Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Help with Explorer.exe problem


  • This topic is locked This topic is locked
28 replies to this topic

#1 oldrndrt

oldrndrt

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:03 PM

Posted 27 March 2009 - 02:19 PM

I am working to repair my daughters computer, I have it here and do not have to try to do a "long distance" or "relayed" repair. :>)

It started when she opened an attachment which she got on an email through a yahoo email account. She thought yahoo scanned everything and felt safe opening it even though it wasn't something she was expecting...she will NOT do that again!

The system would at first not boot at all, giving an error with the file "fltmgr.sys" which I copied to an external drive, then deleted. After I did this, the system would boot, but once the desktop wallpaper comes up and explorer starts loading the desktop icons, taskbar, system tray, etc; explorer begins continually rebooting every 4-5 seconds. I am unable to run anything except through taskmanager and the "New Task" button. I have run the following to no avail (though each found anywhere from a few to many errors...I do not have a log of any except "hijackthis"):

Antivir
Avast
Spybot S&D
WinASO 4.2
Hijackthis

I began running combofix after getting advice from a [no longer? :thumbup2: ] friend and got the following progress, though it apparently never finished:

I ran the combofix.exe file (from the taskmanager "new task" button (all of the above programs were run in this same way)) and got down to the point where it advised me that the Windows Recovery Console was not installed and wanted to go to the internet and get it...I clicked the yes button and got an error that no internet connection was found (I had used an internet connection prior to this point though I do not remember at WHAT point prior to this) and did not give me an option to get out...

Combofix continued and quickly said:

Completed Stage_49

then

it listed the following files as being deleted:

C:\WINNT\patch.exe
C:\WINNT\system32\drivers\nfr.sys
C:\WINNT\system32\frmwrk32.exe
C:\WINNT\system32\init32.exe
C:\WINNT\system32\system\mcafeepf.dll
C:\WINNT\system32\win32hlp.cnf


then showed the following folder as being deleted:

C:\WINNT\system32\system

then gave the following error:

System cannot find batch label specified Check_Hal

At this point it APPEARS to have stalled or frozen. no action has completed in over an hour. No change in the window displayed.

The only action I have taken is to remove an external USB flashdrive (the "I:" drive listed in the HJT log below) so I could recover the HJT log file to post here. The HJT was run before the ComboFix was attempted, and the computer is still running and has been undisturbed since attempting the ComboFix.

Any info would be appreciated. I have posted the HJT log below:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:12:42 PM, on 3/27/2009
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\Program Files\AVG\AVG8\avgrsx.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\System32\nvsvc32.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\System32\taskmgr.exe
C:\WINNT\System32\imapi.exe
C:\WINNT\System32\WgaTray.exe
I:\Documents\Downloads\Tech\geekstogo\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/.../search/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/...//www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/.../search/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/...//www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;*.local
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: (no name) - {6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C} - (no file)
O2 - BHO: C:\WINNT\system32\vcar3sdu3yaj3.dll - {C5AF42A3-94F3-42BD-F634-3604832C897D} - C:\WINNT\system32\vcar3sdu3yaj3.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: GoodSearch Toolbar - {4E7BD74F-2B8D-469E-95BA-ED6DB186BE32} - C:\PROGRA~1\GOODSE~1\GOODSE~1.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
O4 - HKLM\..\Run: [SSRunScript] "C:\Program Files\Support.com\Charter\bin\SSRunScript.exe" /script "C:\Program Files\Support.com\Charter\vbs\verifyconnection.vbs" /args //b startupdelay
O4 - HKLM\..\Run: [MSConfig] C:\WINNT\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKUS\S-1-5-18\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINNT\System32\NVMCTRAY.DLL,NvTaskbarInit (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINNT\System32\NVMCTRAY.DLL,NvTaskbarInit (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.4.2\gears.dll
O9 - Extra 'Tools' menuitem: &Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.4.2\gears.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINNT\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINNT\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\PROGRA~1\AWS\WEATHE~1\Weather.exe (HKCU)
O10 - Broken Internet access because of LSP provider 'c:\docume~1\owner\locals~1\temp\ntdll64.dll' missing
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O15 - Trusted Zone: *.utdallas.edu
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - https://activatemyfios.verizon.net/sdcCommo...IOS/tgctlcm.cab
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.1...toUploader5.cab
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://support.gateway.com/support/profiler/PCPitStop.CAB
O16 - DPF: {2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C} (MiniBugTransporterX Class) - http://wdownload.weatherbug.com/minibug/tr...Transporter.cab?
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://photo.walgreens.com/WalgreensActivia.cab
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/200203...meInstaller.exe
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/2595473e50a6f6...ip/RdxIE601.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1130344560765
O16 - DPF: {739E8D90-2F4C-43AD-A1B8-66C356FCEA35} (RunExeActiveX.RunExe) - hcp://system/RunExeActiveX.CAB
O16 - DPF: {99CDFD87-F97A-42E1-9C13-D18220D90AD1} (StartFirstControl.CheckFirst) - hcp://system/StartFirstControl.CAB
O16 - DPF: {BB383206-6DA1-4E80-B62A-3DF950FCC697} (Create & Print ActiveX Plug-in) - http://di.imgag.com/imgag/cp/install/AxCtp2.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/...285/mcfscan.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O20 - Winlogon Notify: hgGywVOe - hgGywVOe.dll (file missing)
O21 - SSODL: FiRYtBSzqjem - {5CEC4268-F646-E8C2-A343-4950780C2406} - (no file)
O22 - SharedTaskScheduler: jgzfkj9w38rksndfi7r4 - {C5BF49A2-94F3-42BD-F434-3604812C8955} - (no file)
O22 - SharedTaskScheduler: har78w3uhewf8yurhefd - {C5AF42A3-94F3-42BD-F634-3604832C897D} - C:\WINNT\system32\vcar3sdu3yaj3.dll
O23 - Service: Background Intelligent Transfer Service (BITS) - Unknown owner - C:\WINNT\
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINNT\System32\nvsvc32.exe
O23 - Service: Automatic Updates (wuauserv) - Unknown owner - C:\WINNT\
O24 - Desktop Component 0: (no name) - http://www.utdallas.edu/images/Shared/logotype.gif

--
End of file - 7924 bytes

Thanks again for any help you can provide.

George

PS I tried to find the latest edition of ComboFix on here and it is not listed in the file database...is it no longer a prefered method of repair?

Edited by oldrndrt, 27 March 2009 - 02:22 PM.


BC AdBot (Login to Remove)

 


#2 Buckeye_Sam

Buckeye_Sam

    Malware Expert


  • Members
  • 17,382 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Pickerington, Ohio
  • Local time:08:03 PM

Posted 27 March 2009 - 07:24 PM

Hello! :thumbup2:
My name is Sam and I will be helping you.

In order to see what's going on with your computer I will ask for you to post various logs from the tools that we will use to resolve your issue. Please also share with me any information about how your computer is reacting and behaving each step of the way as we work through this process.


Let's hold off on any more combofix for the time being, although we may come back to it once we determine exactly what's going on here.


We need to create an OTListIt2 Report
  • Please download OTListIt2 from here
  • Save it to your desktop.
  • Double click on the icon on your desktop.
  • Click the "Scan All Users" checkbox.
  • Push the "Run Scan" button.
  • The scan should take just a few minutes.
  • Copy the log that opens up and paste it back here in your next reply.



=============


The next log will show us any hidden files that are present.

Download GMER from here:
  • Unzip it to the desktop.
  • Open the program and click on the Rootkit tab.
  • Make sure all the boxes on the right of the screen are checked, EXCEPT for ‘Show All’.
  • Click on Scan.
  • When the scan has run click Copy and paste the results (if any) into this thread.

Posted Image If I have helped you in any way, please consider a donation to help me continue the fight against malware.


Failing to respond back to the person that is giving up their own time to help you not only is insensitive and disrespectful, but it guarantees that you will never receive help from me again. Please thank your helpers and there will always be help here when you need it!


========================================================

#3 oldrndrt

oldrndrt
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:03 PM

Posted 28 March 2009 - 04:11 AM

Hello! :thumbup2:
My name is Sam and I will be helping you.

In order to see what's going on with your computer I will ask for you to post various logs from the tools that we will use to resolve your issue. Please also share with me any information about how your computer is reacting and behaving each step of the way as we work through this process.


Let's hold off on any more combofix for the time being, although we may come back to it once we determine exactly what's going on here.


We need to create an OTListIt2 Report[list]
=============
The next log will show us any hidden files that are present.

Download GMER from here


Sam,

First there is a new development...I closed the Combofix window after approximately 10 hours of no additional activity, then ran the programs you instructed me to run. I rebooted the computer and do not seem to have the continual restarting of explorer.exe any longer, but now when I try to run iexplore.exe, I get an error:

"The procedure entry point SHRegGetValueW could not be located in the dynamic link library SHLWAPI.dll."

and internet explorer will not run. I do still have connectivity and am able to run Safari to get on here.


Thanks so much for your help. I have done as instructed, and OTListIT2 generated two files, one it named OTListIT.txt and the other it named Extras.txt. I have posted part 1 of the OTListIT.txt file below, with the balance in the following post, and the content of the other two files in the second post following. Please let me know what you think. Thanks again for your assistance!

George

NOTE: The first file is too large to copy and paste the entire file in a single post as it generates a "too long" error, so I have split it into two posts, and will post the other two files (the second file generated by OTListIT2 and the file generated by GMER) in another post if they will all fit...thanks again and let me know where to proceed from here.

Part 1 of OTListIT.txt:

OTListIt logfile created on: 2009-03-28 00:25:30 - Run 1
OTListIt2 by OldTimer - Version 2.0.7.2 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Home Edition (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2600.0000)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: yyyy-MM-dd

1023.30 Mb Total Physical Memory | 727.80 Mb Available Physical Memory | 71.12% Memory free
2.40 Gb Paging File | 2.16 Gb Available in Paging File | 89.84% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072;

%SystemDrive% = C: | %SystemRoot% = C:\WINNT | %ProgramFiles% = C:\Program Files
Drive C: | 37.27 Gb Total Space | 15.88 Gb Free Space | 42.60% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 28.62 Gb Total Space | 10.94 Gb Free Space | 38.24% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: HOMECOMPUTER
Current User Name: Owner
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Output = Standard
File Age = 30 Days
Company Name Whitelist: On

========== Processes (SafeList) ==========

PRC - [2008-06-04 01:18:12 | 00,311,576 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgrsx.exe
PRC - [2003-10-06 14:16:00 | 00,081,920 | ---- | M] (NVIDIA Corporation) -- C:\WINNT\System32\nvsvc32.exe
PRC - [2007-03-15 18:17:08 | 00,336,768 | ---- | M] (Microsoft Corporation) -- C:\WINNT\System32\WgaTray.exe
PRC - [2009-03-27 12:30:20 | 00,375,808 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\CF16848.exe
PRC - [2001-08-30 05:30:00 | 00,128,512 | ---- | M] (Microsoft Corporation) -- C:\WINNT\System32\taskmgr.exe
PRC - [2008-11-20 22:03:28 | 03,581,736 | ---- | M] (Apple Inc.) -- C:\Program Files\Safari\Safari.exe
PRC - [2009-03-25 10:24:20 | 00,498,688 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTListIt2.exe

========== Win32 Services (SafeList) ==========

SRV - [2008-11-07 15:28:16 | 00,132,424 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device [Disabled | Stopped])
SRV - [2007-10-24 01:47:22 | 00,033,800 | ---- | M] (Microsoft Corporation) -- C:\WINNT\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
SRV - [2008-12-12 12:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service [Disabled | Stopped])
SRV - [2007-10-24 01:47:40 | 00,070,144 | ---- | M] (Microsoft Corporation) -- C:\WINNT\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2008-12-07 11:12:39 | 00,133,104 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate1c95886a6a0fc80 [Disabled | Stopped])
SRV - [2007-12-10 19:10:19 | 00,138,168 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [Disabled | Stopped])
SRV - [2001-08-30 05:30:00 | 00,029,184 | ---- | M] (Microsoft Corporation) -- C:\WINNT\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2004-10-22 04:24:18 | 00,073,728 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT [Disabled | Stopped])
SRV - [2008-11-20 14:20:44 | 00,536,872 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service [Disabled | Stopped])
SRV - [2009-02-16 10:31:53 | 00,950,096 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service [Disabled | Stopped])
SRV - [2004-03-04 11:30:48 | 00,311,296 | ---- | M] (Lexmark International, Inc.) -- C:\WINNT\system32\LEXBCES.EXE -- (LexBceS [Disabled | Stopped])
SRV - [2003-06-19 23:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM [Disabled | Stopped])
SRV - [2008-12-18 11:47:08 | 09,158,656 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe -- (MSSQL$MICROSOFTSMLBIZ [Disabled | Stopped])
SRV - [2005-05-03 22:50:28 | 00,073,728 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe -- (MSSQLServerADHelper [Disabled | Stopped])
SRV - [2003-10-06 14:16:00 | 00,081,920 | ---- | M] (NVIDIA Corporation) -- C:\WINNT\System32\nvsvc32.exe -- (NVSvc [Auto | Running])
SRV - [2003-07-28 12:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [Disabled | Stopped])
SRV - File not found -- -- (PictureTaker [Disabled | Stopped])
SRV - [2003-03-09 22:31:02 | 00,065,795 | ---- | M] (HP) -- C:\WINNT\System32\HPZipm12.exe -- (Pml Driver HPZ12 [Disabled | Stopped])
SRV - [2007-07-24 06:14:08 | 00,088,560 | ---- | M] (Sonic Solutions) -- C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe -- (Roxio UPnP Renderer 9 [Disabled | Stopped])
SRV - [2007-07-24 06:14:06 | 00,358,896 | ---- | M] (Sonic Solutions) -- C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe -- (Roxio Upnp Server 9 [Disabled | Stopped])
SRV - [2007-08-16 09:56:16 | 00,309,744 | ---- | M] (Sonic Solutions) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe -- (RoxLiveShare9 [Disabled | Stopped])
SRV - [2007-08-16 09:56:10 | 01,092,080 | ---- | M] (Sonic Solutions) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe -- (RoxMediaDB9 [Disabled | Stopped])
SRV - [2007-08-16 09:56:14 | 00,166,384 | ---- | M] (Sonic Solutions) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe -- (RoxWatch9 [Disabled | Stopped])
SRV - [2005-05-03 21:42:56 | 00,323,584 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlagent.EXE -- (SQLAgent$MICROSOFTSMLBIZ [Disabled | Stopped])
SRV - [2006-10-18 20:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc [Disabled | Stopped])

========== Driver Services (SafeList) ==========

DRV - [2001-08-17 13:20:04 | 00,096,256 | ---- | M] (Intel Corporation) -- C:\WINNT\system32\drivers\ac97intc.sys -- (ac97intc [On_Demand | Stopped])
DRV - [2008-06-04 01:18:27 | 00,096,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINNT\System32\Drivers\avgldx86.sys -- (AvgLdx86 [System | Running])
DRV - [2008-06-04 01:18:27 | 00,026,184 | ---- | M] (GRISOFT, s.r.o.) -- C:\WINNT\System32\Drivers\avgmfx86.sys -- (AvgMfx86 [System | Stopped])
DRV - [2001-08-17 14:28:00 | 00,871,388 | ---- | M] (BCM) -- C:\WINNT\System32\DRIVERS\BCMDM.sys -- (BCMModem [On_Demand | Stopped])
DRV - [2001-08-17 13:12:12 | 00,002,944 | ---- | M] (Brother Industries Ltd.) -- C:\WINNT\System32\Drivers\Brfilt.sys -- (brfilt [On_Demand | Stopped])
DRV - [2001-08-17 13:12:24 | 00,003,168 | ---- | M] (Brother Industries Ltd.) -- C:\WINNT\System32\DRIVERS\BrParImg.sys -- (brparimg [On_Demand | Stopped])
DRV - [2001-08-17 13:12:18 | 00,039,552 | ---- | M] (Brother Industries Ltd.) -- C:\WINNT\System32\Drivers\BrParwdm.sys -- (BrParWdm [On_Demand | Stopped])
DRV - [2001-08-17 13:12:20 | 00,060,416 | ---- | M] (Brother Industries Ltd.) -- C:\WINNT\System32\Drivers\BrSerWdm.sys -- (BrSerWDM [On_Demand | Stopped])
DRV - [2002-09-10 20:42:00 | 00,024,808 | ---- | M] (Service & Quality Technology.) -- C:\WINNT\System32\Drivers\SQcaptur.sys -- (DCamUSBSQTECH [On_Demand | Stopped])
DRV - [2003-09-17 10:44:42 | 00,145,408 | ---- | M] (Intel Corporation) -- C:\WINNT\System32\DRIVERS\e100b325.sys -- (E100B [On_Demand | Running])
DRV - [2008-04-17 13:12:54 | 00,015,464 | ---- | M] (GEAR Software Inc.) -- C:\WINNT\System32\Drivers\GEARAspiWDM.sys -- (GEARAspiWDM [On_Demand | Running])
DRV - [2001-11-27 08:55:50 | 01,143,360 | ---- | M] (GTW) -- C:\WINNT\System32\DRIVERS\GWMDM.sys -- (GTWModem [On_Demand | Running])
DRV - [2003-03-09 22:31:00 | 00,051,024 | ---- | M] (HP) -- C:\WINNT\System32\DRIVERS\HPZid412.sys -- (HPZid412 [On_Demand | Stopped])
DRV - [2003-03-09 22:31:02 | 00,016,080 | ---- | M] (HP) -- C:\WINNT\System32\DRIVERS\HPZipr12.sys -- (HPZipr12 [On_Demand | Stopped])
DRV - [2003-03-09 22:31:02 | 00,021,456 | ---- | M] (HP) -- C:\WINNT\System32\DRIVERS\HPZius12.sys -- (HPZius12 [On_Demand | Stopped])
DRV - [2009-02-16 10:31:58 | 00,064,160 | ---- | M] (Lavasoft AB) -- C:\WINNT\system32\DRIVERS\Lbd.sys -- (Lbd [Boot | Stopped])
DRV - [2001-08-30 05:30:00 | 00,062,208 | ---- | M] (Microsoft Corporation) -- C:\WINNT\System32\DRIVERS\mf.sys -- (mf [On_Demand | Stopped])
DRV - [2001-08-17 14:57:38 | 00,016,128 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\drivers\MODEMCSA.sys -- (MODEMCSA [On_Demand | Running])
DRV - [2004-01-07 20:03:39 | 00,028,352 | ---- | M] (MusicMatch, Inc.) -- C:\WINNT\System32\drivers\MxlW2k.sys -- (MxlW2k [On_Demand | Running])
DRV - [2003-10-06 14:16:00 | 01,550,043 | ---- | M] (NVIDIA Corporation) -- C:\WINNT\System32\DRIVERS\nv4_mini.sys -- (nv [On_Demand | Running])
DRV - [2003-10-06 14:16:00 | 01,550,043 | ---- | M] (NVIDIA Corporation) -- C:\WINNT\System32\DRIVERS\nv4_mini.sys -- (nv4 [On_Demand | Stopped])
DRV - [2000-03-22 23:42:00 | 00,044,192 | ---- | M] (PC-Doctor Inc.) -- C:\WINNT\System32\drivers\PcdrNt.sys -- (PcdrNt [On_Demand | Stopped])
DRV - [2001-08-30 05:30:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINNT\System32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])
DRV - [2007-05-01 04:00:00 | 00,043,528 | ---- | M] (Sonic Solutions) -- C:\WINNT\system32\DRIVERS\PxHelp20.sys -- (PxHelp20 [Boot | Running])
DRV - [2007-05-31 14:39:50 | 00,022,656 | ---- | M] (Research In Motion Limited) -- C:\WINNT\System32\Drivers\RimUsb.sys -- (RimUsb [On_Demand | Stopped])
DRV - [2007-01-18 11:24:58 | 00,026,496 | R--- | M] (Research in Motion Ltd) -- C:\WINNT\system32\DRIVERS\RimSerial.sys -- (RimVSerPort [On_Demand | Running])
DRV - [2001-08-30 05:30:00 | 00,005,888 | ---- | M] (Microsoft Corporation) -- C:\WINNT\System32\Drivers\RootMdm.sys -- (ROOTMODEM [On_Demand | Running])
DRV - [2004-04-22 00:09:00 | 00,120,448 | R--- | M] (Ralink Technology Inc.) -- C:\WINNT\system32\DRIVERS\RT2500.sys -- (RT2500 [On_Demand | Stopped])
DRV - [2001-08-30 05:30:00 | 00,027,440 | ---- | M] () -- C:\WINNT\System32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped])
DRV - [2000-09-11 19:32:28 | 00,007,552 | ---- | M] (Silitek Corp.) -- C:\WINNT\System32\DRIVERS\Sk99202k.sys -- (Sk99202k [On_Demand | Running])
DRV - [2000-09-12 01:39:10 | 00,006,208 | ---- | M] (Silitek Corp.) -- C:\WINNT\System32\DRIVERS\Sk9920nt.sys -- (Sk9920nt [System | Running])
DRV - [2001-11-12 15:28:28 | 00,442,168 | ---- | M] (Analog Devices, Inc.) -- C:\WINNT\system32\drivers\smwdm.sys -- (smwdm [On_Demand | Running])
DRV - [2001-08-17 13:56:16 | 00,007,552 | ---- | M] (Sony Corporation) -- C:\WINNT\System32\DRIVERS\SONYPVU1.SYS -- (SONYPVU1 [On_Demand | Stopped])
DRV - [2001-08-30 05:30:00 | 00,036,736 | ---- | M] (Promise Technology, Inc.) -- C:\WINNT\System32\DRIVERS\ultra.sys -- (ultra [Boot | Running])

