Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

C:\resycled\boot.com.au is not a valid Win32 Application error when trying to open C: drive


  • This topic is locked This topic is locked
14 replies to this topic

#1 catamongthebats

catamongthebats

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:08:23 AM

Posted 19 December 2008 - 01:49 AM

Hi, I started having problem on my laptop. When I tried to go to microsoft update I got redirected to MSN.com instead. I have Zone Alarm Security Suite installed which picked up a couple of spy cookies as did Spy Sweeper but nothing bigger or badder, then the laptop started freezing up constantly.
I have a new desktop computer now and used an external hard drive to transfer some program setup files. I scanned them first with Zone Alarm and as all seemed safe I loaded them all in. Now, when I try to access my C: drive through My Computer I get the message C:|resycled\boot.com.au is not a valid Win32 application. However, I can access the drive by right clicking and selecting explore. I'm assuming as the computer is brand new that I transferred a bug over either on my external hard drive or in one of the setup files. I'm unsure how to go about fixing this problem. The laptop I can re-format, but I'd like to get the desktop cleaned up.
This may be information overkill but I installed;
Mailwasher, DVDFAB 5.0.6.0, MediaMonkey, Itunes, Comic Collector, DazStudio and Microsoft Office 2007. All of the files except Office were installed from setup files I had saved to the external hard drive when I first downloaded them. I have not installed any of My Documents yet, but I did transfer all my music files over.

I attempted the Kaspersky scan but it said it was unable to complete as it couldn't update. I'm not sure if that is connected to the issue or if I configured my internet settings incorrectly when I set up. I'm having trouble updating from within programs. I can access the internet and browse just fine but things like Zone Alarm Anti Virus can't update, saying I have no connection.

The computer specs are : Systemax E7300 DDR, Intel Core Duo 2.66 GHz 3MB Processor, 4 GB RAM, 1TB SATA2 WD Hard Drive 16 MB Cache. Running Windows XP Service pack 3.

Any help will be much appreciated. Thanks.

RSIT Log.

Logfile of random's system information tool 1.05 (written by random/random)
Run by user at 2008-12-19 17:17:53
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 938 GB (98%) free of 954 GB
Total RAM: 3583 MB (80% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:17:54 PM, on 12/19/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
C:\Program Files\Nero\Nero 7\InCD\InCD.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\user\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\user.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [HDAudDeck] "C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe" 1
O4 - HKLM\..\Run: [NvCplDaemon] "C:\WINDOWS\system32\RUNDLL32.EXE" C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] "C:\WINDOWS\system32\nwiz.exe" /install
O4 - HKLM\..\Run: [NvMediaCenter] "C:\WINDOWS\system32\RUNDLL32.EXE" C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] "C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe"
O4 - HKLM\..\Run: [SecurDisc] "C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe"
O4 - HKLM\..\Run: [InCD] "C:\Program Files\Nero\Nero 7\InCD\InCD.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [LightScribe Control Panel] "C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe" -hidden
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] "C:\WINDOWS\system32\ctfmon.exe"
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://dl8-cdn-01.sun.com/s/ESD5/JSCDL/jre...ows-i586-jc.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{7C9A52C0-B1B6-41D3-8C8D-E9F2EBEB99ED}: NameServer = 85.255.116.102;85.255.112.199
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.116.102;85.255.112.199
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.116.102;85.255.112.199
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.116.102;85.255.112.199
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. (www.webroot.com) - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe

--
End of file - 6838 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\wrSpySweeperFullSweep.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java™ Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-12-19 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java™ Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-12-19 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-12-19 73728]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"=C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe [2008-04-10 29757440]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-06-26 13529088]
"nwiz"=C:\WINDOWS\system32\nwiz.exe [2008-06-26 1630208]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-06-26 86016]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]
"SecurDisc"=C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe [2007-06-25 1629480]
"InCD"=C:\Program Files\Nero\Nero 7\InCD\InCD.exe [2007-06-25 1057064]
"ZoneAlarm Client"=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2008-10-09 981904]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2008-11-04 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-11-20 290088]
"SpySweeper"=C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe [2008-08-14 5418864]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2008-12-19 136600]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2007-08-23 455968]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-06-27 152872]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WebrootSpySweeperService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WebrootSpySweeperService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\Installation\Setupx.exe"="D:\Installation\Setupx.exe:*:Enabled:Nero ProductSetup"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1d0e27a0-cd0d-11dd-929d-806d6172696f}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL resycled\boot.com c:
shell\Open\command - "resycled\boot.com

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c2e592dc-cd6d-11dd-961d-002215ba7042}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL resycled\boot.com e:
shell\Open\command - E:\resycled\boot.com e:

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c2e592de-cd6d-11dd-961d-002215ba7042}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL resycled\boot.com f:
shell\Open\command - F:\resycled\boot.com f:


======List of files/folders created in the last 1 months======

2008-12-19 17:17:53 ----D---- C:\rsit
2008-12-19 17:01:38 ----D---- C:\WINDOWS\Sun
2008-12-19 17:01:30 ----A---- C:\WINDOWS\system32\javaws.exe
2008-12-19 17:01:30 ----A---- C:\WINDOWS\system32\javaw.exe
2008-12-19 17:01:30 ----A---- C:\WINDOWS\system32\java.exe
2008-12-19 17:01:30 ----A---- C:\WINDOWS\system32\deploytk.dll
2008-12-19 17:01:25 ----D---- C:\Program Files\Java
2008-12-19 16:57:15 ----D---- C:\Documents and Settings\user\Application Data\Sun
2008-12-19 16:50:31 ----D---- C:\Program Files\Trend Micro
2008-12-19 16:25:45 ----A---- C:\WINDOWS\system32\dzwrapper.dll
2008-12-19 16:25:45 ----A---- C:\WINDOWS\system32\dzcore.dll
2008-12-19 16:25:45 ----A---- C:\WINDOWS\system32\dzcarrara.dll
2008-12-19 16:25:44 ----A---- C:\WINDOWS\system32\dzbryce6.dll
2008-12-19 16:25:44 ----A---- C:\WINDOWS\system32\dz3delight.dll
2008-12-19 16:25:44 ----A---- C:\WINDOWS\system32\daz-qt-mt.dll
2008-12-19 16:25:44 ----A---- C:\WINDOWS\system32\daz-qsa.dll
2008-12-19 16:25:20 ----D---- C:\Program Files\DAZ
2008-12-19 16:25:20 ----D---- C:\Program Files\Common Files\DAZ
2008-12-19 16:21:22 ----D---- C:\Program Files\Webroot
2008-12-19 16:21:22 ----D---- C:\Documents and Settings\user\Application Data\Webroot
2008-12-19 16:21:22 ----D---- C:\Documents and Settings\All Users\Application Data\Webroot
2008-12-19 16:21:22 ----A---- C:\WINDOWS\WRSetup.dll
2008-12-19 16:12:13 ----D---- C:\Program Files\SonicWallES
2008-12-19 16:04:48 ----D---- C:\Program Files\MSBuild
2008-12-19 16:04:44 ----D---- C:\Program Files\Microsoft Visual Studio
2008-12-19 16:04:44 ----D---- C:\Program Files\Common Files\DESIGNER
2008-12-19 16:02:21 ----D---- C:\WINDOWS\SHELLNEW
2008-12-19 16:02:07 ----D---- C:\Program Files\Microsoft Office
2008-12-19 16:02:07 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-12-19 16:01:49 ----RHD---- C:\MSOCache
2008-12-19 15:53:54 ----D---- C:\Documents and Settings\user\Application Data\Apple Computer
2008-12-19 15:53:49 ----A---- C:\WINDOWS\system32\GEARAspi.dll
2008-12-19 15:53:42 ----D---- C:\Program Files\iPod
2008-12-19 15:53:41 ----D---- C:\Program Files\iTunes
2008-12-19 15:53:41 ----D---- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-12-19 15:53:33 ----D---- C:\Program Files\Bonjour
2008-12-19 15:53:20 ----D---- C:\Program Files\QuickTime
2008-12-19 15:53:20 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-12-19 15:53:13 ----D---- C:\Program Files\Apple Software Update
2008-12-19 15:53:04 ----D---- C:\Program Files\Common Files\Apple
2008-12-19 15:53:04 ----D---- C:\Documents and Settings\All Users\Application Data\Apple
2008-12-19 15:47:59 ----D---- C:\WINDOWS\Minidump
2008-12-19 15:46:44 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$
2008-12-19 15:12:54 ----D---- C:\Documents and Settings\user\Application Data\Vso
2008-12-19 15:12:54 ----A---- C:\Documents and Settings\user\Application Data\inst.exe
2008-12-19 15:12:49 ----D---- C:\Program Files\DVDFab 5
2008-12-19 14:13:18 ----A---- C:\rollback.ini
2008-12-19 13:42:25 ----D---- C:\WINDOWS\system32\PreInstall
2008-12-19 13:42:23 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2008-12-19 13:33:22 ----D---- C:\Documents and Settings\user\Application Data\MailFrontier
2008-12-19 13:24:43 ----D---- C:\Documents and Settings\All Users\Application Data\MailFrontier
2008-12-19 13:24:37 ----A---- C:\WINDOWS\zllsputility.exe
2008-12-19 13:24:34 ----A---- C:\WINDOWS\system32\vsregexp.dll
2008-12-19 13:24:33 ----A---- C:\WINDOWS\system32\zlcommdb.dll
2008-12-19 13:24:33 ----A---- C:\WINDOWS\system32\zlcomm.dll
2008-12-19 13:24:31 ----A---- C:\WINDOWS\system32\vswmi.dll
2008-12-19 13:24:30 ----D---- C:\WINDOWS\system32\ZoneLabs
2008-12-19 13:24:30 ----D---- C:\Program Files\Zone Labs
2008-12-19 13:24:30 ----A---- C:\WINDOWS\system32\zpeng25.dll
2008-12-19 13:24:30 ----A---- C:\WINDOWS\system32\vsxml.dll
2008-12-19 13:24:30 ----A---- C:\WINDOWS\system32\vspubapi.dll
2008-12-19 13:24:30 ----A---- C:\WINDOWS\system32\vsmonapi.dll
2008-12-19 13:23:57 ----A---- C:\WINDOWS\system32\vsutil.dll
2008-12-19 13:23:57 ----A---- C:\WINDOWS\system32\vsinit.dll
2008-12-19 13:23:57 ----A---- C:\WINDOWS\system32\vsdata.dll
2008-12-19 13:23:55 ----D---- C:\WINDOWS\Internet Logs
2008-12-19 13:21:21 ----RSHD---- C:\resycled
2008-12-19 13:18:14 ----D---- C:\Program Files\Collectorz.com
2008-12-19 13:15:23 ----D---- C:\Program Files\MediaMonkey
2008-12-19 13:13:37 ----D---- C:\Documents and Settings\user\Application Data\MailWasherPro
2008-12-19 13:13:36 ----D---- C:\Program Files\FireTrust
2008-12-19 13:04:53 ----SHD---- C:\RECYCLER
2008-12-19 12:37:08 ----A---- C:\WINDOWS\system32\wpa.bak
2008-12-19 12:16:15 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2008-12-19 09:06:31 ----A---- C:\WINDOWS\system32\chtbrkr.dll
2008-12-19 09:06:31 ----A---- C:\WINDOWS\system32\chsbrkr.dll
2008-12-19 09:06:30 ----A---- C:\WINDOWS\system32\msir3jp.dll
2008-12-19 09:06:30 ----A---- C:\WINDOWS\system32\korwbrkr.dll
2008-12-19 09:06:21 ----A---- C:\WINDOWS\system32\kbd101a.dll
2008-12-19 09:06:16 ----A---- C:\WINDOWS\system32\kbdnecNT.dll
2008-12-19 09:06:16 ----A---- C:\WINDOWS\system32\kbdnecAT.dll
2008-12-19 09:06:16 ----A---- C:\WINDOWS\system32\kbdnec95.dll
2008-12-19 09:06:06 ----A---- C:\WINDOWS\system32\c_is2022.dll
2008-12-19 09:06:04 ----A---- C:\WINDOWS\system32\uniime.dll
2008-12-19 09:05:59 ----A---- C:\WINDOWS\system32\c_g18030.dll
2008-12-19 09:05:58 ----A---- C:\WINDOWS\system32\kbdlk41j.dll
2008-12-19 09:05:58 ----A---- C:\WINDOWS\system32\kbdlk41a.dll
2008-12-19 09:05:58 ----A---- C:\WINDOWS\system32\kbdibm02.dll
2008-12-19 09:05:58 ----A---- C:\WINDOWS\system32\kbdax2.dll
2008-12-19 09:05:58 ----A---- C:\WINDOWS\system32\kbd106n.dll
2008-12-19 09:05:58 ----A---- C:\WINDOWS\system32\kbd101.dll
2008-12-19 09:05:58 ----A---- C:\WINDOWS\system32\f3ahvoas.dll
2008-12-19 09:05:57 ----A---- C:\WINDOWS\system32\imjp81k.dll
2008-12-19 09:05:09 ----A---- C:\WINDOWS\system32\kbdkor.dll
2008-12-19 09:05:09 ----A---- C:\WINDOWS\system32\kbdjpn.dll
2008-12-19 09:05:09 ----A---- C:\WINDOWS\system32\kbd103.dll
2008-12-19 09:05:09 ----A---- C:\WINDOWS\system32\kbd101c.dll
2008-12-19 09:05:07 ----A---- C:\WINDOWS\system32\kbd106.dll
2008-12-19 09:05:07 ----A---- C:\WINDOWS\system32\kbd101b.dll
2008-12-19 09:04:32 ----A---- C:\WINDOWS\system32\hidserv.dll
2008-12-19 01:16:29 ----A---- C:\WINDOWS\system32\h323log.txt
2008-12-19 01:13:22 ----A---- C:\WINDOWS\system32\usbui.dll
2008-12-19 01:12:39 ----A---- C:\WINDOWS\imsins.BAK
2008-12-19 01:12:37 ----SHD---- C:\WINDOWS\Installer
2008-12-19 01:12:37 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-12-19 01:12:36 ----D---- C:\Program Files\Common Files\ODBC
2008-12-19 01:12:36 ----A---- C:\WINDOWS\ODBCINST.INI
2008-12-19 01:12:34 ----RD---- C:\Program Files
2008-12-19 01:12:34 ----D---- C:\Program Files\Common Files\SpeechEngines
2008-12-19 01:12:34 ----D---- C:\Program Files\Common Files\Microsoft Shared
2008-12-19 01:12:34 ----D---- C:\Program Files\Common Files
2008-12-19 01:12:32 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2008-12-19 01:12:32 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2008-12-19 01:12:32 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2008-12-19 01:12:31 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2008-12-19 01:12:31 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2008-12-19 01:12:31 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2008-12-19 01:12:31 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2008-12-19 01:12:31 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2008-12-19 01:12:31 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2008-12-19 01:12:30 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2008-12-19 01:12:30 ----RA---- C:\WINDOWS\system32\kbdur.dll
2008-12-19 01:12:30 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2008-12-19 01:12:30 ----RA---- C:\WINDOWS\system32\kbdru.dll
2008-12-19 01:12:30 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2008-12-19 01:12:30 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2008-12-19 01:12:29 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2008-12-19 01:12:29 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2008-12-19 01:12:29 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2008-12-19 01:12:29 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2008-12-19 01:12:29 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2008-12-19 01:12:29 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2008-12-19 01:12:29 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2008-12-19 01:12:28 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2008-12-19 01:12:28 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2008-12-19 01:12:28 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2008-12-19 01:12:28 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2008-12-19 01:12:28 ----RA---- C:\WINDOWS\system32\kbdest.dll
2008-12-19 01:12:27 ----RA---- C:\WINDOWS\system32\kbdycl.dll
2008-12-19 01:12:27 ----RA---- C:\WINDOWS\system32\kbdsl1.dll
2008-12-19 01:12:27 ----RA---- C:\WINDOWS\system32\kbdsl.dll
2008-12-19 01:12:27 ----RA---- C:\WINDOWS\system32\kbdro.dll
2008-12-19 01:12:27 ----RA---- C:\WINDOWS\system32\kbdpl1.dll
2008-12-19 01:12:27 ----RA---- C:\WINDOWS\system32\kbdpl.dll
2008-12-19 01:12:27 ----RA---- C:\WINDOWS\system32\kbdhu1.dll
2008-12-19 01:12:27 ----RA---- C:\WINDOWS\system32\kbdhu.dll
2008-12-19 01:12:27 ----RA---- C:\WINDOWS\system32\kbdcz2.dll
2008-12-19 01:12:27 ----RA---- C:\WINDOWS\system32\kbdcz1.dll
2008-12-19 01:12:27 ----RA---- C:\WINDOWS\system32\kbdcz.dll
2008-12-19 01:12:27 ----RA---- C:\WINDOWS\system32\kbdcr.dll
2008-12-19 01:12:27 ----RA---- C:\WINDOWS\system32\KBDAL.DLL
2008-12-19 01:12:25 ----A---- C:\WINDOWS\system32\spxcoins.dll
2008-12-19 01:12:25 ----A---- C:\WINDOWS\system32\irclass.dll
2008-12-19 01:12:25 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2008-12-19 01:12:25 ----A---- C:\WINDOWS\system32\dgsetup.dll
2008-12-19 01:12:25 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2008-12-19 01:12:24 ----A---- C:\WINDOWS\TASKMAN.EXE
2008-12-19 01:12:23 ----N---- C:\WINDOWS\system32\CONFIG.TMP
2008-12-19 01:12:23 ----A---- C:\WINDOWS\system32\batt.dll
2008-12-19 01:12:23 ----A---- C:\WINDOWS\NOTEPAD.EXE
2008-12-19 01:12:22 ----A---- C:\WINDOWS\system32\storprop.dll
2008-12-19 01:12:16 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini
2008-12-19 01:12:14 ----RA---- C:\WINDOWS\SET8.tmp
2008-12-19 01:12:12 ----RA---- C:\WINDOWS\SET4.tmp
2008-12-19 01:12:11 ----RA---- C:\WINDOWS\SET3.tmp
2008-12-19 01:12:07 ----D---- C:\WINDOWS\system32\CatRoot2
2008-12-19 01:12:07 ----D---- C:\WINDOWS\system32\CatRoot
2008-12-19 01:12:02 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2008-12-19 01:11:44 ----A---- C:\WINDOWS\setuplog.txt
2008-12-19 01:11:42 ----SHD---- C:\System Volume Information
2008-12-19 01:11:42 ----D---- C:\Documents and Settings
2008-12-19 01:10:54 ----SH---- C:\boot.ini
2008-12-19 01:07:13 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-12-19 01:07:13 ----RSD---- C:\WINDOWS\Fonts
2008-12-19 01:07:13 ----RD---- C:\WINDOWS\Web
2008-12-19 01:07:13 ----HD---- C:\WINDOWS\inf
2008-12-19 01:07:13 ----D---- C:\WINDOWS\WinSxS
2008-12-19 01:07:13 ----D---- C:\WINDOWS\twain_32
2008-12-19 01:07:13 ----D---- C:\WINDOWS\Temp
2008-12-19 01:07:13 ----D---- C:\WINDOWS\system32\wins
2008-12-19 01:07:13 ----D---- C:\WINDOWS\system32\wbem
2008-12-19 01:07:13 ----D---- C:\WINDOWS\system32\usmt
2008-12-19 01:07:13 ----D---- C:\WINDOWS\system32\spool
2008-12-19 01:07:13 ----D---- C:\WINDOWS\system32\ShellExt
2008-12-19 01:07:13 ----D---- C:\WINDOWS\system32\Setup
2008-12-19 01:07:13 ----D---- C:\WINDOWS\system32\scripting
2008-12-19 01:07:13 ----D---- C:\WINDOWS\system32\ras
2008-12-19 01:07:13 ----D---- C:\WINDOWS\system32\oobe
2008-12-19 01:07:13 ----D---- C:\WINDOWS\system32\npp
2008-12-19 01:07:13 ----D---- C:\WINDOWS\system32\mui
2008-12-19 01:07:13 ----D---- C:\WINDOWS\system32\inetsrv
2008-12-19 01:07:13 ----D---- C:\WINDOWS\system32\IME
2008-12-19 01:07:13 ----D---- C:\WINDOWS\system32\icsxml
2008-12-19 01:07:13 ----D---- C:\WINDOWS\system32\ias
2008-12-19 01:07:13 ----D---- C:\WINDOWS\system32\export
2008-12-19 01:07:13 ----D---- C:\WINDOWS\system32\en
2008-12-19 01:07:13 ----D---- C:\WINDOWS\system32\drivers
2008-12-19 01:07:13 ----D---- C:\WINDOWS\system32\dhcp
2008-12-19 01:07:13 ----D---- C:\WINDOWS\system32\config
2008-12-19 01:07:13 ----D---- C:\WINDOWS\system32\3com_dmi
2008-12-19 01:07:13 ----D---- C:\WINDOWS\system32\3076
2008-12-19 01:07:13 ----D---- C:\WINDOWS\system32\2052
2008-12-19 01:07:13 ----D---- C:\WINDOWS\system32\1054
2008-12-19 01:07:13 ----D---- C:\WINDOWS\system32\1042
2008-12-19 01:07:13 ----D---- C:\WINDOWS\system32\1041
2008-12-19 01:07:13 ----D---- C:\WINDOWS\system32\1037
2008-12-19 01:07:13 ----D---- C:\WINDOWS\system32\1033
2008-12-19 01:07:13 ----D---- C:\WINDOWS\system32\1031
2008-12-19 01:07:13 ----D---- C:\WINDOWS\system32\1028
2008-12-19 01:07:13 ----D---- C:\WINDOWS\system32\1025
2008-12-19 01:07:13 ----D---- C:\WINDOWS\system32
2008-12-19 01:07:13 ----D---- C:\WINDOWS\system
2008-12-19 01:07:13 ----D---- C:\WINDOWS\security
2008-12-19 01:07:13 ----D---- C:\WINDOWS\Resources
2008-12-19 01:07:13 ----D---- C:\WINDOWS\repair
2008-12-19 01:07:13 ----D---- C:\WINDOWS\Provisioning
2008-12-19 01:07:13 ----D---- C:\WINDOWS\PeerNet
2008-12-19 01:07:13 ----D---- C:\WINDOWS\pchealth
2008-12-19 01:07:13 ----D---- C:\WINDOWS\Network Diagnostic
2008-12-19 01:07:13 ----D---- C:\WINDOWS\mui
2008-12-19 01:07:13 ----D---- C:\WINDOWS\msapps
2008-12-19 01:07:13 ----D---- C:\WINDOWS\msagent
2008-12-19 01:07:13 ----D---- C:\WINDOWS\Media
2008-12-19 01:07:13 ----D---- C:\WINDOWS\L2Schemas
2008-12-19 01:07:13 ----D---- C:\WINDOWS\java
2008-12-19 01:07:13 ----D---- C:\WINDOWS\ime
2008-12-19 01:07:13 ----D---- C:\WINDOWS\Help
2008-12-19 01:07:13 ----D---- C:\WINDOWS\Driver Cache
2008-12-19 01:07:13 ----D---- C:\WINDOWS\Debug
2008-12-19 01:07:13 ----D---- C:\WINDOWS\Cursors
2008-12-19 01:07:13 ----D---- C:\WINDOWS\Connection Wizard
2008-12-19 01:07:13 ----D---- C:\WINDOWS\Config
2008-12-19 01:07:13 ----D---- C:\WINDOWS\AppPatch
2008-12-19 01:07:13 ----D---- C:\WINDOWS\addins
2008-12-19 01:07:13 ----D---- C:\WINDOWS
2008-12-18 14:38:23 ----D---- C:\WINDOWS\WBEM
2008-12-18 14:37:32 ----HDC---- C:\WINDOWS\ie7
2008-12-18 14:37:25 ----HDC---- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
2008-12-18 14:37:18 ----N---- C:\WINDOWS\system32\spmsg.dll
2008-12-18 14:37:16 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2008-12-18 14:37:14 ----HDC---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
2008-12-18 14:37:09 ----HD---- C:\WINDOWS\$hf_mig$
2008-12-18 14:36:48 ----A---- C:\WINDOWS\system32\oeminfo.ini
2008-12-18 14:36:06 ----D---- C:\Program Files\Common Files\LightScribe
2008-12-18 14:35:34 ----D---- C:\Documents and Settings\user\Application Data\Ahead
2008-12-18 14:35:26 ----D---- C:\Documents and Settings\All Users\Application Data\Ahead
2008-12-18 14:33:28 ----D---- C:\Program Files\Nero
2008-12-18 14:33:28 ----D---- C:\Program Files\Common Files\Ahead
2008-12-18 14:33:28 ----D---- C:\Documents and Settings\All Users\Application Data\Nero
2008-12-18 14:33:07 ----D---- C:\WINDOWS\RegisteredPackages
2008-12-18 14:31:57 ----D---- C:\Program Files\My Company Name
2008-12-18 14:30:34 ----D---- C:\WINDOWS\nview
2008-12-18 14:30:34 ----A---- C:\WINDOWS\system32\nvudisp.exe
2008-12-18 14:30:32 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
2008-12-18 14:30:31 ----A---- C:\WINDOWS\system32\xinput1_2.dll
2008-12-18 14:30:31 ----A---- C:\WINDOWS\system32\xactengine2_2.dll
2008-12-18 14:30:30 ----A---- C:\WINDOWS\system32\xinput1_1.dll
2008-12-18 14:30:29 ----A---- C:\WINDOWS\system32\xactengine2_1.dll
2008-12-18 14:30:29 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2008-12-18 14:30:28 ----A---- C:\WINDOWS\system32\xactengine2_0.dll
2008-12-18 14:30:28 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll
2008-12-18 14:30:28 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
2008-12-18 14:30:28 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
2008-12-18 14:30:27 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
2008-12-18 14:30:26 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
2008-12-18 14:30:25 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
2008-12-18 14:30:25 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
2008-12-18 14:30:25 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
2008-12-18 14:29:45 ----A---- C:\WINDOWS\system32\NVUNINST.EXE
2008-12-18 14:28:11 ----D---- C:\WINDOWS\system32\Atheros_L1e
2008-12-18 14:27:09 ----D---- C:\WINDOWS\ASUSInstAll
2008-12-18 14:27:07 ----HD---- C:\Program Files\InstallShield Installation Information
2008-12-18 14:26:37 ----A---- C:\WINDOWS\system32\ksuser.dll
2008-12-18 14:26:30 ----N---- C:\WINDOWS\system32\difxapi.dll
2008-12-18 14:26:30 ----D---- C:\Program Files\VIA
2008-12-18 14:26:25 ----D---- C:\Program Files\Common Files\InstallShield
2008-12-18 14:24:36 ----D---- C:\WINDOWS\system32\ReinstallBackups
2008-12-18 14:24:35 ----DC---- C:\WINDOWS\system32\DRVSTORE
2008-12-18 14:24:34 ----D---- C:\Program Files\Intel
2008-12-18 14:24:25 ----D---- C:\Intel
2008-12-18 14:24:13 ----A---- C:\WINDOWS\Ascd_log.ini
2008-12-18 14:24:08 ----A---- C:\WINDOWS\Ascd_tmp.ini
2008-12-18 14:23:47 ----D---- C:\Documents and Settings\user\Application Data\Identities
2008-12-18 14:23:46 ----HD---- C:\Program Files\Uninstall Information
2008-12-18 14:23:43 ----ASH---- C:\Documents and Settings\user\Application Data\desktop.ini
2008-12-18 14:23:42 ----SD---- C:\Documents and Settings\user\Application Data\Microsoft
2008-12-18 14:23:11 ----D---- C:\WINDOWS\SoftwareDistribution
2008-12-18 14:23:10 ----D---- C:\WINDOWS\Prefetch
2008-12-18 14:23:09 ----SD---- C:\WINDOWS\system32\Microsoft
2008-12-18 14:23:09 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-12-18 14:20:43 ----D---- C:\WINDOWS\system32\xircom
2008-12-18 14:20:43 ----D---- C:\Program Files\xerox
2008-12-18 14:20:43 ----D---- C:\Program Files\microsoft frontpage
2008-12-18 14:20:36 ----A---- C:\WINDOWS\control.ini
2008-12-18 14:20:36 ----A---- C:\AUTOEXEC.BAT
2008-12-18 14:20:29 ----A---- C:\WINDOWS\OEWABLog.txt
2008-12-18 14:20:26 ----A---- C:\WINDOWS\system32\mapi32.dll
2008-12-18 14:19:53 ----SD---- C:\WINDOWS\Downloaded Program Files
2008-12-18 14:19:53 ----RD---- C:\WINDOWS\Offline Web Pages
2008-12-18 14:19:53 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2008-12-18 14:19:49 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2008-12-18 14:19:46 ----HD---- C:\Program Files\WindowsUpdate
2008-12-18 14:19:33 ----D---- C:\WINDOWS\system32\DirectX
2008-12-18 14:19:29 ----A---- C:\WINDOWS\system32\atrace.dll
2008-12-18 14:19:27 ----A---- C:\WINDOWS\system32\desktop.ini
2008-12-18 14:19:27 ----A---- C:\WINDOWS\desktop.ini
2008-12-18 14:19:22 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2008-12-18 14:19:21 ----A---- C:\WINDOWS\system32\acctres.dll
2008-12-18 14:19:20 ----D---- C:\Program Files\Common Files\Services
2008-12-18 14:19:18 ----SD---- C:\WINDOWS\Tasks
2008-12-18 14:19:18 ----D---- C:\Program Files\Common Files\MSSoap
2008-12-18 14:19:18 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2008-12-18 14:19:15 ----D---- C:\WINDOWS\system32\Macromed
2008-12-18 14:19:15 ----D---- C:\WINDOWS\srchasst
2008-12-18 14:19:13 ----A---- C:\WINDOWS\system32\wuweb.dll
2008-12-18 14:19:12 ----A---- C:\WINDOWS\system32\wups.dll
2008-12-18 14:19:12 ----A---- C:\WINDOWS\system32\wucltui.dll
2008-12-18 14:19:12 ----A---- C:\WINDOWS\system32\wuauserv.dll
2008-12-18 14:19:12 ----A---- C:\WINDOWS\system32\wuaueng1.dll
2008-12-18 14:19:12 ----A---- C:\WINDOWS\system32\wuaueng.dll
2008-12-18 14:19:12 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2008-12-18 14:19:12 ----A---- C:\WINDOWS\system32\wuauclt.exe
2008-12-18 14:19:12 ----A---- C:\WINDOWS\system32\wuapi.dll
2008-12-18 14:19:12 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2008-12-18 14:19:12 ----A---- C:\WINDOWS\system32\qmgr.dll
2008-12-18 14:19:12 ----A---- C:\WINDOWS\system32\bitsprx4.dll
2008-12-18 14:19:12 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2008-12-18 14:19:12 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2008-12-18 14:19:09 ----D---- C:\Program Files\Movie Maker
2008-12-18 14:18:56 ----A---- C:\WINDOWS\system32\safrslv.dll
2008-12-18 14:18:56 ----A---- C:\WINDOWS\system32\safrdm.dll
2008-12-18 14:18:56 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2008-12-18 14:18:56 ----A---- C:\WINDOWS\system32\racpldlg.dll
2008-12-18 14:18:54 ----D---- C:\WINDOWS\system32\Restore
2008-12-18 14:18:54 ----A---- C:\WINDOWS\system32\srsvc.dll
2008-12-18 14:18:54 ----A---- C:\WINDOWS\system32\srrstr.dll
2008-12-18 14:18:54 ----A---- C:\WINDOWS\system32\srclient.dll
2008-12-18 14:18:54 ----A---- C:\WINDOWS\system32\fltMc.exe
2008-12-18 14:18:54 ----A---- C:\WINDOWS\system32\fltlib.dll
2008-12-18 14:18:53 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2008-12-18 14:18:53 ----A---- C:\WINDOWS\system32\msconf.dll
2008-12-18 14:18:53 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2008-12-18 14:18:53 ----A---- C:\WINDOWS\system32\mnmdd.dll
2008-12-18 14:18:53 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2008-12-18 14:18:53 ----A---- C:\WINDOWS\system32\ils.dll
2008-12-18 14:18:51 ----D---- C:\Program Files\NetMeeting
2008-12-18 14:18:51 ----A---- C:\WINDOWS\system32\msoert2.dll
2008-12-18 14:18:51 ----A---- C:\WINDOWS\system32\msoeacct.dll
2008-12-18 14:18:50 ----A---- C:\WINDOWS\system32\inetres.dll
2008-12-18 14:18:50 ----A---- C:\WINDOWS\system32\inetcomm.dll
2008-12-18 14:18:49 ----D---- C:\Program Files\Outlook Express
2008-12-18 14:18:49 ----A---- C:\WINDOWS\system32\schedsvc.dll
2008-12-18 14:18:49 ----A---- C:\WINDOWS\system32\mstinit.exe
2008-12-18 14:18:49 ----A---- C:\WINDOWS\system32\mstask.dll
2008-12-18 14:18:48 ----A---- C:\WINDOWS\system32\isign32.dll
2008-12-18 14:18:48 ----A---- C:\WINDOWS\system32\inetcfg.dll
2008-12-18 14:18:48 ----A---- C:\WINDOWS\system32\icwphbk.dll
2008-12-18 14:18:48 ----A---- C:\WINDOWS\system32\icwdial.dll
2008-12-18 14:18:44 ----D---- C:\Program Files\Common Files\System
2008-12-18 14:18:41 ----D---- C:\Program Files\Internet Explorer
2008-12-18 14:18:30 ----D---- C:\Program Files\ComPlus Applications
2008-12-18 14:18:29 ----A---- C:\WINDOWS\vbaddin.ini
2008-12-18 14:18:29 ----A---- C:\WINDOWS\vb.ini
2008-12-18 14:18:25 ----D---- C:\WINDOWS\Registration
2008-12-18 14:18:04 ----D---- C:\Program Files\Windows Media Player
2008-12-18 14:18:04 ----D---- C:\Program Files\Online Services
2008-12-18 14:18:00 ----D---- C:\Program Files\Messenger
2008-12-18 14:17:57 ----D---- C:\Program Files\MSN Gaming Zone
2008-12-18 14:17:57 ----A---- C:\WINDOWS\system32\write.exe
2008-12-18 14:17:51 ----A---- C:\WINDOWS\system32\sndvol32.exe
2008-12-18 14:17:51 ----A---- C:\WINDOWS\system32\hticons.dll
2008-12-18 14:17:50 ----A---- C:\WINDOWS\system32\winchat.exe
2008-12-18 14:17:50 ----A---- C:\WINDOWS\system32\avwav.dll
2008-12-18 14:17:50 ----A---- C:\WINDOWS\system32\avtapi.dll
2008-12-18 14:17:50 ----A---- C:\WINDOWS\system32\avmeter.dll
2008-12-18 14:17:46 ----A---- C:\WINDOWS\system32\getuname.dll
2008-12-18 14:17:45 ----A---- C:\WINDOWS\system32\winmine.exe
2008-12-18 14:17:45 ----A---- C:\WINDOWS\system32\sol.exe
2008-12-18 14:17:45 ----A---- C:\WINDOWS\system32\mshearts.exe
2008-12-18 14:17:45 ----A---- C:\WINDOWS\system32\freecell.exe
2008-12-18 14:17:45 ----A---- C:\WINDOWS\system32\charmap.exe
2008-12-18 14:17:45 ----A---- C:\WINDOWS\system32\calc.exe
2008-12-18 14:17:44 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2008-12-18 14:17:44 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2008-12-18 14:17:44 ----A---- C:\WINDOWS\system32\tslabels.ini
2008-12-18 14:17:44 ----A---- C:\WINDOWS\system32\tskill.exe
2008-12-18 14:17:44 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2008-12-18 14:17:44 ----A---- C:\WINDOWS\system32\tscon.exe
2008-12-18 14:17:44 ----A---- C:\WINDOWS\system32\shadow.exe
2008-12-18 14:17:44 ----A---- C:\WINDOWS\system32\rwinsta.exe
2008-12-18 14:17:44 ----A---- C:\WINDOWS\system32\reset.exe
2008-12-18 14:17:44 ----A---- C:\WINDOWS\system32\regini.exe
2008-12-18 14:17:44 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2008-12-18 14:17:44 ----A---- C:\WINDOWS\system32\qwinsta.exe
2008-12-18 14:17:44 ----A---- C:\WINDOWS\system32\qappsrv.exe
2008-12-18 14:17:44 ----A---- C:\WINDOWS\system32\msg.exe
2008-12-18 14:17:44 ----A---- C:\WINDOWS\system32\logoff.exe
2008-12-18 14:17:44 ----A---- C:\WINDOWS\system32\cdmodem.dll
2008-12-18 14:17:43 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2008-12-18 14:17:40 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2008-12-18 14:17:34 ----D---- C:\Program Files\MSN
2008-12-18 14:17:33 ----A---- C:\WINDOWS\system32\sndrec32.exe
2008-12-18 14:17:33 ----A---- C:\WINDOWS\system32\mplay32.exe
2008-12-18 14:17:33 ----A---- C:\WINDOWS\system32\hypertrm.dll
2008-12-18 14:17:33 ----A---- C:\WINDOWS\system32\accwiz.exe
2008-12-18 14:17:32 ----D---- C:\Program Files\Windows NT
2008-12-18 14:17:32 ----A---- C:\WINDOWS\system32\spider.exe
2008-12-18 14:17:32 ----A---- C:\WINDOWS\system32\mspaint.exe
2008-12-18 14:17:32 ----A---- C:\WINDOWS\system32\clipbrd.exe
2008-12-18 14:17:31 ----D---- C:\WINDOWS\system32\en-US
2008-12-18 14:17:31 ----A---- C:\WINDOWS\system32\tsgqec.dll
2008-12-18 14:17:31 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2008-12-18 14:17:31 ----A---- C:\WINDOWS\system32\rhttpaa.dll
2008-12-18 14:17:31 ----A---- C:\WINDOWS\system32\aaclient.dll
2008-12-18 14:17:30 ----A---- C:\WINDOWS\system32\termsrv.dll
2008-12-18 14:17:30 ----A---- C:\WINDOWS\system32\sessmgr.exe
2008-12-18 14:17:30 ----A---- C:\WINDOWS\system32\remotepg.dll
2008-12-18 14:17:30 ----A---- C:\WINDOWS\system32\rdshost.exe
2008-12-18 14:17:30 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2008-12-18 14:17:30 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2008-12-18 14:17:30 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2008-12-18 14:17:30 ----A---- C:\WINDOWS\system32\rdpclip.exe
2008-12-18 14:17:30 ----A---- C:\WINDOWS\system32\rdchost.dll
2008-12-18 14:17:30 ----A---- C:\WINDOWS\system32\qprocess.exe
2008-12-18 14:17:30 ----A---- C:\WINDOWS\system32\mstscax.dll
2008-12-18 14:17:30 ----A---- C:\WINDOWS\system32\mstsc.exe
2008-12-18 14:17:29 ----D---- C:\WINDOWS\system32\MsDtc
2008-12-18 14:17:29 ----A---- C:\WINDOWS\system32\xolehlp.dll
2008-12-18 14:17:29 ----A---- C:\WINDOWS\system32\mtxoci.dll
2008-12-18 14:17:29 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2008-12-18 14:17:29 ----A---- C:\WINDOWS\system32\msdtctm.dll
2008-12-18 14:17:29 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2008-12-18 14:17:29 ----A---- C:\WINDOWS\system32\msdtclog.dll
2008-12-18 14:17:29 ----A---- C:\WINDOWS\system32\msdtc.exe
2008-12-18 14:17:29 ----A---- C:\WINDOWS\system32\icaapi.dll
2008-12-18 14:17:29 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2008-12-18 14:17:28 ----D---- C:\WINDOWS\system32\Com
2008-12-18 14:17:28 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2008-12-18 14:17:28 ----A---- C:\WINDOWS\system32\mtxex.dll
2008-12-18 14:17:28 ----A---- C:\WINDOWS\system32\mtxdm.dll
2008-12-18 14:17:28 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2008-12-18 14:17:28 ----A---- C:\WINDOWS\system32\comrepl.dll
2008-12-18 14:17:28 ----A---- C:\WINDOWS\system32\comaddin.dll
2008-12-18 14:17:28 ----A---- C:\WINDOWS\system32\colbact.dll
2008-12-18 14:17:27 ----A---- C:\WINDOWS\system32\stclient.dll
2008-12-18 14:17:27 ----A---- C:\WINDOWS\system32\comuid.dll
2008-12-18 14:17:27 ----A---- C:\WINDOWS\system32\comsvcs.dll
2008-12-18 14:17:27 ----A---- C:\WINDOWS\system32\comsnap.dll
2008-12-18 14:17:27 ----A---- C:\WINDOWS\system32\clbcatex.dll
2008-12-18 14:17:27 ----A---- C:\WINDOWS\system32\catsrvut.dll
2008-12-18 14:17:27 ----A---- C:\WINDOWS\system32\catsrvps.dll
2008-12-18 14:17:27 ----A---- C:\WINDOWS\system32\catsrv.dll
2008-12-18 14:17:26 ----A---- C:\WINDOWS\system32\clbcatq.dll
2008-12-18 14:17:23 ----A---- C:\WINDOWS\system32\servdeps.dll
2008-12-18 14:17:23 ----A---- C:\WINDOWS\system32\mmfutil.dll
2008-12-18 14:17:22 ----A---- C:\WINDOWS\system32\licwmi.dll
2008-12-18 14:17:22 ----A---- C:\WINDOWS\system32\cmprops.dll

======List of files/folders modified in the last 1 months======

2008-12-19 16:02:27 ----A---- C:\WINDOWS\win.ini
2008-12-19 01:12:33 ----A---- C:\WINDOWS\system.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 InCDPass;InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys [2007-06-25 36776]
R1 incdrm;InCD Reader; C:\WINDOWS\system32\drivers\InCDRm.sys [2007-06-25 38440]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 36352]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 KLIF;KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [2008-09-18 148496]
R1 vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.sys [2008-10-09 353680]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 L1e;Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\WINDOWS\system32\DRIVERS\l1e51x86.sys [2008-03-11 36864]
R3 monfilt;monfilt; C:\WINDOWS\system32\drivers\monfilt.sys [2008-02-14 1389056]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-06-26 6555168]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2008-12-19 47360]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\WINDOWS\system32\drivers\viahduaa.sys [2008-02-14 222976]
R4 InCDfs;InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys [2007-06-25 119080]
S3 MagicTune;MagicTune; C:\WINDOWS\system32\drivers\MTiCtwl.sys []
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2008-11-07 32000]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-11-07 132424]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 InCDsrv;InCD Helper; C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe [2007-06-25 1552680]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-12-19 152984]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-08-23 79136]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-06-26 159812]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912]
R2 WebrootSpySweeperService;Webroot Spy Sweeper Engine; C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe [2008-08-09 3585384]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2008-11-20 536872]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S2 vsmon;TrueVector Internet Monitor; C:\WINDOWS\system32\ZoneLabs\vsmon.exe [2008-10-09 2405776]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-06-29 800040]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

-----------------EOF-----------------

info.txt logfile of random's system information tool 1.05 2008-12-19 17:17:54

======Uninstall list======

-->C:\Program Files\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\WINDOWS\NuNInst.exe /UNINSTALL
-->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
-->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
-->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->C:\WINDOWS\UNRecode.exe /UNINSTALL
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Apple Mobile Device Support-->MsiExec.exe /I{EC4455AB-F155-4CC1-A4C5-88F3777F9886}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Atheros Communications Inc.® AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver-->"C:\Program Files\InstallShield Installation Information\{3108C217-BE83-42E4-AE9E-A56A2A92E549}\Setup.exe" -runfromtemp -l0x0009 -removeonly
Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}
Collectorz.com Comic Collector-->C:\PROGRA~1\COLLEC~1.COM\COMICC~1\UNWISE.EXE C:\PROGRA~1\COLLEC~1.COM\COMICC~1\install.log
DAZ Studio-->C:\Program Files\DAZ\Studio\Remove-Studio.exe
DVDFab (Platinum/Gold/HD Decrypter) (Option: Mobile) 5.0.6.0-->"C:\Program Files\DVDFab 5\unins000.exe"
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
iTunes-->MsiExec.exe /I{318AB667-3230-41B5-A617-CB3BF748D371}
Java™ 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
MailWasher Pro-->"C:\Program Files\FireTrust\MailWasher Pro\unins000.exe"
MediaMonkey 3.0-->"C:\Program Files\MediaMonkey\unins000.exe"
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office Access MUI (English) 2007-->MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}
Microsoft Office Access Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (English) 2007-->MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office Groove MUI (English) 2007-->MsiExec.exe /X{90120000-00BA-0409-0000-0000000FF1CE}
Microsoft Office Groove Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0114-0409-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (English) 2007-->MsiExec.exe /X{90120000-0044-0409-0000-0000000FF1CE}
Microsoft Office OneNote MUI (English) 2007-->MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}
Microsoft Office Outlook MUI (English) 2007-->MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007-->MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007-->MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Publisher MUI (English) 2007-->MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007-->MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Word MUI (English) 2007-->MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Nero 7 Essentials-->MsiExec.exe /X{8E72B982-D54F-486F-B35A-C24B6F171033}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
NVIDIA Drivers-->C:\WINDOWS\system32\nvuninst.exe UninstallGUI
QuickTime-->MsiExec.exe /I{F958CA02-BB40-4007-894B-258729456EE4}
Security Update for Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Spy Sweeper Core-->MsiExec.exe /I{3F5B6210-0903-4DC6-8034-8F488AA3A782}
Spy Sweeper-->"C:\Program Files\Webroot\Spy Sweeper\unins000.exe"
Update for Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
VC 9.0 Runtime-->MsiExec.exe /I{A040AC77-C1AA-4CC9-8931-9F648AF178F6}
VIA Platform Device Manager-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{20D4A895-748C-4D88-871C-FDB1695B0169}
Windows Internet Explorer 7-->"C:\WINDOWS\ie7\spuninst\spuninst.exe"
Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
ZoneAlarm Security Suite-->C:\Program Files\Zone Labs\ZoneAlarm\zauninst.exe
Zune Desktop Theme-->MsiExec.exe /X{7E20EFE6-E604-48C6-8B39-BA4742F2CDB4}

======Security center information======

AV: ZoneAlarm Security Suite Antivirus (disabled)
FW: ZoneAlarm Security Suite Firewall (disabled)

System event log

Computer Name: USER-530216A4FB
Event Code: 15007
Message: Reservation for namespace identified by URL prefix http://*:2869/ was successfully added.

Record Number: 5
Source Name: HTTP
Time Written: 20081218141945.000000+660
Event Type: information
User:

Computer Name: USER-530216A4FB
Event Code: 6011
Message: The NetBIOS name and DNS host name of this machine have been changed from MACHINENAME to USER-530216A4FB.

Record Number: 4
Source Name: EventLog
Time Written: 20081218141645.000000+660
Event Type: information
User:

Computer Name: MACHINENAME
Event Code: 2
Message: While validating that \Device\Serial0 was really a serial port, a fifo was detected. The fifo will be used.

Record Number: 3
Source Name: Serial
Time Written: 20081219011209.000000+660
Event Type: information
User:

Computer Name: MACHINENAME
Event Code: 6005
Message: The Event log service was started.

Record Number: 2
Source Name: EventLog
Time Written: 20081219011147.000000+660
Event Type: information
User:

Computer Name: MACHINENAME
Event Code: 6009
Message: Microsoft ® Windows ® 5.01. 2600 Service Pack 3 Multiprocessor Free.

Record Number: 1
Source Name: EventLog
Time Written: 20081219011147.000000+660
Event Type: information
User:

Application event log

Computer Name: USER-530216A4FB
Event Code: 1000
Message: Performance counters for the ContentIndex (ContentIndex) service were loaded successfully.
The Record Data contains the new index values assigned
to this service.

Record Number: 5
Source Name: LoadPerf
Time Written: 20081218141806.000000+660
Event Type: information
User:

Computer Name: USER-530216A4FB
Event Code: 1000
Message: Performance counters for the TermService (Terminal Services) service were loaded successfully.
The Record Data contains the new index values assigned
to this service.

Record Number: 4
Source Name: LoadPerf
Time Written: 20081218141804.000000+660
Event Type: information
User:

Computer Name: USER-530216A4FB
Event Code: 1000
Message: Performance counters for the RemoteAccess (Routing and Remote Access) service were loaded successfully.
The Record Data contains the new index values assigned
to this service.

Record Number: 3
Source Name: LoadPerf
Time Written: 20081218141716.000000+660
Event Type: information
User:

Computer Name: USER-530216A4FB
Event Code: 1000
Message: Performance counters for the PSched (PSched) service were loaded successfully.
The Record Data contains the new index values assigned
to this service.

Record Number: 2
Source Name: LoadPerf
Time Written: 20081218141654.000000+660
Event Type: information
User:

Computer Name: USER-530216A4FB
Event Code: 1000
Message: Performance counters for the RSVP (QoS RSVP) service were loaded successfully.
The Record Data contains the new index values assigned
to this service.

Record Number: 1
Source Name: LoadPerf
Time Written: 20081218141653.000000+660
Event Type: information
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 23 Stepping 6, GenuineIntel
"PROCESSOR_REVISION"=1706
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"tvdumpflags"=8
"CLASSPATH"=.;C:\Program Files\QuickTime\QTSystem\QTJava.zip
"QTJAVA"=C:\Program Files\QuickTime\QTSystem\QTJava.zip

-----------------EOF-----------------

BC AdBot (Login to Remove)

 


#2 Buckeye_Sam

Buckeye_Sam

    Malware Expert


  • Members
  • 17,382 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Pickerington, Ohio
  • Local time:05:23 PM

Posted 19 December 2008 - 03:43 PM

Hello! :thumbsup:
My name is Sam and I will be helping you.

In order to see what's going on with your computer I may ask for you to post various logs from the tools that we will use to resolve your issue. Please also share with me any information about how your computer is reacting and behaving each step of the way as we work through this process.


