22.43 Gb Free Space | 75.80% Space Free | Partition Type: NTFS
Drive E: | 3.94 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ANDY-65D25A1FE7
Current User Name: Andy
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Whitelist: On
File Age = 30 Days

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled"=1
"AntiVirusDisableNotify"=0
"FirewallDisableNotify"=0
"UpdatesDisableNotify"=0
"AntiVirusOverride"=0
"FirewallOverride"=0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"EnableFirewall"=1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[2004/08/04 14:00:00 | 00,140,800 | ---- | M] (Microsoft Corporation) -- %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
[2004/08/04 14:00:00 | 00,140,800 | ---- | M] (Microsoft Corporation) -- %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
[2008/11/05 21:59:00 | 04,347,120 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger
[2008/11/20 22:45:26 | 02,986,320 | ---- | M] (Xfire Inc.) -- C:\Program Files\Xfire\Xfire.exe:*:Enabled:Xfire
[2004/11/18 21:43:44 | 01,830,912 | ---- | M] () -- D:\Call of Duty\CoDMP.exe:*:Enabled:CoDMP
[2004/12/07 07:13:54 | 01,904,640 | ---- | M] () -- D:\Call of Duty\CoDUOMP.exe:*:Enabled:CoDUOMP

========== (O18) Protocol Handlers ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
ipp: [HKLM - No CLSID value]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\] - Protocol Handlers
[2002/05/24 12:22:16 | 00,532,480 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL ipp\0x00000001:{E1D2BF42-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - Microsoft OLE DB Moniker Binder for Internet Publishing]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
msdaipp: [HKLM - No CLSID value]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\] - Protocol Handlers
[2002/05/24 12:22:16 | 00,532,480 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL msdaipp\0x00000001:{E1D2BF42-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - Microsoft OLE DB Moniker Binder for Internet Publishing]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\] - Protocol Handlers
[2002/05/24 12:22:16 | 00,532,480 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL msdaipp\oledb:{E1D2BF40-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - MSDAIPP.BINDER]

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}"=Java™ 6 Update 11
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}"=WebFldrs XP
"{7299052b-02a4-4627-81f2-1818da5d550d}"=Microsoft Visual C++ 2005 Redistributable
"{A662E280-64A8-4CF5-8407-13D0808602B3}"=Call of Duty - United Offensive
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}"=Futuremark SystemInfo
"{D7A6C517-11F2-419F-B5BB-27772B939698}"=NvMixer
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}"=Ad-Aware
"{FB08F381-6533-4108-B7DD-039E11FBC27E}"=Realtek AC'97 Audio
"Adobe Flash Player ActiveX"=Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin"=Adobe Flash Player 10 Plugin
"Call of Duty"=Call of Duty
"COMODO Internet Security"=COMODO Internet Security
"FLY2000TV"=FLY 2000 TV v2.38 RC2
"HD Tune Pro_is1"=HD Tune Pro 3.10
"HijackThis"=HijackThis 2.0.2
"IDNMitigationAPIs"=Microsoft Internationalized Domain Names Mitigation APIs
"ie7"=Windows Internet Explorer 7
"InstallShield_{A662E280-64A8-4CF5-8407-13D0808602B3}"=Call of Duty - United Offensive
"Malwarebytes' Anti-Malware_is1"=Malwarebytes' Anti-Malware
"Mozilla Firefox (3.0.4)"=Mozilla Firefox (3.0.4)
"NLSDownlevelMapping"=Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers"=NVIDIA Drivers
"Teamspeak 2 RC2_is1"=TeamSpeak 2 RC2
"VLC media player"=VideoLAN VLC media player 0.8.6a
"WinRAR archiver"=WinRAR archiver
"Xfire"=Xfire (remove only)
"Yahoo! Messenger"=Yahoo! Messenger

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 12/1/2008 9:15:11 AM | Computer Name = ANDY-65D25A1FE7 | Source = Application Hang | ID = 1002
Description = Hanging application YahooMessenger.exe, version 9.0.0.2034, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 12/1/2008 9:19:07 AM | Computer Name = ANDY-65D25A1FE7 | Source = EventSystem | ID = 4609
Description = The COM+ Event System detected a bad return code during its internal
processing. HRESULT was 800706BA from line 44 of d:\qxp_slp\com\com1x\src\events\tier1\eventsystemobj.cpp.
Please contact Microsoft Product Support Services to report this erro

[ System Events ]
Error - 12/3/2008 1:18:17 AM | Computer Name = ANDY-65D25A1FE7 | Source = Service Control Manager | ID = 7001
Description = The DNS Client service depends on the TCP/IP Protocol Driver service
which failed to start because of the following error: %%31

Error - 12/3/2008 1:18:17 AM | Computer Name = ANDY-65D25A1FE7 | Source = Service Control Manager | ID = 7001
Description = The TCP/IP NetBIOS Helper service depends on the AFD service which
failed to start because of the following error: %%31

Error - 12/3/2008 1:18:17 AM | Computer Name = ANDY-65D25A1FE7 | Source = Service Control Manager | ID = 7001
Description = The IPSEC Services service depends on the IPSEC driver service which
failed to start because of the following error: %%31

Error - 12/3/2008 1:18:17 AM | Computer Name = ANDY-65D25A1FE7 | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
AFD AmdK7 cmdGuard cmdHlp Fips IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss Tcpip

Error - 12/8/2008 7:36:21 AM | Computer Name = ANDY-65D25A1FE7 | Source = W32Time | ID = 39452689
Description = Time Provider NtpClient: An error occurred during DNS lookup of the
manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
again in 15 minutes. The error was: A socket operation was attempted to an unreachable
host. (0x80072751)

Error - 12/8/2008 7:36:21 AM | Computer Name = ANDY-65D25A1FE7 | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 14 minutes. NtpClient has no source of accurate
time.

Error - 12/8/2008 7:36:23 AM | Computer Name = ANDY-65D25A1FE7 | Source = W32Time | ID = 39452689
Description = Time Provider NtpClient: An error occurred during DNS lookup of the
manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
again in 15 minutes. The error was: A socket operation was attempted to an unreachable
host. (0x80072751)

Error - 12/8/2008 7:36:23 AM | Computer Name = ANDY-65D25A1FE7 | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 15 minutes. NtpClient has no source of accurate
time.

Error - 12/8/2008 7:38:35 AM | Computer Name = ANDY-65D25A1FE7 | Source = W32Time | ID = 39452689
Description = Time Provider NtpClient: An error occurred during DNS lookup of the
manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
again in 15 minutes. The error was: A socket operation was attempted to an unreachable
host. (0x80072751)

Error - 12/8/2008 7:38:35 AM | Computer Name = ANDY-65D25A1FE7 | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 14 minutes. NtpClient has no source of accurate
time.


< End of report >

#8 Andy8

Andy8
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:01:31 AM

Posted 12 December 2008 - 02:45 PM

I had to post a second reply because it wouldn't "fit" in a single post.Here is the gmer log:

GMER 1.0.14.14536 - http://www.gmer.net
Rootkit scan 2008-12-12 21:21:49
Windows 5.1.2600 Service Pack 2


---- System - GMER 1.0.14 ----

SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwAdjustPrivilegesToken [0xF0695906]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwConnectPort [0xF0694E66]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwCreateFile [0xF06954C2]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwCreateKey [0xF06960D0]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwCreatePort [0xF0694BC0]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwCreateSection [0xF0696DC0]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwCreateSymbolicLinkObject [0xF0695AEC]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwCreateThread [0xF0694796]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwDeleteKey [0xF0695D3A]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwDeleteValueKey [0xF0695EEA]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwDuplicateObject [0xF06944F8]
SSDT sptd.sys ZwEnumerateKey [0xF774BD1C]
SSDT sptd.sys ZwEnumerateValueKey [0xF774C0BC]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwLoadDriver [0xF0696A42]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwMakeTemporaryObject [0xF06950AC]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwOpenFile [0xF06956FA]
SSDT sptd.sys ZwOpenKey [0xF7747090]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwOpenProcess [0xF0694228]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwOpenSection [0xF069533C]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwOpenThread [0xF06943A0]
SSDT sptd.sys ZwQueryKey [0xF774C194]
SSDT sptd.sys ZwQueryValueKey [0xF774C014]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwRenameKey [0xF0696496]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwRequestWaitReplyPort [0xF0694CDE]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwSecureConnectPort [0xF06967FA]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwSetSystemInformation [0xF0696BF0]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwSetValueKey [0xF0696296]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwShutdownSystem [0xF0695046]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwSystemDebugControl [0xF0695230]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwTerminateProcess [0xF0694A8A]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwTerminateThread [0xF0694958]

---- Kernel code sections - GMER 1.0.14 ----

? C:\WINDOWS\system32\drivers\sptd.sys The process cannot access the file because it is being used by another process.
.text USBPORT.SYS!DllUnload F6AAA62C 5 Bytes JMP 865631B8
? System32\Drivers\agbyvv30.SYS The system cannot find the file specified. !

---- User code sections - GMER 1.0.14 ----

.text C:\WINDOWS\system32\PnkBstrA.exe[248] ntdll.dll!NtClose 7C90D586 5 Bytes JMP 10005810 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\PnkBstrA.exe[248] ntdll.dll!LdrUnloadDll 7C91718B 5 Bytes JMP 10005740 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\PnkBstrA.exe[248] USER32.dll!EndTask 77D89C9D 5 Bytes JMP 100053D0 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\PnkBstrA.exe[248] USER32.dll!mouse_event 77D96321 5 Bytes JMP 100016D0 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\PnkBstrA.exe[248] USER32.dll!keybd_event 77D96365 5 Bytes JMP 10001550 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\PnkBstrA.exe[248] GDI32.dll!BitBlt 77F16DC0 5 Bytes JMP 10001860 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\PnkBstrA.exe[248] GDI32.dll!CreateDCA 77F1CE55 5 Bytes JMP 10001230 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\PnkBstrA.exe[248] GDI32.dll!CreateDCW 77F2F8CF 5 Bytes JMP 100013C0 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\PnkBstrA.exe[248] ole32.dll!CoCreateInstanceEx 77525FB1 5 Bytes JMP 100050E0 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\PnkBstrA.exe[248] ole32.dll!CoGetClassObject 7753F356 5 Bytes JMP 10005260 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\winlogon.exe[700] ntdll.dll!NtClose 7C90D586 5 Bytes JMP 10005810 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\winlogon.exe[700] ntdll.dll!LdrUnloadDll 7C91718B 5 Bytes JMP 10005740 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\winlogon.exe[700] USER32.dll!EndTask 77D89C9D 5 Bytes JMP 100053D0 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\winlogon.exe[700] USER32.dll!mouse_event 77D96321 5 Bytes JMP 100016D0 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\winlogon.exe[700] USER32.dll!keybd_event 77D96365 5 Bytes JMP 10001550 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\winlogon.exe[700] GDI32.dll!BitBlt 77F16DC0 5 Bytes JMP 10001860 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\winlogon.exe[700] GDI32.dll!CreateDCA 77F1CE55 5 Bytes JMP 10001230 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\winlogon.exe[700] GDI32.dll!CreateDCW 77F2F8CF 5 Bytes JMP 100013C0 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\winlogon.exe[700] ole32.dll!CoCreateInstanceEx 77525FB1 5 Bytes JMP 100050E0 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\winlogon.exe[700] ole32.dll!CoGetClassObject 7753F356 5 Bytes JMP 10005260 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\services.exe[796] ntdll.dll!NtClose 7C90D586 5 Bytes JMP 10005810 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\services.exe[796] ntdll.dll!LdrUnloadDll 7C91718B 5 Bytes JMP 10005740 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\services.exe[796] USER32.dll!EndTask 77D89C9D 5 Bytes JMP 100053D0 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\services.exe[796] USER32.dll!mouse_event 77D96321 5 Bytes JMP 100016D0 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\services.exe[796] USER32.dll!keybd_event 77D96365 5 Bytes JMP 10001550 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\services.exe[796] GDI32.dll!BitBlt 77F16DC0 5 Bytes JMP 10001860 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\services.exe[796] GDI32.dll!CreateDCA 77F1CE55 5 Bytes JMP 10001230 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\services.exe[796] GDI32.dll!CreateDCW 77F2F8CF 5 Bytes JMP 100013C0 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\services.exe[796] ole32.dll!CoCreateInstanceEx 77525FB1 5 Bytes JMP 100050E0 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\services.exe[796] ole32.dll!CoGetClassObject 7753F356 5 Bytes JMP 10005260 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\lsass.exe[808] ntdll.dll!NtClose 7C90D586 5 Bytes JMP 10005810 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\lsass.exe[808] ntdll.dll!LdrUnloadDll 7C91718B 5 Bytes JMP 10005740 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\lsass.exe[808] USER32.dll!EndTask 77D89C9D 5 Bytes JMP 100053D0 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\lsass.exe[808] USER32.dll!mouse_event 77D96321 5 Bytes JMP 100016D0 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\lsass.exe[808] USER32.dll!keybd_event 77D96365 5 Bytes JMP 10001550 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\lsass.exe[808] GDI32.dll!BitBlt 77F16DC0 5 Bytes JMP 10001860 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\lsass.exe[808] GDI32.dll!CreateDCA 77F1CE55 5 Bytes JMP 10001230 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\lsass.exe[808] GDI32.dll!CreateDCW 77F2F8CF 5 Bytes JMP 100013C0 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\lsass.exe[808] ole32.dll!CoCreateInstanceEx 77525FB1 5 Bytes JMP 100050E0 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\lsass.exe[808] ole32.dll!CoGetClassObject 7753F356 5 Bytes JMP 10005260 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\svchost.exe[952] ntdll.dll!NtClose 7C90D586 5 Bytes JMP 10005810 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\svchost.exe[952] ntdll.dll!LdrUnloadDll 7C91718B 5 Bytes JMP 10005740 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\svchost.exe[952] USER32.dll!EndTask 77D89C9D 5 Bytes JMP 100053D0 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\svchost.exe[952] USER32.dll!mouse_event 77D96321 5 Bytes JMP 100016D0 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\svchost.exe[952] USER32.dll!keybd_event 77D96365 5 Bytes JMP 10001550 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\svchost.exe[952] GDI32.dll!BitBlt 77F16DC0 5 Bytes JMP 10001860 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\svchost.exe[952] GDI32.dll!CreateDCA 77F1CE55 5 Bytes JMP 10001230 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\svchost.exe[952] GDI32.dll!CreateDCW 77F2F8CF 5 Bytes JMP 100013C0 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\svchost.exe[952] ole32.dll!CoCreateInstanceEx 77525FB1 5 Bytes JMP 100050E0 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\svchost.exe[952] ole32.dll!CoGetClassObject 7753F356 5 Bytes JMP 10005260 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\svchost.exe[1020] ntdll.dll!NtClose 7C90D586 5 Bytes JMP 10005810 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\svchost.exe[1020] ntdll.dll!LdrUnloadDll 7C91718B 5 Bytes JMP 10005740 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\svchost.exe[1020] USER32.dll!EndTask 77D89C9D 5 Bytes JMP 100053D0 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\svchost.exe[1020] USER32.dll!mouse_event 77D96321 5 Bytes JMP 100016D0 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\svchost.exe[1020] USER32.dll!keybd_event 77D96365 5 Bytes JMP 10001550 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\svchost.exe[1020] GDI32.dll!BitBlt 77F16DC0 5 Bytes JMP 10001860 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\svchost.exe[1020] GDI32.dll!CreateDCA 77F1CE55 5 Bytes JMP 10001230 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\svchost.exe[1020] GDI32.dll!CreateDCW 77F2F8CF 5 Bytes JMP 100013C0 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\svchost.exe[1020] ole32.dll!CoCreateInstanceEx 77525FB1 5 Bytes JMP 100050E0 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\svchost.exe[1020] ole32.dll!CoGetClassObject 7753F356 5 Bytes JMP 10005260 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\System32\svchost.exe[1060] ntdll.dll!NtClose 7C90D586 5 Bytes JMP 10005810 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\System32\svchost.exe[1060] ntdll.dll!LdrUnloadDll 7C91718B 5 Bytes JMP 10005740 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\System32\svchost.exe[1060] USER32.dll!EndTask 77D89C9D 5 Bytes JMP 100053D0 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\System32\svchost.exe[1060] USER32.dll!mouse_event 77D96321 5 Bytes JMP 100016D0 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\System32\svchost.exe[1060] USER32.dll!keybd_event 77D96365 5 Bytes JMP 10001550 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\System32\svchost.exe[1060] GDI32.dll!BitBlt 77F16DC0 5 Bytes JMP 10001860 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\System32\svchost.exe[1060] GDI32.dll!CreateDCA 77F1CE55 5 Bytes JMP 10001230 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\System32\svchost.exe[1060] GDI32.dll!CreateDCW 77F2F8CF 5 Bytes JMP 100013C0 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\System32\svchost.exe[1060] ole32.dll!CoCreateInstanceEx 77525FB1 5 Bytes JMP 100050E0 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\System32\svchost.exe[1060] ole32.dll!CoGetClassObject 7753F356 5 Bytes JMP 10005260 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\svchost.exe[1152] ntdll.dll!NtClose 7C90D586 5 Bytes JMP 10005810 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\svchost.exe[1152] ntdll.dll!LdrUnloadDll 7C91718B 5 Bytes JMP 10005740 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\svchost.exe[1152] USER32.dll!EndTask 77D89C9D 5 Bytes JMP 100053D0 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\svchost.exe[1152] USER32.dll!mouse_event 77D96321 5 Bytes JMP 100016D0 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\svchost.exe[1152] USER32.dll!keybd_event 77D96365 5 Bytes JMP 10001550 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\svchost.exe[1152] GDI32.dll!BitBlt 77F16DC0 5 Bytes JMP 10001860 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\svchost.exe[1152] GDI32.dll!CreateDCA 77F1CE55 5 Bytes JMP 10001230 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\svchost.exe[1152] GDI32.dll!CreateDCW 77F2F8CF 5 Bytes JMP 100013C0 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\svchost.exe[1152] ole32.dll!CoCreateInstanceEx 77525FB1 5 Bytes JMP 100050E0 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\svchost.exe[1152] ole32.dll!CoGetClassObject 7753F356 5 Bytes JMP 10005260 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\svchost.exe[1220] ntdll.dll!NtClose 7C90D586 5 Bytes JMP 10005810 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\svchost.exe[1220] ntdll.dll!LdrUnloadDll 7C91718B 5 Bytes JMP 10005740 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\svchost.exe[1220] USER32.dll!EndTask 77D89C9D 5 Bytes JMP 100053D0 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\svchost.exe[1220] USER32.dll!mouse_event 77D96321 5 Bytes JMP 100016D0 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\svchost.exe[1220] USER32.dll!keybd_event 77D96365 5 Bytes JMP 10001550 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\svchost.exe[1220] GDI32.dll!BitBlt 77F16DC0 5 Bytes JMP 10001860 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\svchost.exe[1220] GDI32.dll!CreateDCA 77F1CE55 5 Bytes JMP 10001230 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\svchost.exe[1220] GDI32.dll!CreateDCW 77F2F8CF 5 Bytes JMP 100013C0 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\svchost.exe[1220] ole32.dll!CoCreateInstanceEx 77525FB1 5 Bytes JMP 100050E0 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\svchost.exe[1220] ole32.dll!CoGetClassObject 7753F356 5 Bytes JMP 10005260 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe[1328] ntdll.dll!NtClose 7C90D586 5 Bytes JMP 003A5810 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe[1328] ntdll.dll!LdrUnloadDll 7C91718B 5 Bytes JMP 003A5740 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe[1328] GDI32.dll!BitBlt 77F16DC0 5 Bytes JMP 003A1860 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe[1328] GDI32.dll!CreateDCA 77F1CE55 5 Bytes JMP 003A1230 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe[1328] GDI32.dll!CreateDCW 77F2F8CF 5 Bytes JMP 003A13C0 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe[1328] USER32.dll!EndTask 77D89C9D 5 Bytes JMP 003A53D0 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe[1328] USER32.dll!mouse_event 77D96321 5 Bytes JMP 003A16D0 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe[1328] USER32.dll!keybd_event 77D96365 5 Bytes JMP 003A1550 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe[1328] ole32.dll!CoCreateInstanceEx 77525FB1 5 Bytes JMP 003A50E0 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe[1328] ole32.dll!CoGetClassObject 7753F356 5 Bytes JMP 003A5260 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\System32\alg.exe[1432] ntdll.dll!NtClose 7C90D586 5 Bytes JMP 10005810 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\System32\alg.exe[1432] ntdll.dll!LdrUnloadDll 7C91718B 5 Bytes JMP 10005740 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\System32\alg.exe[1432] USER32.dll!EndTask 77D89C9D 5 Bytes JMP 100053D0 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\System32\alg.exe[1432] USER32.dll!mouse_event 77D96321 5 Bytes JMP 100016D0 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\System32\alg.exe[1432] USER32.dll!keybd_event 77D96365 5 Bytes JMP 10001550 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\System32\alg.exe[1432] GDI32.dll!BitBlt 77F16DC0 5 Bytes JMP 10001860 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\System32\alg.exe[1432] GDI32.dll!CreateDCA 77F1CE55 5 Bytes JMP 10001230 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\System32\alg.exe[1432] GDI32.dll!CreateDCW 77F2F8CF 5 Bytes JMP 100013C0 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\System32\alg.exe[1432] ole32.dll!CoCreateInstanceEx 77525FB1 5 Bytes JMP 100050E0 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\System32\alg.exe[1432] ole32.dll!CoGetClassObject 7753F356 5 Bytes JMP 10005260 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\Explorer.EXE[1472] ntdll.dll!NtClose 7C90D586 5 Bytes JMP 10005810 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\Explorer.EXE[1472] ntdll.dll!LdrUnloadDll 7C91718B 5 Bytes JMP 10005740 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\Explorer.EXE[1472] GDI32.dll!BitBlt 77F16DC0 5 Bytes JMP 10001860 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\Explorer.EXE[1472] GDI32.dll!CreateDCA 77F1CE55 5 Bytes JMP 10001230 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\Explorer.EXE[1472] GDI32.dll!CreateDCW 77F2F8CF 5 Bytes JMP 100013C0 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\Explorer.EXE[1472] USER32.dll!EndTask 77D89C9D 5 Bytes JMP 100053D0 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\Explorer.EXE[1472] USER32.dll!mouse_event 77D96321 5 Bytes JMP 100016D0 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\Explorer.EXE[1472] USER32.dll!keybd_event 77D96365 5 Bytes JMP 10001550 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\Explorer.EXE[1472] ole32.dll!CoCreateInstanceEx 77525FB1 5 Bytes JMP 100050E0 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\Explorer.EXE[1472] ole32.dll!CoGetClassObject 7753F356 5 Bytes JMP 10005260 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\spoolsv.exe[1568] ntdll.dll!NtClose 7C90D586 5 Bytes JMP 10005810 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\spoolsv.exe[1568] ntdll.dll!LdrUnloadDll 7C91718B 5 Bytes JMP 10005740 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\spoolsv.exe[1568] GDI32.dll!BitBlt 77F16DC0 5 Bytes JMP 10001860 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\spoolsv.exe[1568] GDI32.dll!CreateDCA 77F1CE55 5 Bytes JMP 10001230 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\spoolsv.exe[1568] GDI32.dll!CreateDCW 77F2F8CF 5 Bytes JMP 100013C0 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\spoolsv.exe[1568] USER32.dll!EndTask 77D89C9D 5 Bytes JMP 100053D0 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\spoolsv.exe[1568] USER32.dll!mouse_event 77D96321 5 Bytes JMP 100016D0 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\spoolsv.exe[1568] USER32.dll!keybd_event 77D96365 5 Bytes JMP 10001550 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\spoolsv.exe[1568] ole32.dll!CoCreateInstanceEx 77525FB1 5 Bytes JMP 100050E0 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\spoolsv.exe[1568] ole32.dll!CoGetClassObject 7753F356 5 Bytes JMP 10005260 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\RUNDLL32.EXE[1732] ntdll.dll!NtClose 7C90D586 5 Bytes JMP 10005810 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\RUNDLL32.EXE[1732] ntdll.dll!LdrUnloadDll 7C91718B 5 Bytes JMP 10005740 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\RUNDLL32.EXE[1732] GDI32.dll!BitBlt 77F16DC0 5 Bytes JMP 10001860 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\RUNDLL32.EXE[1732] GDI32.dll!CreateDCA 77F1CE55 5 Bytes JMP 10001230 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\RUNDLL32.EXE[1732] GDI32.dll!CreateDCW 77F2F8CF 5 Bytes JMP 100013C0 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\RUNDLL32.EXE[1732] USER32.dll!EndTask 77D89C9D 5 Bytes JMP 100053D0 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\RUNDLL32.EXE[1732] USER32.dll!mouse_event 77D96321 5 Bytes JMP 100016D0 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\RUNDLL32.EXE[1732] USER32.dll!keybd_event 77D96365 5 Bytes JMP 10001550 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\RUNDLL32.EXE[1732] ole32.dll!CoCreateInstanceEx 77525FB1 5 Bytes JMP 100050E0 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\RUNDLL32.EXE[1732] ole32.dll!CoGetClassObject 7753F356 5 Bytes JMP 10005260 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Java\jre6\bin\jusched.exe[1748] ntdll.dll!NtClose 7C90D586 5 Bytes JMP 10005810 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Java\jre6\bin\jusched.exe[1748] ntdll.dll!LdrUnloadDll 7C91718B 5 Bytes JMP 10005740 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Java\jre6\bin\jusched.exe[1748] GDI32.dll!BitBlt 77F16DC0 5 Bytes JMP 10001860 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Java\jre6\bin\jusched.exe[1748] GDI32.dll!CreateDCA 77F1CE55 5 Bytes JMP 10001230 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Java\jre6\bin\jusched.exe[1748] GDI32.dll!CreateDCW 77F2F8CF 5 Bytes JMP 100013C0 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Java\jre6\bin\jusched.exe[1748] USER32.dll!EndTask 77D89C9D 5 Bytes JMP 100053D0 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Java\jre6\bin\jusched.exe[1748] USER32.dll!mouse_event 77D96321 5 Bytes JMP 100016D0 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Java\jre6\bin\jusched.exe[1748] USER32.dll!keybd_event 77D96365 5 Bytes JMP 10001550 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Java\jre6\bin\jusched.exe[1748] ole32.dll!CoCreateInstanceEx 77525FB1 5 Bytes JMP 100050E0 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Java\jre6\bin\jusched.exe[1748] ole32.dll!CoGetClassObject 7753F356 5 Bytes JMP 10005260 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\ctfmon.exe[1784] ntdll.dll!NtClose 7C90D586 5 Bytes JMP 10005810 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\ctfmon.exe[1784] ntdll.dll!LdrUnloadDll 7C91718B 5 Bytes JMP 10005740 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\ctfmon.exe[1784] USER32.dll!EndTask 77D89C9D 5 Bytes JMP 100053D0 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\ctfmon.exe[1784] USER32.dll!mouse_event 77D96321 5 Bytes JMP 100016D0 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\ctfmon.exe[1784] USER32.dll!keybd_event 77D96365 5 Bytes JMP 10001550 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\ctfmon.exe[1784] GDI32.dll!BitBlt 77F16DC0 5 Bytes JMP 10001860 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\ctfmon.exe[1784] GDI32.dll!CreateDCA 77F1CE55 5 Bytes JMP 10001230 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\ctfmon.exe[1784] GDI32.dll!CreateDCW 77F2F8CF 5 Bytes JMP 100013C0 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\ctfmon.exe[1784] ole32.dll!CoCreateInstanceEx 77525FB1 5 Bytes JMP 100050E0 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\ctfmon.exe[1784] ole32.dll!CoGetClassObject 7753F356 5 Bytes JMP 10005260 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe[1812] ntdll.dll!NtClose 7C90D586 5 Bytes JMP 00375810 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe[1812] ntdll.dll!LdrUnloadDll 7C91718B 5 Bytes JMP 00375740 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe[1812] USER32.dll!EndTask 77D89C9D 5 Bytes JMP 003753D0 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe[1812] USER32.dll!mouse_event 77D96321 5 Bytes JMP 003716D0 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe[1812] USER32.dll!keybd_event 77D96365 5 Bytes JMP 00371550 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe[1812] GDI32.dll!BitBlt 77F16DC0 5 Bytes JMP 00371860 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe[1812] GDI32.dll!CreateDCA 77F1CE55 5 Bytes JMP 00371230 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe[1812] GDI32.dll!CreateDCW 77F2F8CF 5 Bytes JMP 003713C0 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe[1812] ole32.dll!CoCreateInstanceEx 77525FB1 5 Bytes JMP 003750E0 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe[1812] ole32.dll!CoGetClassObject 7753F356 5 Bytes JMP 00375260 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Java\jre6\bin\jqs.exe[1924] ntdll.dll!NtClose 7C90D586 5 Bytes JMP 10005810 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Java\jre6\bin\jqs.exe[1924] ntdll.dll!LdrUnloadDll 7C91718B 5 Bytes JMP 10005740 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Java\jre6\bin\jqs.exe[1924] ole32.dll!CoCreateInstanceEx 77525FB1 5 Bytes JMP 100050E0 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Java\jre6\bin\jqs.exe[1924] ole32.dll!CoGetClassObject 7753F356 5 Bytes JMP 10005260 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Java\jre6\bin\jqs.exe[1924] GDI32.dll!BitBlt 77F16DC0 5 Bytes JMP 10001860 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Java\jre6\bin\jqs.exe[1924] GDI32.dll!CreateDCA 77F1CE55 5 Bytes JMP 10001230 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Java\jre6\bin\jqs.exe[1924] GDI32.dll!CreateDCW 77F2F8CF 5 Bytes JMP 100013C0 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Java\jre6\bin\jqs.exe[1924] USER32.dll!EndTask 77D89C9D 5 Bytes JMP 100053D0 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Java\jre6\bin\jqs.exe[1924] USER32.dll!mouse_event 77D96321 5 Bytes JMP 100016D0 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Java\jre6\bin\jqs.exe[1924] USER32.dll!keybd_event 77D96365 5 Bytes JMP 10001550 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Mozilla Firefox\firefox.exe[2060] ntdll.dll!NtClose 7C90D586 5 Bytes JMP 10005810 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Mozilla Firefox\firefox.exe[2060] ntdll.dll!LdrUnloadDll 7C91718B 5 Bytes JMP 10005740 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Mozilla Firefox\firefox.exe[2060] USER32.dll!EndTask 77D89C9D 5 Bytes JMP 100053D0 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Mozilla Firefox\firefox.exe[2060] USER32.dll!mouse_event 77D96321 5 Bytes JMP 100016D0 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Mozilla Firefox\firefox.exe[2060] USER32.dll!keybd_event 77D96365 5 Bytes JMP 10001550 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Mozilla Firefox\firefox.exe[2060] GDI32.dll!BitBlt 77F16DC0 5 Bytes JMP 10001860 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Mozilla Firefox\firefox.exe[2060] GDI32.dll!CreateDCA 77F1CE55 5 Bytes JMP 10001230 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Mozilla Firefox\firefox.exe[2060] GDI32.dll!CreateDCW 77F2F8CF 5 Bytes JMP 100013C0 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Mozilla Firefox\firefox.exe[2060] ole32.dll!CoCreateInstanceEx 77525FB1 5 Bytes JMP 100050E0 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Mozilla Firefox\firefox.exe[2060] ole32.dll!CoGetClassObject 7753F356 5 Bytes JMP 10005260 C:\WINDOWS\system32\guard32.dll
.text C:\Documents and Settings\Andy\Desktop\gmer\gmer.exe[2364] ntdll.dll!LdrUnloadDll 7C91718B 5 Bytes JMP 10005740 C:\WINDOWS\system32\guard32.dll
.text C:\Documents and Settings\Andy\Desktop\gmer\gmer.exe[2364] USER32.DLL!EndTask 77D89C9D 5 Bytes JMP 100053D0 C:\WINDOWS\system32\guard32.dll
.text C:\Documents and Settings\Andy\Desktop\gmer\gmer.exe[2364] USER32.DLL!mouse_event 77D96321 5 Bytes JMP 100016D0 C:\WINDOWS\system32\guard32.dll
.text C:\Documents and Settings\Andy\Desktop\gmer\gmer.exe[2364] USER32.DLL!keybd_event 77D96365 5 Bytes JMP 10001550 C:\WINDOWS\system32\guard32.dll
.text C:\Documents and Settings\Andy\Desktop\gmer\gmer.exe[2364] GDI32.dll!BitBlt 77F16DC0 5 Bytes JMP 10001860 C:\WINDOWS\system32\guard32.dll
.text C:\Documents and Settings\Andy\Desktop\gmer\gmer.exe[2364] GDI32.dll!CreateDCA 77F1CE55 5 Bytes JMP 10001230 C:\WINDOWS\system32\guard32.dll
.text C:\Documents and Settings\Andy\Desktop\gmer\gmer.exe[2364] GDI32.dll!CreateDCW 77F2F8CF 5 Bytes JMP 100013C0 C:\WINDOWS\system32\guard32.dll
.text C:\Documents and Settings\Andy\Desktop\gmer\gmer.exe[2364] ole32.dll!CoCreateInstanceEx 77525FB1 5 Bytes JMP 100050E0 C:\WINDOWS\system32\guard32.dll
.text C:\Documents and Settings\Andy\Desktop\gmer\gmer.exe[2364] ole32.dll!CoGetClassObject 7753F356 5 Bytes JMP 10005260 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\wuauclt.exe[2380] ntdll.dll!NtClose 7C90D586 5 Bytes JMP 10005810 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\wuauclt.exe[2380] ntdll.dll!LdrUnloadDll 7C91718B 5 Bytes JMP 10005740 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\wuauclt.exe[2380] USER32.dll!EndTask 77D89C9D 5 Bytes JMP 100053D0 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\wuauclt.exe[2380] USER32.dll!mouse_event 77D96321 5 Bytes JMP 100016D0 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\wuauclt.exe[2380] USER32.dll!keybd_event 77D96365 5 Bytes JMP 10001550 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\wuauclt.exe[2380] GDI32.dll!BitBlt 77F16DC0 5 Bytes JMP 10001860 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\wuauclt.exe[2380] GDI32.dll!CreateDCA 77F1CE55 5 Bytes JMP 10001230 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\wuauclt.exe[2380] GDI32.dll!CreateDCW 77F2F8CF 5 Bytes JMP 100013C0 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\wuauclt.exe[2380] ole32.dll!CoCreateInstanceEx 77525FB1 5 Bytes JMP 100050E0 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\wuauclt.exe[2380] ole32.dll!CoGetClassObject 7753F356 5 Bytes JMP 10005260 C:\WINDOWS\system32\guard32.dll