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?p...ER}&ar=home
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapps.yahoo.com/customize/.../search/ie.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?p...&ar=msnhome
IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?p...&ar=msnhome
IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-4258192708-3009342548-3091673561-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKU\S-1-5-21-4258192708-3009342548-3091673561-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
IE - HKU\S-1-5-21-4258192708-3009342548-3091673561-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKU\S-1-5-21-4258192708-3009342548-3091673561-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo.com/search?p={searchTe...-8&fr=b1ie7
IE - HKU\S-1-5-21-4258192708-3009342548-3091673561-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKU\S-1-5-21-4258192708-3009342548-3091673561-1003\S-1-5-21-4258192708-3009342548-3091673561-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4258192708-3009342548-3091673561-1003\S-1-5-21-4258192708-3009342548-3091673561-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1;*.local

FF - HKLM\software\mozilla\Firefox\Extensions\\{000a9d1c-beef-4f90-9363-039d445309b8}: C:\PROGRAM FILES\GOOGLE\GOOGLE GEARS\FIREFOX\ [2008-12-07 11:13:05 | 00,000,000 | ---D | M]


O1 HOSTS File: (734 bytes) - C:\WINNT\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (GoodSearch Toolbar) - {4E7BD74F-2B8D-469E-95BA-ED6DB186BE32} - C:\Program Files\goodsearch\goodsearch.dll (GoodSearch LLC )
O3 - HKLM\..\Toolbar: (&Radio) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx ()
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKU\S-1-5-21-4258192708-3009342548-3091673561-1003\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - Reg Error: Key error. File not found
O3 - HKU\S-1-5-21-4258192708-3009342548-3091673561-1003\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll (Google Inc.)
O3 - HKU\S-1-5-21-4258192708-3009342548-3091673561-1003\..\Toolbar\WebBrowser: (no name) - {4E7BD74F-2B8D-469E-95BA-ED6DB186BE32} - C:\Program Files\goodsearch\goodsearch.dll (GoodSearch LLC )
O3 - HKU\S-1-5-21-4258192708-3009342548-3091673561-1003\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [MSConfig] C:\WINNT\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto (Microsoft Corporation)
O4 - HKLM..\Run: [SSRunScript] "C:\Program Files\Support.com\Charter\bin\SSRunScript.exe" /script "C:\Program Files\Support.com\Charter\vbs\verifyconnection.vbs" /args //b startupdelay ()
O4 - HKU\.DEFAULT..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINNT\System32\NVMCTRAY.DLL,NvTaskbarInit (NVIDIA Corporation)
O4 - HKU\S-1-5-18..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINNT\System32\NVMCTRAY.DLL,NvTaskbarInit (NVIDIA Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-4258192708-3009342548-3091673561-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-4258192708-3009342548-3091673561-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-4258192708-3009342548-3091673561-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuMFUprogramsList = 0
O7 - HKU\S-1-5-21-4258192708-3009342548-3091673561-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-4258192708-3009342548-3091673561-1003_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun Microsystems, Inc.)
O9 - Extra 'Tools' menuitem : &Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.4.2\gears.dll (Google Inc.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @shdoclc.dll,-866 - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm ()
O9 - Extra 'Tools' menuitem : @shdoclc.dll,-864 - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm ()
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra Button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINNT\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [mdnsNSP] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll (InterTrust Technologies Corporation, Inc.)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-21-4258192708-3009342548-3091673561-1003\..Trusted Domains: familychristian.com ([www] https in Trusted sites)
O15 - HKU\S-1-5-21-4258192708-3009342548-3091673561-1003\..Trusted Sites: utdallas.edu ([]* in Trusted sites)
O15 - HKU\S-1-5-21-4258192708-3009342548-3091673561-1003\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {00000075-0000-0010-8000-00AA00389B71} http://codecs.microsoft.com/codecs/i386/voxmsdec.CAB (Reg Error: Key error.)
O16 - DPF: {00000075-9980-0010-8000-00AA00389B71} http://codecs.microsoft.com/codecs/i386/voxacm.CAB (Reg Error: Key error.)
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} https://activatemyfios.verizon.net/sdcCommo...IOS/tgctlcm.cab (Support.com Configuration Class)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://www.apple.com/qtactivex/qtplugin.cab (QuickTime Object)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebook.com/controls/2008.1...toUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://support.gateway.com/support/profiler/PCPitStop.CAB (PCPitstop Utility)
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} http://office.microsoft.com/officeupdate/content/opuc.cab (Office Update Installation Engine)
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} http://photo.walgreens.com/WalgreensActivia.cab (Snapfish Activia)
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} http://a1540.g.akamai.net/7/1540/52/200203...meInstaller.exe (Reg Error: Key error.)
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} http://lads.myspace.com/upload/MySpaceUploader1006.cab (MySpace Uploader Control)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdat...b?1130344560765 (MUWebControl Class)
O16 - DPF: {739E8D90-2F4C-43AD-A1B8-66C356FCEA35} hcp://system/RunExeActiveX.CAB (RunExeActiveX.RunExe)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {99CDFD87-F97A-42E1-9C13-D18220D90AD1} hcp://system/StartFirstControl.CAB (StartFirstControl.CheckFirst)
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} http://v4.windowsupdate.microsoft.com/CAB/...7885.5175462963 (Update Class)
O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} http://download.yahoo.com/dl/installs/ymail/ymmapi.dll (Yahoo! MailTo)
O16 - DPF: {BB383206-6DA1-4E80-B62A-3DF950FCC697} http://di.imgag.com/imgag/cp/install/AxCtp2.cab (Create & Print ActiveX Plug-in)
O16 - DPF: {CAFEEFAC-0014-0002-0009-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl...indows-i586.cab (Java Plug-in 1.4.2_09)
O16 - DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab (Java Plug-in 1.5.0_04)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab (Java Plug-in 1.5.0_11)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/get/flash...ent/swflash.cab (Shockwave Flash Object)
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} http://download.mcafee.com/molbin/iss-loc/...285/mcfscan.cab (McFreeScan Class)
O16 - DPF: Microsoft XML Parser for Java (Reg Error: Key error.)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\vnd.ms.radio {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} - C:\WINNT\system32\msdxm.ocx ()
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINNT\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\hgGywVOe: DllName - hgGywVOe.dll - File not found
O21 - SSODL: FiRYtBSzqjem - {5CEC4268-F646-E8C2-A343-4950780C2406} - CLSID or File not found.
O24 - Desktop Components:0 () - http://www.utdallas.edu/images/Shared/logotype.gif
O24 - Desktop Components:1 (My Current Home Page) - About:Home
O29 - HKLM SecurityProviders - ( digeste.dll) - File not found
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2002-03-25 11:12:21 | 00,000,002 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINNT\System32\lsdelete.exe ()
O34 - HKLM BootExecute: (sprestrt) - C:\WINNT\System32\sprestrt.exe (Microsoft Corporation)

=====================> Continued next post <====================

#4 oldrndrt

oldrndrt
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:03 PM

Posted 28 March 2009 - 04:17 AM

Sam,

I have tried to include all of the [first] file in this post, but again, it generates a "too long" error, so I will continue to split it till I get you all of the OTListIT.txt file, then will post the results/contents of the other two files...thanks again

George

Here is part two of the OTListIT.txt file:


========== Files/Folders - Created Within 30 Days ==========

[374 C:\WINNT\System32\*.tmp files]
[10 C:\WINNT\*.tmp files]
[2009-03-28 00:23:13 | 00,498,688 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTListIt2.exe
[2009-03-28 00:22:50 | 00,286,208 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\ptemqm3p.exe
[2009-03-27 12:30:58 | 00,212,480 | ---- | C] (SteelWerX) -- C:\WINNT\SWXCACLS.exe
[2009-03-27 12:30:58 | 00,161,792 | ---- | C] (SteelWerX) -- C:\WINNT\SWREG.exe
[2009-03-27 12:30:58 | 00,136,704 | ---- | C] (SteelWerX) -- C:\WINNT\SWSC.exe
[2009-03-27 12:30:58 | 00,098,816 | ---- | C] () -- C:\WINNT\sed.exe
[2009-03-27 12:30:58 | 00,089,504 | ---- | C] (Smallfrogs Studio) -- C:\WINNT\fdsv.exe
[2009-03-27 12:30:58 | 00,080,412 | ---- | C] () -- C:\WINNT\grep.exe
[2009-03-27 12:30:58 | 00,068,096 | ---- | C] () -- C:\WINNT\zip.exe
[2009-03-27 12:30:58 | 00,049,152 | ---- | C] () -- C:\WINNT\VFIND.exe
[2009-03-27 12:30:58 | 00,029,696 | ---- | C] (NirSoft) -- C:\WINNT\NIRCMD.exe
[2009-03-27 12:30:27 | 00,000,000 | ---D | C] -- C:\WINNT\ERDNT
[2009-03-27 12:30:27 | 00,000,000 | ---D | C] -- C:\Qoobox
[2009-03-27 12:30:27 | 00,000,000 | ---D | C] -- C:\ComboFix
[2009-03-27 12:30:26 | 00,375,808 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\CF16848.exe
[2009-03-27 11:20:03 | 00,000,864 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Desktop Assistant.lnk
[2009-03-27 11:18:40 | 00,000,833 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\WinASO Registry Optimizer.lnk
[2009-03-27 11:18:31 | 00,000,000 | ---D | C] -- C:\Program Files\WinASO
[2009-03-27 11:13:33 | 10,730,74176 | -HS- | C] () -- C:\hiberfil.sys
[2009-03-26 22:54:31 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic
[2009-03-26 17:39:38 | 00,000,000 | ---D | C] -- C:\WINNT\System32\MpEngineStore
[2009-03-24 21:29:02 | 00,000,000 | ---D | C] -- C:\upd7bin
[2009-03-24 21:29:02 | 00,000,000 | ---D | C] -- C:\avg7upd
[2009-03-24 15:57:36 | 00,002,848 | ---- | C] () -- C:\WINNT\System32\spupdsvc.inf
[2009-03-24 15:42:48 | 00,029,056 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\agpcpq.sys
[2009-03-24 15:42:48 | 00,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\alim1541.sys
[2009-03-24 15:42:48 | 00,025,472 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\agp440.sys
[2009-03-24 15:42:47 | 00,027,392 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\viaagp.sys
[2009-03-24 15:42:46 | 00,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\sbeio.dll
[2009-03-24 15:42:46 | 00,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\mspmsnsv.dll
[2009-03-24 15:42:35 | 00,116,736 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dpcdll.dll
[2009-03-24 15:42:35 | 00,116,736 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\dpcdll.dll
[2009-03-24 15:42:34 | 00,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\pidgen.dll
[2009-03-24 15:42:34 | 00,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\pidgen.dll
[2009-03-24 15:42:33 | 00,179,200 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\qmgr.dll
[2009-03-24 15:42:33 | 00,179,200 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\qmgr.dll
[2009-03-24 15:42:33 | 00,128,512 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\iuengine.dll
[2009-03-24 15:42:33 | 00,128,512 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\iuengine.dll
[2009-03-24 15:42:33 | 00,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\wuauclt.exe
[2009-03-24 15:42:33 | 00,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\wuauclt.exe
[2009-03-24 15:42:32 | 00,095,744 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\wuaueng.dll
[2009-03-24 15:42:32 | 00,095,744 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\wuaueng.dll
[2009-03-24 15:42:32 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\cdm.dll
[2009-03-24 15:42:32 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\cdm.dll
[2009-03-24 15:42:32 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\wuauserv.dll
[2009-03-24 15:42:32 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\wuauserv.dll
[2009-03-24 15:42:21 | 00,235,008 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\agentsvr.exe
[2009-03-24 15:42:21 | 00,204,288 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\agentctl.dll
[2009-03-24 15:42:21 | 00,050,688 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\agentdpv.dll
[2009-03-24 15:42:21 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\agentmpx.dll
[2009-03-24 15:42:21 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\agentsr.dll
[2009-03-24 15:42:21 | 00,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\agentdp2.dll
[2009-03-24 15:42:21 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\agentanm.dll
[2009-03-24 15:42:21 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\agtintl.dll
[2009-03-24 15:42:21 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\agentpsh.dll
[2009-03-24 15:42:21 | 00,020,540 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\author.dll
[2009-03-24 15:42:21 | 00,020,540 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\admin.dll
[2009-03-24 15:42:21 | 00,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\agtctl15.tlb
[2009-03-24 15:42:21 | 00,016,439 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\author.exe
[2009-03-24 15:42:21 | 00,016,439 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\admin.exe
[2009-03-24 15:42:20 | 00,995,328 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\conf.exe
[2009-03-24 15:42:20 | 00,540,745 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\cintsetp.exe
[2009-03-24 15:42:20 | 00,360,448 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\callcont.dll
[2009-03-24 15:42:20 | 00,344,127 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\cintime.dll
[2009-03-24 15:42:20 | 00,299,069 | ---- | C] () -- C:\WINNT\System32\dllcache\chtskf.dll
[2009-03-24 15:42:20 | 00,204,861 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\chtmbx.dll
[2009-03-24 15:42:20 | 00,188,480 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\cfgwiz.exe
[2009-03-24 15:42:20 | 00,186,880 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\comadmin.dll
[2009-03-24 15:42:20 | 00,131,134 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\chtskdic.dll
[2009-03-24 15:42:20 | 00,098,368 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\cintlgnt.ime
[2009-03-24 15:42:20 | 00,075,264 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\chajei.ime
[2009-03-24 15:42:20 | 00,061,492 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\cplexe.exe
[2009-03-24 15:42:20 | 00,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\confmrsl.dll
[2009-03-24 15:42:20 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\comrepl.exe
[2009-03-24 15:42:19 | 00,557,128 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\dao360.dll
[2009-03-24 15:42:19 | 00,522,240 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\dialer.exe
[2009-03-24 15:42:19 | 00,294,912 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\dlimport.exe
[2009-03-24 15:42:19 | 00,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\dhtmled.ocx
[2009-03-24 15:42:19 | 00,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\directdb.dll
[2009-03-24 15:42:19 | 00,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\dayi.ime
[2009-03-24 15:42:19 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\dcap32.dll
[2009-03-24 15:42:17 | 00,618,605 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\fp4autl.dll
[2009-03-24 15:42:17 | 00,184,435 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\fp4amsft.dll
[2009-03-24 15:42:17 | 00,147,513 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\fp4apws.dll
[2009-03-24 15:42:17 | 00,102,509 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\fp4atxt.dll
[2009-03-24 15:42:17 | 00,096,256 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\evntagnt.dll
[2009-03-24 15:42:17 | 00,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\fp4areg.dll
[2009-03-24 15:42:17 | 00,084,992 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\evntwin.exe
[2009-03-24 15:42:17 | 00,082,035 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\fp4anscp.dll
[2009-03-24 15:42:17 | 00,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\evntcmd.exe
[2009-03-24 15:42:16 | 00,872,557 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\fp4awel.dll
[2009-03-24 15:42:16 | 00,598,071 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\fpmmc.dll
[2009-03-24 15:42:16 | 00,442,880 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\fxsapi.dll
[2009-03-24 15:42:16 | 00,271,872 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\fxscomex.dll
[2009-03-24 15:42:16 | 00,216,064 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\fxscover.exe
[2009-03-24 15:42:16 | 00,208,896 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\fpmmcsat.dll
[2009-03-24 15:42:16 | 00,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\fxsclnt.exe
[2009-03-24 15:42:16 | 00,109,328 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\fp98swin.exe
[2009-03-24 15:42:16 | 00,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\fpcount.exe
[2009-03-24 15:42:16 | 00,094,208 | ---- | C] () -- C:\WINNT\System32\dllcache\fpencode.dll
[2009-03-24 15:42:16 | 00,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\fxscom.dll
[2009-03-24 15:42:16 | 00,049,212 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\fp4awebs.dll
[2009-03-24 15:42:16 | 00,041,020 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\fp4avnb.dll
[2009-03-24 15:42:16 | 00,032,826 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\fp4avss.dll
[2009-03-24 15:42:16 | 00,024,632 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\fpadmcgi.exe
[2009-03-24 15:42:16 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\fxsdrv.dll
[2009-03-24 15:42:16 | 00,020,541 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\fpexedll.dll
[2009-03-24 15:42:16 | 00,020,541 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\fpadmdll.dll
[2009-03-24 15:42:16 | 00,020,538 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\fpremadm.exe
[2009-03-24 15:42:16 | 00,014,608 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\fp98sadm.exe
[2009-03-24 15:42:15 | 00,692,224 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\helpctr.exe
[2009-03-24 15:42:15 | 00,559,616 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\fxsst.dll
[2009-03-24 15:42:15 | 00,395,264 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\fxsxp32.dll
[2009-03-24 15:42:15 | 00,391,168 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\fxstiff.dll
[2009-03-24 15:42:15 | 00,249,344 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\fxssvc.exe
[2009-03-24 15:42:15 | 00,236,032 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\fxst30.dll
[2009-03-24 15:42:15 | 00,186,368 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\fxswzrd.dll
[2009-03-24 15:42:15 | 00,149,504 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\fxsui.dll
[2009-03-24 15:42:15 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\fxsevent.dll
[2009-03-24 15:42:15 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\h323cc.dll
[2009-03-24 15:42:15 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\fxsmon.dll
[2009-03-24 15:42:15 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\fxsext32.dll
[2009-03-24 15:42:15 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\fxsperf.dll
[2009-03-24 15:42:15 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\fxsres.dll
[2009-03-24 15:42:14 | 00,827,438 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\imjp81k.dll
[2009-03-24 15:42:14 | 00,716,853 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\imjpcus.dll
[2009-03-24 15:42:14 | 00,694,272 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\helpsvc.exe
[2009-03-24 15:42:14 | 00,356,398 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\imjpcic.dll
[2009-03-24 15:42:14 | 00,340,013 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\imjp81.ime
[2009-03-24 15:42:14 | 00,307,254 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\imjpdct.exe
[2009-03-24 15:42:14 | 00,209,408 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\icwconn1.exe
[2009-03-24 15:42:14 | 00,155,702 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\imjpdsvr.exe
[2009-03-24 15:42:14 | 00,155,648 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\icwhelp.dll
[2009-03-24 15:42:14 | 00,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\imekr61.ime
[2009-03-24 15:42:14 | 00,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\imekrcic.dll
[2009-03-24 15:42:14 | 00,081,973 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\imjpdct.dll
[2009-03-24 15:42:14 | 00,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\imekrmbx.dll
[2009-03-24 15:42:14 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\icwconn2.exe
[2009-03-24 15:42:14 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\icwconn.dll
[2009-03-24 15:42:14 | 00,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\icwutil.dll
[2009-03-24 15:42:14 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\hostmib.dll
[2009-03-24 15:42:14 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\icwrmind.exe
[2009-03-24 15:42:14 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\icwdl.dll
[2009-03-24 15:42:13 | 00,274,486 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\imjputyc.dll
[2009-03-24 15:42:13 | 00,262,197 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\imjputy.exe
[2009-03-24 15:42:13 | 00,233,524 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\imjprw.exe
[2009-03-24 15:42:13 | 00,208,949 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\imjpmig.exe
[2009-03-24 15:42:13 | 00,196,662 | ---- | C] () -- C:\WINNT\System32\dllcache\imjpinst.exe
[2009-03-24 15:42:13 | 00,102,452 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\imlang.dll
[2009-03-24 15:42:13 | 00,077,824 | ---- | C] () -- C:\WINNT\System32\dllcache\imscinst.exe
[2009-03-24 15:42:13 | 00,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\iprip.dll
[2009-03-24 15:42:13 | 00,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\lmmib2.dll
[2009-03-24 15:42:13 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\lpdsvc.dll
[2009-03-24 15:42:13 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\inetwiz.exe
[2009-03-24 15:42:12 | 04,186,256 | ---- | C] (Microsoft) -- C:\WINNT\System32\dllcache\luna.mst
[2009-03-24 15:42:12 | 00,806,978 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\moviemk.exe
[2009-03-24 15:42:12 | 00,147,456 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msadds.dll
[2009-03-24 15:42:12 | 00,131,072 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msadco.dll
[2009-03-24 15:42:12 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msadcf.dll
[2009-03-24 15:42:12 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msadcs.dll
[2009-03-24 15:42:12 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msader15.dll
[2009-03-24 15:42:12 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msaddsr.dll
[2009-03-24 15:42:12 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msadcer.dll
[2009-03-24 15:42:12 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\lprmon.dll
[2009-03-24 15:42:12 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msadcor.dll
[2009-03-24 15:42:12 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msadcfr.dll
[2009-03-24 15:42:12 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\migregdb.exe
[2009-03-24 15:42:12 | 00,004,639 | ---- | C] () -- C:\WINNT\System32\dllcache\mplayer2.exe
[2009-03-24 15:42:11 | 00,487,424 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msado15.dll
[2009-03-24 15:42:11 | 00,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msadox.dll
[2009-03-24 15:42:11 | 00,159,744 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msadomd.dll
[2009-03-24 15:42:11 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msado26.tlb
[2009-03-24 15:42:11 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msado25.tlb
[2009-03-24 15:42:11 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msado21.tlb
[2009-03-24 15:42:11 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msado20.tlb
[2009-03-24 15:42:11 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msadrh15.dll
[2009-03-24 15:42:11 | 00,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msador15.dll
[2009-03-24 15:42:10 | 00,238,592 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\mscandui.dll
[2009-03-24 15:42:10 | 00,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msdaprst.dll
[2009-03-24 15:42:10 | 00,145,408 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msconfig.exe
[2009-03-24 15:42:10 | 00,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msdarem.dll
[2009-03-24 15:42:10 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msdaprsr.dll
[2009-03-24 15:42:09 | 03,346,432 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msgr3en.dll
[2009-03-24 15:42:09 | 00,348,238 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msjetol1.dll
[2009-03-24 15:42:09 | 00,348,160 | ---- | C] () -- C:\WINNT\System32\dllcache\msinfo.dll
[2009-03-24 15:42:09 | 00,090,112 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msjro.dll
[2009-03-24 15:42:09 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msimn.exe
[2009-03-24 15:42:09 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msdfmap.dll
[2009-03-24 15:42:09 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msdaremr.dll
[2009-03-24 15:42:08 | 02,479,104 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msoeres.dll
[2009-03-24 15:42:08 | 01,174,528 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msoe.dll
[2009-03-24 15:42:08 | 00,249,856 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\mst120.dll
[2009-03-24 15:42:08 | 00,208,896 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\nac.dll
[2009-03-24 15:42:08 | 00,084,992 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\muisetup.exe
[2009-03-24 15:42:08 | 00,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\mst123.dll
[2009-03-24 15:42:08 | 00,036,352 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\mslwvtts.dll
[2009-03-24 15:42:07 | 00,364,544 | ---- | C] (Microsoft Corporation (written by Digital Renaissance Inc.)) -- C:\WINNT\System32\dllcache\npdsplay.dll
[2009-03-24 15:42:07 | 00,217,088 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\nmas.dll
[2009-03-24 15:42:07 | 00,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\nmwb.dll
[2009-03-24 15:42:07 | 00,163,840 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\nmoldwb.dll
[2009-03-24 15:42:07 | 00,157,696 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\npdrmv2.dll
[2009-03-24 15:42:07 | 00,143,360 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\nmft.dll
[2009-03-24 15:42:07 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\nmchat.dll
[2009-03-24 15:42:07 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\nmcom.dll
[2009-03-24 15:42:07 | 00,055,808 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\ndisnpp.dll
[2009-03-24 15:42:07 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\nmasnt.dll
[2009-03-24 15:42:07 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\nppagent.exe
[2009-03-24 15:42:07 | 00,008,223 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\npwmsdrm.dll
[2009-03-24 15:42:06 | 00,684,081 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\pintlgnt.ime
[2009-03-24 15:42:06 | 00,294,975 | ---- | C] () -- C:\WINNT\System32\dllcache\pintlcsa.dll
[2009-03-24 15:42:06 | 00,272,896 | ---- | C] (Cinematronics) -- C:\WINNT\System32\dllcache\pinball.exe
[2009-03-24 15:42:06 | 00,131,126 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\pintlphr.exe
[2009-03-24 15:42:06 | 00,114,762 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\pmigrate.dll
[2009-03-24 15:42:06 | 00,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\pchshell.dll
[2009-03-24 15:42:06 | 00,092,672 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\oeimport.dll
[2009-03-24 15:42:06 | 00,090,175 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\pintlcsd.dll
[2009-03-24 15:42:06 | 00,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\phon.ime
[2009-03-24 15:42:06 | 00,074,752 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\quick.ime
[2009-03-24 15:42:06 | 00,055,808 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\oemig50.exe
[2009-03-24 15:42:06 | 00,032,836 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\padrs804.dll
[2009-03-24 15:42:06 | 00,032,836 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\padrs404.dll
[2009-03-24 15:42:06 | 00,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\oemiglib.dll
[2009-03-24 15:42:06 | 00,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\pchsvc.dll
[2009-03-24 15:42:05 | 00,696,320 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\sapi.dll
[2009-03-24 15:42:05 | 00,366,080 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\rstrui.exe
[2009-03-24 15:42:05 | 00,345,600 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\snmpincl.dll
[2009-03-24 15:42:05 | 00,256,000 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\sptip.dll
[2009-03-24 15:42:05 | 00,246,784 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\snmpcl.dll
[2009-03-24 15:42:05 | 00,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\smi2smir.exe
[2009-03-24 15:42:05 | 00,182,784 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\snmpsmir.dll
[2009-03-24 15:42:05 | 00,160,768 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\softkbd.dll
[2009-03-24 15:42:05 | 00,147,456 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\sapi.cpl
[2009-03-24 15:42:05 | 00,106,562 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\srchctls.dll
[2009-03-24 15:42:05 | 00,066,560 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\setup50.exe
[2009-03-24 15:42:05 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\rrcm.dll
[2009-03-24 15:42:05 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\snmpthrd.dll
[2009-03-24 15:42:05 | 00,032,256 | ---- | C] () -- C:\WINNT\System32\dllcache\sniffpol.dll
[2009-03-24 15:42:05 | 00,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\snmp.exe
[2009-03-24 15:42:05 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\romanime.ime
[2009-03-24 15:42:05 | 00,020,536 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\shtml.dll
[2009-03-24 15:42:05 | 00,016,437 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\shtml.exe
[2009-03-24 15:42:05 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\snmptrap.exe
[2009-03-24 15:42:05 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\snmpmib.dll
[2009-03-24 15:42:04 | 00,843,832 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\tintlgnt.ime
[2009-03-24 15:42:04 | 00,794,686 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\srchui.dll
[2009-03-24 15:42:04 | 00,737,360 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\tintsetp.exe
[2009-03-24 15:42:04 | 00,426,038 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\voicepad.dll
[2009-03-24 15:42:04 | 00,346,624 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\tourstrt.exe
[2009-03-24 15:42:04 | 00,262,656 | ---- | C] () -- C:\WINNT\System32\dllcache\tshoot.dll
[2009-03-24 15:42:04 | 00,145,920 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\triedit.dll
[2009-03-24 15:42:04 | 00,143,421 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\tintlphr.exe
[2009-03-24 15:42:04 | 00,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\uploadm.exe
[2009-03-24 15:42:04 | 00,090,172 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\tmigrate.dll
[2009-03-24 15:42:04 | 00,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\uniime.dll
[2009-03-24 15:42:04 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\unicdime.ime
[2009-03-24 15:42:04 | 00,032,827 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\tcptest.exe
[2009-03-24 15:42:04 | 00,030,720 | ---- | C] () -- C:\WINNT\System32\dllcache\sstub.dll
[2009-03-24 15:42:04 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\tcptsat.dll
[2009-03-24 15:42:03 | 00,459,776 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\wab32.dll
[2009-03-24 15:42:03 | 00,442,880 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\w95upgnt.dll
[2009-03-24 15:42:03 | 00,249,344 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\wab32res.dll
[2009-03-24 15:42:03 | 00,150,016 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\winpy.ime