Please download Malwarebytes Anti-Malware and save it to your desktop.
alternate download link 1
alternate download link 2
  • Make sure you are connected to the Internet.
  • Double-click on Download_mbam-setup.exe to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
  • MBAM will automatically start and you will be asked to update the program before performing a scan. If an update is found, the program will automatically update itself. Press the OK button to close that box and continue. If you encounter any problems while downloading the updates, manually download them from here and just double-click on mbam-rules.exe to install.
  • On the Scanner tab:
    • Make sure the "Perform Quick Scan" option is selected.
    • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
  • Back at the main Scanner screen, click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad and you may be prompted to restart your computer. (see Note below)
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply and exit MBAM.
Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts. Click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.

Also post a new RSIT log.
Posted Image If I have helped you in any way, please consider a donation to help me continue the fight against malware.


Failing to respond back to the person that is giving up their own time to help you not only is insensitive and disrespectful, but it guarantees that you will never receive help from me again. Please thank your helpers and there will always be help here when you need it!


========================================================

#3 catamongthebats

catamongthebats
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:08:23 AM

Posted 19 December 2008 - 09:04 PM

Hi Sam,

Thanks for the speedy reply. :thumbsup: I must have had a psychic moment because I downloaded and ran Malewarewarebytes Anit-Malware just after I posted. It picked up the nasties but I had to run it three times before it showed as cleared. My C: is still not allowing me access though, same error. I also realised that both my laptop and the new computer were connecting to the internet via a router so I suppose it's possible I got the infection through that. All other computers in the house a clear though!
Here is the Malewarebytes logs and the RSIT log as requested.

Thanks Again.
Cathy

Malwarebytes' Anti-Malware 1.31
Database version: 1519
Windows 5.1.2600 Service Pack 3

12/19/2008 7:48:49 PM
mbam-log-2008-12-19 (19-48-49).txt

Scan type: Full Scan (C:\|E:\|)
Objects scanned: 178369
Time elapsed: 1 hour(s), 16 minute(s), 18 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 6
Folders Infected: 1
Files Infected: 4

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\extravideo (Trojan.DNSChanger) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\NameServer (Trojan.DNSChanger) -> Data: 85.255.116.102;85.255.112.199 -> Delete on reboot.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{7c9a52c0-b1b6-41d3-8c8d-e9f2ebeb99ed}\NameServer (Trojan.DNSChanger) -> Data: 85.255.116.102;85.255.112.199 -> Delete on reboot.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\NameServer (Trojan.DNSChanger) -> Data: 85.255.116.102;85.255.112.199 -> Delete on reboot.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{7c9a52c0-b1b6-41d3-8c8d-e9f2ebeb99ed}\NameServer (Trojan.DNSChanger) -> Data: 85.255.116.102;85.255.112.199 -> Delete on reboot.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Tcpip\Parameters\NameServer (Trojan.DNSChanger) -> Data: 85.255.116.102;85.255.112.199 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Tcpip\Parameters\Interfaces\{7c9a52c0-b1b6-41d3-8c8d-e9f2ebeb99ed}\NameServer (Trojan.DNSChanger) -> Data: 85.255.116.102;85.255.112.199 -> Quarantined and deleted successfully.

Folders Infected:
C:\resycled (Trojan.DNSChanger) -> Quarantined and deleted successfully.

Files Infected:
C:\WINDOWS\system32\msqpdxosvdbrsr.dll (Trojan.Agent) -> Delete on reboot.
C:\resycled\boot.com (Trojan.DNSChanger) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\msqpdxpqltoiqh.sys (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\tempo-FBB.tmp (Trojan.DNSChanger) -> Quarantined and deleted successfully.

Malwarebytes' Anti-Malware 1.31
Database version: 1519
Windows 5.1.2600 Service Pack 3

12/19/2008 8:57:40 PM
mbam-log-2008-12-19 (20-57-40).txt

Scan type: Full Scan (C:\|)
Objects scanned: 81022
Time elapsed: 20 minute(s), 37 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 1
Files Infected: 3

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\extravideo (Trojan.DNSChanger) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
C:\resycled (Trojan.DNSChanger) -> Quarantined and deleted successfully.

Files Infected:
C:\resycled\boot.com (Trojan.DNSChanger) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\msqpdxserv.sys (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\tempo-CB5.tmp (Trojan.DNSChanger) -> Quarantined and deleted successfully.

Malwarebytes' Anti-Malware 1.31
Database version: 1519
Windows 5.1.2600 Service Pack 3

12/19/2008 9:52:42 PM
mbam-log-2008-12-19 (21-52-42).txt

Scan type: Full Scan (C:\|)
Objects scanned: 81106
Time elapsed: 14 minute(s), 25 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

Logfile of random's system information tool 1.05 (written by random/random)
Run by user at 2008-12-20 13:00:17
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 934 GB (98%) free of 954 GB
Total RAM: 3583 MB (86% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:00:19 PM, on 12/20/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
C:\Program Files\Nero\Nero 7\InCD\InCD.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\ntvdm.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\user\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\user.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [HDAudDeck] "C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe" 1
O4 - HKLM\..\Run: [NvCplDaemon] "C:\WINDOWS\system32\RUNDLL32.EXE" C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] "C:\WINDOWS\system32\nwiz.exe" /install
O4 - HKLM\..\Run: [NvMediaCenter] "C:\WINDOWS\system32\RUNDLL32.EXE" C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] "C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe"
O4 - HKLM\..\Run: [SecurDisc] "C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe"
O4 - HKLM\..\Run: [InCD] "C:\Program Files\Nero\Nero 7\InCD\InCD.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Desktop Service Centre] C:\Program Files\OptusNet DSL Internet\DSC.exe
O4 - HKCU\..\Run: [LightScribe Control Panel] "C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe" -hidden
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://dl8-cdn-01.sun.com/s/ESD5/JSCDL/jre...ows-i586-jc.cab
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 6328 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java™ Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-12-19 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java™ Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-12-19 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-12-19 73728]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"=C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe [2008-04-10 29757440]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-06-26 13529088]
"nwiz"=C:\WINDOWS\system32\nwiz.exe [2008-06-26 1630208]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-06-26 86016]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]
"SecurDisc"=C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe [2007-06-25 1629480]
"InCD"=C:\Program Files\Nero\Nero 7\InCD\InCD.exe [2007-06-25 1057064]
"ZoneAlarm Client"=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2008-10-09 981904]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2008-11-04 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-11-20 290088]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2008-12-19 136600]
"Desktop Service Centre"=C:\Program Files\OptusNet DSL Internet\DSC.exe [2005-11-30 2919831]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2007-08-23 455968]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-06-27 152872]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\Installation\Setupx.exe"="D:\Installation\Setupx.exe:*:Enabled:Nero ProductSetup"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1d0e27a0-cd0d-11dd-929d-806d6172696f}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL resycled\boot.com c:
shell\Open\command - resycled\boot.com c:

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c2e592dc-cd6d-11dd-961d-002215ba7042}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL resycled\boot.com f:
shell\Open\command - E:\resycled\boot.com f:

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c2e592de-cd6d-11dd-961d-002215ba7042}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL resycled\boot.com f:
shell\Open\command - resycled\boot.com f:


======List of files/folders created in the last 1 months======

2008-12-20 12:44:07 ----D---- C:\WINDOWS\LastGood
2008-12-20 12:31:44 ----A---- C:\WINDOWS\Active Setup Log.txt
2008-12-20 12:31:33 ----D---- C:\Program Files\OptusNet DSL Internet
2008-12-20 12:28:21 ----D---- C:\Program Files\D-Link
2008-12-20 12:27:30 ----A---- C:\WINDOWS\uninst.exe
2008-12-19 21:55:47 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2008-12-19 21:55:43 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2008-12-19 21:55:40 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2008-12-19 21:55:36 ----HDC---- C:\WINDOWS\$NtUninstallKB955839$
2008-12-19 21:55:30 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
2008-12-19 21:55:25 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2008-12-19 21:55:00 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2008-12-19 21:54:56 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2008-12-19 21:54:52 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2008-12-19 21:54:49 ----D---- C:\WINDOWS\ie7updates
2008-12-19 21:54:45 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2008-12-19 21:54:39 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2008-12-19 21:54:36 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2008-12-19 21:54:32 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2008-12-19 21:54:27 ----HDC---- C:\WINDOWS\$NtUninstallKB923689$
2008-12-19 21:54:20 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2008-12-19 21:54:16 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2008-12-19 21:54:13 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$
2008-12-19 21:54:11 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2008-12-19 21:54:08 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
2008-12-19 21:54:04 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2008-12-19 21:54:00 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2008-12-19 21:53:55 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2008-12-19 21:53:45 ----D---- C:\Program Files\MSXML 4.0
2008-12-19 20:59:46 ----D---- C:\WINDOWS\system32\LogFiles
2008-12-19 18:29:46 ----D---- C:\Documents and Settings\user\Application Data\Malwarebytes
2008-12-19 18:29:42 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2008-12-19 18:29:42 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-12-19 18:08:37 ----D---- C:\Documents and Settings\All Users\Application Data\LightScribe
2008-12-19 17:17:53 ----D---- C:\rsit
2008-12-19 17:01:38 ----D---- C:\WINDOWS\Sun
2008-12-19 17:01:30 ----A---- C:\WINDOWS\system32\javaws.exe
2008-12-19 17:01:30 ----A---- C:\WINDOWS\system32\javaw.exe
2008-12-19 17:01:30 ----A---- C:\WINDOWS\system32\java.exe
2008-12-19 17:01:30 ----A---- C:\WINDOWS\system32\deploytk.dll
2008-12-19 17:01:25 ----D---- C:\Program Files\Java
2008-12-19 16:57:15 ----D---- C:\Documents and Settings\user\Application Data\Sun
2008-12-19 16:50:31 ----D---- C:\Program Files\Trend Micro
2008-12-19 16:25:45 ----A---- C:\WINDOWS\system32\dzwrapper.dll
2008-12-19 16:25:45 ----A---- C:\WINDOWS\system32\dzcore.dll
2008-12-19 16:25:45 ----A---- C:\WINDOWS\system32\dzcarrara.dll
2008-12-19 16:25:44 ----A---- C:\WINDOWS\system32\dzbryce6.dll
2008-12-19 16:25:44 ----A---- C:\WINDOWS\system32\dz3delight.dll
2008-12-19 16:25:44 ----A---- C:\WINDOWS\system32\daz-qt-mt.dll
2008-12-19 16:25:44 ----A---- C:\WINDOWS\system32\daz-qsa.dll
2008-12-19 16:25:20 ----D---- C:\Program Files\DAZ
2008-12-19 16:25:20 ----D---- C:\Program Files\Common Files\DAZ
2008-12-19 16:12:13 ----D---- C:\Program Files\SonicWallES
2008-12-19 16:04:48 ----D---- C:\Program Files\MSBuild
2008-12-19 16:04:44 ----D---- C:\Program Files\Microsoft Visual Studio
2008-12-19 16:04:44 ----D---- C:\Program Files\Common Files\DESIGNER
2008-12-19 16:02:21 ----D---- C:\WINDOWS\SHELLNEW
2008-12-19 16:02:07 ----D---- C:\Program Files\Microsoft Office
2008-12-19 16:02:07 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-12-19 16:01:49 ----RHD---- C:\MSOCache
2008-12-19 15:53:54 ----D---- C:\Documents and Settings\user\Application Data\Apple Computer
2008-12-19 15:53:49 ----A---- C:\WINDOWS\system32\GEARAspi.dll
2008-12-19 15:53:42 ----D---- C:\Program Files\iPod
2008-12-19 15:53:41 ----D---- C:\Program Files\iTunes
2008-12-19 15:53:41 ----D---- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-12-19 15:53:33 ----D---- C:\Program Files\Bonjour
2008-12-19 15:53:20 ----D---- C:\Program Files\QuickTime
2008-12-19 15:53:20 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-12-19 15:53:13 ----D---- C:\Program Files\Apple Software Update
2008-12-19 15:53:04 ----D---- C:\Program Files\Common Files\Apple
2008-12-19 15:53:04 ----D---- C:\Documents and Settings\All Users\Application Data\Apple
2008-12-19 15:47:59 ----D---- C:\WINDOWS\Minidump
2008-12-19 15:46:44 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$
2008-12-19 15:12:54 ----D---- C:\Documents and Settings\user\Application Data\Vso
2008-12-19 15:12:54 ----A---- C:\Documents and Settings\user\Application Data\inst.exe
2008-12-19 15:12:49 ----D---- C:\Program Files\DVDFab 5
2008-12-19 14:13:18 ----A---- C:\rollback.ini
2008-12-19 13:42:25 ----D---- C:\WINDOWS\system32\PreInstall
2008-12-19 13:42:23 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2008-12-19 13:33:22 ----D---- C:\Documents and Settings\user\Application Data\MailFrontier
2008-12-19 13:24:43 ----D---- C:\Documents and Settings\All Users\Application Data\MailFrontier
2008-12-19 13:24:37 ----A---- C:\WINDOWS\zllsputility.exe
2008-12-19 13:24:34 ----A---- C:\WINDOWS\system32\vsregexp.dll
2008-12-19 13:24:33 ----A---- C:\WINDOWS\system32\zlcommdb.dll
2008-12-19 13:24:33 ----A---- C:\WINDOWS\system32\zlcomm.dll
2008-12-19 13:24:31 ----A---- C:\WINDOWS\system32\vswmi.dll
2008-12-19 13:24:30 ----D---- C:\WINDOWS\system32\ZoneLabs
2008-12-19 13:24:30 ----D---- C:\Program Files\Zone Labs
2008-12-19 13:24:30 ----A---- C:\WINDOWS\system32\zpeng25.dll
2008-12-19 13:24:30 ----A---- C:\WINDOWS\system32\vsxml.dll
2008-12-19 13:24:30 ----A---- C:\WINDOWS\system32\vspubapi.dll
2008-12-19 13:24:30 ----A---- C:\WINDOWS\system32\vsmonapi.dll
2008-12-19 13:23:57 ----A---- C:\WINDOWS\system32\vsutil.dll
2008-12-19 13:23:57 ----A---- C:\WINDOWS\system32\vsinit.dll
2008-12-19 13:23:57 ----A---- C:\WINDOWS\system32\vsdata.dll
2008-12-19 13:23:55 ----D---- C:\WINDOWS\Internet Logs
2008-12-19 13:18:14 ----D---- C:\Program Files\Collectorz.com
2008-12-19 13:15:23 ----D---- C:\Program Files\MediaMonkey
2008-12-19 13:13:37 ----D---- C:\Documents and Settings\user\Application Data\MailWasherPro
2008-12-19 13:13:36 ----D---- C:\Program Files\FireTrust
2008-12-19 13:04:53 ----SHD---- C:\RECYCLER
2008-12-19 12:37:08 ----A---- C:\WINDOWS\system32\wpa.bak
2008-12-19 12:16:15 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2008-12-19 09:06:31 ----A---- C:\WINDOWS\system32\chtbrkr.dll
2008-12-19 09:06:31 ----A---- C:\WINDOWS\system32\chsbrkr.dll
2008-12-19 09:06:30 ----A---- C:\WINDOWS\system32\msir3jp.dll
2008-12-19 09:06:30 ----A---- C:\WINDOWS\system32\korwbrkr.dll
2008-12-19 09:06:21 ----A---- C:\WINDOWS\system32\kbd101a.dll
2008-12-19 09:06:16 ----A---- C:\WINDOWS\system32\kbdnecNT.dll
2008-12-19 09:06:16 ----A---- C:\WINDOWS\system32\kbdnecAT.dll
2008-12-19 09:06:16 ----A---- C:\WINDOWS\system32\kbdnec95.dll
2008-12-19 09:06:06 ----A---- C:\WINDOWS\system32\c_is2022.dll
2008-12-19 09:06:04 ----A---- C:\WINDOWS\system32\uniime.dll
2008-12-19 09:05:59 ----A---- C:\WINDOWS\system32\c_g18030.dll
2008-12-19 09:05:58 ----A---- C:\WINDOWS\system32\kbdlk41j.dll
2008-12-19 09:05:58 ----A---- C:\WINDOWS\system32\kbdlk41a.dll
2008-12-19 09:05:58 ----A---- C:\WINDOWS\system32\kbdibm02.dll
2008-12-19 09:05:58 ----A---- C:\WINDOWS\system32\kbdax2.dll
2008-12-19 09:05:58 ----A---- C:\WINDOWS\system32\kbd106n.dll
2008-12-19 09:05:58 ----A---- C:\WINDOWS\system32\kbd101.dll
2008-12-19 09:05:58 ----A---- C:\WINDOWS\system32\f3ahvoas.dll
2008-12-19 09:05:57 ----A---- C:\WINDOWS\system32\imjp81k.dll
2008-12-19 09:05:09 ----A---- C:\WINDOWS\system32\kbdkor.dll
2008-12-19 09:05:09 ----A---- C:\WINDOWS\system32\kbdjpn.dll
2008-12-19 09:05:09 ----A---- C:\WINDOWS\system32\kbd103.dll
2008-12-19 09:05:09 ----A---- C:\WINDOWS\system32\kbd101c.dll
2008-12-19 09:05:07 ----A---- C:\WINDOWS\system32\kbd106.dll
2008-12-19 09:05:07 ----A---- C:\WINDOWS\system32\kbd101b.dll
2008-12-19 09:04:32 ----A---- C:\WINDOWS\system32\hidserv.dll
2008-12-19 01:16:29 ----A---- C:\WINDOWS\system32\h323log.txt
2008-12-19 01:13:22 ----A---- C:\WINDOWS\system32\usbui.dll
2008-12-19 01:12:39 ----A---- C:\WINDOWS\imsins.BAK
2008-12-19 01:12:37 ----SHD---- C:\WINDOWS\Installer
2008-12-19 01:12:37 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-12-19 01:12:36 ----D---- C:\Program Files\Common Files\ODBC
2008-12-19 01:12:36 ----A---- C:\WINDOWS\ODBCINST.INI
2008-12-19 01:12:34 ----RD---- C:\Program Files
2008-12-19 01:12:34 ----D---- C:\Program Files\Common Files\SpeechEngines
2008-12-19 01:12:34 ----D---- C:\Program Files\Common Files\Microsoft Shared
2008-12-19 01:12:34 ----D---- C:\Program Files\Common Files
2008-12-19 01:12:32 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2008-12-19 01:12:32 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2008-12-19 01:12:32 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2008-12-19 01:12:31 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2008-12-19 01:12:31 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2008-12-19 01:12:31 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2008-12-19 01:12:31 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2008-12-19 01:12:31 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2008-12-19 01:12:31 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2008-12-19 01:12:30 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2008-12-19 01:12:30 ----RA---- C:\WINDOWS\system32\kbdur.dll
2008-12-19 01:12:30 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2008-12-19 01:12:30 ----RA---- C:\WINDOWS\system32\kbdru.dll
2008-12-19 01:12:30 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2008-12-19 01:12:30 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2008-12-19 01:12:29 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2008-12-19 01:12:29 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2008-12-19 01:12:29 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2008-12-19 01:12:29 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2008-12-19 01:12:29 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2008-12-19 01:12:29 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2008-12-19 01:12:29 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2008-12-19 01:12:28 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2008-12-19 01:12:28 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2008-12-19 01:12:28 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2008-12-19 01:12:28 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2008-12-19 01:12:28 ----RA---- C:\WINDOWS\system32\kbdest.dll
2008-12-19 01:12:27 ----RA---- C:\WINDOWS\system32\kbdycl.dll
2008-12-19 01:12:27 ----RA---- C:\WINDOWS\system32\kbdsl1.dll
2008-12-19 01:12:27 ----RA---- C:\WINDOWS\system32\kbdsl.dll
2008-12-19 01:12:27 ----RA---- C:\WINDOWS\system32\kbdro.dll
2008-12-19 01:12:27 ----RA---- C:\WINDOWS\system32\kbdpl1.dll
2008-12-19 01:12:27 ----RA---- C:\WINDOWS\system32\kbdpl.dll
2008-12-19 01:12:27 ----RA---- C:\WINDOWS\system32\kbdhu1.dll
2008-12-19 01:12:27 ----RA---- C:\WINDOWS\system32\kbdhu.dll
2008-12-19 01:12:27 ----RA---- C:\WINDOWS\system32\kbdcz2.dll
2008-12-19 01:12:27 ----RA---- C:\WINDOWS\system32\kbdcz1.dll
2008-12-19 01:12:27 ----RA---- C:\WINDOWS\system32\kbdcz.dll
2008-12-19 01:12:27 ----RA---- C:\WINDOWS\system32\kbdcr.dll
2008-12-19 01:12:27 ----RA---- C:\WINDOWS\system32\KBDAL.DLL
2008-12-19 01:12:25 ----A---- C:\WINDOWS\system32\spxcoins.dll
2008-12-19 01:12:25 ----A---- C:\WINDOWS\system32\irclass.dll
2008-12-19 01:12:25 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2008-12-19 01:12:25 ----A---- C:\WINDOWS\system32\dgsetup.dll
2008-12-19 01:12:25 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2008-12-19 01:12:24 ----A---- C:\WINDOWS\TASKMAN.EXE
2008-12-19 01:12:23 ----N---- C:\WINDOWS\system32\CONFIG.TMP
2008-12-19 01:12:23 ----A---- C:\WINDOWS\system32\batt.dll
2008-12-19 01:12:23 ----A---- C:\WINDOWS\NOTEPAD.EXE
2008-12-19 01:12:22 ----A---- C:\WINDOWS\system32\storprop.dll
2008-12-19 01:12:16 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini
2008-12-19 01:12:14 ----RA---- C:\WINDOWS\SET8.tmp
2008-12-19 01:12:12 ----RA---- C:\WINDOWS\SET4.tmp
2008-12-19 01:12:11 ----RA---- C:\WINDOWS\SET3.tmp
2008-12-19 01:12:07 ----D---- C:\WINDOWS\system32\CatRoot2
2008-12-19 01:12:07 ----D---- C:\WINDOWS\system32\CatRoot
2008-12-19 01:12:02 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2008-12-19 01:11:44 ----A---- C:\WINDOWS\setuplog.txt
2008-12-19 01:11:42 ----SHD---- C:\System Volume Information
2008-12-19 01:11:42 ----D---- C:\Documents and Settings
2008-12-19 01:10:54 ----SH---- C:\boot.ini
2008-12-19 01:07:13 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-12-19 01:07:13 ----RSD---- C:\WINDOWS\Fonts
2008-12-19 01:07:13 ----RD---- C:\WINDOWS\Web
2008-12-19 01:07:13 ----HD---- C:\WINDOWS\inf
2008-12-19 01:07:13 ----D---- C:\WINDOWS\WinSxS
2008-12-19 01:07:13 ----D---- C:\WINDOWS\twain_32
2008-12-19 01:07:13 ----D---- C:\WINDOWS\Temp
2008-12-19 01:07:13 ----D---- C:\WINDOWS\system32\wins
2008-12-19 01:07:13 ----D---- C:\WINDOWS\system32\wbem
2008-12-19 01:07:13 ----D---- C:\WINDOWS\system32\usmt
2008-12-19 01:07:13 ----D---- C:\WINDOWS\system32\spool
2008-12-19 01:07:13 ----D---- C:\WINDOWS\system32\ShellExt
2008-12-19 01:07:13 ----D---- C:\WINDOWS\system32\Setup
2008-12-19 01:07:13 ----D---- C:\WINDOWS\system32\scripting
2008-12-19 01:07:13 ----D---- C:\WINDOWS\system32\ras
2008-12-19 01:07:13 ----D---- C:\WINDOWS\system32\oobe
2008-12-19 01:07:13 ----D---- C:\WINDOWS\system32\npp
2008-12-19 01:07:13 ----D---- C:\WINDOWS\system32\mui
2008-12-19 01:07:13 ----D---- C:\WINDOWS\system32\inetsrv
2008-12-19 01:07:13 ----D---- C:\WINDOWS\system32\IME
2008-12-19 01:07:13 ----D---- C:\WINDOWS\system32\icsxml
2008-12-19 01:07:13 ----D---- C:\WINDOWS\system32\ias
2008-12-19 01:07:13 ----D---- C:\WINDOWS\system32\export
2008-12-19 01:07:13 ----D---- C:\WINDOWS\system32\en
2008-12-19 01:07:13 ----D---- C:\WINDOWS\system32\drivers
2008-12-19 01:07:13 ----D---- C:\WINDOWS\system32\dhcp
2008-12-19 01:07:13 ----D---- C:\WINDOWS\system32\config
2008-12-19 01:07:13 ----D---- C:\WINDOWS\system32\3com_dmi
2008-12-19 01:07:13 ----D---- C:\WINDOWS\system32\3076
2008-12-19 01:07:13 ----D---- C:\WINDOWS\system32\2052
2008-12-19 01:07:13 ----D---- C:\WINDOWS\system32\1054
2008-12-19 01:07:13 ----D---- C:\WINDOWS\system32\1042
2008-12-19 01:07:13 ----D---- C:\WINDOWS\system32\1041
2008-12-19 01:07:13 ----D---- C:\WINDOWS\system32\1037
2008-12-19 01:07:13 ----D---- C:\WINDOWS\system32\1033
2008-12-19 01:07:13 ----D---- C:\WINDOWS\system32\1031
2008-12-19 01:07:13 ----D---- C:\WINDOWS\system32\1028
2008-12-19 01:07:13 ----D---- C:\WINDOWS\system32\1025
2008-12-19 01:07:13 ----D---- C:\WINDOWS\system32
2008-12-19 01:07:13 ----D---- C:\WINDOWS\system
2008-12-19 01:07:13 ----D---- C:\WINDOWS\security
2008-12-19 01:07:13 ----D---- C:\WINDOWS\Resources
2008-12-19 01:07:13 ----D---- C:\WINDOWS\repair
2008-12-19 01:07:13 ----D---- C:\WINDOWS\Provisioning
2008-12-19 01:07:13 ----D---- C:\WINDOWS\PeerNet
2008-12-19 01:07:13 ----D---- C:\WINDOWS\pchealth
2008-12-19 01:07:13 ----D---- C:\WINDOWS\Network Diagnostic
2008-12-19 01:07:13 ----D---- C:\WINDOWS\mui
2008-12-19 01:07:13 ----D---- C:\WINDOWS\msapps
2008-12-19 01:07:13 ----D---- C:\WINDOWS\msagent
2008-12-19 01:07:13 ----D---- C:\WINDOWS\Media
2008-12-19 01:07:13 ----D---- C:\WINDOWS\L2Schemas
2008-12-19 01:07:13 ----D---- C:\WINDOWS\java
2008-12-19 01:07:13 ----D---- C:\WINDOWS\ime
2008-12-19 01:07:13 ----D---- C:\WINDOWS\Help
2008-12-19 01:07:13 ----D---- C:\WINDOWS\Driver Cache
2008-12-19 01:07:13 ----D---- C:\WINDOWS\Debug
2008-12-19 01:07:13 ----D---- C:\WINDOWS\Cursors
2008-12-19 01:07:13 ----D---- C:\WINDOWS\Connection Wizard
2008-12-19 01:07:13 ----D---- C:\WINDOWS\Config
2008-12-19 01:07:13 ----D---- C:\WINDOWS\AppPatch
2008-12-19 01:07:13 ----D---- C:\WINDOWS\addins
2008-12-19 01:07:13 ----D---- C:\WINDOWS
2008-12-18 14:38:23 ----D---- C:\WINDOWS\WBEM
2008-12-18 14:37:32 ----HDC---- C:\WINDOWS\ie7
2008-12-18 14:37:25 ----HDC---- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
2008-12-18 14:37:18 ----N---- C:\WINDOWS\system32\spmsg.dll
2008-12-18 14:37:16 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2008-12-18 14:37:14 ----HDC---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
2008-12-18 14:37:09 ----HD---- C:\WINDOWS\$hf_mig$
2008-12-18 14:36:48 ----A---- C:\WINDOWS\system32\oeminfo.ini
2008-12-18 14:36:06 ----D---- C:\Program Files\Common Files\LightScribe
2008-12-18 14:35:34 ----D---- C:\Documents and Settings\user\Application Data\Ahead
2008-12-18 14:35:26 ----D---- C:\Documents and Settings\All Users\Application Data\Ahead
2008-12-18 14:33:28 ----D---- C:\Program Files\Nero
2008-12-18 14:33:28 ----D---- C:\Program Files\Common Files\Ahead
2008-12-18 14:33:28 ----D---- C:\Documents and Settings\All Users\Application Data\Nero
2008-12-18 14:33:07 ----D---- C:\WINDOWS\RegisteredPackages
2008-12-18 14:31:57 ----D---- C:\Program Files\My Company Name
2008-12-18 14:30:34 ----D---- C:\WINDOWS\nview
2008-12-18 14:30:34 ----A---- C:\WINDOWS\system32\nvudisp.exe
2008-12-18 14:30:32 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
2008-12-18 14:30:31 ----A---- C:\WINDOWS\system32\xinput1_2.dll
2008-12-18 14:30:31 ----A---- C:\WINDOWS\system32\xactengine2_2.dll
2008-12-18 14:30:30 ----A---- C:\WINDOWS\system32\xinput1_1.dll
2008-12-18 14:30:29 ----A---- C:\WINDOWS\system32\xactengine2_1.dll
2008-12-18 14:30:29 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2008-12-18 14:30:28 ----A---- C:\WINDOWS\system32\xactengine2_0.dll
2008-12-18 14:30:28 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll
2008-12-18 14:30:28 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
2008-12-18 14:30:28 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
2008-12-18 14:30:27 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
2008-12-18 14:30:26 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
2008-12-18 14:30:25 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
2008-12-18 14:30:25 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
2008-12-18 14:30:25 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
2008-12-18 14:29:45 ----A---- C:\WINDOWS\system32\NVUNINST.EXE
2008-12-18 14:28:11 ----D---- C:\WINDOWS\system32\Atheros_L1e
2008-12-18 14:27:09 ----D---- C:\WINDOWS\ASUSInstAll
2008-12-18 14:27:07 ----HD---- C:\Program Files\InstallShield Installation Information
2008-12-18 14:26:37 ----A---- C:\WINDOWS\system32\ksuser.dll
2008-12-18 14:26:30 ----N---- C:\WINDOWS\system32\difxapi.dll
2008-12-18 14:26:30 ----D---- C:\Program Files\VIA
2008-12-18 14:26:25 ----D---- C:\Program Files\Common Files\InstallShield
2008-12-18 14:24:36 ----D---- C:\WINDOWS\system32\ReinstallBackups
2008-12-18 14:24:35 ----DC---- C:\WINDOWS\system32\DRVSTORE
2008-12-18 14:24:34 ----D---- C:\Program Files\Intel
2008-12-18 14:24:25 ----D---- C:\Intel
2008-12-18 14:24:13 ----A---- C:\WINDOWS\Ascd_log.ini
2008-12-18 14:24:08 ----A---- C:\WINDOWS\Ascd_tmp.ini
2008-12-18 14:23:47 ----D---- C:\Documents and Settings\user\Application Data\Identities
2008-12-18 14:23:46 ----HD---- C:\Program Files\Uninstall Information
2008-12-18 14:23:43 ----ASH---- C:\Documents and Settings\user\Application Data\desktop.ini
2008-12-18 14:23:42 ----SD---- C:\Documents and Settings\user\Application Data\Microsoft
2008-12-18 14:23:11 ----D---- C:\WINDOWS\SoftwareDistribution
2008-12-18 14:23:10 ----D---- C:\WINDOWS\Prefetch
2008-12-18 14:23:09 ----SD---- C:\WINDOWS\system32\Microsoft
2008-12-18 14:23:09 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-12-18 14:20:43 ----D---- C:\WINDOWS\system32\xircom
2008-12-18 14:20:43 ----D---- C:\Program Files\xerox
2008-12-18 14:20:43 ----D---- C:\Program Files\microsoft frontpage
2008-12-18 14:20:36 ----A---- C:\WINDOWS\control.ini
2008-12-18 14:20:36 ----A---- C:\AUTOEXEC.BAT
2008-12-18 14:20:29 ----A---- C:\WINDOWS\OEWABLog.txt
2008-12-18 14:20:26 ----A---- C:\WINDOWS\system32\mapi32.dll
2008-12-18 14:19:53 ----SD---- C:\WINDOWS\Downloaded Program Files
2008-12-18 14:19:53 ----RD---- C:\WINDOWS\Offline Web Pages
2008-12-18 14:19:53 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2008-12-18 14:19:49 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2008-12-18 14:19:46 ----HD---- C:\Program Files\WindowsUpdate
2008-12-18 14:19:33 ----D---- C:\WINDOWS\system32\DirectX
2008-12-18 14:19:29 ----A---- C:\WINDOWS\system32\atrace.dll
2008-12-18 14:19:27 ----A---- C:\WINDOWS\system32\desktop.ini
2008-12-18 14:19:27 ----A---- C:\WINDOWS\desktop.ini
2008-12-18 14:19:22 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2008-12-18 14:19:21 ----A---- C:\WINDOWS\system32\acctres.dll
2008-12-18 14:19:20 ----D---- C:\Program Files\Common Files\Services
2008-12-18 14:19:18 ----SD---- C:\WINDOWS\Tasks
2008-12-18 14:19:18 ----D---- C:\Program Files\Common Files\MSSoap
2008-12-18 14:19:18 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2008-12-18 14:19:15 ----D---- C:\WINDOWS\system32\Macromed
2008-12-18 14:19:15 ----D---- C:\WINDOWS\srchasst
2008-12-18 14:19:13 ----A---- C:\WINDOWS\system32\wuweb.dll
2008-12-18 14:19:12 ----A---- C:\WINDOWS\system32\wups.dll
2008-12-18 14:19:12 ----A---- C:\WINDOWS\system32\wucltui.dll
2008-12-18 14:19:12 ----A---- C:\WINDOWS\system32\wuauserv.dll
2008-12-18 14:19:12 ----A---- C:\WINDOWS\system32\wuaueng1.dll
2008-12-18 14:19:12 ----A---- C:\WINDOWS\system32\wuaueng.dll
2008-12-18 14:19:12 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2008-12-18 14:19:12 ----A---- C:\WINDOWS\system32\wuauclt.exe
2008-12-18 14:19:12 ----A---- C:\WINDOWS\system32\wuapi.dll
2008-12-18 14:19:12 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2008-12-18 14:19:12 ----A---- C:\WINDOWS\system32\qmgr.dll
2008-12-18 14:19:12 ----A---- C:\WINDOWS\system32\bitsprx4.dll
2008-12-18 14:19:12 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2008-12-18 14:19:12 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2008-12-18 14:19:09 ----D---- C:\Program Files\Movie Maker
2008-12-18 14:18:56 ----A---- C:\WINDOWS\system32\safrslv.dll
2008-12-18 14:18:56 ----A---- C:\WINDOWS\system32\safrdm.dll
2008-12-18 14:18:56 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2008-12-18 14:18:56 ----A---- C:\WINDOWS\system32\racpldlg.dll
2008-12-18 14:18:54 ----D---- C:\WINDOWS\system32\Restore
2008-12-18 14:18:54 ----A---- C:\WINDOWS\system32\srsvc.dll
2008-12-18 14:18:54 ----A---- C:\WINDOWS\system32\srrstr.dll
2008-12-18 14:18:54 ----A---- C:\WINDOWS\system32\srclient.dll
2008-12-18 14:18:54 ----A---- C:\WINDOWS\system32\fltMc.exe
2008-12-18 14:18:54 ----A---- C:\WINDOWS\system32\fltlib.dll
2008-12-18 14:18:53 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2008-12-18 14:18:53 ----A---- C:\WINDOWS\system32\msconf.dll
2008-12-18 14:18:53 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2008-12-18 14:18:53 ----A---- C:\WINDOWS\system32\mnmdd.dll
2008-12-18 14:18:53 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2008-12-18 14:18:53 ----A---- C:\WINDOWS\system32\ils.dll
2008-12-18 14:18:51 ----D---- C:\Program Files\NetMeeting
2008-12-18 14:18:51 ----A---- C:\WINDOWS\system32\msoert2.dll
2008-12-18 14:18:51 ----A---- C:\WINDOWS\system32\msoeacct.dll
2008-12-18 14:18:50 ----A---- C:\WINDOWS\system32\inetres.dll
2008-12-18 14:18:50 ----A---- C:\WINDOWS\system32\inetcomm.dll
2008-12-18 14:18:49 ----D---- C:\Program Files\Outlook Express
2008-12-18 14:18:49 ----A---- C:\WINDOWS\system32\schedsvc.dll
2008-12-18 14:18:49 ----A---- C:\WINDOWS\system32\mstinit.exe
2008-12-18 14:18:49 ----A---- C:\WINDOWS\system32\mstask.dll
2008-12-18 14:18:48 ----A---- C:\WINDOWS\system32\isign32.dll
2008-12-18 14:18:48 ----A---- C:\WINDOWS\system32\inetcfg.dll
2008-12-18 14:18:48 ----A---- C:\WINDOWS\system32\icwphbk.dll
2008-12-18 14:18:48 ----A---- C:\WINDOWS\system32\icwdial.dll
2008-12-18 14:18:44 ----D---- C:\Program Files\Common Files\System
2008-12-18 14:18:41 ----D---- C:\Program Files\Internet Explorer
2008-12-18 14:18:30 ----D---- C:\Program Files\ComPlus Applications
2008-12-18 14:18:29 ----A---- C:\WINDOWS\vbaddin.ini
2008-12-18 14:18:29 ----A---- C:\WINDOWS\vb.ini
2008-12-18 14:18:25 ----D---- C:\WINDOWS\Registration
2008-12-18 14:18:04 ----D---- C:\Program Files\Windows Media Player
2008-12-18 14:18:04 ----D---- C:\Program Files\Online Services
2008-12-18 14:18:00 ----D---- C:\Program Files\Messenger
2008-12-18 14:17:57 ----D---- C:\Program Files\MSN Gaming Zone
2008-12-18 14:17:57 ----A---- C:\WINDOWS\system32\write.exe
2008-12-18 14:17:51 ----A---- C:\WINDOWS\system32\sndvol32.exe
2008-12-18 14:17:51 ----A---- C:\WINDOWS\system32\hticons.dll
2008-12-18 14:17:50 ----A---- C:\WINDOWS\system32\winchat.exe
2008-12-18 14:17:50 ----A---- C:\WINDOWS\system32\avwav.dll
2008-12-18 14:17:50 ----A---- C:\WINDOWS\system32\avtapi.dll
2008-12-18 14:17:50 ----A---- C:\WINDOWS\system32\avmeter.dll
2008-12-18 14:17:46 ----A---- C:\WINDOWS\system32\getuname.dll
2008-12-18 14:17:45 ----A---- C:\WINDOWS\system32\winmine.exe
2008-12-18 14:17:45 ----A---- C:\WINDOWS\system32\sol.exe
2008-12-18 14:17:45 ----A---- C:\WINDOWS\system32\mshearts.exe
2008-12-18 14:17:45 ----A---- C:\WINDOWS\system32\freecell.exe
2008-12-18 14:17:45 ----A---- C:\WINDOWS\system32\charmap.exe
2008-12-18 14:17:45 ----A---- C:\WINDOWS\system32\calc.exe
2008-12-18 14:17:44 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2008-12-18 14:17:44 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2008-12-18 14:17:44 ----A---- C:\WINDOWS\system32\tslabels.ini
2008-12-18 14:17:44 ----A---- C:\WINDOWS\system32\tskill.exe
2008-12-18 14:17:44 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2008-12-18 14:17:44 ----A---- C:\WINDOWS\system32\tscon.exe
2008-12-18 14:17:44 ----A---- C:\WINDOWS\system32\shadow.exe
2008-12-18 14:17:44 ----A---- C:\WINDOWS\system32\rwinsta.exe
2008-12-18 14:17:44 ----A---- C:\WINDOWS\system32\reset.exe
2008-12-18 14:17:44 ----A---- C:\WINDOWS\system32\regini.exe
2008-12-18 14:17:44 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2008-12-18 14:17:44 ----A---- C:\WINDOWS\system32\qwinsta.exe
2008-12-18 14:17:44 ----A---- C:\WINDOWS\system32\qappsrv.exe
2008-12-18 14:17:44 ----A---- C:\WINDOWS\system32\msg.exe
2008-12-18 14:17:44 ----A---- C:\WINDOWS\system32\logoff.exe
2008-12-18 14:17:44 ----A---- C:\WINDOWS\system32\cdmodem.dll
2008-12-18 14:17:43 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2008-12-18 14:17:40 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2008-12-18 14:17:34 ----D---- C:\Program Files\MSN
2008-12-18 14:17:33 ----A---- C:\WINDOWS\system32\sndrec32.exe
2008-12-18 14:17:33 ----A---- C:\WINDOWS\system32\mplay32.exe
2008-12-18 14:17:33 ----A---- C:\WINDOWS\system32\hypertrm.dll
2008-12-18 14:17:33 ----A---- C:\WINDOWS\system32\accwiz.exe
2008-12-18 14:17:32 ----D---- C:\Program Files\Windows NT
2008-12-18 14:17:32 ----A---- C:\WINDOWS\system32\spider.exe
2008-12-18 14:17:32 ----A---- C:\WINDOWS\system32\mspaint.exe
2008-12-18 14:17:32 ----A---- C:\WINDOWS\system32\clipbrd.exe
2008-12-18 14:17:31 ----D---- C:\WINDOWS\system32\en-US
2008-12-18 14:17:31 ----A---- C:\WINDOWS\system32\tsgqec.dll
2008-12-18 14:17:31 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2008-12-18 14:17:31 ----A---- C:\WINDOWS\system32\rhttpaa.dll
2008-12-18 14:17:31 ----A---- C:\WINDOWS\system32\aaclient.dll
2008-12-18 14:17:30 ----A---- C:\WINDOWS\system32\termsrv.dll
2008-12-18 14:17:30 ----A---- C:\WINDOWS\system32\sessmgr.exe
2008-12-18 14:17:30 ----A---- C:\WINDOWS\system32\remotepg.dll
2008-12-18 14:17:30 ----A---- C:\WINDOWS\system32\rdshost.exe
2008-12-18 14:17:30 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2008-12-18 14:17:30 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2008-12-18 14:17:30 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2008-12-18 14:17:30 ----A---- C:\WINDOWS\system32\rdpclip.exe
2008-12-18 14:17:30 ----A---- C:\WINDOWS\system32\rdchost.dll
2008-12-18 14:17:30 ----A---- C:\WINDOWS\system32\qprocess.exe
2008-12-18 14:17:30 ----A---- C:\WINDOWS\system32\mstscax.dll
2008-12-18 14:17:30 ----A---- C:\WINDOWS\system32\mstsc.exe
2008-12-18 14:17:29 ----D---- C:\WINDOWS\system32\MsDtc
2008-12-18 14:17:29 ----A---- C:\WINDOWS\system32\xolehlp.dll
2008-12-18 14:17:29 ----A---- C:\WINDOWS\system32\mtxoci.dll
2008-12-18 14:17:29 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2008-12-18 14:17:29 ----A---- C:\WINDOWS\system32\msdtctm.dll
2008-12-18 14:17:29 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2008-12-18 14:17:29 ----A---- C:\WINDOWS\system32\msdtclog.dll
2008-12-18 14:17:29 ----A---- C:\WINDOWS\system32\msdtc.exe
2008-12-18 14:17:29 ----A---- C:\WINDOWS\system32\icaapi.dll
2008-12-18 14:17:29 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2008-12-18 14:17:28 ----D---- C:\WINDOWS\system32\Com
2008-12-18 14:17:28 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2008-12-18 14:17:28 ----A---- C:\WINDOWS\system32\mtxex.dll
2008-12-18 14:17:28 ----A---- C:\WINDOWS\system32\mtxdm.dll
2008-12-18 14:17:28 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2008-12-18 14:17:28 ----A---- C:\WINDOWS\system32\comrepl.dll
2008-12-18 14:17:28 ----A---- C:\WINDOWS\system32\comaddin.dll
2008-12-18 14:17:28 ----A---- C:\WINDOWS\system32\colbact.dll
2008-12-18 14:17:27 ----A---- C:\WINDOWS\system32\stclient.dll
2008-12-18 14:17:27 ----A---- C:\WINDOWS\system32\comuid.dll
2008-12-18 14:17:27 ----A---- C:\WINDOWS\system32\comsvcs.dll
2008-12-18 14:17:27 ----A---- C:\WINDOWS\system32\comsnap.dll
2008-12-18 14:17:27 ----A---- C:\WINDOWS\system32\clbcatex.dll
2008-12-18 14:17:27 ----A---- C:\WINDOWS\system32\catsrvut.dll
2008-12-18 14:17:27 ----A---- C:\WINDOWS\system32\catsrvps.dll
2008-12-18 14:17:27 ----A---- C:\WINDOWS\system32\catsrv.dll
2008-12-18 14:17:26 ----A---- C:\WINDOWS\system32\clbcatq.dll
2008-12-18 14:17:23 ----A---- C:\WINDOWS\system32\servdeps.dll
2008-12-18 14:17:23 ----A---- C:\WINDOWS\system32\mmfutil.dll
2008-12-18 14:17:22 ----A---- C:\WINDOWS\system32\licwmi.dll
2008-12-18 14:17:22 ----A---- C:\WINDOWS\system32\cmprops.dll

======List of files/folders modified in the last 1 months======

2008-12-19 16:02:27 ----A---- C:\WINDOWS\win.ini
2008-12-19 01:12:33 ----A---- C:\WINDOWS\system.ini
2008-12-13 17:40:02 ----A---- C:\WINDOWS\system32\mshtml.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 InCDPass;InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys [2007-06-25 36776]
R1 incdrm;InCD Reader; C:\WINDOWS\system32\drivers\InCDRm.sys [2007-06-25 38440]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 36352]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 KLIF;KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [2008-09-18 148496]
R1 vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.sys [2008-10-09 353680]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 L1e;Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\WINDOWS\system32\DRIVERS\l1e51x86.sys [2008-03-11 36864]
R3 monfilt;monfilt; C:\WINDOWS\system32\drivers\monfilt.sys [2008-02-14 1389056]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-06-26 6555168]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2008-12-19 47360]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\WINDOWS\system32\drivers\viahduaa.sys [2008-02-14 222976]
R4 InCDfs;InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys [2007-06-25 119080]
S3 MagicTune;MagicTune; C:\WINDOWS\system32\drivers\MTiCtwl.sys []
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2008-11-07 32000]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-11-07 132424]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 InCDsrv;InCD Helper; C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe [2007-06-25 1552680]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-12-19 152984]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-08-23 79136]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-06-26 159812]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2008-11-20 536872]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S2 vsmon;TrueVector Internet Monitor; C:\WINDOWS\system32\ZoneLabs\vsmon.exe [2008-10-09 2405776]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-06-29 800040]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

-----------------EOF-----------------

#4 Buckeye_Sam

Buckeye_Sam

    Malware Expert


  • Members
  • 17,382 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Pickerington, Ohio
  • Local time:05:23 PM

Posted 20 December 2008 - 12:40 PM

You may be on the right track with the router.

Please download the OTMoveIt3 by OldTimer.
  • Save it to your desktop.
  • Please click OTMoveIt3 and then click >> run.
  • Copy the lines in the codebox below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):

    :reg
    [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1d0e27a0-cd0d-11dd-929d-806d6172696f}]
    [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c2e592dc-cd6d-11dd-961d-002215ba7042}]
    [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c2e592de-cd6d-11dd-961d-002215ba7042}]
    
    :Commands
    [EmptyTemp]
    [Reboot]
  • Return to OTMoveIt3, right click in the "Paste Instructions for items to be Moved" window (under the yellow bar) and choose Paste.
  • Click the red Moveit! button.
  • Copy everything in the Results window (under the green bar) to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
  • Close OTMoveIt3
Note: If an item cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes. In this case, after the reboot, open Notepad (Start->All Programs->Accessories->Notepad), click File->Open, in the File Name box enter *.log and press the Enter key, navigate to the C:\_OTMoveIt\MovedFiles folder, and open the newest .log file present, and copy/paste the contents of that document back here in your next post.



==================



Next you must reset the router to its default configuration. This can be done by inserting something tiny like a paper clip end or pencil tip into a small hole labeled "reset" located on the back of the router. Press and hold down the small button inside until the lights on the front of the router blink off and then on again (usually about 10 seconds). If you don’t know the router's default password, you can look it up HERE



How is your computer behaving now?
Posted Image If I have helped you in any way, please consider a donation to help me continue the fight against malware.


Failing to respond back to the person that is giving up their own time to help you not only is insensitive and disrespectful, but it guarantees that you will never receive help from me again. Please thank your helpers and there will always be help here when you need it!


========================================================

#5 catamongthebats

catamongthebats
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:08:23 AM

Posted 20 December 2008 - 08:29 PM

Hi Sam,

OK here is the OTMOVEIT log

========== REGISTRY ==========
Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1d0e27a0-cd0d-11dd-929d-806d6172696f}\\ deleted successfully.
Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c2e592dc-cd6d-11dd-961d-002215ba7042}\\ deleted successfully.
Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c2e592de-cd6d-11dd-961d-002215ba7042}\\ deleted successfully.
========== COMMANDS ==========
File delete failed. C:\DOCUME~1\user\LOCALS~1\Temp\~DF217D.tmp scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_3fc.dat scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\ZLT00352.TMP scheduled to be deleted on reboot.
Windows Temp folder emptied.
Java cache emptied.
Temp folders emptied.

OTMoveIt3 by OldTimer - Version 1.0.7.2 log created on 12212008_121122

Files moved on Reboot...
C:\DOCUME~1\user\LOCALS~1\Temp\~DF217D.tmp moved successfully.
File move failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be moved on reboot.
File C:\WINDOWS\temp\Perflib_Perfdata_3fc.dat not found!
File C:\WINDOWS\temp\ZLT00352.TMP not found!