---- Kernel IAT/EAT - GMER 1.0.14 ----

IAT \WINDOWS\System32\Drivers\SPTDDRV1.SYS[ntoskrnl.exe!IoConnectInterrupt] [F7757718] sptd.sys
IAT \WINDOWS\System32\Drivers\SPTDDRV1.SYS[ntoskrnl.exe!IofCompleteRequest] [F776C656] sptd.sys
IAT pci.sys[ntoskrnl.exe!IoDetachDevice] [F77576C4] sptd.sys
IAT pci.sys[ntoskrnl.exe!IoAttachDeviceToDeviceStack] [F776D394] sptd.sys
IAT atapi.sys[ntoskrnl.exe!IoConnectInterrupt] [F7757718] sptd.sys
IAT atapi.sys[HAL.dll!READ_PORT_UCHAR] [F7747AB6] sptd.sys
IAT atapi.sys[HAL.dll!READ_PORT_BUFFER_USHORT] [F7747BEE] sptd.sys
IAT atapi.sys[HAL.dll!READ_PORT_USHORT] [F7747B76] sptd.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_BUFFER_USHORT] [F774871C] sptd.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_UCHAR] [F77485F2] sptd.sys
IAT disk.sys[ntoskrnl.exe!IoAttachDeviceToDeviceStack] [F776D4E8] sptd.sys
IAT \SystemRoot\system32\DRIVERS\cdrom.sys[ntoskrnl.exe!IoAttachDeviceToDeviceStack] [F776D4E8] sptd.sys
IAT \SystemRoot\system32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR] [F776C7AE] sptd.sys
IAT \SystemRoot\system32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisCloseAdapter] [F7598710] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\system32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisOpenAdapter] [F7598770] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\system32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisDeregisterProtocol] [F7598990] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\system32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisRegisterProtocol] [F7598950] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisRegisterProtocol] [F7598950] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisOpenAdapter] [F7598770] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisCloseAdapter] [F7598710] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisDeregisterProtocol] [F7598990] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\system32\DRIVERS\psched.sys[NDIS.SYS!NdisDeregisterProtocol] [F7598990] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\system32\DRIVERS\psched.sys[NDIS.SYS!NdisRegisterProtocol] [F7598950] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\system32\DRIVERS\psched.sys[NDIS.SYS!NdisOpenAdapter] [F7598770] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\system32\DRIVERS\psched.sys[NDIS.SYS!NdisCloseAdapter] [F7598710] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisRegisterProtocol] [F7598950] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisCloseAdapter] [F7598710] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisOpenAdapter] [F7598770] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisDeregisterProtocol] [F7598990] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\system32\DRIVERS\tcpip.sys[NDIS.SYS!NdisCloseAdapter] [F7598710] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\system32\DRIVERS\tcpip.sys[NDIS.SYS!NdisRegisterProtocol] [F7598950] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\system32\DRIVERS\tcpip.sys[NDIS.SYS!NdisOpenAdapter] [F7598770] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisDeregisterProtocol] [F7598990] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisRegisterProtocol] [F7598950] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisOpenAdapter] [F7598770] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisCloseAdapter] [F7598710] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisRegisterProtocol] [F7598950] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisDeregisterProtocol] [F7598990] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisCloseAdapter] [F7598710] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisOpenAdapter] [F7598770] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)

---- Devices - GMER 1.0.14 ----

Device \FileSystem\Ntfs \Ntfs 867781D8
Device \FileSystem\Udfs \UdfsCdRom 86568990
Device \FileSystem\Udfs \UdfsDisk 86568990

AttachedDevice \Driver\Tcpip \Device\Ip cmdhlp.sys (COMODO Internet Security Helper Driver/COMODO)

Device \Driver\usbohci \Device\USBPDO-0 8658F1D8
Device \Driver\dmio \Device\DmControl\DmIoDaemon 8677C1D8
Device \Driver\dmio \Device\DmControl\DmConfig 8677C1D8
Device \Driver\dmio \Device\DmControl\DmPnP 8677C1D8
Device \Driver\dmio \Device\DmControl\DmInfo 8677C1D8
Device \Driver\usbohci \Device\USBPDO-1 8658F1D8
Device \Driver\usbehci \Device\USBPDO-2 865991D8
Device \Driver\00000040 \Device\00000047 sptd.sys
Device \Driver\NetBT \Device\NetBT_Tcpip_{1594793C-A9D9-4254-A96C-BBE67072DF96} 85DF2990

AttachedDevice \Driver\Tcpip \Device\Tcp cmdhlp.sys (COMODO Internet Security Helper Driver/COMODO)

Device \Driver\Ftdisk \Device\HarddiskVolume1 8677D1D8
Device \Driver\Ftdisk \Device\HarddiskVolume2 8677D1D8
Device \Driver\Cdrom \Device\CdRom0 865335A8
Device \Driver\Cdrom \Device\CdRom1 865335A8
Device \Driver\Cdrom \Device\CdRom2 865335A8
Device \Driver\NetBT \Device\NetBt_Wins_Export 85DF2990
Device \Driver\NetBT \Device\NetbiosSmb 85DF2990

AttachedDevice \Driver\Tcpip \Device\Udp cmdhlp.sys (COMODO Internet Security Helper Driver/COMODO)
AttachedDevice \Driver\Tcpip \Device\RawIp cmdhlp.sys (COMODO Internet Security Helper Driver/COMODO)

Device \Driver\usbohci \Device\USBFDO-0 8658F1D8
Device \Driver\usbohci \Device\USBFDO-1 8658F1D8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver 85DD91D8
Device \Driver\usbehci \Device\USBFDO-2 865991D8
Device \FileSystem\MRxSmb \Device\LanmanRedirector 85DD91D8
Device \Driver\Ftdisk \Device\FtControl 8677D1D8
Device \Driver\agbyvv30 \Device\Scsi\agbyvv301Port1Path0Target0Lun0 864966B8
Device \Driver\agbyvv30 \Device\Scsi\agbyvv301 864966B8
Device \FileSystem\Cdfs \Cdfs 85A47990

---- Registry - GMER 1.0.14 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 1505737991
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 -1839055706
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x6A 0x9D 0x4B 0x9F ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x44 0xA2 0xBB 0x33 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0xA5 0xD6 0xAA 0xA4 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools\
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x6A 0x9D 0x4B 0x9F ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x44 0xA2 0xBB 0x33 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0xA5 0xD6 0xAA 0xA4 ...

---- EOF - GMER 1.0.14 ----

#9 extremeboy

extremeboy

  • Malware Response Team
  • 12,975 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:31 PM

Posted 13 December 2008 - 11:57 AM

Hello.

Despite the fact that you had the two files that were flagged as "backdoors", everything looks good to me, there aren't any signs of malicious activity anywhere, this is what kind of bothers me due to the fact you did have a backdoor. Before we call this one an all-cleaned, I would like you to do another online scan and remove a program that is probably related to that "backdoor" file.

Thank you once again for your reply.I have deleted the 2 infected files.Unfortunately,i had opened them for 4-5 times before i had found out that they were infected and i stopped using them.I was using an older version of the program and i thought it was safe,but it turned out not to be that safe.I see this backdoor thing is a serious problem and i hope i can get rid of it.Please feel free to recommend any programs and any solutions as i am willing to sell this pc soon and i don't want to sell it with infections on it.Here are the logs you requested:

Just by googling the file name I pretty much found the file. It's definatly a bad file since many scanners flags it.

I did some research on the file and it seems that file is related to the following program: "Call of Duty". I believe it is related to that file so please remove it by following the instructions below, if you know that it is a legitimate file for whatever reasons, please tell me then.

Removing Program using Add/Remove

Click "start" on the taskbar and then click on the "Control Panel" icon.
Please doubleclick the "Add or Remove Programs" icon
A list of programs installed will be "populated" this may take a bit of time.
If they exist, uninstall the following by clicking on the following entries and selecting "remove":

Call of Duty

Additional instructions can be found here if needed.

Just to on the safe side, I would like to see one more online scan.

F-Secure Online Scan

Please run F-Secure Online Scanner.
This scan is for Internet Explorer only.
  • It is suggested that you disable security programs and close any other windows during the scan. While your security is disabled, please refrain from surfing on other sites. Refer to this page if you are unsure how.
  • Go to F-Secure Online Scanner
  • Follow the instructions here for installation.
  • Accept the License Agreement.
  • Once the ActiveX installs, click Full System Scan
  • Once the download completes, the scan will begin automatically. The scan will take some time to finish, so please be patient.
  • When the scan completes, click the Automatic cleaning (recommended) button.
  • Click the Show Report button and copy the entire report in your next reply.
  • Be sure to re-enable any security programs.
Also does your security programs flag anything anymore? I know your Ad-Aware before flagged some files. Is there anything else it flags, if so please attach it here or give me a screenshot so I can take a look. You can also try scanning using your Comodo Internet security if you wish to.

For your next reply include the following:
-F-Secure online scan log
-Any of your security programs that flag anything
-Fresh OTViewIT log


With Regards,
Extremeboy
Note: Please do not PM me asking for help, instead please post it in the correct forum requesting for help. Help requests via the PM system will be ignored.

If I'm helping you and I don't reply within 48 hours please feel free to send me a PM.

The help you receive here is always free but if you wish to show your appreciation, you may wish to Posted Image.

#10 Andy8

Andy8
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:01:31 AM

Posted 14 December 2008 - 04:10 AM

Hello Extremeboy,

I see you asked me to uninstall my Call of Duty.Well,i have to say it is a sure application,it is a game developed by Activision and i am playing this game for more then 3 years.In 3 years,none of my antiviruses or scanners flagged any suspicious file in the game's folder.The only "problem" is that i am playing this game online and that is why i needed that minimizer which was infected,because it minimizes the game,so that i can answer to a person on the chat while i am still playing the game.If you think that this may be a virus,then i will uninstall the whole game.I did the F-secure online scan and here is the log:
Scanning Report
Sunday, December 14, 2008 10:16:57 - 10:45:43

Computer name: ANDY-65D25A1FE7
Scanning type: Scan system for malware, rootkits
Target: C:\ D:\
Result: 4 malware found
TrackingCookie.2o7 (spyware)

* System

TrackingCookie.Adinterax (spyware)

* System

TrackingCookie.Webtrends (spyware)

* System

TrackingCookie.Yieldmanager (spyware)

* System

Statistics
Scanned:

* Files: 20386
* System: 2512
* Not scanned: 9

Actions:

* Disinfected: 0
* Renamed: 0
* Deleted: 0
* None: 4
* Submitted: 0

Files not scanned:

* C:\HIBERFIL.SYS
* C:\PAGEFILE.SYS
* C:\WINDOWS\SYSTEM32\DRIVERS\SPTD.SYS
* C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT
* C:\WINDOWS\SYSTEM32\CONFIG\SAM
* C:\WINDOWS\SYSTEM32\CONFIG\SECURITY
* C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE
* C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM
* C:\DOCUMENTS AND SETTINGS\ANDY\LOCAL SETTINGS\TEMP\ETILQS_VEWMW4A2KCACSMBBKLD0

Options
Scanning engines:

* F-Secure USS: 2.40.0
* F-Secure Hydra: 2.8.8110, 2008-12-13
* F-Secure AVP: 7.0.171, 2008-12-13
* F-Secure Pegasus: 1.20.0, 2008-11-10
* F-Secure Blacklight: 2.4.1093

Scanning options:

* Scan defined files: COM EXE SYS OV? BIN SCR DLL SHS HTM HTML HTT VBS JS INF VXD DO? XL? RTF CPL WIZ HTA PP? PWZ P?T MSO PIF . ACM ASP AX CNV CSC DRV INI MDB MPD MPP MPT OBD OBT OCX PCI TLB TSP WBK WBT WPC WSH VWP WML BOO HLP TD0 TT6 MSG ASD JSE VBE WSC CHM EML PRC SHB LNK WSF {* PDF ZL? XML ZIP XXX ANI AVB BAT CMD JPG LSP MAP MHT MIF PHP POT SWF WMF NWS TAR
* Use Advanced heuristics

Copyright © 1998-2007 Product support |Send virus sample to F-Secure
F-Secure assumes no responsibility for material created or published by third parties that F-Secure World Wide Web pages have a link to. Unless you have clearly stated otherwise, by submitting material to any of our servers, for example by E-mail or via our F-Secure's CGI E-mail, you agree that the material you make available may be published in the F-Secure World Wide Pages or hard-copy publications. You will reach F-Secure public web site by clicking on underlined links. While doing this, your access will be logged to our private access statistics with your domain name.This information will not be given to any third party. You agree not to take action against us in relation to material that you submit. Unless you have clearly stated otherwise, by submitting material you warrant that F-Secure may incorporate any concepts described in it in the F-Secure products/publications without liability.


And now i have a huge problem,because Ad-aware found once again worm and trojan :thumbsup: here is the log:
Scan Results
Ad-Aware 2008 Free Edition
Log File Created on:2008-12-1410:58:51
Using Definitions File:C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\core.aawdef
Computer name:ANDY-65D25A1FE7
Name of user performing scan:SYSTEM
Name of user ordering scan:Andy
Scan completed successfully

System Information
File Version Information
Ad-Aware 2008 Settings
Extended Ad-Aware 2008 Settings
Database Information
Scan Statistics
Scan Detailed Statistics
Infections Found
Listing of running processes
System Information
Number of processors:1
Processor type:AMD Athlon™ XP 2500+
Memory Available:53%
Total Physical Memory:1073201152 Bytes
Available Physical Memory:566513664 Bytes
Total Page File Size:2581217280 Bytes
Available On Page File:2135269376 Bytes
Total Virtual Memory:2147352576 Bytes
Available Virtual Memory:1755258880 Bytes
OS:Microsoft Windows XP 5.1 (Build 2600)
[to top]
File Verion Information
File Version
CEAPI.dll 7,1,0,12
aawservice.exe 7,1,0,12
Ad-Aware.exe 7.1.0.11
[to top]
Ad-Aware 2008 Settings
Skipping files larger than:1048576 Bytes
Ignoring infections with lower TAI than:3
Safe Mode:False
[to top]
Extended Ad-Aware 2008 Settings
Unload malicious processes and modules
Unload Modules
Let Windows remove files at Start-Up
Deactivate Ad-Watch
Re-analyze Scan Result
Delete Restored Items
Write Protect System Files
Create Log file
Include basic settings
Include advanced settings
Include user and computer name
Environment information
Running processes
Running processes and modules
Include info about ignored objects in log file
[to top]
Database Info
Version number:143
Build Number:5
Build Date and Time:2008/12/1018:12:45
[to top]
Scan Statistics
Method:Full

Items Scanned:111147
Infections Detected:16
Infections Removed:0
Infections Quarantined:0
Infections Ignored:0
[to top]
Scan Detailed Statistics
Type Critical Total
Process Scan 0 0
Registry Scan 0 0
Registry PE Scan 0 0
Hosts Scan 0 0
File Scan 0 0
Folder Scan 0 0
LSP Scan 0 0
ADS Scan 0 0
Cookie Scan 10 10
File Hash Scan 3 3
[to top]
Infections Found
Family Id Name Category TAI
725 Tracking Cookie DataMiner 3
[408826] Browser: Internet Explorer Cookie: C:\Documents and Settings\Andy\Cookies\index.dat ads.pointroll.com PRID /
[408826] Browser: Internet Explorer Cookie: C:\Documents and Settings\Andy\Cookies\index.dat ads.pointroll.com PRimp /
[408826] Browser: Internet Explorer Cookie: C:\Documents and Settings\Andy\Cookies\index.dat ads.pointroll.com PRca /
[408826] Browser: Internet Explorer Cookie: C:\Documents and Settings\Andy\Cookies\index.dat ads.pointroll.com PRcp /
[408826] Browser: Internet Explorer Cookie: C:\Documents and Settings\Andy\Cookies\index.dat ads.pointroll.com PRpl /
[408826] Browser: Internet Explorer Cookie: C:\Documents and Settings\Andy\Cookies\index.dat ads.pointroll.com PRcr /
[408826] Browser: Internet Explorer Cookie: C:\Documents and Settings\Andy\Cookies\index.dat ads.pointroll.com PRpc /
[409095] Browser: Internet Explorer Cookie: C:\Documents and Settings\Andy\Cookies\index.dat ads.bridgetrack.com AdData /
[409095] Browser: Internet Explorer Cookie: C:\Documents and Settings\Andy\Cookies\index.dat ads.bridgetrack.com BTA /
[409095] Browser: Internet Explorer Cookie: C:\Documents and Settings\Andy\Cookies\index.dat ads.bridgetrack.com ASB86 /

5462 Win32.Worm.KdCrypt Worm 10
[408049] File: C:\SDFix\apps\cliptext.exe
[408049] File: C:\System Volume Information\_restore{38FE3CEA-0456-41C4-85D0-11C29D630D5D}\RP9\A0003295.exe

804 Win32.Backdoor.Delf Malware 10
[148574] File: C:\System Volume Information\_restore{38FE3CEA-0456-41C4-85D0-11C29D630D5D}\RP19\A0005187.exe