[2009-03-24 15:42:03 | 00,086,070 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\voicesub.dll
[2009-03-24 15:42:03 | 00,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\wabimp.dll
[2009-03-24 15:42:03 | 00,075,776 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\winar30.ime
[2009-03-24 15:42:03 | 00,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\winime.ime
[2009-03-24 15:42:03 | 00,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\wab.exe
[2009-03-24 15:42:03 | 00,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\wabfind.dll
[2009-03-24 15:42:03 | 00,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\wabmig.exe
[2009-03-24 15:42:02 | 00,150,016 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\winzm.ime
[2009-03-24 15:42:02 | 00,150,016 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\winsp.ime
[2009-03-24 15:42:01 | 00,200,192 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\wordpad.exe
[2009-03-24 15:42:00 | 01,266,688 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\cimwin32.dll
[2009-03-24 15:42:00 | 00,585,216 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\fastprox.dll
[2009-03-24 15:42:00 | 00,235,520 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\esscli.dll
[2009-03-24 15:42:00 | 00,174,592 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\framedyn.dll
[2009-03-24 15:42:00 | 00,104,960 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\mofd.dll
[2009-03-24 15:42:00 | 00,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\krnlprov.dll
[2009-03-24 15:42:00 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\evntrprv.dll
[2009-03-24 15:42:00 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\mofcomp.exe
[2009-03-24 15:41:59 | 00,477,184 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\wbemcore.dll
[2009-03-24 15:41:59 | 00,259,072 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\wbemess.dll
[2009-03-24 15:41:59 | 00,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\provthrd.dll
[2009-03-24 15:41:59 | 00,214,528 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\wbemcomn.dll
[2009-03-24 15:41:59 | 00,203,264 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\ntevt.dll
[2009-03-24 15:41:59 | 00,183,808 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\wbemcntl.dll
[2009-03-24 15:41:59 | 00,167,936 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\wbemdisp.dll
[2009-03-24 15:41:59 | 00,157,696 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\wbemtest.exe
[2009-03-24 15:41:59 | 00,137,216 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\repdrvfs.dll
[2009-03-24 15:41:59 | 00,125,952 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\viewprov.dll
[2009-03-24 15:41:59 | 00,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\wbemupgd.dll
[2009-03-24 15:41:59 | 00,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\stdprov.dll
[2009-03-24 15:41:59 | 00,066,048 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\wbemcons.dll
[2009-03-24 15:41:59 | 00,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\ncprov.dll
[2009-03-24 15:41:59 | 00,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\wbemsvc.dll
[2009-03-24 15:41:59 | 00,038,400 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\wbemperf.dll
[2009-03-24 15:41:59 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\scrcons.exe
[2009-03-24 15:41:59 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\wbemprox.dll
[2009-03-24 15:41:58 | 00,468,480 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\iis.dll
[2009-03-24 15:41:58 | 00,407,040 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\wmiprvsd.dll
[2009-03-24 15:41:58 | 00,203,264 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\wmiprvse.exe
[2009-03-24 15:41:58 | 00,183,808 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\wmiadap.exe
[2009-03-24 15:41:58 | 00,149,504 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\wmipcima.dll
[2009-03-24 15:41:58 | 00,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\wmidcprv.dll
[2009-03-24 15:41:58 | 00,124,928 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\wmipdskq.dll
[2009-03-24 15:41:58 | 00,122,368 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\wmiprov.dll
[2009-03-24 15:41:58 | 00,122,368 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\fxsocm.dll
[2009-03-24 15:41:58 | 00,117,248 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\wmiapsrv.exe
[2009-03-24 15:41:58 | 00,100,864 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\wmisvc.dll
[2009-03-24 15:41:58 | 00,096,768 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\setupqry.dll
[2009-03-24 15:41:58 | 00,095,744 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\wmiutils.dll
[2009-03-24 15:41:58 | 00,082,432 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\wmiaprpl.dll
[2009-03-24 15:41:58 | 00,071,168 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\netoc.dll
[2009-03-24 15:41:58 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\ntoc.dll
[2009-03-24 15:41:58 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\wmipjobj.dll
[2009-03-24 15:41:58 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\wmipiprt.dll
[2009-03-24 15:41:58 | 00,055,808 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\wmicookr.dll
[2009-03-24 15:41:58 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\wmipsess.dll
[2009-03-24 15:41:58 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\ocmsn.dll
[2009-03-24 15:41:58 | 00,032,828 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\fp40ext.dll
[2009-03-24 15:41:58 | 00,024,606 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msgrocm.dll
[2009-03-24 15:41:58 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\ocgen.dll
[2009-03-24 15:41:58 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\wmiapres.dll
[2009-03-24 15:41:57 | 00,413,696 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\oledb32.dll
[2009-03-24 15:41:57 | 00,310,752 | ---- | C] () -- C:\WINNT\System32\dllcache\tahoma.ttf
[2009-03-24 15:41:57 | 00,305,724 | ---- | C] () -- C:\WINNT\System32\dllcache\micross.ttf
[2009-03-24 15:41:57 | 00,303,104 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msdasql.dll
[2009-03-24 15:41:57 | 00,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msdaora.dll
[2009-03-24 15:41:57 | 00,213,075 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\sqlxmlx.dll
[2009-03-24 15:41:57 | 00,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msdaps.dll
[2009-03-24 15:41:57 | 00,099,840 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\tsoc.dll
[2009-03-24 15:41:57 | 00,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msdatl3.dll
[2009-03-24 15:41:57 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msdaosp.dll
[2009-03-24 15:41:57 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\oledb32r.dll
[2009-03-24 15:41:57 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msxactps.dll
[2009-03-24 15:41:57 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msdatt.dll
[2009-03-24 15:41:57 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msdasqlr.dll
[2009-03-24 15:41:57 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msdaorar.dll
[2009-03-24 15:41:57 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msdaurl.dll
[2009-03-24 15:41:57 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msdasc.dll
[2009-03-24 15:41:57 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msdaer.dll
[2009-03-24 15:41:57 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msdaenum.dll
[2009-03-24 15:41:57 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msdadc.dll
[2009-03-24 15:41:56 | 00,296,872 | ---- | C] () -- C:\WINNT\System32\dllcache\tahomabd.ttf
[2009-03-24 15:41:55 | 00,229,376 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\unregmp2.exe
[2009-03-24 15:41:54 | 01,000,960 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\explorer.exe
[2009-03-24 15:41:54 | 01,000,960 | ---- | C] (Microsoft Corporation) -- C:\WINNT\explorer.exe
[2009-03-24 15:41:54 | 00,266,752 | ---- | C] (Microsoft Corporation) -- C:\WINNT\winhlp32.exe
[2009-03-24 15:41:54 | 00,266,752 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\winhlp32.exe
[2009-03-24 15:41:54 | 00,134,144 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\regedit.exe
[2009-03-24 15:41:54 | 00,134,144 | ---- | C] (Microsoft Corporation) -- C:\WINNT\regedit.exe
[2009-03-24 15:41:54 | 00,046,592 | ---- | C] (Twain Working Group) -- C:\WINNT\twain_32.dll
[2009-03-24 15:41:54 | 00,046,592 | ---- | C] (Twain Working Group) -- C:\WINNT\System32\dllcache\twain_32.dll
[2009-03-24 15:41:54 | 00,026,647 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\hh.exe
[2009-03-24 15:41:54 | 00,026,647 | ---- | C] (Microsoft Corporation) -- C:\WINNT\hh.exe
[2009-03-24 15:41:53 | 00,532,480 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msobmain.dll
[2009-03-24 15:41:53 | 00,230,400 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\migwiz.exe
[2009-03-24 15:41:53 | 00,226,816 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\migwiz_a.exe
[2009-03-24 15:41:53 | 00,186,368 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\script.dll
[2009-03-24 15:41:53 | 00,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\migism.dll
[2009-03-24 15:41:53 | 00,179,200 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\migism_a.dll
[2009-03-24 15:41:53 | 00,167,424 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\script_a.dll
[2009-03-24 15:41:53 | 00,113,664 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\guitrn.dll
[2009-03-24 15:41:53 | 00,107,008 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msobcomm.dll
[2009-03-24 15:41:53 | 00,100,864 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\guitrn_a.dll
[2009-03-24 15:41:53 | 00,098,816 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\migload.exe
[2009-03-24 15:41:53 | 00,049,664 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\oobebaln.exe
[2009-03-24 15:41:53 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msobshel.dll
[2009-03-24 15:41:53 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msobweb.dll
[2009-03-24 15:41:53 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\log.dll
[2009-03-24 15:41:53 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msobdl.dll
[2009-03-24 15:41:52 | 00,181,760 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\activeds.dll
[2009-03-24 15:41:52 | 00,181,760 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\activeds.dll
[2009-03-24 15:41:52 | 00,179,200 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\accwiz.exe
[2009-03-24 15:41:52 | 00,179,200 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\accwiz.exe
[2009-03-24 15:41:52 | 00,160,768 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\adsldp.dll
[2009-03-24 15:41:52 | 00,160,768 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\adsldp.dll
[2009-03-24 15:41:52 | 00,141,312 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\sysmod.dll
[2009-03-24 15:41:52 | 00,130,560 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\sysmod_a.dll
[2009-03-24 15:41:52 | 00,107,008 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\aclui.dll
[2009-03-24 15:41:52 | 00,107,008 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\aclui.dll
[2009-03-24 15:41:52 | 00,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\actxprxy.dll
[2009-03-24 15:41:52 | 00,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\actxprxy.dll
[2009-03-24 15:41:52 | 00,066,048 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\access.cpl
[2009-03-24 15:41:52 | 00,066,048 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\access.cpl
[2009-03-24 15:41:52 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\admparse.dll
[2009-03-24 15:41:52 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\admparse.dll
[2009-03-24 15:41:52 | 00,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\6to4svc.dll
[2009-03-24 15:41:52 | 00,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\6to4svc.dll
[2009-03-24 15:41:52 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\actmovie.exe
[2009-03-24 15:41:52 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\actmovie.exe
[2009-03-24 15:41:51 | 00,558,592 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\appwiz.cpl
[2009-03-24 15:41:51 | 00,558,592 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\appwiz.cpl
[2009-03-24 15:41:51 | 00,239,616 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\adsnt.dll
[2009-03-24 15:41:51 | 00,239,616 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\adsnt.dll
[2009-03-24 15:41:51 | 00,139,264 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\adsldpc.dll
[2009-03-24 15:41:51 | 00,139,264 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\adsldpc.dll
[2009-03-24 15:41:51 | 00,104,448 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\apphelp.dll
[2009-03-24 15:41:51 | 00,104,448 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\apphelp.dll
[2009-03-24 15:41:51 | 00,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\advpack.dll
[2009-03-24 15:41:51 | 00,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\advpack.dll
[2009-03-24 15:41:51 | 00,089,600 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\asctrls.ocx
[2009-03-24 15:41:51 | 00,089,600 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\asctrls.ocx
[2009-03-24 15:41:51 | 00,084,992 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\ahui.exe
[2009-03-24 15:41:51 | 00,084,992 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\ahui.exe
[2009-03-24 15:41:51 | 00,063,488 | ---- | C] () -- C:\WINNT\System32\dllcache\amstream.dll
[2009-03-24 15:41:51 | 00,063,488 | ---- | C] () -- C:\WINNT\System32\amstream.dll
[2009-03-24 15:41:51 | 00,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\adsmsext.dll
[2009-03-24 15:41:51 | 00,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\adsmsext.dll
[2009-03-24 15:41:51 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\alg.exe
[2009-03-24 15:41:51 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\alg.exe
[2009-03-24 15:41:51 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\alrsvc.dll
[2009-03-24 15:41:51 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\alrsvc.dll
[2009-03-24 15:41:51 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\asferror.dll
[2009-03-24 15:41:51 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\asferror.dll
[2009-03-24 15:41:50 | 02,028,032 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\cdosys.dll
[2009-03-24 15:41:50 | 02,028,032 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\cdosys.dll
[2009-03-24 15:41:50 | 01,139,200 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\comsvcs.dll
[2009-03-24 15:41:50 | 01,139,200 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\comsvcs.dll
[2009-03-24 15:41:50 | 01,020,416 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\browseui.dll
[2009-03-24 15:41:50 | 01,020,416 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\browseui.dll
[2009-03-24 15:41:50 | 00,792,064 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\comres.dll
[2009-03-24 15:41:50 | 00,792,064 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\comres.dll
[2009-03-24 15:41:50 | 00,583,168 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\catsrvut.dll
[2009-03-24 15:41:50 | 00,583,168 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\catsrvut.dll
[2009-03-24 15:41:50 | 00,558,592 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\autofmt.exe
[2009-03-24 15:41:50 | 00,558,592 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\autofmt.exe
[2009-03-24 15:41:50 | 00,554,496 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\crypt32.dll
[2009-03-24 15:41:50 | 00,554,496 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\crypt32.dll
[2009-03-24 15:41:50 | 00,495,616 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\comuid.dll
[2009-03-24 15:41:50 | 00,495,616 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\comuid.dll
[2009-03-24 15:41:50 | 00,470,016 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\cryptui.dll
[2009-03-24 15:41:50 | 00,470,016 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\cryptui.dll
[2009-03-24 15:41:50 | 00,468,480 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\clbcatq.dll
[2009-03-24 15:41:50 | 00,468,480 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\clbcatq.dll
[2009-03-24 15:41:50 | 00,436,736 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\certmgr.dll
[2009-03-24 15:41:50 | 00,436,736 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\certmgr.dll
[2009-03-24 15:41:50 | 00,314,880 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\cmdial32.dll
[2009-03-24 15:41:50 | 00,314,880 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\cmdial32.dll
[2009-03-24 15:41:50 | 00,305,664 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\cscui.dll
[2009-03-24 15:41:50 | 00,305,664 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\cscui.dll
[2009-03-24 15:41:50 | 00,238,592 | ---- | C] () -- C:\WINNT\System32\dllcache\compatui.dll
[2009-03-24 15:41:50 | 00,238,592 | ---- | C] () -- C:\WINNT\System32\compatui.dll
[2009-03-24 15:41:50 | 00,222,208 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\compstui.dll
[2009-03-24 15:41:50 | 00,222,208 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\compstui.dll
[2009-03-24 15:41:50 | 00,215,040 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\catsrv.dll
[2009-03-24 15:41:50 | 00,215,040 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\catsrv.dll
[2009-03-24 15:41:50 | 00,204,800 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\blackbox.dll
[2009-03-24 15:41:50 | 00,204,800 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\blackbox.dll
[2009-03-24 15:41:50 | 00,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\certcli.dll
[2009-03-24 15:41:50 | 00,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\certcli.dll
[2009-03-24 15:41:50 | 00,174,592 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\cmprops.dll
[2009-03-24 15:41:50 | 00,174,592 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\cmprops.dll
[2009-03-24 15:41:50 | 00,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\credui.dll
[2009-03-24 15:41:50 | 00,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\credui.dll
[2009-03-24 15:41:50 | 00,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\cewmdm.dll
[2009-03-24 15:41:50 | 00,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\cewmdm.dll
[2009-03-24 15:41:50 | 00,142,336 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\cdfview.dll
[2009-03-24 15:41:50 | 00,142,336 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\cdfview.dll
[2009-03-24 15:41:50 | 00,127,552 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\cliconfg.dll
[2009-03-24 15:41:50 | 00,102,450 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\cscript.exe
[2009-03-24 15:41:50 | 00,102,450 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\cscript.exe
[2009-03-24 15:41:50 | 00,100,864 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\clbcatex.dll
[2009-03-24 15:41:50 | 00,100,864 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\clbcatex.dll
[2009-03-24 15:41:50 | 00,098,816 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\clipbrd.exe
[2009-03-24 15:41:50 | 00,098,816 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\clipbrd.exe
[2009-03-24 15:41:50 | 00,089,600 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\cscdll.dll
[2009-03-24 15:41:50 | 00,089,600 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\cscdll.dll
[2009-03-24 15:41:50 | 00,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\catsrvps.dll
[2009-03-24 15:41:50 | 00,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\catsrvps.dll
[2009-03-24 15:41:50 | 00,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\cabview.dll
[2009-03-24 15:41:50 | 00,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\cabview.dll
[2009-03-24 15:41:50 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\asycfilt.dll
[2009-03-24 15:41:50 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\asycfilt.dll
[2009-03-24 15:41:50 | 00,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\avifil32.dll
[2009-03-24 15:41:50 | 00,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\avifil32.dll
[2009-03-24 15:41:50 | 00,074,802 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\atl.dll
[2009-03-24 15:41:50 | 00,074,802 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\atl.dll
[2009-03-24 15:41:50 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\browsewm.dll
[2009-03-24 15:41:50 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\browsewm.dll
[2009-03-24 15:41:50 | 00,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\cryptdlg.dll
[2009-03-24 15:41:50 | 00,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\cryptdlg.dll
[2009-03-24 15:41:50 | 00,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\ciodm.dll
[2009-03-24 15:41:50 | 00,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\browselc.dll
[2009-03-24 15:41:50 | 00,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\ciodm.dll
[2009-03-24 15:41:50 | 00,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\browselc.dll
[2009-03-24 15:41:50 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\cleanmgr.exe
[2009-03-24 15:41:50 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\cleanmgr.exe
[2009-03-24 15:41:50 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\cabinet.dll
[2009-03-24 15:41:50 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\cabinet.dll
[2009-03-24 15:41:50 | 00,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\colbact.dll
[2009-03-24 15:41:50 | 00,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\colbact.dll
[2009-03-24 15:41:50 | 00,054,784 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\cmstp.exe
[2009-03-24 15:41:50 | 00,054,784 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\cmstp.exe
[2009-03-24 15:41:50 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\cryptnet.dll
[2009-03-24 15:41:50 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\clusapi.dll
[2009-03-24 15:41:50 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\cryptnet.dll
[2009-03-24 15:41:50 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\clusapi.dll
[2009-03-24 15:41:50 | 00,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\cryptsvc.dll
[2009-03-24 15:41:50 | 00,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\authz.dll
[2009-03-24 15:41:50 | 00,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\cryptsvc.dll
[2009-03-24 15:41:50 | 00,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\authz.dll
[2009-03-24 15:41:50 | 00,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\browser.dll
[2009-03-24 15:41:50 | 00,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\browser.dll
[2009-03-24 15:41:50 | 00,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\cryptext.dll
[2009-03-24 15:41:50 | 00,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\cryptext.dll
[2009-03-24 15:41:50 | 00,045,632 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\cliconfg.exe
[2009-03-24 15:41:50 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\cnbjmon.dll
[2009-03-24 15:41:50 | 00,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\camocx.dll
[2009-03-24 15:41:50 | 00,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\basesrv.dll
[2009-03-24 15:41:50 | 00,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\camocx.dll
[2009-03-24 15:41:50 | 00,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\basesrv.dll
[2009-03-24 15:41:50 | 00,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\cmdl32.exe
[2009-03-24 15:41:50 | 00,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\cmdl32.exe
[2009-03-24 15:41:50 | 00,037,888 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\audiosrv.dll
[2009-03-24 15:41:50 | 00,037,888 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\audiosrv.dll
[2009-03-24 15:41:50 | 00,036,352 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\cmutil.dll
[2009-03-24 15:41:50 | 00,036,352 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\cmutil.dll
[2009-03-24 15:41:50 | 00,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\cmmon32.exe
[2009-03-24 15:41:50 | 00,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\cmmon32.exe
[2009-03-24 15:41:50 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\cfgbkend.dll
[2009-03-24 15:41:50 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\cfgbkend.dll