I'm still unable to access the C drive through My Computer by double clicking on it. I get the message "Windows cannot find 'resycled\boot.com" and the same for my E: drive that I use for the external hard drive only it's "resycled\boot is not a valid Win32 application" Access is only available by right clicking and selecting explore.
I was able to update the Anti-Spyware part of Zone Alarm also which wouldn't work before (Lot of good Zone Alarm did me anyway!) :thumbsup:

Otherwise it seems to be going fine. I'm keeping Malwarebytes Anti-malware to avoid a repeat, and considering changing from Zone Alarm to something else.

Thanks, Cathy.

#6 Buckeye_Sam

Buckeye_Sam

    Malware Expert


  • Members
  • 17,382 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Pickerington, Ohio
  • Local time:05:23 PM

Posted 21 December 2008 - 09:11 AM

You shouldn't be getting that error still.
Let's take a closer look and see where it's coming from.
  • Please download OTViewIt by OldTimer to your desktop.
  • Double click on the OTViewIt.exe icon on your desktop.
  • Check the Scan All Users checkbox and leave Use Whitelist checked. Set the File Age to 30 days.
  • Click on the Run Scan button. Two reports that are located in the same location as OTViewIt will open.OTViewIt.txt <-- Will be opened
    Extra.txt <-- Will be minimized
Copy and Paste the logs into your next reply.
Posted Image If I have helped you in any way, please consider a donation to help me continue the fight against malware.


Failing to respond back to the person that is giving up their own time to help you not only is insensitive and disrespectful, but it guarantees that you will never receive help from me again. Please thank your helpers and there will always be help here when you need it!


========================================================

#7 catamongthebats

catamongthebats
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:08:23 AM

Posted 21 December 2008 - 08:53 PM

Hi Sam,

Logs as requested.

Cheers, Cathy.

OTViewIt logfile created on: 12/22/2008 12:48:55 PM - Run
OTViewIt by OldTimer - Version 1.0.20.1 Folder = C:\Documents and Settings\user\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 100.00% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 931.50 Gb Total Space | 908.57 Gb Free Space | 97.54% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: USER-530216A4FB
Current User Name: user
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Whitelist: On
File Age = 30 Days

========== Processes ==========

[2008/10/09 14:25:32 | 02,405,776 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\system32\ZoneLabs\vsmon.exe
[2008/06/03 22:59:02 | 00,139,264 | ---- | M] () -- C:\WINDOWS\system32\ZoneLabs\avsys\ScanningProcess.exe
[2008/06/03 22:59:02 | 00,139,264 | ---- | M] () -- C:\WINDOWS\system32\ZoneLabs\avsys\ScanningProcess.exe
[2008/11/07 14:28:16 | 00,132,424 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
[2008/08/29 10:18:44 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
[2007/06/25 08:47:12 | 01,552,680 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
[2008/12/19 17:01:27 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
[2007/08/23 17:40:48 | 00,079,136 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe
[2008/12/03 19:52:34 | 00,170,640 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
[2008/06/26 06:57:00 | 00,159,812 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
[2004/08/11 01:45:04 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdfmgr.exe
[2008/04/10 14:36:58 | 29,757,440 | R--- | M] (VIA Technologies, Inc.) -- C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe
[2008/04/14 23:00:00 | 00,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rundll32.exe
[2007/06/25 08:47:24 | 01,629,480 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
[2007/06/25 08:47:02 | 01,057,064 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero 7\InCD\InCD.exe
[2008/10/09 14:25:34 | 00,981,904 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
[2008/11/20 13:20:54 | 00,290,088 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe
[2008/12/19 17:01:27 | 00,136,600 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
[2008/12/03 19:52:34 | 00,399,504 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
[2007/08/23 17:36:30 | 00,455,968 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
[2007/06/27 19:03:40 | 00,152,872 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
[2008/05/30 07:37:30 | 00,808,208 | ---- | M] (SonicWALL, Inc.) -- C:\Program Files\Zone Labs\ZoneAlarm\MailFrontier\mantispm.exe
[2007/06/27 19:04:00 | 00,279,848 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
[2007/06/27 19:04:00 | 01,213,736 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
[2008/11/20 13:20:44 | 00,536,872 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
[2008/10/16 14:09:44 | 00,051,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuauclt.exe
[2008/10/16 14:09:44 | 00,051,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuauclt.exe
[2008/10/15 18:06:26 | 00,633,632 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
[2008/12/22 12:48:28 | 00,423,424 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\user\Desktop\OTViewIt.exe

========== (O23) Win32 Services ==========

[2008/11/07 14:28:16 | 00,132,424 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device [Auto | Running])
[2008/08/29 10:18:44 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Running])
[2005/04/04 00:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])
[2007/06/25 08:47:12 | 01,552,680 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe -- (InCDsrv [Auto | Running])
[2008/11/20 13:20:44 | 00,536,872 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service [On_Demand | Running])
[2008/12/19 17:01:27 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running])
[2007/08/23 17:40:48 | 00,079,136 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService [Auto | Running])
[2008/12/03 19:52:34 | 00,170,640 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService [Auto | Running])
[2007/06/29 19:16:56 | 00,800,040 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe -- (NBService [On_Demand | Stopped])
[2007/06/27 19:04:00 | 00,279,848 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService [On_Demand | Running])
[2008/06/26 06:57:00 | 00,159,812 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc [Auto | Running])
[2006/10/26 19:49:34 | 00,441,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped])
[2006/10/26 14:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
[2004/08/11 01:45:04 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdfmgr.exe -- (UMWdf [Auto | Running])
[2008/10/09 14:25:32 | 02,405,776 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\system32\ZoneLabs\vsmon.exe -- (vsmon [Auto | Running])

========== Driver Services ==========

[2008/04/17 13:12:54 | 00,015,464 | ---- | M] (GEAR Software Inc.) -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM [On_Demand | Running])
[2008/04/14 23:00:00 | 00,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus [On_Demand | Running])
[2007/06/25 08:47:02 | 00,119,080 | ---- | M] (Nero AG) -- C:\WINDOWS\system32\drivers\InCDfs.sys -- (InCDfs [Disabled | Running])
[2007/06/25 08:47:12 | 00,036,776 | ---- | M] (Nero AG) -- C:\WINDOWS\system32\drivers\InCDPass.sys -- (InCDPass [System | Running])
[2007/06/25 08:47:12 | 00,038,440 | ---- | M] (Nero AG) -- C:\WINDOWS\system32\drivers\InCDRm.sys -- (incdrm [System | Running])
[2008/04/14 00:09:50 | 00,014,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\kbdhid.sys -- (kbdhid [System | Running])
[2008/09/18 18:15:14 | 00,148,496 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\system32\drivers\klif.sys -- (KLIF [System | Running])
[2008/03/11 22:37:00 | 00,036,864 | R--- | M] (Atheros Communications, Inc.) -- C:\WINDOWS\system32\drivers\l1e51x86.sys -- (L1e [On_Demand | Running])
[2008/12/03 19:52:34 | 00,015,504 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector [On_Demand | Running])
[2008/02/14 17:12:02 | 01,389,056 | R--- | M] (Creative Technology Ltd.) -- C:\WINDOWS\system32\drivers\monfilt.sys -- (monfilt [On_Demand | Running])
[2004/08/13 21:56:20 | 00,005,810 | R--- | M] () -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor [On_Demand | Running])
[2008/06/26 06:57:00 | 06,555,168 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv [On_Demand | Running])
[2008/12/19 15:12:54 | 00,047,360 | ---- | M] (VSO Software) -- C:\WINDOWS\system32\drivers\pcouffin.sys -- (pcouffin [On_Demand | Running])
[2008/04/14 23:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink [On_Demand | Running])
[2008/04/14 23:00:00 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv [On_Demand | Stopped])
[2008/04/21 07:19:58 | 00,051,648 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\system32\ZoneLabs\srescan.sys -- (srescan [Boot | Running])
[2008/11/07 14:23:30 | 00,032,000 | ---- | M] (Apple, Inc.) -- C:\WINDOWS\system32\drivers\usbaapl.sys -- (USBAAPL [On_Demand | Stopped])
[2008/02/14 14:36:34 | 00,222,976 | R--- | M] (VIA Technologies, Inc.) -- C:\WINDOWS\system32\drivers\viahduaa.sys -- (VIAHdAudAddService [On_Demand | Running])
[2008/10/09 14:25:36 | 00,353,680 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\system32\vsdatant.sys -- (vsdatant [System | Running])

========== (R ) Internet Explorer ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main]
"Default_Page_URL"=http://go.microsoft.com/fwlink/?LinkId=69157
"Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896
"Default_Secondary_Page_URL"=
"Extensions Off Page"=about:NoAdd-ons
"Local Page"=%SystemRoot%\system32\blank.htm
"Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896
"Security Risk Page"=about:SecurityRisk
"Start Page"=http://go.microsoft.com/fwlink/?LinkId=69157

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search]
"CustomizeSearch"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
"SearchAssistant"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main]
"Local Page"=C:\WINDOWS\system32\blank.htm
"Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
"Start Page"=http://www.google.com.au/

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0
"ProxyOverride" = *.local

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main]

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main]

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main]

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0

[HKEY_USERS\S-1-5-21-842925246-162531612-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main]
"Local Page"=C:\WINDOWS\system32\blank.htm
"Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
"Start Page"=http://www.google.com.au/

[HKEY_USERS\S-1-5-21-842925246-162531612-682003330-1004\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-842925246-162531612-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0
"ProxyOverride" = *.local

========== (O1) Hosts File ==========

HOSTS File = (734 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
First 25 entries...
127.0.0.1 localhost

========== (O2) BHO's ==========

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (HKLM) -- C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
{DBC80044-A445-435b-BC74-9C25C1C588A9} (HKLM) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
{E7E6F031-17CE-4C07-BC86-EABFE594F69C} (HKLM) -- C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)

========== (O4) Run Keys ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe" 1 (VIA Technologies, Inc.)
"InCD"="C:\Program Files\Nero\Nero 7\InCD\InCD.exe" (Nero AG)
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" (Apple Inc.)
"Malwarebytes' Anti-Malware"="C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray (Malwarebytes Corporation)
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" (Nero AG)
"NvCplDaemon"="C:\WINDOWS\system32\RUNDLL32.EXE" C:\WINDOWS\system32\NvCpl.dll,NvStartup (NVIDIA Corporation)
"NvMediaCenter"="C:\WINDOWS\system32\RUNDLL32.EXE" C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit (NVIDIA Corporation)
"nwiz"="C:\WINDOWS\system32\nwiz.exe" /install ()
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" -atboottime (Apple Inc.)
"SecurDisc"="C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe" (Nero AG)
"SunJavaUpdateSched"="C:\Program Files\Java\jre6\bin\jusched.exe" (Sun Microsystems, Inc.)
"ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" (Check Point Software Technologies LTD)

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" (Nero AG)
"LightScribe Control Panel"="C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe" -hidden (Hewlett-Packard Company)

[HKEY_USERS\S-1-5-21-842925246-162531612-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" (Nero AG)
"LightScribe Control Panel"="C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe" -hidden (Hewlett-Packard Company)

========== (O4) Startup Folders ==========


========== (O6 & O7) Current Version Policies ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145

[HKEY_USERS\S-1-5-21-842925246-162531612-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145

========== (O8) IE Context Menu Extensions ==========

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\]
E&xport to Microsoft Excel: C:\Program Files\Microsoft Office\Office12\EXCEL.EXE [2006/10/27 15:07:36 | 17,891,112 | ---- | M] (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-842925246-162531612-682003330-1004\Software\Microsoft\Internet Explorer\MenuExt\]
E&xport to Microsoft Excel: C:\Program Files\Microsoft Office\Office12\EXCEL.EXE [2006/10/27 15:07:36 | 17,891,112 | ---- | M] (Microsoft Corporation)

========== (O9) IE Extensions ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
{92780B25-18CC-41C8-B9BE-3C9C571A8263}: Button: Research -- %ProgramFiles%\Microsoft Office\Office12\REFIEBAR.DLL [2006/10/26 20:12:22 | 00,040,424 | ---- | M] (Microsoft Corporation)
{e2e2dd38-d088-4134-82b7-f2ba38496583}: Menu: @xpsp3res.dll,-20001 -- %SystemRoot%\Network Diagnostic\xpnetdiag.exe [2008/04/14 23:00:00 | 00,558,080 | ---- | M] (Microsoft Corporation)
{FB5F1910-F110-11d2-BB9E-00C04F795683}: Button: Messenger -- %ProgramFiles%\Messenger\msmsgs.exe [2008/04/14 05:42:30 | 01,695,232 | -HS- | M] (Microsoft Corporation)
{FB5F1910-F110-11d2-BB9E-00C04F795683}: Menu: Windows Messenger -- %ProgramFiles%\Messenger\msmsgs.exe [2008/04/14 05:42:30 | 01,695,232 | -HS- | M] (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
CmdMapping\\{e2e2dd38-d088-4134-82b7-f2ba38496583} [HKLM] -> %SystemRoot%\Network Diagnostic\xpnetdiag.exe [@xpsp3res.dll,-20001] -> [2008/04/14 23:00:00 | 00,558,080 | ---- | M] (Microsoft Corporation)
CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2008/04/14 05:42:30 | 01,695,232 | -HS- | M] (Microsoft Corporation)

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
CmdMapping\\{e2e2dd38-d088-4134-82b7-f2ba38496583} [HKLM] -> %SystemRoot%\Network Diagnostic\xpnetdiag.exe [@xpsp3res.dll,-20001] -> [2008/04/14 23:00:00 | 00,558,080 | ---- | M] (Microsoft Corporation)
CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2008/04/14 05:42:30 | 01,695,232 | -HS- | M] (Microsoft Corporation)

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
CmdMapping\\{e2e2dd38-d088-4134-82b7-f2ba38496583} [HKLM] -> %SystemRoot%\Network Diagnostic\xpnetdiag.exe [@xpsp3res.dll,-20001] -> [2008/04/14 23:00:00 | 00,558,080 | ---- | M] (Microsoft Corporation)
CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2008/04/14 05:42:30 | 01,695,232 | -HS- | M] (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-842925246-162531612-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
CmdMapping\\{e2e2dd38-d088-4134-82b7-f2ba38496583} [HKLM] -> %SystemRoot%\Network Diagnostic\xpnetdiag.exe [@xpsp3res.dll,-20001] -> [2008/04/14 23:00:00 | 00,558,080 | ---- | M] (Microsoft Corporation)
CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2008/04/14 05:42:30 | 01,695,232 | -HS- | M] (Microsoft Corporation)

========== (O12) Internet Explorer Plugins ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\]
PluginsPage: "" = http://activex.microsoft.com/controls/find...=%s&mime=%s
PluginsPageFriendlyName: "" = Microsoft ActiveX Gallery

========== (O13) Default Prefixes ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix]
""=http://

========== (O15) Trusted Sites ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
1 domain(s) and sub-domain(s) not assigned to a zone.

========== (O16) DPF ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\]
{8AD9C840-044E-11D1-B3E9-00805F499D93}: http://dl8-cdn-01.sun.com/s/ESD5/JSCDL/jre...ows-i586-jc.cab -- Java Plug-in 1.6.0_11
{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab -- Java Plug-in 1.6.0_11
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab -- Java Plug-in 1.6.0_11

========== (O17) DNS Name Servers ==========

{7C9A52C0-B1B6-41D3-8C8D-E9F2EBEB99ED} (Servers: | Description: Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller)

========== Safeboot Options ==========

"AlternateShell"=cmd.exe

========== CDRom AutoRun Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]
"AutoRun" = 1

========== Autorun Files on Drives ==========

AUTOEXEC.BAT []
[2008/12/18 14:20:36 | 00,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT -- [ NTFS ]

autorun.inf [[autorun] | ;esfccekfsxyctqltjzrixwynxyrfysmxqbqgzgyzgmii | shellexecute="resycled\boot.com c:" | ;nkudvxnxtujvvfixhnxyzspyadmzioidcvpxvowbkygxmguvaelneyqhnclumjrcjhilkxpdrmjfhzosnwcjrmaef | shell\Open\command="resycled\boot.com c:" | ;ybzagtwdeaspshjbaqzyhtqa | ]
[2008/12/19 20:13:40 | 00,000,255 | RHS- | M] () -- C:\autorun.inf -- [ NTFS ]

========== MountPoints2 ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c2e592dc-cd6d-11dd-961d-002215ba7042}\Shell]
""=Autorun

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c2e592dc-cd6d-11dd-961d-002215ba7042}\Shell\AutoRun]
""=Auto&Play


[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c2e592dc-cd6d-11dd-961d-002215ba7042}\Shell\AutoRun\command]
""=C:\WINDOWS\system32\shell32.dll -- [2008/04/14 23:00:00 | 08,461,312 | ---- | M] (Microsoft Corporation)


[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c2e592dc-cd6d-11dd-961d-002215ba7042}\Shell\Open\command]
""=E:\resycled\boot.com -- File not found