9999 MRU Object MRU Object 0
[1] MRU Path: C:\Documents and Settings\Andy\Recent Count: 49
[2] MRU Registry Key: S-1-5-21-57989841-2000478354-839522115-1003\Software\Microsoft\Search Assistant\ACMru\5603 Count: 1
[3] MRU Registry Key: S-1-5-21-57989841-2000478354-839522115-1003\Software\Microsoft\Internet Explorer\TypedURLs Count: 2


Quarantined Objects
Family Id Name Category TAI

Removed Objects
Family Id Name Category TAI
[to top]
Listing of Running Processes
C:\WINDOWS\SYSTEM32\SMSS.EXE
c:\windows\system32\smss.exe
c:\windows\system32\ntdll.dll
C:\WINDOWS\SYSTEM32\CSRSS.EXE
c:\windows\system32\csrss.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\csrsrv.dll
c:\windows\system32\basesrv.dll
c:\windows\system32\winsrv.dll
c:\windows\system32\user32.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\sxs.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
C:\WINDOWS\SYSTEM32\WINLOGON.EXE
c:\windows\system32\winlogon.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\authz.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\nddeapi.dll
c:\windows\system32\profmap.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\userenv.dll
c:\windows\system32\psapi.dll
c:\windows\system32\regapi.dll
c:\windows\system32\secur32.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\version.dll
c:\windows\system32\winsta.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\imagehlp.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\imm32.dll
c:\windows\system32\guard32.dll
c:\windows\system32\ole32.dll
c:\windows\system32\fltlib.dll
c:\windows\system32\msgina.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\odbc32.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
c:\windows\system32\odbcint.dll
c:\windows\system32\shsvcs.dll
c:\windows\system32\sfc.dll
c:\windows\system32\sfc_os.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\msctfime.ime
c:\windows\system32\winscard.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\winmm.dll
c:\windows\system32\cscdll.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\wlnotify.dll
c:\windows\system32\winspool.drv
c:\windows\system32\mpr.dll
c:\windows\system32\samlib.dll
c:\windows\system32\sxs.dll
c:\windows\system32\msv1_0.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\cscui.dll
c:\windows\system32\xpsp2res.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\wdmaud.drv
c:\windows\system32\msacm32.drv
c:\windows\system32\msacm32.dll
c:\windows\system32\midimap.dll
c:\windows\system32\comres.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\clbcatq.dll
C:\WINDOWS\SYSTEM32\SERVICES.EXE
c:\windows\system32\services.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\userenv.dll
c:\windows\system32\scesrv.dll
c:\windows\system32\authz.dll
c:\windows\system32\umpnpmgr.dll
c:\windows\system32\winsta.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\ncobjapi.dll
c:\windows\system32\msvcp60.dll
c:\windows\system32\shimeng.dll
c:\windows\apppatch\acgenral.dll
c:\windows\system32\winmm.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msacm32.dll
c:\windows\system32\version.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\imm32.dll
c:\windows\system32\guard32.dll
c:\windows\system32\fltlib.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\secur32.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\eventlog.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\psapi.dll
c:\windows\system32\wtsapi32.dll
C:\WINDOWS\SYSTEM32\LSASS.EXE
c:\windows\system32\lsass.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\lsasrv.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\secur32.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\samsrv.dll
c:\windows\system32\cryptdll.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\samlib.dll
c:\windows\system32\mpr.dll
c:\windows\system32\ntdsapi.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\shimeng.dll
c:\windows\apppatch\acgenral.dll
c:\windows\system32\winmm.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msacm32.dll
c:\windows\system32\version.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\userenv.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\imm32.dll
c:\windows\system32\guard32.dll
c:\windows\system32\fltlib.dll
c:\windows\system32\winsta.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\msprivs.dll
c:\windows\system32\kerberos.dll
c:\windows\system32\msv1_0.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\netlogon.dll
c:\windows\system32\w32time.dll
c:\windows\system32\msvcp60.dll
c:\windows\system32\schannel.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\wdigest.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\scecli.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\ipsecsvc.dll
c:\windows\system32\authz.dll
c:\windows\system32\oakley.dll
c:\windows\system32\winipsec.dll
c:\windows\system32\pstorsvc.dll
c:\windows\system32\psbase.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\hnetcfg.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\dssenh.dll
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
c:\windows\system32\svchost.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shimeng.dll
c:\windows\apppatch\acgenral.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\winmm.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msacm32.dll
c:\windows\system32\version.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\userenv.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\imm32.dll
c:\windows\system32\guard32.dll
c:\windows\system32\fltlib.dll
c:\windows\system32\winsta.dll
c:\windows\system32\netapi32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\samlib.dll
c:\windows\system32\rpcss.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\secur32.dll
c:\windows\system32\xpsp2res.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\msv1_0.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
c:\windows\system32\termsrv.dll
c:\windows\system32\icaapi.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\imagehlp.dll
c:\windows\system32\authz.dll
c:\windows\system32\mstlsapi.dll
c:\windows\system32\activeds.dll
c:\windows\system32\adsldpc.dll
c:\windows\system32\atl.dll
c:\windows\system32\regapi.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\svchost.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shimeng.dll
c:\windows\apppatch\acgenral.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\winmm.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msacm32.dll
c:\windows\system32\version.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\userenv.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\imm32.dll
c:\windows\system32\guard32.dll
c:\windows\system32\fltlib.dll
c:\windows\system32\winsta.dll
c:\windows\system32\netapi32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\rpcss.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\secur32.dll
c:\windows\system32\xpsp2res.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\hnetcfg.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winrnr.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\rasadhlp.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
c:\windows\system32\svchost.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shimeng.dll
c:\windows\apppatch\acgenral.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\winmm.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msacm32.dll
c:\windows\system32\version.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\userenv.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\imm32.dll
c:\windows\system32\guard32.dll
c:\windows\system32\fltlib.dll
c:\windows\system32\winsta.dll
c:\windows\system32\netapi32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\samlib.dll
c:\windows\system32\xpsp2res.dll
c:\windows\system32\shsvcs.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\secur32.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\hnetcfg.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\wzcsvc.dll
c:\windows\system32\rtutils.dll
c:\windows\system32\wmi.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\esent.dll
c:\windows\system32\atl.dll
c:\windows\system32\rastls.dll
c:\windows\system32\cryptui.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\imagehlp.dll
c:\windows\system32\wininet.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\mprapi.dll
c:\windows\system32\activeds.dll
c:\windows\system32\adsldpc.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\rasapi32.dll
c:\windows\system32\rasman.dll
c:\windows\system32\tapi32.dll
c:\windows\system32\schannel.dll
c:\windows\system32\winscard.dll
c:\windows\system32\raschap.dll
c:\windows\system32\msv1_0.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
c:\windows\system32\schedsvc.dll
c:\windows\system32\ntdsapi.dll
c:\windows\system32\msidle.dll
c:\windows\system32\audiosrv.dll
c:\windows\system32\wkssvc.dll
c:\windows\system32\cryptsvc.dll
c:\windows\system32\certcli.dll
c:\windows\pchealth\helpctr\binaries\pchsvc.dll
c:\windows\system32\es.dll
c:\windows\system32\ersvc.dll
c:\windows\system32\dmserver.dll
c:\windows\system32\srvsvc.dll
c:\windows\system32\netman.dll
c:\windows\system32\netshell.dll
c:\windows\system32\credui.dll
c:\windows\system32\wzcsapi.dll
c:\windows\system32\seclogon.dll
c:\windows\system32\browser.dll
c:\windows\system32\wuauserv.dll
c:\windows\system32\wbem\wmisvc.dll
c:\windows\system32\vssapi.dll
c:\windows\system32\wuaueng.dll
c:\windows\system32\advpack.dll
c:\windows\system32\shfolder.dll
c:\windows\system32\winspool.drv
c:\windows\system32\winhttp.dll
c:\windows\system32\cabinet.dll
c:\windows\system32\mspatcha.dll
c:\windows\system32\sfc.dll
c:\windows\system32\sfc_os.dll
c:\windows\system32\w32time.dll
c:\windows\system32\msvcp60.dll
c:\windows\system32\trkwks.dll
c:\windows\system32\srsvc.dll
c:\windows\system32\powrprof.dll
c:\windows\system32\sens.dll
c:\windows\system32\wscsvc.dll
c:\windows\system32\msi.dll
c:\windows\system32\ipnathlp.dll
c:\windows\system32\authz.dll
c:\windows\system32\wbem\wbemcomn.dll
c:\windows\system32\sxs.dll
c:\windows\system32\wbem\wbemcore.dll
c:\windows\system32\wbem\esscli.dll
c:\windows\system32\wbem\fastprox.dll
c:\windows\system32\wbem\wbemsvc.dll
c:\windows\system32\comsvcs.dll
c:\windows\system32\mtxclu.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\colbact.dll
c:\windows\system32\clusapi.dll
c:\windows\system32\resutils.dll
c:\windows\system32\wbem\wmiutils.dll
c:\windows\system32\wbem\repdrvfs.dll
c:\windows\system32\wbem\wmiprvsd.dll
c:\windows\system32\ncobjapi.dll
c:\windows\system32\wbem\wbemess.dll
c:\windows\system32\wbem\ncprov.dll
c:\windows\system32\upnp.dll
c:\windows\system32\ssdpapi.dll
c:\windows\system32\netcfgx.dll
c:\windows\system32\rasmans.dll
c:\windows\system32\winipsec.dll
c:\windows\system32\rasadhlp.dll
c:\windows\system32\tapisrv.dll
c:\windows\system32\psapi.dll
c:\windows\system32\rastapi.dll
c:\windows\system32\unimdm.tsp
c:\windows\system32\uniplat.dll
c:\windows\system32\kmddsp.tsp
c:\windows\system32\ndptsp.tsp
c:\windows\system32\ipconf.tsp
c:\windows\system32\h323.tsp
c:\windows\system32\hidphone.tsp
c:\windows\system32\hid.dll
c:\windows\system32\rasppp.dll
c:\windows\system32\ntlsapi.dll
c:\windows\system32\kerberos.dll
c:\windows\system32\cryptdll.dll
c:\windows\system32\rasdlg.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\wuapi.dll
c:\windows\system32\svchost.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shimeng.dll
c:\windows\apppatch\acgenral.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\winmm.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msacm32.dll
c:\windows\system32\version.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\userenv.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\imm32.dll
c:\windows\system32\guard32.dll
c:\windows\system32\fltlib.dll
c:\windows\system32\winsta.dll
c:\windows\system32\netapi32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\dnsrslvr.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\hnetcfg.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\svchost.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shimeng.dll
c:\windows\apppatch\acgenral.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\winmm.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msacm32.dll
c:\windows\system32\version.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\userenv.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\imm32.dll
c:\windows\system32\guard32.dll
c:\windows\system32\fltlib.dll
c:\windows\system32\winsta.dll
c:\windows\system32\netapi32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\samlib.dll
c:\windows\system32\xpsp2res.dll
c:\windows\system32\lmhsvc.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\webclnt.dll
c:\windows\system32\wininet.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\regsvc.dll
c:\windows\system32\ssdpsrv.dll
c:\windows\system32\hnetcfg.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\wshtcpip.dll
C:\PROGRAM FILES\LAVASOFT\AD-AWARE\AAWSERVICE.EXE
c:\program files\lavasoft\ad-aware\aawservice.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\program files\lavasoft\ad-aware\ceapi.dll
c:\windows\system32\wininet.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\program files\lavasoft\ad-aware\pkarchive85u.dll
c:\windows\system32\shell32.dll
c:\windows\system32\ole32.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\psapi.dll
c:\windows\system32\version.dll
c:\windows\system32\userenv.dll
c:\windows\system32\imm32.dll
c:\windows\system32\guard32.dll
c:\windows\system32\fltlib.dll
c:\windows\system32\winsta.dll
c:\windows\system32\netapi32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\winrnr.dll
c:\windows\system32\rasadhlp.dll
c:\windows\system32\hnetcfg.dll
c:\windows\system32\wshtcpip.dll
C:\WINDOWS\EXPLORER.EXE
c:\windows\explorer.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\shell32.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\browseui.dll
c:\windows\system32\shdocvw.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\cryptui.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\imagehlp.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\wininet.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\version.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\shimeng.dll
c:\windows\apppatch\acgenral.dll
c:\windows\system32\winmm.dll
c:\windows\system32\msacm32.dll
c:\windows\system32\userenv.dll
c:\windows\system32\imm32.dll
c:\windows\system32\guard32.dll
c:\windows\system32\fltlib.dll
c:\windows\system32\winsta.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\msctfime.ime
c:\windows\system32\apphelp.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
c:\windows\system32\cscui.dll
c:\windows\system32\cscdll.dll
c:\windows\system32\themeui.dll
c:\windows\system32\secur32.dll
c:\windows\system32\msimg32.dll
c:\windows\system32\xpsp2res.dll
c:\windows\system32\samlib.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\linkinfo.dll
c:\windows\system32\ntshrui.dll
c:\windows\system32\atl.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\psapi.dll
c:\windows\system32\netshell.dll
c:\windows\system32\rtutils.dll
c:\windows\system32\credui.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\mlang.dll
c:\windows\system32\msctf.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\stobject.dll
c:\windows\system32\batmeter.dll
c:\windows\system32\powrprof.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\wdmaud.drv
c:\windows\system32\msacm32.drv
c:\windows\system32\midimap.dll
c:\windows\system32\mpr.dll
c:\windows\system32\drprov.dll
c:\windows\system32\ntlanman.dll
c:\windows\system32\netui0.dll
c:\windows\system32\netui1.dll
c:\windows\system32\netrap.dll
c:\windows\system32\davclnt.dll
c:\windows\system32\wzcsapi.dll
c:\windows\system32\rasdlg.dll
c:\windows\system32\mprapi.dll
c:\windows\system32\activeds.dll
c:\windows\system32\adsldpc.dll
c:\windows\system32\rasapi32.dll
c:\windows\system32\rasman.dll
c:\windows\system32\tapi32.dll
c:\windows\system32\msv1_0.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\sxs.dll
c:\windows\system32\actxprxy.dll
C:\WINDOWS\SYSTEM32\SPOOLSV.EXE
c:\windows\system32\spoolsv.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\shimeng.dll
c:\windows\apppatch\acgenral.dll
c:\windows\system32\winmm.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msacm32.dll
c:\windows\system32\version.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\userenv.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\imm32.dll
c:\windows\system32\guard32.dll
c:\windows\system32\fltlib.dll
c:\windows\system32\winsta.dll
c:\windows\system32\netapi32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\spoolss.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\rasadhlp.dll
c:\windows\system32\localspl.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sfc_os.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\imagehlp.dll
c:\windows\system32\winspool.drv
c:\windows\system32\cnbjmon.dll
c:\windows\system32\pjlmon.dll
c:\windows\system32\tcpmon.dll
c:\windows\system32\usbmon.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\winrnr.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\win32spl.dll
c:\windows\system32\netrap.dll
c:\windows\system32\ntdsapi.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
c:\windows\system32\xpsp2res.dll
c:\windows\system32\inetpp.dll
C:\WINDOWS\SOUNDMAN.EXE
c:\windows\soundman.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shell32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\imm32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\msctfime.ime
c:\windows\system32\ole32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\imagehlp.dll
c:\windows\system32\msctf.dll
C:\WINDOWS\SYSTEM32\RUNDLL32.EXE
c:\windows\system32\rundll32.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\imagehlp.dll
c:\windows\system32\shimeng.dll
c:\windows\apppatch\acgenral.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msacm32.dll
c:\windows\system32\version.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\userenv.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\imm32.dll
c:\windows\system32\guard32.dll
c:\windows\system32\fltlib.dll
c:\windows\system32\winsta.dll
c:\windows\system32\netapi32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\nvmctray.dll
c:\windows\system32\nvapi.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\msctf.dll
c:\windows\system32\msctfime.ime
C:\PROGRAM FILES\JAVA\JRE6\BIN\JUSCHED.EXE
c:\program files\java\jre6\bin\jusched.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\wininet.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\ole32.dll
c:\windows\system32\shell32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\imm32.dll
c:\windows\system32\guard32.dll
c:\windows\system32\fltlib.dll
c:\windows\system32\winsta.dll
c:\windows\system32\netapi32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\secur32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\rasapi32.dll
c:\windows\system32\rasman.dll
c:\windows\system32\tapi32.dll
c:\windows\system32\rtutils.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\msv1_0.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\rasadhlp.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
c:\windows\system32\version.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\hnetcfg.dll
c:\windows\system32\wshtcpip.dll
C:\WINDOWS\SYSTEM32\CTFMON.EXE
c:\windows\system32\ctfmon.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\msutb.dll
c:\windows\system32\shimeng.dll
c:\windows\apppatch\acgenral.dll
c:\windows\system32\winmm.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msacm32.dll
c:\windows\system32\version.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\userenv.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\imm32.dll
c:\windows\system32\guard32.dll
c:\windows\system32\fltlib.dll
c:\windows\system32\winsta.dll
c:\windows\system32\netapi32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
c:\windows\system32\msctfime.ime
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
C:\PROGRAM FILES\COMODO\COMODO INTERNET SECURITY\CMDAGENT.EXE
c:\program files\comodo\comodo internet security\cmdagent.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shell32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\winmm.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\winsta.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\imagehlp.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\fltlib.dll
c:\program files\comodo\comodo internet security\framework.dll
c:\windows\system32\psapi.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\version.dll
c:\windows\system32\wininet.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\msvcp60.dll
c:\windows\system32\winspool.drv
c:\windows\system32\comdlg32.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\imm32.dll
c:\windows\system32\guard32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
c:\windows\system32\wbem\wbemprox.dll
c:\windows\system32\wbem\wbemcomn.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\xpsp2res.dll
c:\windows\system32\wbem\wbemsvc.dll
c:\windows\system32\wbem\fastprox.dll
c:\windows\system32\ntdsapi.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\secur32.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\userenv.dll
c:\windows\system32\cryptnet.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\sensapi.dll
c:\windows\system32\cabinet.dll
C:\PROGRAM FILES\JAVA\JRE6\BIN\JQS.EXE
c:\program files\java\jre6\bin\jqs.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\ole32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\program files\java\jre6\bin\msvcr71.dll
c:\windows\system32\imm32.dll
c:\windows\system32\guard32.dll
c:\windows\system32\fltlib.dll
c:\windows\system32\winsta.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\psapi.dll
c:\windows\system32\pdh.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\comdlg32.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\shell32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\odbc32.dll
c:\windows\system32\odbcbcp.dll
c:\windows\system32\version.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
c:\windows\system32\odbcint.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\hnetcfg.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\perfos.dll
c:\windows\system32\perfdisk.dll
C:\WINDOWS\SYSTEM32\NVSVC32.EXE
c:\windows\system32\nvsvc32.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\userenv.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\powrprof.dll
c:\windows\system32\imm32.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\winsta.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\oleaut32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
c:\windows\system32\nvapi.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\msctfime.ime
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\imagehlp.dll
c:\windows\system32\secur32.dll
c:\windows\system32\msv1_0.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\version.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\samlib.dll
C:\WINDOWS\SYSTEM32\PNKBSTRA.EXE
c:\windows\system32\pnkbstra.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\imagehlp.dll
c:\windows\system32\imm32.dll
c:\windows\system32\guard32.dll
c:\windows\system32\ole32.dll
c:\windows\system32\fltlib.dll
c:\windows\system32\winsta.dll
c:\windows\system32\netapi32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\hnetcfg.dll
c:\windows\system32\wshtcpip.dll
C:\WINDOWS\SYSTEM32\ALG.EXE
c:\windows\system32\alg.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\atl.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\shimeng.dll
c:\windows\apppatch\acgenral.dll
c:\windows\system32\winmm.dll
c:\windows\system32\msacm32.dll
c:\windows\system32\version.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\userenv.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\imm32.dll
c:\windows\system32\guard32.dll
c:\windows\system32\fltlib.dll
c:\windows\system32\winsta.dll
c:\windows\system32\netapi32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
c:\windows\system32\xpsp2res.dll
c:\windows\system32\hnetcfg.dll
c:\windows\system32\wshtcpip.dll
C:\WINDOWS\SYSTEM32\WSCNTFY.EXE
c:\windows\system32\wscntfy.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\shell32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\imm32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
c:\windows\system32\xpsp2res.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\msctf.dll
c:\windows\system32\msctfime.ime
c:\windows\system32\ole32.dll
C:\PROGRAM FILES\MOZILLA FIREFOX\FIREFOX.EXE
c:\program files\mozilla firefox\firefox.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\program files\mozilla firefox\xul.dll
c:\program files\mozilla firefox\sqlite3.dll
c:\program files\mozilla firefox\mozcrt19.dll
c:\windows\system32\msvcrt.dll
c:\program files\mozilla firefox\js3250.dll
c:\program files\mozilla firefox\nspr4.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\winmm.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\program files\mozilla firefox\smime3.dll
c:\program files\mozilla firefox\nss3.dll
c:\program files\mozilla firefox\nssutil3.dll
c:\program files\mozilla firefox\plc4.dll
c:\program files\mozilla firefox\plds4.dll
c:\program files\mozilla firefox\ssl3.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\version.dll
c:\windows\system32\winspool.drv
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msimg32.dll
c:\windows\system32\usp10.dll
c:\windows\system32\oleaut32.dll
c:\program files\mozilla firefox\xpcom.dll
c:\windows\system32\guard32.dll
c:\windows\system32\fltlib.dll
c:\windows\system32\winsta.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\msctf.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\msctfime.ime
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
c:\program files\mozilla firefox\components\browserdirprovider.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\hnetcfg.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\winrnr.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\xpsp2res.dll
c:\program files\mozilla firefox\softokn3.dll
c:\program files\mozilla firefox\nssdbm3.dll
c:\program files\mozilla firefox\freebl3.dll
c:\program files\mozilla firefox\nssckbi.dll
c:\program files\mozilla firefox\components\brwsrcmp.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\rasadhlp.dll
c:\windows\system32\shdocvw.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\cryptui.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\imagehlp.dll
c:\windows\system32\wininet.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\mlang.dll
c:\windows\system32\wdmaud.drv
c:\windows\system32\msacm32.drv
c:\windows\system32\msacm32.dll
c:\windows\system32\midimap.dll
c:\windows\system32\schannel.dll
c:\windows\system32\userenv.dll
c:\windows\system32\ddraw.dll
c:\windows\system32\dciman32.dll
C:\PROGRAM FILES\LAVASOFT\AD-AWARE\AD-AWARE.EXE
c:\program files\lavasoft\ad-aware\ad-aware.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\ole32.dll
c:\windows\system32\version.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\imm32.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\comdlg32.dll
c:\program files\lavasoft\ad-aware\lavalicense.dll
c:\windows\system32\wininet.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\winmm.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\msvcp60.dll
c:\windows\system32\shfolder.dll
c:\windows\system32\guard32.dll
c:\windows\system32\fltlib.dll
c:\windows\system32\winsta.dll
c:\windows\system32\netapi32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\msctf.dll
c:\windows\system32\msctfime.ime
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\olepro32.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\secur32.dll
c:\program files\lavasoft\ad-aware\lavamessage.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\samlib.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\rasapi32.dll
c:\windows\system32\rasman.dll
c:\windows\system32\tapi32.dll
c:\windows\system32\rtutils.dll
c:\windows\system32\sensapi.dll
c:\windows\system32\msv1_0.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\rasadhlp.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\hnetcfg.dll
c:\windows\system32\wshtcpip.dll
C:\PROGRAM FILES\COMODO\COMODO INTERNET SECURITY\CFP.EXE
c:\program files\comodo\comodo internet security\cfp.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\comdlg32.dll
c:\windows\system32\shlwapi.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
c:\windows\system32\shell32.dll
c:\windows\system32\winspool.drv
c:\windows\system32\oledlg.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\winsta.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\fltlib.dll
c:\windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.2600.2180_x-ww_522f9f82\gdiplus.dll
c:\windows\system32\version.dll
c:\windows\system32\imagehlp.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\psapi.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\mpr.dll
c:\windows\system32\wininet.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\winmm.dll
c:\windows\system32\imm32.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
c:\windows\system32\riched32.dll
c:\windows\system32\riched20.dll
c:\program files\comodo\comodo internet security\themes\cfp.theme
c:\windows\system32\msctfime.ime
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\samlib.dll
c:\windows\system32\msimg32.dll
[to top]


And the 2 screenshots:
Posted Image
Posted Image

Posted Image
Posted Image

#11 Andy8

Andy8
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:01:31 AM

Posted 14 December 2008 - 04:13 AM

Once again,the post was too long and i had to post this second one with the OTViewIT log:
OTViewIt logfile created on: 12/14/2008 11:08:27 AM - Run 4
OTViewIt by OldTimer - Version 1.0.20.1 Folder = C:\Documents and Settings\Andy\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1023.48 Mb Total Physical Memory | 590.83 Mb Available Physical Memory | 57.73% Memory free
2.40 Gb Paging File | 2.03 Gb Available in Paging File | 84.39% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 8.69 Gb Total Space | 2.80 Gb Free Space | 32.20% Space Free | Partition Type: NTFS
Drive D: | 29.59 Gb Total Space | 21.89 Gb Free Space | 73.97% Space Free | Partition Type: NTFS
Drive E: | 3.94 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ANDY-65D25A1FE7
Current User Name: Andy
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Whitelist: On
File Age = 30 Days

========== Processes ==========

[2008/09/10 13:01:28 | 00,611,664 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
[2003/04/24 16:53:54 | 00,054,784 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE
[2004/08/04 14:00:00 | 00,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rundll32.exe
[2008/12/07 21:26:56 | 00,136,600 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
[2008/12/04 07:03:35 | 00,618,232 | ---- | M] () -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
[2008/12/07 21:26:55 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
[2008/05/16 14:01:00 | 00,159,812 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
[2008/12/01 15:01:29 | 00,066,872 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrA.exe
[2004/08/04 14:00:00 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe
[2008/10/31 22:55:59 | 00,307,712 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
[2008/12/04 07:03:36 | 01,797,880 | ---- | M] () -- C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
[2008/12/10 14:35:48 | 00,423,424 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Andy\Desktop\OTViewIt.exe