[2009-03-24 15:41:50 | 00,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\clipsrv.exe
[2009-03-24 15:41:50 | 00,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\clipsrv.exe
[2009-03-24 15:41:50 | 00,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\cryptdll.dll
[2009-03-24 15:41:50 | 00,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\cryptdll.dll
[2009-03-24 15:41:50 | 00,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\batmeter.dll
[2009-03-24 15:41:50 | 00,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\batmeter.dll
[2009-03-24 15:41:50 | 00,027,136 | ---- | C] (Adobe Systems) -- C:\WINNT\System32\dllcache\atmlib.dll
[2009-03-24 15:41:50 | 00,027,136 | ---- | C] (Adobe Systems) -- C:\WINNT\System32\atmlib.dll
[2009-03-24 15:41:50 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\conime.exe
[2009-03-24 15:41:50 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\conime.exe
[2009-03-24 15:41:50 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\cliconfg.rll
[2009-03-24 15:41:50 | 00,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\at.exe
[2009-03-24 15:41:50 | 00,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\at.exe
[2009-03-24 15:41:50 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\cfgmgr32.dll
[2009-03-24 15:41:50 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\cfgmgr32.dll
[2009-03-24 15:41:50 | 00,014,877 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\corpol.dll
[2009-03-24 15:41:50 | 00,014,877 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\corpol.dll
[2009-03-24 15:41:50 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\bidispl.dll
[2009-03-24 15:41:50 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\bidispl.dll
[2009-03-24 15:41:50 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\cmcfg32.dll
[2009-03-24 15:41:50 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\cmcfg32.dll
[2009-03-24 15:41:50 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\atmadm.exe
[2009-03-24 15:41:50 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\atmadm.exe
[2009-03-24 15:41:50 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\autolfn.exe
[2009-03-24 15:41:50 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\autolfn.exe
[2009-03-24 15:41:50 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\batt.dll
[2009-03-24 15:41:50 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\batt.dll
[2009-03-24 15:41:50 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\cisvc.exe
[2009-03-24 15:41:50 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\cisvc.exe
[2009-03-24 15:41:50 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\csrss.exe
[2009-03-24 15:41:50 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\csrss.exe
[2009-03-24 15:41:49 | 01,181,184 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\d3d8.dll
[2009-03-24 15:41:49 | 01,181,184 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\d3d8.dll
[2009-03-24 15:41:49 | 00,986,112 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\danim.dll
[2009-03-24 15:41:49 | 00,986,112 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\danim.dll
[2009-03-24 15:41:49 | 00,791,040 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\d3dim700.dll
[2009-03-24 15:41:49 | 00,791,040 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\d3dim700.dll
[2009-03-24 15:41:49 | 00,486,400 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\dbghelp.dll
[2009-03-24 15:41:49 | 00,486,400 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dbghelp.dll
[2009-03-24 15:41:49 | 00,267,264 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\ddraw.dll
[2009-03-24 15:41:49 | 00,267,264 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\ddraw.dll
[2009-03-24 15:41:49 | 00,142,848 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\daxctle.ocx
[2009-03-24 15:41:49 | 00,142,848 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\daxctle.ocx
[2009-03-24 15:41:49 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\dbnetlib.dll
[2009-03-24 15:41:49 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dbnetlib.dll
[2009-03-24 15:41:49 | 00,051,712 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\dataclen.dll
[2009-03-24 15:41:49 | 00,051,712 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dataclen.dll
[2009-03-24 15:41:49 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dbnmpntw.dll
[2009-03-24 15:41:49 | 00,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\ddeshare.exe
[2009-03-24 15:41:49 | 00,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\ddeshare.exe
[2009-03-24 15:41:49 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dbmsrpcn.dll
[2009-03-24 15:41:49 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\ddrawex.dll
[2009-03-24 15:41:49 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\ddrawex.dll
[2009-03-24 15:41:49 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\davclnt.dll
[2009-03-24 15:41:49 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\davclnt.dll
[2009-03-24 15:41:49 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\ctfmon.exe
[2009-03-24 15:41:49 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\ctfmon.exe
[2009-03-24 15:41:49 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\d3d8thk.dll
[2009-03-24 15:41:49 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\d3d8thk.dll
[2009-03-24 15:41:49 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\dciman32.dll
[2009-03-24 15:41:49 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dciman32.dll
[2009-03-24 15:41:49 | 00,001,420 | ---- | C] () -- C:\WINNT\System32\dcache.bin
[2009-03-24 15:41:48 | 01,293,824 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dsound3d.dll
[2009-03-24 15:41:48 | 01,293,824 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\dsound3d.dll
[2009-03-24 15:41:48 | 01,185,792 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dx8vb.dll
[2009-03-24 15:41:48 | 01,185,792 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\dx8vb.dll
[2009-03-24 15:41:48 | 01,018,368 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\esent.dll
[2009-03-24 15:41:48 | 01,018,368 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\esent.dll
[2009-03-24 15:41:48 | 00,778,240 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dxdiag.exe
[2009-03-24 15:41:48 | 00,778,240 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\dxdiag.exe
[2009-03-24 15:41:48 | 00,595,456 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dx7vb.dll
[2009-03-24 15:41:48 | 00,595,456 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\dx7vb.dll
[2009-03-24 15:41:48 | 00,589,824 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drmv2clt.dll
[2009-03-24 15:41:48 | 00,589,824 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\drmv2clt.dll
[2009-03-24 15:41:48 | 00,498,205 | ---- | C] () -- C:\WINNT\System32\dxmasf.dll
[2009-03-24 15:41:48 | 00,498,205 | ---- | C] () -- C:\WINNT\System32\dllcache\dxmasf.dll
[2009-03-24 15:41:48 | 00,338,944 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dsound.dll
[2009-03-24 15:41:48 | 00,338,944 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\dsound.dll
[2009-03-24 15:41:48 | 00,337,920 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dxtmsft.dll
[2009-03-24 15:41:48 | 00,337,920 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\dxtmsft.dll
[2009-03-24 15:41:48 | 00,263,680 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\devmgr.dll
[2009-03-24 15:41:48 | 00,263,680 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\devmgr.dll
[2009-03-24 15:41:48 | 00,261,120 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\duser.dll
[2009-03-24 15:41:48 | 00,261,120 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\duser.dll
[2009-03-24 15:41:48 | 00,258,048 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drmclien.dll
[2009-03-24 15:41:48 | 00,258,048 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\drmclien.dll
[2009-03-24 15:41:48 | 00,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dsquery.dll
[2009-03-24 15:41:48 | 00,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\dsquery.dll
[2009-03-24 15:41:48 | 00,224,768 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\es.dll
[2009-03-24 15:41:48 | 00,224,768 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\es.dll
[2009-03-24 15:41:48 | 00,212,992 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dplayx.dll
[2009-03-24 15:41:48 | 00,212,992 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\dplayx.dll
[2009-03-24 15:41:48 | 00,206,336 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dpvoice.dll
[2009-03-24 15:41:48 | 00,206,336 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\dpvoice.dll
[2009-03-24 15:41:48 | 00,204,800 | ---- | C] (Microsoft Corp., Veritas Software) -- C:\WINNT\System32\dmadmin.exe
[2009-03-24 15:41:48 | 00,204,800 | ---- | C] (Microsoft Corp., Veritas Software) -- C:\WINNT\System32\dllcache\dmadmin.exe
[2009-03-24 15:41:48 | 00,194,560 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dxtrans.dll
[2009-03-24 15:41:48 | 00,194,560 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\dxtrans.dll
[2009-03-24 15:41:48 | 00,184,320 | ---- | C] (Microsoft Corp.) -- C:\WINNT\System32\dmdskmgr.dll
[2009-03-24 15:41:48 | 00,184,320 | ---- | C] (Microsoft Corp.) -- C:\WINNT\System32\dllcache\dmdskmgr.dll
[2009-03-24 15:41:48 | 00,173,568 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\els.dll
[2009-03-24 15:41:48 | 00,173,568 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\els.dll
[2009-03-24 15:41:48 | 00,172,032 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dmime.dll
[2009-03-24 15:41:48 | 00,172,032 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\dmime.dll
[2009-03-24 15:41:48 | 00,168,960 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\dinput8.dll
[2009-03-24 15:41:48 | 00,168,960 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dinput8.dll
[2009-03-24 15:41:48 | 00,165,888 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dsdmo.dll
[2009-03-24 15:41:48 | 00,165,888 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\dsdmo.dll
[2009-03-24 15:41:48 | 00,162,128 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dwwin.exe
[2009-03-24 15:41:48 | 00,162,128 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\dwwin.exe
[2009-03-24 15:41:48 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dpnet.dll
[2009-03-24 15:41:48 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\dpnet.dll
[2009-03-24 15:41:48 | 00,151,552 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\dinput.dll
[2009-03-24 15:41:48 | 00,151,552 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dinput.dll
[2009-03-24 15:41:48 | 00,145,920 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\diskpart.exe
[2009-03-24 15:41:48 | 00,145,920 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\diskpart.exe
[2009-03-24 15:41:48 | 00,139,264 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dnsapi.dll
[2009-03-24 15:41:48 | 00,139,264 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\dnsapi.dll
[2009-03-24 15:41:48 | 00,131,072 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dsprop.dll
[2009-03-24 15:41:48 | 00,131,072 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\dsprop.dll
[2009-03-24 15:41:48 | 00,124,928 | ---- | C] (Microsoft Corp. and Executive Software International, Inc.) -- C:\WINNT\System32\dllcache\dfrgui.dll
[2009-03-24 15:41:48 | 00,124,928 | ---- | C] (Microsoft Corp. and Executive Software International, Inc.) -- C:\WINNT\System32\dfrgui.dll
[2009-03-24 15:41:48 | 00,122,880 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dssenh.dll
[2009-03-24 15:41:48 | 00,122,880 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\dssenh.dll
[2009-03-24 15:41:48 | 00,113,152 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dpvvox.dll
[2009-03-24 15:41:48 | 00,113,152 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\dpvvox.dll
[2009-03-24 15:41:48 | 00,110,080 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dmstyle.dll
[2009-03-24 15:41:48 | 00,110,080 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\dmstyle.dll
[2009-03-24 15:41:48 | 00,109,568 | ---- | C] (Microsoft Corp. and Executive Software International, Inc.) -- C:\WINNT\System32\dllcache\defrag.exe
[2009-03-24 15:41:48 | 00,109,568 | ---- | C] (Microsoft Corp. and Executive Software International, Inc.) -- C:\WINNT\System32\defrag.exe
[2009-03-24 15:41:48 | 00,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dsuiext.dll
[2009-03-24 15:41:48 | 00,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\dsuiext.dll
[2009-03-24 15:41:48 | 00,103,424 | ---- | C] (Microsoft) -- C:\WINNT\System32\dllcache\dgnet.dll
[2009-03-24 15:41:48 | 00,103,424 | ---- | C] (Microsoft) -- C:\WINNT\System32\dgnet.dll
[2009-03-24 15:41:48 | 00,099,840 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dmsynth.dll
[2009-03-24 15:41:48 | 00,099,840 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\dmsynth.dll
[2009-03-24 15:41:48 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dmusic.dll
[2009-03-24 15:41:48 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\dmusic.dll
[2009-03-24 15:41:48 | 00,085,504 | ---- | C] (Microsoft Corp. and Executive Software International, Inc.) -- C:\WINNT\System32\dllcache\dfrgntfs.exe
[2009-03-24 15:41:48 | 00,085,504 | ---- | C] (Microsoft Corp. and Executive Software International, Inc.) -- C:\WINNT\System32\dfrgntfs.exe
[2009-03-24 15:41:48 | 00,084,992 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dskquota.dll
[2009-03-24 15:41:48 | 00,084,992 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\dskquota.dll
[2009-03-24 15:41:48 | 00,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\diantz.exe
[2009-03-24 15:41:48 | 00,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\diantz.exe
[2009-03-24 15:41:48 | 00,077,312 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dmscript.dll
[2009-03-24 15:41:48 | 00,077,312 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\dmscript.dll
[2009-03-24 15:41:48 | 00,076,830 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drmstor.dll
[2009-03-24 15:41:48 | 00,076,830 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\drmstor.dll
[2009-03-24 15:41:48 | 00,073,216 | ---- | C] (Microsoft Corp. and Executive Software International, Inc.) -- C:\WINNT\System32\dllcache\dfrgfat.exe
[2009-03-24 15:41:48 | 00,073,216 | ---- | C] (Microsoft Corp. and Executive Software International, Inc.) -- C:\WINNT\System32\dfrgfat.exe
[2009-03-24 15:41:48 | 00,066,560 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dsdmoprp.dll
[2009-03-24 15:41:48 | 00,066,560 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\dsdmoprp.dll
[2009-03-24 15:41:48 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dmcompos.dll
[2009-03-24 15:41:48 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\dmcompos.dll
[2009-03-24 15:41:48 | 00,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dpvsetup.exe
[2009-03-24 15:41:48 | 00,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\dpvsetup.exe
[2009-03-24 15:41:48 | 00,055,808 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dpnhupnp.dll
[2009-03-24 15:41:48 | 00,055,808 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\dpnhupnp.dll
[2009-03-24 15:41:48 | 00,055,808 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\digest.dll
[2009-03-24 15:41:48 | 00,055,808 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\digest.dll
[2009-03-24 15:41:48 | 00,053,840 | ---- | C] () -- C:\WINNT\System32\dosx.exe
[2009-03-24 15:41:48 | 00,053,840 | ---- | C] () -- C:\WINNT\System32\dllcache\dosx.exe
[2009-03-24 15:41:48 | 00,051,712 | ---- | C] () -- C:\WINNT\System32\dllcache\devenum.dll
[2009-03-24 15:41:48 | 00,051,712 | ---- | C] () -- C:\WINNT\System32\devenum.dll
[2009-03-24 15:41:48 | 00,050,688 | ---- | C] (Microsoft Corp.) -- C:\WINNT\System32\dmutil.dll
[2009-03-24 15:41:48 | 00,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dpwsockx.dll
[2009-03-24 15:41:48 | 00,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\dpwsockx.dll
[2009-03-24 15:41:48 | 00,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dssec.dll
[2009-03-24 15:41:48 | 00,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\dssec.dll
[2009-03-24 15:41:48 | 00,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\docprop2.dll
[2009-03-24 15:41:48 | 00,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\docprop2.dll
[2009-03-24 15:41:48 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dnsrslvr.dll
[2009-03-24 15:41:48 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\dnsrslvr.dll
[2009-03-24 15:41:48 | 00,041,984 | ---- | C] (Microsoft Corp. and Executive Software International, Inc.) -- C:\WINNT\System32\dllcache\dfrgsnap.dll
[2009-03-24 15:41:48 | 00,041,984 | ---- | C] (Microsoft Corp. and Executive Software International, Inc.) -- C:\WINNT\System32\dfrgsnap.dll
[2009-03-24 15:41:48 | 00,038,400 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dpnlobby.dll
[2009-03-24 15:41:48 | 00,038,400 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\dpnlobby.dll
[2009-03-24 15:41:48 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dmloader.dll
[2009-03-24 15:41:48 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\dmloader.dll
[2009-03-24 15:41:48 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dumprep.exe
[2009-03-24 15:41:48 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dpnhpast.dll
[2009-03-24 15:41:48 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\dumprep.exe
[2009-03-24 15:41:48 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\dpnhpast.dll
[2009-03-24 15:41:48 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dpnaddr.dll
[2009-03-24 15:41:48 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dplaysvr.exe
[2009-03-24 15:41:48 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dmband.dll
[2009-03-24 15:41:48 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\dpnaddr.dll
[2009-03-24 15:41:48 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\dplaysvr.exe
[2009-03-24 15:41:48 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\dmband.dll
[2009-03-24 15:41:48 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\dfsshlex.dll
[2009-03-24 15:41:48 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dfsshlex.dll
[2009-03-24 15:41:48 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dpvacm.dll
[2009-03-24 15:41:48 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\dpvacm.dll
[2009-03-24 15:41:48 | 00,021,504 | ---- | C] (Microsoft Corp.) -- C:\WINNT\System32\dmserver.dll
[2009-03-24 15:41:48 | 00,021,504 | ---- | C] (Microsoft Corp.) -- C:\WINNT\System32\dllcache\dmserver.dll
[2009-03-24 15:41:48 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dpmodemx.dll
[2009-03-24 15:41:48 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\dpmodemx.dll
[2009-03-24 15:41:48 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dpnsvr.exe
[2009-03-24 15:41:48 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\dpnsvr.exe
[2009-03-24 15:41:48 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\ersvc.dll
[2009-03-24 15:41:48 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\ersvc.dll
[2009-03-24 15:41:48 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dswave.dll
[2009-03-24 15:41:48 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\dswave.dll
[2009-03-24 15:41:48 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\ds32gt.dll
[2009-03-24 15:41:48 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\ds32gt.dll
[2009-03-24 15:41:48 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dvdupgrd.exe
[2009-03-24 15:41:48 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\dvdupgrd.exe
[2009-03-24 15:41:48 | 00,014,336 | ---- | C] (Microsoft Corp.) -- C:\WINNT\System32\dmremote.exe
[2009-03-24 15:41:48 | 00,014,336 | ---- | C] (Microsoft Corp.) -- C:\WINNT\System32\dllcache\dmremote.exe
[2009-03-24 15:41:48 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drprov.dll
[2009-03-24 15:41:48 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\drprov.dll
[2009-03-24 15:41:48 | 00,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllhost.exe
[2009-03-24 15:41:48 | 00,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\dllhost.exe
[2009-03-24 15:41:47 | 00,592,896 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\h323msp.dll
[2009-03-24 15:41:47 | 00,592,896 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\h323msp.dll
[2009-03-24 15:41:47 | 00,520,552 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\hhctrl.ocx
[2009-03-24 15:41:47 | 00,520,552 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\hhctrl.ocx
[2009-03-24 15:41:47 | 00,379,152 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\expsrv.dll
[2009-03-24 15:41:47 | 00,379,152 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\expsrv.dll
[2009-03-24 15:41:47 | 00,361,472 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\fontext.dll
[2009-03-24 15:41:47 | 00,361,472 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\fontext.dll
[2009-03-24 15:41:47 | 00,323,072 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\filemgmt.dll
[2009-03-24 15:41:47 | 00,323,072 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\filemgmt.dll
[2009-03-24 15:41:47 | 00,315,904 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\hnetwiz.dll
[2009-03-24 15:41:47 | 00,315,904 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\hnetwiz.dll
[2009-03-24 15:41:47 | 00,294,912 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\iedkcs32.dll
[2009-03-24 15:41:47 | 00,294,912 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\iedkcs32.dll
[2009-03-24 15:41:47 | 00,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\h323.tsp
[2009-03-24 15:41:47 | 00,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\h323.tsp
[2009-03-24 15:41:47 | 00,250,880 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\gdi32.dll
[2009-03-24 15:41:47 | 00,250,880 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\gdi32.dll
[2009-03-24 15:41:47 | 00,240,640 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\hnetcfg.dll
[2009-03-24 15:41:47 | 00,240,640 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\hnetcfg.dll
[2009-03-24 15:41:47 | 00,236,032 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\icm32.dll
[2009-03-24 15:41:47 | 00,236,032 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\icm32.dll
[2009-03-24 15:41:47 | 00,230,400 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\iepeers.dll
[2009-03-24 15:41:47 | 00,230,400 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\iepeers.dll
[2009-03-24 15:41:47 | 00,203,776 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\ieaksie.dll
[2009-03-24 15:41:47 | 00,203,776 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\ieaksie.dll
[2009-03-24 15:41:47 | 00,178,688 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\eudcedit.exe
[2009-03-24 15:41:47 | 00,178,688 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\eudcedit.exe
[2009-03-24 15:41:47 | 00,150,016 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\hdwwiz.cpl
[2009-03-24 15:41:47 | 00,150,016 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\hdwwiz.cpl
[2009-03-24 15:41:47 | 00,137,216 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\hotplug.dll
[2009-03-24 15:41:47 | 00,137,216 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\hotplug.dll
[2009-03-24 15:41:47 | 00,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\ieakeng.dll
[2009-03-24 15:41:47 | 00,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\ieakeng.dll
[2009-03-24 15:41:47 | 00,116,736 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\glu32.dll
[2009-03-24 15:41:47 | 00,116,736 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\glu32.dll
[2009-03-24 15:41:47 | 00,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\iasrad.dll
[2009-03-24 15:41:47 | 00,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\iasrad.dll
[2009-03-24 15:41:47 | 00,110,592 | ---- | C] (Radius Inc.) -- C:\WINNT\System32\iccvid.dll
[2009-03-24 15:41:47 | 00,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\idq.dll
[2009-03-24 15:41:47 | 00,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\idq.dll
[2009-03-24 15:41:47 | 00,084,992 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\fldrclnr.dll
[2009-03-24 15:41:47 | 00,084,992 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\fldrclnr.dll
[2009-03-24 15:41:47 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\icwdial.dll