========== Files/Folders - Created Within 30 Days ==========

[1 C:\WINDOWS\System32\*.tmp files]
[3 C:\WINDOWS\*.tmp files]
[2008/12/22 12:48:07 | 00,423,424 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\user\Desktop\OTViewIt.exe
[2008/12/21 21:39:12 | 00,000,000 | ---D | C] -- C:\Documents and Settings\user\My Documents\Backgrounds
[2008/12/21 13:28:41 | 00,001,587 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\DAZ Studio 2.3.lnk
[2008/12/21 13:27:00 | 00,026,624 | ---- | C] (DAZ 3D, Inc) -- C:\WINDOWS\System32\dzwrapper.dll
[2008/12/21 13:26:59 | 10,137,600 | ---- | C] (DAZ 3D, Inc) -- C:\WINDOWS\System32\dzcore.dll
[2008/12/21 13:26:59 | 00,049,152 | ---- | C] (DAZ 3D, Inc) -- C:\WINDOWS\System32\dzcarrara.dll
[2008/12/21 13:26:59 | 00,033,280 | ---- | C] (DAZ 3D, Inc) -- C:\WINDOWS\System32\dzbryce6.dll
[2008/12/21 13:26:58 | 06,131,712 | ---- | C] () -- C:\WINDOWS\System32\daz-qt-mt.dll
[2008/12/21 13:26:58 | 02,076,672 | ---- | C] () -- C:\WINDOWS\System32\dz3delight.dll
[2008/12/21 13:26:58 | 01,785,856 | ---- | C] () -- C:\WINDOWS\System32\daz-qsa.dll
[2008/12/21 13:26:31 | 00,000,000 | ---D | C] -- C:\Program Files\DAZ
[2008/12/21 12:11:22 | 00,000,000 | ---D | C] -- C:\_OTMoveIt
[2008/12/21 12:10:26 | 01,033,216 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\user\Desktop\OTMoveIt3.exe
[2008/12/20 20:58:33 | 12,117,0212 | ---- | C] (BitRock SL) -- C:\Documents and Settings\user\Desktop\DAZStudio_2.3.3.89_win.exe
[2008/12/20 20:11:25 | 00,269,500 | ---- | C] () -- C:\Documents and Settings\user\My Documents\Malwarebytes_org Online Store.mht
[2008/12/20 18:50:37 | 00,090,112 | ---- | C] (MindVision Software) -- C:\WINDOWS\unvise32.exe
[2008/12/20 17:51:06 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\OptiTex
[2008/12/20 15:42:24 | 00,000,000 | ---D | C] -- C:\My Music
[2008/12/20 15:42:01 | 00,003,421 | ---- | C] () -- C:\WINDOWS\CDPlayer.ini
[2008/12/20 12:31:33 | 00,000,000 | ---D | C] -- C:\Program Files\OptusNet DSL Internet
[2008/12/20 12:27:30 | 00,299,520 | ---- | C] (InstallShield Corporation, Inc.) -- C:\WINDOWS\uninst.exe
[2008/12/19 21:54:49 | 00,000,000 | ---D | C] -- C:\WINDOWS\ie7updates
[2008/12/19 21:53:45 | 00,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2008/12/19 20:59:46 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles
[2008/12/19 20:36:21 | 00,459,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2008/12/19 20:36:20 | 00,267,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2008/12/19 20:36:20 | 00,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2008/12/19 20:36:19 | 00,383,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieapfltr.dll
[2008/12/19 20:36:19 | 00,063,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icardie.dll
[2008/12/19 20:36:19 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieudinit.exe
[2008/12/19 20:36:18 | 02,455,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieapfltr.dat
[2008/12/19 20:36:18 | 00,991,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll.mui
[2008/12/19 20:36:16 | 06,066,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2008/12/19 20:25:10 | 02,145,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe
[2008/12/19 20:25:09 | 02,189,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe
[2008/12/19 20:25:07 | 02,066,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlpa.exe
[2008/12/19 20:25:07 | 02,023,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe
[2008/12/19 20:23:46 | 00,455,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys
[2008/12/19 20:03:33 | 01,701,594 | ---- | C] () -- C:\Documents and Settings\user\My Documents\Season3cover.docx
[2008/12/19 20:03:33 | 00,455,168 | ---- | C] () -- C:\Documents and Settings\user\My Documents\Supernatural season 3 insert final.pub
[2008/12/19 20:03:33 | 00,423,181 | ---- | C] () -- C:\Documents and Settings\user\My Documents\Nightwing_print_in_color_by_butones.jpg
[2008/12/19 20:03:33 | 00,378,368 | ---- | C] () -- C:\Documents and Settings\user\My Documents\Your shopping cart.doc
[2008/12/19 20:03:33 | 00,162,586 | ---- | C] () -- C:\Documents and Settings\user\My Documents\Picture7.JPG
[2008/12/19 20:03:33 | 00,125,348 | ---- | C] () -- C:\Documents and Settings\user\My Documents\SnowToolGuide.pdf
[2008/12/19 20:03:33 | 00,010,086 | ---- | C] () -- C:\Documents and Settings\user\My Documents\DVDCover.docx
[2008/12/19 20:03:32 | 01,260,544 | ---- | C] () -- C:\Documents and Settings\user\My Documents\DazOctobercontent.doc
[2008/12/19 20:03:32 | 01,232,192 | ---- | C] () -- C:\Documents and Settings\user\My Documents\DAZCONTENTfigures.docx
[2008/12/19 20:03:32 | 00,857,646 | ---- | C] () -- C:\Documents and Settings\user\My Documents\DAZCONTENT.docx
[2008/12/19 20:03:32 | 00,608,382 | ---- | C] () -- C:\Documents and Settings\user\My Documents\Catanna2.jpg
[2008/12/19 20:03:32 | 00,558,524 | ---- | C] () -- C:\Documents and Settings\user\My Documents\DAZCONTENTHair.docx
[2008/12/19 20:03:32 | 00,380,608 | ---- | C] () -- C:\Documents and Settings\user\My Documents\Catanna.jpg
[2008/12/19 20:03:32 | 00,148,893 | ---- | C] () -- C:\Documents and Settings\user\My Documents\DAZCONTENTPose.docx
[2008/12/19 20:03:32 | 00,068,096 | ---- | C] () -- C:\Documents and Settings\user\My Documents\DazOrder.doc
[2008/12/19 20:03:32 | 00,005,765 | ---- | C] () -- C:\Documents and Settings\user\My Documents\BILLING RECEIPT.mht
[2008/12/19 20:03:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\user\My Documents\Novels
[2008/12/19 20:03:20 | 00,000,000 | R--D | C] -- C:\Documents and Settings\user\My Documents\My Videos
[2008/12/19 20:03:20 | 00,000,000 | ---D | C] -- C:\Documents and Settings\user\My Documents\New Poser Downloads
[2008/12/19 20:02:57 | 00,000,000 | ---D | C] -- C:\Documents and Settings\user\My Documents\Lavalla
[2008/12/19 20:02:50 | 00,000,000 | ---D | C] -- C:\Documents and Settings\user\My Documents\DAZ Scenes
[2008/12/19 20:02:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\user\My Documents\BATMAN
[2008/12/19 19:50:33 | 21,237,024 | -HS- | C] () -- C:\WINDOWS\System32\drivers\fidbox.dat
[2008/12/19 19:50:33 | 00,286,208 | -HS- | C] () -- C:\WINDOWS\System32\drivers\fidbox.idx
[2008/12/19 18:29:46 | 00,000,000 | ---D | C] -- C:\Documents and Settings\user\Application Data\Malwarebytes
[2008/12/19 18:29:45 | 00,015,504 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2008/12/19 18:29:45 | 00,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2008/12/19 18:29:43 | 00,038,496 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2008/12/19 18:29:42 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2008/12/19 18:29:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2008/12/19 18:08:37 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\LightScribe
[2008/12/19 17:17:53 | 00,000,000 | ---D | C] -- C:\rsit
[2008/12/19 17:01:38 | 00,000,000 | ---D | C] -- C:\WINDOWS\Sun
[2008/12/19 17:01:25 | 00,000,000 | ---D | C] -- C:\Program Files\Java
[2008/12/19 16:57:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\user\Application Data\Sun
[2008/12/19 16:54:54 | 00,781,851 | ---- | C] () -- C:\Documents and Settings\user\Desktop\RSIT.exe
[2008/12/19 16:50:31 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2008/12/19 16:25:20 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\DAZ
[2008/12/19 16:12:13 | 00,000,000 | ---D | C] -- C:\Program Files\SonicWallES
[2008/12/19 16:04:48 | 00,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2008/12/19 16:04:44 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio
[2008/12/19 16:04:44 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2008/12/19 16:02:21 | 00,000,000 | ---D | C] -- C:\WINDOWS\SHELLNEW
[2008/12/19 16:02:09 | 00,000,000 | ---D | C] -- C:\Documents and Settings\user\Local Settings\Application Data\Microsoft Help
[2008/12/19 16:02:07 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2008/12/19 16:02:07 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft Help
[2008/12/19 16:01:49 | 00,000,000 | RH-D | C] -- C:\MSOCache
[2008/12/19 15:53:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\user\Application Data\Apple Computer
[2008/12/19 15:53:42 | 00,000,000 | ---D | C] -- C:\Program Files\iPod
[2008/12/19 15:53:41 | 00,000,000 | ---D | C] -- C:\Program Files\iTunes
[2008/12/19 15:53:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[2008/12/19 15:53:33 | 00,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2008/12/19 15:53:20 | 00,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2008/12/19 15:53:20 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
[2008/12/19 15:53:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\user\Local Settings\Application Data\Apple
[2008/12/19 15:53:13 | 00,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2008/12/19 15:53:04 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2008/12/19 15:53:04 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple
[2008/12/19 15:52:35 | 00,000,000 | ---D | C] -- C:\Documents and Settings\user\Local Settings\Application Data\Apple Computer
[2008/12/19 15:47:59 | 00,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2008/12/19 15:12:54 | 00,087,608 | ---- | C] () -- C:\Documents and Settings\user\Application Data\inst.exe
[2008/12/19 15:12:54 | 00,047,360 | ---- | C] (VSO Software) -- C:\WINDOWS\System32\drivers\pcouffin.sys
[2008/12/19 15:12:54 | 00,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\user\Application Data\pcouffin.sys
[2008/12/19 15:12:54 | 00,007,887 | ---- | C] () -- C:\Documents and Settings\user\Application Data\pcouffin.cat
[2008/12/19 15:12:54 | 00,001,144 | ---- | C] () -- C:\Documents and Settings\user\Application Data\pcouffin.inf
[2008/12/19 15:12:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\user\My Documents\PcSetup
[2008/12/19 15:12:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\user\Application Data\Vso
[2008/12/19 15:12:53 | 00,000,000 | ---D | C] -- C:\Documents and Settings\user\My Documents\DVDFab
[2008/12/19 15:12:50 | 00,000,618 | ---- | C] () -- C:\Documents and Settings\user\Desktop\DVDFab 5.lnk
[2008/12/19 15:12:49 | 00,000,000 | ---D | C] -- C:\Program Files\DVDFab 5
[2008/12/19 14:13:18 | 00,000,805 | ---- | C] () -- C:\rollback.ini
[2008/12/19 13:42:25 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2008/12/19 13:36:03 | 00,000,104 | ---- | C] () -- C:\Documents and Settings\user\Desktop\Shortcut to Internet.lnk
[2008/12/19 13:33:22 | 00,000,000 | ---D | C] -- C:\Documents and Settings\user\Application Data\MailFrontier
[2008/12/19 13:24:43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MailFrontier
[2008/12/19 13:24:41 | 00,004,212 | -H-- | C] () -- C:\WINDOWS\System32\zllictbl.dat
[2008/12/19 13:24:37 | 00,148,496 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klif.sys
[2008/12/19 13:24:30 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ZoneLabs
[2008/12/19 13:24:30 | 00,000,000 | ---D | C] -- C:\Program Files\Zone Labs
[2008/12/19 13:24:29 | 00,349,222 | ---- | C] () -- C:\WINDOWS\System32\vsconfig.xml
[2008/12/19 13:23:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\Internet Logs
[2008/12/19 13:21:20 | 00,000,255 | RHS- | C] () -- C:\autorun.inf
[2008/12/19 13:18:20 | 00,000,000 | ---D | C] -- C:\Documents and Settings\user\Local Settings\Application Data\Collectorz.com
[2008/12/19 13:18:17 | 00,000,920 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Comic Collector.lnk
[2008/12/19 13:18:14 | 00,000,000 | ---D | C] -- C:\Program Files\Collectorz.com
[2008/12/19 13:18:14 | 00,000,000 | ---D | C] -- C:\Documents and Settings\user\My Documents\Comic Collector
[2008/12/19 13:15:26 | 00,000,660 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\MediaMonkey.lnk
[2008/12/19 13:15:24 | 00,000,000 | ---D | C] -- C:\Documents and Settings\user\Local Settings\Application Data\MediaMonkey
[2008/12/19 13:15:23 | 00,000,000 | ---D | C] -- C:\Program Files\MediaMonkey
[2008/12/19 13:13:37 | 00,000,766 | ---- | C] () -- C:\Documents and Settings\user\Desktop\MailWasher Pro.lnk
[2008/12/19 13:13:37 | 00,000,000 | ---D | C] -- C:\Documents and Settings\user\Application Data\MailWasherPro
[2008/12/19 13:13:36 | 00,000,000 | ---D | C] -- C:\Program Files\FireTrust
[2008/12/19 13:09:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\user\Local Settings\Application Data\Identities
[2008/12/19 13:04:53 | 00,000,000 | -HSD | C] -- C:\RECYCLER
[2008/12/19 12:38:34 | 00,026,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\USBSTOR.SYS
[2008/12/19 12:38:34 | 00,026,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbstor.sys
[2008/12/19 12:37:08 | 00,002,422 | ---- | C] () -- C:\WINDOWS\System32\wpa.bak
[2008/12/19 12:16:15 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2008/12/19 09:06:31 | 01,677,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chsbrkr.dll
[2008/12/19 09:06:31 | 01,677,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\chsbrkr.dll
[2008/12/19 09:06:31 | 00,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtbrkr.dll
[2008/12/19 09:06:31 | 00,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\chtbrkr.dll
[2008/12/19 09:06:30 | 01,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msir3jp.lex
[2008/12/19 09:06:30 | 01,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.lex
[2008/12/19 09:06:30 | 01,158,818 | ---- | C] () -- C:\WINDOWS\System32\korwbrkr.lex
[2008/12/19 09:06:30 | 01,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2008/12/19 09:06:30 | 00,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msir3jp.dll
[2008/12/19 09:06:30 | 00,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.dll
[2008/12/19 09:06:30 | 00,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\korwbrkr.dll
[2008/12/19 09:06:30 | 00,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\korwbrkr.dll
[2008/12/19 09:06:30 | 00,002,060 | ---- | C] () -- C:\WINDOWS\System32\noise.jpn
[2008/12/19 09:06:30 | 00,001,486 | ---- | C] () -- C:\WINDOWS\System32\noise.kor
[2008/12/19 09:06:28 | 10,096,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxcht.dll
[2008/12/19 09:06:25 | 00,211,938 | ---- | C] () -- C:\WINDOWS\System32\lcphrase.tbl
[2008/12/19 09:06:25 | 00,146,126 | ---- | C] () -- C:\WINDOWS\System32\array30.tab
[2008/12/19 09:06:25 | 00,116,285 | ---- | C] () -- C:\WINDOWS\System32\msdayi.tbl
[2008/12/19 09:06:25 | 00,110,566 | ---- | C] () -- C:\WINDOWS\System32\arphr.tbl
[2008/12/19 09:06:25 | 00,044,370 | ---- | C] () -- C:\WINDOWS\System32\acode.tbl
[2008/12/19 09:06:25 | 00,044,370 | ---- | C] () -- C:\WINDOWS\System32\a234.tbl
[2008/12/19 09:06:25 | 00,043,242 | ---- | C] () -- C:\WINDOWS\System32\phoncode.tbl
[2008/12/19 09:06:25 | 00,024,114 | ---- | C] () -- C:\WINDOWS\System32\lcptr.tbl
[2008/12/19 09:06:25 | 00,018,600 | ---- | C] () -- C:\WINDOWS\System32\arrayhw.tab
[2008/12/19 09:06:25 | 00,016,312 | ---- | C] () -- C:\WINDOWS\System32\arptr.tbl
[2008/12/19 09:06:25 | 00,004,071 | ---- | C] () -- C:\WINDOWS\System32\phon.tbl
[2008/12/19 09:06:25 | 00,002,714 | ---- | C] () -- C:\WINDOWS\System32\phonptr.tbl
[2008/12/19 09:06:25 | 00,001,460 | ---- | C] () -- C:\WINDOWS\System32\a15.tbl
[2008/12/19 09:06:25 | 00,000,700 | ---- | C] () -- C:\WINDOWS\System32\dayiptr.tbl
[2008/12/19 09:06:25 | 00,000,520 | ---- | C] () -- C:\WINDOWS\System32\dayiphr.tbl
[2008/12/19 09:06:23 | 01,223,500 | ---- | C] () -- C:\WINDOWS\System32\WINZM.MB
[2008/12/19 09:06:22 | 01,783,864 | ---- | C] () -- C:\WINDOWS\System32\WINPY.MB
[2008/12/19 09:06:22 | 01,564,868 | ---- | C] () -- C:\WINDOWS\System32\WINSP.MB
[2008/12/19 09:06:21 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs412.dll
[2008/12/19 09:06:21 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbd101a.dll
[2008/12/19 09:06:21 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101a.dll
[2008/12/19 09:06:20 | 10,129,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxkor.dll
[2008/12/19 09:06:20 | 00,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2008/12/19 09:06:20 | 00,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2008/12/19 09:06:20 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imkrinst.exe
[2008/12/19 09:06:20 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmig.exe
[2008/12/19 09:06:20 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hanjadic.dll
[2008/12/19 09:06:17 | 00,311,359 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsv.exe
[2008/12/19 09:06:17 | 00,102,463 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsm.dll
[2008/12/19 09:06:17 | 00,036,927 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs411.dll
[2008/12/19 09:06:16 | 00,471,102 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskdic.dll
[2008/12/19 09:06:16 | 00,229,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\multibox.dll
[2008/12/19 09:06:16 | 00,143,422 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\softkey.dll
[2008/12/19 09:06:16 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdnecAT.dll
[2008/12/19 09:06:16 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecat.dll
[2008/12/19 09:06:16 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdnecNT.dll
[2008/12/19 09:06:16 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecnt.dll
[2008/12/19 09:06:16 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdnec95.dll
[2008/12/19 09:06:16 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnec95.dll
[2008/12/19 09:06:09 | 00,057,398 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdadm.exe
[2008/12/19 09:06:09 | 00,045,109 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpuex.exe
[2008/12/19 09:06:06 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_is2022.dll
[2008/12/19 09:06:06 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\c_is2022.dll
[2008/12/19 09:06:05 | 00,571,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\TINTLGNT.IME
[2008/12/19 09:06:05 | 00,571,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlgnt.ime
[2008/12/19 09:06:05 | 00,480,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintsetp.exe
[2008/12/19 09:06:05 | 00,455,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintsetp.exe
[2008/12/19 09:06:05 | 00,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintime.dll
[2008/12/19 09:06:05 | 00,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2008/12/19 09:06:05 | 00,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtmbx.dll
[2008/12/19 09:06:05 | 00,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winar30.ime
[2008/12/19 09:06:05 | 00,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winar30.ime
[2008/12/19 09:06:05 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtskdic.dll
[2008/12/19 09:06:05 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlphr.exe
[2008/12/19 09:06:05 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintlgnt.ime
[2008/12/19 09:06:05 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\CINTLGNT.IME
[2008/12/19 09:06:05 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0404.dll
[2008/12/19 09:06:05 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs404.dll
[2008/12/19 09:06:05 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmigrate.dll
[2008/12/19 09:06:04 | 00,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\phon.ime
[2008/12/19 09:06:04 | 00,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phon.ime
[2008/12/19 09:06:04 | 00,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dayi.ime
[2008/12/19 09:06:04 | 00,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dayi.ime
[2008/12/19 09:06:04 | 00,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chajei.ime
[2008/12/19 09:06:04 | 00,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\chajei.ime
[2008/12/19 09:06:04 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\quick.ime
[2008/12/19 09:06:04 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quick.ime
[2008/12/19 09:06:04 | 00,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\uniime.dll
[2008/12/19 09:06:04 | 00,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniime.dll
[2008/12/19 09:06:04 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winime.ime
[2008/12/19 09:06:04 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winime.ime
[2008/12/19 09:06:04 | 00,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\unicdime.ime
[2008/12/19 09:06:04 | 00,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unicdime.ime
[2008/12/19 09:06:04 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\romanime.ime
[2008/12/19 09:06:04 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\romanime.ime
[2008/12/19 09:06:04 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0804.dll
[2008/12/19 09:06:04 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\miniime.tpl
[2008/12/19 09:06:03 | 00,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2008/12/19 09:06:03 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlcsd.dll
[2008/12/19 09:06:03 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs804.dll
[2008/12/19 09:06:01 | 00,482,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\PINTLGNT.IME
[2008/12/19 09:06:01 | 00,482,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlgnt.ime
[2008/12/19 09:06:01 | 00,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlphr.exe
[2008/12/19 09:06:01 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmigrate.dll
[2008/12/19 09:06:01 | 00,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2008/12/19 09:05:59 | 00,218,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_g18030.dll
[2008/12/19 09:05:59 | 00,218,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\c_g18030.dll
[2008/12/19 09:05:59 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\WINZM.IME
[2008/12/19 09:05:59 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\WINSP.IME
[2008/12/19 09:05:59 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\WINPY.IME
[2008/12/19 09:05:59 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winzm.ime
[2008/12/19 09:05:59 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winsp.ime
[2008/12/19 09:05:59 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winpy.ime
[2008/12/19 09:05:59 | 00,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrcic.dll
[2008/12/19 09:05:59 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\imekr61.ime
[2008/12/19 09:05:59 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekr61.ime
[2008/12/19 09:05:59 | 00,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmbx.dll
[2008/12/19 09:05:59 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\WINGB.IME
[2008/12/19 09:05:59 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wingb.ime
[2008/12/19 09:05:58 | 00,102,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imlang.dll
[2008/12/19 09:05:58 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0412.dll
[2008/12/19 09:05:58 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0411.dll
[2008/12/19 09:05:58 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdibm02.dll
[2008/12/19 09:05:58 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\f3ahvoas.dll
[2008/12/19 09:05:58 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdibm02.dll
[2008/12/19 09:05:58 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\f3ahvoas.dll
[2008/12/19 09:05:58 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlk41a.dll
[2008/12/19 09:05:58 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41a.dll
[2008/12/19 09:05:58 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlk41j.dll
[2008/12/19 09:05:58 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdax2.dll
[2008/12/19 09:05:58 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbd106n.dll
[2008/12/19 09:05:58 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbd101.dll
[2008/12/19 09:05:58 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41j.dll
[2008/12/19 09:05:58 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdax2.dll
[2008/12/19 09:05:58 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd106n.dll
[2008/12/19 09:05:58 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101.dll
[2008/12/19 09:05:57 | 00,811,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\imjp81k.dll
[2008/12/19 09:05:57 | 00,811,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81k.dll
[2008/12/19 09:05:57 | 00,426,041 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicepad.dll
[2008/12/19 09:05:57 | 00,340,023 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\imjp81.ime
[2008/12/19 09:05:57 | 00,340,023 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81.ime
[2008/12/19 09:05:57 | 00,315,455 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskf.dll
[2008/12/19 09:05:57 | 00,086,073 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicesub.dll
[2008/12/19 09:05:55 | 13,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2008/12/19 09:05:55 | 00,716,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcus.dll
[2008/12/19 09:05:55 | 00,307,257 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.exe
[2008/12/19 09:05:55 | 00,274,489 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputyc.dll
[2008/12/19 09:05:55 | 00,262,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputy.exe
[2008/12/19 09:05:55 | 00,233,527 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjprw.exe
[2008/12/19 09:05:55 | 00,208,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpmig.exe
[2008/12/19 09:05:55 | 00,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2008/12/19 09:05:55 | 00,155,705 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdsvr.exe
[2008/12/19 09:05:55 | 00,081,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.dll
[2008/12/19 09:05:54 | 00,368,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcic.dll
[2008/12/19 09:05:54 | 00,057,399 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cplexe.exe
[2008/12/19 09:05:09 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdjpn.dll
[2008/12/19 09:05:09 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdjpn.dll
[2008/12/19 09:05:09 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkor.dll
[2008/12/19 09:05:09 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkor.dll
[2008/12/19 09:05:09 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbd101c.dll
[2008/12/19 09:05:09 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101c.dll
[2008/12/19 09:05:09 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbd103.dll
[2008/12/19 09:05:09 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd103.dll
[2008/12/19 09:05:07 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbd106.dll
[2008/12/19 09:05:07 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbd101b.dll
[2008/12/19 09:05:07 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd106.dll
[2008/12/19 09:05:07 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101b.dll
[2008/12/19 09:04:32 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\hidserv.dll
[2008/12/19 09:04:32 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidserv.dll
[2008/12/19 09:04:28 | 00,012,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mouhid.sys
[2008/12/19 09:04:28 | 00,012,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mouhid.sys
[2008/12/19 09:04:26 | 00,014,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\kbdhid.sys
[2008/12/19 09:04:26 | 00,014,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhid.sys
[2008/12/19 09:04:19 | 00,010,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\hidusb.sys
[2008/12/19 09:04:19 | 00,010,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidusb.sys
[2008/12/19 09:04:12 | 00,032,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbccgp.sys
[2008/12/19 09:04:12 | 00,032,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbccgp.sys
[2008/12/19 01:15:59 | 00,005,208 | ---- | C] () -- C:\WINDOWS\System32\pid.PNF
[2008/12/19 01:14:31 | 00,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\audstub.sys
[2008/12/19 01:14:03 | 00,057,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\redbook.sys
[2008/12/19 01:13:22 | 00,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\usbui.dll
[2008/12/19 01:12:39 | 00,001,393 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2008/12/19 01:12:37 | 00,360,124 | ---- | C] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2008/12/19 01:12:37 | 00,000,000 | -HSD | C] -- C:\WINDOWS\Installer
[2008/12/19 01:12:36 | 00,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008/12/19 01:12:36 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC
[2008/12/19 01:12:35 | 01,685,606 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.spd
[2008/12/19 01:12:35 | 00,774,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spttseng.dll
[2008/12/19 01:12:35 | 00,605,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa
[2008/12/19 01:12:35 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spcommon.dll
[2008/12/19 01:12:35 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spcplui.dll
[2008/12/19 01:12:35 | 00,000,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.sdf
[2008/12/19 01:12:34 | 00,741,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapi.dll
[2008/12/19 01:12:34 | 00,643,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa
[2008/12/19 01:12:34 | 00,155,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapi.cpl
[2008/12/19 01:12:34 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapisvr.exe
[2008/12/19 01:12:34 | 00,000,000 | R--D | C] -- C:\Program Files
[2008/12/19 01:12:34 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeechEngines
[2008/12/19 01:12:34 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Shared
[2008/12/19 01:12:34 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files
[2008/12/19 01:12:33 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0408.dll
[2008/12/19 01:12:33 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt040e.dll
[2008/12/19 01:12:33 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt041f.dll
[2008/12/19 01:12:33 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0419.dll
[2008/12/19 01:12:33 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0415.dll
[2008/12/19 01:12:33 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0405.dll
[2008/12/19 01:12:32 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuq.dll
[2008/12/19 01:12:32 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuf.dll
[2008/12/19 01:12:32 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtuq.dll
[2008/12/19 01:12:32 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtuf.dll
[2008/12/19 01:12:32 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdazel.dll
[2008/12/19 01:12:32 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdazel.dll
[2008/12/19 01:12:31 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbduzb.dll
[2008/12/19 01:12:31 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtat.dll
[2008/12/19 01:12:31 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmon.dll
[2008/12/19 01:12:31 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkyr.dll
[2008/12/19 01:12:31 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkaz.dll
[2008/12/19 01:12:31 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdaze.dll
[2008/12/19 01:12:31 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbduzb.dll
[2008/12/19 01:12:31 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtat.dll
[2008/12/19 01:12:31 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdmon.dll
[2008/12/19 01:12:31 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkyr.dll
[2008/12/19 01:12:31 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkaz.dll
[2008/12/19 01:12:31 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdaze.dll
[2008/12/19 01:12:30 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycc.dll
[2008/12/19 01:12:30 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdur.dll
[2008/12/19 01:12:30 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru1.dll
[2008/12/19 01:12:30 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru.dll
[2008/12/19 01:12:30 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbu.dll
[2008/12/19 01:12:30 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdblr.dll
[2008/12/19 01:12:30 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdycc.dll
[2008/12/19 01:12:30 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdur.dll
[2008/12/19 01:12:30 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdru1.dll
[2008/12/19 01:12:30 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdru.dll
[2008/12/19 01:12:30 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdbu.dll
[2008/12/19 01:12:30 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdblr.dll
[2008/12/19 01:12:29 | 00,008,192 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhept.dll
[2008/12/19 01:12:29 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhept.dll
[2008/12/19 01:12:29 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela3.dll
[2008/12/19 01:12:29 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhela3.dll
[2008/12/19 01:12:29 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela2.dll
[2008/12/19 01:12:29 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdgkl.dll
[2008/12/19 01:12:29 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhela2.dll
[2008/12/19 01:12:29 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgkl.dll
[2008/12/19 01:12:29 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe319.dll
[2008/12/19 01:12:29 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe220.dll
[2008/12/19 01:12:29 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe.dll
[2008/12/19 01:12:29 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe319.dll
[2008/12/19 01:12:29 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe220.dll
[2008/12/19 01:12:29 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe.dll
[2008/12/19 01:12:28 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv1.dll
[2008/12/19 01:12:28 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv.dll
[2008/12/19 01:12:28 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdest.dll
[2008/12/19 01:12:28 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlv1.dll
[2008/12/19 01:12:28 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlv.dll
[2008/12/19 01:12:28 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdest.dll
[2008/12/19 01:12:28 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt1.dll
[2008/12/19 01:12:28 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt.dll
[2008/12/19 01:12:28 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlt1.dll
[2008/12/19 01:12:28 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlt.dll
[2008/12/19 01:12:27 | 00,007,168 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz.dll
[2008/12/19 01:12:27 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz.dll
[2008/12/19 01:12:27 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycl.dll
[2008/12/19 01:12:27 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl1.dll
[2008/12/19 01:12:27 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl.dll
[2008/12/19 01:12:27 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpl.dll
[2008/12/19 01:12:27 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu.dll
[2008/12/19 01:12:27 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz2.dll
[2008/12/19 01:12:27 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz1.dll
[2008/12/19 01:12:27 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcr.dll
[2008/12/19 01:12:27 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\KBDAL.DLL
[2008/12/19 01:12:27 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdycl.dll
[2008/12/19 01:12:27 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsl1.dll
[2008/12/19 01:12:27 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsl.dll
[2008/12/19 01:12:27 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdpl.dll
[2008/12/19 01:12:27 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhu.dll
[2008/12/19 01:12:27 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz2.dll
[2008/12/19 01:12:27 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz1.dll
[2008/12/19 01:12:27 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcr.dll
[2008/12/19 01:12:27 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdal.dll
[2008/12/19 01:12:27 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdro.dll
[2008/12/19 01:12:27 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpl1.dll
[2008/12/19 01:12:27 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu1.dll
[2008/12/19 01:12:27 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdro.dll
[2008/12/19 01:12:27 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdpl1.dll
[2008/12/19 01:12:27 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhu1.dll
[2008/12/19 01:12:25 | 00,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\spxcoins.dll
[2008/12/19 01:12:25 | 00,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxcoins.dll
[2008/12/19 01:12:25 | 00,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TAPI.DLL
[2008/12/19 01:12:25 | 00,013,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\WFWNET.DRV
[2008/12/19 01:12:25 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irclass.dll
[2008/12/19 01:12:25 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irclass.dll
[2008/12/19 01:12:25 | 00,009,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VER.DLL
[2008/12/19 01:12:25 | 00,004,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TIMER.DRV
[2008/12/19 01:12:25 | 00,003,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SYSTEM.DRV
[2008/12/19 01:12:25 | 00,002,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VGA.DRV
[2008/12/19 01:12:25 | 00,001,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SOUND.DRV
[2008/12/19 01:12:24 | 00,126,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MSVIDEO.DLL
[2008/12/19 01:12:24 | 00,109,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVIFILE.DLL
[2008/12/19 01:12:24 | 00,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLECLI.DLL
[2008/12/19 01:12:24 | 00,073,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIAVI.DRV
[2008/12/19 01:12:24 | 00,069,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVICAP.DLL
[2008/12/19 01:12:24 | 00,032,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\COMMDLG.DLL
[2008/12/19 01:12:24 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIWAVE.DRV
[2008/12/19 01:12:24 | 00,025,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCISEQ.DRV
[2008/12/19 01:12:24 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLESVR.DLL
[2008/12/19 01:12:24 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\TASKMAN.EXE
[2008/12/19 01:12:24 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\taskman.exe
[2008/12/19 01:12:24 | 00,009,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\LZEXPAND.DLL
[2008/12/19 01:12:24 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SHELL.DLL
[2008/12/19 01:12:24 | 00,002,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MOUSE.DRV
[2008/12/19 01:12:24 | 00,002,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\KEYBOARD.DRV
[2008/12/19 01:12:24 | 00,001,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MMTASK.TSK
[2008/12/19 01:12:23 | 00,146,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\WINSPOOL.DRV
[2008/12/19 01:12:23 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\NOTEPAD.EXE
[2008/12/19 01:12:23 | 00,068,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MMSYSTEM.DLL
[2008/12/19 01:12:23 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\irenum.sys
[2008/12/19 01:12:23 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irenum.sys
[2008/12/19 01:12:23 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\batt.dll
[2008/12/19 01:12:23 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\batt.dll
[2008/12/19 01:12:23 | 00,001,688 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2008/12/19 01:12:22 | 00,074,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\storprop.dll
[2008/12/19 01:12:16 | 01,296,669 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP3.CAT
[2008/12/19 01:12:16 | 01,088,840 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NTPRINT.CAT
[2008/12/19 01:12:16 | 00,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2008/12/19 01:12:16 | 00,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2008/12/19 01:12:16 | 00,171,588 | ---- | C] () -- C:\WINDOWS\System32\dllcache\startoc.cat
[2008/12/19 01:12:16 | 00,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2008/12/19 01:12:16 | 00,034,063 | ---- | C] () -- C:\WINDOWS\System32\dllcache\FP4.CAT
[2008/12/19 01:12:16 | 00,026,991 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn7.cat
[2008/12/19 01:12:16 | 00,016,535 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IMS.CAT
[2008/12/19 01:12:16 | 00,014,433 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn9.cat
[2008/12/19 01:12:16 | 00,012,363 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSMSGS.CAT
[2008/12/19 01:12:16 | 00,010,027 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSTSWEB.CAT
[2008/12/19 01:12:16 | 00,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2008/12/19 01:12:16 | 00,007,382 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2008/12/19 01:12:16 | 00,007,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat
[2008/12/19 01:12:16 | 00,000,084 | -HS- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\desktop.ini
[2008/12/19 01:12:16 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Documents\desktop.ini
[2008/12/19 01:12:16 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\desktop.ini
[2008/12/19 01:12:15 | 02,144,487 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5.CAT
[2008/12/19 01:12:15 | 00,402,264 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5INF.CAT
[2008/12/19 01:12:07 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2008/12/19 01:12:07 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot
[2008/12/19 01:12:02 | 00,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2008/12/19 01:11:42 | 00,000,000 | -HSD | C] -- C:\System Volume Information
[2008/12/19 01:11:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings
[2008/12/19 01:11:41 | 00,215,264 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008/12/19 01:10:54 | 00,000,211 | -HS- | C] () -- C:\boot.ini
[2008/12/19 01:10:52 | 00,000,261 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf
[2008/12/19 01:07:13 | 00,000,000 | R-SD | C] -- C:\WINDOWS\Fonts
[2008/12/19 01:07:13 | 00,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2008/12/19 01:07:13 | 00,000,000 | R--D | C] -- C:\WINDOWS\Web
[2008/12/19 01:07:13 | 00,000,000 | -H-D | C] -- C:\WINDOWS\inf
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\WinSxS
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\twain_32
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\wins
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\spool
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ras
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\npp
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\mui
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\IME
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ias
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\export
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\en
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\config
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\3076
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\2052
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1054
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1042
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1041
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1037
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1033
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1031
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1028
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1025
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\system32
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\system
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\security
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\Resources
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\repair
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\Provisioning
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\PeerNet
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\pchealth
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\Network Diagnostic
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\mui
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\msapps
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\msagent
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\Media
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\L2Schemas
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\java
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\ime
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\Help
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\Debug
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\Cursors
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\Config
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\AppPatch
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\addins
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS
[2008/12/18 14:39:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\user\Local Settings\Application Data\Ahead
[2008/12/18 14:38:23 | 00,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2008/12/18 14:37:32 | 00,000,000 | -H-D | C] -- C:\WINDOWS\ie7
[2008/12/18 14:37:25 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
[2008/12/18 14:37:18 | 00,017,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2008/12/18 14:37:16 | 00,022,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spupdsvc.exe
[2008/12/18 14:37:14 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
[2008/12/18 14:37:09 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$
[2008/12/18 14:36:49 | 00,048,534 | ---- | C] () -- C:\WINDOWS\System32\oemlogo.bmp
[2008/12/18 14:36:48 | 00,000,415 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2008/12/18 14:36:06 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\LightScribe
[2008/12/18 14:35:52 | 00,002,361 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Nero StartSmart Essentials.lnk
[2008/12/18 14:35:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\user\Application Data\Ahead
[2008/12/18 14:35:26 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Ahead
[2008/12/18 14:33:28 | 00,000,000 | ---D | C] -- C:\Program Files\Nero
[2008/12/18 14:33:28 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Ahead
[2008/12/18 14:33:28 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Nero
[2008/12/18 14:33:07 | 00,000,000 | ---D | C] -- C:\WINDOWS\RegisteredPackages
[2008/12/18 14:31:57 | 00,000,000 | ---D | C] -- C:\Program Files\My Company Name
[2008/12/18 14:30:56 | 00,188,689 | ---- | C] () -- C:\WINDOWS\System32\nvapps.xml
[2008/12/18 14:30:34 | 00,018,335 | ---- | C] () -- C:\WINDOWS\System32\nvdisp.nvu
[2008/12/18 14:30:34 | 00,000,000 | ---D | C] -- C:\WINDOWS\nview
[2008/12/18 14:30:32 | 00,236,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_3.dll
[2008/12/18 14:30:31 | 00,230,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_2.dll
[2008/12/18 14:30:31 | 00,062,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_2.dll
[2008/12/18 14:30:30 | 00,062,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_1.dll
[2008/12/18 14:30:29 | 02,388,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_30.dll
[2008/12/18 14:30:29 | 00,229,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_1.dll
[2008/12/18 14:30:28 | 02,332,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_29.dll
[2008/12/18 14:30:28 | 02,323,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_28.dll
[2008/12/18 14:30:28 | 00,230,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_0.dll
[2008/12/18 14:30:28 | 00,014,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_0.dll
[2008/12/18 14:30:27 | 00,061,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput9_1_0.dll
[2008/12/18 14:30:26 | 02,319,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_27.dll
[2008/12/18 14:30:25 | 02,337,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_25.dll
[2008/12/18 14:30:25 | 02,297,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_26.dll
[2008/12/18 14:30:25 | 02,222,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_24.dll
[2008/12/18 14:28:18 | 00,036,864 | R--- | C] (Atheros Communications, Inc.) -- C:\WINDOWS\System32\drivers\l1e51x86.sys
[2008/12/18 14:28:11 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Atheros_L1e
[2008/12/18 14:27:13 | 05,891,590 | -H-- | C] () -- C:\Documents and Settings\user\Local Settings\Application Data\IconCache.db
[2008/12/18 14:27:09 | 00,000,000 | ---D | C] -- C:\WINDOWS\ASUSInstAll
[2008/12/18 14:27:07 | 00,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2008/12/18 14:26:52 | 00,008,704 | R--- | C] (Windows ® Codename Longhorn DDK provider) -- C:\WINDOWS\System32\viahdcpl.cpl
[2008/12/18 14:26:52 | 00,006,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\splitter.sys
[2008/12/18 14:26:52 | 00,006,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\splitter.sys
[2008/12/18 14:26:51 | 00,083,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\wdmaud.sys
[2008/12/18 14:26:51 | 00,083,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wdmaud.sys
[2008/12/18 14:26:49 | 00,052,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\DMusic.sys
[2008/12/18 14:26:49 | 00,052,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmusic.sys
[2008/12/18 14:26:48 | 00,056,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\swmidi.sys
[2008/12/18 14:26:48 | 00,056,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swmidi.sys
[2008/12/18 14:26:47 | 00,142,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\aec.sys
[2008/12/18 14:26:47 | 00,142,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aec.sys
[2008/12/18 14:26:46 | 00,172,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\kmixer.sys
[2008/12/18 14:26:46 | 00,172,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kmixer.sys
[2008/12/18 14:26:45 | 00,002,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmkaud.sys
[2008/12/18 14:26:45 | 00,002,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmkaud.sys
[2008/12/18 14:26:44 | 00,060,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sysaudio.sys
[2008/12/18 14:26:44 | 00,060,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sysaudio.sys
[2008/12/18 14:26:43 | 00,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\MSKSSRV.sys
[2008/12/18 14:26:43 | 00,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mskssrv.sys
[2008/12/18 14:26:42 | 00,004,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\MSPQM.sys
[2008/12/18 14:26:42 | 00,004,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspqm.sys
[2008/12/18 14:26:41 | 00,005,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\MSPCLOCK.sys
[2008/12/18 14:26:41 | 00,005,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspclock.sys
[2008/12/18 14:26:37 | 00,146,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\portcls.sys
[2008/12/18 14:26:37 | 00,146,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\portcls.sys
[2008/12/18 14:26:37 | 00,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksproxy.ax
[2008/12/18 14:26:37 | 00,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksproxy.ax
[2008/12/18 14:26:37 | 00,060,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmk.sys
[2008/12/18 14:26:37 | 00,060,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmk.sys
[2008/12/18 14:26:37 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksuser.dll
[2008/12/18 14:26:37 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksuser.dll
[2008/12/18 14:26:30 | 00,331,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\difxapi.dll
[2008/12/18 14:26:30 | 00,000,000 | ---D | C] -- C:\Program Files\VIA
[2008/12/18 14:26:25 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2008/12/18 14:24:36 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups
[2008/12/18 14:24:35 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
[2008/12/18 14:24:34 | 00,000,000 | ---D | C] -- C:\Program Files\Intel
[2008/12/18 14:24:25 | 00,000,000 | ---D | C] -- C:\Intel
[2008/12/18 14:24:13 | 00,012,065 | ---- | C] () -- C:\WINDOWS\Ascd_log.ini
[2008/12/18 14:24:09 | 00,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2008/12/18 14:24:08 | 00,011,832 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2008/12/18 14:24:02 | 00,012,536 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2008/12/18 14:23:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\user\Application Data\Identities
[2008/12/18 14:23:46 | 00,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
[2008/12/18 14:23:44 | 00,000,075 | -HS- | C] () -- C:\Documents and Settings\user\My Documents\desktop.ini
[2008/12/18 14:23:44 | 00,000,000 | R--D | C] -- C:\Documents and Settings\user\My Documents\My Pictures
[2008/12/18 14:23:44 | 00,000,000 | R--D | C] -- C:\Documents and Settings\user\My Documents\My Music
[2008/12/18 14:23:43 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\user\Application Data\desktop.ini
[2008/12/18 14:23:42 | 00,000,084 | -HS- | C] () -- C:\Documents and Settings\user\Start Menu\Programs\Startup\desktop.ini
[2008/12/18 14:23:42 | 00,000,000 | --SD | C] -- C:\Documents and Settings\user\Application Data\Microsoft
[2008/12/18 14:23:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\user\Local Settings\Application Data\Microsoft
[2008/12/18 14:23:11 | 00,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2008/12/18 14:23:10 | 00,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2008/12/18 14:23:09 | 00,000,006 | -H-- | C] () -- C:\WINDOWS\tasks\SA.DAT
[2008/12/18 14:23:09 | 00,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft
[2008/12/18 14:22:24 | 00,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2008/12/18 14:21:43 | 00,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2008/12/18 14:21:36 | 00,048,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32.dll
[2008/12/18 14:21:36 | 00,041,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.dll
[2008/12/18 14:21:36 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.sys
[2008/12/18 14:21:35 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe
[2008/12/18 14:21:34 | 00,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\thawbrkr.dll
[2008/12/18 14:21:34 | 00,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdipx.sys
[2008/12/18 14:21:34 | 00,019,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdspx.sys
[2008/12/18 14:21:33 | 00,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusbusd.dll
[2008/12/18 14:21:33 | 00,013,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdasync.sys
[2008/12/18 14:21:32 | 00,358,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpincl.dll
[2008/12/18 14:21:32 | 00,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpsmir.dll
[2008/12/18 14:21:32 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpthrd.dll
[2008/12/18 14:21:32 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpstup.dll
[2008/12/18 14:21:32 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmptrap.exe
[2008/12/18 14:21:32 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll
[2008/12/18 14:21:32 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpmib.dll
[2008/12/18 14:21:31 | 00,456,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpsvc.dll
[2008/12/18 14:21:31 | 00,259,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpcl.dll
[2008/12/18 14:21:31 | 00,236,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smi2smir.exe
[2008/12/18 14:21:31 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm9aw.dll
[2008/12/18 14:21:31 | 00,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmp.exe
[2008/12/18 14:21:31 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb6w.dll
[2008/12/18 14:21:31 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma3w.dll
[2008/12/18 14:21:31 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm93w.dll
[2008/12/18 14:21:31 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsm.dll
[2008/12/18 14:21:31 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll
[2008/12/18 14:21:31 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smimsgif.dll
[2008/12/18 14:21:31 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsy.dll
[2008/12/18 14:21:30 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm87w.dll
[2008/12/18 14:21:30 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm81w.dll
[2008/12/18 14:21:30 | 00,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8cw.dll
[2008/12/18 14:21:30 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm92w.dll
[2008/12/18 14:21:30 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm90w.dll
[2008/12/18 14:21:30 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8dw.dll
[2008/12/18 14:21:30 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8aw.dll
[2008/12/18 14:21:30 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm89w.dll
[2008/12/18 14:21:30 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm59w.dll
[2008/12/18 14:21:30 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\simptcp.dll
[2008/12/18 14:21:29 | 00,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2008/12/18 14:21:29 | 00,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2008/12/18 14:21:29 | 00,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_scripto.dll
[2008/12/18 14:21:29 | 00,029,184 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll
[2008/12/18 14:21:29 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seos.dll
[2008/12/18 14:21:28 | 00,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rw001ext.dll
[2008/12/18 14:21:28 | 00,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe
[2008/12/18 14:21:28 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe
[2008/12/18 14:21:27 | 00,020,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ramdisk.sys
[2008/12/18 14:21:27 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quser.exe
[2008/12/18 14:21:27 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe
[2008/12/18 14:21:26 | 00,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxviceo.dll
[2008/12/18 14:21:26 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxmcro.dll
[2008/12/18 14:21:26 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxgl.dll
[2008/12/18 14:21:24 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll
[2008/12/18 14:21:23 | 00,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtstocom.exe
[2008/12/18 14:21:22 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msiregmv.exe
[2008/12/18 14:21:19 | 00,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.sys
[2008/12/18 14:21:19 | 00,092,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.dll
[2008/12/18 14:21:19 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll
[2008/12/18 14:21:19 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lprmon.dll
[2008/12/18 14:21:19 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migregdb.exe
[2008/12/18 14:21:18 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lmmib2.dll
[2008/12/18 14:21:18 | 00,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lpdsvc.dll
[2008/12/18 14:21:17 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth3.dll
[2008/12/18 14:21:17 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth2.dll
[2008/12/18 14:21:17 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdvntc.dll
[2008/12/18 14:21:17 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdusa.dll
[2008/12/18 14:21:17 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdurdu.dll
[2008/12/18 14:21:17 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth1.dll
[2008/12/18 14:21:17 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth0.dll
[2008/12/18 14:21:17 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr2.dll
[2008/12/18 14:21:17 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr1.dll
[2008/12/18 14:21:17 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintel.dll
[2008/12/18 14:21:17 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintam.dll
[2008/12/18 14:21:16 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinpun.dll
[2008/12/18 14:21:16 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinmar.dll
[2008/12/18 14:21:16 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinkan.dll
[2008/12/18 14:21:16 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinhin.dll
[2008/12/18 14:21:16 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinguj.dll
[2008/12/18 14:21:16 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdindev.dll
[2008/12/18 14:21:16 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdheb.dll
[2008/12/18 14:21:16 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdfa.dll
[2008/12/18 14:21:16 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv2.dll
[2008/12/18 14:21:16 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv1.dll
[2008/12/18 14:21:16 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda3.dll
[2008/12/18 14:21:16 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda2.dll
[2008/12/18 14:21:16 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda1.dll
[2008/12/18 14:21:16 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgeo.dll
[2008/12/18 14:21:16 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarmw.dll
[2008/12/18 14:21:16 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarme.dll
[2008/12/18 14:21:15 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iprip.dll
[2008/12/18 14:21:15 | 00,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jupiw.dll
[2008/12/18 14:21:06 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hostmib.dll
[2008/12/18 14:21:05 | 00,562,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsst.dll
[2008/12/18 14:21:05 | 00,400,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsxp32.dll
[2008/12/18 14:21:05 | 00,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxstiff.dll
[2008/12/18 14:21:05 | 00,285,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscomex.dll
[2008/12/18 14:21:05 | 00,267,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssvc.exe
[2008/12/18 14:21:05 | 00,246,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxst30.dll
[2008/12/18 14:21:05 | 00,229,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscover.exe
[2008/12/18 14:21:05 | 00,192,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxswzrd.dll
[2008/12/18 14:21:05 | 00,154,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsui.dll
[2008/12/18 14:21:05 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsevent.dll
[2008/12/18 14:21:05 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsroute.dll
[2008/12/18 14:21:05 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsdrv.dll
[2008/12/18 14:21:05 | 00,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsmon.dll
[2008/12/18 14:21:05 | 00,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsext32.dll
[2008/12/18 14:21:05 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssend.exe
[2008/12/18 14:21:05 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsperf.dll
[2008/12/18 14:21:05 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsres.dll
[2008/12/18 14:21:04 | 00,618,605 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4autl.dll
[2008/12/18 14:21:04 | 00,451,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsapi.dll
[2008/12/18 14:21:04 | 00,142,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclnt.exe
[2008/12/18 14:21:04 | 00,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclntr.dll
[2008/12/18 14:21:04 | 00,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscfgwz.dll
[2008/12/18 14:21:04 | 00,094,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fpencode.dll
[2008/12/18 14:21:04 | 00,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscom.dll
[2008/12/18 14:21:04 | 00,024,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmcgi.exe
[2008/12/18 14:21:04 | 00,020,541 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmdll.dll
[2008/12/18 14:21:04 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe
[2008/12/18 14:21:04 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftlx041e.dll
[2008/12/18 14:21:03 | 00,101,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntagnt.dll
[2008/12/18 14:21:03 | 00,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntwin.exe
[2008/12/18 14:21:03 | 00,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll
[2008/12/18 14:21:03 | 00,045,056 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll
[2008/12/18 14:21:03 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll
[2008/12/18 14:21:03 | 00,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll
[2008/12/18 14:21:03 | 00,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\et4000.sys
[2008/12/18 14:21:03 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntcmd.exe
[2008/12/18 14:21:02 | 00,514,587 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\edb500.dll
[2008/12/18 14:21:00 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cprofile.exe
[2008/12/18 14:20:58 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgport.exe
[2008/12/18 14:20:58 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgusr.exe
[2008/12/18 14:20:58 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chglogon.exe
[2008/12/18 14:20:58 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\change.exe
[2008/12/18 14:20:57 | 00,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2008/12/18 14:20:57 | 00,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_iscii.dll
[2008/12/18 14:20:53 | 00,331,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aqueue.dll
[2008/12/18 14:20:53 | 00,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll
[2008/12/18 14:20:53 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt040d.dll
[2008/12/18 14:20:53 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0401.dll
[2008/12/18 14:20:52 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll
[2008/12/18 14:20:51 | 00,032,827 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptest.exe
[2008/12/18 14:20:51 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptsat.dll
[2008/12/18 14:20:50 | 00,020,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.dll
[2008/12/18 14:20:50 | 00,016,437 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.exe
[2008/12/18 14:20:49 | 00,020,538 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpremadm.exe
[2008/12/18 14:20:48 | 00,876,653 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4awel.dll
[2008/12/18 14:20:48 | 00,598,071 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmc.dll
[2008/12/18 14:20:48 | 00,208,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmcsat.dll
[2008/12/18 14:20:48 | 00,188,494 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpcount.exe
[2008/12/18 14:20:48 | 00,109,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98swin.exe
[2008/12/18 14:20:48 | 00,102,509 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4atxt.dll
[2008/12/18 14:20:48 | 00,049,212 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4awebs.dll
[2008/12/18 14:20:48 | 00,049,210 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4areg.dll
[2008/12/18 14:20:48 | 00,041,020 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4avnb.dll
[2008/12/18 14:20:48 | 00,032,826 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4avss.dll
[2008/12/18 14:20:48 | 00,020,541 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpexedll.dll
[2008/12/18 14:20:48 | 00,014,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98sadm.exe
[2008/12/18 14:20:47 | 00,188,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cfgwiz.exe
[2008/12/18 14:20:47 | 00,184,435 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4amsft.dll
[2008/12/18 14:20:47 | 00,147,513 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4apws.dll
[2008/12/18 14:20:47 | 00,082,035 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4anscp.dll
[2008/12/18 14:20:47 | 00,020,540 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.dll
[2008/12/18 14:20:47 | 00,016,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.exe
[2008/12/18 14:20:47 | 00,016,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.exe
[2008/12/18 14:20:45 | 00,020,540 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.dll
[2008/12/18 14:20:43 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom
[2008/12/18 14:20:43 | 00,000,000 | ---D | C] -- C:\Program Files\xerox
[2008/12/18 14:20:43 | 00,000,000 | ---D | C] -- C:\Program Files\microsoft frontpage
[2008/12/18 14:20:36 | 00,002,577 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT
[2008/12/18 14:20:36 | 00,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2008/12/18 14:20:36 | 00,000,000 | RHS- | C] () -- C:\IO.SYS
[2008/12/18 14:20:36 | 00,000,000 | ---- | C] () -- C:\WINDOWS\control.ini
[2008/12/18 14:20:36 | 00,000,000 | ---- | C] () -- C:\CONFIG.SYS
[2008/12/18 14:20:36 | 00,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT
[2008/12/18 14:20:34 | 00,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2008/12/18 14:20:34 | 00,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2008/12/18 14:20:33 | 00,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2008/12/18 14:20:26 | 00,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mapi32.dll
[2008/12/18 14:19:53 | 00,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files
[2008/12/18 14:19:53 | 00,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages
[2008/12/18 14:19:46 | 00,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate
[2008/12/18 14:19:38 | 04,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex
[2008/12/18 14:19:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX
[2008/12/18 14:19:29 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\notiflag.exe
[2008/12/18 14:19:29 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atrace.dll
[2008/12/18 14:19:29 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\atrace.dll
[2008/12/18 14:19:28 | 00,099,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helphost.exe
[2008/12/18 14:19:28 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\brpinfo.dll
[2008/12/18 14:19:28 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hcappres.dll
[2008/12/18 14:19:27 | 00,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2008/12/18 14:19:27 | 00,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2008/12/18 14:19:27 | 00,000,002 | ---- | C] () -- C:\WINDOWS\System32\desktop.ini
[2008/12/18 14:19:27 | 00,000,002 | ---- | C] () -- C:\WINDOWS\desktop.ini
[2008/12/18 14:19:22 | 00,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msg723.acm
[2008/12/18 14:19:22 | 00,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srdiag.exe
[2008/12/18 14:19:22 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmevtmsg.dll
[2008/12/18 14:19:22 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmevtmsg.dll
[2008/12/18 14:19:22 | 00,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf
[2008/12/18 14:19:21 | 00,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\acctres.dll
[2008/12/18 14:19:21 | 00,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\acctres.dll
[2008/12/18 14:19:21 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msinfo32.exe
[2008/12/18 14:19:21 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wb32.exe
[2008/12/18 14:19:21 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cb32.exe
[2008/12/18 14:19:20 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Services
[2008/12/18 14:19:19 | 00,000,065 | RH-- | C] () -- C:\WINDOWS\tasks\desktop.ini
[2008/12/18 14:19:18 | 00,235,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssoap1.dll
[2008/12/18 14:19:18 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwtutor.exe
[2008/12/18 14:19:18 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwres.dll
[2008/12/18 14:19:18 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trialoc.dll
[2008/12/18 14:19:18 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wisc10.dll
[2008/12/18 14:19:18 | 00,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssoapr.dll
[2008/12/18 14:19:18 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icfgnt5.dll
[2008/12/18 14:19:18 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isignup.exe
[2008/12/18 14:19:18 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icfgnt5.dll
[2008/12/18 14:19:18 | 00,000,000 | --SD | C] -- C:\WINDOWS\Tasks
[2008/12/18 14:19:18 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap
[2008/12/18 14:19:17 | 00,093,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieinfo5.ocx
[2008/12/18 14:19:16 | 00,726,078 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srchui.dll
[2008/12/18 14:19:16 | 00,058,434 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srchctls.dll
[2008/12/18 14:19:15 | 03,166,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msgr3en.dll
[2008/12/18 14:19:15 | 00,765,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vgx.dll
[2008/12/18 14:19:15 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed
[2008/12/18 14:19:15 | 00,000,000 | ---D | C] -- C:\WINDOWS\srchasst
[2008/12/18 14:19:14 | 00,786,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migrate.exe
[2008/12/18 14:19:14 | 00,774,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setup_wm.exe
[2008/12/18 14:19:14 | 00,368,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpvis.dll
[2008/12/18 14:19:14 | 00,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpns.dll
[2008/12/18 14:19:14 | 00,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpband.dll
[2008/12/18 14:19:14 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\custsat.dll
[2008/12/18 14:19:13 | 00,364,544 | ---- | C] (Microsoft Corporation (written by Digital Renaissance Inc.)) -- C:\WINDOWS\System32\dllcache\npdsplay.dll
[2008/12/18 14:19:13 | 00,226,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npdrmv2.dll
[2008/12/18 14:19:13 | 00,202,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuweb.dll
[2008/12/18 14:19:13 | 00,202,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuweb.dll
[2008/12/18 14:19:13 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmplayer.exe
[2008/12/18 14:19:13 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npwmsdrm.dll
[2008/12/18 14:19:13 | 00,004,639 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplayer2.exe
[2008/12/18 14:19:12 | 01,809,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng.dll
[2008/12/18 14:19:12 | 01,809,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaueng.dll
[2008/12/18 14:19:12 | 00,561,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll
[2008/12/18 14:19:12 | 00,561,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuapi.dll
[2008/12/18 14:19:12 | 00,409,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qmgr.dll
[2008/12/18 14:19:12 | 00,409,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qmgr.dll
[2008/12/18 14:19:12 | 00,323,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll
[2008/12/18 14:19:12 | 00,323,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wucltui.dll
[2008/12/18 14:19:12 | 00,213,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaucpl.cpl
[2008/12/18 14:19:12 | 00,213,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaucpl.cpl
[2008/12/18 14:19:12 | 00,183,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng1.dll
[2008/12/18 14:19:12 | 00,183,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaueng1.dll
[2008/12/18 14:19:12 | 00,165,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauclt1.exe
[2008/12/18 14:19:12 | 00,165,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauclt1.exe
[2008/12/18 14:19:12 | 00,051,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauclt.exe
[2008/12/18 14:19:12 | 00,051,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauclt.exe
[2008/12/18 14:19:12 | 00,034,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wups.dll
[2008/12/18 14:19:12 | 00,034,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wups.dll
[2008/12/18 14:19:12 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qmgrprxy.dll
[2008/12/18 14:19:12 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qmgrprxy.dll
[2008/12/18 14:19:12 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bitsprx2.dll
[2008/12/18 14:19:12 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx2.dll
[2008/12/18 14:19:12 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bitsprx4.dll
[2008/12/18 14:19:12 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bitsprx3.dll
[2008/12/18 14:19:12 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx4.dll
[2008/12/18 14:19:12 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx3.dll
[2008/12/18 14:19:12 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauserv.dll
[2008/12/18 14:19:12 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauserv.dll
[2008/12/18 14:19:10 | 04,256,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2res.dll
[2008/12/18 14:19:10 | 00,502,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2fxa.dll
[2008/12/18 14:19:10 | 00,402,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2filt.dll
[2008/12/18 14:19:10 | 00,325,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2fxb.dll
[2008/12/18 14:19:10 | 00,167,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2ae.dll
[2008/12/18 14:19:10 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2ext.dll
[2008/12/18 14:19:10 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2res2.dll
[2008/12/18 14:19:10 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2eres.dll
[2008/12/18 14:19:09 | 03,558,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\moviemk.exe
[2008/12/18 14:19:09 | 00,000,000 | ---D | C] -- C:\Program Files\Movie Maker
[2008/12/18 14:18:59 | 00,565,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobmain.dll
[2008/12/18 14:18:59 | 00,122,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobcomm.dll
[2008/12/18 14:18:59 | 00,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oobebaln.exe
[2008/12/18 14:18:59 | 00,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobshel.dll
[2008/12/18 14:18:59 | 00,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoobe.exe
[2008/12/18 14:18:59 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobweb.dll
[2008/12/18 14:18:59 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobdl.dll
[2008/12/18 14:18:57 | 00,150,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uploadm.exe
[2008/12/18 14:18:56 | 00,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pchshell.dll
[2008/12/18 14:18:56 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrslv.dll
[2008/12/18 14:18:56 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\safrslv.dll
[2008/12/18 14:18:56 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrcdlg.dll
[2008/12/18 14:18:56 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\racpldlg.dll
[2008/12/18 14:18:56 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\safrcdlg.dll
[2008/12/18 14:18:56 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\racpldlg.dll
[2008/12/18 14:18:56 | 00,038,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pchsvc.dll
[2008/12/18 14:18:56 | 00,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrdm.dll
[2008/12/18 14:18:56 | 00,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\safrdm.dll
[2008/12/18 14:18:55 | 00,769,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpctr.exe
[2008/12/18 14:18:55 | 00,744,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe
[2008/12/18 14:18:55 | 00,376,832 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msinfo.dll
[2008/12/18 14:18:55 | 00,169,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msconfig.exe
[2008/12/18 14:18:55 | 00,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hscupd.exe
[2008/12/18 14:18:54 | 00,380,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rstrui.exe
[2008/12/18 14:18:54 | 00,239,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srrstr.dll
[2008/12/18 14:18:54 | 00,239,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srrstr.dll
[2008/12/18 14:18:54 | 00,171,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srsvc.dll
[2008/12/18 14:18:54 | 00,171,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srsvc.dll
[2008/12/18 14:18:54 | 00,129,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\fltMgr.sys
[2008/12/18 14:18:54 | 00,129,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fltmgr.sys
[2008/12/18 14:18:54 | 00,073,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sr.sys
[2008/12/18 14:18:54 | 00,073,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sr.sys
[2008/12/18 14:18:54 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srclient.dll
[2008/12/18 14:18:54 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srclient.dll
[2008/12/18 14:18:54 | 00,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fltMc.exe
[2008/12/18 14:18:54 | 00,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fltmc.exe
[2008/12/18 14:18:54 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fltlib.dll
[2008/12/18 14:18:54 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fltlib.dll
[2008/12/18 14:18:54 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore
[2008/12/18 14:18:53 | 00,229,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmas.dll
[2008/12/18 14:18:53 | 00,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msh261.drv
[2008/12/18 14:18:53 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ils.dll
[2008/12/18 14:18:53 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ils.dll
[2008/12/18 14:18:53 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msconf.dll
[2008/12/18 14:18:53 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msconf.dll
[2008/12/18 14:18:53 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dcap32.dll
[2008/12/18 14:18:53 | 00,034,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mnmdd.dll
[2008/12/18 14:18:53 | 00,034,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mnmdd.dll
[2008/12/18 14:18:53 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mnmsrvc.exe
[2008/12/18 14:18:53 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mnmsrvc.exe
[2008/12/18 14:18:53 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmmkcert.dll
[2008/12/18 14:18:53 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmmkcert.dll
[2008/12/18 14:18:53 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmasnt.dll
[2008/12/18 14:18:52 | 00,385,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\callcont.dll
[2008/12/18 14:18:52 | 00,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mst120.dll
[2008/12/18 14:18:52 | 00,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nac.dll
[2008/12/18 14:18:52 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmcom.dll
[2008/12/18 14:18:52 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rrcm.dll
[2008/12/18 14:18:52 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mst123.dll
[2008/12/18 14:18:52 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\h323cc.dll
[2008/12/18 14:18:52 | 00,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\confmrsl.dll
[2008/12/18 14:18:51 | 01,032,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\conf.exe
[2008/12/18 14:18:51 | 00,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoeacct.dll
[2008/12/18 14:18:51 | 00,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoeacct.dll
[2008/12/18 14:18:51 | 00,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmwb.dll
[2008/12/18 14:18:51 | 00,172,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmoldwb.dll
[2008/12/18 14:18:51 | 00,151,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmft.dll
[2008/12/18 14:18:51 | 00,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoert2.dll
[2008/12/18 14:18:51 | 00,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoert2.dll
[2008/12/18 14:18:51 | 00,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wabimp.dll
[2008/12/18 14:18:51 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmchat.dll
[2008/12/18 14:18:51 | 00,046,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab.exe
[2008/12/18 14:18:51 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wabfind.dll
[2008/12/18 14:18:51 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wabmig.exe
[2008/12/18 14:18:51 | 00,000,000 | ---D | C] -- C:\Program Files\NetMeeting
[2008/12/18 14:18:50 | 00,691,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcomm.dll
[2008/12/18 14:18:50 | 00,691,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcomm.dll
[2008/12/18 14:18:50 | 00,510,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab32.dll
[2008/12/18 14:18:50 | 00,249,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab32res.dll
[2008/12/18 14:18:50 | 00,104,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oeimport.dll
[2008/12/18 14:18:50 | 00,086,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\directdb.dll
[2008/12/18 14:18:50 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msimn.exe
[2008/12/18 14:18:50 | 00,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetres.dll
[2008/12/18 14:18:50 | 00,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetres.dll
[2008/12/18 14:18:49 | 02,479,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoeres.dll
[2008/12/18 14:18:49 | 01,314,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoe.dll
[2008/12/18 14:18:49 | 00,274,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstask.dll
[2008/12/18 14:18:49 | 00,274,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstask.dll
[2008/12/18 14:18:49 | 00,192,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\schedsvc.dll
[2008/12/18 14:18:49 | 00,192,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\schedsvc.dll
[2008/12/18 14:18:49 | 00,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setup50.exe
[2008/12/18 14:18:49 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oemig50.exe
[2008/12/18 14:18:49 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oemiglib.dll
[2008/12/18 14:18:49 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstinit.exe
[2008/12/18 14:18:49 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstinit.exe
[2008/12/18 14:18:49 | 00,000,000 | ---D | C] -- C:\Program Files\Outlook Express
[2008/12/18 14:18:48 | 00,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcfg.dll
[2008/12/18 14:18:48 | 00,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcfg.dll
[2008/12/18 14:18:48 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\isign32.dll
[2008/12/18 14:18:48 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isign32.dll
[2008/12/18 14:18:48 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwdial.dll
[2008/12/18 14:18:48 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwdial.dll
[2008/12/18 14:18:48 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwphbk.dll
[2008/12/18 14:18:48 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwphbk.dll
[2008/12/18 14:18:47 | 00,554,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dao360.dll
[2008/12/18 14:18:47 | 00,217,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sqlxmlx.dll
[2008/12/18 14:18:47 | 00,214,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwconn1.exe
[2008/12/18 14:18:47 | 00,172,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwhelp.dll
[2008/12/18 14:18:47 | 00,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwconn2.exe
[2008/12/18 14:18:47 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwconn.dll
[2008/12/18 14:18:47 | 00,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwutil.dll
[2008/12/18 14:18:47 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwdl.dll
[2008/12/18 14:18:47 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwrmind.exe
[2008/12/18 14:18:47 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetwiz.exe
[2008/12/18 14:18:46 | 00,487,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oledb32.dll
[2008/12/18 14:18:46 | 00,315,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdasql.dll
[2008/12/18 14:18:46 | 00,204,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaps.dll
[2008/12/18 14:18:46 | 00,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdatl3.dll
[2008/12/18 14:18:46 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaosp.dll
[2008/12/18 14:18:46 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oledb32r.dll
[2008/12/18 14:18:46 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxactps.dll
[2008/12/18 14:18:46 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdatt.dll
[2008/12/18 14:18:46 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdasqlr.dll
[2008/12/18 14:18:46 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaurl.dll
[2008/12/18 14:18:46 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdasc.dll
[2008/12/18 14:18:45 | 00,536,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado15.dll
[2008/12/18 14:18:45 | 00,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaora.dll
[2008/12/18 14:18:45 | 00,200,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadox.dll
[2008/12/18 14:18:45 | 00,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadomd.dll
[2008/12/18 14:18:45 | 00,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdarem.dll
[2008/12/18 14:18:45 | 00,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msjro.dll
[2008/12/18 14:18:45 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado27.tlb
[2008/12/18 14:18:45 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado26.tlb
[2008/12/18 14:18:45 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado25.tlb
[2008/12/18 14:18:45 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado21.tlb
[2008/12/18 14:18:45 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado20.tlb
[2008/12/18 14:18:45 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadrh15.dll
[2008/12/18 14:18:45 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msador15.dll
[2008/12/18 14:18:45 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msader15.dll
[2008/12/18 14:18:45 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaorar.dll
[2008/12/18 14:18:45 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaer.dll
[2008/12/18 14:18:45 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaenum.dll
[2008/12/18 14:18:45 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdadc.dll
[2008/12/18 14:18:44 | 00,331,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadce.dll
[2008/12/18 14:18:44 | 00,200,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaprst.dll
[2008/12/18 14:18:44 | 00,155,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadds.dll
[2008/12/18 14:18:44 | 00,153,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\triedit.dll
[2008/12/18 14:18:44 | 00,143,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadco.dll
[2008/12/18 14:18:44 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcf.dll
[2008/12/18 14:18:44 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcs.dll
[2008/12/18 14:18:44 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdfmap.dll
[2008/12/18 14:18:44 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msaddsr.dll
[2008/12/18 14:18:44 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcer.dll
[2008/12/18 14:18:44 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaremr.dll
[2008/12/18 14:18:44 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaprsr.dll
[2008/12/18 14:18:44 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcor.dll
[2008/12/18 14:18:44 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcfr.dll
[2008/12/18 14:18:44 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\System
[2008/12/18 14:18:43 | 00,128,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dhtmled.ocx
[2008/12/18 14:18:43 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedw.exe
[2008/12/18 14:18:43 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hmmapi.dll
[2008/12/18 14:18:42 | 00,633,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iexplore.exe
[2008/12/18 14:18:41 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Pictures
[2008/12/18 14:18:41 | 00,000,000 | ---D | C] -- C:\Program Files\Internet Explorer
[2008/12/18 14:18:39 | 00,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008/12/18 14:18:30 | 00,000,000 | ---D | C] -- C:\Program Files\ComPlus Applications
[2008/12/18 14:18:29 | 00,000,037 | ---- | C] () -- C:\WINDOWS\vbaddin.ini
[2008/12/18 14:18:29 | 00,000,036 | ---- | C] () -- C:\WINDOWS\vb.ini
[2008/12/18 14:18:25 | 00,000,000 | ---D | C] -- C:\WINDOWS\Registration
[2008/12/18 14:18:04 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Music
[2008/12/18 14:18:04 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Media Player
[2008/12/18 14:18:04 | 00,000,000 | ---D | C] -- C:\Program Files\Online Services
[2008/12/18 14:18:00 | 00,000,000 | ---D | C] -- C:\Program Files\Messenger
[2008/12/18 14:17:59 | 01,817,687 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgres.dll
[2008/12/18 14:17:59 | 00,780,885 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrres.dll
[2008/12/18 14:17:59 | 00,753,236 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvseres.dll
[2008/12/18 14:17:59 | 00,082,501 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckg.dll
[2008/12/18 14:17:59 | 00,048,706 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvse.dll
[2008/12/18 14:17:59 | 00,042,577 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgzm.exe
[2008/12/18 14:17:59 | 00,042,575 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrzm.exe
[2008/12/18 14:17:59 | 00,042,574 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvsezm.exe
[2008/12/18 14:17:59 | 00,042,573 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlzm.exe
[2008/12/18 14:17:59 | 00,040,515 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkr.dll
[2008/12/18 14:17:58 | 02,178,131 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlres.dll
[2008/12/18 14:17:58 | 01,175,635 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzres.dll
[2008/12/18 14:17:58 | 01,039,955 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnresm.dll
[2008/12/18 14:17:58 | 00,113,222 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zoneclim.dll
[2008/12/18 14:17:58 | 00,066,113 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvl.dll
[2008/12/18 14:17:58 | 00,057,409 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtz.dll
[2008/12/18 14:17:58 | 00,042,573 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzzm.exe
[2008/12/18 14:17:58 | 00,041,029 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zcorem.dll
[2008/12/18 14:17:58 | 00,032,339 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniansi.dll
[2008/12/18 14:17:58 | 00,013,894 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zonelibm.dll
[2008/12/18 14:17:58 | 00,004,677 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zeeverm.dll
[2008/12/18 14:17:57 | 00,217,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnclim.dll
[2008/12/18 14:17:57 | 00,036,937 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zclientm.exe
[2008/12/18 14:17:57 | 00,029,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\znetm.dll
[2008/12/18 14:17:57 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\write.exe
[2008/12/18 14:17:57 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\write.exe
[2008/12/18 14:17:57 | 00,000,000 | ---D | C] -- C:\Program Files\MSN Gaming Zone
[2008/12/18 14:17:51 | 00,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndvol32.exe
[2008/12/18 14:17:51 | 00,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndvol32.exe
[2008/12/18 14:17:50 | 00,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avtapi.dll
[2008/12/18 14:17:50 | 00,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avtapi.dll
[2008/12/18 14:17:50 | 00,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avwav.dll
[2008/12/18 14:17:50 | 00,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avwav.dll
[2008/12/18 14:17:50 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winchat.exe
[2008/12/18 14:17:50 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winchat.exe
[2008/12/18 14:17:50 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avmeter.dll
[2008/12/18 14:17:50 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avmeter.dll
[2008/12/18 14:17:47 | 00,065,954 | ---- | C] () -- C:\WINDOWS\Prairie Wind.bmp
[2008/12/18 14:17:47 | 00,065,832 | ---- | C] () -- C:\WINDOWS\Santa Fe Stucco.bmp
[2008/12/18 14:17:47 | 00,026,680 | ---- | C] () -- C:\WINDOWS\River Sumida.bmp
[2008/12/18 14:17:47 | 00,026,582 | ---- | C] () -- C:\WINDOWS\Greenstone.bmp
[2008/12/18 14:17:47 | 00,017,362 | ---- | C] () -- C:\WINDOWS\Rhododendron.bmp
[2008/12/18 14:17:47 | 00,017,336 | ---- | C] () -- C:\WINDOWS\Gone Fishing.bmp
[2008/12/18 14:17:47 | 00,009,522 | ---- | C] () -- C:\WINDOWS\Zapotec.bmp
[2008/12/18 14:17:46 | 00,605,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\getuname.dll
[2008/12/18 14:17:46 | 00,605,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\getuname.dll
[2008/12/18 14:17:46 | 00,065,978 | ---- | C] () -- C:\WINDOWS\Soap Bubbles.bmp
[2008/12/18 14:17:46 | 00,017,062 | ---- | C] () -- C:\WINDOWS\Coffee Bean.bmp
[2008/12/18 14:17:46 | 00,016,730 | ---- | C] () -- C:\WINDOWS\FeatherTexture.bmp
[2008/12/18 14:17:46 | 00,001,272 | ---- | C] () -- C:\WINDOWS\Blue Lace 16.bmp
[2008/12/18 14:17:45 | 00,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mshearts.exe
[2008/12/18 14:17:45 | 00,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshearts.exe
[2008/12/18 14:17:45 | 00,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winmine.exe
[2008/12/18 14:17:45 | 00,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmine.exe
[2008/12/18 14:17:45 | 00,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\calc.exe
[2008/12/18 14:17:45 | 00,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\calc.exe
[2008/12/18 14:17:45 | 00,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\charmap.exe
[2008/12/18 14:17:45 | 00,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\charmap.exe
[2008/12/18 14:17:45 | 00,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sol.exe
[2008/12/18 14:17:45 | 00,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sol.exe
[2008/12/18 14:17:45 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\freecell.exe
[2008/12/18 14:17:45 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\freecell.exe
[2008/12/18 14:17:44 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\regini.exe
[2008/12/18 14:17:44 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\regini.exe
[2008/12/18 14:17:44 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qwinsta.exe
[2008/12/18 14:17:44 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qwinsta.exe
[2008/12/18 14:17:44 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msg.exe
[2008/12/18 14:17:44 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msg.exe
[2008/12/18 14:17:44 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsshutdn.exe
[2008/12/18 14:17:44 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qappsrv.exe
[2008/12/18 14:17:44 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsshutdn.exe
[2008/12/18 14:17:44 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qappsrv.exe
[2008/12/18 14:17:44 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tskill.exe
[2008/12/18 14:17:44 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tskill.exe
[2008/12/18 14:17:44 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rwinsta.exe
[2008/12/18 14:17:44 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rwinsta.exe
[2008/12/18 14:17:44 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cdmodem.dll
[2008/12/18 14:17:44 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cdmodem.dll
[2008/12/18 14:17:44 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\logoff.exe
[2008/12/18 14:17:44 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logoff.exe
[2008/12/18 14:17:44 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsdiscon.exe
[2008/12/18 14:17:44 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscon.exe
[2008/12/18 14:17:44 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\shadow.exe
[2008/12/18 14:17:44 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsdiscon.exe
[2008/12/18 14:17:44 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscon.exe
[2008/12/18 14:17:44 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shadow.exe
[2008/12/18 14:17:44 | 00,013,223 | ---- | C] () -- C:\WINDOWS\System32\tslabels.ini
[2008/12/18 14:17:44 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\reset.exe
[2008/12/18 14:17:44 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\reset.exe
[2008/12/18 14:17:44 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpcfgex.dll
[2008/12/18 14:17:44 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpcfgex.dll
[2008/12/18 14:17:44 | 00,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h
[2008/12/18 14:17:44 | 00,001,161 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2008/12/18 14:17:43 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmi2xml.dll
[2008/12/18 14:17:43 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtsadmin.tlb
[2008/12/18 14:17:43 | 00,001,931 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.ini
[2008/12/18 14:17:43 | 00,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h
[2008/12/18 14:17:41 | 00,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\updprov.dll
[2008/12/18 14:17:41 | 00,075,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipicmp.dll
[2008/12/18 14:17:41 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmimsg.dll
[2008/12/18 14:17:41 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemdisp.tlb
[2008/12/18 14:17:41 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trnsprov.dll
[2008/12/18 14:17:41 | 00,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmitimep.dll
[2008/12/18 14:17:41 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.tlb
[2008/12/18 14:17:41 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unsecapp.exe
[2008/12/18 14:17:41 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmtr.dll
[2008/12/18 14:17:41 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmt.exe
[2008/12/18 14:17:41 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.dll
[2008/12/18 14:17:40 | 00,273,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msiprov.dll
[2008/12/18 14:17:40 | 00,120,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsprov.dll
[2008/12/18 14:17:40 | 00,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc
[2008/12/18 14:17:40 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmplprov.dll
[2008/12/18 14:17:40 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fwdprov.dll
[2008/12/18 14:17:40 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpcons.dll
[2008/12/18 14:17:34 | 00,000,000 | ---D | C] -- C:\Program Files\MSN
[2008/12/18 14:17:33 | 00,281,088 | ---- | C] (Cinematronics) -- C:\WINDOWS\System32\dllcache\pinball.exe
[2008/12/18 14:17:33 | 00,214,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wordpad.exe
[2008/12/18 14:17:33 | 00,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\accwiz.exe
[2008/12/18 14:17:33 | 00,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\accwiz.exe
[2008/12/18 14:17:33 | 00,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndrec32.exe
[2008/12/18 14:17:33 | 00,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndrec32.exe
[2008/12/18 14:17:33 | 00,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mplay32.exe
[2008/12/18 14:17:33 | 00,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplay32.exe
[2008/12/18 14:17:33 | 00,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\access.cpl
[2008/12/18 14:17:33 | 00,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\access.cpl
[2008/12/18 14:17:32 | 00,539,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dialer.exe
[2008/12/18 14:17:32 | 00,538,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spider.exe
[2008/12/18 14:17:32 | 00,538,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spider.exe
[2008/12/18 14:17:32 | 00,343,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mspaint.exe
[2008/12/18 14:17:32 | 00,343,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspaint.exe
[2008/12/18 14:17:32 | 00,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clipbrd.exe
[2008/12/18 14:17:32 | 00,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clipbrd.exe
[2008/12/18 14:17:32 | 00,000,000 | ---D | C] -- C:\Program Files\Windows NT
[2008/12/18 14:17:31 | 00,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rhttpaa.dll
[2008/12/18 14:17:31 | 00,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rhttpaa.dll
[2008/12/18 14:17:31 | 00,139,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rdpwd.sys
[2008/12/18 14:17:31 | 00,139,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwd.sys
[2008/12/18 14:17:31 | 00,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aaclient.dll
[2008/12/18 14:17:31 | 00,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\aaclient.dll
[2008/12/18 14:17:31 | 00,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscfgwmi.dll
[2008/12/18 14:17:31 | 00,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscfgwmi.dll
[2008/12/18 14:17:31 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsgqec.dll
[2008/12/18 14:17:31 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsgqec.dll
[2008/12/18 14:17:31 | 00,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tdtcp.sys
[2008/12/18 14:17:31 | 00,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdtcp.sys
[2008/12/18 14:17:31 | 00,012,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tdpipe.sys
[2008/12/18 14:17:31 | 00,012,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdpipe.sys
[2008/12/18 14:17:31 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US
[2008/12/18 14:17:30 | 02,061,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstscax.dll
[2008/12/18 14:17:30 | 02,061,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lhmstscx.dll
[2008/12/18 14:17:30 | 00,677,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstsc.exe
[2008/12/18 14:17:30 | 00,677,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lhmstsc.exe
[2008/12/18 14:17:30 | 00,295,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\termsrv.dll
[2008/12/18 14:17:30 | 00,295,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\termsrv.dll
[2008/12/18 14:17:30 | 00,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdchost.dll
[2008/12/18 14:17:30 | 00,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdchost.dll
[2008/12/18 14:17:30 | 00,141,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sessmgr.exe
[2008/12/18 14:17:30 | 00,141,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sessmgr.exe
[2008/12/18 14:17:30 | 00,087,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpwsx.dll
[2008/12/18 14:17:30 | 00,087,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwsx.dll
[2008/12/18 14:17:30 | 00,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdshost.exe
[2008/12/18 14:17:30 | 00,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdshost.exe
[2008/12/18 14:17:30 | 00,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpclip.exe
[2008/12/18 14:17:30 | 00,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpclip.exe
[2008/12/18 14:17:30 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\remotepg.dll
[2008/12/18 14:17:30 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\remotepg.dll
[2008/12/18 14:17:30 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpsnd.dll
[2008/12/18 14:17:30 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qprocess.exe
[2008/12/18 14:17:30 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpsnd.dll
[2008/12/18 14:17:30 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qprocess.exe
[2008/12/18 14:17:30 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdsaddin.exe
[2008/12/18 14:17:30 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdsaddin.exe
[2008/12/18 14:17:29 | 00,956,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtctm.dll
[2008/12/18 14:17:29 | 00,956,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtctm.dll
[2008/12/18 14:17:29 | 00,427,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcprx.dll
[2008/12/18 14:17:29 | 00,427,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtcprx.dll
[2008/12/18 14:17:29 | 00,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcuiu.dll
[2008/12/18 14:17:29 | 00,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtcuiu.dll
[2008/12/18 14:17:29 | 00,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxoci.dll
[2008/12/18 14:17:29 | 00,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxoci.dll
[2008/12/18 14:17:29 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtclog.dll
[2008/12/18 14:17:29 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtclog.dll
[2008/12/18 14:17:29 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cfgbkend.dll
[2008/12/18 14:17:29 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cfgbkend.dll
[2008/12/18 14:17:29 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xolehlp.dll
[2008/12/18 14:17:29 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xolehlp.dll
[2008/12/18 14:17:29 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icaapi.dll
[2008/12/18 14:17:29 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icaapi.dll
[2008/12/18 14:17:29 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtc.exe
[2008/12/18 14:17:29 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtc.exe
[2008/12/18 14:17:29 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc
[2008/12/18 14:17:28 | 00,195,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comadmin.dll
[2008/12/18 14:17:28 | 00,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrepl.dll
[2008/12/18 14:17:28 | 00,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comrepl.dll
[2008/12/18 14:17:28 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\colbact.dll
[2008/12/18 14:17:28 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\colbact.dll
[2008/12/18 14:17:28 | 00,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxlegih.dll
[2008/12/18 14:17:28 | 00,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxlegih.dll
[2008/12/18 14:17:28 | 00,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxdm.dll
[2008/12/18 14:17:28 | 00,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxdm.dll
[2008/12/18 14:17:28 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comaddin.dll
[2008/12/18 14:17:28 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comaddin.dll
[2008/12/18 14:17:28 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrepl.exe
[2008/12/18 14:17:28 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dcomcnfg.exe
[2008/12/18 14:17:28 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrereg.exe
[2008/12/18 14:17:28 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dcomcnfg.exe
[2008/12/18 14:17:28 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxex.dll
[2008/12/18 14:17:28 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxex.dll
[2008/12/18 14:17:28 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Com
[2008/12/18 14:17:27 | 01,267,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comsvcs.dll
[2008/12/18 14:17:27 | 01,267,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsvcs.dll
[2008/12/18 14:17:27 | 00,625,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\catsrvut.dll
[2008/12/18 14:17:27 | 00,625,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvut.dll
[2008/12/18 14:17:27 | 00,539,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comuid.dll
[2008/12/18 14:17:27 | 00,539,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comuid.dll
[2008/12/18 14:17:27 | 00,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\catsrv.dll
[2008/12/18 14:17:27 | 00,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrv.dll
[2008/12/18 14:17:27 | 00,167,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comsnap.dll
[2008/12/18 14:17:27 | 00,167,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsnap.dll
[2008/12/18 14:17:27 | 00,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clbcatex.dll
[2008/12/18 14:17:27 | 00,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clbcatex.dll
[2008/12/18 14:17:27 | 00,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\catsrvps.dll
[2008/12/18 14:17:27 | 00,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvps.dll
[2008/12/18 14:17:27 | 00,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\stclient.dll
[2008/12/18 14:17:27 | 00,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\stclient.dll
[2008/12/18 14:17:26 | 00,498,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clbcatq.dll
[2008/12/18 14:17:26 | 00,498,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clbcatq.dll
[2008/12/18 14:17:26 | 00,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmisvc.dll
[2008/12/18 14:17:26 | 00,095,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiutils.dll
[2008/12/18 14:17:26 | 00,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipsess.dll
[2008/12/18 14:17:25 | 00,531,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcore.dll
[2008/12/18 14:17:25 | 00,437,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprvsd.dll
[2008/12/18 14:17:25 | 00,273,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemess.dll
[2008/12/18 14:17:25 | 00,218,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprvse.exe
[2008/12/18 14:17:25 | 00,214,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcomn.dll
[2008/12/18 14:17:25 | 00,197,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemupgd.dll
[2008/12/18 14:17:25 | 00,196,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiadap.exe
[2008/12/18 14:17:25 | 00,196,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcntl.dll
[2008/12/18 14:17:25 | 00,178,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemdisp.dll
[2008/12/18 14:17:25 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipcima.dll
[2008/12/18 14:17:25 | 00,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprov.dll
[2008/12/18 14:17:25 | 00,140,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmidcprv.dll
[2008/12/18 14:17:25 | 00,132,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipdskq.dll
[2008/12/18 14:17:25 | 00,126,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiapsrv.exe
[2008/12/18 14:17:25 | 00,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemtest.exe
[2008/12/18 14:17:25 | 00,088,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiaprpl.dll
[2008/12/18 14:17:25 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcons.dll
[2008/12/18 14:17:25 | 00,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipjobj.dll
[2008/12/18 14:17:25 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipiprt.dll
[2008/12/18 14:17:25 | 00,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmicookr.dll
[2008/12/18 14:17:25 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemsvc.dll
[2008/12/18 14:17:25 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemprox.dll
[2008/12/18 14:17:25 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiapres.dll
[2008/12/18 14:17:24 | 00,237,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\provthrd.dll
[2008/12/18 14:17:24 | 00,212,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntevt.dll
[2008/12/18 14:17:24 | 00,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\framedyn.dll
[2008/12/18 14:17:24 | 00,178,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\repdrvfs.dll
[2008/12/18 14:17:24 | 00,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\viewprov.dll
[2008/12/18 14:17:24 | 00,123,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mofd.dll
[2008/12/18 14:17:24 | 00,086,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\stdprov.dll
[2008/12/18 14:17:24 | 00,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ncprov.dll
[2008/12/18 14:17:24 | 00,036,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scrcons.exe
[2008/12/18 14:17:24 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\krnlprov.dll
[2008/12/18 14:17:24 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mofcomp.exe
[2008/12/18 14:17:23 | 01,358,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cimwin32.dll
[2008/12/18 14:17:23 | 00,472,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fastprox.dll
[2008/12/18 14:17:23 | 00,247,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\esscli.dll
[2008/12/18 14:17:23 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\servdeps.dll
[2008/12/18 14:17:23 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\servdeps.dll
[2008/12/18 14:17:23 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmfutil.dll
[2008/12/18 14:17:23 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mmfutil.dll
[2008/12/18 14:17:22 | 00,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmprops.dll
[2008/12/18 14:17:22 | 00,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmprops.dll
[2008/12/18 14:17:22 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\licwmi.dll
[2008/12/18 14:17:22 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\licwmi.dll
[2008/12/18 14:17:19 | 00,196,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rdpdr.sys
[2008/12/18 14:17:19 | 00,040,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\termdd.sys