========== (O23) Win32 Services ==========

[2008/09/10 13:01:28 | 00,611,664 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe -- (aawservice [Auto | Running])
[2008/12/04 07:03:35 | 00,618,232 | ---- | M] () -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent [Auto | Running])
[2008/12/07 21:26:55 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running])
[2008/05/16 14:01:00 | 00,159,812 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc [Auto | Running])
[2008/12/01 15:01:29 | 00,066,872 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrA.exe -- (PnkBstrA [Auto | Running])

========== Driver Services ==========

[2003/04/24 23:48:02 | 00,730,092 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM [On_Demand | Running])
[2004/08/04 14:00:00 | 00,037,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\amdk7.sys -- (AmdK7 [System | Running])
[2004/11/05 04:17:52 | 00,334,816 | ---- | M] (Philips Semiconductors) -- C:\WINDOWS\system32\drivers\Cap7134.sys -- (Cap7134 [On_Demand | Running])
[2008/12/04 07:03:37 | 00,101,776 | ---- | M] (COMODO) -- C:\WINDOWS\system32\drivers\cmdguard.sys -- (cmdGuard [System | Running])
[2008/12/01 13:11:07 | 00,031,504 | ---- | M] (COMODO) -- C:\WINDOWS\system32\drivers\cmdhlp.sys -- (cmdHlp [System | Running])
[2008/05/29 12:33:10 | 00,027,672 | R--- | M] (EnTech Taiwan) -- C:\WINDOWS\system32\drivers\Entech.sys -- (ENTECH [On_Demand | Stopped])
[2003/10/10 12:06:40 | 00,004,134 | ---- | M] () -- C:\WINDOWS\system32\drivers\FlyPCI.sys -- (FlyPCI [On_Demand | Stopped])
[2004/08/04 01:08:22 | 00,010,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum [On_Demand | Running])
[2008/12/12 21:13:34 | 00,085,969 | ---- | M] (GMER) -- C:\WINDOWS\system32\drivers\gmer.sys -- (gmer [System | Running])
[2008/12/01 13:11:07 | 00,079,504 | ---- | M] (COMODO) -- C:\WINDOWS\system32\drivers\inspect.sys -- (Inspect [Boot | Running])
[2001/08/17 16:00:04 | 00,002,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401 [On_Demand | Running])
[2008/05/16 14:01:00 | 06,557,408 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv [On_Demand | Running])
[2004/06/03 10:40:46 | 00,079,360 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nvatabus.sys -- (nvatabus [Boot | Running])
[2004/05/25 15:58:02 | 00,048,640 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nvax.sys -- (nvax [On_Demand | Stopped])
[2004/01/29 01:45:50 | 00,093,764 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\NVENET.sys -- (NVENET [On_Demand | Running])
[2004/05/25 15:58:04 | 00,396,032 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nvapu.sys -- (nvnforce [On_Demand | Stopped])
[2004/04/02 15:40:00 | 00,021,760 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nv_agp.SYS -- (nv_agp [Boot | Running])
[2004/08/04 14:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink [On_Demand | Running])
[2004/08/04 14:00:00 | 00,027,440 | ---- | M] () -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv [On_Demand | Stopped])
[2008/12/10 17:20:19 | 00,611,064 | ---- | M] () -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd [Boot | Running])
[2004/08/04 14:00:00 | 00,012,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ws2ifsl.sys -- (WS2IFSL [Disabled | Stopped])

========== (R ) Internet Explorer ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main]
"Default_Page_URL"=http://go.microsoft.com/fwlink/?LinkId=69157
"Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896
"Default_Secondary_Page_URL"=
"Extensions Off Page"=about:NoAdd-ons
"Local Page"=%SystemRoot%\system32\blank.htm
"Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896
"Security Risk Page"=about:SecurityRisk
"Start Page"=http://go.microsoft.com/fwlink/?LinkId=69157

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search]
"CustomizeSearch"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
"SearchAssistant"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main]
"Local Page"=C:\WINDOWS\system32\blank.htm
"Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
"Start Page"=http://www.google.ro/

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main]

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main]

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main]

[HKEY_USERS\S-1-5-21-57989841-2000478354-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main]
"Local Page"=C:\WINDOWS\system32\blank.htm
"Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
"Start Page"=http://www.google.ro/

[HKEY_USERS\S-1-5-21-57989841-2000478354-839522115-1003\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-57989841-2000478354-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0

========== (O1) Hosts File ==========

HOSTS File = (686 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
First 25 entries...
127.0.0.1 localhost

========== (O2) BHO's ==========

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (HKLM) -- C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
{DBC80044-A445-435b-BC74-9C25C1C588A9} (HKLM) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
{E7E6F031-17CE-4C07-BC86-EABFE594F69C} (HKLM) -- C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)

========== (O4) Run Keys ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"COMODO Internet Security"="C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h ()
"DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 (DT Soft Ltd.)
"NvCplDaemon"=RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup (NVIDIA Corporation)
"NvMediaCenter"=RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit (NVIDIA Corporation)
"NVMixerTray"="C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe" (NVIDIA Corporation)
"nwiz"=nwiz.exe /install ()
"SoundMan"=SOUNDMAN.EXE (Realtek Semiconductor Corp.)
"SunJavaUpdateSched"="C:\Program Files\Java\jre6\bin\jusched.exe" (Sun Microsystems, Inc.)

========== (O4) Startup Folders ==========


========== (O6 & O7) Current Version Policies ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145

[HKEY_USERS\S-1-5-21-57989841-2000478354-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145

========== (O9) IE Extensions ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
{FB5F1910-F110-11d2-BB9E-00C04F795683}: Button: Messenger -- %ProgramFiles%\Messenger\msmsgs.exe [2004/08/04 01:06:34 | 01,667,584 | ---- | M] (Microsoft Corporation)
{FB5F1910-F110-11d2-BB9E-00C04F795683}: Menu: Windows Messenger -- %ProgramFiles%\Messenger\msmsgs.exe [2004/08/04 01:06:34 | 01,667,584 | ---- | M] (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2004/08/04 01:06:34 | 01,667,584 | ---- | M] (Microsoft Corporation)

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2004/08/04 01:06:34 | 01,667,584 | ---- | M] (Microsoft Corporation)

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2004/08/04 01:06:34 | 01,667,584 | ---- | M] (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-57989841-2000478354-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2004/08/04 01:06:34 | 01,667,584 | ---- | M] (Microsoft Corporation)

========== (O12) Internet Explorer Plugins ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\]
PluginsPage: "" = http://activex.microsoft.com/controls/find...=%s&mime=%s
PluginsPageFriendlyName: "" = Microsoft ActiveX Gallery

========== (O13) Default Prefixes ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix]
""=http://

========== (O15) Trusted Sites ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
1 domain(s) and sub-domain(s) not assigned to a zone.

========== (O16) DPF ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\]
{8AD9C840-044E-11D1-B3E9-00805F499D93}: http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab -- Java Plug-in 1.6.0_11
{BDBDE413-7B1C-4C68-A8FF-C5B2B4090876}: http://support.f-secure.com/ols/fscax.cab -- F-Secure Online Scanner 3.3
{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab -- Java Plug-in 1.6.0_11
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab -- Java Plug-in 1.6.0_11

========== (O17) DNS Name Servers ==========

{1594793C-A9D9-4254-A96C-BBE67072DF96} (Servers: | Description: NVIDIA nForce Networking Controller)
{94469ED7-F758-4CA1-B43D-3CE01B03E6C8} (Servers: | Description: )

========== (O20) AppInit_DLLs ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_Dlls"=C:\WINDOWS\system32\guard32.dll
>[2008/12/04 07:03:37 | 00,147,192 | ---- | M] () -- C:\WINDOWS\system32\guard32.dll

========== Safeboot Options ==========

"AlternateShell"=cmd.exe

========== CDRom AutoRun Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]
"AutoRun" = 1

========== Autorun Files on Drives ==========

AUTOEXEC.BAT []
[2008/12/01 12:24:48 | 00,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT -- [ NTFS ]