[2009-03-24 15:41:47 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\icwdial.dll
[2009-03-24 15:41:47 | 00,067,612 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\hhsetup.dll
[2009-03-24 15:41:47 | 00,067,612 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\hhsetup.dll
[2009-03-24 15:41:47 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\faultrep.dll
[2009-03-24 15:41:47 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\faultrep.dll
[2009-03-24 15:41:47 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\icwphbk.dll
[2009-03-24 15:41:47 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\icwphbk.dll
[2009-03-24 15:41:47 | 00,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\eventlog.dll
[2009-03-24 15:41:47 | 00,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\eventlog.dll
[2009-03-24 15:41:47 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\extrac32.exe
[2009-03-24 15:41:47 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\extrac32.exe
[2009-03-24 15:41:47 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\htui.dll
[2009-03-24 15:41:47 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\htui.dll
[2009-03-24 15:41:47 | 00,037,888 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\grpconv.exe
[2009-03-24 15:41:47 | 00,037,888 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\grpconv.exe
[2009-03-24 15:41:47 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\ie4uinit.exe
[2009-03-24 15:41:47 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\hidphone.tsp
[2009-03-24 15:41:47 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\ie4uinit.exe
[2009-03-24 15:41:47 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\hidphone.tsp
[2009-03-24 15:41:47 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\findstr.exe
[2009-03-24 15:41:47 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\findstr.exe
[2009-03-24 15:41:47 | 00,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\hid.dll
[2009-03-24 15:41:47 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\hidserv.dll
[2009-03-24 15:41:47 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\fontview.exe
[2009-03-24 15:41:47 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\fontview.exe
[2009-03-24 15:41:47 | 00,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\feclient.dll
[2009-03-24 15:41:47 | 00,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\feclient.dll
[2009-03-24 15:41:47 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\gpkrsrc.dll
[2009-03-24 15:41:47 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\gpkrsrc.dll
[2009-03-24 15:41:47 | 00,008,832 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\framebuf.dll
[2009-03-24 15:41:47 | 00,008,832 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\framebuf.dll
[2009-03-24 15:41:47 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\icaapi.dll
[2009-03-24 15:41:47 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\icaapi.dll
[2009-03-24 15:41:47 | 00,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\icmp.dll
[2009-03-24 15:41:47 | 00,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\icmp.dll
[2009-03-24 15:41:47 | 00,000,903 | ---- | C] () -- C:\WINNT\System32\homepage.inf
[2009-03-24 15:41:46 | 00,125,952 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\ifmon.dll
[2009-03-24 15:41:46 | 00,125,952 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\ifmon.dll
[2009-03-24 15:41:46 | 00,099,840 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\iexpress.exe
[2009-03-24 15:41:46 | 00,099,840 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\iexpress.exe
[2009-03-24 15:41:46 | 00,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\iesetup.dll
[2009-03-24 15:41:46 | 00,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\iesetup.dll
[2009-03-24 15:41:46 | 00,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\iernonce.dll
[2009-03-24 15:41:46 | 00,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\iernonce.dll
[2009-03-24 15:41:46 | 00,019,273 | ---- | C] () -- C:\WINNT\System32\ieuinit.inf
[2009-03-24 15:41:45 | 00,761,625 | ---- | C] () -- C:\WINNT\System32\instcat.sql
[2009-03-24 15:41:45 | 00,294,912 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\inetcpl.cpl
[2009-03-24 15:41:45 | 00,294,912 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\inetcpl.cpl
[2009-03-24 15:41:45 | 00,266,240 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\inetcfg.dll
[2009-03-24 15:41:45 | 00,266,240 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\inetcfg.dll
[2009-03-24 15:41:45 | 00,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\initpki.dll
[2009-03-24 15:41:45 | 00,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\initpki.dll
[2009-03-24 15:41:45 | 00,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\imapi.exe
[2009-03-24 15:41:45 | 00,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\imapi.exe
[2009-03-24 15:41:45 | 00,104,448 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\input.dll
[2009-03-24 15:41:45 | 00,104,448 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\input.dll
[2009-03-24 15:41:45 | 00,096,768 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\imm32.dll
[2009-03-24 15:41:45 | 00,096,768 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\imm32.dll
[2009-03-24 15:41:45 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\ils.dll
[2009-03-24 15:41:45 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\ils.dll
[2009-03-24 15:41:45 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\inseng.dll
[2009-03-24 15:41:45 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\inseng.dll
[2009-03-24 15:41:45 | 00,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\inetpp.dll
[2009-03-24 15:41:45 | 00,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\inetpp.dll
[2009-03-24 15:41:45 | 00,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\inetres.dll
[2009-03-24 15:41:45 | 00,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\inetres.dll
[2009-03-24 15:41:45 | 00,036,921 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\imeshare.dll
[2009-03-24 15:41:45 | 00,036,921 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\imeshare.dll
[2009-03-24 15:41:45 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\inetmib1.dll
[2009-03-24 15:41:45 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\inetmib1.dll
[2009-03-24 15:41:45 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\imgutil.dll
[2009-03-24 15:41:45 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\imgutil.dll
[2009-03-24 15:41:45 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\imaadp32.acm
[2009-03-24 15:41:45 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\inetppui.dll
[2009-03-24 15:41:45 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\inetppui.dll
[2009-03-24 15:41:45 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\igmpagnt.dll
[2009-03-24 15:41:45 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\igmpagnt.dll
[2009-03-24 15:41:44 | 00,593,948 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\jscript.dll
[2009-03-24 15:41:44 | 00,593,948 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\jscript.dll
[2009-03-24 15:41:44 | 00,453,632 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\ipnathlp.dll
[2009-03-24 15:41:44 | 00,453,632 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\ipnathlp.dll
[2009-03-24 15:41:44 | 00,364,032 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\ipsmsnap.dll
[2009-03-24 15:41:44 | 00,364,032 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\ipsmsnap.dll
[2009-03-24 15:41:44 | 00,332,800 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\ipsecsnp.dll
[2009-03-24 15:41:44 | 00,332,800 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\ipsecsnp.dll
[2009-03-24 15:41:44 | 00,318,976 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\ippromon.dll
[2009-03-24 15:41:44 | 00,318,976 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\ippromon.dll
[2009-03-24 15:41:44 | 00,265,216 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\kerberos.dll
[2009-03-24 15:41:44 | 00,265,216 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\kerberos.dll
[2009-03-24 15:41:44 | 00,155,552 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\itircl.dll
[2009-03-24 15:41:44 | 00,155,552 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\itircl.dll
[2009-03-24 15:41:44 | 00,152,576 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\ipsecsvc.dll
[2009-03-24 15:41:44 | 00,152,576 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\ipsecsvc.dll
[2009-03-24 15:41:44 | 00,146,432 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\keymgr.dll
[2009-03-24 15:41:44 | 00,146,432 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\keymgr.dll
[2009-03-24 15:41:44 | 00,138,048 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\itss.dll
[2009-03-24 15:41:44 | 00,138,048 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\itss.dll
[2009-03-24 15:41:44 | 00,121,344 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\ipv6mon.dll
[2009-03-24 15:41:44 | 00,121,344 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\ipv6mon.dll
[2009-03-24 15:41:44 | 00,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\intl.cpl
[2009-03-24 15:41:44 | 00,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\intl.cpl
[2009-03-24 15:41:44 | 00,117,248 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\ksproxy.ax
[2009-03-24 15:41:44 | 00,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\krnl386.exe
[2009-03-24 15:41:44 | 00,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\krnl386.exe
[2009-03-24 15:41:44 | 00,084,992 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\kswdmcap.ax
[2009-03-24 15:41:44 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\isign32.dll
[2009-03-24 15:41:44 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\isign32.dll
[2009-03-24 15:41:44 | 00,077,312 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\iphlpapi.dll
[2009-03-24 15:41:44 | 00,077,312 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\iphlpapi.dll
[2009-03-24 15:41:44 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\joy.cpl
[2009-03-24 15:41:44 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\joy.cpl
[2009-03-24 15:41:44 | 00,058,368 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\ipv6.exe
[2009-03-24 15:41:44 | 00,058,368 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\ipv6.exe
[2009-03-24 15:41:44 | 00,055,808 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\kstvtune.ax
[2009-03-24 15:41:44 | 00,049,664 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\ipconfig.exe
[2009-03-24 15:41:44 | 00,049,664 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\ipconfig.exe
[2009-03-24 15:41:44 | 00,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\ixsso.dll
[2009-03-24 15:41:44 | 00,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\ixsso.dll
[2009-03-24 15:41:44 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\iyuv_32.dll
[2009-03-24 15:41:44 | 00,044,160 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\kd1394.dll
[2009-03-24 15:41:44 | 00,044,160 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\kd1394.dll
[2009-03-24 15:41:44 | 00,042,537 | ---- | C] () -- C:\WINNT\System32\keyboard.sys
[2009-03-24 15:41:44 | 00,042,537 | ---- | C] () -- C:\WINNT\System32\dllcache\keyboard.sys
[2009-03-24 15:41:44 | 00,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\kmddsp.tsp
[2009-03-24 15:41:44 | 00,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\kmddsp.tsp
[2009-03-24 15:41:44 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\ipxroute.exe
[2009-03-24 15:41:44 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\ipxroute.exe
[2009-03-24 15:41:44 | 00,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\ipsink.ax
[2009-03-24 15:41:44 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\ipconf.tsp
[2009-03-24 15:41:44 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\ipconf.tsp
[2009-03-24 15:41:44 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\jsproxy.dll
[2009-03-24 15:41:44 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\jsproxy.dll
[2009-03-24 15:41:44 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\ksuser.dll
[2009-03-24 15:41:43 | 01,136,128 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\mmcndmgr.dll
[2009-03-24 15:41:43 | 01,136,128 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\mmcndmgr.dll
[2009-03-24 15:41:43 | 00,995,384 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\mfc42u.dll
[2009-03-24 15:41:43 | 00,995,384 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\mfc42u.dll
[2009-03-24 15:41:43 | 00,995,383 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\mfc42.dll
[2009-03-24 15:41:43 | 00,995,383 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\mfc42.dll
[2009-03-24 15:41:43 | 00,774,144 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\mmc.exe
[2009-03-24 15:41:43 | 00,774,144 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\mmc.exe
[2009-03-24 15:41:43 | 00,577,024 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\mlang.dll
[2009-03-24 15:41:43 | 00,577,024 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\mlang.dll
[2009-03-24 15:41:43 | 00,559,616 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\mmsys.cpl
[2009-03-24 15:41:43 | 00,559,616 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\mmsys.cpl
[2009-03-24 15:41:43 | 00,504,320 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\logonui.exe
[2009-03-24 15:41:43 | 00,504,320 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\logonui.exe
[2009-03-24 15:41:43 | 00,381,440 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\lmrt.dll
[2009-03-24 15:41:43 | 00,381,440 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\lmrt.dll
[2009-03-24 15:41:43 | 00,308,736 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\licdll.dll
[2009-03-24 15:41:43 | 00,308,736 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\licdll.dll
[2009-03-24 15:41:43 | 00,294,912 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\msaud32.acm
[2009-03-24 15:41:43 | 00,290,816 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\WINNT\System32\l3codeca.acm
[2009-03-24 15:41:43 | 00,262,144 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\mpg4ds32.ax
[2009-03-24 15:41:43 | 00,262,144 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\mpg4ds32.ax
[2009-03-24 15:41:43 | 00,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\mpg4dmod.dll
[2009-03-24 15:41:43 | 00,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\mpg4dmod.dll
[2009-03-24 15:41:43 | 00,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\msadds32.ax
[2009-03-24 15:41:43 | 00,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msadds32.ax
[2009-03-24 15:41:43 | 00,219,648 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\logon.scr
[2009-03-24 15:41:43 | 00,219,648 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\logon.scr
[2009-03-24 15:41:43 | 00,202,752 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\localsec.dll
[2009-03-24 15:41:43 | 00,202,752 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\localsec.dll
[2009-03-24 15:41:43 | 00,196,096 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\mobsync.dll
[2009-03-24 15:41:43 | 00,196,096 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\mobsync.dll
[2009-03-24 15:41:43 | 00,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\moricons.dll
[2009-03-24 15:41:43 | 00,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\moricons.dll
[2009-03-24 15:41:43 | 00,145,408 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\modemui.dll
[2009-03-24 15:41:43 | 00,145,408 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\modemui.dll
[2009-03-24 15:41:43 | 00,135,680 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\mobsync.exe
[2009-03-24 15:41:43 | 00,135,680 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\mobsync.exe
[2009-03-24 15:41:43 | 00,126,464 | ---- | C] () -- C:\WINNT\System32\mpg2splt.ax
[2009-03-24 15:41:43 | 00,126,464 | ---- | C] () -- C:\WINNT\System32\dllcache\mpg2splt.ax
[2009-03-24 15:41:43 | 00,116,736 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\mplay32.exe
[2009-03-24 15:41:43 | 00,116,736 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\mplay32.exe
[2009-03-24 15:41:43 | 00,108,544 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\mdminst.dll
[2009-03-24 15:41:43 | 00,108,544 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\mdminst.dll
[2009-03-24 15:41:43 | 00,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\loadperf.dll
[2009-03-24 15:41:43 | 00,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\loadperf.dll
[2009-03-24 15:41:43 | 00,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\mciavi32.dll
[2009-03-24 15:41:43 | 00,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\mciavi32.dll
[2009-03-24 15:41:43 | 00,080,128 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\msapsspc.dll
[2009-03-24 15:41:43 | 00,080,128 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msapsspc.dll
[2009-03-24 15:41:43 | 00,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\mprapi.dll
[2009-03-24 15:41:43 | 00,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\makecab.exe
[2009-03-24 15:41:43 | 00,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\mprapi.dll
[2009-03-24 15:41:43 | 00,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\makecab.exe
[2009-03-24 15:41:43 | 00,068,928 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\mmsystem.dll
[2009-03-24 15:41:43 | 00,068,928 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\mmsystem.dll
[2009-03-24 15:41:43 | 00,068,928 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System\mmsystem.dll
[2009-03-24 15:41:43 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\magnify.exe
[2009-03-24 15:41:43 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\magnify.exe
[2009-03-24 15:41:43 | 00,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\msacm32.dll
[2009-03-24 15:41:43 | 00,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msacm32.dll
[2009-03-24 15:41:43 | 00,066,560 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\mmcbase.dll
[2009-03-24 15:41:43 | 00,066,560 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\mmcbase.dll
[2009-03-24 15:41:43 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\licwmi.dll
[2009-03-24 15:41:43 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\licwmi.dll
[2009-03-24 15:41:43 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\miglibnt.dll
[2009-03-24 15:41:43 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\miglibnt.dll
[2009-03-24 15:41:43 | 00,055,808 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\mpr.dll
[2009-03-24 15:41:43 | 00,055,808 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\mpr.dll
[2009-03-24 15:41:43 | 00,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\msasn1.dll
[2009-03-24 15:41:43 | 00,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msasn1.dll
[2009-03-24 15:41:43 | 00,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\mmcshext.dll
[2009-03-24 15:41:43 | 00,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\mmcshext.dll
[2009-03-24 15:41:43 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\ksxbar.ax
[2009-03-24 15:41:43 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\mf3216.dll
[2009-03-24 15:41:43 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\mf3216.dll
[2009-03-24 15:41:43 | 00,033,280 | ---- | C] () -- C:\WINNT\System32\mciqtz32.dll
[2009-03-24 15:41:43 | 00,033,280 | ---- | C] () -- C:\WINNT\System32\dllcache\mciqtz32.dll
[2009-03-24 15:41:43 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\mnmsrvc.exe
[2009-03-24 15:41:43 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\mnmsrvc.exe
[2009-03-24 15:41:43 | 00,032,384 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\mnmdd.dll
[2009-03-24 15:41:43 | 00,032,384 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\mnmdd.dll
[2009-03-24 15:41:43 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\logagent.exe
[2009-03-24 15:41:43 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\logagent.exe
[2009-03-24 15:41:43 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\mciwave.dll
[2009-03-24 15:41:43 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\mciwave.dll
[2009-03-24 15:41:43 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\mfcsubs.dll
[2009-03-24 15:41:43 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\mciseq.dll
[2009-03-24 15:41:43 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\mfcsubs.dll
[2009-03-24 15:41:43 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\mciseq.dll
[2009-03-24 15:41:43 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\licmgr10.dll
[2009-03-24 15:41:43 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\licmgr10.dll
[2009-03-24 15:41:43 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\lpk.dll
[2009-03-24 15:41:43 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\lpk.dll
[2009-03-24 15:41:43 | 00,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\midimap.dll
[2009-03-24 15:41:43 | 00,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\midimap.dll
[2009-03-24 15:41:43 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\mmfutil.dll
[2009-03-24 15:41:43 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\mmfutil.dll
[2009-03-24 15:41:43 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\linkinfo.dll
[2009-03-24 15:41:43 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\linkinfo.dll
[2009-03-24 15:41:43 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\msadp32.acm
[2009-03-24 15:41:43 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\mcastmib.dll
[2009-03-24 15:41:43 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\mcastmib.dll
[2009-03-24 15:41:43 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\lsass.exe
[2009-03-24 15:41:43 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\lsass.exe
[2009-03-24 15:41:43 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\localui.dll
[2009-03-24 15:41:43 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\localui.dll
[2009-03-24 15:41:43 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\lprhelp.dll
[2009-03-24 15:41:43 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\lprhelp.dll
[2009-03-24 15:41:43 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\laprxy.dll
[2009-03-24 15:41:43 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\laprxy.dll
[2009-03-24 15:41:43 | 00,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\msafd.dll
[2009-03-24 15:41:43 | 00,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msafd.dll
[2009-03-24 15:41:42 | 00,869,376 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\msdtctm.dll
[2009-03-24 15:41:42 | 00,869,376 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msdtctm.dll
[2009-03-24 15:41:42 | 00,843,804 | ---- | C] () -- C:\WINNT\System32\msdxm.ocx
[2009-03-24 15:41:42 | 00,843,804 | ---- | C] () -- C:\WINNT\System32\dllcache\msdxm.ocx
[2009-03-24 15:41:42 | 00,360,960 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\msdtcprx.dll
[2009-03-24 15:41:42 | 00,360,960 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msdtcprx.dll
[2009-03-24 15:41:42 | 00,293,888 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\msctf.dll
[2009-03-24 15:41:42 | 00,293,888 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msctf.dll
[2009-03-24 15:41:42 | 00,151,040 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\msdtcuiu.dll
[2009-03-24 15:41:42 | 00,151,040 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msdtcuiu.dll
[2009-03-24 15:41:42 | 00,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\msdart.dll
[2009-03-24 15:41:42 | 00,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msdart.dll
[2009-03-24 15:41:42 | 00,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\mscms.dll
[2009-03-24 15:41:42 | 00,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\mscms.dll
[2009-03-24 15:41:42 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\msctfp.dll
[2009-03-24 15:41:42 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\msconf.dll
[2009-03-24 15:41:42 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msctfp.dll
[2009-03-24 15:41:42 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msconf.dll
[2009-03-24 15:41:42 | 00,054,784 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\msdtclog.dll
[2009-03-24 15:41:42 | 00,054,784 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msdtclog.dll