========== Files - Modified Within 30 Days ==========

[1 C:\WINDOWS\System32\*.tmp files]
[3 C:\WINDOWS\*.tmp files]
[2008/12/22 12:49:44 | 21,308,704 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.dat
[2008/12/22 12:49:38 | 00,314,838 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2008/12/22 12:49:38 | 00,041,040 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2008/12/22 12:49:37 | 00,360,124 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2008/12/22 12:48:28 | 00,423,424 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\user\Desktop\OTViewIt.exe
[2008/12/22 12:45:33 | 00,188,689 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2008/12/22 12:45:28 | 00,349,222 | ---- | M] () -- C:\WINDOWS\System32\vsconfig.xml
[2008/12/22 12:45:05 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2008/12/22 12:45:02 | 00,002,422 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2008/12/22 12:45:01 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2008/12/21 22:32:36 | 00,286,208 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.idx
[2008/12/21 20:28:35 | 00,000,805 | ---- | M] () -- C:\rollback.ini
[2008/12/21 13:28:41 | 00,001,587 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\DAZ Studio 2.3.lnk
[2008/12/21 12:33:18 | 00,215,264 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008/12/21 12:14:01 | 05,891,590 | -H-- | M] () -- C:\Documents and Settings\user\Local Settings\Application Data\IconCache.db
[2008/12/21 12:10:29 | 01,033,216 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\user\Desktop\OTMoveIt3.exe
[2008/12/20 21:05:02 | 00,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2008/12/20 20:58:35 | 12,117,0212 | ---- | M] (BitRock SL) -- C:\Documents and Settings\user\Desktop\DAZStudio_2.3.3.89_win.exe
[2008/12/20 20:11:28 | 00,269,500 | ---- | M] () -- C:\Documents and Settings\user\My Documents\Malwarebytes_org Online Store.mht
[2008/12/20 15:59:38 | 00,003,421 | ---- | M] () -- C:\WINDOWS\CDPlayer.ini
[2008/12/19 20:19:46 | 00,000,734 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\HOSTS
[2008/12/19 20:13:40 | 00,000,255 | RHS- | M] () -- C:\autorun.inf
[2008/12/19 18:29:45 | 00,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2008/12/19 16:55:07 | 00,781,851 | ---- | M] () -- C:\Documents and Settings\user\Desktop\RSIT.exe
[2008/12/19 16:29:15 | 00,004,212 | -H-- | M] () -- C:\WINDOWS\System32\zllictbl.dat
[2008/12/19 16:02:27 | 00,000,552 | ---- | M] () -- C:\WINDOWS\win.ini
[2008/12/19 15:12:54 | 00,087,608 | ---- | M] () -- C:\Documents and Settings\user\Application Data\inst.exe
[2008/12/19 15:12:54 | 00,047,360 | ---- | M] (VSO Software) -- C:\WINDOWS\System32\drivers\pcouffin.sys
[2008/12/19 15:12:54 | 00,047,360 | ---- | M] (VSO Software) -- C:\Documents and Settings\user\Application Data\pcouffin.sys
[2008/12/19 15:12:54 | 00,007,887 | ---- | M] () -- C:\Documents and Settings\user\Application Data\pcouffin.cat
[2008/12/19 15:12:54 | 00,001,144 | ---- | M] () -- C:\Documents and Settings\user\Application Data\pcouffin.inf
[2008/12/19 15:12:50 | 00,000,618 | ---- | M] () -- C:\Documents and Settings\user\Desktop\DVDFab 5.lnk
[2008/12/19 13:36:03 | 00,000,104 | ---- | M] () -- C:\Documents and Settings\user\Desktop\Shortcut to Internet.lnk
[2008/12/19 13:18:17 | 00,000,920 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Comic Collector.lnk
[2008/12/19 13:15:26 | 00,000,660 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\MediaMonkey.lnk
[2008/12/19 13:13:37 | 00,000,766 | ---- | M] () -- C:\Documents and Settings\user\Desktop\MailWasher Pro.lnk
[2008/12/19 12:37:08 | 00,002,422 | ---- | M] () -- C:\WINDOWS\System32\wpa.bak
[2008/12/19 01:15:59 | 00,005,208 | ---- | M] () -- C:\WINDOWS\System32\pid.PNF
[2008/12/19 01:12:33 | 00,000,231 | ---- | M] () -- C:\WINDOWS\system.ini
[2008/12/19 01:12:16 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\user\Application Data\desktop.ini
[2008/12/19 01:12:16 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\All Users\Documents\desktop.ini
[2008/12/19 01:12:16 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\desktop.ini
[2008/12/18 14:39:38 | 00,000,075 | -HS- | M] () -- C:\Documents and Settings\user\My Documents\desktop.ini
[2008/12/18 14:35:52 | 00,002,361 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Nero StartSmart Essentials.lnk
[2008/12/18 14:33:15 | 00,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2008/12/18 14:27:13 | 00,012,065 | ---- | M] () -- C:\WINDOWS\Ascd_log.ini
[2008/12/18 14:24:08 | 00,011,832 | ---- | M] () -- C:\WINDOWS\Ascd_tmp.ini
[2008/12/18 14:22:24 | 00,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD
[2008/12/18 14:21:43 | 00,000,261 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2008/12/18 14:20:41 | 00,000,084 | -HS- | M] () -- C:\Documents and Settings\user\Start Menu\Programs\Startup\desktop.ini
[2008/12/18 14:20:41 | 00,000,084 | -HS- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\desktop.ini
[2008/12/18 14:20:36 | 00,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2008/12/18 14:20:36 | 00,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2008/12/18 14:20:36 | 00,000,000 | RHS- | M] () -- C:\IO.SYS
[2008/12/18 14:20:36 | 00,000,000 | ---- | M] () -- C:\WINDOWS\control.ini
[2008/12/18 14:20:36 | 00,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2008/12/18 14:20:36 | 00,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2008/12/18 14:20:34 | 00,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2008/12/18 14:20:34 | 00,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2008/12/18 14:20:26 | 00,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2008/12/18 14:18:39 | 00,021,640 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008/12/18 14:18:29 | 00,000,037 | ---- | M] () -- C:\WINDOWS\vbaddin.ini
[2008/12/18 14:18:29 | 00,000,036 | ---- | M] () -- C:\WINDOWS\vb.ini
[2008/12/18 14:16:41 | 00,000,211 | -HS- | M] () -- C:\boot.ini
[2008/12/13 17:40:02 | 03,593,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mshtml.dll
[2008/12/13 17:40:02 | 03,593,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll
[2008/12/05 22:21:32 | 00,005,765 | ---- | M] () -- C:\Documents and Settings\user\My Documents\BILLING RECEIPT.mht
[2008/12/03 19:52:38 | 00,038,496 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2008/12/03 19:52:34 | 00,015,504 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2008/11/24 15:18:00 | 00,010,086 | ---- | M] () -- C:\Documents and Settings\user\My Documents\DVDCover.docx
< End of report >
OTViewIt Extras logfile created on: 12/22/2008 12:48:55 PM - Run
OTViewIt by OldTimer - Version 1.0.20.1 Folder = C:\Documents and Settings\user\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 100.00% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 931.50 Gb Total Space | 908.57 Gb Free Space | 97.54% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: USER-530216A4FB
Current User Name: user
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Whitelist: On
File Age = 30 Days

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled"=1
"AntiVirusDisableNotify"=0
"FirewallDisableNotify"=0
"UpdatesDisableNotify"=0
"AntiVirusOverride"=0
"FirewallOverride"=0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=1

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"EnableFirewall"=1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[2008/04/14 23:00:00 | 00,558,080 | ---- | M] (Microsoft Corporation) -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
[2008/04/14 23:00:00 | 00,141,312 | ---- | M] (Microsoft Corporation) -- %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
[2008/04/14 23:00:00 | 00,558,080 | ---- | M] (Microsoft Corporation) -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
[2008/04/14 23:00:00 | 00,141,312 | ---- | M] (Microsoft Corporation) -- %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
File not found -- D:\Installation\Setupx.exe:*:Enabled:Nero ProductSetup
[2008/08/29 10:18:44 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour
[2008/11/20 13:20:48 | 14,294,824 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes
[2006/10/27 15:16:48 | 12,813,096 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook

========== (O10) Winsock2 Catalogs ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\]
NameSpace_Catalog5\Catalog_Entries\000000000004 [mdnsNSP] -- C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

========== (O18) Protocol Handlers ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
ipp: [HKLM - No CLSID value]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\] - Protocol Handlers
[2006/10/26 19:49:48 | 01,011,488 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL ipp\0x00000001:{E1D2BF42-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - MSDAMON.BINDER]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
msdaipp: [HKLM - No CLSID value]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\] - Protocol Handlers
[2006/10/26 19:49:48 | 01,011,488 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL msdaipp\0x00000001:{E1D2BF42-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - MSDAMON.BINDER]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\] - Protocol Handlers
[2006/10/26 19:49:48 | 01,011,488 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL msdaipp\oledb:{E1D2BF40-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - MSDAIPP.BINDER]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
[2006/10/26 13:45:02 | 00,873,216 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (ms-help:{314111c7-a502-11d2-bbca-00c04f8ec294} (HKLM) [HxProtocol Class])

========== (O18) Protocol Filters ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\] - Protocol Filters
[2006/10/26 21:41:48 | 00,044,344 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL text/xml:{807563E5-5146-11D5-A672-00B0D022E945} (HKLM) [Microsoft Office InfoPath XML Mime Filter]

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{20D4A895-748C-4D88-871C-FDB1695B0169}"=Platform
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}"=Java™ 6 Update 11
"{2DD388FF-6422-43C9-86A1-C7A99C83E946}"=ASUS nVidia Driver
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}"=Atheros Communications Inc.® AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver
"{318AB667-3230-41B5-A617-CB3BF748D371}"=iTunes
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}"=WebFldrs XP
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}"=neroxml
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}"=Apple Software Update
"{7299052b-02a4-4627-81f2-1818da5d550d}"=Microsoft Visual C++ 2005 Redistributable
"{7E20EFE6-E604-48C6-8B39-BA4742F2CDB4}"=Zune Desktop Theme
"{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}"=Bonjour
"{8E72B982-D54F-486F-B35A-C24B6F171033}"=Nero 7 Essentials
"{90120000-0010-0409-0000-0000000FF1CE}"=Microsoft Software Update for Web Folders (English) 12
"{90120000-0015-0409-0000-0000000FF1CE}"=Microsoft Office Access MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}"=Microsoft Office Excel MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}"=Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}"=Microsoft Office Publisher MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}"=Microsoft Office Outlook MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}"=Microsoft Office Word MUI (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}"=Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}"=Microsoft Office Proof (French) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}"=Microsoft Office Proof (Spanish) 2007
"{90120000-002C-0409-0000-0000000FF1CE}"=Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}"=Microsoft Office Enterprise 2007
"{90120000-0044-0409-0000-0000000FF1CE}"=Microsoft Office InfoPath MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}"=Microsoft Office Shared MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}"=Microsoft Office OneNote MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}"=Microsoft Office Groove MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}"=Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}"=Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}"=Microsoft Office Access Setup Metadata MUI (English) 2007
"{A040AC77-C1AA-4CC9-8931-9F648AF178F6}"=VC 9.0 Runtime
"{CC4A73BF-938E-4C19-A553-853C035C9BA1}"=LightScribe System Software 1.10.13.1
"{EC4455AB-F155-4CC1-A4C5-88F3777F9886}"=Apple Mobile Device Support
"{F958CA02-BB40-4007-894B-258729456EE4}"=QuickTime
"Collectorz.com Comic Collector"=Collectorz.com Comic Collector
"DAZ Studio 2.3"=DAZ Studio
"DVDFab (Platinum/Gold/HD Decrypter) (Option: Mobile) 5_is1"=DVDFab (Platinum/Gold/HD Decrypter) (Option: Mobile) 5.0.6.0
"ENTERPRISE"=Microsoft Office Enterprise 2007
"HijackThis"=HijackThis 2.0.2
"IDNMitigationAPIs"=Microsoft Internationalized Domain Names Mitigation APIs
"ie7"=Windows Internet Explorer 7
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}"=VIA Platform Device Manager
"MailWasher Pro_is1"=MailWasher Pro
"Malwarebytes' Anti-Malware_is1"=Malwarebytes' Anti-Malware
"MediaMonkey_is1"=MediaMonkey 3.0
"Morph Loader "=Morph Loader
"NLSDownlevelMapping"=Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers"=NVIDIA Drivers
"Render Album "=Render Album
"Windows Media Format Runtime"=Windows Media Format Runtime
"ZoneAlarm Security Suite"=ZoneAlarm Security Suite

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 12/21/2008 12:39:49 AM | Computer Name = USER-530216A4FB | Source = Application Error | ID = 1000
Description = Faulting application ps_mo312_attitudepose.exe, version 1.0.0.0, faulting
module tcla0.tmp, version 0.0.0.0, fault address 0x0000d063.

Error - 12/21/2008 12:40:01 AM | Computer Name = USER-530216A4FB | Source = Application Error | ID = 1000
Description = Faulting application ps_mo312_attitudepose.exe, version 1.0.0.0, faulting
module tcla9.tmp, version 0.0.0.0, fault address 0x0000d063.

Error - 12/21/2008 12:41:51 AM | Computer Name = USER-530216A4FB | Source = Application Error | ID = 1000
Description = Faulting application ps_mo312_attitudepose.exe, version 1.0.0.0, faulting
module tcld6.tmp, version 0.0.0.0, fault address 0x0000d063.

Error - 12/21/2008 12:47:33 AM | Computer Name = USER-530216A4FB | Source = Application Error | ID = 1000
Description = Faulting application 7877_1_dpc_m4base.exe, version 1.0.0.0, faulting
module tcle8.tmp, version 0.0.0.0, fault address 0x0000d063.

Error - 12/21/2008 12:48:01 AM | Computer Name = USER-530216A4FB | Source = Application Error | ID = 1000
Description = Faulting application 7877_1_dpc_m4base.exe, version 1.0.0.0, faulting
module tclf1.tmp, version 0.0.0.0, fault address 0x0000d063.

Error - 12/21/2008 12:48:31 AM | Computer Name = USER-530216A4FB | Source = Application Error | ID = 1001
Description = Fault bucket 1064947629.

Error - 12/21/2008 12:49:53 AM | Computer Name = USER-530216A4FB | Source = Application Error | ID = 1000
Description = Faulting application 7877_1_dpc_m4base.exe, version 1.0.0.0, faulting
module tcl101.tmp, version 0.0.0.0, fault address 0x0000d063.

Error - 12/21/2008 2:20:12 AM | Computer Name = USER-530216A4FB | Source = Application Error | ID = 1000
Description = Faulting application 7880_1_dpc_michael4probundle.exe, version 1.0.0.0,
faulting module tcl242.tmp, version 0.0.0.0, fault address 0x0000d063.

[ System Events ]
Error - 12/19/2008 5:57:52 AM | Computer Name = USER-530216A4FB | Source = PlugPlayManager | ID = 11
Description = The device Root\LEGACY_SSFS0BBC\0000 disappeared from the system without
first being prepared for removal.

Error - 12/19/2008 5:57:52 AM | Computer Name = USER-530216A4FB | Source = PlugPlayManager | ID = 11
Description = The device Root\LEGACY_SSHRMD\0000 disappeared from the system without
first being prepared for removal.

Error - 12/19/2008 5:57:52 AM | Computer Name = USER-530216A4FB | Source = PlugPlayManager | ID = 11
Description = The device Root\LEGACY_SSIDRV\0000 disappeared from the system without
first being prepared for removal.

Error - 12/19/2008 5:59:29 AM | Computer Name = USER-530216A4FB | Source = sr | ID = 1
Description = The System Restore filter encountered the unexpected error '0xC0000001'
while processing the file '' on the volume 'HarddiskVolume1'. It has stopped monitoring
the volume.

Error - 12/19/2008 5:59:42 AM | Computer Name = USER-530216A4FB | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
i8042prt

Error - 12/19/2008 9:16:44 PM | Computer Name = USER-530216A4FB | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
i8042prt

Error - 12/20/2008 9:05:59 PM | Computer Name = USER-530216A4FB | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
i8042prt

Error - 12/20/2008 9:15:18 PM | Computer Name = USER-530216A4FB | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
i8042prt

Error - 12/20/2008 9:33:44 PM | Computer Name = USER-530216A4FB | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
i8042prt

Error - 12/21/2008 9:45:25 PM | Computer Name = USER-530216A4FB | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
i8042prt


< End of report >

#8 Buckeye_Sam

Buckeye_Sam

    Malware Expert


  • Members
  • 17,382 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Pickerington, Ohio
  • Local time:05:23 PM

Posted 22 December 2008 - 11:38 AM

Copy this text into OTMoveIt3 just like before and click MoveIt.

:files
C:\autorun.inf 

:reg
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c2e592dc-cd6d-11dd-961d-002215ba7042}]

:Commands
[EmptyTemp]
[Reboot]


Please post back with the resulting log from OTMoveit3.



===============



Download Flash_Disinfector.exe by sUBs and save it to your desktop.
  • Double-click Flash_Disinfector.exe to run it and follow any prompts that may appear.
  • The utility may ask you to insert your flash drive and/or other removable drives including your mobile phone. Please do so and allow the utility to clean up those drives as well.
  • Wait until it has finished scanning and then exit the program.
  • Reboot your computer when done.
Note: Flash_Disinfector will create a hidden folder named autorun.inf in each partition and every USB drive plugged in when you ran it. Don't delete this folder...it will help protect your drives from future infection.
Posted Image If I have helped you in any way, please consider a donation to help me continue the fight against malware.


Failing to respond back to the person that is giving up their own time to help you not only is insensitive and disrespectful, but it guarantees that you will never receive help from me again. Please thank your helpers and there will always be help here when you need it!


========================================================

#9 catamongthebats

catamongthebats
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:08:23 AM

Posted 22 December 2008 - 07:57 PM

Hi Sam,

OTMOVEIT log as requested;

========== FILES ==========
C:\autorun.inf moved successfully.
========== REGISTRY ==========
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c2e592dc-cd6d-11dd-961d-002215ba7042}\\ deleted successfully.
========== COMMANDS ==========
File delete failed. C:\DOCUME~1\user\LOCALS~1\Temp\~DF1B1D.tmp scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_408.dat scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\ZLT00532.TMP scheduled to be deleted on reboot.
Windows Temp folder emptied.
Java cache emptied.
Temp folders emptied.

OTMoveIt3 by OldTimer - Version 1.0.7.2 log created on 12232008_113620

Files moved on Reboot...
C:\DOCUME~1\user\LOCALS~1\Temp\~DF1B1D.tmp moved successfully.
File move failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be moved on reboot.
File C:\WINDOWS\temp\Perflib_Perfdata_408.dat not found!
File C:\WINDOWS\temp\ZLT00532.TMP not found!

The good news is my C: drive is working again! Yay! :thumbsup: Thanks!
E: drive with my external Hard drive is still giving the same error message. I haven't had it turned on all the time so maybe I need to repeat some of the steps to clean it up? I turned it on for the Flash Disinfector and any other time that involved a cleaning program or if it was requested.

Cheers, Cathy.

#10 catamongthebats

catamongthebats
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:08:23 AM

Posted 22 December 2008 - 08:12 PM

Sam,

I'm assuming the E: drive will be like the C: so in following all previous steps here are the relevant logs. It shows up clear with Malwarebyrtes and has been turned on throughout that process so the previous logs should cover that.

RSIT:
Logfile of random's system information tool 1.05 (written by random/random)
Run by user at 2008-12-23 12:06:08
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 930 GB (98%) free of 954 GB
Total RAM: 3583 MB (85% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:06:09 PM, on 12/23/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
C:\Program Files\Nero\Nero 7\InCD\InCD.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\user\Desktop\OTViewIt.exe
C:\WINDOWS\notepad.exe
C:\WINDOWS\notepad.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\user\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\user.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [HDAudDeck] "C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe" 1
O4 - HKLM\..\Run: [NvCplDaemon] "C:\WINDOWS\system32\RUNDLL32.EXE" C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] "C:\WINDOWS\system32\nwiz.exe" /install
O4 - HKLM\..\Run: [NvMediaCenter] "C:\WINDOWS\system32\RUNDLL32.EXE" C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] "C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe"
O4 - HKLM\..\Run: [SecurDisc] "C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe"
O4 - HKLM\..\Run: [InCD] "C:\Program Files\Nero\Nero 7\InCD\InCD.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKCU\..\Run: [LightScribe Control Panel] "C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe" -hidden
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://dl8-cdn-01.sun.com/s/ESD5/JSCDL/jre...ows-i586-jc.cab
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 6722 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java™ Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-12-19 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java™ Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-12-19 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-12-19 73728]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"=C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe [2008-04-10 29757440]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-06-26 13529088]
"nwiz"=C:\WINDOWS\system32\nwiz.exe [2008-06-26 1630208]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-06-26 86016]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]
"SecurDisc"=C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe [2007-06-25 1629480]
"InCD"=C:\Program Files\Nero\Nero 7\InCD\InCD.exe [2007-06-25 1057064]
"ZoneAlarm Client"=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2008-10-09 981904]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2008-11-04 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-11-20 290088]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2008-12-19 136600]
"Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2008-12-03 399504]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2007-08-23 455968]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-06-27 152872]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=36
"NoDriveAutoRun"=FFFFFFFF

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\Installation\Setupx.exe"="D:\Installation\Setupx.exe:*:Enabled:Nero ProductSetup"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c2e592dc-cd6d-11dd-961d-002215ba7042}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL resycled\boot.com e:
shell\Open\command - E:\resycled\boot.com e:


======List of files/folders created in the last 1 months======

2008-12-23 11:45:09 ----RASHD---- C:\autorun.inf
2008-12-21 13:27:00 ----A---- C:\WINDOWS\system32\dzwrapper.dll
2008-12-21 13:26:59 ----A---- C:\WINDOWS\system32\dzcore.dll
2008-12-21 13:26:59 ----A---- C:\WINDOWS\system32\dzcarrara.dll
2008-12-21 13:26:59 ----A---- C:\WINDOWS\system32\dzbryce6.dll
2008-12-21 13:26:58 ----A---- C:\WINDOWS\system32\dz3delight.dll
2008-12-21 13:26:58 ----A---- C:\WINDOWS\system32\daz-qt-mt.dll
2008-12-21 13:26:58 ----A---- C:\WINDOWS\system32\daz-qsa.dll
2008-12-21 13:26:31 ----D---- C:\Program Files\DAZ
2008-12-21 12:11:22 ----D---- C:\_OTMoveIt
2008-12-20 21:05:12 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2008-12-20 21:04:54 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2008-12-20 18:50:37 ----A---- C:\WINDOWS\unvise32.exe
2008-12-20 17:51:06 ----D---- C:\Documents and Settings\All Users\Application Data\OptiTex
2008-12-20 15:42:24 ----D---- C:\My Music
2008-12-20 15:42:01 ----A---- C:\WINDOWS\CDPlayer.ini
2008-12-20 12:31:44 ----A---- C:\WINDOWS\Active Setup Log.txt
2008-12-20 12:31:33 ----D---- C:\Program Files\OptusNet DSL Internet
2008-12-20 12:27:30 ----A---- C:\WINDOWS\uninst.exe
2008-12-19 21:55:47 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2008-12-19 21:55:43 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2008-12-19 21:55:40 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2008-12-19 21:55:36 ----HDC---- C:\WINDOWS\$NtUninstallKB955839$
2008-12-19 21:55:30 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
2008-12-19 21:55:25 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2008-12-19 21:55:00 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2008-12-19 21:54:56 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2008-12-19 21:54:52 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2008-12-19 21:54:49 ----D---- C:\WINDOWS\ie7updates
2008-12-19 21:54:45 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2008-12-19 21:54:39 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2008-12-19 21:54:36 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2008-12-19 21:54:32 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2008-12-19 21:54:27 ----HDC---- C:\WINDOWS\$NtUninstallKB923689$
2008-12-19 21:54:20 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2008-12-19 21:54:16 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2008-12-19 21:54:13 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$
2008-12-19 21:54:11 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2008-12-19 21:54:08 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
2008-12-19 21:54:04 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2008-12-19 21:54:00 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2008-12-19 21:53:55 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2008-12-19 21:53:45 ----D---- C:\Program Files\MSXML 4.0
2008-12-19 20:59:46 ----D---- C:\WINDOWS\system32\LogFiles
2008-12-19 18:29:46 ----D---- C:\Documents and Settings\user\Application Data\Malwarebytes
2008-12-19 18:29:42 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2008-12-19 18:29:42 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-12-19 18:08:37 ----D---- C:\Documents and Settings\All Users\Application Data\LightScribe
2008-12-19 17:17:53 ----D---- C:\rsit
2008-12-19 17:01:38 ----D---- C:\WINDOWS\Sun
2008-12-19 17:01:30 ----A---- C:\WINDOWS\system32\javaws.exe
2008-12-19 17:01:30 ----A---- C:\WINDOWS\system32\javaw.exe
2008-12-19 17:01:30 ----A---- C:\WINDOWS\system32\java.exe
2008-12-19 17:01:30 ----A---- C:\WINDOWS\system32\deploytk.dll
2008-12-19 17:01:25 ----D---- C:\Program Files\Java
2008-12-19 16:57:15 ----D---- C:\Documents and Settings\user\Application Data\Sun
2008-12-19 16:50:31 ----D---- C:\Program Files\Trend Micro
2008-12-19 16:25:20 ----D---- C:\Program Files\Common Files\DAZ
2008-12-19 16:12:13 ----D---- C:\Program Files\SonicWallES
2008-12-19 16:04:48 ----D---- C:\Program Files\MSBuild
2008-12-19 16:04:44 ----D---- C:\Program Files\Microsoft Visual Studio
2008-12-19 16:04:44 ----D---- C:\Program Files\Common Files\DESIGNER
2008-12-19 16:02:21 ----D---- C:\WINDOWS\SHELLNEW
2008-12-19 16:02:07 ----D---- C:\Program Files\Microsoft Office
2008-12-19 16:02:07 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-12-19 16:01:49 ----RHD---- C:\MSOCache
2008-12-19 15:53:54 ----D---- C:\Documents and Settings\user\Application Data\Apple Computer
2008-12-19 15:53:49 ----A---- C:\WINDOWS\system32\GEARAspi.dll
2008-12-19 15:53:42 ----D---- C:\Program Files\iPod
2008-12-19 15:53:41 ----D---- C:\Program Files\iTunes
2008-12-19 15:53:41 ----D---- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-12-19 15:53:33 ----D---- C:\Program Files\Bonjour
2008-12-19 15:53:20 ----D---- C:\Program Files\QuickTime
2008-12-19 15:53:20 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-12-19 15:53:13 ----D---- C:\Program Files\Apple Software Update
2008-12-19 15:53:04 ----D---- C:\Program Files\Common Files\Apple
2008-12-19 15:53:04 ----D---- C:\Documents and Settings\All Users\Application Data\Apple
2008-12-19 15:47:59 ----D---- C:\WINDOWS\Minidump
2008-12-19 15:46:44 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$
2008-12-19 15:12:54 ----D---- C:\Documents and Settings\user\Application Data\Vso
2008-12-19 15:12:54 ----A---- C:\Documents and Settings\user\Application Data\inst.exe
2008-12-19 15:12:49 ----D---- C:\Program Files\DVDFab 5
2008-12-19 14:13:18 ----A---- C:\rollback.ini
2008-12-19 13:42:25 ----D---- C:\WINDOWS\system32\PreInstall
2008-12-19 13:42:23 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2008-12-19 13:33:22 ----D---- C:\Documents and Settings\user\Application Data\MailFrontier
2008-12-19 13:24:43 ----D---- C:\Documents and Settings\All Users\Application Data\MailFrontier
2008-12-19 13:24:37 ----A---- C:\WINDOWS\zllsputility.exe
2008-12-19 13:24:34 ----A---- C:\WINDOWS\system32\vsregexp.dll
2008-12-19 13:24:33 ----A---- C:\WINDOWS\system32\zlcommdb.dll
2008-12-19 13:24:33 ----A---- C:\WINDOWS\system32\zlcomm.dll
2008-12-19 13:24:31 ----A---- C:\WINDOWS\system32\vswmi.dll
2008-12-19 13:24:30 ----D---- C:\WINDOWS\system32\ZoneLabs
2008-12-19 13:24:30 ----D---- C:\Program Files\Zone Labs
2008-12-19 13:24:30 ----A---- C:\WINDOWS\system32\zpeng25.dll
2008-12-19 13:24:30 ----A---- C:\WINDOWS\system32\vsxml.dll
2008-12-19 13:24:30 ----A---- C:\WINDOWS\system32\vspubapi.dll
2008-12-19 13:24:30 ----A---- C:\WINDOWS\system32\vsmonapi.dll
2008-12-19 13:23:57 ----A---- C:\WINDOWS\system32\vsutil.dll
2008-12-19 13:23:57 ----A---- C:\WINDOWS\system32\vsinit.dll
2008-12-19 13:23:57 ----A---- C:\WINDOWS\system32\vsdata.dll
2008-12-19 13:23:55 ----D---- C:\WINDOWS\Internet Logs
2008-12-19 13:18:14 ----D---- C:\Program Files\Collectorz.com
2008-12-19 13:15:23 ----D---- C:\Program Files\MediaMonkey
2008-12-19 13:13:37 ----D---- C:\Documents and Settings\user\Application Data\MailWasherPro
2008-12-19 13:13:36 ----D---- C:\Program Files\FireTrust
2008-12-19 13:04:53 ----SHD---- C:\RECYCLER
2008-12-19 12:37:08 ----A---- C:\WINDOWS\system32\wpa.bak
2008-12-19 12:16:15 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2008-12-19 09:06:31 ----A---- C:\WINDOWS\system32\chtbrkr.dll
2008-12-19 09:06:31 ----A---- C:\WINDOWS\system32\chsbrkr.dll
2008-12-19 09:06:30 ----A---- C:\WINDOWS\system32\msir3jp.dll
2008-12-19 09:06:30 ----A---- C:\WINDOWS\system32\korwbrkr.dll
2008-12-19 09:06:21 ----A---- C:\WINDOWS\system32\kbd101a.dll
2008-12-19 09:06:16 ----A---- C:\WINDOWS\system32\kbdnecNT.dll
2008-12-19 09:06:16 ----A---- C:\WINDOWS\system32\kbdnecAT.dll
2008-12-19 09:06:16 ----A---- C:\WINDOWS\system32\kbdnec95.dll
2008-12-19 09:06:06 ----A---- C:\WINDOWS\system32\c_is2022.dll
2008-12-19 09:06:04 ----A---- C:\WINDOWS\system32\uniime.dll
2008-12-19 09:05:59 ----A---- C:\WINDOWS\system32\c_g18030.dll
2008-12-19 09:05:58 ----A---- C:\WINDOWS\system32\kbdlk41j.dll
2008-12-19 09:05:58 ----A---- C:\WINDOWS\system32\kbdlk41a.dll
2008-12-19 09:05:58 ----A---- C:\WINDOWS\system32\kbdibm02.dll
2008-12-19 09:05:58 ----A---- C:\WINDOWS\system32\kbdax2.dll
2008-12-19 09:05:58 ----A---- C:\WINDOWS\system32\kbd106n.dll
2008-12-19 09:05:58 ----A---- C:\WINDOWS\system32\kbd101.dll
2008-12-19 09:05:58 ----A---- C:\WINDOWS\system32\f3ahvoas.dll
2008-12-19 09:05:57 ----A---- C:\WINDOWS\system32\imjp81k.dll
2008-12-19 09:05:09 ----A---- C:\WINDOWS\system32\kbdkor.dll
2008-12-19 09:05:09 ----A---- C:\WINDOWS\system32\kbdjpn.dll
2008-12-19 09:05:09 ----A---- C:\WINDOWS\system32\kbd103.dll
2008-12-19 09:05:09 ----A---- C:\WINDOWS\system32\kbd101c.dll
2008-12-19 09:05:07 ----A---- C:\WINDOWS\system32\kbd106.dll
2008-12-19 09:05:07 ----A---- C:\WINDOWS\system32\kbd101b.dll
2008-12-19 09:04:32 ----A---- C:\WINDOWS\system32\hidserv.dll
2008-12-19 01:16:29 ----A---- C:\WINDOWS\system32\h323log.txt
2008-12-19 01:13:22 ----A---- C:\WINDOWS\system32\usbui.dll
2008-12-19 01:12:39 ----A---- C:\WINDOWS\imsins.BAK
2008-12-19 01:12:37 ----SHD---- C:\WINDOWS\Installer
2008-12-19 01:12:37 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-12-19 01:12:36 ----D---- C:\Program Files\Common Files\ODBC
2008-12-19 01:12:36 ----A---- C:\WINDOWS\ODBCINST.INI
2008-12-19 01:12:34 ----RD---- C:\Program Files
2008-12-19 01:12:34 ----D---- C:\Program Files\Common Files\SpeechEngines
2008-12-19 01:12:34 ----D---- C:\Program Files\Common Files\Microsoft Shared
2008-12-19 01:12:34 ----D---- C:\Program Files\Common Files
2008-12-19 01:12:32 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2008-12-19 01:12:32 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2008-12-19 01:12:32 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2008-12-19 01:12:31 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2008-12-19 01:12:31 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2008-12-19 01:12:31 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2008-12-19 01:12:31 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2008-12-19 01:12:31 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2008-12-19 01:12:31 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2008-12-19 01:12:30 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2008-12-19 01:12:30 ----RA---- C:\WINDOWS\system32\kbdur.dll
2008-12-19 01:12:30 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2008-12-19 01:12:30 ----RA---- C:\WINDOWS\system32\kbdru.dll
2008-12-19 01:12:30 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2008-12-19 01:12:30 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2008-12-19 01:12:29 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2008-12-19 01:12:29 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2008-12-19 01:12:29 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2008-12-19 01:12:29 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2008-12-19 01:12:29 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2008-12-19 01:12:29 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2008-12-19 01:12:29 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2008-12-19 01:12:28 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2008-12-19 01:12:28 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2008-12-19 01:12:28 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2008-12-19 01:12:28 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2008-12-19 01:12:28 ----RA---- C:\WINDOWS\system32\kbdest.dll
2008-12-19 01:12:27 ----RA---- C:\WINDOWS\system32\kbdycl.dll
2008-12-19 01:12:27 ----RA---- C:\WINDOWS\system32\kbdsl1.dll
2008-12-19 01:12:27 ----RA---- C:\WINDOWS\system32\kbdsl.dll
2008-12-19 01:12:27 ----RA---- C:\WINDOWS\system32\kbdro.dll
2008-12-19 01:12:27 ----RA---- C:\WINDOWS\system32\kbdpl1.dll
2008-12-19 01:12:27 ----RA---- C:\WINDOWS\system32\kbdpl.dll
2008-12-19 01:12:27 ----RA---- C:\WINDOWS\system32\kbdhu1.dll
2008-12-19 01:12:27 ----RA---- C:\WINDOWS\system32\kbdhu.dll
2008-12-19 01:12:27 ----RA---- C:\WINDOWS\system32\kbdcz2.dll
2008-12-19 01:12:27 ----RA---- C:\WINDOWS\system32\kbdcz1.dll
2008-12-19 01:12:27 ----RA---- C:\WINDOWS\system32\kbdcz.dll
2008-12-19 01:12:27 ----RA---- C:\WINDOWS\system32\kbdcr.dll
2008-12-19 01:12:27 ----RA---- C:\WINDOWS\system32\KBDAL.DLL
2008-12-19 01:12:25 ----A---- C:\WINDOWS\system32\spxcoins.dll
2008-12-19 01:12:25 ----A---- C:\WINDOWS\system32\irclass.dll
2008-12-19 01:12:25 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2008-12-19 01:12:25 ----A---- C:\WINDOWS\system32\dgsetup.dll
2008-12-19 01:12:25 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2008-12-19 01:12:24 ----A---- C:\WINDOWS\TASKMAN.EXE
2008-12-19 01:12:23 ----N---- C:\WINDOWS\system32\CONFIG.TMP
2008-12-19 01:12:23 ----A---- C:\WINDOWS\system32\batt.dll
2008-12-19 01:12:23 ----A---- C:\WINDOWS\NOTEPAD.EXE
2008-12-19 01:12:22 ----A---- C:\WINDOWS\system32\storprop.dll
2008-12-19 01:12:16 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini
2008-12-19 01:12:14 ----RA---- C:\WINDOWS\SET8.tmp
2008-12-19 01:12:12 ----RA---- C:\WINDOWS\SET4.tmp
2008-12-19 01:12:11 ----RA---- C:\WINDOWS\SET3.tmp
2008-12-19 01:12:07 ----D---- C:\WINDOWS\system32\CatRoot2
2008-12-19 01:12:07 ----D---- C:\WINDOWS\system32\CatRoot
2008-12-19 01:12:02 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2008-12-19 01:11:44 ----A---- C:\WINDOWS\setuplog.txt
2008-12-19 01:11:42 ----SHD---- C:\System Volume Information
2008-12-19 01:11:42 ----D---- C:\Documents and Settings
2008-12-19 01:10:54 ----SH---- C:\boot.ini
2008-12-19 01:07:13 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-12-19 01:07:13 ----RSD---- C:\WINDOWS\Fonts
2008-12-19 01:07:13 ----RD---- C:\WINDOWS\Web
2008-12-19 01:07:13 ----HD---- C:\WINDOWS\inf
2008-12-19 01:07:13 ----D---- C:\WINDOWS\WinSxS
2008-12-19 01:07:13 ----D---- C:\WINDOWS\twain_32
2008-12-19 01:07:13 ----D---- C:\WINDOWS\Temp
2008-12-19 01:07:13 ----D---- C:\WINDOWS\system32\wins
2008-12-19 01:07:13 ----D---- C:\WINDOWS\system32\wbem
2008-12-19 01:07:13 ----D---- C:\WINDOWS\system32\usmt
2008-12-19 01:07:13 ----D---- C:\WINDOWS\system32\spool
2008-12-19 01:07:13 ----D---- C:\WINDOWS\system32\ShellExt
2008-12-19 01:07:13 ----D---- C:\WINDOWS\system32\Setup
2008-12-19 01:07:13 ----D---- C:\WINDOWS\system32\scripting
2008-12-19 01:07:13 ----D---- C:\WINDOWS\system32\ras
2008-12-19 01:07:13 ----D---- C:\WINDOWS\system32\oobe
2008-12-19 01:07:13 ----D---- C:\WINDOWS\system32\npp
2008-12-19 01:07:13 ----D---- C:\WINDOWS\system32\mui
2008-12-19 01:07:13 ----D---- C:\WINDOWS\system32\inetsrv
2008-12-19 01:07:13 ----D---- C:\WINDOWS\system32\IME
2008-12-19 01:07:13 ----D---- C:\WINDOWS\system32\icsxml
2008-12-19 01:07:13 ----D---- C:\WINDOWS\system32\ias
2008-12-19 01:07:13 ----D---- C:\WINDOWS\system32\export
2008-12-19 01:07:13 ----D---- C:\WINDOWS\system32\en
2008-12-19 01:07:13 ----D---- C:\WINDOWS\system32\drivers
2008-12-19 01:07:13 ----D---- C:\WINDOWS\system32\dhcp
2008-12-19 01:07:13 ----D---- C:\WINDOWS\system32\config
2008-12-19 01:07:13 ----D---- C:\WINDOWS\system32\3com_dmi
2008-12-19 01:07:13 ----D---- C:\WINDOWS\system32\3076
2008-12-19 01:07:13 ----D---- C:\WINDOWS\system32\2052
2008-12-19 01:07:13 ----D---- C:\WINDOWS\system32\1054
2008-12-19 01:07:13 ----D---- C:\WINDOWS\system32\1042
2008-12-19 01:07:13 ----D---- C:\WINDOWS\system32\1041
2008-12-19 01:07:13 ----D---- C:\WINDOWS\system32\1037
2008-12-19 01:07:13 ----D---- C:\WINDOWS\system32\1033
2008-12-19 01:07:13 ----D---- C:\WINDOWS\system32\1031
2008-12-19 01:07:13 ----D---- C:\WINDOWS\system32\1028
2008-12-19 01:07:13 ----D---- C:\WINDOWS\system32\1025
2008-12-19 01:07:13 ----D---- C:\WINDOWS\system32
2008-12-19 01:07:13 ----D---- C:\WINDOWS\system
2008-12-19 01:07:13 ----D---- C:\WINDOWS\security
2008-12-19 01:07:13 ----D---- C:\WINDOWS\Resources
2008-12-19 01:07:13 ----D---- C:\WINDOWS\repair
2008-12-19 01:07:13 ----D---- C:\WINDOWS\Provisioning
2008-12-19 01:07:13 ----D---- C:\WINDOWS\PeerNet
2008-12-19 01:07:13 ----D---- C:\WINDOWS\pchealth
2008-12-19 01:07:13 ----D---- C:\WINDOWS\Network Diagnostic
2008-12-19 01:07:13 ----D---- C:\WINDOWS\mui
2008-12-19 01:07:13 ----D---- C:\WINDOWS\msapps
2008-12-19 01:07:13 ----D---- C:\WINDOWS\msagent
2008-12-19 01:07:13 ----D---- C:\WINDOWS\Media
2008-12-19 01:07:13 ----D---- C:\WINDOWS\L2Schemas
2008-12-19 01:07:13 ----D---- C:\WINDOWS\java
2008-12-19 01:07:13 ----D---- C:\WINDOWS\ime
2008-12-19 01:07:13 ----D---- C:\WINDOWS\Help
2008-12-19 01:07:13 ----D---- C:\WINDOWS\Driver Cache
2008-12-19 01:07:13 ----D---- C:\WINDOWS\Debug
2008-12-19 01:07:13 ----D---- C:\WINDOWS\Cursors
2008-12-19 01:07:13 ----D---- C:\WINDOWS\Connection Wizard
2008-12-19 01:07:13 ----D---- C:\WINDOWS\Config
2008-12-19 01:07:13 ----D---- C:\WINDOWS\AppPatch
2008-12-19 01:07:13 ----D---- C:\WINDOWS\addins
2008-12-19 01:07:13 ----D---- C:\WINDOWS
2008-12-18 14:38:23 ----D---- C:\WINDOWS\WBEM
2008-12-18 14:37:32 ----HDC---- C:\WINDOWS\ie7
2008-12-18 14:37:25 ----HDC---- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
2008-12-18 14:37:18 ----N---- C:\WINDOWS\system32\spmsg.dll
2008-12-18 14:37:16 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2008-12-18 14:37:14 ----HDC---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
2008-12-18 14:37:09 ----HD---- C:\WINDOWS\$hf_mig$
2008-12-18 14:36:48 ----A---- C:\WINDOWS\system32\oeminfo.ini
2008-12-18 14:36:06 ----D---- C:\Program Files\Common Files\LightScribe
2008-12-18 14:35:34 ----D---- C:\Documents and Settings\user\Application Data\Ahead
2008-12-18 14:35:26 ----D---- C:\Documents and Settings\All Users\Application Data\Ahead
2008-12-18 14:33:28 ----D---- C:\Program Files\Nero
2008-12-18 14:33:28 ----D---- C:\Program Files\Common Files\Ahead
2008-12-18 14:33:28 ----D---- C:\Documents and Settings\All Users\Application Data\Nero
2008-12-18 14:33:07 ----D---- C:\WINDOWS\RegisteredPackages
2008-12-18 14:31:57 ----D---- C:\Program Files\My Company Name
2008-12-18 14:30:34 ----D---- C:\WINDOWS\nview
2008-12-18 14:30:34 ----A---- C:\WINDOWS\system32\nvudisp.exe
2008-12-18 14:30:32 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
2008-12-18 14:30:31 ----A---- C:\WINDOWS\system32\xinput1_2.dll
2008-12-18 14:30:31 ----A---- C:\WINDOWS\system32\xactengine2_2.dll
2008-12-18 14:30:30 ----A---- C:\WINDOWS\system32\xinput1_1.dll
2008-12-18 14:30:29 ----A---- C:\WINDOWS\system32\xactengine2_1.dll
2008-12-18 14:30:29 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2008-12-18 14:30:28 ----A---- C:\WINDOWS\system32\xactengine2_0.dll
2008-12-18 14:30:28 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll
2008-12-18 14:30:28 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
2008-12-18 14:30:28 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
2008-12-18 14:30:27 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
2008-12-18 14:30:26 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
2008-12-18 14:30:25 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
2008-12-18 14:30:25 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
2008-12-18 14:30:25 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
2008-12-18 14:29:45 ----A---- C:\WINDOWS\system32\NVUNINST.EXE
2008-12-18 14:28:11 ----D---- C:\WINDOWS\system32\Atheros_L1e
2008-12-18 14:27:09 ----D---- C:\WINDOWS\ASUSInstAll
2008-12-18 14:27:07 ----HD---- C:\Program Files\InstallShield Installation Information
2008-12-18 14:26:37 ----A---- C:\WINDOWS\system32\ksuser.dll
2008-12-18 14:26:30 ----N---- C:\WINDOWS\system32\difxapi.dll
2008-12-18 14:26:30 ----D---- C:\Program Files\VIA
2008-12-18 14:26:25 ----D---- C:\Program Files\Common Files\InstallShield
2008-12-18 14:24:36 ----D---- C:\WINDOWS\system32\ReinstallBackups
2008-12-18 14:24:35 ----DC---- C:\WINDOWS\system32\DRVSTORE
2008-12-18 14:24:34 ----D---- C:\Program Files\Intel
2008-12-18 14:24:25 ----D---- C:\Intel
2008-12-18 14:24:13 ----A---- C:\WINDOWS\Ascd_log.ini
2008-12-18 14:24:08 ----A---- C:\WINDOWS\Ascd_tmp.ini
2008-12-18 14:23:47 ----D---- C:\Documents and Settings\user\Application Data\Identities
2008-12-18 14:23:46 ----HD---- C:\Program Files\Uninstall Information
2008-12-18 14:23:43 ----ASH---- C:\Documents and Settings\user\Application Data\desktop.ini
2008-12-18 14:23:42 ----SD---- C:\Documents and Settings\user\Application Data\Microsoft
2008-12-18 14:23:11 ----D---- C:\WINDOWS\SoftwareDistribution
2008-12-18 14:23:10 ----D---- C:\WINDOWS\Prefetch
2008-12-18 14:23:09 ----SD---- C:\WINDOWS\system32\Microsoft
2008-12-18 14:23:09 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-12-18 14:20:43 ----D---- C:\WINDOWS\system32\xircom
2008-12-18 14:20:43 ----D---- C:\Program Files\xerox
2008-12-18 14:20:43 ----D---- C:\Program Files\microsoft frontpage
2008-12-18 14:20:36 ----A---- C:\WINDOWS\control.ini
2008-12-18 14:20:36 ----A---- C:\AUTOEXEC.BAT
2008-12-18 14:20:29 ----A---- C:\WINDOWS\OEWABLog.txt
2008-12-18 14:20:26 ----A---- C:\WINDOWS\system32\mapi32.dll
2008-12-18 14:19:53 ----SD---- C:\WINDOWS\Downloaded Program Files
2008-12-18 14:19:53 ----RD---- C:\WINDOWS\Offline Web Pages
2008-12-18 14:19:53 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2008-12-18 14:19:49 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2008-12-18 14:19:46 ----HD---- C:\Program Files\WindowsUpdate
2008-12-18 14:19:33 ----D---- C:\WINDOWS\system32\DirectX
2008-12-18 14:19:29 ----A---- C:\WINDOWS\system32\atrace.dll
2008-12-18 14:19:27 ----A---- C:\WINDOWS\system32\desktop.ini
2008-12-18 14:19:27 ----A---- C:\WINDOWS\desktop.ini
2008-12-18 14:19:22 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2008-12-18 14:19:21 ----A---- C:\WINDOWS\system32\acctres.dll
2008-12-18 14:19:20 ----D---- C:\Program Files\Common Files\Services
2008-12-18 14:19:18 ----SD---- C:\WINDOWS\Tasks
2008-12-18 14:19:18 ----D---- C:\Program Files\Common Files\MSSoap
2008-12-18 14:19:18 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2008-12-18 14:19:15 ----D---- C:\WINDOWS\system32\Macromed
2008-12-18 14:19:15 ----D---- C:\WINDOWS\srchasst
2008-12-18 14:19:13 ----A---- C:\WINDOWS\system32\wuweb.dll
2008-12-18 14:19:12 ----A---- C:\WINDOWS\system32\wups.dll
2008-12-18 14:19:12 ----A---- C:\WINDOWS\system32\wucltui.dll
2008-12-18 14:19:12 ----A---- C:\WINDOWS\system32\wuauserv.dll
2008-12-18 14:19:12 ----A---- C:\WINDOWS\system32\wuaueng1.dll
2008-12-18 14:19:12 ----A---- C:\WINDOWS\system32\wuaueng.dll
2008-12-18 14:19:12 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2008-12-18 14:19:12 ----A---- C:\WINDOWS\system32\wuauclt.exe
2008-12-18 14:19:12 ----A---- C:\WINDOWS\system32\wuapi.dll
2008-12-18 14:19:12 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2008-12-18 14:19:12 ----A---- C:\WINDOWS\system32\qmgr.dll
2008-12-18 14:19:12 ----A---- C:\WINDOWS\system32\bitsprx4.dll
2008-12-18 14:19:12 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2008-12-18 14:19:12 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2008-12-18 14:19:09 ----D---- C:\Program Files\Movie Maker
2008-12-18 14:18:56 ----A---- C:\WINDOWS\system32\safrslv.dll
2008-12-18 14:18:56 ----A---- C:\WINDOWS\system32\safrdm.dll
2008-12-18 14:18:56 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2008-12-18 14:18:56 ----A---- C:\WINDOWS\system32\racpldlg.dll
2008-12-18 14:18:54 ----D---- C:\WINDOWS\system32\Restore
2008-12-18 14:18:54 ----A---- C:\WINDOWS\system32\srsvc.dll
2008-12-18 14:18:54 ----A---- C:\WINDOWS\system32\srrstr.dll
2008-12-18 14:18:54 ----A---- C:\WINDOWS\system32\srclient.dll
2008-12-18 14:18:54 ----A---- C:\WINDOWS\system32\fltMc.exe
2008-12-18 14:18:54 ----A---- C:\WINDOWS\system32\fltlib.dll
2008-12-18 14:18:53 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2008-12-18 14:18:53 ----A---- C:\WINDOWS\system32\msconf.dll
2008-12-18 14:18:53 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2008-12-18 14:18:53 ----A---- C:\WINDOWS\system32\mnmdd.dll
2008-12-18 14:18:53 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2008-12-18 14:18:53 ----A---- C:\WINDOWS\system32\ils.dll
2008-12-18 14:18:51 ----D---- C:\Program Files\NetMeeting
2008-12-18 14:18:51 ----A---- C:\WINDOWS\system32\msoert2.dll
2008-12-18 14:18:51 ----A---- C:\WINDOWS\system32\msoeacct.dll
2008-12-18 14:18:50 ----A---- C:\WINDOWS\system32\inetres.dll
2008-12-18 14:18:50 ----A---- C:\WINDOWS\system32\inetcomm.dll
2008-12-18 14:18:49 ----D---- C:\Program Files\Outlook Express
2008-12-18 14:18:49 ----A---- C:\WINDOWS\system32\schedsvc.dll
2008-12-18 14:18:49 ----A---- C:\WINDOWS\system32\mstinit.exe
2008-12-18 14:18:49 ----A---- C:\WINDOWS\system32\mstask.dll
2008-12-18 14:18:48 ----A---- C:\WINDOWS\system32\isign32.dll
2008-12-18 14:18:48 ----A---- C:\WINDOWS\system32\inetcfg.dll
2008-12-18 14:18:48 ----A---- C:\WINDOWS\system32\icwphbk.dll
2008-12-18 14:18:48 ----A---- C:\WINDOWS\system32\icwdial.dll
2008-12-18 14:18:44 ----D---- C:\Program Files\Common Files\System
2008-12-18 14:18:41 ----D---- C:\Program Files\Internet Explorer
2008-12-18 14:18:30 ----D---- C:\Program Files\ComPlus Applications
2008-12-18 14:18:29 ----A---- C:\WINDOWS\vbaddin.ini
2008-12-18 14:18:29 ----A---- C:\WINDOWS\vb.ini
2008-12-18 14:18:25 ----D---- C:\WINDOWS\Registration
2008-12-18 14:18:04 ----D---- C:\Program Files\Windows Media Player
2008-12-18 14:18:04 ----D---- C:\Program Files\Online Services
2008-12-18 14:18:00 ----D---- C:\Program Files\Messenger
2008-12-18 14:17:57 ----D---- C:\Program Files\MSN Gaming Zone
2008-12-18 14:17:57 ----A---- C:\WINDOWS\system32\write.exe
2008-12-18 14:17:51 ----A---- C:\WINDOWS\system32\sndvol32.exe
2008-12-18 14:17:51 ----A---- C:\WINDOWS\system32\hticons.dll
2008-12-18 14:17:50 ----A---- C:\WINDOWS\system32\winchat.exe
2008-12-18 14:17:50 ----A---- C:\WINDOWS\system32\avwav.dll
2008-12-18 14:17:50 ----A---- C:\WINDOWS\system32\avtapi.dll
2008-12-18 14:17:50 ----A---- C:\WINDOWS\system32\avmeter.dll
2008-12-18 14:17:46 ----A---- C:\WINDOWS\system32\getuname.dll
2008-12-18 14:17:45 ----A---- C:\WINDOWS\system32\winmine.exe
2008-12-18 14:17:45 ----A---- C:\WINDOWS\system32\sol.exe
2008-12-18 14:17:45 ----A---- C:\WINDOWS\system32\mshearts.exe
2008-12-18 14:17:45 ----A---- C:\WINDOWS\system32\freecell.exe
2008-12-18 14:17:45 ----A---- C:\WINDOWS\system32\charmap.exe
2008-12-18 14:17:45 ----A---- C:\WINDOWS\system32\calc.exe
2008-12-18 14:17:44 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2008-12-18 14:17:44 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2008-12-18 14:17:44 ----A---- C:\WINDOWS\system32\tslabels.ini
2008-12-18 14:17:44 ----A---- C:\WINDOWS\system32\tskill.exe
2008-12-18 14:17:44 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2008-12-18 14:17:44 ----A---- C:\WINDOWS\system32\tscon.exe
2008-12-18 14:17:44 ----A---- C:\WINDOWS\system32\shadow.exe
2008-12-18 14:17:44 ----A---- C:\WINDOWS\system32\rwinsta.exe
2008-12-18 14:17:44 ----A---- C:\WINDOWS\system32\reset.exe
2008-12-18 14:17:44 ----A---- C:\WINDOWS\system32\regini.exe
2008-12-18 14:17:44 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2008-12-18 14:17:44 ----A---- C:\WINDOWS\system32\qwinsta.exe
2008-12-18 14:17:44 ----A---- C:\WINDOWS\system32\qappsrv.exe
2008-12-18 14:17:44 ----A---- C:\WINDOWS\system32\msg.exe
2008-12-18 14:17:44 ----A---- C:\WINDOWS\system32\logoff.exe
2008-12-18 14:17:44 ----A---- C:\WINDOWS\system32\cdmodem.dll
2008-12-18 14:17:43 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2008-12-18 14:17:40 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2008-12-18 14:17:34 ----D---- C:\Program Files\MSN
2008-12-18 14:17:33 ----A---- C:\WINDOWS\system32\sndrec32.exe
2008-12-18 14:17:33 ----A---- C:\WINDOWS\system32\mplay32.exe
2008-12-18 14:17:33 ----A---- C:\WINDOWS\system32\hypertrm.dll
2008-12-18 14:17:33 ----A---- C:\WINDOWS\system32\accwiz.exe
2008-12-18 14:17:32 ----D---- C:\Program Files\Windows NT
2008-12-18 14:17:32 ----A---- C:\WINDOWS\system32\spider.exe
2008-12-18 14:17:32 ----A---- C:\WINDOWS\system32\mspaint.exe
2008-12-18 14:17:32 ----A---- C:\WINDOWS\system32\clipbrd.exe
2008-12-18 14:17:31 ----D---- C:\WINDOWS\system32\en-US
2008-12-18 14:17:31 ----A---- C:\WINDOWS\system32\tsgqec.dll
2008-12-18 14:17:31 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2008-12-18 14:17:31 ----A---- C:\WINDOWS\system32\rhttpaa.dll
2008-12-18 14:17:31 ----A---- C:\WINDOWS\system32\aaclient.dll
2008-12-18 14:17:30 ----A---- C:\WINDOWS\system32\termsrv.dll
2008-12-18 14:17:30 ----A---- C:\WINDOWS\system32\sessmgr.exe
2008-12-18 14:17:30 ----A---- C:\WINDOWS\system32\remotepg.dll
2008-12-18 14:17:30 ----A---- C:\WINDOWS\system32\rdshost.exe
2008-12-18 14:17:30 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2008-12-18 14:17:30 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2008-12-18 14:17:30 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2008-12-18 14:17:30 ----A---- C:\WINDOWS\system32\rdpclip.exe
2008-12-18 14:17:30 ----A---- C:\WINDOWS\system32\rdchost.dll
2008-12-18 14:17:30 ----A---- C:\WINDOWS\system32\qprocess.exe
2008-12-18 14:17:30 ----A---- C:\WINDOWS\system32\mstscax.dll
2008-12-18 14:17:30 ----A---- C:\WINDOWS\system32\mstsc.exe
2008-12-18 14:17:29 ----D---- C:\WINDOWS\system32\MsDtc
2008-12-18 14:17:29 ----A---- C:\WINDOWS\system32\xolehlp.dll
2008-12-18 14:17:29 ----A---- C:\WINDOWS\system32\mtxoci.dll
2008-12-18 14:17:29 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2008-12-18 14:17:29 ----A---- C:\WINDOWS\system32\msdtctm.dll
2008-12-18 14:17:29 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2008-12-18 14:17:29 ----A---- C:\WINDOWS\system32\msdtclog.dll
2008-12-18 14:17:29 ----A---- C:\WINDOWS\system32\msdtc.exe
2008-12-18 14:17:29 ----A---- C:\WINDOWS\system32\icaapi.dll
2008-12-18 14:17:29 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2008-12-18 14:17:28 ----D---- C:\WINDOWS\system32\Com
2008-12-18 14:17:28 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2008-12-18 14:17:28 ----A---- C:\WINDOWS\system32\mtxex.dll
2008-12-18 14:17:28 ----A---- C:\WINDOWS\system32\mtxdm.dll
2008-12-18 14:17:28 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2008-12-18 14:17:28 ----A---- C:\WINDOWS\system32\comrepl.dll
2008-12-18 14:17:28 ----A---- C:\WINDOWS\system32\comaddin.dll
2008-12-18 14:17:28 ----A---- C:\WINDOWS\system32\colbact.dll
2008-12-18 14:17:27 ----A---- C:\WINDOWS\system32\stclient.dll
2008-12-18 14:17:27 ----A---- C:\WINDOWS\system32\comuid.dll
2008-12-18 14:17:27 ----A---- C:\WINDOWS\system32\comsvcs.dll
2008-12-18 14:17:27 ----A---- C:\WINDOWS\system32\comsnap.dll
2008-12-18 14:17:27 ----A---- C:\WINDOWS\system32\clbcatex.dll
2008-12-18 14:17:27 ----A---- C:\WINDOWS\system32\catsrvut.dll
2008-12-18 14:17:27 ----A---- C:\WINDOWS\system32\catsrvps.dll
2008-12-18 14:17:27 ----A---- C:\WINDOWS\system32\catsrv.dll
2008-12-18 14:17:26 ----A---- C:\WINDOWS\system32\clbcatq.dll
2008-12-18 14:17:23 ----A---- C:\WINDOWS\system32\servdeps.dll
2008-12-18 14:17:23 ----A---- C:\WINDOWS\system32\mmfutil.dll
2008-12-18 14:17:22 ----A---- C:\WINDOWS\system32\licwmi.dll
2008-12-18 14:17:22 ----A---- C:\WINDOWS\system32\cmprops.dll