========== Files/Folders - Created Within 30 Days ==========

[1 C:\WINDOWS\System32\*.tmp files]
[3 C:\WINDOWS\*.tmp files]
[2008/12/14 10:15:39 | 00,000,000 | ---D | C] -- C:\fsaua.data
[2008/12/12 21:13:36 | 00,000,345 | ---- | C] () -- C:\WINDOWS\gmer.ini
[2008/12/12 21:13:34 | 00,884,736 | ---- | C] () -- C:\WINDOWS\gmer.dll
[2008/12/12 21:13:34 | 00,811,008 | ---- | C] () -- C:\WINDOWS\gmer.exe
[2008/12/12 21:13:34 | 00,085,969 | ---- | C] (GMER) -- C:\WINDOWS\System32\drivers\gmer.sys
[2008/12/12 21:13:34 | 00,000,080 | ---- | C] () -- C:\WINDOWS\gmer_uninstall.cmd
[2008/12/12 21:13:20 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Andy\Desktop\gmer
[2008/12/12 21:09:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Andy\Desktop\topic183980aaaa_files
[2008/12/12 21:09:35 | 00,320,482 | ---- | C] () -- C:\Documents and Settings\Andy\Desktop\topic183980aaaa.htm
[2008/12/12 21:08:50 | 00,747,873 | ---- | C] () -- C:\Documents and Settings\Andy\Desktop\gmer.zip
[2008/12/11 22:28:31 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Andy\Application Data\vlc
[2008/12/11 22:28:04 | 00,000,719 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\VLC media player.lnk
[2008/12/11 22:27:51 | 00,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2008/12/11 22:19:40 | 10,565,093 | ---- | C] () -- C:\Documents and Settings\Andy\My Documents\VLC Media Player 0.8.6a.exe
[2008/12/11 22:18:36 | 00,003,584 | ---- | C] () -- C:\Documents and Settings\Andy\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/12/11 21:50:17 | 89,980,928 | ---- | C] () -- C:\Documents and Settings\Andy\My Documents\Adi Prisecaru (macea).MPG
[2008/12/10 21:54:50 | 00,090,624 | ---- | C] () -- C:\Documents and Settings\Andy\My Documents\referat...sistemul muscular.doc
[2008/12/10 21:45:57 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Andy\Desktop\www.referat.ro-aditivi0947d
[2008/12/10 21:45:27 | 00,067,580 | ---- | C] () -- C:\Documents and Settings\Andy\Desktop\www.referat.ro-aditivi0947d.zip
[2008/12/10 21:24:44 | 00,004,134 | ---- | C] () -- C:\WINDOWS\System32\drivers\FlyPCI.sys
[2008/12/10 21:24:09 | 00,000,000 | ---D | C] -- C:\Program Files\FLY2000TV
[2008/12/10 21:23:57 | 00,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\MSTEE.sys
[2008/12/10 21:23:57 | 00,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstee.sys
[2008/12/10 21:23:54 | 00,010,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\NdisIP.sys
[2008/12/10 21:23:54 | 00,010,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndisip.sys
[2008/12/10 21:23:53 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipsink.ax
[2008/12/10 21:23:53 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipsink.ax
[2008/12/10 21:23:53 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\StreamIP.sys
[2008/12/10 21:23:53 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\streamip.sys
[2008/12/10 21:23:51 | 00,011,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\SLIP.sys
[2008/12/10 21:23:51 | 00,011,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\slip.sys
[2008/12/10 21:23:49 | 00,019,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\WSTCODEC.SYS
[2008/12/10 21:23:49 | 00,019,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wstcodec.sys
[2008/12/10 21:23:47 | 00,085,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\NABTSFEC.sys
[2008/12/10 21:23:47 | 00,085,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nabtsfec.sys
[2008/12/10 21:23:45 | 00,017,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\CCDECODE.sys
[2008/12/10 21:23:45 | 00,017,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ccdecode.sys
[2008/12/10 21:22:26 | 00,090,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kswdmcap.ax
[2008/12/10 21:22:26 | 00,090,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kswdmcap.ax
[2008/12/10 21:22:26 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kstvtune.ax
[2008/12/10 21:22:26 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kstvtune.ax
[2008/12/10 21:22:26 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vidcap.ax
[2008/12/10 21:22:26 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vidcap.ax
[2008/12/10 21:22:25 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vfwwdm32.dll
[2008/12/10 21:22:25 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vfwwdm32.dll
[2008/12/10 21:22:23 | 00,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksxbar.ax
[2008/12/10 21:22:23 | 00,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksxbar.ax
[2008/12/10 21:21:45 | 00,334,816 | ---- | C] (Philips Semiconductors) -- C:\WINDOWS\System32\drivers\Cap7134.sys
[2008/12/10 21:21:45 | 00,135,168 | ---- | C] (Philips Semiconductors) -- C:\WINDOWS\System32\34api.dll
[2008/12/10 21:21:45 | 00,114,688 | ---- | C] (Philips Semiconductors) -- C:\WINDOWS\System32\34com.dll
[2008/12/10 21:21:45 | 00,110,592 | ---- | C] (Philips Semiconductors) -- C:\WINDOWS\System32\prop7134.dll
[2008/12/10 21:21:44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Andy\Desktop\saa713x_2310
[2008/12/10 21:17:32 | 01,390,337 | ---- | C] () -- C:\Documents and Settings\Andy\Desktop\flysetup.exe
[2008/12/10 21:17:28 | 00,328,244 | ---- | C] () -- C:\Documents and Settings\Andy\Desktop\saa713x_2310.zip
[2008/12/10 17:21:44 | 00,000,698 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\DAEMON Tools.lnk
[2008/12/10 17:21:44 | 00,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools
[2008/12/10 17:20:19 | 00,611,064 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2008/12/10 17:15:09 | 01,530,776 | ---- | C] (DT Soft Ltd.) -- C:\Documents and Settings\Andy\My Documents\daemon406-x86.exe
[2008/12/10 14:42:57 | 00,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2008/12/10 14:42:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US
[2008/12/10 14:42:29 | 00,000,000 | -H-D | C] -- C:\WINDOWS\ie7
[2008/12/10 14:42:14 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
[2008/12/10 14:41:54 | 00,022,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spupdsvc.exe
[2008/12/10 14:41:53 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
[2008/12/10 14:41:16 | 00,014,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2008/12/10 14:41:12 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$
[2008/12/10 14:41:08 | 00,121,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xmllite.dll
[2008/12/10 14:40:29 | 15,452,536 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Andy\Desktop\IE7-WindowsXP-x86-enu.exe
[2008/12/10 14:35:47 | 00,423,424 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Andy\Desktop\OTViewIt.exe
[2008/12/07 21:32:32 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Futuremark
[2008/12/07 21:32:32 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Futuremark Shared
[2008/12/07 21:31:41 | 00,000,000 | ---D | C] -- C:\WINDOWS\Sun
[2008/12/07 21:26:52 | 00,000,000 | ---D | C] -- C:\Program Files\Java
[2008/12/07 21:26:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Andy\Application Data\Sun
[2008/12/07 21:20:10 | 00,151,954 | ---- | C] () -- C:\Documents and Settings\Andy\Desktop\614-94490-danciulescu.jpg
[2008/12/07 21:17:02 | 00,163,946 | ---- | C] () -- C:\Documents and Settings\Andy\My Documents\RRomina.JPG
[2008/12/07 21:16:58 | 00,109,033 | ---- | C] () -- C:\Documents and Settings\Andy\My Documents\RRomina 4.JPG
[2008/12/07 21:16:54 | 00,105,703 | ---- | C] () -- C:\Documents and Settings\Andy\My Documents\RRomina 3.JPG
[2008/12/07 21:16:49 | 00,118,002 | ---- | C] () -- C:\Documents and Settings\Andy\My Documents\RRomina 2.JPG
[2008/12/07 00:01:52 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Andy\Desktop\coduo_mappack
[2008/12/06 23:52:53 | 39,240,452 | ---- | C] () -- C:\Documents and Settings\Andy\Desktop\coduo_mappack.zip
[2008/12/06 22:53:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Andy\My Documents\cod minimizer
[2008/12/06 22:53:25 | 00,239,320 | ---- | C] () -- C:\Documents and Settings\Andy\My Documents\cod minimizer.rar
[2008/12/06 13:36:47 | 00,120,917 | ---- | C] () -- C:\Documents and Settings\Andy\My Documents\cod.JPG
[2008/12/04 22:41:32 | 00,218,777 | ---- | C] () -- C:\Documents and Settings\Andy\My Documents\untitled.JPG
[2008/12/04 22:03:41 | 00,088,773 | ---- | C] () -- C:\Documents and Settings\Andy\My Documents\latina 002.jpg
[2008/12/04 22:03:39 | 00,098,566 | ---- | C] () -- C:\Documents and Settings\Andy\My Documents\latina 001.jpg
[2008/12/04 14:09:48 | 00,000,000 | ---D | C] -- C:\rsit
[2008/12/04 14:09:48 | 00,000,000 | ---D | C] -- C:\Program Files\trend micro
[2008/12/04 14:08:58 | 00,305,705 | ---- | C] () -- C:\Documents and Settings\Andy\Desktop\RSIT.exe
[2008/12/03 20:03:58 | 00,245,681 | ---- | C] () -- C:\Documents and Settings\Andy\My Documents\Call Of Duty 4(128x160)-64970.jar
[2008/12/03 07:20:42 | 10,732,70784 | -HS- | C] () -- C:\hiberfil.sys
[2008/12/03 07:17:56 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2008/12/03 07:13:13 | 00,000,000 | ---D | C] -- C:\SDFix
[2008/12/03 07:12:54 | 01,529,241 | ---- | C] () -- C:\Documents and Settings\Andy\Desktop\SDFix.exe
[2008/12/03 07:11:42 | 00,049,208 | ---- | C] () -- C:\Documents and Settings\Andy\Desktop\topic131299.html
[2008/12/03 07:11:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Andy\Desktop\topic131299_files
[2008/12/02 22:57:48 | 00,000,000 | ---D | C] -- C:\Program Files\HD Tune Pro
[2008/12/02 22:57:32 | 01,138,609 | ---- | C] (EFD Software ) -- C:\Documents and Settings\Andy\Desktop\hdtunepro_310_trial.exe
[2008/12/02 15:32:33 | 00,023,980 | ---- | C] () -- C:\Documents and Settings\Andy\Desktop\1227515655-Revolver.zip
[2008/12/02 07:08:12 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Andy\Application Data\Malwarebytes
[2008/12/02 07:08:10 | 00,015,504 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2008/12/02 07:08:07 | 00,038,496 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2008/12/02 07:08:06 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2008/12/02 07:08:06 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2008/12/02 07:07:47 | 02,372,472 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Andy\Desktop\mbam-setup.exe
[2008/12/01 22:53:14 | 00,000,031 | ---- | C] () -- C:\Documents and Settings\Andy\Desktop\coduo_minimizer.ini
[2008/12/01 22:04:07 | 30,718,383 | ---- | C] () -- C:\Documents and Settings\Andy\My Documents\adrian prisecaru.wmv
[2008/12/01 17:09:05 | 00,012,328 | ---- | C] () -- C:\Documents and Settings\Andy\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2008/12/01 15:07:58 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Andy\Application Data\Xfire
[2008/12/01 15:07:54 | 00,000,000 | ---D | C] -- C:\Program Files\Xfire
[2008/12/01 15:07:14 | 05,736,952 | ---- | C] () -- C:\Documents and Settings\Andy\Desktop\xfire_installer_35044.exe
[2008/12/01 15:07:02 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Andy\Application Data\teamspeak2
[2008/12/01 15:06:57 | 00,034,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\lhacm.acm
[2008/12/01 15:06:53 | 00,000,665 | ---- | C] () -- C:\Documents and Settings\Andy\Desktop\Teamspeak 2 RC2.lnk
[2008/12/01 15:06:45 | 00,000,000 | ---D | C] -- C:\Program Files\Teamspeak2_RC2
[2008/12/01 15:06:19 | 05,862,994 | ---- | C] () -- C:\Documents and Settings\Andy\Desktop\ts2_client_rc2_2032.exe
[2008/12/01 15:02:04 | 00,022,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2008/12/01 15:01:41 | 00,107,832 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2008/12/01 15:01:29 | 00,066,872 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2008/12/01 15:01:29 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles
[2008/12/01 14:56:26 | 00,278,528 | ---- | C] (By UberGames) -- C:\Documents and Settings\Andy\My Documents\Q3E Minimizer_v1.51.exe
[2008/12/01 14:47:09 | 00,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2008/12/01 14:46:38 | 00,944,797 | ---- | C] () -- C:\Documents and Settings\Andy\Desktop\wrar300.exe
[2008/12/01 14:45:28 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Andy\Desktop\q3eminimizerv130
[2008/12/01 14:45:10 | 00,151,679 | ---- | C] () -- C:\Documents and Settings\Andy\Desktop\q3eminimizerv130.zip
[2008/12/01 14:32:44 | 00,000,319 | ---- | C] () -- C:\WINDOWS\CoDUO.INI
[2008/12/01 14:21:39 | 00,000,709 | ---- | C] () -- C:\WINDOWS\CoD.INI
[2008/12/01 14:17:10 | 00,006,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\splitter.sys
[2008/12/01 14:17:09 | 00,002,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmkaud.sys
[2008/12/01 14:17:07 | 00,142,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\aec.sys
[2008/12/01 14:17:03 | 00,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\swmidi.sys
[2008/12/01 14:17:01 | 00,004,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\MSPQM.sys
[2008/12/01 14:16:59 | 00,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\wdmaud.sys
[2008/12/01 14:16:57 | 00,052,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\DMusic.sys
[2008/12/01 14:16:56 | 00,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\MSKSSRV.sys
[2008/12/01 14:16:54 | 00,171,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\kmixer.sys
[2008/12/01 14:16:52 | 00,060,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sysaudio.sys
[2008/12/01 14:16:50 | 00,005,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\MSPCLOCK.sys
[2008/12/01 14:16:46 | 00,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\audstub.sys
[2008/12/01 14:16:14 | 00,057,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\redbook.sys
[2008/12/01 14:15:39 | 00,002,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\msmpu401.sys
[2008/12/01 14:15:38 | 00,145,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\portcls.sys
[2008/12/01 14:15:38 | 00,145,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\portcls.sys
[2008/12/01 14:15:38 | 00,130,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksproxy.ax
[2008/12/01 14:15:38 | 00,130,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksproxy.ax
[2008/12/01 14:15:38 | 00,060,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmk.sys
[2008/12/01 14:15:38 | 00,060,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmk.sys
[2008/12/01 14:15:38 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksuser.dll
[2008/12/01 14:15:38 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksuser.dll
[2008/12/01 14:15:36 | 00,010,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\gameenum.sys
[2008/12/01 14:15:20 | 00,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\usbui.dll
[2008/12/01 14:14:10 | 00,001,393 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2008/12/01 14:14:07 | 00,356,120 | ---- | C] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2008/12/01 14:14:07 | 00,000,000 | -HSD | C] -- C:\WINDOWS\Installer
[2008/12/01 14:14:06 | 00,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008/12/01 14:14:06 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC
[2008/12/01 14:14:05 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spcommon.dll
[2008/12/01 14:14:05 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spcplui.dll
[2008/12/01 14:14:04 | 01,685,606 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.spd
[2008/12/01 14:14:04 | 00,774,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spttseng.dll
[2008/12/01 14:14:04 | 00,000,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.sdf
[2008/12/01 14:14:03 | 00,643,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa
[2008/12/01 14:14:03 | 00,605,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa
[2008/12/01 14:14:03 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapisvr.exe
[2008/12/01 14:14:03 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeechEngines
[2008/12/01 14:14:02 | 00,741,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapi.dll
[2008/12/01 14:14:02 | 00,155,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapi.cpl
[2008/12/01 14:14:02 | 00,000,000 | R--D | C] -- C:\Program Files
[2008/12/01 14:14:02 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Shared
[2008/12/01 14:14:02 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files
[2008/12/01 14:14:01 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt041f.dll
[2008/12/01 14:13:59 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdazel.dll
[2008/12/01 14:13:59 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdazel.dll
[2008/12/01 14:13:58 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0419.dll
[2008/12/01 14:13:58 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuq.dll
[2008/12/01 14:13:58 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuf.dll
[2008/12/01 14:13:58 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtuq.dll
[2008/12/01 14:13:58 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtuf.dll
[2008/12/01 14:13:56 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmon.dll
[2008/12/01 14:13:56 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkyr.dll
[2008/12/01 14:13:56 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdmon.dll
[2008/12/01 14:13:56 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkyr.dll
[2008/12/01 14:13:55 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycc.dll
[2008/12/01 14:13:55 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbduzb.dll
[2008/12/01 14:13:55 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdur.dll
[2008/12/01 14:13:55 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtat.dll
[2008/12/01 14:13:55 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru1.dll
[2008/12/01 14:13:55 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru.dll
[2008/12/01 14:13:55 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkaz.dll
[2008/12/01 14:13:55 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbu.dll
[2008/12/01 14:13:55 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdblr.dll
[2008/12/01 14:13:55 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdaze.dll
[2008/12/01 14:13:55 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdycc.dll
[2008/12/01 14:13:55 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbduzb.dll
[2008/12/01 14:13:55 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdur.dll
[2008/12/01 14:13:55 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtat.dll
[2008/12/01 14:13:55 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdru1.dll
[2008/12/01 14:13:55 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdru.dll
[2008/12/01 14:13:55 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkaz.dll
[2008/12/01 14:13:55 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdbu.dll
[2008/12/01 14:13:55 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdblr.dll
[2008/12/01 14:13:55 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdaze.dll
[2008/12/01 14:13:54 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0408.dll
[2008/12/01 14:13:52 | 00,008,192 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhept.dll
[2008/12/01 14:13:52 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhept.dll
[2008/12/01 14:13:52 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela3.dll
[2008/12/01 14:13:52 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhela3.dll
[2008/12/01 14:13:52 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela2.dll
[2008/12/01 14:13:52 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdgkl.dll
[2008/12/01 14:13:52 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhela2.dll
[2008/12/01 14:13:52 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgkl.dll
[2008/12/01 14:13:52 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe319.dll
[2008/12/01 14:13:52 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe220.dll
[2008/12/01 14:13:52 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe.dll
[2008/12/01 14:13:52 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe319.dll
[2008/12/01 14:13:52 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe220.dll
[2008/12/01 14:13:52 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe.dll
[2008/12/01 14:13:49 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv1.dll
[2008/12/01 14:13:49 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv.dll
[2008/12/01 14:13:49 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdest.dll
[2008/12/01 14:13:49 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlv1.dll
[2008/12/01 14:13:49 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlv.dll
[2008/12/01 14:13:49 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdest.dll
[2008/12/01 14:13:49 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt1.dll
[2008/12/01 14:13:49 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt.dll
[2008/12/01 14:13:49 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlt1.dll
[2008/12/01 14:13:49 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlt.dll
[2008/12/01 14:13:48 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt040e.dll
[2008/12/01 14:13:48 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0415.dll
[2008/12/01 14:13:48 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0405.dll
[2008/12/01 14:13:46 | 00,007,168 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz.dll
[2008/12/01 14:13:46 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz.dll
[2008/12/01 14:13:46 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl1.dll
[2008/12/01 14:13:46 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl.dll
[2008/12/01 14:13:46 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpl.dll
[2008/12/01 14:13:46 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu.dll
[2008/12/01 14:13:46 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz2.dll
[2008/12/01 14:13:46 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz1.dll
[2008/12/01 14:13:46 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsl1.dll
[2008/12/01 14:13:46 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsl.dll
[2008/12/01 14:13:46 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdpl.dll
[2008/12/01 14:13:46 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhu.dll
[2008/12/01 14:13:46 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz2.dll
[2008/12/01 14:13:46 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz1.dll
[2008/12/01 14:13:46 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdro.dll
[2008/12/01 14:13:46 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpl1.dll
[2008/12/01 14:13:46 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu1.dll
[2008/12/01 14:13:46 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdro.dll
[2008/12/01 14:13:46 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdpl1.dll
[2008/12/01 14:13:46 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhu1.dll
[2008/12/01 14:13:45 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycl.dll
[2008/12/01 14:13:45 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcr.dll
[2008/12/01 14:13:45 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\KBDAL.DLL
[2008/12/01 14:13:45 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdycl.dll
[2008/12/01 14:13:45 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcr.dll
[2008/12/01 14:13:45 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdal.dll
[2008/12/01 14:13:43 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irclass.dll
[2008/12/01 14:13:43 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irclass.dll
[2008/12/01 14:13:42 | 00,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\spxcoins.dll
[2008/12/01 14:13:42 | 00,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxcoins.dll
[2008/12/01 14:13:42 | 00,013,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\WFWNET.DRV
[2008/12/01 14:13:42 | 00,009,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VER.DLL
[2008/12/01 14:13:42 | 00,002,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VGA.DRV
[2008/12/01 14:13:41 | 00,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLECLI.DLL
[2008/12/01 14:13:41 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLESVR.DLL
[2008/12/01 14:13:41 | 00,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TAPI.DLL
[2008/12/01 14:13:41 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SHELL.DLL
[2008/12/01 14:13:41 | 00,004,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TIMER.DRV
[2008/12/01 14:13:41 | 00,003,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SYSTEM.DRV
[2008/12/01 14:13:41 | 00,001,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SOUND.DRV
[2008/12/01 14:13:40 | 00,126,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MSVIDEO.DLL
[2008/12/01 14:13:40 | 00,073,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIAVI.DRV
[2008/12/01 14:13:40 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIWAVE.DRV
[2008/12/01 14:13:40 | 00,025,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCISEQ.DRV
[2008/12/01 14:13:40 | 00,009,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\LZEXPAND.DLL
[2008/12/01 14:13:40 | 00,002,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MOUSE.DRV
[2008/12/01 14:13:40 | 00,002,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\KEYBOARD.DRV
[2008/12/01 14:13:40 | 00,001,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MMTASK.TSK
[2008/12/01 14:13:39 | 00,109,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVIFILE.DLL
[2008/12/01 14:13:39 | 00,069,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVICAP.DLL
[2008/12/01 14:13:39 | 00,032,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\COMMDLG.DLL
[2008/12/01 14:13:39 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\TASKMAN.EXE
[2008/12/01 14:13:39 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\taskman.exe
[2008/12/01 14:13:39 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\irenum.sys
[2008/12/01 14:13:39 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irenum.sys
[2008/12/01 14:13:39 | 00,001,688 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2008/12/01 14:13:38 | 00,146,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\WINSPOOL.DRV
[2008/12/01 14:13:38 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\NOTEPAD.EXE
[2008/12/01 14:13:38 | 00,068,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MMSYSTEM.DLL
[2008/12/01 14:13:38 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\batt.dll
[2008/12/01 14:13:38 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\batt.dll
[2008/12/01 14:13:37 | 00,074,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\storprop.dll
[2008/12/01 14:13:29 | 00,000,084 | -HS- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\desktop.ini
[2008/12/01 14:13:29 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Documents\desktop.ini
[2008/12/01 14:13:29 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\desktop.ini
[2008/12/01 14:13:28 | 00,141,702 | ---- | C] () -- C:\WINDOWS\System32\dllcache\netfx.cat
[2008/12/01 14:13:28 | 00,110,116 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tabletpc.cat
[2008/12/01 14:13:28 | 00,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2008/12/01 14:13:28 | 00,031,965 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mediactr.cat
[2008/12/01 14:13:28 | 00,024,209 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn7.cat
[2008/12/01 14:13:28 | 00,013,753 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IMS.CAT
[2008/12/01 14:13:28 | 00,011,651 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn9.cat
[2008/12/01 14:13:28 | 00,009,581 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSMSGS.CAT
[2008/12/01 14:13:28 | 00,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2008/12/01 14:13:28 | 00,007,382 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2008/12/01 14:13:28 | 00,007,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat
[2008/12/01 14:13:28 | 00,007,245 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSTSWEB.CAT
[2008/12/01 14:13:27 | 02,012,670 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5.CAT
[2008/12/01 14:13:27 | 01,086,058 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NTPRINT.CAT
[2008/12/01 14:13:27 | 01,042,903 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP2.CAT
[2008/12/01 14:13:27 | 00,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2008/12/01 14:13:27 | 00,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2008/12/01 14:13:27 | 00,031,281 | ---- | C] () -- C:\WINDOWS\System32\dllcache\FP4.CAT
[2008/12/01 14:13:26 | 00,502,724 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5INF.CAT
[2008/12/01 14:13:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2008/12/01 14:13:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot
[2008/12/01 14:13:07 | 00,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2008/12/01 14:12:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings
[2008/12/01 14:12:35 | 00,000,000 | -HSD | C] -- C:\System Volume Information
[2008/12/01 14:12:34 | 00,095,864 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008/12/01 14:11:39 | 00,000,211 | -HS- | C] () -- C:\boot.ini
[2008/12/01 14:11:35 | 00,000,315 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf
[2008/12/01 14:04:27 | 00,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2008/12/01 14:04:26 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
[2008/12/01 14:04:07 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2008/12/01 14:03:51 | 00,000,000 | R-SD | C] -- C:\WINDOWS\Fonts
[2008/12/01 14:03:51 | 00,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2008/12/01 14:03:51 | 00,000,000 | R--D | C] -- C:\WINDOWS\Web
[2008/12/01 14:03:51 | 00,000,000 | -H-D | C] -- C:\WINDOWS\inf
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\WinSxS
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\twain_32
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\wins
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\spool
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ras
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\npp
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\mui
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\IME
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ias
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\export
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\config
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\3076
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\2052
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1054
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1042
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1041
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1037
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1033
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1031
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1028
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1025
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\system32
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\system
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\security
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\Resources
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\repair
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\Provisioning
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\PeerNet
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\pchealth
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\mui
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\msapps
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\msagent
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\Media
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\java
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\ime
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\Help
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\ehome
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\Debug
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\Cursors
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\Config
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\AppPatch
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\addins
[2008/12/01 14:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS
[2008/12/01 14:02:17 | 23,804,784 | ---- | C] () -- C:\Documents and Settings\Andy\Desktop\aaw2008.exe
[2008/12/01 13:32:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Andy\Application Data\Macromedia
[2008/12/01 13:32:43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Andy\Local Settings\Application Data\Yahoo
[2008/12/01 13:32:27 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Andy\Application Data\Adobe
[2008/12/01 13:30:28 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Yahoo!
[2008/12/01 13:30:22 | 00,000,000 | ---D | C] -- C:\Program Files\Yahoo!
[2008/12/01 13:22:28 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Avira
[2008/12/01 13:20:05 | 27,462,344 | ---- | C] () -- C:\Documents and Settings\Andy\Desktop\setupeng.exe
[2008/12/01 13:17:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2008/12/01 13:14:24 | 00,186,097 | ---- | C] () -- C:\WINDOWS\System32\nvapps.xml
[2008/12/01 13:14:23 | 00,018,070 | ---- | C] () -- C:\WINDOWS\System32\nvdisp.nvu
[2008/12/01 13:14:23 | 00,000,000 | ---D | C] -- C:\WINDOWS\nview
[2008/12/01 13:10:54 | 00,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2008/12/01 13:10:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Andy\Local Settings\Application Data\Mozilla
[2008/12/01 13:10:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Andy\Application Data\Mozilla
[2008/12/01 13:10:19 | 00,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2008/12/01 13:10:00 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Andy\Application Data\Comodo
[2008/12/01 13:09:16 | 07,508,624 | ---- | C] (Mozilla) -- C:\Documents and Settings\Andy\Desktop\Firefox Setup 3.0.4.exe
[2008/12/01 12:49:08 | 00,147,192 | ---- | C] () -- C:\WINDOWS\System32\guard32.dll
[2008/12/01 12:49:08 | 00,101,776 | ---- | C] (COMODO) -- C:\WINDOWS\System32\drivers\cmdguard.sys
[2008/12/01 12:49:08 | 00,079,504 | ---- | C] (COMODO) -- C:\WINDOWS\System32\drivers\inspect.sys
[2008/12/01 12:49:08 | 00,031,504 | ---- | C] (COMODO) -- C:\WINDOWS\System32\drivers\cmdhlp.sys
[2008/12/01 12:49:08 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\comodo
[2008/12/01 12:48:48 | 00,000,000 | ---D | C] -- C:\Program Files\COMODO
[2008/12/01 12:48:06 | 00,141,016 | ---- | C] () -- C:\WINDOWS\System32\ALSNDMGR.WAV
[2008/12/01 12:47:49 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Andy\Desktop\wdm
[2008/12/01 12:41:45 | 00,000,000 | ---D | C] -- C:\Program Files\DirectX
[2008/12/01 12:39:33 | 06,413,124 | -H-- | C] () -- C:\Documents and Settings\Andy\Local Settings\Application Data\IconCache.db
[2008/12/01 12:39:23 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\NVIDIA Shared
[2008/12/01 12:39:22 | 00,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2008/12/01 12:38:49 | 00,003,787 | ---- | C] () -- C:\WINDOWS\System32\nvaudio.nvu
[2008/12/01 12:38:44 | 00,000,464 | ---- | C] () -- C:\WINDOWS\System32\nvide.nvu
[2008/12/01 12:38:05 | 00,001,556 | ---- | C] () -- C:\WINDOWS\System32\nvenet.nvu
[2008/12/01 12:38:03 | 00,000,789 | ---- | C] () -- C:\WINDOWS\System32\nvsmb.nvu
[2008/12/01 12:38:00 | 00,001,217 | ---- | C] () -- C:\WINDOWS\System32\nvmctl.nvu
[2008/12/01 12:37:42 | 00,002,124 | ---- | C] () -- C:\WINDOWS\System32\nvgart.nvu
[2008/12/01 12:37:41 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups
[2008/12/01 12:37:04 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2008/12/01 12:36:24 | 00,000,000 | ---D | C] -- C:\NVIDIA
[2008/12/01 12:35:40 | 00,000,000 | -HSD | C] -- C:\RECYCLER
[2008/12/01 12:35:12 | 00,509,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_2.dll
[2008/12/01 12:35:12 | 00,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_2.dll
[2008/12/01 12:35:12 | 00,068,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_1.dll
[2008/12/01 12:35:11 | 01,493,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_39.dll
[2008/12/01 12:35:11 | 00,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_39.dll
[2008/12/01 12:35:10 | 03,851,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_39.dll
[2008/12/01 12:35:09 | 00,507,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_1.dll
[2008/12/01 12:35:09 | 00,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_1.dll
[2008/12/01 12:35:09 | 00,065,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_0.dll
[2008/12/01 12:35:08 | 01,491,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_38.dll
[2008/12/01 12:35:08 | 00,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_38.dll
[2008/12/01 12:35:08 | 00,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_4.dll
[2008/12/01 12:35:07 | 03,850,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_38.dll
[2008/12/01 12:35:06 | 00,479,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_0.dll
[2008/12/01 12:35:06 | 00,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_0.dll
[2008/12/01 12:35:06 | 00,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_3.dll
[2008/12/01 12:35:05 | 01,420,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_37.dll
[2008/12/01 12:35:05 | 00,462,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_37.dll
[2008/12/01 12:35:04 | 03,786,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_37.dll
[2008/12/01 12:35:04 | 00,267,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_10.dll
[2008/12/01 12:35:02 | 03,734,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_36.dll
[2008/12/01 12:35:02 | 01,374,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_36.dll
[2008/12/01 12:35:02 | 00,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_36.dll
[2008/12/01 12:35:01 | 00,267,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_9.dll
[2008/12/01 12:35:00 | 03,727,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_35.dll
[2008/12/01 12:35:00 | 01,358,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_35.dll
[2008/12/01 12:35:00 | 00,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_35.dll
[2008/12/01 12:34:59 | 00,266,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_8.dll
[2008/12/01 12:34:59 | 00,017,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_2.dll
[2008/12/01 12:34:58 | 03,497,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_34.dll
[2008/12/01 12:34:58 | 01,124,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_34.dll
[2008/12/01 12:34:58 | 00,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_34.dll
[2008/12/01 12:34:57 | 00,261,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_7.dll
[2008/12/01 12:34:57 | 00,081,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_3.dll
[2008/12/01 12:34:56 | 01,123,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_33.dll
[2008/12/01 12:34:56 | 00,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_33.dll
[2008/12/01 12:34:54 | 03,495,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_33.dll
[2008/12/01 12:34:53 | 03,426,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_32.dll
[2008/12/01 12:34:53 | 00,255,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_6.dll
[2008/12/01 12:34:53 | 00,251,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_5.dll
[2008/12/01 12:34:52 | 02,414,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_31.dll
[2008/12/01 12:34:52 | 00,237,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_4.dll
[2008/12/01 12:34:52 | 00,236,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_3.dll
[2008/12/01 12:34:52 | 00,015,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_1.dll
[2008/12/01 12:34:51 | 00,230,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_2.dll
[2008/12/01 12:34:51 | 00,229,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_1.dll
[2008/12/01 12:34:51 | 00,062,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_2.dll
[2008/12/01 12:34:51 | 00,062,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_1.dll
[2008/12/01 12:34:50 | 02,388,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_30.dll
[2008/12/01 12:34:50 | 00,230,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_0.dll
[2008/12/01 12:34:50 | 00,014,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_0.dll
[2008/12/01 12:34:49 | 02,332,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_29.dll
[2008/12/01 12:34:49 | 02,323,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_28.dll
[2008/12/01 12:34:49 | 02,319,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_27.dll