[2009-03-24 15:41:42 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\mscpxl32.dll
[2009-03-24 15:41:42 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\mscpxl32.dll
[2009-03-24 15:41:42 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\msdatsrc.tlb
[2009-03-24 15:41:42 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\mscpx32r.dll
[2009-03-24 15:41:42 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msdatsrc.tlb
[2009-03-24 15:41:42 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\mscpx32r.dll
[2009-03-24 15:41:42 | 00,011,264 | ---- | C] () -- C:\WINNT\System32\msdmo.dll
[2009-03-24 15:41:42 | 00,011,264 | ---- | C] () -- C:\WINNT\System32\dllcache\msdmo.dll
[2009-03-24 15:41:42 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\msdtc.exe
[2009-03-24 15:41:42 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msdtc.exe
[2009-03-24 15:41:42 | 00,004,126 | ---- | C] () -- C:\WINNT\System32\msdxmlc.dll
[2009-03-24 15:41:42 | 00,004,126 | ---- | C] () -- C:\WINNT\System32\dllcache\msdxmlc.dll
[2009-03-24 15:41:41 | 02,793,984 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\mshtml.dll
[2009-03-24 15:41:41 | 02,793,984 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\mshtml.dll
[2009-03-24 15:41:41 | 02,044,928 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\msi.dll
[2009-03-24 15:41:41 | 02,044,928 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msi.dll
[2009-03-24 15:41:41 | 01,503,260 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\msjet40.dll
[2009-03-24 15:41:41 | 01,503,260 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msjet40.dll
[2009-03-24 15:41:41 | 01,350,656 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\mshtml.tlb
[2009-03-24 15:41:41 | 01,350,656 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\mshtml.tlb
[2009-03-24 15:41:41 | 00,967,680 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\msgina.dll
[2009-03-24 15:41:41 | 00,967,680 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msgina.dll
[2009-03-24 15:41:41 | 00,847,872 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\msimsg.dll
[2009-03-24 15:41:41 | 00,847,872 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msimsg.dll
[2009-03-24 15:41:41 | 00,512,074 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\msexch40.dll
[2009-03-24 15:41:41 | 00,512,074 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msexch40.dll
[2009-03-24 15:41:41 | 00,438,272 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\mshtmled.dll
[2009-03-24 15:41:41 | 00,438,272 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\mshtmled.dll
[2009-03-24 15:41:41 | 00,348,238 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\msjetoledb40.dll
[2009-03-24 15:41:41 | 00,319,562 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\msexcl40.dll
[2009-03-24 15:41:41 | 00,319,562 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msexcl40.dll
[2009-03-24 15:41:41 | 00,304,640 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\msihnd.dll
[2009-03-24 15:41:41 | 00,304,640 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msihnd.dll
[2009-03-24 15:41:41 | 00,286,720 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\msh263.drv
[2009-03-24 15:41:41 | 00,241,695 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\msjtes40.dll
[2009-03-24 15:41:41 | 00,241,695 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msjtes40.dll
[2009-03-24 15:41:41 | 00,232,448 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\msieftp.dll
[2009-03-24 15:41:41 | 00,232,448 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msieftp.dll
[2009-03-24 15:41:41 | 00,213,066 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\msltus40.dll
[2009-03-24 15:41:41 | 00,213,066 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msltus40.dll
[2009-03-24 15:41:41 | 00,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\msh261.drv
[2009-03-24 15:41:41 | 00,174,592 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\msnetobj.dll
[2009-03-24 15:41:41 | 00,174,592 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msnetobj.dll
[2009-03-24 15:41:41 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\msimtf.dll
[2009-03-24 15:41:41 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msimtf.dll
[2009-03-24 15:41:41 | 00,151,626 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\msjint40.dll
[2009-03-24 15:41:41 | 00,151,626 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msjint40.dll
[2009-03-24 15:41:41 | 00,116,272 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\msnsspc.dll
[2009-03-24 15:41:41 | 00,116,272 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msnsspc.dll
[2009-03-24 15:41:41 | 00,063,488 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\msiexec.exe
[2009-03-24 15:41:41 | 00,063,488 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msiexec.exe
[2009-03-24 15:41:41 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\mshtmler.dll
[2009-03-24 15:41:41 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\mshtmler.dll
[2009-03-24 15:41:41 | 00,053,322 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\msjter40.dll
[2009-03-24 15:41:41 | 00,053,322 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msjter40.dll
[2009-03-24 15:41:41 | 00,046,080 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\mslbui.dll
[2009-03-24 15:41:41 | 00,046,080 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\mslbui.dll
[2009-03-24 15:41:41 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\msident.dll
[2009-03-24 15:41:41 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msident.dll
[2009-03-24 15:41:41 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\msisip.dll
[2009-03-24 15:41:41 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msisip.dll
[2009-03-24 15:41:41 | 00,034,816 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\msiregmv.exe
[2009-03-24 15:41:41 | 00,034,816 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msiregmv.exe
[2009-03-24 15:41:41 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\mshta.exe
[2009-03-24 15:41:41 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\mshta.exe
[2009-03-24 15:41:41 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\msidle.dll
[2009-03-24 15:41:41 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msidle.dll
[2009-03-24 15:41:41 | 00,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\msimg32.dll
[2009-03-24 15:41:41 | 00,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msimg32.dll
[2009-03-24 15:41:40 | 00,348,234 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\mspbde40.dll
[2009-03-24 15:41:40 | 00,348,234 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\mspbde40.dll
[2009-03-24 15:41:40 | 00,339,968 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\mspaint.exe
[2009-03-24 15:41:40 | 00,339,968 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\mspaint.exe
[2009-03-24 15:41:40 | 00,228,864 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\msoeacct.dll
[2009-03-24 15:41:40 | 00,228,864 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msoeacct.dll
[2009-03-24 15:41:40 | 00,201,728 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\mspmsp.dll
[2009-03-24 15:41:40 | 00,201,728 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\mspmsp.dll
[2009-03-24 15:41:40 | 00,132,096 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\msrating.dll
[2009-03-24 15:41:40 | 00,132,096 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msrating.dll
[2009-03-24 15:41:40 | 00,131,072 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\msorcl32.dll
[2009-03-24 15:41:40 | 00,131,072 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msorcl32.dll
[2009-03-24 15:41:40 | 00,090,624 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\msoert2.dll
[2009-03-24 15:41:40 | 00,090,624 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msoert2.dll
[2009-03-24 15:41:40 | 00,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\msprivs.dll
[2009-03-24 15:41:40 | 00,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msprivs.dll
[2009-03-24 15:41:40 | 00,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\mspatcha.dll
[2009-03-24 15:41:40 | 00,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\mspatcha.dll
[2009-03-24 15:41:40 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\msorc32r.dll
[2009-03-24 15:41:40 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msorc32r.dll
[2009-03-24 15:41:39 | 01,388,544 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\msvbvm60.dll
[2009-03-24 15:41:39 | 00,553,034 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\msrepl40.dll
[2009-03-24 15:41:39 | 00,553,034 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msrepl40.dll
[2009-03-24 15:41:39 | 00,503,296 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\mstscax.dll
[2009-03-24 15:41:39 | 00,503,296 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\mstscax.dll
[2009-03-24 15:41:39 | 00,497,152 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\mstime.dll
[2009-03-24 15:41:39 | 00,497,152 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\mstime.dll
[2009-03-24 15:41:39 | 00,421,962 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\msrd2x40.dll
[2009-03-24 15:41:39 | 00,421,962 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msrd2x40.dll
[2009-03-24 15:41:39 | 00,401,462 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\msvcp60.dll
[2009-03-24 15:41:39 | 00,401,462 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msvcp60.dll
[2009-03-24 15:41:39 | 00,385,536 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\mstsc.exe
[2009-03-24 15:41:39 | 00,385,536 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\mstsc.exe
[2009-03-24 15:41:39 | 00,358,912 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\msscp.dll
[2009-03-24 15:41:39 | 00,358,912 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msscp.dll
[2009-03-24 15:41:39 | 00,322,560 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\msvcrt.dll
[2009-03-24 15:41:39 | 00,322,560 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msvcrt.dll
[2009-03-24 15:41:39 | 00,315,466 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\msrd3x40.dll
[2009-03-24 15:41:39 | 00,315,466 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msrd3x40.dll
[2009-03-24 15:41:39 | 00,254,026 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\mstext40.dll
[2009-03-24 15:41:39 | 00,254,026 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\mstext40.dll
[2009-03-24 15:41:39 | 00,249,856 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\mstask.dll
[2009-03-24 15:41:39 | 00,249,856 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\mstask.dll
[2009-03-24 15:41:39 | 00,209,920 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\msutb.dll
[2009-03-24 15:41:39 | 00,209,920 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msutb.dll
[2009-03-24 15:41:39 | 00,113,152 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\msvfw32.dll
[2009-03-24 15:41:39 | 00,113,152 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msvfw32.dll
[2009-03-24 15:41:39 | 00,106,547 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\msscript.ocx
[2009-03-24 15:41:39 | 00,106,547 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msscript.ocx
[2009-03-24 15:41:39 | 00,103,936 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\mstlsapi.dll
[2009-03-24 15:41:39 | 00,103,936 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\mstlsapi.dll
[2009-03-24 15:41:39 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\msscds32.ax
[2009-03-24 15:41:39 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msscds32.ax
[2009-03-24 15:41:39 | 00,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\msvcrt40.dll
[2009-03-24 15:41:39 | 00,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msvcrt40.dll
[2009-03-24 15:41:39 | 00,050,688 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\msvcirt.dll
[2009-03-24 15:41:39 | 00,050,688 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msvcirt.dll
[2009-03-24 15:41:39 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\mstinit.exe
[2009-03-24 15:41:39 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\msrle32.dll
[2009-03-24 15:41:39 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\mstinit.exe
[2009-03-24 15:41:39 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msrle32.dll
[2009-03-24 15:41:38 | 00,979,968 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\msvidctl.dll
[2009-03-24 15:41:38 | 00,979,968 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msvidctl.dll
[2009-03-24 15:41:38 | 00,066,048 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\msw3prt.dll
[2009-03-24 15:41:38 | 00,066,048 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msw3prt.dll
[2009-03-24 15:41:37 | 00,831,562 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\mswdat10.dll
[2009-03-24 15:41:37 | 00,831,562 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\mswdat10.dll
[2009-03-24 15:41:37 | 00,245,760 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\mswmdm.dll
[2009-03-24 15:41:37 | 00,245,760 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\mswmdm.dll
[2009-03-24 15:41:37 | 00,243,712 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\mswebdvd.dll
[2009-03-24 15:41:37 | 00,243,712 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\mswebdvd.dll
[2009-03-24 15:41:37 | 00,228,352 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\mswsock.dll
[2009-03-24 15:41:37 | 00,228,352 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\mswsock.dll
[2009-03-24 15:41:36 | 01,118,720 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\msxml3.dll
[2009-03-24 15:41:36 | 01,118,720 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msxml3.dll
[2009-03-24 15:41:36 | 00,688,667 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\msxml2.dll
[2009-03-24 15:41:36 | 00,688,667 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msxml2.dll
[2009-03-24 15:41:36 | 00,614,474 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\mswstr10.dll
[2009-03-24 15:41:36 | 00,614,474 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\mswstr10.dll
[2009-03-24 15:41:36 | 00,495,376 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\msxml.dll
[2009-03-24 15:41:36 | 00,495,376 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msxml.dll
[2009-03-24 15:41:36 | 00,344,138 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\msxbde40.dll
[2009-03-24 15:41:36 | 00,344,138 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msxbde40.dll
[2009-03-24 15:41:36 | 00,088,064 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\mydocs.dll
[2009-03-24 15:41:36 | 00,088,064 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\mydocs.dll
[2009-03-24 15:41:36 | 00,083,968 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\mtxoci.dll
[2009-03-24 15:41:36 | 00,083,968 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\mtxoci.dll
[2009-03-24 15:41:36 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\mtxclu.dll
[2009-03-24 15:41:36 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\mtxclu.dll
[2009-03-24 15:41:36 | 00,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\narrator.exe
[2009-03-24 15:41:36 | 00,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\narrator.exe
[2009-03-24 15:41:36 | 00,042,496 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\ncobjapi.dll
[2009-03-24 15:41:36 | 00,042,496 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\ncobjapi.dll
[2009-03-24 15:41:36 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\msyuv.dll
[2009-03-24 15:41:36 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\nddeapi.dll
[2009-03-24 15:41:36 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\nddeapi.dll
[2009-03-24 15:41:35 | 01,618,944 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\netshell.dll
[2009-03-24 15:41:35 | 01,618,944 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\netshell.dll
[2009-03-24 15:41:35 | 00,857,600 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\netplwiz.dll
[2009-03-24 15:41:35 | 00,857,600 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\netplwiz.dll
[2009-03-24 15:41:35 | 00,584,704 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\netcfgx.dll
[2009-03-24 15:41:35 | 00,584,704 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\netcfgx.dll
[2009-03-24 15:41:35 | 00,397,824 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\netlogon.dll
[2009-03-24 15:41:35 | 00,397,824 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\netlogon.dll
[2009-03-24 15:41:35 | 00,323,072 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\netsetup.exe
[2009-03-24 15:41:35 | 00,309,760 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\netapi32.dll
[2009-03-24 15:41:35 | 00,309,760 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\netapi32.dll
[2009-03-24 15:41:35 | 00,238,080 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\newdev.dll
[2009-03-24 15:41:35 | 00,238,080 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\newdev.dll
[2009-03-24 15:41:35 | 00,230,400 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\netui1.dll
[2009-03-24 15:41:35 | 00,230,400 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\netui1.dll
[2009-03-24 15:41:35 | 00,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\netman.dll
[2009-03-24 15:41:35 | 00,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\netman.dll
[2009-03-24 15:41:35 | 00,134,656 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\netid.dll
[2009-03-24 15:41:35 | 00,134,656 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\netid.dll
[2009-03-24 15:41:35 | 00,115,200 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\net1.exe
[2009-03-24 15:41:35 | 00,115,200 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\net1.exe
[2009-03-24 15:41:35 | 00,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\netdde.exe
[2009-03-24 15:41:35 | 00,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\netdde.exe
[2009-03-24 15:41:35 | 00,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\nlhtml.dll
[2009-03-24 15:41:35 | 00,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\nlhtml.dll
[2009-03-24 15:41:35 | 00,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\netsh.exe
[2009-03-24 15:41:35 | 00,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\netsh.exe
[2009-03-24 15:41:35 | 00,074,752 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\netui0.dll
[2009-03-24 15:41:35 | 00,074,752 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\netui0.dll
[2009-03-24 15:41:35 | 00,052,736 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\ndptsp.tsp
[2009-03-24 15:41:35 | 00,052,736 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\ndptsp.tsp
[2009-03-24 15:41:35 | 00,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\net.exe
[2009-03-24 15:41:35 | 00,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\net.exe
[2009-03-24 15:41:35 | 00,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\netstat.exe
[2009-03-24 15:41:35 | 00,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\netstat.exe
[2009-03-24 15:41:35 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\nmmkcert.dll
[2009-03-24 15:41:35 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\nmmkcert.dll
[2009-03-24 15:41:35 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\nddenb32.dll
[2009-03-24 15:41:35 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\nddenb32.dll
[2009-03-24 15:41:35 | 00,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\netrap.dll
[2009-03-24 15:41:35 | 00,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\netrap.dll
[2009-03-24 15:41:35 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\nddeapir.exe
[2009-03-24 15:41:35 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\nddeapir.exe
[2009-03-24 15:41:34 | 00,460,288 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\ntmsmgr.dll
[2009-03-24 15:41:34 | 00,460,288 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\ntmsmgr.dll
[2009-03-24 15:41:34 | 00,392,192 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\ntmssvc.dll
[2009-03-24 15:41:34 | 00,392,192 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\ntmssvc.dll
[2009-03-24 15:41:34 | 00,271,360 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\objsel.dll
[2009-03-24 15:41:34 | 00,271,360 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\objsel.dll
[2009-03-24 15:41:34 | 00,270,365 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\odbcjt32.dll
[2009-03-24 15:41:34 | 00,270,365 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\odbcjt32.dll
[2009-03-24 15:41:34 | 00,256,000 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\nusrmgr.cpl
[2009-03-24 15:41:34 | 00,256,000 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\nusrmgr.cpl
[2009-03-24 15:41:34 | 00,210,432 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\oakley.dll
[2009-03-24 15:41:34 | 00,210,432 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\oakley.dll
[2009-03-24 15:41:34 | 00,200,704 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\odbc32.dll
[2009-03-24 15:41:34 | 00,200,704 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\odbc32.dll
[2009-03-24 15:41:34 | 00,165,888 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\ntmsdba.dll
[2009-03-24 15:41:34 | 00,165,888 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\ntmsdba.dll
[2009-03-24 15:41:34 | 00,137,216 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\ntshrui.dll
[2009-03-24 15:41:34 | 00,137,216 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\ntshrui.dll
[2009-03-24 15:41:34 | 00,122,880 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\odbcconf.dll
[2009-03-24 15:41:34 | 00,122,880 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\odbcconf.dll
[2009-03-24 15:41:34 | 00,110,080 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\ntmarta.dll
[2009-03-24 15:41:34 | 00,110,080 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\ntmarta.dll
[2009-03-24 15:41:34 | 00,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\odbccp32.dll
[2009-03-24 15:41:34 | 00,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\odbccp32.dll
[2009-03-24 15:41:34 | 00,090,112 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\odbcint.dll
[2009-03-24 15:41:34 | 00,090,112 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\odbcint.dll
[2009-03-24 15:41:34 | 00,087,552 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\occache.dll
[2009-03-24 15:41:34 | 00,087,552 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\occache.dll
[2009-03-24 15:41:34 | 00,066,048 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\notepad.exe
[2009-03-24 15:41:34 | 00,066,048 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\notepad.exe
[2009-03-24 15:41:34 | 00,066,048 | ---- | C] (Microsoft Corporation) -- C:\WINNT\notepad.exe
[2009-03-24 15:41:34 | 00,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\ntdsapi.dll
[2009-03-24 15:41:34 | 00,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\ntdsapi.dll
[2009-03-24 15:41:34 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\odbccu32.dll
[2009-03-24 15:41:34 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\odbccr32.dll
[2009-03-24 15:41:34 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\odbccu32.dll
[2009-03-24 15:41:34 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\odbccr32.dll
[2009-03-24 15:41:34 | 00,053,279 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\odbcji32.dll
[2009-03-24 15:41:34 | 00,053,279 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\odbcji32.dll
[2009-03-24 15:41:34 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\odbcconf.exe
[2009-03-24 15:41:34 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\odbcconf.exe
[2009-03-24 15:41:34 | 00,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\npptools.dll
[2009-03-24 15:41:34 | 00,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\npptools.dll
[2009-03-24 15:41:34 | 00,038,400 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\ntlanman.dll
[2009-03-24 15:41:34 | 00,038,400 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\ntlanman.dll
[2009-03-24 15:41:34 | 00,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\ntmsapi.dll
[2009-03-24 15:41:34 | 00,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\ntmsapi.dll
[2009-03-24 15:41:34 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\odbccp32.cpl
[2009-03-24 15:41:34 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\odbccp32.cpl