======List of files/folders modified in the last 1 months======

2008-12-19 16:02:27 ----A---- C:\WINDOWS\win.ini
2008-12-19 01:12:33 ----A---- C:\WINDOWS\system.ini
2008-12-13 17:40:02 ----A---- C:\WINDOWS\system32\mshtml.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 InCDPass;InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys [2007-06-25 36776]
R1 incdrm;InCD Reader; C:\WINDOWS\system32\drivers\InCDRm.sys [2007-06-25 38440]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 36352]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 KLIF;KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [2008-09-18 148496]
R1 vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.sys [2008-10-09 353680]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 L1e;Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\WINDOWS\system32\DRIVERS\l1e51x86.sys [2008-03-11 36864]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys []
R3 monfilt;monfilt; C:\WINDOWS\system32\drivers\monfilt.sys [2008-02-14 1389056]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-06-26 6555168]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2008-12-19 47360]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\WINDOWS\system32\drivers\viahduaa.sys [2008-02-14 222976]
R4 InCDfs;InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys [2007-06-25 119080]
S3 MagicTune;MagicTune; C:\WINDOWS\system32\drivers\MTiCtwl.sys []
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2008-11-07 32000]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-11-07 132424]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 InCDsrv;InCD Helper; C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe [2007-06-25 1552680]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-12-19 152984]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-08-23 79136]
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2008-12-03 170640]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-06-26 159812]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912]
R2 vsmon;TrueVector Internet Monitor; C:\WINDOWS\system32\ZoneLabs\vsmon.exe [2008-10-09 2405776]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2008-11-20 536872]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-06-29 800040]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

-----------------EOF-----------------

#11 catamongthebats

catamongthebats
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:08:23 AM

Posted 22 December 2008 - 08:15 PM

OTView IT log;
OTViewIt logfile created on: 12/23/2008 11:59:47 AM - Run 2
OTViewIt by OldTimer - Version 1.0.20.1 Folder = C:\Documents and Settings\user\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 100.00% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 931.50 Gb Total Space | 908.25 Gb Free Space | 97.50% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 298.09 Gb Total Space | 226.94 Gb Free Space | 76.13% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: USER-530216A4FB
Current User Name: user
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Whitelist: On
File Age = 30 Days

========== Processes ==========

[2008/10/09 14:25:32 | 02,405,776 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\system32\ZoneLabs\vsmon.exe
[2008/06/03 22:59:02 | 00,139,264 | ---- | M] () -- C:\WINDOWS\system32\ZoneLabs\avsys\ScanningProcess.exe
[2008/06/03 22:59:02 | 00,139,264 | ---- | M] () -- C:\WINDOWS\system32\ZoneLabs\avsys\ScanningProcess.exe
[2008/11/07 14:28:16 | 00,132,424 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
[2008/08/29 10:18:44 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
[2007/06/25 08:47:12 | 01,552,680 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
[2008/12/19 17:01:27 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
[2007/08/23 17:40:48 | 00,079,136 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe
[2008/12/03 19:52:34 | 00,170,640 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
[2008/06/26 06:57:00 | 00,159,812 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
[2004/08/11 01:45:04 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdfmgr.exe
[2008/04/10 14:36:58 | 29,757,440 | R--- | M] (VIA Technologies, Inc.) -- C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe
[2008/04/14 23:00:00 | 00,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rundll32.exe
[2007/06/25 08:47:24 | 01,629,480 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
[2007/06/25 08:47:02 | 01,057,064 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero 7\InCD\InCD.exe
[2008/10/09 14:25:34 | 00,981,904 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
[2008/11/20 13:20:54 | 00,290,088 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe
[2008/12/19 17:01:27 | 00,136,600 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
[2008/12/03 19:52:34 | 00,399,504 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
[2007/08/23 17:36:30 | 00,455,968 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
[2007/06/27 19:03:40 | 00,152,872 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
[2007/06/27 19:04:00 | 00,279,848 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
[2007/06/27 19:04:00 | 01,213,736 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
[2008/05/30 07:37:30 | 00,808,208 | ---- | M] (SonicWALL, Inc.) -- C:\Program Files\Zone Labs\ZoneAlarm\MailFrontier\mantispm.exe
[2008/11/20 13:20:44 | 00,536,872 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
[2008/10/16 14:09:44 | 00,051,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuauclt.exe
[2008/04/14 23:00:00 | 00,218,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvse.exe
[2008/12/22 12:48:28 | 00,423,424 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\user\Desktop\OTViewIt.exe

========== (O23) Win32 Services ==========

[2008/11/07 14:28:16 | 00,132,424 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device [Auto | Running])
[2008/08/29 10:18:44 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Running])
[2005/04/04 00:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])
[2007/06/25 08:47:12 | 01,552,680 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe -- (InCDsrv [Auto | Running])
[2008/11/20 13:20:44 | 00,536,872 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service [On_Demand | Running])
[2008/12/19 17:01:27 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running])
[2007/08/23 17:40:48 | 00,079,136 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService [Auto | Running])
[2008/12/03 19:52:34 | 00,170,640 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService [Auto | Running])
[2007/06/29 19:16:56 | 00,800,040 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe -- (NBService [On_Demand | Stopped])
[2007/06/27 19:04:00 | 00,279,848 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService [On_Demand | Running])
[2008/06/26 06:57:00 | 00,159,812 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc [Auto | Running])
[2006/10/26 19:49:34 | 00,441,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped])
[2006/10/26 14:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
[2004/08/11 01:45:04 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdfmgr.exe -- (UMWdf [Auto | Running])
[2008/10/09 14:25:32 | 02,405,776 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\system32\ZoneLabs\vsmon.exe -- (vsmon [Auto | Running])

========== Driver Services ==========

[2008/04/17 13:12:54 | 00,015,464 | ---- | M] (GEAR Software Inc.) -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM [On_Demand | Running])
[2008/04/14 23:00:00 | 00,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus [On_Demand | Running])
[2007/06/25 08:47:02 | 00,119,080 | ---- | M] (Nero AG) -- C:\WINDOWS\system32\drivers\InCDfs.sys -- (InCDfs [Disabled | Running])
[2007/06/25 08:47:12 | 00,036,776 | ---- | M] (Nero AG) -- C:\WINDOWS\system32\drivers\InCDPass.sys -- (InCDPass [System | Running])
[2007/06/25 08:47:12 | 00,038,440 | ---- | M] (Nero AG) -- C:\WINDOWS\system32\drivers\InCDRm.sys -- (incdrm [System | Running])
[2008/04/14 00:09:50 | 00,014,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\kbdhid.sys -- (kbdhid [System | Running])
[2008/09/18 18:15:14 | 00,148,496 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\system32\drivers\klif.sys -- (KLIF [System | Running])
[2008/03/11 22:37:00 | 00,036,864 | R--- | M] (Atheros Communications, Inc.) -- C:\WINDOWS\system32\drivers\l1e51x86.sys -- (L1e [On_Demand | Running])
[2008/12/03 19:52:34 | 00,015,504 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector [On_Demand | Running])
[2008/02/14 17:12:02 | 01,389,056 | R--- | M] (Creative Technology Ltd.) -- C:\WINDOWS\system32\drivers\monfilt.sys -- (monfilt [On_Demand | Running])
[2004/08/13 21:56:20 | 00,005,810 | R--- | M] () -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor [On_Demand | Running])
[2008/06/26 06:57:00 | 06,555,168 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv [On_Demand | Running])
[2008/12/19 15:12:54 | 00,047,360 | ---- | M] (VSO Software) -- C:\WINDOWS\system32\drivers\pcouffin.sys -- (pcouffin [On_Demand | Running])
[2008/04/14 23:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink [On_Demand | Running])
[2008/04/14 23:00:00 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv [On_Demand | Stopped])
[2008/04/21 07:19:58 | 00,051,648 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\system32\ZoneLabs\srescan.sys -- (srescan [Boot | Running])
[2008/11/07 14:23:30 | 00,032,000 | ---- | M] (Apple, Inc.) -- C:\WINDOWS\system32\drivers\usbaapl.sys -- (USBAAPL [On_Demand | Stopped])
[2008/02/14 14:36:34 | 00,222,976 | R--- | M] (VIA Technologies, Inc.) -- C:\WINDOWS\system32\drivers\viahduaa.sys -- (VIAHdAudAddService [On_Demand | Running])
[2008/10/09 14:25:36 | 00,353,680 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\system32\vsdatant.sys -- (vsdatant [System | Running])

========== (R ) Internet Explorer ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main]
"Default_Page_URL"=http://go.microsoft.com/fwlink/?LinkId=69157
"Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896
"Default_Secondary_Page_URL"=
"Extensions Off Page"=about:NoAdd-ons
"Local Page"=%SystemRoot%\system32\blank.htm
"Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896
"Security Risk Page"=about:SecurityRisk
"Start Page"=http://go.microsoft.com/fwlink/?LinkId=69157

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search]
"CustomizeSearch"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
"SearchAssistant"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main]
"Local Page"=C:\WINDOWS\system32\blank.htm
"Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
"Start Page"=http://www.google.com.au/

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0
"ProxyOverride" = *.local

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main]

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main]

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main]

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0

[HKEY_USERS\S-1-5-21-842925246-162531612-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main]
"Local Page"=C:\WINDOWS\system32\blank.htm
"Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
"Start Page"=http://www.google.com.au/

[HKEY_USERS\S-1-5-21-842925246-162531612-682003330-1004\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-842925246-162531612-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0
"ProxyOverride" = *.local

========== (O1) Hosts File ==========

HOSTS File = (734 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
First 25 entries...
127.0.0.1 localhost

========== (O2) BHO's ==========

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (HKLM) -- C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
{DBC80044-A445-435b-BC74-9C25C1C588A9} (HKLM) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
{E7E6F031-17CE-4C07-BC86-EABFE594F69C} (HKLM) -- C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)

========== (O4) Run Keys ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe" 1 (VIA Technologies, Inc.)
"InCD"="C:\Program Files\Nero\Nero 7\InCD\InCD.exe" (Nero AG)
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" (Apple Inc.)
"Malwarebytes' Anti-Malware"="C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray (Malwarebytes Corporation)
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" (Nero AG)
"NvCplDaemon"="C:\WINDOWS\system32\RUNDLL32.EXE" C:\WINDOWS\system32\NvCpl.dll,NvStartup (NVIDIA Corporation)
"NvMediaCenter"="C:\WINDOWS\system32\RUNDLL32.EXE" C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit (NVIDIA Corporation)
"nwiz"="C:\WINDOWS\system32\nwiz.exe" /install ()
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" -atboottime (Apple Inc.)
"SecurDisc"="C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe" (Nero AG)
"SunJavaUpdateSched"="C:\Program Files\Java\jre6\bin\jusched.exe" (Sun Microsystems, Inc.)
"ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" (Check Point Software Technologies LTD)

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" (Nero AG)
"LightScribe Control Panel"="C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe" -hidden (Hewlett-Packard Company)

[HKEY_USERS\S-1-5-21-842925246-162531612-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" (Nero AG)
"LightScribe Control Panel"="C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe" -hidden (Hewlett-Packard Company)

========== (O4) Startup Folders ==========


========== (O6 & O7) Current Version Policies ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=36
"NoDriveAutoRun"=FF FF FF FF [binary data]

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145

[HKEY_USERS\S-1-5-21-842925246-162531612-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=36
"NoDriveAutoRun"=FF FF FF FF [binary data]

========== (O8) IE Context Menu Extensions ==========

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\]
E&xport to Microsoft Excel: C:\Program Files\Microsoft Office\Office12\EXCEL.EXE [2006/10/27 15:07:36 | 17,891,112 | ---- | M] (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-842925246-162531612-682003330-1004\Software\Microsoft\Internet Explorer\MenuExt\]
E&xport to Microsoft Excel: C:\Program Files\Microsoft Office\Office12\EXCEL.EXE [2006/10/27 15:07:36 | 17,891,112 | ---- | M] (Microsoft Corporation)

========== (O9) IE Extensions ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
{92780B25-18CC-41C8-B9BE-3C9C571A8263}: Button: Research -- %ProgramFiles%\Microsoft Office\Office12\REFIEBAR.DLL [2006/10/26 20:12:22 | 00,040,424 | ---- | M] (Microsoft Corporation)
{e2e2dd38-d088-4134-82b7-f2ba38496583}: Menu: @xpsp3res.dll,-20001 -- %SystemRoot%\Network Diagnostic\xpnetdiag.exe [2008/04/14 23:00:00 | 00,558,080 | ---- | M] (Microsoft Corporation)
{FB5F1910-F110-11d2-BB9E-00C04F795683}: Button: Messenger -- %ProgramFiles%\Messenger\msmsgs.exe [2008/04/14 05:42:30 | 01,695,232 | -HS- | M] (Microsoft Corporation)
{FB5F1910-F110-11d2-BB9E-00C04F795683}: Menu: Windows Messenger -- %ProgramFiles%\Messenger\msmsgs.exe [2008/04/14 05:42:30 | 01,695,232 | -HS- | M] (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
CmdMapping\\{e2e2dd38-d088-4134-82b7-f2ba38496583} [HKLM] -> %SystemRoot%\Network Diagnostic\xpnetdiag.exe [@xpsp3res.dll,-20001] -> [2008/04/14 23:00:00 | 00,558,080 | ---- | M] (Microsoft Corporation)
CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2008/04/14 05:42:30 | 01,695,232 | -HS- | M] (Microsoft Corporation)

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
CmdMapping\\{e2e2dd38-d088-4134-82b7-f2ba38496583} [HKLM] -> %SystemRoot%\Network Diagnostic\xpnetdiag.exe [@xpsp3res.dll,-20001] -> [2008/04/14 23:00:00 | 00,558,080 | ---- | M] (Microsoft Corporation)
CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2008/04/14 05:42:30 | 01,695,232 | -HS- | M] (Microsoft Corporation)

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
CmdMapping\\{e2e2dd38-d088-4134-82b7-f2ba38496583} [HKLM] -> %SystemRoot%\Network Diagnostic\xpnetdiag.exe [@xpsp3res.dll,-20001] -> [2008/04/14 23:00:00 | 00,558,080 | ---- | M] (Microsoft Corporation)
CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2008/04/14 05:42:30 | 01,695,232 | -HS- | M] (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-842925246-162531612-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
CmdMapping\\{e2e2dd38-d088-4134-82b7-f2ba38496583} [HKLM] -> %SystemRoot%\Network Diagnostic\xpnetdiag.exe [@xpsp3res.dll,-20001] -> [2008/04/14 23:00:00 | 00,558,080 | ---- | M] (Microsoft Corporation)
CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2008/04/14 05:42:30 | 01,695,232 | -HS- | M] (Microsoft Corporation)

========== (O12) Internet Explorer Plugins ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\]
PluginsPage: "" = http://activex.microsoft.com/controls/find...=%s&mime=%s
PluginsPageFriendlyName: "" = Microsoft ActiveX Gallery

========== (O13) Default Prefixes ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix]
""=http://

========== (O15) Trusted Sites ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
1 domain(s) and sub-domain(s) not assigned to a zone.

========== (O16) DPF ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\]
{8AD9C840-044E-11D1-B3E9-00805F499D93}: http://dl8-cdn-01.sun.com/s/ESD5/JSCDL/jre...ows-i586-jc.cab -- Java Plug-in 1.6.0_11
{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab -- Java Plug-in 1.6.0_11
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab -- Java Plug-in 1.6.0_11

========== (O17) DNS Name Servers ==========

{7C9A52C0-B1B6-41D3-8C8D-E9F2EBEB99ED} (Servers: | Description: Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller)

========== Safeboot Options ==========

"AlternateShell"=cmd.exe

========== CDRom AutoRun Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]
"AutoRun" = 1

========== Autorun Files on Drives ==========

AUTOEXEC.BAT []
[2008/12/18 14:20:36 | 00,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT -- [ NTFS ]

autorun.inf []
[2008/12/23 11:45:09 | 00,000,000 | RHSD | M] -- C:\autorun.inf -- [ NTFS ]

autorun.inf [[autorun] | ;osmakysyxjrjbcnavqwadsatfpmhky | shellexecute="resycled\boot.com e:" | ;hjbrircy | shell\Open\command="resycled\boot.com e:" | ;vggzinohpthsefxaobmjtflqvzylhsuvvqifbravqfuequfrgisgqhfyvpsnumsucmnrlhvsdwccpfpuhfztxneyvex | shell=Open | ;gixllnaigrgby | ]
[2008/12/19 20:12:40 | 00,000,255 | RHS- | M] () -- E:\autorun.inf -- [ NTFS ]

========== MountPoints2 ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c2e592dc-cd6d-11dd-961d-002215ba7042}\Shell]
""=Autorun

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c2e592dc-cd6d-11dd-961d-002215ba7042}\Shell\AutoRun]
""=Auto&Play


[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c2e592dc-cd6d-11dd-961d-002215ba7042}\Shell\AutoRun\command]
""=C:\WINDOWS\system32\shell32.dll -- [2008/04/14 23:00:00 | 08,461,312 | ---- | M] (Microsoft Corporation)


[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c2e592dc-cd6d-11dd-961d-002215ba7042}\Shell\Open\command]
""=E:\resycled\boot.com -- [2008/12/19 20:12:40 | 00,000,000 | RHS- | M] ()