[2008/12/01 12:34:49 | 00,061,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput9_1_0.dll
[2008/12/01 12:34:48 | 02,337,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_25.dll
[2008/12/01 12:34:48 | 02,297,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_26.dll
[2008/12/01 12:34:47 | 02,222,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_24.dll
[2008/12/01 12:34:40 | 00,000,000 | ---D | C] -- C:\WINDOWS\Logs
[2008/12/01 12:32:14 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Andy\Application Data\ESET
[2008/12/01 12:31:31 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ESET
[2008/12/01 12:30:08 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Andy\Application Data\Identities
[2008/12/01 12:30:07 | 00,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
[2008/12/01 12:30:06 | 00,000,075 | -HS- | C] () -- C:\Documents and Settings\Andy\My Documents\desktop.ini
[2008/12/01 12:30:06 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Andy\My Documents\My Pictures
[2008/12/01 12:30:06 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Andy\My Documents\My Music
[2008/12/01 12:30:03 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\Andy\Application Data\desktop.ini
[2008/12/01 12:30:02 | 00,000,084 | -HS- | C] () -- C:\Documents and Settings\Andy\Start Menu\Programs\Startup\desktop.ini
[2008/12/01 12:30:02 | 00,000,000 | --SD | C] -- C:\Documents and Settings\Andy\Application Data\Microsoft
[2008/12/01 12:30:02 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Andy\Local Settings\Application Data\Microsoft
[2008/12/01 12:29:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2008/12/01 12:29:11 | 00,000,006 | -H-- | C] () -- C:\WINDOWS\tasks\SA.DAT
[2008/12/01 12:29:11 | 00,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft
[2008/12/01 12:29:11 | 00,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2008/12/01 12:29:04 | 00,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2008/12/01 12:28:05 | 00,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2008/12/01 12:27:49 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winzm.ime
[2008/12/01 12:27:48 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winsp.ime
[2008/12/01 12:27:48 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winpy.ime
[2008/12/01 12:27:48 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winime.ime
[2008/12/01 12:27:47 | 00,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winar30.ime
[2008/12/01 12:27:47 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wingb.ime
[2008/12/01 12:27:46 | 00,041,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.dll
[2008/12/01 12:27:46 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.sys
[2008/12/01 12:27:44 | 00,363,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3svc.dll
[2008/12/01 12:27:44 | 00,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wam51.dll
[2008/12/01 12:27:44 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamreg51.dll
[2008/12/01 12:27:44 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamps51.dll
[2008/12/01 12:27:43 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ext.dll
[2008/12/01 12:27:43 | 00,048,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32.dll
[2008/12/01 12:27:43 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3svapi.dll
[2008/12/01 12:27:43 | 00,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ctrs51.dll
[2008/12/01 12:27:42 | 00,426,041 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicepad.dll
[2008/12/01 12:27:42 | 00,086,073 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicesub.dll
[2008/12/01 12:27:40 | 00,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniime.dll
[2008/12/01 12:27:40 | 00,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unicdime.ime
[2008/12/01 12:27:39 | 00,103,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uihelper.dll
[2008/12/01 12:27:39 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe
[2008/12/01 12:27:38 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tools.dll
[2008/12/01 12:27:37 | 00,455,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintsetp.exe
[2008/12/01 12:27:37 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlphr.exe
[2008/12/01 12:27:37 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmigrate.dll
[2008/12/01 12:27:36 | 00,571,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlgnt.ime
[2008/12/01 12:27:36 | 00,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\thawbrkr.dll
[2008/12/01 12:27:35 | 00,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdipx.sys
[2008/12/01 12:27:35 | 00,019,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdspx.sys
[2008/12/01 12:27:35 | 00,013,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdasync.sys
[2008/12/01 12:27:33 | 00,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\svcext51.dll
[2008/12/01 12:27:33 | 00,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sspifilt.dll
[2008/12/01 12:27:33 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\status.dll
[2008/12/01 12:27:32 | 00,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusbusd.dll
[2008/12/01 12:27:32 | 00,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ssinc51.dll
[2008/12/01 12:27:30 | 00,143,422 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\softkey.dll
[2008/12/01 12:27:29 | 00,040,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpthrd.dll
[2008/12/01 12:27:29 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpstup.dll
[2008/12/01 12:27:29 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmptrap.exe
[2008/12/01 12:27:29 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll
[2008/12/01 12:27:28 | 00,358,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpincl.dll
[2008/12/01 12:27:28 | 00,259,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpcl.dll
[2008/12/01 12:27:28 | 00,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpsmir.dll
[2008/12/01 12:27:28 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmp.exe
[2008/12/01 12:27:28 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpmib.dll
[2008/12/01 12:27:27 | 00,456,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpsvc.dll
[2008/12/01 12:27:27 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll
[2008/12/01 12:27:27 | 00,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpapi.dll
[2008/12/01 12:27:26 | 00,236,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smi2smir.exe
[2008/12/01 12:27:26 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb6w.dll
[2008/12/01 12:27:26 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma3w.dll
[2008/12/01 12:27:26 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsm.dll
[2008/12/01 12:27:26 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smimsgif.dll
[2008/12/01 12:27:26 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsy.dll
[2008/12/01 12:27:25 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm9aw.dll
[2008/12/01 12:27:25 | 00,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8cw.dll
[2008/12/01 12:27:25 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm93w.dll
[2008/12/01 12:27:25 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm92w.dll
[2008/12/01 12:27:25 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm90w.dll
[2008/12/01 12:27:25 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8dw.dll
[2008/12/01 12:27:24 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm87w.dll
[2008/12/01 12:27:24 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm81w.dll
[2008/12/01 12:27:24 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8aw.dll
[2008/12/01 12:27:24 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm89w.dll
[2008/12/01 12:27:24 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm59w.dll
[2008/12/01 12:27:23 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\simptcp.dll
[2008/12/01 12:27:20 | 00,221,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\seo.dll
[2008/12/01 12:27:20 | 00,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_scripto.dll
[2008/12/01 12:27:20 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seos.dll
[2008/12/01 12:27:19 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rwnh.dll
[2008/12/01 12:27:18 | 00,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2008/12/01 12:27:18 | 00,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2008/12/01 12:27:18 | 00,026,624 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll
[2008/12/01 12:27:18 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rw001ext.dll
[2008/12/01 12:27:17 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\romanime.ime
[2008/12/01 12:27:17 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcref.dll
[2008/12/01 12:27:16 | 00,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe
[2008/12/01 12:27:16 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe
[2008/12/01 12:27:14 | 00,020,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ramdisk.sys
[2008/12/01 12:27:14 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quser.exe
[2008/12/01 12:27:13 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quick.ime
[2008/12/01 12:27:13 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe
[2008/12/01 12:27:12 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pwsdata.dll
[2008/12/01 12:27:11 | 00,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxviceo.dll
[2008/12/01 12:27:10 | 00,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlphr.exe
[2008/12/01 12:27:10 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmigrate.dll
[2008/12/01 12:27:10 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxmcro.dll
[2008/12/01 12:27:10 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxgl.dll
[2008/12/01 12:27:09 | 00,482,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlgnt.ime
[2008/12/01 12:27:09 | 00,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2008/12/01 12:27:09 | 00,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phon.ime
[2008/12/01 12:27:09 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlcsd.dll
[2008/12/01 12:27:08 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pagecnt.dll
[2008/12/01 12:27:08 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\permchk.dll
[2008/12/01 12:27:07 | 00,036,927 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs411.dll
[2008/12/01 12:27:07 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs404.dll
[2008/12/01 12:27:07 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs804.dll
[2008/12/01 12:27:07 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs412.dll
[2008/12/01 12:27:04 | 00,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nsepm.dll
[2008/12/01 12:27:04 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll
[2008/12/01 12:27:03 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nextlink.dll
[2008/12/01 12:27:01 | 00,229,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\multibox.dll
[2008/12/01 12:27:00 | 00,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtstocom.exe
[2008/12/01 12:26:58 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msiregmv.exe
[2008/12/01 12:26:57 | 01,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.lex
[2008/12/01 12:26:57 | 00,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.dll
[2008/12/01 12:26:51 | 00,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.sys
[2008/12/01 12:26:51 | 00,092,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.dll
[2008/12/01 12:26:51 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migregdb.exe
[2008/12/01 12:26:50 | 00,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\metada51.dll
[2008/12/01 12:26:50 | 00,037,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\md5filt.dll
[2008/12/01 12:26:50 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mdsync.dll
[2008/12/01 12:26:49 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll
[2008/12/01 12:26:48 | 00,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lpdsvc.dll
[2008/12/01 12:26:48 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logscrpt.dll
[2008/12/01 12:26:48 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lprmon.dll
[2008/12/01 12:26:48 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lonsint.dll
[2008/12/01 12:26:47 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lmmib2.dll
[2008/12/01 12:26:46 | 01,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2008/12/01 12:26:46 | 00,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\korwbrkr.dll
[2008/12/01 12:26:45 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdvntc.dll
[2008/12/01 12:26:45 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdusa.dll
[2008/12/01 12:26:45 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdurdu.dll
[2008/12/01 12:26:44 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth3.dll
[2008/12/01 12:26:44 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth2.dll
[2008/12/01 12:26:44 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth1.dll
[2008/12/01 12:26:44 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth0.dll
[2008/12/01 12:26:44 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr2.dll
[2008/12/01 12:26:44 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr1.dll
[2008/12/01 12:26:43 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecat.dll
[2008/12/01 12:26:43 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecnt.dll
[2008/12/01 12:26:43 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnec95.dll
[2008/12/01 12:26:43 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41j.dll
[2008/12/01 12:26:42 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41a.dll
[2008/12/01 12:26:42 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinpun.dll
[2008/12/01 12:26:42 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintel.dll
[2008/12/01 12:26:42 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintam.dll
[2008/12/01 12:26:42 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinmar.dll
[2008/12/01 12:26:41 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdibm02.dll
[2008/12/01 12:26:41 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinkan.dll
[2008/12/01 12:26:41 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinhin.dll
[2008/12/01 12:26:41 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinguj.dll
[2008/12/01 12:26:41 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdindev.dll
[2008/12/01 12:26:40 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdheb.dll
[2008/12/01 12:26:40 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdfa.dll
[2008/12/01 12:26:40 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv2.dll
[2008/12/01 12:26:40 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgeo.dll
[2008/12/01 12:26:39 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdax2.dll
[2008/12/01 12:26:39 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv1.dll
[2008/12/01 12:26:39 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda3.dll
[2008/12/01 12:26:39 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarmw.dll
[2008/12/01 12:26:39 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarme.dll
[2008/12/01 12:26:38 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd106n.dll
[2008/12/01 12:26:38 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101a.dll
[2008/12/01 12:26:38 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101.dll
[2008/12/01 12:26:38 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda2.dll
[2008/12/01 12:26:38 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda1.dll
[2008/12/01 12:26:37 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iscomlog.dll
[2008/12/01 12:26:37 | 00,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jupiw.dll
[2008/12/01 12:26:37 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iwrps.dll
[2008/12/01 12:26:37 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isapips.dll
[2008/12/01 12:26:36 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iprip.dll
[2008/12/01 12:26:35 | 00,257,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infocomm.dll
[2008/12/01 12:26:35 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetin51.exe
[2008/12/01 12:26:35 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infoctrs.dll
[2008/12/01 12:26:34 | 00,471,102 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskdic.dll
[2008/12/01 12:26:34 | 00,315,452 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskf.dll
[2008/12/01 12:26:34 | 00,102,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imlang.dll
[2008/12/01 12:26:34 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imkrinst.exe
[2008/12/01 12:26:34 | 00,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2008/12/01 12:26:33 | 00,274,489 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputyc.dll
[2008/12/01 12:26:33 | 00,262,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputy.exe
[2008/12/01 12:26:33 | 00,233,527 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjprw.exe
[2008/12/01 12:26:33 | 00,208,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpmig.exe
[2008/12/01 12:26:33 | 00,045,109 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpuex.exe
[2008/12/01 12:26:32 | 00,307,257 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.exe
[2008/12/01 12:26:32 | 00,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2008/12/01 12:26:32 | 00,155,705 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdsvr.exe
[2008/12/01 12:26:32 | 00,081,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.dll
[2008/12/01 12:26:31 | 00,716,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcus.dll
[2008/12/01 12:26:31 | 00,368,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcic.dll
[2008/12/01 12:26:31 | 00,057,398 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdadm.exe
[2008/12/01 12:26:30 | 00,811,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81k.dll
[2008/12/01 12:26:30 | 00,340,023 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81.ime
[2008/12/01 12:26:30 | 00,311,359 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsv.exe
[2008/12/01 12:26:30 | 00,102,463 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsm.dll
[2008/12/01 12:26:30 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmig.exe
[2008/12/01 12:26:29 | 00,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2008/12/01 12:26:29 | 00,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrcic.dll
[2008/12/01 12:26:29 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekr61.ime
[2008/12/01 12:26:29 | 00,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmbx.dll
[2008/12/01 12:26:29 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iissync.exe
[2008/12/01 12:26:28 | 00,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iislog51.dll
[2008/12/01 12:26:28 | 00,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisclex4.dll
[2008/12/01 12:26:28 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iiscrmap.dll
[2008/12/01 12:26:28 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisfecnv.dll
[2008/12/01 12:26:28 | 00,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iismui.dll
[2008/12/01 12:26:27 | 00,145,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iische51.dll
[2008/12/01 12:26:27 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisadmin.dll
[2008/12/01 12:26:22 | 10,129,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxkor.dll
[2008/12/01 12:26:17 | 13,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2008/12/01 12:26:13 | 10,096,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxcht.dll
[2008/12/01 12:26:13 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpod51.dll
[2008/12/01 12:26:12 | 00,268,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpext.dll
[2008/12/01 12:26:12 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hostmib.dll
[2008/12/01 12:26:12 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpmb51.dll
[2008/12/01 12:26:11 | 00,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2008/12/01 12:26:11 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hanjadic.dll
[2008/12/01 12:26:11 | 00,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gzip.dll
[2008/12/01 12:26:10 | 00,400,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsxp32.dll
[2008/12/01 12:26:09 | 00,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxstiff.dll
[2008/12/01 12:26:09 | 00,246,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxst30.dll
[2008/12/01 12:26:09 | 00,192,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxswzrd.dll
[2008/12/01 12:26:09 | 00,154,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsui.dll
[2008/12/01 12:26:08 | 00,562,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsst.dll
[2008/12/01 12:26:08 | 00,267,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssvc.exe
[2008/12/01 12:26:08 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsroute.dll
[2008/12/01 12:26:08 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssend.exe
[2008/12/01 12:26:08 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsperf.dll
[2008/12/01 12:26:08 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsres.dll
[2008/12/01 12:26:07 | 00,229,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscover.exe
[2008/12/01 12:26:07 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsevent.dll
[2008/12/01 12:26:07 | 00,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsdrv.dll
[2008/12/01 12:26:07 | 00,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsmon.dll
[2008/12/01 12:26:07 | 00,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsext32.dll
[2008/12/01 12:26:06 | 00,285,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscomex.dll
[2008/12/01 12:26:06 | 00,143,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclnt.exe
[2008/12/01 12:26:06 | 00,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclntr.dll
[2008/12/01 12:26:06 | 00,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscfgwz.dll
[2008/12/01 12:26:06 | 00,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscom.dll
[2008/12/01 12:26:05 | 00,452,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsapi.dll
[2008/12/01 12:26:05 | 00,125,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpsv251.dll
[2008/12/01 12:26:05 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpctrs2.dll
[2008/12/01 12:26:05 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpmib.dll
[2008/12/01 12:26:04 | 00,094,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fpencode.dll
[2008/12/01 12:26:04 | 00,024,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmcgi.exe
[2008/12/01 12:26:04 | 00,020,541 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmdll.dll
[2008/12/01 12:26:04 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftlx041e.dll
[2008/12/01 12:26:03 | 00,618,605 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4autl.dll
[2008/12/01 12:26:03 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe
[2008/12/01 12:26:02 | 00,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntwin.exe
[2008/12/01 12:26:02 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll
[2008/12/01 12:26:02 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\exstrace.dll
[2008/12/01 12:26:02 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\f3ahvoas.dll
[2008/12/01 12:26:01 | 00,101,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntagnt.dll
[2008/12/01 12:26:01 | 00,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll
[2008/12/01 12:26:01 | 00,045,056 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll
[2008/12/01 12:26:01 | 00,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\et4000.sys
[2008/12/01 12:26:01 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntcmd.exe
[2008/12/01 12:26:00 | 00,514,587 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\edb500.dll
[2008/12/01 12:26:00 | 00,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll
[2008/12/01 12:25:56 | 00,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dayi.ime
[2008/12/01 12:25:55 | 00,042,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\davcdata.exe
[2008/12/01 12:25:54 | 00,057,399 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cplexe.exe
[2008/12/01 12:25:54 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\counters.dll
[2008/12/01 12:25:54 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cprofile.exe
[2008/12/01 12:25:53 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\convlog.exe
[2008/12/01 12:25:53 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\controt.dll
[2008/12/01 12:25:52 | 00,480,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintsetp.exe
[2008/12/01 12:25:52 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\compfilt.dll
[2008/12/01 12:25:51 | 00,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintime.dll
[2008/12/01 12:25:51 | 00,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2008/12/01 12:25:51 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintlgnt.ime
[2008/12/01 12:25:50 | 00,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtbrkr.dll
[2008/12/01 12:25:50 | 00,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtmbx.dll
[2008/12/01 12:25:50 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtskdic.dll
[2008/12/01 12:25:49 | 01,677,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chsbrkr.dll
[2008/12/01 12:25:48 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgport.exe
[2008/12/01 12:25:48 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgusr.exe
[2008/12/01 12:25:48 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chglogon.exe
[2008/12/01 12:25:48 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\change.exe
[2008/12/01 12:25:47 | 00,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chajei.ime
[2008/12/01 12:25:46 | 00,218,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_g18030.dll
[2008/12/01 12:25:46 | 00,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2008/12/01 12:25:46 | 00,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_iscii.dll
[2008/12/01 12:25:46 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_is2022.dll
[2008/12/01 12:25:36 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\browscap.dll
[2008/12/01 12:25:34 | 00,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asptxn.dll
[2008/12/01 12:25:34 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aspperf.dll
[2008/12/01 12:25:34 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\authfilt.dll
[2008/12/01 12:25:33 | 00,369,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asp51.dll
[2008/12/01 12:25:33 | 00,331,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aqueue.dll
[2008/12/01 12:25:33 | 00,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll
[2008/12/01 12:25:32 | 00,108,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\appconf.dll
[2008/12/01 12:25:32 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0804.dll
[2008/12/01 12:25:32 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0412.dll
[2008/12/01 12:25:32 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0411.dll
[2008/12/01 12:25:32 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt040d.dll
[2008/12/01 12:25:31 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0404.dll
[2008/12/01 12:25:31 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0401.dll
[2008/12/01 12:25:31 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll
[2008/12/01 12:25:30 | 00,049,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adrot.dll
[2008/12/01 12:25:30 | 00,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admexs.dll
[2008/12/01 12:25:30 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admxprox.dll
[2008/12/01 12:25:27 | 00,032,827 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptest.exe
[2008/12/01 12:25:27 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptsat.dll
[2008/12/01 12:25:27 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamregps.dll
[2008/12/01 12:25:26 | 02,134,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpsnap.dll
[2008/12/01 12:25:26 | 00,189,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpadm.dll
[2008/12/01 12:25:26 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\staxmem.dll
[2008/12/01 12:25:25 | 00,020,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.dll
[2008/12/01 12:25:25 | 00,016,437 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.exe
[2008/12/01 12:25:22 | 00,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logui.ocx
[2008/12/01 12:25:22 | 00,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isatq.dll
[2008/12/01 12:25:21 | 00,829,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmgr.dll
[2008/12/01 12:25:21 | 00,169,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisui.dll
[2008/12/01 12:25:21 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetsloc.dll
[2008/12/01 12:25:21 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infoadmn.dll
[2008/12/01 12:25:21 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmgr.exe
[2008/12/01 12:25:20 | 00,133,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrtl.dll
[2008/12/01 12:25:20 | 00,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisext51.dll
[2008/12/01 12:25:20 | 00,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iismap.dll
[2008/12/01 12:25:20 | 00,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrstas.exe
[2008/12/01 12:25:20 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisreset.exe
[2008/12/01 12:25:20 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrstap.dll
[2008/12/01 12:25:19 | 00,020,538 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpremadm.exe
[2008/12/01 12:25:19 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpsapi2.dll
[2008/12/01 12:25:18 | 00,598,071 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmc.dll
[2008/12/01 12:25:18 | 00,208,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmcsat.dll
[2008/12/01 12:25:18 | 00,188,494 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpcount.exe
[2008/12/01 12:25:18 | 00,109,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98swin.exe
[2008/12/01 12:25:18 | 00,020,541 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpexedll.dll
[2008/12/01 12:25:17 | 00,876,653 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4awel.dll
[2008/12/01 12:25:17 | 00,102,509 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4atxt.dll
[2008/12/01 12:25:17 | 00,049,212 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4awebs.dll
[2008/12/01 12:25:17 | 00,041,020 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4avnb.dll
[2008/12/01 12:25:17 | 00,032,826 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4avss.dll
[2008/12/01 12:25:17 | 00,014,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98sadm.exe
[2008/12/01 12:25:16 | 00,184,435 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4amsft.dll
[2008/12/01 12:25:16 | 00,147,513 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4apws.dll
[2008/12/01 12:25:16 | 00,082,035 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4anscp.dll
[2008/12/01 12:25:16 | 00,049,210 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4areg.dll
[2008/12/01 12:25:15 | 00,275,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\certwiz.ocx
[2008/12/01 12:25:15 | 00,188,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cfgwiz.exe
[2008/12/01 12:25:15 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\certmap.ocx
[2008/12/01 12:25:15 | 00,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cnfgprts.ocx
[2008/12/01 12:25:15 | 00,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\coadmin.dll
[2008/12/01 12:25:14 | 00,290,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adsiis51.dll
[2008/12/01 12:25:14 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admwprox.dll
[2008/12/01 12:25:14 | 00,020,540 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.dll
[2008/12/01 12:25:14 | 00,016,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.exe
[2008/12/01 12:25:13 | 00,020,540 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.dll
[2008/12/01 12:25:13 | 00,016,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.exe
[2008/12/01 12:25:11 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom
[2008/12/01 12:25:11 | 00,000,000 | ---D | C] -- C:\Program Files\xerox
[2008/12/01 12:25:11 | 00,000,000 | ---D | C] -- C:\Program Files\microsoft frontpage
[2008/12/01 12:24:48 | 00,002,577 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT
[2008/12/01 12:24:48 | 00,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2008/12/01 12:24:48 | 00,000,000 | RHS- | C] () -- C:\IO.SYS
[2008/12/01 12:24:48 | 00,000,000 | ---- | C] () -- C:\WINDOWS\control.ini
[2008/12/01 12:24:48 | 00,000,000 | ---- | C] () -- C:\CONFIG.SYS
[2008/12/01 12:24:48 | 00,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT
[2008/12/01 12:24:40 | 00,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2008/12/01 12:24:40 | 00,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2008/12/01 12:24:39 | 00,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2008/12/01 12:24:28 | 00,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mapi32.dll
[2008/12/01 12:23:32 | 00,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files
[2008/12/01 12:23:32 | 00,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages
[2008/12/01 12:23:21 | 00,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate
[2008/12/01 12:23:07 | 04,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex
[2008/12/01 12:22:53 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX
[2008/12/01 12:22:28 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoobe.exe
[2008/12/01 12:22:27 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\notiflag.exe
[2008/12/01 12:22:27 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\brpinfo.dll
[2008/12/01 12:22:27 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atrace.dll
[2008/12/01 12:22:27 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\atrace.dll
[2008/12/01 12:22:26 | 00,099,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helphost.exe
[2008/12/01 12:22:26 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hcappres.dll
[2008/12/01 12:22:24 | 00,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2008/12/01 12:22:24 | 00,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2008/12/01 12:22:24 | 00,000,002 | ---- | C] () -- C:\WINDOWS\System32\desktop.ini
[2008/12/01 12:22:24 | 00,000,002 | ---- | C] () -- C:\WINDOWS\desktop.ini
[2008/12/01 12:22:17 | 00,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srdiag.exe
[2008/12/01 12:22:16 | 00,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msg723.acm
[2008/12/01 12:22:16 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmevtmsg.dll
[2008/12/01 12:22:16 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmevtmsg.dll
[2008/12/01 12:22:16 | 00,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf
[2008/12/01 12:22:15 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msinfo32.exe
[2008/12/01 12:22:15 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wb32.exe
[2008/12/01 12:22:15 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cb32.exe
[2008/12/01 12:22:14 | 00,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\acctres.dll
[2008/12/01 12:22:14 | 00,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\acctres.dll
[2008/12/01 12:22:14 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Services
[2008/12/01 12:22:10 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwtutor.exe
[2008/12/01 12:22:10 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwres.dll
[2008/12/01 12:22:10 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trialoc.dll
[2008/12/01 12:22:10 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icfgnt5.dll
[2008/12/01 12:22:10 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icfgnt5.dll
[2008/12/01 12:22:10 | 00,000,065 | RH-- | C] () -- C:\WINDOWS\tasks\desktop.ini
[2008/12/01 12:22:10 | 00,000,000 | --SD | C] -- C:\WINDOWS\Tasks
[2008/12/01 12:22:09 | 00,235,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssoap1.dll
[2008/12/01 12:22:09 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wisc10.dll
[2008/12/01 12:22:09 | 00,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssoapr.dll
[2008/12/01 12:22:09 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isignup.exe
[2008/12/01 12:22:09 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap
[2008/12/01 12:22:08 | 00,093,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieinfo5.ocx
[2008/12/01 12:22:05 | 03,166,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msgr3en.dll
[2008/12/01 12:22:05 | 00,725,566 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srchui.dll
[2008/12/01 12:22:05 | 00,058,434 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srchctls.dll
[2008/12/01 12:22:05 | 00,000,000 | ---D | C] -- C:\WINDOWS\srchasst
[2008/12/01 12:22:04 | 00,765,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\VGX.dll
[2008/12/01 12:22:04 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed
[2008/12/01 12:22:03 | 00,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpband.dll
[2008/12/01 12:22:02 | 00,786,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migrate.exe
[2008/12/01 12:22:02 | 00,774,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setup_wm.exe
[2008/12/01 12:22:02 | 00,368,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpvis.dll
[2008/12/01 12:22:02 | 00,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpns.dll
[2008/12/01 12:22:02 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\custsat.dll
[2008/12/01 12:22:01 | 00,364,544 | ---- | C] (Microsoft Corporation (written by Digital Renaissance Inc.)) -- C:\WINDOWS\System32\dllcache\npdsplay.dll
[2008/12/01 12:22:01 | 00,226,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npdrmv2.dll
[2008/12/01 12:22:01 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmplayer.exe
[2008/12/01 12:22:01 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npwmsdrm.dll
[2008/12/01 12:22:01 | 00,004,639 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.exe
[2008/12/01 12:22:00 | 00,183,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng1.dll
[2008/12/01 12:22:00 | 00,183,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaueng1.dll
[2008/12/01 12:22:00 | 00,120,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuweb.dll
[2008/12/01 12:22:00 | 00,120,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuweb.dll
[2008/12/01 12:22:00 | 00,112,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll
[2008/12/01 12:22:00 | 00,112,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wucltui.dll
[2008/12/01 12:22:00 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauserv.dll
[2008/12/01 12:22:00 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauserv.dll
[2008/12/01 12:21:59 | 01,134,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng.dll
[2008/12/01 12:21:59 | 01,134,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaueng.dll
[2008/12/01 12:21:59 | 00,430,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll
[2008/12/01 12:21:59 | 00,430,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuapi.dll
[2008/12/01 12:21:59 | 00,165,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauclt1.exe
[2008/12/01 12:21:59 | 00,165,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauclt1.exe
[2008/12/01 12:21:59 | 00,162,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaucpl.cpl
[2008/12/01 12:21:59 | 00,162,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaucpl.cpl
[2008/12/01 12:21:59 | 00,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauclt.exe
[2008/12/01 12:21:59 | 00,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauclt.exe
[2008/12/01 12:21:59 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wups.dll
[2008/12/01 12:21:59 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wups.dll
[2008/12/01 12:21:59 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bitsprx2.dll
[2008/12/01 12:21:59 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx2.dll
[2008/12/01 12:21:59 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bitsprx3.dll
[2008/12/01 12:21:59 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx3.dll
[2008/12/01 12:21:58 | 00,382,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qmgr.dll
[2008/12/01 12:21:58 | 00,382,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qmgr.dll
[2008/12/01 12:21:58 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qmgrprxy.dll
[2008/12/01 12:21:58 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qmgrprxy.dll
[2008/12/01 12:21:57 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2res2.dll
[2008/12/01 12:21:56 | 04,256,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2res.dll
[2008/12/01 12:21:56 | 00,502,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2fxa.dll
[2008/12/01 12:21:56 | 00,325,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2fxb.dll
[2008/12/01 12:21:56 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2eres.dll
[2008/12/01 12:21:55 | 00,402,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2filt.dll
[2008/12/01 12:21:55 | 00,167,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2ae.dll
[2008/12/01 12:21:55 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2ext.dll
[2008/12/01 12:21:54 | 03,555,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\moviemk.exe
[2008/12/01 12:21:54 | 00,000,000 | ---D | C] -- C:\Program Files\Movie Maker
[2008/12/01 12:21:53 | 00,561,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobmain.dll
[2008/12/01 12:21:53 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobdl.dll
[2008/12/01 12:21:52 | 00,122,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobcomm.dll
[2008/12/01 12:21:52 | 00,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oobebaln.exe
[2008/12/01 12:21:52 | 00,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobshel.dll
[2008/12/01 12:21:52 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobweb.dll
[2008/12/01 12:21:50 | 00,150,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uploadm.exe
[2008/12/01 12:21:50 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrslv.dll
[2008/12/01 12:21:50 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\safrslv.dll
[2008/12/01 12:21:49 | 00,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pchshell.dll
[2008/12/01 12:21:49 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrcdlg.dll
[2008/12/01 12:21:49 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\racpldlg.dll
[2008/12/01 12:21:49 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\safrcdlg.dll
[2008/12/01 12:21:49 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\racpldlg.dll
[2008/12/01 12:21:49 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pchsvc.dll
[2008/12/01 12:21:49 | 00,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrdm.dll
[2008/12/01 12:21:49 | 00,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\safrdm.dll
[2008/12/01 12:21:47 | 00,376,320 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msinfo.dll
[2008/12/01 12:21:47 | 00,158,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msconfig.exe
[2008/12/01 12:21:47 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hscupd.exe
[2008/12/01 12:21:46 | 00,768,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpctr.exe
[2008/12/01 12:21:46 | 00,743,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe
[2008/12/01 12:21:46 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fltlib.dll
[2008/12/01 12:21:46 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fltlib.dll
[2008/12/01 12:21:45 | 00,380,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rstrui.exe
[2008/12/01 12:21:45 | 00,239,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srrstr.dll
[2008/12/01 12:21:45 | 00,239,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srrstr.dll
[2008/12/01 12:21:45 | 00,170,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srsvc.dll
[2008/12/01 12:21:45 | 00,170,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srsvc.dll
[2008/12/01 12:21:45 | 00,124,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\fltMgr.sys
[2008/12/01 12:21:45 | 00,124,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fltmgr.sys
[2008/12/01 12:21:45 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srclient.dll
[2008/12/01 12:21:45 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srclient.dll
[2008/12/01 12:21:45 | 00,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fltMc.exe
[2008/12/01 12:21:45 | 00,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fltmc.exe
[2008/12/01 12:21:45 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore
[2008/12/01 12:21:44 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ils.dll
[2008/12/01 12:21:44 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ils.dll
[2008/12/01 12:21:44 | 00,073,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sr.sys
[2008/12/01 12:21:44 | 00,073,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sr.sys
[2008/12/01 12:21:43 | 00,229,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmas.dll
[2008/12/01 12:21:43 | 00,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msh261.drv
[2008/12/01 12:21:43 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msconf.dll
[2008/12/01 12:21:43 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msconf.dll
[2008/12/01 12:21:43 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dcap32.dll
[2008/12/01 12:21:43 | 00,034,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mnmdd.dll
[2008/12/01 12:21:43 | 00,034,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mnmdd.dll
[2008/12/01 12:21:43 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mnmsrvc.exe
[2008/12/01 12:21:43 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mnmsrvc.exe
[2008/12/01 12:21:43 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmmkcert.dll
[2008/12/01 12:21:43 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmmkcert.dll
[2008/12/01 12:21:42 | 00,385,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\callcont.dll
[2008/12/01 12:21:42 | 00,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nac.dll
[2008/12/01 12:21:42 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rrcm.dll
[2008/12/01 12:21:42 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\h323cc.dll
[2008/12/01 12:21:42 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmasnt.dll
[2008/12/01 12:21:41 | 00,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mst120.dll
[2008/12/01 12:21:41 | 00,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmwb.dll
[2008/12/01 12:21:41 | 00,151,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmft.dll
[2008/12/01 12:21:41 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmchat.dll
[2008/12/01 12:21:41 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmcom.dll
[2008/12/01 12:21:41 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mst123.dll
[2008/12/01 12:21:41 | 00,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\confmrsl.dll
[2008/12/01 12:21:40 | 01,032,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\conf.exe
[2008/12/01 12:21:40 | 00,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoeacct.dll
[2008/12/01 12:21:40 | 00,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoeacct.dll
[2008/12/01 12:21:40 | 00,172,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmoldwb.dll
[2008/12/01 12:21:40 | 00,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoert2.dll
[2008/12/01 12:21:40 | 00,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoert2.dll
[2008/12/01 12:21:40 | 00,046,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab.exe
[2008/12/01 12:21:40 | 00,000,000 | ---D | C] -- C:\Program Files\NetMeeting
[2008/12/01 12:21:39 | 00,504,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab32.dll
[2008/12/01 12:21:39 | 00,249,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab32res.dll
[2008/12/01 12:21:39 | 00,084,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wabimp.dll
[2008/12/01 12:21:39 | 00,081,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\directdb.dll
[2008/12/01 12:21:39 | 00,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetres.dll
[2008/12/01 12:21:39 | 00,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetres.dll
[2008/12/01 12:21:39 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wabfind.dll
[2008/12/01 12:21:39 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wabmig.exe
[2008/12/01 12:21:38 | 01,311,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoe.dll
[2008/12/01 12:21:38 | 00,678,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcomm.dll
[2008/12/01 12:21:38 | 00,678,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcomm.dll
[2008/12/01 12:21:38 | 00,104,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oeimport.dll
[2008/12/01 12:21:38 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msimn.exe
[2008/12/01 12:21:37 | 02,479,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoeres.dll
[2008/12/01 12:21:37 | 00,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setup50.exe
[2008/12/01 12:21:37 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oemig50.exe
[2008/12/01 12:21:37 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oemiglib.dll
[2008/12/01 12:21:37 | 00,000,000 | ---D | C] -- C:\Program Files\Outlook Express
[2008/12/01 12:21:36 | 00,274,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstask.dll
[2008/12/01 12:21:36 | 00,274,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstask.dll
[2008/12/01 12:21:36 | 00,190,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\schedsvc.dll
[2008/12/01 12:21:36 | 00,190,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\schedsvc.dll
[2008/12/01 12:21:36 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwphbk.dll
[2008/12/01 12:21:36 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwphbk.dll
[2008/12/01 12:21:36 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstinit.exe
[2008/12/01 12:21:36 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstinit.exe
[2008/12/01 12:21:35 | 00,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcfg.dll
[2008/12/01 12:21:35 | 00,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcfg.dll
[2008/12/01 12:21:35 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\isign32.dll
[2008/12/01 12:21:35 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isign32.dll
[2008/12/01 12:21:35 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwdial.dll
[2008/12/01 12:21:35 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwdial.dll
[2008/12/01 12:21:34 | 00,172,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwhelp.dll
[2008/12/01 12:21:34 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwconn.dll
[2008/12/01 12:21:34 | 00,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwutil.dll
[2008/12/01 12:21:34 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwdl.dll
[2008/12/01 12:21:34 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwrmind.exe
[2008/12/01 12:21:33 | 00,561,179 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dao360.dll
[2008/12/01 12:21:33 | 00,217,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sqlxmlx.dll
[2008/12/01 12:21:33 | 00,214,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwconn1.exe
[2008/12/01 12:21:33 | 00,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwconn2.exe
[2008/12/01 12:21:33 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetwiz.exe
[2008/12/01 12:21:32 | 00,487,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oledb32.dll
[2008/12/01 12:21:32 | 00,204,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaps.dll
[2008/12/01 12:21:32 | 00,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdatl3.dll
[2008/12/01 12:21:32 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaosp.dll
[2008/12/01 12:21:32 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oledb32r.dll
[2008/12/01 12:21:31 | 00,315,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdasql.dll
[2008/12/01 12:21:31 | 00,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaora.dll
[2008/12/01 12:21:31 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxactps.dll
[2008/12/01 12:21:31 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdatt.dll
[2008/12/01 12:21:31 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdasqlr.dll
[2008/12/01 12:21:31 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaorar.dll
[2008/12/01 12:21:31 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaurl.dll
[2008/12/01 12:21:31 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdasc.dll
[2008/12/01 12:21:31 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaer.dll
[2008/12/01 12:21:31 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaenum.dll
[2008/12/01 12:21:30 | 00,200,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadox.dll
[2008/12/01 12:21:30 | 00,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadomd.dll
[2008/12/01 12:21:30 | 00,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msjro.dll
[2008/12/01 12:21:30 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado27.tlb
[2008/12/01 12:21:30 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado26.tlb
[2008/12/01 12:21:30 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado25.tlb
[2008/12/01 12:21:30 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado21.tlb
[2008/12/01 12:21:30 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado20.tlb
[2008/12/01 12:21:30 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadrh15.dll
[2008/12/01 12:21:30 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msador15.dll
[2008/12/01 12:21:30 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdadc.dll
[2008/12/01 12:21:29 | 00,536,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado15.dll
[2008/12/01 12:21:29 | 00,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdarem.dll
[2008/12/01 12:21:29 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdfmap.dll
[2008/12/01 12:21:29 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msader15.dll
[2008/12/01 12:21:29 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaremr.dll
[2008/12/01 12:21:28 | 00,200,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaprst.dll
[2008/12/01 12:21:28 | 00,155,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadds.dll
[2008/12/01 12:21:28 | 00,143,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadco.dll
[2008/12/01 12:21:28 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcf.dll
[2008/12/01 12:21:28 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcs.dll
[2008/12/01 12:21:28 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msaddsr.dll
[2008/12/01 12:21:28 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcer.dll
[2008/12/01 12:21:28 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaprsr.dll
[2008/12/01 12:21:28 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcor.dll
[2008/12/01 12:21:28 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcfr.dll
[2008/12/01 12:21:27 | 00,331,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadce.dll
[2008/12/01 12:21:27 | 00,153,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\triedit.dll
[2008/12/01 12:21:27 | 00,128,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dhtmled.ocx
[2008/12/01 12:21:27 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\System
[2008/12/01 12:21:26 | 00,622,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iexplore.exe
[2008/12/01 12:21:26 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedw.exe
[2008/12/01 12:21:26 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hmmapi.dll
[2008/12/01 12:21:26 | 00,000,000 | ---D | C] -- C:\Program Files\Internet Explorer
[2008/12/01 12:21:24 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Pictures
[2008/12/01 12:21:00 | 00,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008/12/01 12:20:48 | 00,000,000 | ---D | C] -- C:\Program Files\ComPlus Applications
[2008/12/01 12:20:46 | 00,000,037 | ---- | C] () -- C:\WINDOWS\vbaddin.ini
[2008/12/01 12:20:46 | 00,000,036 | ---- | C] () -- C:\WINDOWS\vb.ini
[2008/12/01 12:20:40 | 00,000,000 | ---D | C] -- C:\WINDOWS\Registration
[2008/12/01 12:20:32 | 00,000,000 | ---D | C] -- C:\Program Files\Online Services
[2008/12/01 12:20:31 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Music
[2008/12/01 12:20:31 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Media Player
[2008/12/01 12:20:24 | 00,042,577 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgzm.exe
[2008/12/01 12:20:24 | 00,000,000 | ---D | C] -- C:\Program Files\Messenger
[2008/12/01 12:20:23 | 01,817,687 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgres.dll
[2008/12/01 12:20:23 | 00,780,885 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrres.dll
[2008/12/01 12:20:23 | 00,753,236 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvseres.dll
[2008/12/01 12:20:23 | 00,082,501 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckg.dll
[2008/12/01 12:20:23 | 00,048,706 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvse.dll
[2008/12/01 12:20:23 | 00,042,575 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrzm.exe
[2008/12/01 12:20:23 | 00,042,574 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvsezm.exe
[2008/12/01 12:20:22 | 02,178,131 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlres.dll
[2008/12/01 12:20:22 | 01,175,635 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzres.dll
[2008/12/01 12:20:22 | 00,066,113 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvl.dll
[2008/12/01 12:20:22 | 00,057,409 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtz.dll
[2008/12/01 12:20:22 | 00,042,573 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlzm.exe
[2008/12/01 12:20:22 | 00,042,573 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzzm.exe
[2008/12/01 12:20:22 | 00,040,515 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkr.dll
[2008/12/01 12:20:22 | 00,004,677 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zeeverm.dll
[2008/12/01 12:20:21 | 01,039,955 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnresm.dll
[2008/12/01 12:20:21 | 00,113,222 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zoneclim.dll
[2008/12/01 12:20:21 | 00,041,029 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zcorem.dll
[2008/12/01 12:20:21 | 00,032,339 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniansi.dll
[2008/12/01 12:20:21 | 00,013,894 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zonelibm.dll
[2008/12/01 12:20:20 | 00,217,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnclim.dll
[2008/12/01 12:20:20 | 00,036,937 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zclientm.exe
[2008/12/01 12:20:20 | 00,029,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\znetm.dll
[2008/12/01 12:20:20 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\write.exe
[2008/12/01 12:20:20 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\write.exe
[2008/12/01 12:20:20 | 00,000,000 | ---D | C] -- C:\Program Files\MSN Gaming Zone
[2008/12/01 12:20:06 | 00,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndvol32.exe
[2008/12/01 12:20:06 | 00,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndvol32.exe
[2008/12/01 12:20:05 | 00,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avtapi.dll
[2008/12/01 12:20:05 | 00,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avtapi.dll
[2008/12/01 12:20:05 | 00,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avwav.dll
[2008/12/01 12:20:05 | 00,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avwav.dll
[2008/12/01 12:20:05 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avmeter.dll
[2008/12/01 12:20:05 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avmeter.dll
[2008/12/01 12:20:04 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winchat.exe
[2008/12/01 12:20:04 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winchat.exe
[2008/12/01 12:19:57 | 00,065,832 | ---- | C] () -- C:\WINDOWS\Santa Fe Stucco.bmp
[2008/12/01 12:19:57 | 00,026,680 | ---- | C] () -- C:\WINDOWS\River Sumida.bmp
[2008/12/01 12:19:57 | 00,009,522 | ---- | C] () -- C:\WINDOWS\Zapotec.bmp
[2008/12/01 12:19:56 | 00,065,978 | ---- | C] () -- C:\WINDOWS\Soap Bubbles.bmp
[2008/12/01 12:19:56 | 00,065,954 | ---- | C] () -- C:\WINDOWS\Prairie Wind.bmp
[2008/12/01 12:19:56 | 00,026,582 | ---- | C] () -- C:\WINDOWS\Greenstone.bmp
[2008/12/01 12:19:56 | 00,017,362 | ---- | C] () -- C:\WINDOWS\Rhododendron.bmp
[2008/12/01 12:19:56 | 00,017,336 | ---- | C] () -- C:\WINDOWS\Gone Fishing.bmp
[2008/12/01 12:19:56 | 00,017,062 | ---- | C] () -- C:\WINDOWS\Coffee Bean.bmp
[2008/12/01 12:19:56 | 00,016,730 | ---- | C] () -- C:\WINDOWS\FeatherTexture.bmp
[2008/12/01 12:19:55 | 00,001,272 | ---- | C] () -- C:\WINDOWS\Blue Lace 16.bmp
[2008/12/01 12:19:54 | 00,605,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\getuname.dll
[2008/12/01 12:19:54 | 00,605,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\getuname.dll
[2008/12/01 12:19:54 | 00,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\calc.exe
[2008/12/01 12:19:54 | 00,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\calc.exe
[2008/12/01 12:19:54 | 00,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\charmap.exe
[2008/12/01 12:19:54 | 00,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\charmap.exe
[2008/12/01 12:19:53 | 00,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mshearts.exe
[2008/12/01 12:19:53 | 00,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshearts.exe
[2008/12/01 12:19:53 | 00,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winmine.exe
[2008/12/01 12:19:53 | 00,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmine.exe
[2008/12/01 12:19:53 | 00,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sol.exe
[2008/12/01 12:19:53 | 00,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sol.exe
[2008/12/01 12:19:52 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\freecell.exe
[2008/12/01 12:19:52 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\freecell.exe
[2008/12/01 12:19:52 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsshutdn.exe
[2008/12/01 12:19:52 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsshutdn.exe
[2008/12/01 12:19:52 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tskill.exe
[2008/12/01 12:19:52 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tskill.exe
[2008/12/01 12:19:52 | 00,013,223 | ---- | C] () -- C:\WINDOWS\System32\tslabels.ini
[2008/12/01 12:19:52 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\reset.exe
[2008/12/01 12:19:52 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\reset.exe
[2008/12/01 12:19:52 | 00,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h
[2008/12/01 12:19:52 | 00,001,161 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2008/12/01 12:19:51 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\regini.exe
[2008/12/01 12:19:51 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\regini.exe
[2008/12/01 12:19:51 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qwinsta.exe
[2008/12/01 12:19:51 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qwinsta.exe
[2008/12/01 12:19:51 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msg.exe
[2008/12/01 12:19:51 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msg.exe
[2008/12/01 12:19:51 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qappsrv.exe
[2008/12/01 12:19:51 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qappsrv.exe
[2008/12/01 12:19:51 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rwinsta.exe
[2008/12/01 12:19:51 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rwinsta.exe
[2008/12/01 12:19:51 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsdiscon.exe
[2008/12/01 12:19:51 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscon.exe
[2008/12/01 12:19:51 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\shadow.exe
[2008/12/01 12:19:51 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsdiscon.exe
[2008/12/01 12:19:51 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscon.exe
[2008/12/01 12:19:51 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shadow.exe
[2008/12/01 12:19:51 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpcfgex.dll
[2008/12/01 12:19:51 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpcfgex.dll
[2008/12/01 12:19:50 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtsadmin.tlb
[2008/12/01 12:19:50 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cdmodem.dll
[2008/12/01 12:19:50 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cdmodem.dll
[2008/12/01 12:19:50 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\logoff.exe
[2008/12/01 12:19:50 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logoff.exe
[2008/12/01 12:19:50 | 00,001,931 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.ini
[2008/12/01 12:19:50 | 00,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h
[2008/12/01 12:19:49 | 00,082,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrepl.dll
[2008/12/01 12:19:49 | 00,082,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comrepl.dll
[2008/12/01 12:19:49 | 00,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comaddin.dll
[2008/12/01 12:19:49 | 00,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comaddin.dll
[2008/12/01 12:19:49 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxlegih.dll
[2008/12/01 12:19:49 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxlegih.dll
[2008/12/01 12:19:49 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxdm.dll
[2008/12/01 12:19:49 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxdm.dll
[2008/12/01 12:19:49 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dcomcnfg.exe
[2008/12/01 12:19:49 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrereg.exe
[2008/12/01 12:19:49 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dcomcnfg.exe
[2008/12/01 12:19:49 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxex.dll
[2008/12/01 12:19:49 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxex.dll
[2008/12/01 12:19:48 | 00,147,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comsnap.dll
[2008/12/01 12:19:48 | 00,147,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsnap.dll
[2008/12/01 12:19:48 | 00,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\stclient.dll
[2008/12/01 12:19:48 | 00,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\stclient.dll
[2008/12/01 12:19:48 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmi2xml.dll
[2008/12/01 12:19:44 | 00,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmitimep.dll
[2008/12/01 12:19:43 | 00,075,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipicmp.dll
[2008/12/01 12:19:43 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmimsg.dll
[2008/12/01 12:19:43 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemdisp.tlb
[2008/12/01 12:19:43 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.tlb
[2008/12/01 12:19:43 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmtr.dll
[2008/12/01 12:19:43 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmt.exe
[2008/12/01 12:19:43 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.dll
[2008/12/01 12:19:42 | 00,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\updprov.dll
[2008/12/01 12:19:42 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmplprov.dll
[2008/12/01 12:19:42 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trnsprov.dll
[2008/12/01 12:19:42 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpcons.dll
[2008/12/01 12:19:42 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unsecapp.exe
[2008/12/01 12:19:41 | 00,273,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msiprov.dll
[2008/12/01 12:19:41 | 00,120,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsprov.dll
[2008/12/01 12:19:41 | 00,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc
[2008/12/01 12:19:41 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fwdprov.dll
[2008/12/01 12:19:30 | 00,000,000 | ---D | C] -- C:\Program Files\MSN
[2008/12/01 12:19:29 | 00,281,088 | ---- | C] (Cinematronics) -- C:\WINDOWS\System32\dllcache\pinball.exe
[2008/12/01 12:19:29 | 00,214,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wordpad.exe
[2008/12/01 12:19:29 | 00,183,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\accwiz.exe
[2008/12/01 12:19:29 | 00,183,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\accwiz.exe
[2008/12/01 12:19:28 | 00,539,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dialer.exe
[2008/12/01 12:19:28 | 00,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndrec32.exe
[2008/12/01 12:19:28 | 00,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndrec32.exe
[2008/12/01 12:19:28 | 00,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mplay32.exe
[2008/12/01 12:19:28 | 00,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplay32.exe
[2008/12/01 12:19:28 | 00,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\access.cpl
[2008/12/01 12:19:28 | 00,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\access.cpl
[2008/12/01 12:19:28 | 00,000,000 | ---D | C] -- C:\Program Files\Windows NT
[2008/12/01 12:19:27 | 00,538,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spider.exe
[2008/12/01 12:19:27 | 00,538,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spider.exe
[2008/12/01 12:19:27 | 00,343,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mspaint.exe
[2008/12/01 12:19:27 | 00,343,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspaint.exe
[2008/12/01 12:19:27 | 00,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clipbrd.exe
[2008/12/01 12:19:27 | 00,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clipbrd.exe
[2008/12/01 12:19:27 | 00,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tdtcp.sys
[2008/12/01 12:19:27 | 00,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdtcp.sys
[2008/12/01 12:19:27 | 00,012,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tdpipe.sys
[2008/12/01 12:19:27 | 00,012,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdpipe.sys
[2008/12/01 12:19:26 | 00,655,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstscax.dll
[2008/12/01 12:19:26 | 00,655,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstscax.dll
[2008/12/01 12:19:26 | 00,407,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstsc.exe
[2008/12/01 12:19:26 | 00,407,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstsc.exe
[2008/12/01 12:19:26 | 00,139,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rdpwd.sys
[2008/12/01 12:19:26 | 00,139,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwd.sys
[2008/12/01 12:19:26 | 00,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscfgwmi.dll
[2008/12/01 12:19:26 | 00,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscfgwmi.dll
[2008/12/01 12:19:26 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\remotepg.dll
[2008/12/01 12:19:26 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\remotepg.dll
[2008/12/01 12:19:26 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdsaddin.exe
[2008/12/01 12:19:26 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdsaddin.exe
[2008/12/01 12:19:25 | 00,295,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\termsrv.dll
[2008/12/01 12:19:25 | 00,295,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\termsrv.dll
[2008/12/01 12:19:25 | 00,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdchost.dll
[2008/12/01 12:19:25 | 00,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdchost.dll
[2008/12/01 12:19:25 | 00,140,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sessmgr.exe
[2008/12/01 12:19:25 | 00,140,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sessmgr.exe
[2008/12/01 12:19:25 | 00,087,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpwsx.dll
[2008/12/01 12:19:25 | 00,087,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwsx.dll
[2008/12/01 12:19:25 | 00,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdshost.exe
[2008/12/01 12:19:25 | 00,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdshost.exe
[2008/12/01 12:19:25 | 00,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpclip.exe
[2008/12/01 12:19:25 | 00,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpclip.exe
[2008/12/01 12:19:25 | 00,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscupgrd.exe
[2008/12/01 12:19:25 | 00,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscupgrd.exe
[2008/12/01 12:19:25 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpsnd.dll
[2008/12/01 12:19:25 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpsnd.dll
[2008/12/01 12:19:24 | 00,161,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcuiu.dll
[2008/12/01 12:19:24 | 00,161,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtcuiu.dll
[2008/12/01 12:19:24 | 00,090,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxoci.dll
[2008/12/01 12:19:24 | 00,090,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxoci.dll
[2008/12/01 12:19:24 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cfgbkend.dll
[2008/12/01 12:19:24 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cfgbkend.dll
[2008/12/01 12:19:24 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qprocess.exe
[2008/12/01 12:19:24 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qprocess.exe
[2008/12/01 12:19:24 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icaapi.dll
[2008/12/01 12:19:24 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icaapi.dll
[2008/12/01 12:19:24 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc
[2008/12/01 12:19:23 | 00,949,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtctm.dll
[2008/12/01 12:19:23 | 00,949,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtctm.dll
[2008/12/01 12:19:23 | 00,425,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcprx.dll
[2008/12/01 12:19:23 | 00,425,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtcprx.dll
[2008/12/01 12:19:23 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtclog.dll
[2008/12/01 12:19:23 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtclog.dll
[2008/12/01 12:19:23 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xolehlp.dll
[2008/12/01 12:19:23 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xolehlp.dll
[2008/12/01 12:19:23 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtc.exe
[2008/12/01 12:19:23 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtc.exe
[2008/12/01 12:19:22 | 00,628,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\catsrvut.dll
[2008/12/01 12:19:22 | 00,628,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvut.dll
[2008/12/01 12:19:22 | 00,195,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comadmin.dll
[2008/12/01 12:19:22 | 00,110,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clbcatex.dll
[2008/12/01 12:19:22 | 00,110,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clbcatex.dll
[2008/12/01 12:19:22 | 00,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\catsrvps.dll
[2008/12/01 12:19:22 | 00,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvps.dll
[2008/12/01 12:19:22 | 00,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\colbact.dll
[2008/12/01 12:19:22 | 00,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\colbact.dll
[2008/12/01 12:19:22 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrepl.exe
[2008/12/01 12:19:22 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Com
[2008/12/01 12:19:21 | 01,251,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comsvcs.dll
[2008/12/01 12:19:21 | 01,251,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsvcs.dll
[2008/12/01 12:19:21 | 00,540,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comuid.dll
[2008/12/01 12:19:21 | 00,540,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comuid.dll
[2008/12/01 12:19:21 | 00,501,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clbcatq.dll
[2008/12/01 12:19:21 | 00,501,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clbcatq.dll
[2008/12/01 12:19:21 | 00,229,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\catsrv.dll
[2008/12/01 12:19:21 | 00,229,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrv.dll
[2008/12/01 12:19:19 | 00,218,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprvse.exe
[2008/12/01 12:19:19 | 00,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmisvc.dll
[2008/12/01 12:19:19 | 00,095,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiutils.dll
[2008/12/01 12:19:19 | 00,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipsess.dll
[2008/12/01 12:19:18 | 00,437,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprvsd.dll
[2008/12/01 12:19:18 | 00,358,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmic.exe
[2008/12/01 12:19:18 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipcima.dll
[2008/12/01 12:19:18 | 00,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprov.dll
[2008/12/01 12:19:18 | 00,140,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmidcprv.dll
[2008/12/01 12:19:18 | 00,132,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipdskq.dll
[2008/12/01 12:19:18 | 00,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipjobj.dll
[2008/12/01 12:19:18 | 00,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipiprt.dll
[2008/12/01 12:19:18 | 00,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmicookr.dll
[2008/12/01 12:19:17 | 00,530,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcore.dll
[2008/12/01 12:19:17 | 00,273,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemess.dll
[2008/12/01 12:19:17 | 00,197,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemupgd.dll
[2008/12/01 12:19:17 | 00,196,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiadap.exe
[2008/12/01 12:19:17 | 00,178,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemdisp.dll
[2008/12/01 12:19:17 | 00,126,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiapsrv.exe
[2008/12/01 12:19:17 | 00,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemtest.exe
[2008/12/01 12:19:17 | 00,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiaprpl.dll
[2008/12/01 12:19:17 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcons.dll
[2008/12/01 12:19:17 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemsvc.dll
[2008/12/01 12:19:17 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemprox.dll
[2008/12/01 12:19:17 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiapres.dll
[2008/12/01 12:19:16 | 00,214,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcomn.dll
[2008/12/01 12:19:16 | 00,196,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcntl.dll
[2008/12/01 12:19:16 | 00,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\viewprov.dll
[2008/12/01 12:19:16 | 00,086,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\stdprov.dll
[2008/12/01 12:19:16 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scrcons.exe
[2008/12/01 12:19:15 | 00,237,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\provthrd.dll
[2008/12/01 12:19:15 | 00,212,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntevt.dll
[2008/12/01 12:19:15 | 00,177,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\repdrvfs.dll
[2008/12/01 12:19:15 | 00,092,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\policman.dll
[2008/12/01 12:19:14 | 00,123,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mofd.dll
[2008/12/01 12:19:14 | 00,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ncprov.dll
[2008/12/01 12:19:14 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\krnlprov.dll
[2008/12/01 12:19:14 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mofcomp.exe
[2008/12/01 12:19:13 | 00,472,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fastprox.dll
[2008/12/01 12:19:13 | 00,247,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\esscli.dll
[2008/12/01 12:19:13 | 00,185,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\framedyn.dll
[2008/12/01 12:19:12 | 01,352,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cimwin32.dll
[2008/12/01 12:19:12 | 00,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmprops.dll
[2008/12/01 12:19:12 | 00,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmprops.dll
[2008/12/01 12:19:12 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\licwmi.dll
[2008/12/01 12:19:12 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\licwmi.dll
[2008/12/01 12:19:12 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\servdeps.dll
[2008/12/01 12:19:12 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\servdeps.dll
[2008/12/01 12:19:12 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmfutil.dll
[2008/12/01 12:19:12 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mmfutil.dll
[2008/12/01 12:19:10 | 00,196,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rdpdr.sys
[2008/12/01 12:19:10 | 00,040,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\termdd.sys
[2008/12/01 12:19:09 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Videos
[2008/11/20 22:45:30 | 00,042,320 | ---- | C] () -- C:\WINDOWS\System32\xfcodec.dll