========== Files/Folders - Created Within 30 Days ==========

[1 C:\WINDOWS\System32\*.tmp files]
[3 C:\WINDOWS\*.tmp files]
[2008/12/23 11:45:09 | 00,000,000 | RHSD | C] -- C:\autorun.inf
[2008/12/23 11:42:18 | 00,132,597 | ---- | C] () -- C:\Documents and Settings\user\Desktop\Flash_Disinfector.exe
[2008/12/23 11:41:59 | 00,010,501 | ---- | C] () -- C:\Documents and Settings\user\My Documents\FILES.docx
[2008/12/22 12:48:07 | 00,423,424 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\user\Desktop\OTViewIt.exe
[2008/12/21 21:39:12 | 00,000,000 | ---D | C] -- C:\Documents and Settings\user\My Documents\Backgrounds
[2008/12/21 13:28:41 | 00,001,587 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\DAZ Studio 2.3.lnk
[2008/12/21 13:27:00 | 00,026,624 | ---- | C] (DAZ 3D, Inc) -- C:\WINDOWS\System32\dzwrapper.dll
[2008/12/21 13:26:59 | 10,137,600 | ---- | C] (DAZ 3D, Inc) -- C:\WINDOWS\System32\dzcore.dll
[2008/12/21 13:26:59 | 00,049,152 | ---- | C] (DAZ 3D, Inc) -- C:\WINDOWS\System32\dzcarrara.dll
[2008/12/21 13:26:59 | 00,033,280 | ---- | C] (DAZ 3D, Inc) -- C:\WINDOWS\System32\dzbryce6.dll
[2008/12/21 13:26:58 | 06,131,712 | ---- | C] () -- C:\WINDOWS\System32\daz-qt-mt.dll
[2008/12/21 13:26:58 | 02,076,672 | ---- | C] () -- C:\WINDOWS\System32\dz3delight.dll
[2008/12/21 13:26:58 | 01,785,856 | ---- | C] () -- C:\WINDOWS\System32\daz-qsa.dll
[2008/12/21 13:26:31 | 00,000,000 | ---D | C] -- C:\Program Files\DAZ
[2008/12/21 12:11:22 | 00,000,000 | ---D | C] -- C:\_OTMoveIt
[2008/12/21 12:10:26 | 01,033,216 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\user\Desktop\OTMoveIt3.exe
[2008/12/20 20:58:33 | 12,117,0212 | ---- | C] (BitRock SL) -- C:\Documents and Settings\user\Desktop\DAZStudio_2.3.3.89_win.exe
[2008/12/20 20:11:25 | 00,269,500 | ---- | C] () -- C:\Documents and Settings\user\My Documents\Malwarebytes_org Online Store.mht
[2008/12/20 18:50:37 | 00,090,112 | ---- | C] (MindVision Software) -- C:\WINDOWS\unvise32.exe
[2008/12/20 17:51:06 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\OptiTex
[2008/12/20 15:42:24 | 00,000,000 | ---D | C] -- C:\My Music
[2008/12/20 15:42:01 | 00,003,421 | ---- | C] () -- C:\WINDOWS\CDPlayer.ini
[2008/12/20 12:31:33 | 00,000,000 | ---D | C] -- C:\Program Files\OptusNet DSL Internet
[2008/12/20 12:27:30 | 00,299,520 | ---- | C] (InstallShield Corporation, Inc.) -- C:\WINDOWS\uninst.exe
[2008/12/19 21:54:49 | 00,000,000 | ---D | C] -- C:\WINDOWS\ie7updates
[2008/12/19 21:53:45 | 00,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2008/12/19 20:59:46 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles
[2008/12/19 20:36:21 | 00,459,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2008/12/19 20:36:20 | 00,267,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2008/12/19 20:36:20 | 00,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2008/12/19 20:36:19 | 00,383,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieapfltr.dll
[2008/12/19 20:36:19 | 00,063,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icardie.dll
[2008/12/19 20:36:19 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieudinit.exe
[2008/12/19 20:36:18 | 02,455,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieapfltr.dat
[2008/12/19 20:36:18 | 00,991,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll.mui
[2008/12/19 20:36:16 | 06,066,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2008/12/19 20:25:10 | 02,145,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe
[2008/12/19 20:25:09 | 02,189,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe
[2008/12/19 20:25:07 | 02,066,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlpa.exe
[2008/12/19 20:25:07 | 02,023,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe
[2008/12/19 20:23:46 | 00,455,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys
[2008/12/19 20:03:33 | 01,701,594 | ---- | C] () -- C:\Documents and Settings\user\My Documents\Season3cover.docx
[2008/12/19 20:03:33 | 00,455,168 | ---- | C] () -- C:\Documents and Settings\user\My Documents\Supernatural season 3 insert final.pub
[2008/12/19 20:03:33 | 00,423,181 | ---- | C] () -- C:\Documents and Settings\user\My Documents\Nightwing_print_in_color_by_butones.jpg
[2008/12/19 20:03:33 | 00,378,368 | ---- | C] () -- C:\Documents and Settings\user\My Documents\Your shopping cart.doc
[2008/12/19 20:03:33 | 00,162,586 | ---- | C] () -- C:\Documents and Settings\user\My Documents\Picture7.JPG
[2008/12/19 20:03:33 | 00,125,348 | ---- | C] () -- C:\Documents and Settings\user\My Documents\SnowToolGuide.pdf
[2008/12/19 20:03:33 | 00,010,086 | ---- | C] () -- C:\Documents and Settings\user\My Documents\DVDCover.docx
[2008/12/19 20:03:32 | 01,260,544 | ---- | C] () -- C:\Documents and Settings\user\My Documents\DazOctobercontent.doc
[2008/12/19 20:03:32 | 01,232,192 | ---- | C] () -- C:\Documents and Settings\user\My Documents\DAZCONTENTfigures.docx
[2008/12/19 20:03:32 | 00,857,646 | ---- | C] () -- C:\Documents and Settings\user\My Documents\DAZCONTENT.docx
[2008/12/19 20:03:32 | 00,608,382 | ---- | C] () -- C:\Documents and Settings\user\My Documents\Catanna2.jpg
[2008/12/19 20:03:32 | 00,558,524 | ---- | C] () -- C:\Documents and Settings\user\My Documents\DAZCONTENTHair.docx
[2008/12/19 20:03:32 | 00,380,608 | ---- | C] () -- C:\Documents and Settings\user\My Documents\Catanna.jpg
[2008/12/19 20:03:32 | 00,148,893 | ---- | C] () -- C:\Documents and Settings\user\My Documents\DAZCONTENTPose.docx
[2008/12/19 20:03:32 | 00,068,096 | ---- | C] () -- C:\Documents and Settings\user\My Documents\DazOrder.doc
[2008/12/19 20:03:32 | 00,005,765 | ---- | C] () -- C:\Documents and Settings\user\My Documents\BILLING RECEIPT.mht
[2008/12/19 20:03:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\user\My Documents\Novels
[2008/12/19 20:03:20 | 00,000,000 | R--D | C] -- C:\Documents and Settings\user\My Documents\My Videos
[2008/12/19 20:03:20 | 00,000,000 | ---D | C] -- C:\Documents and Settings\user\My Documents\New Poser Downloads
[2008/12/19 20:02:57 | 00,000,000 | ---D | C] -- C:\Documents and Settings\user\My Documents\Lavalla
[2008/12/19 20:02:50 | 00,000,000 | ---D | C] -- C:\Documents and Settings\user\My Documents\DAZ Scenes
[2008/12/19 20:02:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\user\My Documents\BATMAN
[2008/12/19 19:50:33 | 22,333,728 | -HS- | C] () -- C:\WINDOWS\System32\drivers\fidbox.dat
[2008/12/19 19:50:33 | 00,300,824 | -HS- | C] () -- C:\WINDOWS\System32\drivers\fidbox.idx
[2008/12/19 18:29:46 | 00,000,000 | ---D | C] -- C:\Documents and Settings\user\Application Data\Malwarebytes
[2008/12/19 18:29:45 | 00,015,504 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2008/12/19 18:29:45 | 00,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2008/12/19 18:29:43 | 00,038,496 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2008/12/19 18:29:42 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2008/12/19 18:29:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2008/12/19 18:08:37 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\LightScribe
[2008/12/19 17:17:53 | 00,000,000 | ---D | C] -- C:\rsit
[2008/12/19 17:01:38 | 00,000,000 | ---D | C] -- C:\WINDOWS\Sun
[2008/12/19 17:01:25 | 00,000,000 | ---D | C] -- C:\Program Files\Java
[2008/12/19 16:57:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\user\Application Data\Sun
[2008/12/19 16:54:54 | 00,781,851 | ---- | C] () -- C:\Documents and Settings\user\Desktop\RSIT.exe
[2008/12/19 16:50:31 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2008/12/19 16:25:20 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\DAZ
[2008/12/19 16:12:13 | 00,000,000 | ---D | C] -- C:\Program Files\SonicWallES
[2008/12/19 16:04:48 | 00,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2008/12/19 16:04:44 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio
[2008/12/19 16:04:44 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2008/12/19 16:02:21 | 00,000,000 | ---D | C] -- C:\WINDOWS\SHELLNEW
[2008/12/19 16:02:09 | 00,000,000 | ---D | C] -- C:\Documents and Settings\user\Local Settings\Application Data\Microsoft Help
[2008/12/19 16:02:07 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2008/12/19 16:02:07 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft Help
[2008/12/19 16:01:49 | 00,000,000 | RH-D | C] -- C:\MSOCache
[2008/12/19 15:53:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\user\Application Data\Apple Computer
[2008/12/19 15:53:42 | 00,000,000 | ---D | C] -- C:\Program Files\iPod
[2008/12/19 15:53:41 | 00,000,000 | ---D | C] -- C:\Program Files\iTunes
[2008/12/19 15:53:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[2008/12/19 15:53:33 | 00,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2008/12/19 15:53:20 | 00,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2008/12/19 15:53:20 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
[2008/12/19 15:53:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\user\Local Settings\Application Data\Apple
[2008/12/19 15:53:13 | 00,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2008/12/19 15:53:04 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2008/12/19 15:53:04 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple
[2008/12/19 15:52:35 | 00,000,000 | ---D | C] -- C:\Documents and Settings\user\Local Settings\Application Data\Apple Computer
[2008/12/19 15:47:59 | 00,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2008/12/19 15:12:54 | 00,087,608 | ---- | C] () -- C:\Documents and Settings\user\Application Data\inst.exe
[2008/12/19 15:12:54 | 00,047,360 | ---- | C] (VSO Software) -- C:\WINDOWS\System32\drivers\pcouffin.sys
[2008/12/19 15:12:54 | 00,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\user\Application Data\pcouffin.sys
[2008/12/19 15:12:54 | 00,007,887 | ---- | C] () -- C:\Documents and Settings\user\Application Data\pcouffin.cat
[2008/12/19 15:12:54 | 00,001,144 | ---- | C] () -- C:\Documents and Settings\user\Application Data\pcouffin.inf
[2008/12/19 15:12:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\user\My Documents\PcSetup
[2008/12/19 15:12:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\user\Application Data\Vso
[2008/12/19 15:12:53 | 00,000,000 | ---D | C] -- C:\Documents and Settings\user\My Documents\DVDFab
[2008/12/19 15:12:50 | 00,000,618 | ---- | C] () -- C:\Documents and Settings\user\Desktop\DVDFab 5.lnk
[2008/12/19 15:12:49 | 00,000,000 | ---D | C] -- C:\Program Files\DVDFab 5
[2008/12/19 14:13:18 | 00,000,805 | ---- | C] () -- C:\rollback.ini
[2008/12/19 13:42:25 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2008/12/19 13:36:03 | 00,000,104 | ---- | C] () -- C:\Documents and Settings\user\Desktop\Shortcut to Internet.lnk
[2008/12/19 13:33:22 | 00,000,000 | ---D | C] -- C:\Documents and Settings\user\Application Data\MailFrontier
[2008/12/19 13:24:43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MailFrontier
[2008/12/19 13:24:41 | 00,004,212 | -H-- | C] () -- C:\WINDOWS\System32\zllictbl.dat
[2008/12/19 13:24:37 | 00,148,496 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klif.sys
[2008/12/19 13:24:30 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ZoneLabs
[2008/12/19 13:24:30 | 00,000,000 | ---D | C] -- C:\Program Files\Zone Labs
[2008/12/19 13:24:29 | 00,349,222 | ---- | C] () -- C:\WINDOWS\System32\vsconfig.xml
[2008/12/19 13:23:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\Internet Logs
[2008/12/19 13:18:20 | 00,000,000 | ---D | C] -- C:\Documents and Settings\user\Local Settings\Application Data\Collectorz.com
[2008/12/19 13:18:17 | 00,000,920 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Comic Collector.lnk
[2008/12/19 13:18:14 | 00,000,000 | ---D | C] -- C:\Program Files\Collectorz.com
[2008/12/19 13:18:14 | 00,000,000 | ---D | C] -- C:\Documents and Settings\user\My Documents\Comic Collector
[2008/12/19 13:15:26 | 00,000,660 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\MediaMonkey.lnk
[2008/12/19 13:15:24 | 00,000,000 | ---D | C] -- C:\Documents and Settings\user\Local Settings\Application Data\MediaMonkey
[2008/12/19 13:15:23 | 00,000,000 | ---D | C] -- C:\Program Files\MediaMonkey
[2008/12/19 13:13:37 | 00,000,766 | ---- | C] () -- C:\Documents and Settings\user\Desktop\MailWasher Pro.lnk
[2008/12/19 13:13:37 | 00,000,000 | ---D | C] -- C:\Documents and Settings\user\Application Data\MailWasherPro
[2008/12/19 13:13:36 | 00,000,000 | ---D | C] -- C:\Program Files\FireTrust
[2008/12/19 13:09:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\user\Local Settings\Application Data\Identities
[2008/12/19 13:04:53 | 00,000,000 | -HSD | C] -- C:\RECYCLER
[2008/12/19 12:38:34 | 00,026,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\USBSTOR.SYS
[2008/12/19 12:38:34 | 00,026,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbstor.sys
[2008/12/19 12:37:08 | 00,002,422 | ---- | C] () -- C:\WINDOWS\System32\wpa.bak
[2008/12/19 12:16:15 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2008/12/19 09:06:31 | 01,677,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chsbrkr.dll
[2008/12/19 09:06:31 | 01,677,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\chsbrkr.dll
[2008/12/19 09:06:31 | 00,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtbrkr.dll
[2008/12/19 09:06:31 | 00,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\chtbrkr.dll
[2008/12/19 09:06:30 | 01,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msir3jp.lex
[2008/12/19 09:06:30 | 01,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.lex
[2008/12/19 09:06:30 | 01,158,818 | ---- | C] () -- C:\WINDOWS\System32\korwbrkr.lex
[2008/12/19 09:06:30 | 01,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2008/12/19 09:06:30 | 00,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msir3jp.dll
[2008/12/19 09:06:30 | 00,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.dll
[2008/12/19 09:06:30 | 00,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\korwbrkr.dll
[2008/12/19 09:06:30 | 00,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\korwbrkr.dll
[2008/12/19 09:06:30 | 00,002,060 | ---- | C] () -- C:\WINDOWS\System32\noise.jpn
[2008/12/19 09:06:30 | 00,001,486 | ---- | C] () -- C:\WINDOWS\System32\noise.kor
[2008/12/19 09:06:28 | 10,096,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxcht.dll
[2008/12/19 09:06:25 | 00,211,938 | ---- | C] () -- C:\WINDOWS\System32\lcphrase.tbl
[2008/12/19 09:06:25 | 00,146,126 | ---- | C] () -- C:\WINDOWS\System32\array30.tab
[2008/12/19 09:06:25 | 00,116,285 | ---- | C] () -- C:\WINDOWS\System32\msdayi.tbl
[2008/12/19 09:06:25 | 00,110,566 | ---- | C] () -- C:\WINDOWS\System32\arphr.tbl
[2008/12/19 09:06:25 | 00,044,370 | ---- | C] () -- C:\WINDOWS\System32\acode.tbl
[2008/12/19 09:06:25 | 00,044,370 | ---- | C] () -- C:\WINDOWS\System32\a234.tbl
[2008/12/19 09:06:25 | 00,043,242 | ---- | C] () -- C:\WINDOWS\System32\phoncode.tbl
[2008/12/19 09:06:25 | 00,024,114 | ---- | C] () -- C:\WINDOWS\System32\lcptr.tbl
[2008/12/19 09:06:25 | 00,018,600 | ---- | C] () -- C:\WINDOWS\System32\arrayhw.tab
[2008/12/19 09:06:25 | 00,016,312 | ---- | C] () -- C:\WINDOWS\System32\arptr.tbl
[2008/12/19 09:06:25 | 00,004,071 | ---- | C] () -- C:\WINDOWS\System32\phon.tbl
[2008/12/19 09:06:25 | 00,002,714 | ---- | C] () -- C:\WINDOWS\System32\phonptr.tbl
[2008/12/19 09:06:25 | 00,001,460 | ---- | C] () -- C:\WINDOWS\System32\a15.tbl
[2008/12/19 09:06:25 | 00,000,700 | ---- | C] () -- C:\WINDOWS\System32\dayiptr.tbl
[2008/12/19 09:06:25 | 00,000,520 | ---- | C] () -- C:\WINDOWS\System32\dayiphr.tbl
[2008/12/19 09:06:23 | 01,223,500 | ---- | C] () -- C:\WINDOWS\System32\WINZM.MB
[2008/12/19 09:06:22 | 01,783,864 | ---- | C] () -- C:\WINDOWS\System32\WINPY.MB
[2008/12/19 09:06:22 | 01,564,868 | ---- | C] () -- C:\WINDOWS\System32\WINSP.MB
[2008/12/19 09:06:21 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs412.dll
[2008/12/19 09:06:21 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbd101a.dll
[2008/12/19 09:06:21 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101a.dll
[2008/12/19 09:06:20 | 10,129,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxkor.dll
[2008/12/19 09:06:20 | 00,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2008/12/19 09:06:20 | 00,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2008/12/19 09:06:20 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imkrinst.exe
[2008/12/19 09:06:20 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmig.exe
[2008/12/19 09:06:20 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hanjadic.dll
[2008/12/19 09:06:17 | 00,311,359 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsv.exe
[2008/12/19 09:06:17 | 00,102,463 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsm.dll
[2008/12/19 09:06:17 | 00,036,927 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs411.dll
[2008/12/19 09:06:16 | 00,471,102 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskdic.dll
[2008/12/19 09:06:16 | 00,229,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\multibox.dll
[2008/12/19 09:06:16 | 00,143,422 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\softkey.dll
[2008/12/19 09:06:16 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdnecAT.dll
[2008/12/19 09:06:16 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecat.dll
[2008/12/19 09:06:16 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdnecNT.dll
[2008/12/19 09:06:16 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecnt.dll
[2008/12/19 09:06:16 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdnec95.dll
[2008/12/19 09:06:16 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnec95.dll
[2008/12/19 09:06:09 | 00,057,398 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdadm.exe
[2008/12/19 09:06:09 | 00,045,109 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpuex.exe
[2008/12/19 09:06:06 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_is2022.dll
[2008/12/19 09:06:06 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\c_is2022.dll
[2008/12/19 09:06:05 | 00,571,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\TINTLGNT.IME
[2008/12/19 09:06:05 | 00,571,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlgnt.ime
[2008/12/19 09:06:05 | 00,480,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintsetp.exe
[2008/12/19 09:06:05 | 00,455,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintsetp.exe
[2008/12/19 09:06:05 | 00,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintime.dll
[2008/12/19 09:06:05 | 00,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2008/12/19 09:06:05 | 00,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtmbx.dll
[2008/12/19 09:06:05 | 00,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winar30.ime
[2008/12/19 09:06:05 | 00,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winar30.ime
[2008/12/19 09:06:05 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtskdic.dll
[2008/12/19 09:06:05 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlphr.exe
[2008/12/19 09:06:05 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintlgnt.ime
[2008/12/19 09:06:05 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\CINTLGNT.IME
[2008/12/19 09:06:05 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0404.dll
[2008/12/19 09:06:05 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs404.dll
[2008/12/19 09:06:05 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmigrate.dll
[2008/12/19 09:06:04 | 00,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\phon.ime
[2008/12/19 09:06:04 | 00,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phon.ime
[2008/12/19 09:06:04 | 00,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dayi.ime
[2008/12/19 09:06:04 | 00,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dayi.ime
[2008/12/19 09:06:04 | 00,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chajei.ime
[2008/12/19 09:06:04 | 00,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\chajei.ime
[2008/12/19 09:06:04 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\quick.ime
[2008/12/19 09:06:04 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quick.ime
[2008/12/19 09:06:04 | 00,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\uniime.dll
[2008/12/19 09:06:04 | 00,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniime.dll
[2008/12/19 09:06:04 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winime.ime
[2008/12/19 09:06:04 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winime.ime
[2008/12/19 09:06:04 | 00,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\unicdime.ime
[2008/12/19 09:06:04 | 00,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unicdime.ime
[2008/12/19 09:06:04 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\romanime.ime
[2008/12/19 09:06:04 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\romanime.ime
[2008/12/19 09:06:04 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0804.dll
[2008/12/19 09:06:04 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\miniime.tpl
[2008/12/19 09:06:03 | 00,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2008/12/19 09:06:03 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlcsd.dll
[2008/12/19 09:06:03 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs804.dll
[2008/12/19 09:06:01 | 00,482,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\PINTLGNT.IME
[2008/12/19 09:06:01 | 00,482,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlgnt.ime
[2008/12/19 09:06:01 | 00,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlphr.exe
[2008/12/19 09:06:01 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmigrate.dll
[2008/12/19 09:06:01 | 00,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2008/12/19 09:05:59 | 00,218,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_g18030.dll
[2008/12/19 09:05:59 | 00,218,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\c_g18030.dll
[2008/12/19 09:05:59 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\WINZM.IME
[2008/12/19 09:05:59 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\WINSP.IME
[2008/12/19 09:05:59 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\WINPY.IME
[2008/12/19 09:05:59 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winzm.ime
[2008/12/19 09:05:59 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winsp.ime
[2008/12/19 09:05:59 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winpy.ime
[2008/12/19 09:05:59 | 00,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrcic.dll
[2008/12/19 09:05:59 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\imekr61.ime
[2008/12/19 09:05:59 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekr61.ime
[2008/12/19 09:05:59 | 00,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmbx.dll
[2008/12/19 09:05:59 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\WINGB.IME
[2008/12/19 09:05:59 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wingb.ime
[2008/12/19 09:05:58 | 00,102,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imlang.dll
[2008/12/19 09:05:58 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0412.dll
[2008/12/19 09:05:58 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0411.dll
[2008/12/19 09:05:58 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdibm02.dll
[2008/12/19 09:05:58 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\f3ahvoas.dll
[2008/12/19 09:05:58 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdibm02.dll
[2008/12/19 09:05:58 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\f3ahvoas.dll
[2008/12/19 09:05:58 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlk41a.dll
[2008/12/19 09:05:58 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41a.dll
[2008/12/19 09:05:58 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlk41j.dll
[2008/12/19 09:05:58 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdax2.dll
[2008/12/19 09:05:58 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbd106n.dll
[2008/12/19 09:05:58 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbd101.dll
[2008/12/19 09:05:58 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41j.dll
[2008/12/19 09:05:58 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdax2.dll
[2008/12/19 09:05:58 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd106n.dll
[2008/12/19 09:05:58 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101.dll
[2008/12/19 09:05:57 | 00,811,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\imjp81k.dll
[2008/12/19 09:05:57 | 00,811,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81k.dll
[2008/12/19 09:05:57 | 00,426,041 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicepad.dll
[2008/12/19 09:05:57 | 00,340,023 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\imjp81.ime
[2008/12/19 09:05:57 | 00,340,023 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81.ime
[2008/12/19 09:05:57 | 00,315,455 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskf.dll
[2008/12/19 09:05:57 | 00,086,073 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicesub.dll
[2008/12/19 09:05:55 | 13,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2008/12/19 09:05:55 | 00,716,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcus.dll
[2008/12/19 09:05:55 | 00,307,257 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.exe
[2008/12/19 09:05:55 | 00,274,489 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputyc.dll
[2008/12/19 09:05:55 | 00,262,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputy.exe
[2008/12/19 09:05:55 | 00,233,527 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjprw.exe
[2008/12/19 09:05:55 | 00,208,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpmig.exe
[2008/12/19 09:05:55 | 00,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2008/12/19 09:05:55 | 00,155,705 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdsvr.exe
[2008/12/19 09:05:55 | 00,081,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.dll
[2008/12/19 09:05:54 | 00,368,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcic.dll
[2008/12/19 09:05:54 | 00,057,399 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cplexe.exe
[2008/12/19 09:05:09 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdjpn.dll
[2008/12/19 09:05:09 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdjpn.dll
[2008/12/19 09:05:09 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkor.dll
[2008/12/19 09:05:09 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkor.dll
[2008/12/19 09:05:09 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbd101c.dll
[2008/12/19 09:05:09 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101c.dll
[2008/12/19 09:05:09 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbd103.dll
[2008/12/19 09:05:09 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd103.dll
[2008/12/19 09:05:07 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbd106.dll
[2008/12/19 09:05:07 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbd101b.dll
[2008/12/19 09:05:07 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd106.dll
[2008/12/19 09:05:07 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101b.dll
[2008/12/19 09:04:32 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\hidserv.dll
[2008/12/19 09:04:32 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidserv.dll
[2008/12/19 09:04:28 | 00,012,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mouhid.sys
[2008/12/19 09:04:28 | 00,012,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mouhid.sys
[2008/12/19 09:04:26 | 00,014,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\kbdhid.sys
[2008/12/19 09:04:26 | 00,014,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhid.sys
[2008/12/19 09:04:19 | 00,010,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\hidusb.sys
[2008/12/19 09:04:19 | 00,010,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidusb.sys
[2008/12/19 09:04:12 | 00,032,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbccgp.sys
[2008/12/19 09:04:12 | 00,032,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbccgp.sys
[2008/12/19 01:15:59 | 00,005,208 | ---- | C] () -- C:\WINDOWS\System32\pid.PNF
[2008/12/19 01:14:31 | 00,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\audstub.sys
[2008/12/19 01:14:03 | 00,057,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\redbook.sys
[2008/12/19 01:13:22 | 00,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\usbui.dll
[2008/12/19 01:12:39 | 00,001,393 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2008/12/19 01:12:37 | 00,360,124 | ---- | C] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2008/12/19 01:12:37 | 00,000,000 | -HSD | C] -- C:\WINDOWS\Installer
[2008/12/19 01:12:36 | 00,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008/12/19 01:12:36 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC
[2008/12/19 01:12:35 | 01,685,606 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.spd
[2008/12/19 01:12:35 | 00,774,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spttseng.dll
[2008/12/19 01:12:35 | 00,605,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa
[2008/12/19 01:12:35 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spcommon.dll
[2008/12/19 01:12:35 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spcplui.dll
[2008/12/19 01:12:35 | 00,000,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.sdf
[2008/12/19 01:12:34 | 00,741,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapi.dll
[2008/12/19 01:12:34 | 00,643,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa
[2008/12/19 01:12:34 | 00,155,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapi.cpl
[2008/12/19 01:12:34 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapisvr.exe
[2008/12/19 01:12:34 | 00,000,000 | R--D | C] -- C:\Program Files
[2008/12/19 01:12:34 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeechEngines
[2008/12/19 01:12:34 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Shared
[2008/12/19 01:12:34 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files
[2008/12/19 01:12:33 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0408.dll
[2008/12/19 01:12:33 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt040e.dll
[2008/12/19 01:12:33 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt041f.dll
[2008/12/19 01:12:33 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0419.dll
[2008/12/19 01:12:33 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0415.dll
[2008/12/19 01:12:33 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0405.dll
[2008/12/19 01:12:32 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuq.dll
[2008/12/19 01:12:32 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuf.dll
[2008/12/19 01:12:32 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtuq.dll
[2008/12/19 01:12:32 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtuf.dll
[2008/12/19 01:12:32 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdazel.dll
[2008/12/19 01:12:32 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdazel.dll
[2008/12/19 01:12:31 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbduzb.dll
[2008/12/19 01:12:31 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtat.dll
[2008/12/19 01:12:31 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmon.dll
[2008/12/19 01:12:31 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkyr.dll
[2008/12/19 01:12:31 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkaz.dll
[2008/12/19 01:12:31 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdaze.dll
[2008/12/19 01:12:31 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbduzb.dll
[2008/12/19 01:12:31 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtat.dll
[2008/12/19 01:12:31 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdmon.dll
[2008/12/19 01:12:31 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkyr.dll
[2008/12/19 01:12:31 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkaz.dll
[2008/12/19 01:12:31 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdaze.dll
[2008/12/19 01:12:30 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycc.dll
[2008/12/19 01:12:30 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdur.dll
[2008/12/19 01:12:30 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru1.dll
[2008/12/19 01:12:30 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru.dll
[2008/12/19 01:12:30 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbu.dll
[2008/12/19 01:12:30 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdblr.dll
[2008/12/19 01:12:30 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdycc.dll
[2008/12/19 01:12:30 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdur.dll
[2008/12/19 01:12:30 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdru1.dll
[2008/12/19 01:12:30 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdru.dll
[2008/12/19 01:12:30 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdbu.dll
[2008/12/19 01:12:30 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdblr.dll
[2008/12/19 01:12:29 | 00,008,192 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhept.dll
[2008/12/19 01:12:29 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhept.dll
[2008/12/19 01:12:29 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela3.dll
[2008/12/19 01:12:29 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhela3.dll
[2008/12/19 01:12:29 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela2.dll
[2008/12/19 01:12:29 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdgkl.dll
[2008/12/19 01:12:29 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhela2.dll
[2008/12/19 01:12:29 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgkl.dll
[2008/12/19 01:12:29 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe319.dll
[2008/12/19 01:12:29 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe220.dll
[2008/12/19 01:12:29 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe.dll
[2008/12/19 01:12:29 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe319.dll
[2008/12/19 01:12:29 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe220.dll
[2008/12/19 01:12:29 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe.dll
[2008/12/19 01:12:28 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv1.dll
[2008/12/19 01:12:28 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv.dll
[2008/12/19 01:12:28 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdest.dll
[2008/12/19 01:12:28 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlv1.dll
[2008/12/19 01:12:28 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlv.dll
[2008/12/19 01:12:28 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdest.dll
[2008/12/19 01:12:28 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt1.dll
[2008/12/19 01:12:28 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt.dll
[2008/12/19 01:12:28 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlt1.dll
[2008/12/19 01:12:28 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlt.dll
[2008/12/19 01:12:27 | 00,007,168 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz.dll
[2008/12/19 01:12:27 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz.dll
[2008/12/19 01:12:27 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycl.dll
[2008/12/19 01:12:27 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl1.dll
[2008/12/19 01:12:27 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl.dll
[2008/12/19 01:12:27 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpl.dll
[2008/12/19 01:12:27 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu.dll
[2008/12/19 01:12:27 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz2.dll
[2008/12/19 01:12:27 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz1.dll
[2008/12/19 01:12:27 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcr.dll
[2008/12/19 01:12:27 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\KBDAL.DLL
[2008/12/19 01:12:27 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdycl.dll
[2008/12/19 01:12:27 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsl1.dll
[2008/12/19 01:12:27 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsl.dll
[2008/12/19 01:12:27 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdpl.dll
[2008/12/19 01:12:27 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhu.dll
[2008/12/19 01:12:27 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz2.dll
[2008/12/19 01:12:27 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz1.dll
[2008/12/19 01:12:27 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcr.dll
[2008/12/19 01:12:27 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdal.dll
[2008/12/19 01:12:27 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdro.dll
[2008/12/19 01:12:27 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpl1.dll
[2008/12/19 01:12:27 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu1.dll
[2008/12/19 01:12:27 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdro.dll
[2008/12/19 01:12:27 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdpl1.dll
[2008/12/19 01:12:27 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhu1.dll
[2008/12/19 01:12:25 | 00,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\spxcoins.dll
[2008/12/19 01:12:25 | 00,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxcoins.dll
[2008/12/19 01:12:25 | 00,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TAPI.DLL
[2008/12/19 01:12:25 | 00,013,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\WFWNET.DRV
[2008/12/19 01:12:25 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irclass.dll
[2008/12/19 01:12:25 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irclass.dll
[2008/12/19 01:12:25 | 00,009,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VER.DLL
[2008/12/19 01:12:25 | 00,004,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TIMER.DRV
[2008/12/19 01:12:25 | 00,003,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SYSTEM.DRV
[2008/12/19 01:12:25 | 00,002,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VGA.DRV
[2008/12/19 01:12:25 | 00,001,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SOUND.DRV
[2008/12/19 01:12:24 | 00,126,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MSVIDEO.DLL
[2008/12/19 01:12:24 | 00,109,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVIFILE.DLL
[2008/12/19 01:12:24 | 00,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLECLI.DLL
[2008/12/19 01:12:24 | 00,073,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIAVI.DRV
[2008/12/19 01:12:24 | 00,069,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVICAP.DLL
[2008/12/19 01:12:24 | 00,032,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\COMMDLG.DLL
[2008/12/19 01:12:24 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIWAVE.DRV
[2008/12/19 01:12:24 | 00,025,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCISEQ.DRV
[2008/12/19 01:12:24 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLESVR.DLL
[2008/12/19 01:12:24 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\TASKMAN.EXE
[2008/12/19 01:12:24 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\taskman.exe
[2008/12/19 01:12:24 | 00,009,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\LZEXPAND.DLL
[2008/12/19 01:12:24 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SHELL.DLL
[2008/12/19 01:12:24 | 00,002,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MOUSE.DRV
[2008/12/19 01:12:24 | 00,002,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\KEYBOARD.DRV
[2008/12/19 01:12:24 | 00,001,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MMTASK.TSK
[2008/12/19 01:12:23 | 00,146,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\WINSPOOL.DRV
[2008/12/19 01:12:23 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\NOTEPAD.EXE
[2008/12/19 01:12:23 | 00,068,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MMSYSTEM.DLL
[2008/12/19 01:12:23 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\irenum.sys
[2008/12/19 01:12:23 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irenum.sys
[2008/12/19 01:12:23 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\batt.dll
[2008/12/19 01:12:23 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\batt.dll
[2008/12/19 01:12:23 | 00,001,688 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2008/12/19 01:12:22 | 00,074,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\storprop.dll
[2008/12/19 01:12:16 | 01,296,669 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP3.CAT
[2008/12/19 01:12:16 | 01,088,840 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NTPRINT.CAT
[2008/12/19 01:12:16 | 00,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2008/12/19 01:12:16 | 00,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2008/12/19 01:12:16 | 00,171,588 | ---- | C] () -- C:\WINDOWS\System32\dllcache\startoc.cat
[2008/12/19 01:12:16 | 00,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2008/12/19 01:12:16 | 00,034,063 | ---- | C] () -- C:\WINDOWS\System32\dllcache\FP4.CAT
[2008/12/19 01:12:16 | 00,026,991 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn7.cat
[2008/12/19 01:12:16 | 00,016,535 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IMS.CAT
[2008/12/19 01:12:16 | 00,014,433 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn9.cat
[2008/12/19 01:12:16 | 00,012,363 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSMSGS.CAT
[2008/12/19 01:12:16 | 00,010,027 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSTSWEB.CAT
[2008/12/19 01:12:16 | 00,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2008/12/19 01:12:16 | 00,007,382 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2008/12/19 01:12:16 | 00,007,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat
[2008/12/19 01:12:16 | 00,000,084 | -HS- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\desktop.ini
[2008/12/19 01:12:16 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Documents\desktop.ini
[2008/12/19 01:12:16 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\desktop.ini
[2008/12/19 01:12:15 | 02,144,487 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5.CAT
[2008/12/19 01:12:15 | 00,402,264 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5INF.CAT
[2008/12/19 01:12:07 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2008/12/19 01:12:07 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot
[2008/12/19 01:12:02 | 00,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2008/12/19 01:11:42 | 00,000,000 | -HSD | C] -- C:\System Volume Information
[2008/12/19 01:11:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings
[2008/12/19 01:11:41 | 00,215,264 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008/12/19 01:10:54 | 00,000,211 | -HS- | C] () -- C:\boot.ini
[2008/12/19 01:10:52 | 00,000,261 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf
[2008/12/19 01:07:13 | 00,000,000 | R-SD | C] -- C:\WINDOWS\Fonts
[2008/12/19 01:07:13 | 00,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2008/12/19 01:07:13 | 00,000,000 | R--D | C] -- C:\WINDOWS\Web
[2008/12/19 01:07:13 | 00,000,000 | -H-D | C] -- C:\WINDOWS\inf
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\WinSxS
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\twain_32
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\wins
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\spool
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ras
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\npp
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\mui
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\IME
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ias
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\export
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\en
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\config
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\3076
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\2052
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1054
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1042
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1041
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1037
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1033
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1031
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1028
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1025
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\system32
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\system
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\security
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\Resources
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\repair
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\Provisioning
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\PeerNet
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\pchealth
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\Network Diagnostic
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\mui
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\msapps
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\msagent
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\Media
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\L2Schemas
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\java
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\ime
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\Help
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\Debug
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\Cursors
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\Config
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\AppPatch
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\addins
[2008/12/19 01:07:13 | 00,000,000 | ---D | C] -- C:\WINDOWS
[2008/12/18 14:39:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\user\Local Settings\Application Data\Ahead
[2008/12/18 14:38:23 | 00,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2008/12/18 14:37:32 | 00,000,000 | -H-D | C] -- C:\WINDOWS\ie7
[2008/12/18 14:37:25 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
[2008/12/18 14:37:18 | 00,017,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2008/12/18 14:37:16 | 00,022,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spupdsvc.exe
[2008/12/18 14:37:14 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
[2008/12/18 14:37:09 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$
[2008/12/18 14:36:49 | 00,048,534 | ---- | C] () -- C:\WINDOWS\System32\oemlogo.bmp
[2008/12/18 14:36:48 | 00,000,415 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2008/12/18 14:36:06 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\LightScribe
[2008/12/18 14:35:52 | 00,002,361 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Nero StartSmart Essentials.lnk
[2008/12/18 14:35:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\user\Application Data\Ahead
[2008/12/18 14:35:26 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Ahead
[2008/12/18 14:33:28 | 00,000,000 | ---D | C] -- C:\Program Files\Nero
[2008/12/18 14:33:28 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Ahead
[2008/12/18 14:33:28 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Nero
[2008/12/18 14:33:07 | 00,000,000 | ---D | C] -- C:\WINDOWS\RegisteredPackages
[2008/12/18 14:31:57 | 00,000,000 | ---D | C] -- C:\Program Files\My Company Name
[2008/12/18 14:30:56 | 00,188,689 | ---- | C] () -- C:\WINDOWS\System32\nvapps.xml
[2008/12/18 14:30:34 | 00,018,335 | ---- | C] () -- C:\WINDOWS\System32\nvdisp.nvu
[2008/12/18 14:30:34 | 00,000,000 | ---D | C] -- C:\WINDOWS\nview
[2008/12/18 14:30:32 | 00,236,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_3.dll
[2008/12/18 14:30:31 | 00,230,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_2.dll
[2008/12/18 14:30:31 | 00,062,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_2.dll
[2008/12/18 14:30:30 | 00,062,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_1.dll
[2008/12/18 14:30:29 | 02,388,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_30.dll
[2008/12/18 14:30:29 | 00,229,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_1.dll
[2008/12/18 14:30:28 | 02,332,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_29.dll
[2008/12/18 14:30:28 | 02,323,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_28.dll
[2008/12/18 14:30:28 | 00,230,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_0.dll
[2008/12/18 14:30:28 | 00,014,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_0.dll
[2008/12/18 14:30:27 | 00,061,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput9_1_0.dll
[2008/12/18 14:30:26 | 02,319,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_27.dll
[2008/12/18 14:30:25 | 02,337,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_25.dll
[2008/12/18 14:30:25 | 02,297,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_26.dll
[2008/12/18 14:30:25 | 02,222,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_24.dll
[2008/12/18 14:28:18 | 00,036,864 | R--- | C] (Atheros Communications, Inc.) -- C:\WINDOWS\System32\drivers\l1e51x86.sys
[2008/12/18 14:28:11 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Atheros_L1e
[2008/12/18 14:27:13 | 05,891,590 | -H-- | C] () -- C:\Documents and Settings\user\Local Settings\Application Data\IconCache.db
[2008/12/18 14:27:09 | 00,000,000 | ---D | C] -- C:\WINDOWS\ASUSInstAll
[2008/12/18 14:27:07 | 00,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2008/12/18 14:26:52 | 00,008,704 | R--- | C] (Windows ® Codename Longhorn DDK provider) -- C:\WINDOWS\System32\viahdcpl.cpl
[2008/12/18 14:26:52 | 00,006,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\splitter.sys
[2008/12/18 14:26:52 | 00,006,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\splitter.sys
[2008/12/18 14:26:51 | 00,083,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\wdmaud.sys
[2008/12/18 14:26:51 | 00,083,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wdmaud.sys
[2008/12/18 14:26:49 | 00,052,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\DMusic.sys
[2008/12/18 14:26:49 | 00,052,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmusic.sys
[2008/12/18 14:26:48 | 00,056,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\swmidi.sys
[2008/12/18 14:26:48 | 00,056,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swmidi.sys
[2008/12/18 14:26:47 | 00,142,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\aec.sys
[2008/12/18 14:26:47 | 00,142,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aec.sys
[2008/12/18 14:26:46 | 00,172,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\kmixer.sys
[2008/12/18 14:26:46 | 00,172,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kmixer.sys
[2008/12/18 14:26:45 | 00,002,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmkaud.sys
[2008/12/18 14:26:45 | 00,002,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmkaud.sys
[2008/12/18 14:26:44 | 00,060,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sysaudio.sys
[2008/12/18 14:26:44 | 00,060,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sysaudio.sys
[2008/12/18 14:26:43 | 00,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\MSKSSRV.sys
[2008/12/18 14:26:43 | 00,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mskssrv.sys
[2008/12/18 14:26:42 | 00,004,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\MSPQM.sys
[2008/12/18 14:26:42 | 00,004,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspqm.sys
[2008/12/18 14:26:41 | 00,005,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\MSPCLOCK.sys
[2008/12/18 14:26:41 | 00,005,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspclock.sys
[2008/12/18 14:26:37 | 00,146,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\portcls.sys
[2008/12/18 14:26:37 | 00,146,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\portcls.sys
[2008/12/18 14:26:37 | 00,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksproxy.ax
[2008/12/18 14:26:37 | 00,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksproxy.ax
[2008/12/18 14:26:37 | 00,060,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmk.sys
[2008/12/18 14:26:37 | 00,060,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmk.sys
[2008/12/18 14:26:37 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksuser.dll
[2008/12/18 14:26:37 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksuser.dll
[2008/12/18 14:26:30 | 00,331,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\difxapi.dll
[2008/12/18 14:26:30 | 00,000,000 | ---D | C] -- C:\Program Files\VIA
[2008/12/18 14:26:25 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2008/12/18 14:24:36 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups
[2008/12/18 14:24:35 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
[2008/12/18 14:24:34 | 00,000,000 | ---D | C] -- C:\Program Files\Intel
[2008/12/18 14:24:25 | 00,000,000 | ---D | C] -- C:\Intel
[2008/12/18 14:24:13 | 00,012,065 | ---- | C] () -- C:\WINDOWS\Ascd_log.ini
[2008/12/18 14:24:09 | 00,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2008/12/18 14:24:08 | 00,011,832 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2008/12/18 14:24:02 | 00,012,536 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2008/12/18 14:23:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\user\Application Data\Identities
[2008/12/18 14:23:46 | 00,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
[2008/12/18 14:23:44 | 00,000,075 | -HS- | C] () -- C:\Documents and Settings\user\My Documents\desktop.ini
[2008/12/18 14:23:44 | 00,000,000 | R--D | C] -- C:\Documents and Settings\user\My Documents\My Pictures
[2008/12/18 14:23:44 | 00,000,000 | R--D | C] -- C:\Documents and Settings\user\My Documents\My Music
[2008/12/18 14:23:43 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\user\Application Data\desktop.ini
[2008/12/18 14:23:42 | 00,000,084 | -HS- | C] () -- C:\Documents and Settings\user\Start Menu\Programs\Startup\desktop.ini
[2008/12/18 14:23:42 | 00,000,000 | --SD | C] -- C:\Documents and Settings\user\Application Data\Microsoft
[2008/12/18 14:23:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\user\Local Settings\Application Data\Microsoft
[2008/12/18 14:23:11 | 00,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2008/12/18 14:23:10 | 00,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2008/12/18 14:23:09 | 00,000,006 | -H-- | C] () -- C:\WINDOWS\tasks\SA.DAT
[2008/12/18 14:23:09 | 00,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft
[2008/12/18 14:22:24 | 00,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2008/12/18 14:21:43 | 00,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2008/12/18 14:21:36 | 00,048,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32.dll
[2008/12/18 14:21:36 | 00,041,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.dll
[2008/12/18 14:21:36 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.sys
[2008/12/18 14:21:35 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe
[2008/12/18 14:21:34 | 00,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\thawbrkr.dll
[2008/12/18 14:21:34 | 00,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdipx.sys
[2008/12/18 14:21:34 | 00,019,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdspx.sys
[2008/12/18 14:21:33 | 00,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusbusd.dll
[2008/12/18 14:21:33 | 00,013,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdasync.sys
[2008/12/18 14:21:32 | 00,358,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpincl.dll
[2008/12/18 14:21:32 | 00,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpsmir.dll
[2008/12/18 14:21:32 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpthrd.dll
[2008/12/18 14:21:32 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpstup.dll
[2008/12/18 14:21:32 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmptrap.exe
[2008/12/18 14:21:32 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll
[2008/12/18 14:21:32 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpmib.dll
[2008/12/18 14:21:31 | 00,456,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpsvc.dll
[2008/12/18 14:21:31 | 00,259,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpcl.dll
[2008/12/18 14:21:31 | 00,236,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smi2smir.exe
[2008/12/18 14:21:31 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm9aw.dll
[2008/12/18 14:21:31 | 00,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmp.exe
[2008/12/18 14:21:31 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb6w.dll
[2008/12/18 14:21:31 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma3w.dll
[2008/12/18 14:21:31 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm93w.dll
[2008/12/18 14:21:31 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsm.dll
[2008/12/18 14:21:31 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll
[2008/12/18 14:21:31 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smimsgif.dll
[2008/12/18 14:21:31 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsy.dll
[2008/12/18 14:21:30 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm87w.dll
[2008/12/18 14:21:30 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm81w.dll
[2008/12/18 14:21:30 | 00,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8cw.dll
[2008/12/18 14:21:30 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm92w.dll
[2008/12/18 14:21:30 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm90w.dll
[2008/12/18 14:21:30 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8dw.dll
[2008/12/18 14:21:30 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8aw.dll
[2008/12/18 14:21:30 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm89w.dll
[2008/12/18 14:21:30 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm59w.dll
[2008/12/18 14:21:30 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\simptcp.dll
[2008/12/18 14:21:29 | 00,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2008/12/18 14:21:29 | 00,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2008/12/18 14:21:29 | 00,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_scripto.dll
[2008/12/18 14:21:29 | 00,029,184 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll
[2008/12/18 14:21:29 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seos.dll
[2008/12/18 14:21:28 | 00,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rw001ext.dll
[2008/12/18 14:21:28 | 00,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe
[2008/12/18 14:21:28 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe
[2008/12/18 14:21:27 | 00,020,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ramdisk.sys
[2008/12/18 14:21:27 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quser.exe
[2008/12/18 14:21:27 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe
[2008/12/18 14:21:26 | 00,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxviceo.dll
[2008/12/18 14:21:26 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxmcro.dll
[2008/12/18 14:21:26 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxgl.dll
[2008/12/18 14:21:24 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll
[2008/12/18 14:21:23 | 00,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtstocom.exe
[2008/12/18 14:21:22 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msiregmv.exe
[2008/12/18 14:21:19 | 00,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.sys
[2008/12/18 14:21:19 | 00,092,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.dll
[2008/12/18 14:21:19 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll
[2008/12/18 14:21:19 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lprmon.dll
[2008/12/18 14:21:19 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migregdb.exe
[2008/12/18 14:21:18 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lmmib2.dll
[2008/12/18 14:21:18 | 00,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lpdsvc.dll
[2008/12/18 14:21:17 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth3.dll
[2008/12/18 14:21:17 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth2.dll
[2008/12/18 14:21:17 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdvntc.dll
[2008/12/18 14:21:17 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdusa.dll
[2008/12/18 14:21:17 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdurdu.dll
[2008/12/18 14:21:17 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth1.dll
[2008/12/18 14:21:17 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth0.dll
[2008/12/18 14:21:17 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr2.dll
[2008/12/18 14:21:17 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr1.dll
[2008/12/18 14:21:17 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintel.dll
[2008/12/18 14:21:17 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintam.dll
[2008/12/18 14:21:16 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinpun.dll
[2008/12/18 14:21:16 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinmar.dll
[2008/12/18 14:21:16 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinkan.dll
[2008/12/18 14:21:16 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinhin.dll
[2008/12/18 14:21:16 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinguj.dll
[2008/12/18 14:21:16 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdindev.dll
[2008/12/18 14:21:16 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdheb.dll
[2008/12/18 14:21:16 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdfa.dll
[2008/12/18 14:21:16 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv2.dll
[2008/12/18 14:21:16 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv1.dll
[2008/12/18 14:21:16 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda3.dll
[2008/12/18 14:21:16 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda2.dll
[2008/12/18 14:21:16 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda1.dll
[2008/12/18 14:21:16 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgeo.dll
[2008/12/18 14:21:16 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarmw.dll
[2008/12/18 14:21:16 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarme.dll
[2008/12/18 14:21:15 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iprip.dll
[2008/12/18 14:21:15 | 00,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jupiw.dll
[2008/12/18 14:21:06 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hostmib.dll
[2008/12/18 14:21:05 | 00,562,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsst.dll
[2008/12/18 14:21:05 | 00,400,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsxp32.dll
[2008/12/18 14:21:05 | 00,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxstiff.dll
[2008/12/18 14:21:05 | 00,285,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscomex.dll
[2008/12/18 14:21:05 | 00,267,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssvc.exe
[2008/12/18 14:21:05 | 00,246,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxst30.dll
[2008/12/18 14:21:05 | 00,229,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscover.exe
[2008/12/18 14:21:05 | 00,192,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxswzrd.dll
[2008/12/18 14:21:05 | 00,154,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsui.dll
[2008/12/18 14:21:05 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsevent.dll
[2008/12/18 14:21:05 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsroute.dll
[2008/12/18 14:21:05 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsdrv.dll
[2008/12/18 14:21:05 | 00,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsmon.dll
[2008/12/18 14:21:05 | 00,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsext32.dll
[2008/12/18 14:21:05 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssend.exe
[2008/12/18 14:21:05 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsperf.dll
[2008/12/18 14:21:05 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsres.dll
[2008/12/18 14:21:04 | 00,618,605 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4autl.dll
[2008/12/18 14:21:04 | 00,451,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsapi.dll
[2008/12/18 14:21:04 | 00,142,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclnt.exe
[2008/12/18 14:21:04 | 00,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclntr.dll
[2008/12/18 14:21:04 | 00,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscfgwz.dll
[2008/12/18 14:21:04 | 00,094,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fpencode.dll
[2008/12/18 14:21:04 | 00,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscom.dll
[2008/12/18 14:21:04 | 00,024,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmcgi.exe
[2008/12/18 14:21:04 | 00,020,541 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmdll.dll
[2008/12/18 14:21:04 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe
[2008/12/18 14:21:04 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftlx041e.dll
[2008/12/18 14:21:03 | 00,101,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntagnt.dll
[2008/12/18 14:21:03 | 00,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntwin.exe
[2008/12/18 14:21:03 | 00,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll
[2008/12/18 14:21:03 | 00,045,056 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll
[2008/12/18 14:21:03 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll
[2008/12/18 14:21:03 | 00,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll
[2008/12/18 14:21:03 | 00,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\et4000.sys
[2008/12/18 14:21:03 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntcmd.exe
[2008/12/18 14:21:02 | 00,514,587 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\edb500.dll
[2008/12/18 14:21:00 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cprofile.exe
[2008/12/18 14:20:58 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgport.exe
[2008/12/18 14:20:58 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgusr.exe
[2008/12/18 14:20:58 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chglogon.exe
[2008/12/18 14:20:58 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\change.exe
[2008/12/18 14:20:57 | 00,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2008/12/18 14:20:57 | 00,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_iscii.dll
[2008/12/18 14:20:53 | 00,331,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aqueue.dll
[2008/12/18 14:20:53 | 00,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll
[2008/12/18 14:20:53 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt040d.dll
[2008/12/18 14:20:53 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0401.dll
[2008/12/18 14:20:52 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll
[2008/12/18 14:20:51 | 00,032,827 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptest.exe
[2008/12/18 14:20:51 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptsat.dll
[2008/12/18 14:20:50 | 00,020,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.dll
[2008/12/18 14:20:50 | 00,016,437 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.exe
[2008/12/18 14:20:49 | 00,020,538 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpremadm.exe
[2008/12/18 14:20:48 | 00,876,653 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4awel.dll
[2008/12/18 14:20:48 | 00,598,071 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmc.dll
[2008/12/18 14:20:48 | 00,208,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmcsat.dll
[2008/12/18 14:20:48 | 00,188,494 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpcount.exe
[2008/12/18 14:20:48 | 00,109,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98swin.exe
[2008/12/18 14:20:48 | 00,102,509 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4atxt.dll
[2008/12/18 14:20:48 | 00,049,212 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4awebs.dll
[2008/12/18 14:20:48 | 00,049,210 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4areg.dll
[2008/12/18 14:20:48 | 00,041,020 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4avnb.dll
[2008/12/18 14:20:48 | 00,032,826 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4avss.dll
[2008/12/18 14:20:48 | 00,020,541 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpexedll.dll
[2008/12/18 14:20:48 | 00,014,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98sadm.exe
[2008/12/18 14:20:47 | 00,188,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cfgwiz.exe
[2008/12/18 14:20:47 | 00,184,435 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4amsft.dll
[2008/12/18 14:20:47 | 00,147,513 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4apws.dll
[2008/12/18 14:20:47 | 00,082,035 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4anscp.dll
[2008/12/18 14:20:47 | 00,020,540 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.dll
[2008/12/18 14:20:47 | 00,016,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.exe
[2008/12/18 14:20:47 | 00,016,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.exe
[2008/12/18 14:20:45 | 00,020,540 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.dll
[2008/12/18 14:20:43 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom
[2008/12/18 14:20:43 | 00,000,000 | ---D | C] -- C:\Program Files\xerox
[2008/12/18 14:20:43 | 00,000,000 | ---D | C] -- C:\Program Files\microsoft frontpage
[2008/12/18 14:20:36 | 00,002,577 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT
[2008/12/18 14:20:36 | 00,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2008/12/18 14:20:36 | 00,000,000 | RHS- | C] () -- C:\IO.SYS
[2008/12/18 14:20:36 | 00,000,000 | ---- | C] () -- C:\WINDOWS\control.ini
[2008/12/18 14:20:36 | 00,000,000 | ---- | C] () -- C:\CONFIG.SYS
[2008/12/18 14:20:36 | 00,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT
[2008/12/18 14:20:34 | 00,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2008/12/18 14:20:34 | 00,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2008/12/18 14:20:33 | 00,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2008/12/18 14:20:26 | 00,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mapi32.dll
[2008/12/18 14:19:53 | 00,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files
[2008/12/18 14:19:53 | 00,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages
[2008/12/18 14:19:46 | 00,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate
[2008/12/18 14:19:38 | 04,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex
[2008/12/18 14:19:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX
[2008/12/18 14:19:29 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\notiflag.exe
[2008/12/18 14:19:29 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atrace.dll
[2008/12/18 14:19:29 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\atrace.dll
[2008/12/18 14:19:28 | 00,099,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helphost.exe
[2008/12/18 14:19:28 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\brpinfo.dll
[2008/12/18 14:19:28 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hcappres.dll
[2008/12/18 14:19:27 | 00,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2008/12/18 14:19:27 | 00,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2008/12/18 14:19:27 | 00,000,002 | ---- | C] () -- C:\WINDOWS\System32\desktop.ini
[2008/12/18 14:19:27 | 00,000,002 | ---- | C] () -- C:\WINDOWS\desktop.ini
[2008/12/18 14:19:22 | 00,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msg723.acm
[2008/12/18 14:19:22 | 00,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srdiag.exe
[2008/12/18 14:19:22 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmevtmsg.dll
[2008/12/18 14:19:22 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmevtmsg.dll
[2008/12/18 14:19:22 | 00,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf
[2008/12/18 14:19:21 | 00,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\acctres.dll
[2008/12/18 14:19:21 | 00,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\acctres.dll
[2008/12/18 14:19:21 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msinfo32.exe
[2008/12/18 14:19:21 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wb32.exe
[2008/12/18 14:19:21 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cb32.exe
[2008/12/18 14:19:20 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Services
[2008/12/18 14:19:19 | 00,000,065 | RH-- | C] () -- C:\WINDOWS\tasks\desktop.ini
[2008/12/18 14:19:18 | 00,235,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssoap1.dll
[2008/12/18 14:19:18 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwtutor.exe
[2008/12/18 14:19:18 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwres.dll
[2008/12/18 14:19:18 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trialoc.dll
[2008/12/18 14:19:18 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wisc10.dll
[2008/12/18 14:19:18 | 00,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssoapr.dll
[2008/12/18 14:19:18 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icfgnt5.dll
[2008/12/18 14:19:18 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isignup.exe
[2008/12/18 14:19:18 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icfgnt5.dll
[2008/12/18 14:19:18 | 00,000,000 | --SD | C] -- C:\WINDOWS\Tasks
[2008/12/18 14:19:18 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap
[2008/12/18 14:19:17 | 00,093,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieinfo5.ocx
[2008/12/18 14:19:16 | 00,726,078 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srchui.dll
[2008/12/18 14:19:16 | 00,058,434 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srchctls.dll
[2008/12/18 14:19:15 | 03,166,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msgr3en.dll
[2008/12/18 14:19:15 | 00,765,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vgx.dll
[2008/12/18 14:19:15 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed
[2008/12/18 14:19:15 | 00,000,000 | ---D | C] -- C:\WINDOWS\srchasst
[2008/12/18 14:19:14 | 00,786,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migrate.exe
[2008/12/18 14:19:14 | 00,774,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setup_wm.exe
[2008/12/18 14:19:14 | 00,368,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpvis.dll
[2008/12/18 14:19:14 | 00,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpns.dll
[2008/12/18 14:19:14 | 00,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpband.dll
[2008/12/18 14:19:14 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\custsat.dll
[2008/12/18 14:19:13 | 00,364,544 | ---- | C] (Microsoft Corporation (written by Digital Renaissance Inc.)) -- C:\WINDOWS\System32\dllcache\npdsplay.dll
[2008/12/18 14:19:13 | 00,226,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npdrmv2.dll
[2008/12/18 14:19:13 | 00,202,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuweb.dll
[2008/12/18 14:19:13 | 00,202,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuweb.dll
[2008/12/18 14:19:13 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmplayer.exe
[2008/12/18 14:19:13 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npwmsdrm.dll
[2008/12/18 14:19:13 | 00,004,639 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplayer2.exe
[2008/12/18 14:19:12 | 01,809,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng.dll
[2008/12/18 14:19:12 | 01,809,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaueng.dll
[2008/12/18 14:19:12 | 00,561,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll
[2008/12/18 14:19:12 | 00,561,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuapi.dll
[2008/12/18 14:19:12 | 00,409,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qmgr.dll
[2008/12/18 14:19:12 | 00,409,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qmgr.dll
[2008/12/18 14:19:12 | 00,323,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll
[2008/12/18 14:19:12 | 00,323,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wucltui.dll
[2008/12/18 14:19:12 | 00,213,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaucpl.cpl
[2008/12/18 14:19:12 | 00,213,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaucpl.cpl
[2008/12/18 14:19:12 | 00,183,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng1.dll
[2008/12/18 14:19:12 | 00,183,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaueng1.dll
[2008/12/18 14:19:12 | 00,165,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauclt1.exe
[2008/12/18 14:19:12 | 00,165,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauclt1.exe
[2008/12/18 14:19:12 | 00,051,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauclt.exe
[2008/12/18 14:19:12 | 00,051,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauclt.exe
[2008/12/18 14:19:12 | 00,034,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wups.dll
[2008/12/18 14:19:12 | 00,034,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wups.dll
[2008/12/18 14:19:12 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qmgrprxy.dll
[2008/12/18 14:19:12 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qmgrprxy.dll
[2008/12/18 14:19:12 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bitsprx2.dll
[2008/12/18 14:19:12 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx2.dll
[2008/12/18 14:19:12 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bitsprx4.dll
[2008/12/18 14:19:12 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bitsprx3.dll
[2008/12/18 14:19:12 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx4.dll
[2008/12/18 14:19:12 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx3.dll
[2008/12/18 14:19:12 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauserv.dll
[2008/12/18 14:19:12 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauserv.dll
[2008/12/18 14:19:10 | 04,256,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2res.dll
[2008/12/18 14:19:10 | 00,502,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2fxa.dll
[2008/12/18 14:19:10 | 00,402,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2filt.dll
[2008/12/18 14:19:10 | 00,325,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2fxb.dll
[2008/12/18 14:19:10 | 00,167,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2ae.dll
[2008/12/18 14:19:10 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2ext.dll
[2008/12/18 14:19:10 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2res2.dll
[2008/12/18 14:19:10 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2eres.dll
[2008/12/18 14:19:09 | 03,558,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\moviemk.exe
[2008/12/18 14:19:09 | 00,000,000 | ---D | C] -- C:\Program Files\Movie Maker
[2008/12/18 14:18:59 | 00,565,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobmain.dll
[2008/12/18 14:18:59 | 00,122,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobcomm.dll
[2008/12/18 14:18:59 | 00,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oobebaln.exe
[2008/12/18 14:18:59 | 00,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobshel.dll
[2008/12/18 14:18:59 | 00,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoobe.exe
[2008/12/18 14:18:59 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobweb.dll
[2008/12/18 14:18:59 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobdl.dll
[2008/12/18 14:18:57 | 00,150,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uploadm.exe
[2008/12/18 14:18:56 | 00,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pchshell.dll
[2008/12/18 14:18:56 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrslv.dll
[2008/12/18 14:18:56 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\safrslv.dll
[2008/12/18 14:18:56 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrcdlg.dll
[2008/12/18 14:18:56 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\racpldlg.dll
[2008/12/18 14:18:56 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\safrcdlg.dll
[2008/12/18 14:18:56 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\racpldlg.dll
[2008/12/18 14:18:56 | 00,038,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pchsvc.dll
[2008/12/18 14:18:56 | 00,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrdm.dll
[2008/12/18 14:18:56 | 00,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\safrdm.dll
[2008/12/18 14:18:55 | 00,769,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpctr.exe
[2008/12/18 14:18:55 | 00,744,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe
[2008/12/18 14:18:55 | 00,376,832 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msinfo.dll
[2008/12/18 14:18:55 | 00,169,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msconfig.exe
[2008/12/18 14:18:55 | 00,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hscupd.exe
[2008/12/18 14:18:54 | 00,380,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rstrui.exe
[2008/12/18 14:18:54 | 00,239,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srrstr.dll
[2008/12/18 14:18:54 | 00,239,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srrstr.dll
[2008/12/18 14:18:54 | 00,171,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srsvc.dll
[2008/12/18 14:18:54 | 00,171,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srsvc.dll
[2008/12/18 14:18:54 | 00,129,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\fltMgr.sys
[2008/12/18 14:18:54 | 00,129,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fltmgr.sys
[2008/12/18 14:18:54 | 00,073,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sr.sys
[2008/12/18 14:18:54 | 00,073,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sr.sys
[2008/12/18 14:18:54 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srclient.dll
[2008/12/18 14:18:54 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srclient.dll
[2008/12/18 14:18:54 | 00,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fltMc.exe
[2008/12/18 14:18:54 | 00,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fltmc.exe
[2008/12/18 14:18:54 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fltlib.dll
[2008/12/18 14:18:54 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fltlib.dll
[2008/12/18 14:18:54 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore
[2008/12/18 14:18:53 | 00,229,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmas.dll
[2008/12/18 14:18:53 | 00,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msh261.drv
[2008/12/18 14:18:53 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ils.dll
[2008/12/18 14:18:53 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ils.dll
[2008/12/18 14:18:53 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msconf.dll
[2008/12/18 14:18:53 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msconf.dll
[2008/12/18 14:18:53 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dcap32.dll
[2008/12/18 14:18:53 | 00,034,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mnmdd.dll
[2008/12/18 14:18:53 | 00,034,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mnmdd.dll
[2008/12/18 14:18:53 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mnmsrvc.exe
[2008/12/18 14:18:53 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mnmsrvc.exe
[2008/12/18 14:18:53 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmmkcert.dll
[2008/12/18 14:18:53 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmmkcert.dll
[2008/12/18 14:18:53 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmasnt.dll
[2008/12/18 14:18:52 | 00,385,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\callcont.dll
[2008/12/18 14:18:52 | 00,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mst120.dll
[2008/12/18 14:18:52 | 00,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nac.dll
[2008/12/18 14:18:52 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmcom.dll
[2008/12/18 14:18:52 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rrcm.dll
[2008/12/18 14:18:52 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mst123.dll
[2008/12/18 14:18:52 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\h323cc.dll
[2008/12/18 14:18:52 | 00,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\confmrsl.dll
[2008/12/18 14:18:51 | 01,032,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\conf.exe
[2008/12/18 14:18:51 | 00,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoeacct.dll
[2008/12/18 14:18:51 | 00,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoeacct.dll
[2008/12/18 14:18:51 | 00,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmwb.dll
[2008/12/18 14:18:51 | 00,172,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmoldwb.dll
[2008/12/18 14:18:51 | 00,151,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmft.dll
[2008/12/18 14:18:51 | 00,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoert2.dll
[2008/12/18 14:18:51 | 00,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoert2.dll
[2008/12/18 14:18:51 | 00,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wabimp.dll
[2008/12/18 14:18:51 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmchat.dll
[2008/12/18 14:18:51 | 00,046,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab.exe
[2008/12/18 14:18:51 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wabfind.dll
[2008/12/18 14:18:51 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wabmig.exe
[2008/12/18 14:18:51 | 00,000,000 | ---D | C] -- C:\Program Files\NetMeeting
[2008/12/18 14:18:50 | 00,691,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcomm.dll
[2008/12/18 14:18:50 | 00,691,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcomm.dll
[2008/12/18 14:18:50 | 00,510,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab32.dll
[2008/12/18 14:18:50 | 00,249,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab32res.dll
[2008/12/18 14:18:50 | 00,104,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oeimport.dll
[2008/12/18 14:18:50 | 00,086,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\directdb.dll
[2008/12/18 14:18:50 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msimn.exe
[2008/12/18 14:18:50 | 00,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetres.dll
[2008/12/18 14:18:50 | 00,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetres.dll
[2008/12/18 14:18:49 | 02,479,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoeres.dll
[2008/12/18 14:18:49 | 01,314,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoe.dll
[2008/12/18 14:18:49 | 00,274,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstask.dll
[2008/12/18 14:18:49 | 00,274,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstask.dll
[2008/12/18 14:18:49 | 00,192,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\schedsvc.dll
[2008/12/18 14:18:49 | 00,192,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\schedsvc.dll
[2008/12/18 14:18:49 | 00,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setup50.exe
[2008/12/18 14:18:49 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oemig50.exe
[2008/12/18 14:18:49 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oemiglib.dll
[2008/12/18 14:18:49 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstinit.exe
[2008/12/18 14:18:49 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstinit.exe
[2008/12/18 14:18:49 | 00,000,000 | ---D | C] -- C:\Program Files\Outlook Express
[2008/12/18 14:18:48 | 00,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcfg.dll
[2008/12/18 14:18:48 | 00,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcfg.dll
[2008/12/18 14:18:48 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\isign32.dll
[2008/12/18 14:18:48 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isign32.dll
[2008/12/18 14:18:48 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwdial.dll
[2008/12/18 14:18:48 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwdial.dll
[2008/12/18 14:18:48 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwphbk.dll
[2008/12/18 14:18:48 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwphbk.dll
[2008/12/18 14:18:47 | 00,554,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dao360.dll
[2008/12/18 14:18:47 | 00,217,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sqlxmlx.dll
[2008/12/18 14:18:47 | 00,214,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwconn1.exe
[2008/12/18 14:18:47 | 00,172,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwhelp.dll
[2008/12/18 14:18:47 | 00,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwconn2.exe
[2008/12/18 14:18:47 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwconn.dll
[2008/12/18 14:18:47 | 00,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwutil.dll
[2008/12/18 14:18:47 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwdl.dll
[2008/12/18 14:18:47 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwrmind.exe
[2008/12/18 14:18:47 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetwiz.exe
[2008/12/18 14:18:46 | 00,487,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oledb32.dll
[2008/12/18 14:18:46 | 00,315,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdasql.dll
[2008/12/18 14:18:46 | 00,204,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaps.dll
[2008/12/18 14:18:46 | 00,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdatl3.dll
[2008/12/18 14:18:46 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaosp.dll
[2008/12/18 14:18:46 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oledb32r.dll
[2008/12/18 14:18:46 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxactps.dll
[2008/12/18 14:18:46 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdatt.dll
[2008/12/18 14:18:46 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdasqlr.dll
[2008/12/18 14:18:46 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaurl.dll
[2008/12/18 14:18:46 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdasc.dll
[2008/12/18 14:18:45 | 00,536,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado15.dll
[2008/12/18 14:18:45 | 00,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaora.dll
[2008/12/18 14:18:45 | 00,200,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadox.dll
[2008/12/18 14:18:45 | 00,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadomd.dll
[2008/12/18 14:18:45 | 00,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdarem.dll
[2008/12/18 14:18:45 | 00,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msjro.dll
[2008/12/18 14:18:45 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado27.tlb
[2008/12/18 14:18:45 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado26.tlb
[2008/12/18 14:18:45 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado25.tlb
[2008/12/18 14:18:45 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado21.tlb
[2008/12/18 14:18:45 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado20.tlb
[2008/12/18 14:18:45 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadrh15.dll
[2008/12/18 14:18:45 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msador15.dll
[2008/12/18 14:18:45 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msader15.dll
[2008/12/18 14:18:45 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaorar.dll
[2008/12/18 14:18:45 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaer.dll
[2008/12/18 14:18:45 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaenum.dll
[2008/12/18 14:18:45 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdadc.dll
[2008/12/18 14:18:44 | 00,331,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadce.dll
[2008/12/18 14:18:44 | 00,200,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaprst.dll
[2008/12/18 14:18:44 | 00,155,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadds.dll
[2008/12/18 14:18:44 | 00,153,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\triedit.dll
[2008/12/18 14:18:44 | 00,143,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadco.dll
[2008/12/18 14:18:44 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcf.dll
[2008/12/18 14:18:44 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcs.dll
[2008/12/18 14:18:44 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdfmap.dll
[2008/12/18 14:18:44 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msaddsr.dll
[2008/12/18 14:18:44 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcer.dll
[2008/12/18 14:18:44 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaremr.dll
[2008/12/18 14:18:44 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaprsr.dll
[2008/12/18 14:18:44 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcor.dll
[2008/12/18 14:18:44 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcfr.dll
[2008/12/18 14:18:44 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\System
[2008/12/18 14:18:43 | 00,128,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dhtmled.ocx
[2008/12/18 14:18:43 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedw.exe
[2008/12/18 14:18:43 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hmmapi.dll
[2008/12/18 14:18:42 | 00,633,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iexplore.exe
[2008/12/18 14:18:41 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Pictures
[2008/12/18 14:18:41 | 00,000,000 | ---D | C] -- C:\Program Files\Internet Explorer
[2008/12/18 14:18:39 | 00,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008/12/18 14:18:30 | 00,000,000 | ---D | C] -- C:\Program Files\ComPlus Applications
[2008/12/18 14:18:29 | 00,000,037 | ---- | C] () -- C:\WINDOWS\vbaddin.ini
[2008/12/18 14:18:29 | 00,000,036 | ---- | C] () -- C:\WINDOWS\vb.ini
[2008/12/18 14:18:25 | 00,000,000 | ---D | C] -- C:\WINDOWS\Registration
[2008/12/18 14:18:04 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Music
[2008/12/18 14:18:04 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Media Player
[2008/12/18 14:18:04 | 00,000,000 | ---D | C] -- C:\Program Files\Online Services
[2008/12/18 14:18:00 | 00,000,000 | ---D | C] -- C:\Program Files\Messenger
[2008/12/18 14:17:59 | 01,817,687 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgres.dll
[2008/12/18 14:17:59 | 00,780,885 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrres.dll
[2008/12/18 14:17:59 | 00,753,236 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvseres.dll
[2008/12/18 14:17:59 | 00,082,501 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckg.dll
[2008/12/18 14:17:59 | 00,048,706 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvse.dll
[2008/12/18 14:17:59 | 00,042,577 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgzm.exe
[2008/12/18 14:17:59 | 00,042,575 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrzm.exe
[2008/12/18 14:17:59 | 00,042,574 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvsezm.exe
[2008/12/18 14:17:59 | 00,042,573 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlzm.exe
[2008/12/18 14:17:59 | 00,040,515 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkr.dll
[2008/12/18 14:17:58 | 02,178,131 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlres.dll
[2008/12/18 14:17:58 | 01,175,635 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzres.dll
[2008/12/18 14:17:58 | 01,039,955 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnresm.dll
[2008/12/18 14:17:58 | 00,113,222 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zoneclim.dll
[2008/12/18 14:17:58 | 00,066,113 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvl.dll
[2008/12/18 14:17:58 | 00,057,409 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtz.dll
[2008/12/18 14:17:58 | 00,042,573 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzzm.exe
[2008/12/18 14:17:58 | 00,041,029 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zcorem.dll
[2008/12/18 14:17:58 | 00,032,339 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniansi.dll
[2008/12/18 14:17:58 | 00,013,894 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zonelibm.dll
[2008/12/18 14:17:58 | 00,004,677 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zeeverm.dll
[2008/12/18 14:17:57 | 00,217,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnclim.dll
[2008/12/18 14:17:57 | 00,036,937 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zclientm.exe
[2008/12/18 14:17:57 | 00,029,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\znetm.dll
[2008/12/18 14:17:57 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\write.exe
[2008/12/18 14:17:57 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\write.exe
[2008/12/18 14:17:57 | 00,000,000 | ---D | C] -- C:\Program Files\MSN Gaming Zone
[2008/12/18 14:17:51 | 00,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndvol32.exe
[2008/12/18 14:17:51 | 00,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndvol32.exe
[2008/12/18 14:17:50 | 00,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avtapi.dll
[2008/12/18 14:17:50 | 00,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avtapi.dll
[2008/12/18 14:17:50 | 00,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avwav.dll
[2008/12/18 14:17:50 | 00,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avwav.dll
[2008/12/18 14:17:50 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winchat.exe
[2008/12/18 14:17:50 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winchat.exe
[2008/12/18 14:17:50 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avmeter.dll
[2008/12/18 14:17:50 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avmeter.dll
[2008/12/18 14:17:47 | 00,065,954 | ---- | C] () -- C:\WINDOWS\Prairie Wind.bmp
[2008/12/18 14:17:47 | 00,065,832 | ---- | C] () -- C:\WINDOWS\Santa Fe Stucco.bmp
[2008/12/18 14:17:47 | 00,026,680 | ---- | C] () -- C:\WINDOWS\River Sumida.bmp
[2008/12/18 14:17:47 | 00,026,582 | ---- | C] () -- C:\WINDOWS\Greenstone.bmp
[2008/12/18 14:17:47 | 00,017,362 | ---- | C] () -- C:\WINDOWS\Rhododendron.bmp
[2008/12/18 14:17:47 | 00,017,336 | ---- | C] () -- C:\WINDOWS\Gone Fishing.bmp
[2008/12/18 14:17:47 | 00,009,522 | ---- | C] () -- C:\WINDOWS\Zapotec.bmp
[2008/12/18 14:17:46 | 00,605,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\getuname.dll
[2008/12/18 14:17:46 | 00,605,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\getuname.dll
[2008/12/18 14:17:46 | 00,065,978 | ---- | C] () -- C:\WINDOWS\Soap Bubbles.bmp
[2008/12/18 14:17:46 | 00,017,062 | ---- | C] () -- C:\WINDOWS\Coffee Bean.bmp
[2008/12/18 14:17:46 | 00,016,730 | ---- | C] () -- C:\WINDOWS\FeatherTexture.bmp
[2008/12/18 14:17:46 | 00,001,272 | ---- | C] () -- C:\WINDOWS\Blue Lace 16.bmp
[2008/12/18 14:17:45 | 00,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mshearts.exe
[2008/12/18 14:17:45 | 00,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshearts.exe
[2008/12/18 14:17:45 | 00,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winmine.exe
[2008/12/18 14:17:45 | 00,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmine.exe
[2008/12/18 14:17:45 | 00,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\calc.exe
[2008/12/18 14:17:45 | 00,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\calc.exe
[2008/12/18 14:17:45 | 00,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\charmap.exe
[2008/12/18 14:17:45 | 00,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\charmap.exe
[2008/12/18 14:17:45 | 00,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sol.exe
[2008/12/18 14:17:45 | 00,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sol.exe
[2008/12/18 14:17:45 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\freecell.exe
[2008/12/18 14:17:45 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\freecell.exe
[2008/12/18 14:17:44 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\regini.exe
[2008/12/18 14:17:44 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\regini.exe
[2008/12/18 14:17:44 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qwinsta.exe
[2008/12/18 14:17:44 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qwinsta.exe
[2008/12/18 14:17:44 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msg.exe
[2008/12/18 14:17:44 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msg.exe
[2008/12/18 14:17:44 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsshutdn.exe
[2008/12/18 14:17:44 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qappsrv.exe
[2008/12/18 14:17:44 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsshutdn.exe
[2008/12/18 14:17:44 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qappsrv.exe
[2008/12/18 14:17:44 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tskill.exe
[2008/12/18 14:17:44 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tskill.exe
[2008/12/18 14:17:44 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rwinsta.exe
[2008/12/18 14:17:44 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rwinsta.exe
[2008/12/18 14:17:44 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cdmodem.dll
[2008/12/18 14:17:44 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cdmodem.dll
[2008/12/18 14:17:44 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\logoff.exe
[2008/12/18 14:17:44 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logoff.exe
[2008/12/18 14:17:44 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsdiscon.exe
[2008/12/18 14:17:44 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscon.exe
[2008/12/18 14:17:44 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\shadow.exe
[2008/12/18 14:17:44 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsdiscon.exe
[2008/12/18 14:17:44 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscon.exe
[2008/12/18 14:17:44 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shadow.exe
[2008/12/18 14:17:44 | 00,013,223 | ---- | C] () -- C:\WINDOWS\System32\tslabels.ini
[2008/12/18 14:17:44 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\reset.exe
[2008/12/18 14:17:44 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\reset.exe
[2008/12/18 14:17:44 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpcfgex.dll
[2008/12/18 14:17:44 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpcfgex.dll
[2008/12/18 14:17:44 | 00,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h
[2008/12/18 14:17:44 | 00,001,161 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2008/12/18 14:17:43 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmi2xml.dll
[2008/12/18 14:17:43 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtsadmin.tlb
[2008/12/18 14:17:43 | 00,001,931 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.ini
[2008/12/18 14:17:43 | 00,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h
[2008/12/18 14:17:41 | 00,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\updprov.dll
[2008/12/18 14:17:41 | 00,075,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipicmp.dll
[2008/12/18 14:17:41 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmimsg.dll
[2008/12/18 14:17:41 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemdisp.tlb
[2008/12/18 14:17:41 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trnsprov.dll
[2008/12/18 14:17:41 | 00,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmitimep.dll
[2008/12/18 14:17:41 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.tlb
[2008/12/18 14:17:41 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unsecapp.exe
[2008/12/18 14:17:41 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmtr.dll
[2008/12/18 14:17:41 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmt.exe
[2008/12/18 14:17:41 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.dll
[2008/12/18 14:17:40 | 00,273,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msiprov.dll
[2008/12/18 14:17:40 | 00,120,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsprov.dll
[2008/12/18 14:17:40 | 00,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc
[2008/12/18 14:17:40 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmplprov.dll
[2008/12/18 14:17:40 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fwdprov.dll
[2008/12/18 14:17:40 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpcons.dll
[2008/12/18 14:17:34 | 00,000,000 | ---D | C] -- C:\Program Files\MSN
[2008/12/18 14:17:33 | 00,281,088 | ---- | C] (Cinematronics) -- C:\WINDOWS\System32\dllcache\pinball.exe
[2008/12/18 14:17:33 | 00,214,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wordpad.exe
[2008/12/18 14:17:33 | 00,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\accwiz.exe
[2008/12/18 14:17:33 | 00,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\accwiz.exe
[2008/12/18 14:17:33 | 00,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndrec32.exe
[2008/12/18 14:17:33 | 00,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndrec32.exe
[2008/12/18 14:17:33 | 00,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mplay32.exe
[2008/12/18 14:17:33 | 00,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplay32.exe
[2008/12/18 14:17:33 | 00,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\access.cpl
[2008/12/18 14:17:33 | 00,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\access.cpl
[2008/12/18 14:17:32 | 00,539,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dialer.exe
[2008/12/18 14:17:32 | 00,538,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spider.exe
[2008/12/18 14:17:32 | 00,538,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spider.exe
[2008/12/18 14:17:32 | 00,343,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mspaint.exe
[2008/12/18 14:17:32 | 00,343,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspaint.exe
[2008/12/18 14:17:32 | 00,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clipbrd.exe
[2008/12/18 14:17:32 | 00,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clipbrd.exe
[2008/12/18 14:17:32 | 00,000,000 | ---D | C] -- C:\Program Files\Windows NT
[2008/12/18 14:17:31 | 00,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rhttpaa.dll
[2008/12/18 14:17:31 | 00,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rhttpaa.dll
[2008/12/18 14:17:31 | 00,139,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rdpwd.sys
[2008/12/18 14:17:31 | 00,139,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwd.sys
[2008/12/18 14:17:31 | 00,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aaclient.dll
[2008/12/18 14:17:31 | 00,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\aaclient.dll
[2008/12/18 14:17:31 | 00,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscfgwmi.dll
[2008/12/18 14:17:31 | 00,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscfgwmi.dll
[2008/12/18 14:17:31 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsgqec.dll
[2008/12/18 14:17:31 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsgqec.dll
[2008/12/18 14:17:31 | 00,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tdtcp.sys
[2008/12/18 14:17:31 | 00,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdtcp.sys
[2008/12/18 14:17:31 | 00,012,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tdpipe.sys
[2008/12/18 14:17:31 | 00,012,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdpipe.sys
[2008/12/18 14:17:31 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US
[2008/12/18 14:17:30 | 02,061,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstscax.dll
[2008/12/18 14:17:30 | 02,061,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lhmstscx.dll
[2008/12/18 14:17:30 | 00,677,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstsc.exe
[2008/12/18 14:17:30 | 00,677,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lhmstsc.exe
[2008/12/18 14:17:30 | 00,295,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\termsrv.dll
[2008/12/18 14:17:30 | 00,295,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\termsrv.dll
[2008/12/18 14:17:30 | 00,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdchost.dll
[2008/12/18 14:17:30 | 00,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdchost.dll
[2008/12/18 14:17:30 | 00,141,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sessmgr.exe
[2008/12/18 14:17:30 | 00,141,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sessmgr.exe
[2008/12/18 14:17:30 | 00,087,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpwsx.dll
[2008/12/18 14:17:30 | 00,087,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwsx.dll
[2008/12/18 14:17:30 | 00,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdshost.exe
[2008/12/18 14:17:30 | 00,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdshost.exe
[2008/12/18 14:17:30 | 00,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpclip.exe
[2008/12/18 14:17:30 | 00,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpclip.exe
[2008/12/18 14:17:30 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\remotepg.dll
[2008/12/18 14:17:30 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\remotepg.dll
[2008/12/18 14:17:30 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpsnd.dll
[2008/12/18 14:17:30 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qprocess.exe
[2008/12/18 14:17:30 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpsnd.dll
[2008/12/18 14:17:30 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qprocess.exe
[2008/12/18 14:17:30 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdsaddin.exe
[2008/12/18 14:17:30 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdsaddin.exe
[2008/12/18 14:17:29 | 00,956,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtctm.dll
[2008/12/18 14:17:29 | 00,956,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtctm.dll
[2008/12/18 14:17:29 | 00,427,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcprx.dll
[2008/12/18 14:17:29 | 00,427,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtcprx.dll
[2008/12/18 14:17:29 | 00,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcuiu.dll
[2008/12/18 14:17:29 | 00,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtcuiu.dll
[2008/12/18 14:17:29 | 00,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxoci.dll
[2008/12/18 14:17:29 | 00,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxoci.dll
[2008/12/18 14:17:29 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtclog.dll
[2008/12/18 14:17:29 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtclog.dll
[2008/12/18 14:17:29 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cfgbkend.dll
[2008/12/18 14:17:29 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cfgbkend.dll
[2008/12/18 14:17:29 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xolehlp.dll
[2008/12/18 14:17:29 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xolehlp.dll
[2008/12/18 14:17:29 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icaapi.dll
[2008/12/18 14:17:29 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icaapi.dll
[2008/12/18 14:17:29 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtc.exe
[2008/12/18 14:17:29 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtc.exe
[2008/12/18 14:17:29 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc
[2008/12/18 14:17:28 | 00,195,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comadmin.dll
[2008/12/18 14:17:28 | 00,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrepl.dll
[2008/12/18 14:17:28 | 00,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comrepl.dll
[2008/12/18 14:17:28 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\colbact.dll
[2008/12/18 14:17:28 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\colbact.dll
[2008/12/18 14:17:28 | 00,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxlegih.dll
[2008/12/18 14:17:28 | 00,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxlegih.dll
[2008/12/18 14:17:28 | 00,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxdm.dll
[2008/12/18 14:17:28 | 00,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxdm.dll
[2008/12/18 14:17:28 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comaddin.dll
[2008/12/18 14:17:28 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comaddin.dll
[2008/12/18 14:17:28 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrepl.exe
[2008/12/18 14:17:28 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dcomcnfg.exe
[2008/12/18 14:17:28 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrereg.exe
[2008/12/18 14:17:28 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dcomcnfg.exe
[2008/12/18 14:17:28 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxex.dll
[2008/12/18 14:17:28 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxex.dll
[2008/12/18 14:17:28 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Com
[2008/12/18 14:17:27 | 01,267,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comsvcs.dll
[2008/12/18 14:17:27 | 01,267,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsvcs.dll
[2008/12/18 14:17:27 | 00,625,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\catsrvut.dll
[2008/12/18 14:17:27 | 00,625,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvut.dll
[2008/12/18 14:17:27 | 00,539,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comuid.dll
[2008/12/18 14:17:27 | 00,539,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comuid.dll
[2008/12/18 14:17:27 | 00,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\catsrv.dll
[2008/12/18 14:17:27 | 00,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrv.dll
[2008/12/18 14:17:27 | 00,167,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comsnap.dll
[2008/12/18 14:17:27 | 00,167,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsnap.dll
[2008/12/18 14:17:27 | 00,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clbcatex.dll
[2008/12/18 14:17:27 | 00,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clbcatex.dll
[2008/12/18 14:17:27 | 00,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\catsrvps.dll
[2008/12/18 14:17:27 | 00,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvps.dll
[2008/12/18 14:17:27 | 00,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\stclient.dll
[2008/12/18 14:17:27 | 00,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\stclient.dll
[2008/12/18 14:17:26 | 00,498,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clbcatq.dll
[2008/12/18 14:17:26 | 00,498,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clbcatq.dll
[2008/12/18 14:17:26 | 00,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmisvc.dll
[2008/12/18 14:17:26 | 00,095,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiutils.dll
[2008/12/18 14:17:26 | 00,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipsess.dll
[2008/12/18 14:17:25 | 00,531,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcore.dll
[2008/12/18 14:17:25 | 00,437,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprvsd.dll
[2008/12/18 14:17:25 | 00,273,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemess.dll
[2008/12/18 14:17:25 | 00,218,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprvse.exe
[2008/12/18 14:17:25 | 00,214,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcomn.dll
[2008/12/18 14:17:25 | 00,197,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemupgd.dll
[2008/12/18 14:17:25 | 00,196,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiadap.exe
[2008/12/18 14:17:25 | 00,196,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcntl.dll
[2008/12/18 14:17:25 | 00,178,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemdisp.dll
[2008/12/18 14:17:25 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipcima.dll
[2008/12/18 14:17:25 | 00,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprov.dll
[2008/12/18 14:17:25 | 00,140,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmidcprv.dll
[2008/12/18 14:17:25 | 00,132,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipdskq.dll
[2008/12/18 14:17:25 | 00,126,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiapsrv.exe
[2008/12/18 14:17:25 | 00,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemtest.exe
[2008/12/18 14:17:25 | 00,088,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiaprpl.dll
[2008/12/18 14:17:25 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcons.dll
[2008/12/18 14:17:25 | 00,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipjobj.dll
[2008/12/18 14:17:25 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipiprt.dll
[2008/12/18 14:17:25 | 00,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmicookr.dll
[2008/12/18 14:17:25 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemsvc.dll
[2008/12/18 14:17:25 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemprox.dll
[2008/12/18 14:17:25 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiapres.dll
[2008/12/18 14:17:24 | 00,237,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\provthrd.dll
[2008/12/18 14:17:24 | 00,212,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntevt.dll
[2008/12/18 14:17:24 | 00,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\framedyn.dll
[2008/12/18 14:17:24 | 00,178,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\repdrvfs.dll
[2008/12/18 14:17:24 | 00,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\viewprov.dll
[2008/12/18 14:17:24 | 00,123,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mofd.dll
[2008/12/18 14:17:24 | 00,086,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\stdprov.dll
[2008/12/18 14:17:24 | 00,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ncprov.dll
[2008/12/18 14:17:24 | 00,036,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scrcons.exe
[2008/12/18 14:17:24 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\krnlprov.dll
[2008/12/18 14:17:24 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mofcomp.exe
[2008/12/18 14:17:23 | 01,358,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cimwin32.dll
[2008/12/18 14:17:23 | 00,472,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fastprox.dll
[2008/12/18 14:17:23 | 00,247,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\esscli.dll
[2008/12/18 14:17:23 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\servdeps.dll
[2008/12/18 14:17:23 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\servdeps.dll
[2008/12/18 14:17:23 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmfutil.dll
[2008/12/18 14:17:23 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mmfutil.dll
[2008/12/18 14:17:22 | 00,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmprops.dll
[2008/12/18 14:17:22 | 00,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmprops.dll
[2008/12/18 14:17:22 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\licwmi.dll
[2008/12/18 14:17:22 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\licwmi.dll
[2008/12/18 14:17:19 | 00,196,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rdpdr.sys
[2008/12/18 14:17:19 | 00,040,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\termdd.sys

========== Files - Modified Within 30 Days ==========

[1 C:\WINDOWS\System32\*.tmp files]
[3 C:\WINDOWS\*.tmp files]
[2008/12/23 11:59:49 | 22,333,728 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.dat
[2008/12/23 11:51:01 | 00,360,124 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2008/12/23 11:51:01 | 00,314,838 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2008/12/23 11:51:01 | 00,041,040 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2008/12/23 11:47:15 | 00,188,689 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2008/12/23 11:47:10 | 00,349,222 | ---- | M] () -- C:\WINDOWS\System32\vsconfig.xml
[2008/12/23 11:46:47 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2008/12/23 11:46:43 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2008/12/23 11:46:41 | 00,215,264 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008/12/23 11:46:08 | 00,300,824 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.idx
[2008/12/23 11:42:21 | 00,132,597 | ---- | M] () -- C:\Documents and Settings\user\Desktop\Flash_Disinfector.exe
[2008/12/23 11:41:59 | 00,010,501 | ---- | M] () -- C:\Documents and Settings\user\My Documents\FILES.docx
[2008/12/22 20:57:54 | 00,000,805 | ---- | M] () -- C:\rollback.ini
[2008/12/22 12:48:28 | 00,423,424 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\user\Desktop\OTViewIt.exe
[2008/12/22 12:45:02 | 00,002,422 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2008/12/21 13:28:41 | 00,001,587 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\DAZ Studio 2.3.lnk
[2008/12/21 12:14:01 | 05,891,590 | -H-- | M] () -- C:\Documents and Settings\user\Local Settings\Application Data\IconCache.db
[2008/12/21 12:10:29 | 01,033,216 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\user\Desktop\OTMoveIt3.exe
[2008/12/20 21:05:02 | 00,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2008/12/20 20:58:35 | 12,117,0212 | ---- | M] (BitRock SL) -- C:\Documents and Settings\user\Desktop\DAZStudio_2.3.3.89_win.exe
[2008/12/20 20:11:28 | 00,269,500 | ---- | M] () -- C:\Documents and Settings\user\My Documents\Malwarebytes_org Online Store.mht
[2008/12/20 15:59:38 | 00,003,421 | ---- | M] () -- C:\WINDOWS\CDPlayer.ini
[2008/12/19 20:19:46 | 00,000,734 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\HOSTS
[2008/12/19 18:29:45 | 00,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2008/12/19 16:55:07 | 00,781,851 | ---- | M] () -- C:\Documents and Settings\user\Desktop\RSIT.exe
[2008/12/19 16:29:15 | 00,004,212 | -H-- | M] () -- C:\WINDOWS\System32\zllictbl.dat
[2008/12/19 16:02:27 | 00,000,552 | ---- | M] () -- C:\WINDOWS\win.ini
[2008/12/19 15:12:54 | 00,087,608 | ---- | M] () -- C:\Documents and Settings\user\Application Data\inst.exe
[2008/12/19 15:12:54 | 00,047,360 | ---- | M] (VSO Software) -- C:\WINDOWS\System32\drivers\pcouffin.sys
[2008/12/19 15:12:54 | 00,047,360 | ---- | M] (VSO Software) -- C:\Documents and Settings\user\Application Data\pcouffin.sys
[2008/12/19 15:12:54 | 00,007,887 | ---- | M] () -- C:\Documents and Settings\user\Application Data\pcouffin.cat
[2008/12/19 15:12:54 | 00,001,144 | ---- | M] () -- C:\Documents and Settings\user\Application Data\pcouffin.inf
[2008/12/19 15:12:50 | 00,000,618 | ---- | M] () -- C:\Documents and Settings\user\Desktop\DVDFab 5.lnk
[2008/12/19 13:36:03 | 00,000,104 | ---- | M] () -- C:\Documents and Settings\user\Desktop\Shortcut to Internet.lnk
[2008/12/19 13:18:17 | 00,000,920 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Comic Collector.lnk
[2008/12/19 13:15:26 | 00,000,660 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\MediaMonkey.lnk
[2008/12/19 13:13:37 | 00,000,766 | ---- | M] () -- C:\Documents and Settings\user\Desktop\MailWasher Pro.lnk
[2008/12/19 12:37:08 | 00,002,422 | ---- | M] () -- C:\WINDOWS\System32\wpa.bak
[2008/12/19 01:15:59 | 00,005,208 | ---- | M] () -- C:\WINDOWS\System32\pid.PNF
[2008/12/19 01:12:33 | 00,000,231 | ---- | M] () -- C:\WINDOWS\system.ini
[2008/12/19 01:12:16 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\user\Application Data\desktop.ini
[2008/12/19 01:12:16 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\All Users\Documents\desktop.ini
[2008/12/19 01:12:16 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\desktop.ini
[2008/12/18 14:39:38 | 00,000,075 | -HS- | M] () -- C:\Documents and Settings\user\My Documents\desktop.ini
[2008/12/18 14:35:52 | 00,002,361 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Nero StartSmart Essentials.lnk
[2008/12/18 14:33:15 | 00,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2008/12/18 14:27:13 | 00,012,065 | ---- | M] () -- C:\WINDOWS\Ascd_log.ini
[2008/12/18 14:24:08 | 00,011,832 | ---- | M] () -- C:\WINDOWS\Ascd_tmp.ini
[2008/12/18 14:22:24 | 00,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD
[2008/12/18 14:21:43 | 00,000,261 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2008/12/18 14:20:41 | 00,000,084 | -HS- | M] () -- C:\Documents and Settings\user\Start Menu\Programs\Startup\desktop.ini
[2008/12/18 14:20:41 | 00,000,084 | -HS- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\desktop.ini
[2008/12/18 14:20:36 | 00,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2008/12/18 14:20:36 | 00,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2008/12/18 14:20:36 | 00,000,000 | RHS- | M] () -- C:\IO.SYS
[2008/12/18 14:20:36 | 00,000,000 | ---- | M] () -- C:\WINDOWS\control.ini
[2008/12/18 14:20:36 | 00,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2008/12/18 14:20:36 | 00,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2008/12/18 14:20:34 | 00,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2008/12/18 14:20:34 | 00,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2008/12/18 14:20:26 | 00,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2008/12/18 14:18:39 | 00,021,640 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008/12/18 14:18:29 | 00,000,037 | ---- | M] () -- C:\WINDOWS\vbaddin.ini
[2008/12/18 14:18:29 | 00,000,036 | ---- | M] () -- C:\WINDOWS\vb.ini
[2008/12/18 14:16:41 | 00,000,211 | -HS- | M] () -- C:\boot.ini
[2008/12/13 17:40:02 | 03,593,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mshtml.dll
[2008/12/13 17:40:02 | 03,593,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll
[2008/12/05 22:21:32 | 00,005,765 | ---- | M] () -- C:\Documents and Settings\user\My Documents\BILLING RECEIPT.mht
[2008/12/03 19:52:38 | 00,038,496 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2008/12/03 19:52:34 | 00,015,504 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2008/11/24 15:18:00 | 00,010,086 | ---- | M] () -- C:\Documents and Settings\user\My Documents\DVDCover.docx
< End of report >
OTViewIt Extras logfile created on: 12/23/2008 11:59:47 AM - Run 2
OTViewIt by OldTimer - Version 1.0.20.1 Folder = C:\Documents and Settings\user\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 100.00% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 931.50 Gb Total Space | 908.25 Gb Free Space | 97.50% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 298.09 Gb Total Space | 226.94 Gb Free Space | 76.13% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: USER-530216A4FB
Current User Name: user
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Whitelist: On
File Age = 30 Days

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled"=1
"AntiVirusDisableNotify"=0
"FirewallDisableNotify"=0
"UpdatesDisableNotify"=0
"AntiVirusOverride"=0
"FirewallOverride"=0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=1

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"EnableFirewall"=1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[2008/04/14 23:00:00 | 00,558,080 | ---- | M] (Microsoft Corporation) -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
[2008/04/14 23:00:00 | 00,141,312 | ---- | M] (Microsoft Corporation) -- %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
[2008/04/14 23:00:00 | 00,558,080 | ---- | M] (Microsoft Corporation) -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
[2008/04/14 23:00:00 | 00,141,312 | ---- | M] (Microsoft Corporation) -- %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
File not found -- D:\Installation\Setupx.exe:*:Enabled:Nero ProductSetup
[2008/08/29 10:18:44 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour
[2008/11/20 13:20:48 | 14,294,824 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes
[2006/10/27 15:16:48 | 12,813,096 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook

========== (O10) Winsock2 Catalogs ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\]
NameSpace_Catalog5\Catalog_Entries\000000000004 [mdnsNSP] -- C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

========== (O18) Protocol Handlers ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
ipp: [HKLM - No CLSID value]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\] - Protocol Handlers
[2006/10/26 19:49:48 | 01,011,488 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL ipp\0x00000001:{E1D2BF42-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - MSDAMON.BINDER]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
msdaipp: [HKLM - No CLSID value]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\] - Protocol Handlers
[2006/10/26 19:49:48 | 01,011,488 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL msdaipp\0x00000001:{E1D2BF42-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - MSDAMON.BINDER]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\] - Protocol Handlers
[2006/10/26 19:49:48 | 01,011,488 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL msdaipp\oledb:{E1D2BF40-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - MSDAIPP.BINDER]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
[2006/10/26 13:45:02 | 00,873,216 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (ms-help:{314111c7-a502-11d2-bbca-00c04f8ec294} (HKLM) [HxProtocol Class])

========== (O18) Protocol Filters ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\] - Protocol Filters
[2006/10/26 21:41:48 | 00,044,344 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL text/xml:{807563E5-5146-11D5-A672-00B0D022E945} (HKLM) [Microsoft Office InfoPath XML Mime Filter]

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{20D4A895-748C-4D88-871C-FDB1695B0169}"=Platform
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}"=Java™ 6 Update 11
"{2DD388FF-6422-43C9-86A1-C7A99C83E946}"=ASUS nVidia Driver
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}"=Atheros Communications Inc.® AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver
"{318AB667-3230-41B5-A617-CB3BF748D371}"=iTunes
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}"=WebFldrs XP
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}"=neroxml
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}"=Apple Software Update
"{7299052b-02a4-4627-81f2-1818da5d550d}"=Microsoft Visual C++ 2005 Redistributable
"{7E20EFE6-E604-48C6-8B39-BA4742F2CDB4}"=Zune Desktop Theme
"{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}"=Bonjour
"{8E72B982-D54F-486F-B35A-C24B6F171033}"=Nero 7 Essentials
"{90120000-0010-0409-0000-0000000FF1CE}"=Microsoft Software Update for Web Folders (English) 12
"{90120000-0015-0409-0000-0000000FF1CE}"=Microsoft Office Access MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}"=Microsoft Office Excel MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}"=Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}"=Microsoft Office Publisher MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}"=Microsoft Office Outlook MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}"=Microsoft Office Word MUI (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}"=Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}"=Microsoft Office Proof (French) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}"=Microsoft Office Proof (Spanish) 2007
"{90120000-002C-0409-0000-0000000FF1CE}"=Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}"=Microsoft Office Enterprise 2007
"{90120000-0044-0409-0000-0000000FF1CE}"=Microsoft Office InfoPath MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}"=Microsoft Office Shared MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}"=Microsoft Office OneNote MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}"=Microsoft Office Groove MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}"=Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}"=Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}"=Microsoft Office Access Setup Metadata MUI (English) 2007
"{A040AC77-C1AA-4CC9-8931-9F648AF178F6}"=VC 9.0 Runtime
"{CC4A73BF-938E-4C19-A553-853C035C9BA1}"=LightScribe System Software 1.10.13.1
"{EC4455AB-F155-4CC1-A4C5-88F3777F9886}"=Apple Mobile Device Support
"{F958CA02-BB40-4007-894B-258729456EE4}"=QuickTime
"Collectorz.com Comic Collector"=Collectorz.com Comic Collector
"DAZ Studio 2.3"=DAZ Studio
"DVDFab (Platinum/Gold/HD Decrypter) (Option: Mobile) 5_is1"=DVDFab (Platinum/Gold/HD Decrypter) (Option: Mobile) 5.0.6.0
"ENTERPRISE"=Microsoft Office Enterprise 2007
"HijackThis"=HijackThis 2.0.2
"IDNMitigationAPIs"=Microsoft Internationalized Domain Names Mitigation APIs
"ie7"=Windows Internet Explorer 7
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}"=VIA Platform Device Manager
"MailWasher Pro_is1"=MailWasher Pro
"Malwarebytes' Anti-Malware_is1"=Malwarebytes' Anti-Malware
"MediaMonkey_is1"=MediaMonkey 3.0
"Morph Loader "=Morph Loader
"NLSDownlevelMapping"=Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers"=NVIDIA Drivers
"Render Album "=Render Album
"Windows Media Format Runtime"=Windows Media Format Runtime
"ZoneAlarm Security Suite"=ZoneAlarm Security Suite

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 12/21/2008 12:39:49 AM | Computer Name = USER-530216A4FB | Source = Application Error | ID = 1000
Description = Faulting application ps_mo312_attitudepose.exe, version 1.0.0.0, faulting
module tcla0.tmp, version 0.0.0.0, fault address 0x0000d063.

Error - 12/21/2008 12:40:01 AM | Computer Name = USER-530216A4FB | Source = Application Error | ID = 1000
Description = Faulting application ps_mo312_attitudepose.exe, version 1.0.0.0, faulting
module tcla9.tmp, version 0.0.0.0, fault address 0x0000d063.

Error - 12/21/2008 12:41:51 AM | Computer Name = USER-530216A4FB | Source = Application Error | ID = 1000
Description = Faulting application ps_mo312_attitudepose.exe, version 1.0.0.0, faulting
module tcld6.tmp, version 0.0.0.0, fault address 0x0000d063.

Error - 12/21/2008 12:47:33 AM | Computer Name = USER-530216A4FB | Source = Application Error | ID = 1000
Description = Faulting application 7877_1_dpc_m4base.exe, version 1.0.0.0, faulting
module tcle8.tmp, version 0.0.0.0, fault address 0x0000d063.

Error - 12/21/2008 12:48:01 AM | Computer Name = USER-530216A4FB | Source = Application Error | ID = 1000
Description = Faulting application 7877_1_dpc_m4base.exe, version 1.0.0.0, faulting
module tclf1.tmp, version 0.0.0.0, fault address 0x0000d063.

Error - 12/21/2008 12:48:31 AM | Computer Name = USER-530216A4FB | Source = Application Error | ID = 1001
Description = Fault bucket 1064947629.

Error - 12/21/2008 12:49:53 AM | Computer Name = USER-530216A4FB | Source = Application Error | ID = 1000
Description = Faulting application 7877_1_dpc_m4base.exe, version 1.0.0.0, faulting
module tcl101.tmp, version 0.0.0.0, fault address 0x0000d063.

Error - 12/21/2008 2:20:12 AM | Computer Name = USER-530216A4FB | Source = Application Error | ID = 1000
Description = Faulting application 7880_1_dpc_michael4probundle.exe, version 1.0.0.0,
faulting module tcl242.tmp, version 0.0.0.0, fault address 0x0000d063.

Error - 12/22/2008 4:43:48 AM | Computer Name = USER-530216A4FB | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 7.0.6000.16762, faulting
module flash6.ocx, version 6.0.88.0, fault address 0x0000183e.

[ System Events ]
Error - 12/19/2008 5:59:42 AM | Computer Name = USER-530216A4FB | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
i8042prt

Error - 12/19/2008 9:16:44 PM | Computer Name = USER-530216A4FB | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
i8042prt

Error - 12/20/2008 9:05:59 PM | Computer Name = USER-530216A4FB | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
i8042prt

Error - 12/20/2008 9:15:18 PM | Computer Name = USER-530216A4FB | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
i8042prt

Error - 12/20/2008 9:33:44 PM | Computer Name = USER-530216A4FB | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
i8042prt

Error - 12/21/2008 9:45:25 PM | Computer Name = USER-530216A4FB | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
i8042prt

Error - 12/22/2008 3:48:57 AM | Computer Name = USER-530216A4FB | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
i8042prt

Error - 12/22/2008 8:31:34 PM | Computer Name = USER-530216A4FB | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
i8042prt

Error - 12/22/2008 8:38:06 PM | Computer Name = USER-530216A4FB | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
i8042prt

Error - 12/22/2008 8:47:07 PM | Computer Name = USER-530216A4FB | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
i8042prt


< End of report >

Sorry. I Should have had it turned on all the time. I am an idiot.
Cathy.

**Update** - I did another Malware scan on this drive, still clean. Zone Alarm picked up a Rootkit.Win32.TDSS.gen and deleted it and I did a restart with the hard drive left on (Which I usually avoid as it slows the start up time down and has hung the computer in the past.) E: drive is now working also, so something worked. So unless you find something in the logs that needs more attention I may be good to go.
Thanks again, Cathy.

Edited by catamongthebats, 23 December 2008 - 01:21 AM.


#12 Buckeye_Sam

Buckeye_Sam

    Malware Expert


  • Members
  • 17,382 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Pickerington, Ohio
  • Local time:05:23 PM

Posted 23 December 2008 - 10:41 AM

Here's the fix for the E: drive issue, if you're still getting it.
Copy this text into OTMoveIt3 and click Moveit.

:reg
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c2e592dc-cd6d-11dd-961d-002215ba7042}]

:files
E:\resycled\boot.com
E:\autorun.inf


Everything still working well?
Posted Image If I have helped you in any way, please consider a donation to help me continue the fight against malware.


Failing to respond back to the person that is giving up their own time to help you not only is insensitive and disrespectful, but it guarantees that you will never receive help from me again. Please thank your helpers and there will always be help here when you need it!


========================================================

#13 catamongthebats

catamongthebats
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:08:23 AM

Posted 23 December 2008 - 08:00 PM

Thanks Sam,

I moved the files just to be safe. Computer is working fine now. Thanks so much for all your help I would never had gotten all that done myself! I've happily made a donation to you.

Have a Malware free Merry Christmas :thumbsup: ,

Cathy.

#14 Buckeye_Sam

Buckeye_Sam

    Malware Expert


  • Members
  • 17,382 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Pickerington, Ohio
  • Local time:05:23 PM

Posted 24 December 2008 - 10:21 AM

Glad I could help! :)

Here are some final steps for you.


It's time to clean up.
  • Make sure you have an Internet Connection.
  • Double-click OTMoveIt3.exe to run it.
  • Click on the CleanUp! button
  • A list of tool components used in the Cleanup of malware will be downloaded.
  • If your Firewall or Real Time protection attempts to block OtMoveit2 to reach the Internet, please allow the application to do so.
  • Click Yes to begin the Cleanup process and remove these components, including this application.
  • You will be asked to reboot the machine to finish the Cleanup process. If you are asked to reboot the machine choose Yes.


================



Now that you are clean, please follow these simple steps in order to keep your computer clean and secure:
  • Disable and Enable System Restore. - If you are using Windows ME or XP then you should disable and reenable system restore to make sure there are no infected files found in a restore point left over from what we have just cleaned.

    You can find instructions on how to enable and reenable system restore here:

    Windows XP System Restore Guide

    Renable system restore with instructions from tutorial above

  • Make your Internet Explorer more secure - This can be done by following these simple instructions:
    • From within Internet Explorer click on the Tools menu and then click on Options.
    • Click once on the Security tab
    • Click once on the Internet icon so it becomes highlighted.
    • Click once on the Custom Level button.
      • Change the Download signed ActiveX controls to Prompt
      • Change the Download unsigned ActiveX controls to Disable
      • Change the Initialize and script ActiveX controls not marked as safe to Disable
      • Change the Installation of desktop items to Prompt
      • Change the Launching programs and files in an IFRAME to Prompt
      • Change the Navigate sub-frames across different domains to Prompt
      • When all these settings have been made, click on the OK button.
      • If it prompts you as to whether or not you want to save the settings, press the Yes button.
    • Next press the Apply button and then the OK to exit the Internet Properties page.
  • Use an AntiVirus Software - It is very important that your computer has an anti-virus software running on your machine. This alone can save you a lot of trouble with malware in the future.

    See this link for a listing of some online & their stand-alone antivirus programs:

    Virus, Spyware, and Malware Protection and Removal Resources

  • Update your AntiVirus Software - It is imperitive that you update your Antivirus software at least once a week (Even more if you wish). If you do not update your antivirus software then it will not be able to catch any of the new variants that may come out.

  • Use a Firewall - I can not stress how important it is that you use a Firewall on your computer. Without a firewall your computer is succeptible to being hacked and taken over. I am very serious about this and see it happen almost every day with my clients. Simply using a Firewall in its default configuration can lower your risk greatly.

    For a tutorial on Firewalls and a listing of some available ones see the link below:

    Understanding and Using Firewalls

  • Visit Microsoft's Windows Update Site Frequently - It is important that you visit http://www.windowsupdate.com regularly. This will ensure your computer has always the latest security updates available installed on your computer. If there are new updates to install, install them immediately, reboot your computer, and revisit the site until there are no more critical updates.

  • Install Spybot - Search and Destroy - Install and download Spybot - Search and Destroy with its TeaTimer option. This will provide realtime spyware & hijacker protection on your computer alongside your virus protection. You should also scan your computer with program on a regular basis just as you would an antivirus software.

    A tutorial on installing & using this product can be found here:

    Using Spybot - Search & Destroy to remove Spyware , Malware, and Hijackers

  • Install Ad-Aware - Install and download Ad-Aware. ou should also scan your computer with program on a regular basis just as you would an antivirus software in conjunction with Spybot.

    A tutorial on installing & using this product can be found here:

    Using Ad-aware to remove Spyware, Malware, & Hijackers from Your Computer

  • Install SpywareBlaster - SpywareBlaster will added a large list of programs and sites into your Internet Explorer settings that will protect you from running and downloading known malicious programs.

    A tutorial on installing & using this product can be found here:

    Using SpywareBlaster to protect your computer from Spyware and Malware

  • Update all these programs regularly - Make sure you update all the programs I have listed regularly. Without regular updates you WILL NOT be protected when new malicious programs are released.
Follow this list and your potential for being infected again will reduce dramatically.

:thumbsup: :)
Posted Image If I have helped you in any way, please consider a donation to help me continue the fight against malware.


Failing to respond back to the person that is giving up their own time to help you not only is insensitive and disrespectful, but it guarantees that you will never receive help from me again. Please thank your helpers and there will always be help here when you need it!


========================================================

#15 Buckeye_Sam

Buckeye_Sam

    Malware Expert


  • Members
  • 17,382 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Pickerington, Ohio
  • Local time:05:23 PM

Posted 31 December 2008 - 03:52 PM

Now that your problem appears to be resolved, this thread will be closed. If you need this topic reopened, please contact a member of the HJT Team and we will reopen it for you. Include the address of this thread in your request.
Posted Image If I have helped you in any way, please consider a donation to help me continue the fight against malware.


Failing to respond back to the person that is giving up their own time to help you not only is insensitive and disrespectful, but it guarantees that you will never receive help from me again. Please thank your helpers and there will always be help here when you need it!


========================================================




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users