========== Files - Modified Within 30 Days ==========

[1 C:\WINDOWS\System32\*.tmp files]
[3 C:\WINDOWS\*.tmp files]
[2008/12/14 09:53:18 | 00,186,097 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2008/12/14 09:53:16 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2008/12/14 09:53:08 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2008/12/14 09:53:07 | 10,732,70784 | -HS- | M] () -- C:\hiberfil.sys
[2008/12/13 21:29:31 | 00,022,328 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2008/12/13 21:29:24 | 00,107,832 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2008/12/12 21:16:37 | 00,000,345 | ---- | M] () -- C:\WINDOWS\gmer.ini
[2008/12/12 21:13:34 | 00,884,736 | ---- | M] () -- C:\WINDOWS\gmer.dll
[2008/12/12 21:13:34 | 00,085,969 | ---- | M] (GMER) -- C:\WINDOWS\System32\drivers\gmer.sys
[2008/12/12 21:13:34 | 00,000,080 | ---- | M] () -- C:\WINDOWS\gmer_uninstall.cmd
[2008/12/12 21:09:38 | 00,320,482 | ---- | M] () -- C:\Documents and Settings\Andy\Desktop\topic183980aaaa.htm
[2008/12/12 21:09:37 | 00,747,873 | ---- | M] () -- C:\Documents and Settings\Andy\Desktop\gmer.zip
[2008/12/11 22:28:04 | 00,000,719 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\VLC media player.lnk
[2008/12/11 22:22:11 | 10,565,093 | ---- | M] () -- C:\Documents and Settings\Andy\My Documents\VLC Media Player 0.8.6a.exe
[2008/12/11 22:18:37 | 00,003,584 | ---- | M] () -- C:\Documents and Settings\Andy\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/12/11 22:14:50 | 89,980,928 | ---- | M] () -- C:\Documents and Settings\Andy\My Documents\Adi Prisecaru (macea).MPG
[2008/12/11 21:53:22 | 00,218,777 | ---- | M] () -- C:\Documents and Settings\Andy\My Documents\untitled.JPG
[2008/12/11 06:49:23 | 00,095,864 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008/12/10 21:54:55 | 00,090,624 | ---- | M] () -- C:\Documents and Settings\Andy\My Documents\referat...sistemul muscular.doc
[2008/12/10 21:45:36 | 00,067,580 | ---- | M] () -- C:\Documents and Settings\Andy\Desktop\www.referat.ro-aditivi0947d.zip
[2008/12/10 21:17:49 | 01,390,337 | ---- | M] () -- C:\Documents and Settings\Andy\Desktop\flysetup.exe
[2008/12/10 21:17:31 | 00,328,244 | ---- | M] () -- C:\Documents and Settings\Andy\Desktop\saa713x_2310.zip
[2008/12/10 17:21:44 | 00,000,698 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\DAEMON Tools.lnk
[2008/12/10 17:20:19 | 00,611,064 | ---- | M] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2008/12/10 17:15:44 | 01,530,776 | ---- | M] (DT Soft Ltd.) -- C:\Documents and Settings\Andy\My Documents\daemon406-x86.exe
[2008/12/10 14:46:43 | 00,000,075 | -HS- | M] () -- C:\Documents and Settings\Andy\My Documents\desktop.ini
[2008/12/10 14:42:18 | 00,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2008/12/10 14:40:32 | 15,452,536 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Andy\Desktop\IE7-WindowsXP-x86-enu.exe
[2008/12/10 14:35:48 | 00,423,424 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Andy\Desktop\OTViewIt.exe
[2008/12/07 21:20:10 | 00,151,954 | ---- | M] () -- C:\Documents and Settings\Andy\Desktop\614-94490-danciulescu.jpg
[2008/12/07 21:17:07 | 00,163,946 | ---- | M] () -- C:\Documents and Settings\Andy\My Documents\RRomina.JPG
[2008/12/07 21:17:01 | 00,109,033 | ---- | M] () -- C:\Documents and Settings\Andy\My Documents\RRomina 4.JPG
[2008/12/07 21:16:57 | 00,105,703 | ---- | M] () -- C:\Documents and Settings\Andy\My Documents\RRomina 3.JPG
[2008/12/07 21:16:53 | 00,118,002 | ---- | M] () -- C:\Documents and Settings\Andy\My Documents\RRomina 2.JPG
[2008/12/07 00:01:44 | 39,240,452 | ---- | M] () -- C:\Documents and Settings\Andy\Desktop\coduo_mappack.zip
[2008/12/06 22:53:32 | 00,239,320 | ---- | M] () -- C:\Documents and Settings\Andy\My Documents\cod minimizer.rar
[2008/12/06 13:36:52 | 00,120,917 | ---- | M] () -- C:\Documents and Settings\Andy\My Documents\cod.JPG
[2008/12/04 22:03:41 | 00,088,773 | ---- | M] () -- C:\Documents and Settings\Andy\My Documents\latina 002.jpg
[2008/12/04 22:03:40 | 00,098,566 | ---- | M] () -- C:\Documents and Settings\Andy\My Documents\latina 001.jpg
[2008/12/04 14:08:58 | 00,305,705 | ---- | M] () -- C:\Documents and Settings\Andy\Desktop\RSIT.exe
[2008/12/04 07:03:37 | 00,147,192 | ---- | M] () -- C:\WINDOWS\System32\guard32.dll
[2008/12/04 07:03:37 | 00,101,776 | ---- | M] (COMODO) -- C:\WINDOWS\System32\drivers\cmdguard.sys
[2008/12/03 20:04:05 | 00,245,681 | ---- | M] () -- C:\Documents and Settings\Andy\My Documents\Call Of Duty 4(128x160)-64970.jar
[2008/12/03 07:19:12 | 00,000,686 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\HOSTS
[2008/12/03 07:12:54 | 01,529,241 | ---- | M] () -- C:\Documents and Settings\Andy\Desktop\SDFix.exe
[2008/12/03 07:11:44 | 00,049,208 | ---- | M] () -- C:\Documents and Settings\Andy\Desktop\topic131299.html
[2008/12/02 22:57:34 | 01,138,609 | ---- | M] (EFD Software ) -- C:\Documents and Settings\Andy\Desktop\hdtunepro_310_trial.exe
[2008/12/02 21:53:37 | 06,413,124 | -H-- | M] () -- C:\Documents and Settings\Andy\Local Settings\Application Data\IconCache.db
[2008/12/02 15:32:35 | 00,023,980 | ---- | M] () -- C:\Documents and Settings\Andy\Desktop\1227515655-Revolver.zip
[2008/12/02 07:07:47 | 02,372,472 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Andy\Desktop\mbam-setup.exe
[2008/12/01 22:53:14 | 00,000,031 | ---- | M] () -- C:\Documents and Settings\Andy\Desktop\coduo_minimizer.ini
[2008/12/01 22:11:33 | 30,718,383 | ---- | M] () -- C:\Documents and Settings\Andy\My Documents\adrian prisecaru.wmv
[2008/12/01 17:09:05 | 00,012,328 | ---- | M] () -- C:\Documents and Settings\Andy\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2008/12/01 15:07:28 | 05,736,952 | ---- | M] () -- C:\Documents and Settings\Andy\Desktop\xfire_installer_35044.exe
[2008/12/01 15:06:57 | 00,034,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\lhacm.acm
[2008/12/01 15:06:53 | 00,000,665 | ---- | M] () -- C:\Documents and Settings\Andy\Desktop\Teamspeak 2 RC2.lnk
[2008/12/01 15:06:23 | 05,862,994 | ---- | M] () -- C:\Documents and Settings\Andy\Desktop\ts2_client_rc2_2032.exe
[2008/12/01 15:01:29 | 00,066,872 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2008/12/01 14:56:43 | 00,278,528 | ---- | M] (By UberGames) -- C:\Documents and Settings\Andy\My Documents\Q3E Minimizer_v1.51.exe
[2008/12/01 14:46:38 | 00,944,797 | ---- | M] () -- C:\Documents and Settings\Andy\Desktop\wrar300.exe
[2008/12/01 14:45:11 | 00,151,679 | ---- | M] () -- C:\Documents and Settings\Andy\Desktop\q3eminimizerv130.zip
[2008/12/01 14:41:13 | 00,000,319 | ---- | M] () -- C:\WINDOWS\CoDUO.INI
[2008/12/01 14:31:43 | 00,000,709 | ---- | M] () -- C:\WINDOWS\CoD.INI
[2008/12/01 14:14:01 | 00,000,231 | ---- | M] () -- C:\WINDOWS\system.ini
[2008/12/01 14:13:29 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\All Users\Documents\desktop.ini
[2008/12/01 14:13:29 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\desktop.ini
[2008/12/01 14:13:28 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\Andy\Application Data\desktop.ini
[2008/12/01 14:03:46 | 23,804,784 | ---- | M] () -- C:\Documents and Settings\Andy\Desktop\aaw2008.exe
[2008/12/01 13:21:33 | 27,462,344 | ---- | M] () -- C:\Documents and Settings\Andy\Desktop\setupeng.exe
[2008/12/01 13:11:07 | 00,079,504 | ---- | M] (COMODO) -- C:\WINDOWS\System32\drivers\inspect.sys
[2008/12/01 13:11:07 | 00,031,504 | ---- | M] (COMODO) -- C:\WINDOWS\System32\drivers\cmdhlp.sys
[2008/12/01 13:10:54 | 00,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2008/12/01 13:09:52 | 07,508,624 | ---- | M] (Mozilla) -- C:\Documents and Settings\Andy\Desktop\Firefox Setup 3.0.4.exe
[2008/12/01 12:49:10 | 00,356,120 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2008/12/01 12:49:10 | 00,311,604 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2008/12/01 12:49:10 | 00,039,992 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2008/12/01 12:29:57 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2008/12/01 12:29:04 | 00,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD
[2008/12/01 12:28:05 | 00,000,315 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2008/12/01 12:24:55 | 00,000,084 | -HS- | M] () -- C:\Documents and Settings\Andy\Start Menu\Programs\Startup\desktop.ini
[2008/12/01 12:24:55 | 00,000,084 | -HS- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\desktop.ini
[2008/12/01 12:24:48 | 00,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2008/12/01 12:24:48 | 00,000,477 | ---- | M] () -- C:\WINDOWS\win.ini
[2008/12/01 12:24:48 | 00,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2008/12/01 12:24:48 | 00,000,000 | RHS- | M] () -- C:\IO.SYS
[2008/12/01 12:24:48 | 00,000,000 | ---- | M] () -- C:\WINDOWS\control.ini
[2008/12/01 12:24:48 | 00,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2008/12/01 12:24:48 | 00,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2008/12/01 12:24:40 | 00,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2008/12/01 12:24:40 | 00,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2008/12/01 12:24:40 | 00,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2008/12/01 12:24:28 | 00,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2008/12/01 12:21:00 | 00,021,640 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008/12/01 12:20:46 | 00,000,037 | ---- | M] () -- C:\WINDOWS\vbaddin.ini
[2008/12/01 12:20:46 | 00,000,036 | ---- | M] () -- C:\WINDOWS\vb.ini
[2008/12/01 12:18:17 | 00,000,211 | -HS- | M] () -- C:\boot.ini
[2008/11/20 22:45:30 | 00,042,320 | ---- | M] () -- C:\WINDOWS\System32\xfcodec.dll
< End of report >


OTViewIt Extras logfile created on: 12/14/2008 11:08:27 AM - Run 4
OTViewIt by OldTimer - Version 1.0.20.1 Folder = C:\Documents and Settings\Andy\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1023.48 Mb Total Physical Memory | 590.83 Mb Available Physical Memory | 57.73% Memory free
2.40 Gb Paging File | 2.03 Gb Available in Paging File | 84.39% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 8.69 Gb Total Space | 2.80 Gb Free Space | 32.20% Space Free | Partition Type: NTFS
Drive D: | 29.59 Gb Total Space | 21.89 Gb Free Space | 73.97% Space Free | Partition Type: NTFS
Drive E: | 3.94 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ANDY-65D25A1FE7
Current User Name: Andy
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Whitelist: On
File Age = 30 Days

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled"=1
"AntiVirusDisableNotify"=0
"FirewallDisableNotify"=0
"UpdatesDisableNotify"=0
"AntiVirusOverride"=0
"FirewallOverride"=0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"EnableFirewall"=1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[2004/08/04 14:00:00 | 00,140,800 | ---- | M] (Microsoft Corporation) -- %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
[2004/08/04 14:00:00 | 00,140,800 | ---- | M] (Microsoft Corporation) -- %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
[2008/11/05 21:59:00 | 04,347,120 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger
[2008/11/20 22:45:26 | 02,986,320 | ---- | M] (Xfire Inc.) -- C:\Program Files\Xfire\Xfire.exe:*:Enabled:Xfire
[2004/11/18 21:43:44 | 01,830,912 | ---- | M] () -- D:\Call of Duty\CoDMP.exe:*:Enabled:CoDMP
[2004/12/07 07:13:54 | 01,904,640 | ---- | M] () -- D:\Call of Duty\CoDUOMP.exe:*:Enabled:CoDUOMP

========== (O18) Protocol Handlers ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
ipp: [HKLM - No CLSID value]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\] - Protocol Handlers
[2002/05/24 12:22:16 | 00,532,480 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL ipp\0x00000001:{E1D2BF42-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - Microsoft OLE DB Moniker Binder for Internet Publishing]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
msdaipp: [HKLM - No CLSID value]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\] - Protocol Handlers
[2002/05/24 12:22:16 | 00,532,480 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL msdaipp\0x00000001:{E1D2BF42-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - Microsoft OLE DB Moniker Binder for Internet Publishing]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\] - Protocol Handlers
[2002/05/24 12:22:16 | 00,532,480 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL msdaipp\oledb:{E1D2BF40-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - MSDAIPP.BINDER]

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}"=Java™ 6 Update 11
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}"=WebFldrs XP
"{7299052b-02a4-4627-81f2-1818da5d550d}"=Microsoft Visual C++ 2005 Redistributable
"{A662E280-64A8-4CF5-8407-13D0808602B3}"=Call of Duty - United Offensive
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}"=Futuremark SystemInfo
"{D7A6C517-11F2-419F-B5BB-27772B939698}"=NvMixer
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}"=Ad-Aware
"{FB08F381-6533-4108-B7DD-039E11FBC27E}"=Realtek AC'97 Audio
"Adobe Flash Player ActiveX"=Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin"=Adobe Flash Player 10 Plugin
"Call of Duty"=Call of Duty
"COMODO Internet Security"=COMODO Internet Security
"FLY2000TV"=FLY 2000 TV v2.38 RC2
"HD Tune Pro_is1"=HD Tune Pro 3.10
"HijackThis"=HijackThis 2.0.2
"IDNMitigationAPIs"=Microsoft Internationalized Domain Names Mitigation APIs
"ie7"=Windows Internet Explorer 7
"InstallShield_{A662E280-64A8-4CF5-8407-13D0808602B3}"=Call of Duty - United Offensive
"Malwarebytes' Anti-Malware_is1"=Malwarebytes' Anti-Malware
"Mozilla Firefox (3.0.4)"=Mozilla Firefox (3.0.4)
"NLSDownlevelMapping"=Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers"=NVIDIA Drivers
"Teamspeak 2 RC2_is1"=TeamSpeak 2 RC2
"VLC media player"=VideoLAN VLC media player 0.8.6a
"WinRAR archiver"=WinRAR archiver
"Xfire"=Xfire (remove only)
"Yahoo! Messenger"=Yahoo! Messenger

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 12/1/2008 9:15:11 AM | Computer Name = ANDY-65D25A1FE7 | Source = Application Hang | ID = 1002
Description = Hanging application YahooMessenger.exe, version 9.0.0.2034, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 12/1/2008 9:19:07 AM | Computer Name = ANDY-65D25A1FE7 | Source = EventSystem | ID = 4609
Description = The COM+ Event System detected a bad return code during its internal
processing. HRESULT was 800706BA from line 44 of d:\qxp_slp\com\com1x\src\events\tier1\eventsystemobj.cpp.
Please contact Microsoft Product Support Services to report this erro

[ System Events ]
Error - 12/3/2008 1:18:17 AM | Computer Name = ANDY-65D25A1FE7 | Source = Service Control Manager | ID = 7001
Description = The DNS Client service depends on the TCP/IP Protocol Driver service
which failed to start because of the following error: %%31

Error - 12/3/2008 1:18:17 AM | Computer Name = ANDY-65D25A1FE7 | Source = Service Control Manager | ID = 7001
Description = The TCP/IP NetBIOS Helper service depends on the AFD service which
failed to start because of the following error: %%31

Error - 12/3/2008 1:18:17 AM | Computer Name = ANDY-65D25A1FE7 | Source = Service Control Manager | ID = 7001
Description = The IPSEC Services service depends on the IPSEC driver service which
failed to start because of the following error: %%31

Error - 12/3/2008 1:18:17 AM | Computer Name = ANDY-65D25A1FE7 | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
AFD AmdK7 cmdGuard cmdHlp Fips IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss Tcpip

Error - 12/8/2008 7:36:21 AM | Computer Name = ANDY-65D25A1FE7 | Source = W32Time | ID = 39452689
Description = Time Provider NtpClient: An error occurred during DNS lookup of the
manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
again in 15 minutes. The error was: A socket operation was attempted to an unreachable
host. (0x80072751)

Error - 12/8/2008 7:36:21 AM | Computer Name = ANDY-65D25A1FE7 | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 14 minutes. NtpClient has no source of accurate
time.

Error - 12/8/2008 7:36:23 AM | Computer Name = ANDY-65D25A1FE7 | Source = W32Time | ID = 39452689
Description = Time Provider NtpClient: An error occurred during DNS lookup of the
manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
again in 15 minutes. The error was: A socket operation was attempted to an unreachable
host. (0x80072751)

Error - 12/8/2008 7:36:23 AM | Computer Name = ANDY-65D25A1FE7 | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 15 minutes. NtpClient has no source of accurate
time.

Error - 12/8/2008 7:38:35 AM | Computer Name = ANDY-65D25A1FE7 | Source = W32Time | ID = 39452689
Description = Time Provider NtpClient: An error occurred during DNS lookup of the
manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
again in 15 minutes. The error was: A socket operation was attempted to an unreachable
host. (0x80072751)

Error - 12/8/2008 7:38:35 AM | Computer Name = ANDY-65D25A1FE7 | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 14 minutes. NtpClient has no source of accurate
time.


< End of report >


I am going crazy :thumbsup: .I did not erase the files that Ad-Aware found as i am waiting for you to tell me if it is safe to remove them with Ad-Aware or i should remove them with another program.

With regards,
Andy8

#12 Andy8

Andy8
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:01:31 AM

Posted 15 December 2008 - 09:25 AM

I know that this may sound crazy,but sometimes my windows makes an sound like an finished task or an error i don't know how to explain...so when i look at my desktop nothing appears but the sound is coming up at different times...could it be an action of the backdoor trojan?

#13 extremeboy

extremeboy

  • Malware Response Team
  • 12,975 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:31 PM

Posted 15 December 2008 - 01:13 PM

Hello Andy8.

I am going crazy .I did not erase the files that Ad-Aware found as i am waiting for you to tell me if it is safe to remove them with Ad-Aware or i should remove them with another program.

With regards,
Andy8

Thanks for asking me first and giving me the logs as well.

I'll give you a brief explanation of what Ad-aware found so you understand a bit and to remove some of the confusion you may have.

Ad-aware found the following:
-some tracking cookies
-Found some system restore infection in the System Volume Information folder, that will be cleared after purging a new system restore and removing the older ones. <- Important
-It found a file related to SDfix.
-Finally, it found some "bad" registry itmes.


Tracking cookies are:

Cookies are text string messages given to a Web browser by a Web server. Whenever you visit a web page or navigate different pages with your browser, the web site generates a unique ID number which your browser stores in a text (cookie) file that is sent back to the server each time the browser requests a page from that server. Cookies allow third-party providers such as ad serving networks, spyware or adware providers to track personal information. The main purpose of cookies is to identify users and prepare customized Web pages for them.

The type of cookie that is a cause for some concern are "tracking cookies" because they can be considered a privacy risk. These types of cookies are used to track your Web browsing habits (your movement from site to site). Ad companies use them to record your activity on all sites where they have placed ads. They can keep count of how many times you visited a web page, store your username and password so you don't have to log in and retain your custom settings. When you visit one of these sites, a cookie is placed on your computer. Each time you visit another site that hosts one of their ads, that same cookie is read, and soon they have assembled a list of which of their sites you have visited and which of their ads that you have clicked on. They are used all over the Internet and advertisement companies often plant them whenever your browser loads one of their banners. Cookies are NOT a "threat". As text files they cannot be executed to cause any damage. Cookies do not cause any pop ups nor do they install malware.

As long as you surf the Internet, you are going to get cookies and some of your security programs will flag them for removal. However, you can minimize this by reading "Blocking & Managing Unwanted Cookies" and "Block Third-Party Cookies in IE7".


The system restore infection are some infected system restore in the System Volume Information folder, this is bad because if you were to restore back to a later point you would be infected.

As I said it can be removed easily you can let Ad-aware remove them too. :)

The answer to your question would be Yes, please allow Ad-aware to Remove them those files/registry items.

The only "problem" is that i am playing this game online and that is why i needed that minimizer which was infected,because it minimizes the game,so that i can answer to a person on the chat while i am still playing the game.

My suggestion would be stay away from that file then, I would believe that the program itself is good, since you didn't have any problems with it. You can still play your game but avoid using that file to talk unless you have to but then I can't help you if that is your decision.

Therefore, you don't need to remove the game but you should stay away from that "backdoor" file please as it may potentially be dangerous.

I also just saw another post of yours:

I know that this may sound crazy,but sometimes my windows makes an sound like an finished task or an error i don't know how to explain...so when i look at my desktop nothing appears but the sound is coming up at different times...could it be an action of the backdoor trojan?

Sounds strange, but I doubt it. It may be though. Do you mean you get an error saying to end a processes? If it is that, that is probably normal, because sometimes windows can't stop it and you need to end it manually.

You look clean from all the logs. If you are referring to the sounds of error, I'm not sure but seems mysterious, however I wouldn't think the "backdoor" trojan did that. It may be related some drivers, because I had something similar to that before as well.

Any Other Problems you still have?


If you follow my instructions above, then you should be clean now. We need to do some cleanup and create a system restore as I said before, you ensure you are clean and secure :)

Congratulations! You now appear clean! :)

Now that you are clean, please follow these simple steps in order to keep your computer clean and secure:

Run Cleanup with OTViewIT

We will remove the leftover tool we have used.
  • Please double click on OTViewit.exe.
  • At the Main Screen please click the CleanUp button.
  • Follow the prompts to remove the tool we have used including OTViewIT.
Note: If it requires a reboot please do so.

Create a New System Restore Point

Now you should Create a New Restore Point to prevent possible reinfection from an old one. Some of the malware you picked up could have been saved in System Restore. Since this is a protected directory your tools cannot access to delete these files, they sometimes can reinfect your system if you accidentally use an old restore point. Setting a new restore point AFTER cleaning your system will help prevent this and enable your computer to "roll-back" to a clean working state.

The easiest and safest way to do this is:
  • Go to Start > Programs > Accessories > System Tools and click "System Restore".
  • Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". Give the R.P. a name, then click "Create". The new point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.
  • Then use Disk Cleanup to remove all but the most recently created Restore Point.
  • Go to Start > Run and type: Cleanmgr
  • Click "Ok"
  • Disk Cleanup will scan your files for several minutes, then open.
  • Click the "More Options" Tab.
  • Click the "Clean up" button under System Restore.
  • Click Ok. You will be prompted with "Are you sure you want to delete all but the most recent restore point?"
  • Click Yes, then click Ok.
  • Click Yes again when prompted with "Are you sure you want to perform these actions?"
  • Disk Cleanup will remove the files and close automatically.
Vista Users can refer to these links: Create a New Restore Point and Disk Cleanup.

Install Antivirus

An anti-virus is essential in keeping your computer safe while surfing the Internet. Please install a free anti-virus program:Preventing Infections in the Future

Please also have a look at the following links, giving some advice and Tips to protect yourself against malware and reduce the potential for re-infection:
  • Avoid gaming sites, underground web pages, pirated software sites, and peer-to-peer (P2P) file sharing programs. They are a security risk which can make your computer susceptible to a smörgåsbord of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites. Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users. The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications. Read P2P Software User Advisories and Risks of File-Sharing Technology.
I recommend you regularly visit the Windows Update Site!
  • Lots of Hacking/Trojans use the methods found (plugged by the updates) that have not been stopped by people not updating.
  • By updating your machine, you have one less headache! Posted Image
  • Update ALL Critical updates and any other Windows updates for services/programs that you use.
  • If you wish, you can also use automatic updates. This is a good thing to have if you want to be up-to-date all the time, but can also be a bit of an annoyance due to its handling and the sizes of the updates. If you wish to turn on automatic updates then you will find here is a nice little article about turning on automatic updates.
  • Note that it will download them for you, but you still have to actually click install.
  • If you do not want to have automatic updates turned on, or are on dial-up, you can always download updates seperately at: http://windowsupdate.microsoft.com.
It is also a good idea to check for the latest versions of commonly installed applications that are regularly patched to fix vulnerabilities. You can check these by visiting Secunia Software Inspector and Calendar of Updates.

For a nice list of freeware programmes in all categories, please have a look at this thread with freeware products that are regarded as useful by the users of this forum: Commonly Used Freeware Replacements.

Update all programs regularly - Make sure you update all the programs you have installed regularly. Without regular updates you WILL NOT be protected when new malicious programs are released.

Follow this list and your potential for being infected again will reduce dramatically.

Finally, and definitely the MOST IMPORTANT step, click on the following tutorial and follow each step listed there:

Simple and easy ways to keep your computer safe and secure on the Internet


Glad I was able to help and thank you for choosing Bleeping Computer as you malware removal source.
Don't forget to tell your friends about us and Good luck :thumbsup:


If you have no more questions, comments or problems please tell us, so we can close off the topic.

Thanks :)

With Regards,
Extremeboy
Note: Please do not PM me asking for help, instead please post it in the correct forum requesting for help. Help requests via the PM system will be ignored.

If I'm helping you and I don't reply within 48 hours please feel free to send me a PM.

The help you receive here is always free but if you wish to show your appreciation, you may wish to Posted Image.

#14 Andy8

Andy8
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:01:31 AM

Posted 19 December 2008 - 06:41 PM

Hello extremeboy,
Please excuse my late answer,as i have been busy these days.I did everything you said and now everything looks ok.I would have one more question and after you can close this topic:can you recommend me a program that could scan after viruses/malware on my CD/DVD's?I often get them from my friends and some do have some viruses written on it and i wouldn't like that my system would be infected again.Thanks a lot for your support and you can close this topic after you give me an answer.

With regards and wishing you all Merry Christmas,
Andy8

#15 extremeboy

extremeboy

  • Malware Response Team
  • 12,975 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:31 PM

Posted 19 December 2008 - 08:49 PM

Hello Andy8.

Hello extremeboy,
Please excuse my late answer,as i have been busy these days.I did everything you said and now everything looks ok.I would have one more question and after you can close this topic:can you recommend me a program that could scan after viruses/malware on my CD/DVD's?I often get them from my friends and some do have some viruses written on it and i wouldn't like that my system would be infected again.Thanks a lot for your support and you can close this topic after you give me an answer.

With regards and wishing you all Merry Christmas,
Andy8

Don't worry regardin the delay, I have been fairly busy myself these weeks for coming up exams etc...

Regarding to your quesion.

In my prevention speech in my previous post, I told you to install an Anti-Virus program. You can use that to scan for any thing including CD's/flash-drives. You will need to plug it in and then let it scan or if you just want to scan that one drive, usually you can right-click on that drive and click scan with xxxxx. The xxxx represents the anti-virus program you may have installed. That option usually is there when you install an Anti-Virus program unless you took it out or you don't wish to have it there. You can always choose what to scan in your anti-virus software settings. :)

You also have Malwarebytes' Anti-Malware installed so you can also use that to scan for your flashdrives/CD's with it. I personally don't have a specfic tool that I use to scan for any flash-drives or CD's. If I were to scan it, I'll just use my anti-virus scanner and/or my anti-spyware scanner(Eg: Malwarebytes Anti-malware or Superantispyware or AVG 8.0)

Does that help?

Any other questions or concerns? I'm not going to close this topic yet, just encase you have any leftover question or anything you want to ask regarding my answer :)

Hope you have a Merry Chirstmas :thumbsup:

With Regards,
Extremeboy
Note: Please do not PM me asking for help, instead please post it in the correct forum requesting for help. Help requests via the PM system will be ignored.

If I'm helping you and I don't reply within 48 hours please feel free to send me a PM.

The help you receive here is always free but if you wish to show your appreciation, you may wish to Posted Image.