=======================> continued next post <======================

#5 oldrndrt

oldrndrt
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:03 PM

Posted 28 March 2009 - 04:19 AM

Sam,

Here is the thrid and final section of the OTListIT.txt report:



[2009-03-24 15:41:34 | 00,035,632 | ---- | C] () -- C:\WINNT\System32\ntio411.sys
[2009-03-24 15:41:34 | 00,035,632 | ---- | C] () -- C:\WINNT\System32\dllcache\ntio411.sys
[2009-03-24 15:41:34 | 00,035,392 | ---- | C] () -- C:\WINNT\System32\ntio412.sys
[2009-03-24 15:41:34 | 00,035,392 | ---- | C] () -- C:\WINNT\System32\dllcache\ntio412.sys
[2009-03-24 15:41:34 | 00,034,528 | ---- | C] () -- C:\WINNT\System32\ntio804.sys
[2009-03-24 15:41:34 | 00,034,528 | ---- | C] () -- C:\WINNT\System32\ntio404.sys
[2009-03-24 15:41:34 | 00,034,528 | ---- | C] () -- C:\WINNT\System32\dllcache\ntio804.sys
[2009-03-24 15:41:34 | 00,034,528 | ---- | C] () -- C:\WINNT\System32\dllcache\ntio404.sys
[2009-03-24 15:41:34 | 00,033,808 | ---- | C] () -- C:\WINNT\System32\ntio.sys
[2009-03-24 15:41:34 | 00,033,808 | ---- | C] () -- C:\WINNT\System32\dllcache\ntio.sys
[2009-03-24 15:41:34 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\odbcad32.exe
[2009-03-24 15:41:34 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\odbcad32.exe
[2009-03-24 15:41:34 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\odbcbcp.dll
[2009-03-24 15:41:34 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\odbc32gt.dll
[2009-03-24 15:41:34 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\odbc32gt.dll
[2009-03-24 15:41:34 | 00,004,294 | ---- | C] () -- C:\WINNT\System32\odbcconf.rsp
[2009-03-24 15:41:34 | 00,004,294 | ---- | C] () -- C:\WINNT\System32\dllcache\odbcconf.rsp
[2009-03-24 15:41:33 | 01,141,248 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\ole32.dll
[2009-03-24 15:41:33 | 01,141,248 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\ole32.dll
[2009-03-24 15:41:33 | 00,685,568 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\opengl32.dll
[2009-03-24 15:41:33 | 00,685,568 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\opengl32.dll
[2009-03-24 15:41:33 | 00,147,456 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\odbctrac.dll
[2009-03-24 15:41:33 | 00,147,456 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\odbctrac.dll
[2009-03-24 15:41:33 | 00,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\olepro32.dll
[2009-03-24 15:41:33 | 00,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\olepro32.dll
[2009-03-24 15:41:33 | 00,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\offfilt.dll
[2009-03-24 15:41:33 | 00,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\offfilt.dll
[2009-03-24 15:41:33 | 00,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\oleprn.dll
[2009-03-24 15:41:33 | 00,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\oleprn.dll
[2009-03-24 15:41:33 | 00,020,554 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\odtext32.dll
[2009-03-24 15:41:33 | 00,020,554 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\oddbse32.dll
[2009-03-24 15:41:33 | 00,020,554 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\odtext32.dll
[2009-03-24 15:41:33 | 00,020,554 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\oddbse32.dll
[2009-03-24 15:41:33 | 00,020,553 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\odpdx32.dll
[2009-03-24 15:41:33 | 00,020,553 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\odfox32.dll
[2009-03-24 15:41:33 | 00,020,553 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\odexl32.dll
[2009-03-24 15:41:33 | 00,020,553 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\odpdx32.dll
[2009-03-24 15:41:33 | 00,020,553 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\odfox32.dll
[2009-03-24 15:41:33 | 00,020,553 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\odexl32.dll
[2009-03-24 15:41:33 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\odbcp32r.dll
[2009-03-24 15:41:33 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\odbcp32r.dll
[2009-03-24 15:41:32 | 00,734,208 | ---- | C] () -- C:\WINNT\System32\qedwipes.dll
[2009-03-24 15:41:32 | 00,734,208 | ---- | C] () -- C:\WINNT\System32\dllcache\qedwipes.dll
[2009-03-24 15:41:32 | 00,511,488 | ---- | C] () -- C:\WINNT\System32\qedit.dll
[2009-03-24 15:41:32 | 00,511,488 | ---- | C] () -- C:\WINNT\System32\dllcache\qedit.dll
[2009-03-24 15:41:32 | 00,356,352 | ---- | C] () -- C:\WINNT\System32\qdvd.dll
[2009-03-24 15:41:32 | 00,356,352 | ---- | C] () -- C:\WINNT\System32\dllcache\qdvd.dll
[2009-03-24 15:41:32 | 00,266,752 | ---- | C] () -- C:\WINNT\System32\qdv.dll
[2009-03-24 15:41:32 | 00,266,752 | ---- | C] () -- C:\WINNT\System32\dllcache\qdv.dll
[2009-03-24 15:41:32 | 00,250,880 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\pdh.dll
[2009-03-24 15:41:32 | 00,250,880 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\pdh.dll
[2009-03-24 15:41:32 | 00,212,480 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\osk.exe
[2009-03-24 15:41:32 | 00,212,480 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\osk.exe
[2009-03-24 15:41:32 | 00,205,824 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\progman.exe
[2009-03-24 15:41:32 | 00,205,824 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\progman.exe
[2009-03-24 15:41:32 | 00,184,832 | ---- | C] () -- C:\WINNT\System32\qcap.dll
[2009-03-24 15:41:32 | 00,184,832 | ---- | C] () -- C:\WINNT\System32\dllcache\qcap.dll
[2009-03-24 15:41:32 | 00,166,912 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\photowiz.dll
[2009-03-24 15:41:32 | 00,166,912 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\photowiz.dll
[2009-03-24 15:41:32 | 00,152,576 | ---- | C] () -- C:\WINNT\System32\qasf.dll
[2009-03-24 15:41:32 | 00,152,576 | ---- | C] () -- C:\WINNT\System32\dllcache\qasf.dll
[2009-03-24 15:41:32 | 00,109,056 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\powercfg.cpl
[2009-03-24 15:41:32 | 00,109,056 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\powercfg.cpl
[2009-03-24 15:41:32 | 00,087,552 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\polstore.dll
[2009-03-24 15:41:32 | 00,087,552 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\polstore.dll
[2009-03-24 15:41:32 | 00,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\psbase.dll
[2009-03-24 15:41:32 | 00,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\psbase.dll
[2009-03-24 15:41:32 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\osuninst.dll
[2009-03-24 15:41:32 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\osuninst.dll
[2009-03-24 15:41:32 | 00,058,368 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\pautoenr.dll
[2009-03-24 15:41:32 | 00,058,368 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\pautoenr.dll
[2009-03-24 15:41:32 | 00,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\packager.exe
[2009-03-24 15:41:32 | 00,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\packager.exe
[2009-03-24 15:41:32 | 00,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\proquota.exe
[2009-03-24 15:41:32 | 00,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\proquota.exe
[2009-03-24 15:41:32 | 00,037,888 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\pstorec.dll
[2009-03-24 15:41:32 | 00,037,888 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\pstorec.dll
[2009-03-24 15:41:32 | 00,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\perfproc.dll
[2009-03-24 15:41:32 | 00,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\perfproc.dll
[2009-03-24 15:41:32 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\pid.dll
[2009-03-24 15:41:32 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\pngfilt.dll
[2009-03-24 15:41:32 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\pngfilt.dll
[2009-03-24 15:41:32 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\profmap.dll
[2009-03-24 15:41:32 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\profmap.dll
[2009-03-24 15:41:32 | 00,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\pstorsvc.dll
[2009-03-24 15:41:32 | 00,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\pstorsvc.dll
[2009-03-24 15:41:32 | 00,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\perfdisk.dll
[2009-03-24 15:41:32 | 00,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\perfdisk.dll
[2009-03-24 15:41:32 | 00,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\perfos.dll
[2009-03-24 15:41:32 | 00,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\perfos.dll
[2009-03-24 15:41:32 | 00,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\qprocess.exe
[2009-03-24 15:41:32 | 00,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\qprocess.exe
[2009-03-24 15:41:32 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\qmgrprxy.dll
[2009-03-24 15:41:32 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\psapi.dll
[2009-03-24 15:41:32 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\qmgrprxy.dll
[2009-03-24 15:41:32 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\psapi.dll
[2009-03-24 15:41:32 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\powrprof.dll
[2009-03-24 15:41:32 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\ping.exe
[2009-03-24 15:41:32 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\powrprof.dll
[2009-03-24 15:41:32 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\ping.exe
[2009-03-24 15:41:32 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\perfmon.exe
[2009-03-24 15:41:32 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\perfmon.exe
[2009-03-24 15:41:32 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\pjlmon.dll
[2009-03-24 15:41:31 | 01,337,856 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\query.dll
[2009-03-24 15:41:31 | 01,337,856 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\query.dll
[2009-03-24 15:41:31 | 01,135,616 | ---- | C] () -- C:\WINNT\System32\quartz.dll
[2009-03-24 15:41:31 | 01,135,616 | ---- | C] () -- C:\WINNT\System32\dllcache\quartz.dll
[2009-03-24 15:41:31 | 00,463,872 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\rpcrt4.dll
[2009-03-24 15:41:31 | 00,463,872 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\rpcrt4.dll
[2009-03-24 15:41:31 | 00,426,496 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\riched20.dll
[2009-03-24 15:41:31 | 00,426,496 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\riched20.dll
[2009-03-24 15:41:31 | 00,387,584 | ---- | C] (Microsoft) -- C:\WINNT\System32\regwizc.dll
[2009-03-24 15:41:31 | 00,387,584 | ---- | C] (Microsoft) -- C:\WINNT\System32\dllcache\regwizc.dll
[2009-03-24 15:41:31 | 00,259,072 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\rpcss.dll
[2009-03-24 15:41:31 | 00,259,072 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\rpcss.dll
[2009-03-24 15:41:31 | 00,193,536 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\rasppp.dll
[2009-03-24 15:41:31 | 00,193,536 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\rasppp.dll
[2009-03-24 15:41:31 | 00,159,744 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\rasmans.dll
[2009-03-24 15:41:31 | 00,159,744 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\rasmans.dll
[2009-03-24 15:41:31 | 00,134,656 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\rdchost.dll
[2009-03-24 15:41:31 | 00,134,656 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\rdchost.dll
[2009-03-24 15:41:31 | 00,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\rsaenh.dll
[2009-03-24 15:41:31 | 00,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\rsaenh.dll
[2009-03-24 15:41:31 | 00,096,256 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\rcbdyctl.dll
[2009-03-24 15:41:31 | 00,096,256 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\rcbdyctl.dll
[2009-03-24 15:41:31 | 00,087,048 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\rdpdd.dll
[2009-03-24 15:41:31 | 00,087,048 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\rdpdd.dll
[2009-03-24 15:41:31 | 00,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\rtcshare.exe
[2009-03-24 15:41:31 | 00,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\rtcshare.exe
[2009-03-24 15:41:31 | 00,073,864 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\rdpwsx.dll
[2009-03-24 15:41:31 | 00,073,864 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\rdpwsx.dll
[2009-03-24 15:41:31 | 00,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\remotesp.tsp
[2009-03-24 15:41:31 | 00,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\remotesp.tsp
[2009-03-24 15:41:31 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\rdshost.exe
[2009-03-24 15:41:31 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\rdshost.exe
[2009-03-24 15:41:31 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\remotepg.dll
[2009-03-24 15:41:31 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\remotepg.dll
[2009-03-24 15:41:31 | 00,054,784 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\resutils.dll
[2009-03-24 15:41:31 | 00,054,784 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\resutils.dll
[2009-03-24 15:41:31 | 00,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\rasphone.exe
[2009-03-24 15:41:31 | 00,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\rasphone.exe
[2009-03-24 15:41:31 | 00,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\rastls.dll
[2009-03-24 15:41:31 | 00,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\rastls.dll
[2009-03-24 15:41:31 | 00,051,712 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\regsvc.dll
[2009-03-24 15:41:31 | 00,051,712 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\regsvc.dll
[2009-03-24 15:41:31 | 00,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\reg.exe
[2009-03-24 15:41:31 | 00,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\reg.exe
[2009-03-24 15:41:31 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\regapi.dll
[2009-03-24 15:41:31 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\regapi.dll
[2009-03-24 15:41:31 | 00,041,984 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\rdpclip.exe
[2009-03-24 15:41:31 | 00,041,984 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\rdpclip.exe
[2009-03-24 15:41:31 | 00,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\rcimlby.exe
[2009-03-24 15:41:31 | 00,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\raschap.dll
[2009-03-24 15:41:31 | 00,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\rcimlby.exe
[2009-03-24 15:41:31 | 00,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\raschap.dll
[2009-03-24 15:41:31 | 00,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\racpldlg.dll
[2009-03-24 15:41:31 | 00,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\racpldlg.dll
[2009-03-24 15:41:31 | 00,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\rtipxmib.dll
[2009-03-24 15:41:31 | 00,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\rtipxmib.dll
[2009-03-24 15:41:31 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\rcp.exe
[2009-03-24 15:41:31 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\rcp.exe
[2009-03-24 15:41:31 | 00,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\rsmps.dll
[2009-03-24 15:41:31 | 00,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\rsmps.dll
[2009-03-24 15:41:31 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\rdpsnd.dll
[2009-03-24 15:41:31 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\rdpsnd.dll
[2009-03-24 15:41:31 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\rassapi.dll
[2009-03-24 15:41:31 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\rassapi.dll
[2009-03-24 15:41:31 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\rsh.exe
[2009-03-24 15:41:31 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\rsh.exe
[2009-03-24 15:41:31 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\rdsaddin.exe
[2009-03-24 15:41:31 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\rdsaddin.exe
[2009-03-24 15:41:31 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\rexec.exe
[2009-03-24 15:41:31 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\rexec.exe
[2009-03-24 15:41:31 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\regsvr32.exe
[2009-03-24 15:41:31 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\regsvr32.exe
[2009-03-24 15:41:31 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\rasadhlp.dll
[2009-03-24 15:41:31 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\rasadhlp.dll
[2009-03-24 15:41:31 | 00,003,338 | ---- | C] () -- C:\WINNT\System32\redir.exe
[2009-03-24 15:41:31 | 00,003,338 | ---- | C] () -- C:\WINNT\System32\dllcache\redir.exe
[2009-03-24 15:41:30 | 00,295,936 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\scesrv.dll
[2009-03-24 15:41:30 | 00,295,936 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\scesrv.dll
[2009-03-24 15:41:30 | 00,174,080 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\scecli.dll
[2009-03-24 15:41:30 | 00,174,080 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\scecli.dll
[2009-03-24 15:41:30 | 00,171,008 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\sccsccp.dll
[2009-03-24 15:41:30 | 00,171,008 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\sccsccp.dll
[2009-03-24 15:41:30 | 00,169,984 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\sccbase.dll
[2009-03-24 15:41:30 | 00,169,984 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\sccbase.dll
[2009-03-24 15:41:30 | 00,158,720 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\schedsvc.dll
[2009-03-24 15:41:30 | 00,158,720 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\schedsvc.dll
[2009-03-24 15:41:30 | 00,155,675 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\scrobj.dll
[2009-03-24 15:41:30 | 00,155,675 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\scrobj.dll
[2009-03-24 15:41:30 | 00,147,483 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\scrrun.dll
[2009-03-24 15:41:30 | 00,147,483 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\scrrun.dll
[2009-03-24 15:41:30 | 00,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\sfc_os.dll
[2009-03-24 15:41:30 | 00,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\sfc_os.dll
[2009-03-24 15:41:30 | 00,066,560 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\scarddlg.dll
[2009-03-24 15:41:30 | 00,066,560 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\scarddlg.dll
[2009-03-24 15:41:30 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\servdeps.dll
[2009-03-24 15:41:30 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\sendmail.dll
[2009-03-24 15:41:30 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\servdeps.dll
[2009-03-24 15:41:30 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\sendmail.dll
[2009-03-24 15:41:30 | 00,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\secur32.dll
[2009-03-24 15:41:30 | 00,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\secur32.dll
[2009-03-24 15:41:30 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\safrslv.dll
[2009-03-24 15:41:30 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\safrslv.dll
[2009-03-24 15:41:30 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\rtutils.dll
[2009-03-24 15:41:30 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\rtutils.dll
[2009-03-24 15:41:30 | 00,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\safrcdlg.dll
[2009-03-24 15:41:30 | 00,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\safrcdlg.dll
[2009-03-24 15:41:30 | 00,037,888 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\sdbinst.exe
[2009-03-24 15:41:30 | 00,037,888 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\sdbinst.exe
[2009-03-24 15:41:30 | 00,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\sens.dll
[2009-03-24 15:41:30 | 00,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\sens.dll
[2009-03-24 15:41:30 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\rundll32.exe
[2009-03-24 15:41:30 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\rundll32.exe
[2009-03-24 15:41:30 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\sethc.exe
[2009-03-24 15:41:30 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\sethc.exe
[2009-03-24 15:41:30 | 00,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\sendcmsg.dll
[2009-03-24 15:41:30 | 00,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\sendcmsg.dll
[2009-03-24 15:41:30 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\safrdm.dll
[2009-03-24 15:41:30 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\safrdm.dll
[2009-03-24 15:41:30 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\setup.exe
[2009-03-24 15:41:30 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\seclogon.dll
[2009-03-24 15:41:30 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\setup.exe
[2009-03-24 15:41:30 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\seclogon.dll
[2009-03-24 15:41:30 | 00,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\sclgntfy.dll
[2009-03-24 15:41:30 | 00,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\sclgntfy.dll
[2009-03-24 15:41:30 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\runonce.exe
[2009-03-24 15:41:30 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\runonce.exe
[2009-03-24 15:41:30 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\scrnsave.scr
[2009-03-24 15:41:30 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\scrnsave.scr
[2009-03-24 15:41:30 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\sensapi.dll
[2009-03-24 15:41:30 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\sensapi.dll
[2009-03-24 15:41:30 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\security.dll
[2009-03-24 15:41:30 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\security.dll
[2009-03-24 15:41:30 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\sfc.dll
[2009-03-24 15:41:30 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\sfc.dll
[2009-03-24 15:41:28 | 01,562,112 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\sfcfiles.dll
[2009-03-24 15:41:28 | 01,562,112 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\sfcfiles.dll
[2009-03-24 15:41:27 | 00,548,864 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\shdoclc.dll
[2009-03-24 15:41:27 | 00,548,864 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\shdoclc.dll
[2009-03-24 15:41:26 | 08,322,560 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\shell32.dll
[2009-03-24 15:41:26 | 08,322,560 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\shell32.dll
[2009-03-24 15:41:26 | 01,338,880 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\shdocvw.dll
[2009-03-24 15:41:26 | 01,338,880 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\shdocvw.dll
[2009-03-24 15:41:26 | 00,419,840 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\shimgvw.dll
[2009-03-24 15:41:26 | 00,419,840 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\shimgvw.dll
[2009-03-24 15:41:26 | 00,397,824 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\shlwapi.dll
[2009-03-24 15:41:26 | 00,397,824 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\shlwapi.dll
[2009-03-24 15:41:26 | 00,126,464 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\shmedia.dll
[2009-03-24 15:41:26 | 00,126,464 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\shmedia.dll
[2009-03-24 15:41:26 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\shrpubw.exe
[2009-03-24 15:41:26 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\shrpubw.exe
[2009-03-24 15:41:26 | 00,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\shgina.dll
[2009-03-24 15:41:26 | 00,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\shgina.dll
[2009-03-24 15:41:26 | 00,054,784 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\shimeng.dll
[2009-03-24 15:41:26 | 00,054,784 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\shimeng.dll
[2009-03-24 15:41:26 | 00,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\shfolder.dll
[2009-03-24 15:41:26 | 00,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\shfolder.dll
[2009-03-24 15:41:26 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\shmgrate.exe
[2009-03-24 15:41:26 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\shmgrate.exe
[2009-03-24 15:41:25 | 00,534,016 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\spider.exe
[2009-03-24 15:41:25 | 00,534,016 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\spider.exe
[2009-03-24 15:41:25 | 00,356,352 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\sqlsrv32.dll
[2009-03-24 15:41:25 | 00,332,288 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\smlogcfg.dll
[2009-03-24 15:41:25 | 00,332,288 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\smlogcfg.dll
[2009-03-24 15:41:25 | 00,276,480 | ---- | C] (Schlumberger Technology Corporation) -- C:\WINNT\System32\slbcsp.dll
[2009-03-24 15:41:25 | 00,276,480 | ---- | C] (Schlumberger Technology Corporation) -- C:\WINNT\System32\dllcache\slbcsp.dll
[2009-03-24 15:41:25 | 00,218,112 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\srrstr.dll
[2009-03-24 15:41:25 | 00,218,112 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\srrstr.dll
[2009-03-24 15:41:25 | 00,180,800 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\sqlunirl.dll
[2009-03-24 15:41:25 | 00,180,800 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\sqlunirl.dll
[2009-03-24 15:41:25 | 00,172,032 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\snmpsnap.dll
[2009-03-24 15:41:25 | 00,172,032 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\snmpsnap.dll
[2009-03-24 15:41:25 | 00,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\srsvc.dll
[2009-03-24 15:41:25 | 00,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\srsvc.dll
[2009-03-24 15:41:25 | 00,124,416 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\sndrec32.exe
[2009-03-24 15:41:25 | 00,124,416 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\sndrec32.exe
[2009-03-24 15:41:25 | 00,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\shsvcs.dll
[2009-03-24 15:41:25 | 00,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\shsvcs.dll
[2009-03-24 15:41:25 | 00,090,112 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\sqlsrv32.rll
[2009-03-24 15:41:25 | 00,089,600 | ---- | C] (Schlumberger Technology Corporation) -- C:\WINNT\System32\slbiop.dll
[2009-03-24 15:41:25 | 00,089,600 | ---- | C] (Schlumberger Technology Corporation) -- C:\WINNT\System32\dllcache\slbiop.dll
[2009-03-24 15:41:25 | 00,086,016 | ---- | C] (Sipro Lab Telecom Inc.) -- C:\WINNT\System32\sl_anet.acm
[2009-03-24 15:41:25 | 00,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\smlogsvc.exe
[2009-03-24 15:41:25 | 00,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\smlogsvc.exe
[2009-03-24 15:41:25 | 00,066,560 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\spoolss.dll
[2009-03-24 15:41:25 | 00,066,560 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\spoolss.dll
[2009-03-24 15:41:25 | 00,066,048 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\sigverif.exe
[2009-03-24 15:41:25 | 00,066,048 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\sigverif.exe
[2009-03-24 15:41:25 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\srclient.dll
[2009-03-24 15:41:25 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\srclient.dll
[2009-03-24 15:41:25 | 00,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\spoolsv.exe
[2009-03-24 15:41:25 | 00,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\spoolsv.exe
[2009-03-24 15:41:25 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\skeys.exe
[2009-03-24 15:41:25 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\skeys.exe
[2009-03-24 15:41:25 | 00,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\shscrap.dll
[2009-03-24 15:41:25 | 00,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\shscrap.dll
[2009-03-24 15:41:25 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\slayerxp.dll
[2009-03-24 15:41:25 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\slayerxp.dll
[2009-03-24 15:41:25 | 00,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\shutdown.exe
[2009-03-24 15:41:25 | 00,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\shutdown.exe
[2009-03-24 15:41:25 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\snmpapi.dll
[2009-03-24 15:41:25 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\snmpapi.dll
[2009-03-24 15:41:25 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\simpdata.tlb
[2009-03-24 15:41:25 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\simpdata.tlb
[2009-03-24 15:41:25 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\sigtab.dll
[2009-03-24 15:41:25 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\sigtab.dll
[2009-03-24 15:41:24 | 00,667,648 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\ss3dfo.scr
[2009-03-24 15:41:24 | 00,667,648 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\ss3dfo.scr
[2009-03-24 15:41:24 | 00,638,976 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\sstext3d.scr
[2009-03-24 15:41:24 | 00,638,976 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\sstext3d.scr
[2009-03-24 15:41:24 | 00,569,344 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\sspipes.scr
[2009-03-24 15:41:24 | 00,569,344 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\sspipes.scr
[2009-03-24 15:41:24 | 00,364,544 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\ssflwbox.scr
[2009-03-24 15:41:24 | 00,364,544 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\ssflwbox.scr
[2009-03-24 15:41:24 | 00,132,096 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\sti_ci.dll
[2009-03-24 15:41:24 | 00,132,096 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\sti_ci.dll
[2009-03-24 15:41:24 | 00,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\stobject.dll
[2009-03-24 15:41:24 | 00,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\stobject.dll
[2009-03-24 15:41:24 | 00,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\sti.dll
[2009-03-24 15:41:24 | 00,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\sti.dll
[2009-03-24 15:41:24 | 00,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\ssmypics.scr
[2009-03-24 15:41:24 | 00,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\ssmypics.scr
[2009-03-24 15:41:24 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\ssdpsrv.dll
[2009-03-24 15:41:24 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\ssdpsrv.dll
[2009-03-24 15:41:24 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\ssdpapi.dll
[2009-03-24 15:41:24 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\ssdpapi.dll
[2009-03-24 15:41:24 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\stimon.exe
[2009-03-24 15:41:24 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\stimon.exe
[2009-03-24 15:41:24 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\ssmarque.scr
[2009-03-24 15:41:24 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\ssmarque.scr
[2009-03-24 15:41:24 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\ssbezier.scr
[2009-03-24 15:41:24 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\ssbezier.scr
[2009-03-24 15:41:24 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\ssmyst.scr
[2009-03-24 15:41:24 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\ssmyst.scr
[2009-03-24 15:41:24 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\ssstars.scr
[2009-03-24 15:41:24 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\ssstars.scr
[2009-03-24 15:41:23 | 00,829,952 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\tapi3.dll
[2009-03-24 15:41:23 | 00,829,952 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\tapi3.dll
[2009-03-24 15:41:23 | 00,647,680 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\sxs.dll
[2009-03-24 15:41:23 | 00,647,680 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\sxs.dll
[2009-03-24 15:41:23 | 00,343,552 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\termmgr.dll
[2009-03-24 15:41:23 | 00,343,552 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\termmgr.dll
[2009-03-24 15:41:23 | 00,246,302 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\strmdll.dll
[2009-03-24 15:41:23 | 00,246,302 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\strmdll.dll
[2009-03-24 15:41:23 | 00,233,984 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\tapisrv.dll
[2009-03-24 15:41:23 | 00,233,984 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\tapisrv.dll
[2009-03-24 15:41:23 | 00,205,312 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\sysmon.ocx
[2009-03-24 15:41:23 | 00,205,312 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\sysmon.ocx
[2009-03-24 15:41:23 | 00,198,656 | ---- | C] (Microsoft Corp.) -- C:\WINNT\System32\t2embed.dll
[2009-03-24 15:41:23 | 00,198,656 | ---- | C] (Microsoft Corp.) -- C:\WINNT\System32\dllcache\t2embed.dll
[2009-03-24 15:41:23 | 00,197,632 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\termsrv.dll
[2009-03-24 15:41:23 | 00,197,632 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\termsrv.dll
[2009-03-24 15:41:23 | 00,183,296 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\syncui.dll
[2009-03-24 15:41:23 | 00,183,296 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\syncui.dll
[2009-03-24 15:41:23 | 00,163,328 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\tapi32.dll
[2009-03-24 15:41:23 | 00,163,328 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\tapi32.dll
[2009-03-24 15:41:23 | 00,128,512 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\taskmgr.exe
[2009-03-24 15:41:23 | 00,128,512 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\taskmgr.exe
[2009-03-24 15:41:23 | 00,103,936 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\sysocmgr.exe
[2009-03-24 15:41:23 | 00,103,936 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\sysocmgr.exe
[2009-03-24 15:41:23 | 00,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\storprop.dll
[2009-03-24 15:41:23 | 00,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\telnet.exe
[2009-03-24 15:41:23 | 00,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\telnet.exe
[2009-03-24 15:41:23 | 00,055,808 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\tdc.ocx
[2009-03-24 15:41:23 | 00,055,808 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\tdc.ocx
[2009-03-24 15:41:23 | 00,051,712 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\synceng.dll
[2009-03-24 15:41:23 | 00,051,712 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\synceng.dll
[2009-03-24 15:41:23 | 00,045,672 | ---- | C] () -- C:\WINNT\System32\tcpmon.ini
[2009-03-24 15:41:23 | 00,040,448 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\tcpmon.dll
[2009-03-24 15:41:23 | 00,040,448 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\tcpmon.dll
[2009-03-24 15:41:23 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\tcpmib.dll
[2009-03-24 15:41:23 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\tcpmib.dll
[2009-03-24 15:41:23 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\svchost.exe
[2009-03-24 15:41:23 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\svchost.exe
[2009-03-24 15:41:22 | 00,662,016 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\userenv.dll
[2009-03-24 15:41:22 | 00,662,016 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\userenv.dll
[2009-03-24 15:41:22 | 00,561,152 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\user32.dll
[2009-03-24 15:41:22 | 00,561,152 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\user32.dll
[2009-03-24 15:41:22 | 00,452,096 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\urlmon.dll
[2009-03-24 15:41:22 | 00,452,096 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\urlmon.dll
[2009-03-24 15:41:22 | 00,383,488 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\themeui.dll
[2009-03-24 15:41:22 | 00,383,488 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\themeui.dll
[2009-03-24 15:41:22 | 00,346,624 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\tourstart.exe
[2009-03-24 15:41:22 | 00,339,456 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\usp10.dll
[2009-03-24 15:41:22 | 00,339,456 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\usp10.dll
[2009-03-24 15:41:22 | 00,231,424 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\upnpui.dll
[2009-03-24 15:41:22 | 00,231,424 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\upnpui.dll
[2009-03-24 15:41:22 | 00,188,928 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\unimdm.tsp
[2009-03-24 15:41:22 | 00,188,928 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\unimdm.tsp
[2009-03-24 15:41:22 | 00,162,816 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\upnphost.dll
[2009-03-24 15:41:22 | 00,162,816 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\upnphost.dll
[2009-03-24 15:41:22 | 00,115,200 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\upnp.dll
[2009-03-24 15:41:22 | 00,115,200 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\upnp.dll
[2009-03-24 15:41:22 | 00,109,568 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\url.dll
[2009-03-24 15:41:22 | 00,109,568 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\url.dll
[2009-03-24 15:41:22 | 00,105,472 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\umpnpmgr.dll
[2009-03-24 15:41:22 | 00,105,472 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\umpnpmgr.dll
[2009-03-24 15:41:22 | 00,090,624 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\txflog.dll
[2009-03-24 15:41:22 | 00,090,624 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\txflog.dll
[2009-03-24 15:41:22 | 00,090,112 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\timedate.cpl
[2009-03-24 15:41:22 | 00,090,112 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\timedate.cpl
[2009-03-24 15:41:22 | 00,088,576 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\tscfgwmi.dll
[2009-03-24 15:41:22 | 00,088,576 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\tscfgwmi.dll
[2009-03-24 15:41:22 | 00,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\trkwks.dll
[2009-03-24 15:41:22 | 00,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\trkwks.dll
[2009-03-24 15:41:22 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\unimdmat.dll
[2009-03-24 15:41:22 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\unimdmat.dll
[2009-03-24 15:41:22 | 00,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\usbui.dll
[2009-03-24 15:41:22 | 00,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\utilman.exe
[2009-03-24 15:41:22 | 00,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\utilman.exe
[2009-03-24 15:41:22 | 00,040,448 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\tscupgrd.exe
[2009-03-24 15:41:22 | 00,040,448 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\tscupgrd.exe
[2009-03-24 15:41:22 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\umandlg.dll
[2009-03-24 15:41:22 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\umandlg.dll
[2009-03-24 15:41:22 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\udhisapi.dll
[2009-03-24 15:41:22 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\udhisapi.dll
[2009-03-24 15:41:22 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\ups.exe
[2009-03-24 15:41:22 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\ups.exe
[2009-03-24 15:41:22 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\usbmon.dll
[2009-03-24 15:41:22 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\upnpcont.exe
[2009-03-24 15:41:22 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\usbmon.dll
[2009-03-24 15:41:22 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\upnpcont.exe
[2009-03-24 15:41:22 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\uniplat.dll
[2009-03-24 15:41:22 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\uniplat.dll
[2009-03-24 15:41:22 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\tracert.exe
[2009-03-24 15:41:22 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\tracert.exe
[2009-03-24 15:41:22 | 00,008,456 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\tsddd.dll
[2009-03-24 15:41:22 | 00,008,456 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\tsddd.dll
[2009-03-24 15:41:21 | 01,308,672 | ---- | C] () -- C:\WINNT\System32\webfldrs.msi
[2009-03-24 15:41:21 | 00,568,832 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\wiashext.dll
[2009-03-24 15:41:21 | 00,568,832 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\wiashext.dll
[2009-03-24 15:41:21 | 00,479,261 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\vbscript.dll
[2009-03-24 15:41:21 | 00,479,261 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\vbscript.dll
[2009-03-24 15:41:21 | 00,449,536 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\wiadefui.dll
[2009-03-24 15:41:21 | 00,449,536 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\wiadefui.dll
[2009-03-24 15:41:21 | 00,414,720 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\wiaacmgr.exe
[2009-03-24 15:41:21 | 00,414,720 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\wiaacmgr.exe
[2009-03-24 15:41:21 | 00,409,088 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\vssapi.dll
[2009-03-24 15:41:21 | 00,409,088 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\vssapi.dll
[2009-03-24 15:41:21 | 00,314,368 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\wiaservc.dll
[2009-03-24 15:41:21 | 00,314,368 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\wiaservc.dll
[2009-03-24 15:41:21 | 00,275,456 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\vssvc.exe
[2009-03-24 15:41:21 | 00,275,456 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\vssvc.exe
[2009-03-24 15:41:21 | 00,258,560 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\webcheck.dll
[2009-03-24 15:41:21 | 00,258,560 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\webcheck.dll
[2009-03-24 15:41:21 | 00,202,752 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\uxtheme.dll
[2009-03-24 15:41:21 | 00,202,752 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\uxtheme.dll
[2009-03-24 15:41:21 | 00,165,376 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\w32time.dll
[2009-03-24 15:41:21 | 00,165,376 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\w32time.dll
[2009-03-24 15:41:21 | 00,124,928 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\webvw.dll
[2009-03-24 15:41:21 | 00,124,928 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\webvw.dll
[2009-03-24 15:41:21 | 00,118,272 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\wiadss.dll
[2009-03-24 15:41:21 | 00,118,272 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\wiadss.dll
[2009-03-24 15:41:21 | 00,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\wiascr.dll
[2009-03-24 15:41:21 | 00,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\wiascr.dll
[2009-03-24 15:41:21 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\webclnt.dll
[2009-03-24 15:41:21 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\webclnt.dll
[2009-03-24 15:41:21 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\wextract.exe
[2009-03-24 15:41:21 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\wextract.exe
[2009-03-24 15:41:21 | 00,049,664 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\vfwwdm32.dll
[2009-03-24 15:41:21 | 00,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\vdmredir.dll
[2009-03-24 15:41:21 | 00,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\vdmredir.dll
[2009-03-24 15:41:21 | 00,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\wdigest.dll
[2009-03-24 15:41:21 | 00,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\wdigest.dll
[2009-03-24 15:41:21 | 00,030,992 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\vbajet32.dll
[2009-03-24 15:41:21 | 00,030,992 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\vbajet32.dll
[2009-03-24 15:41:21 | 00,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\vbisurf.ax
[2009-03-24 15:41:21 | 00,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\vbisurf.ax
[2009-03-24 15:41:21 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\vdmdbg.dll
[2009-03-24 15:41:21 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\vdmdbg.dll
[2009-03-24 15:41:21 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\wdmaud.drv
[2009-03-24 15:41:21 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\version.dll
[2009-03-24 15:41:21 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\version.dll
[2009-03-24 15:41:21 | 00,014,592 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\watchdog.sys
[2009-03-24 15:41:21 | 00,014,592 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\watchdog.sys
[2009-03-24 15:41:20 | 00,762,368 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\winntbbu.dll
[2009-03-24 15:41:20 | 00,762,368 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\winntbbu.dll
[2009-03-24 15:41:20 | 00,593,920 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\wininet.dll
[2009-03-24 15:41:20 | 00,593,920 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\wininet.dll
[2009-03-24 15:41:20 | 00,430,080 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\winlogon.exe
[2009-03-24 15:41:20 | 00,430,080 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\winlogon.exe
[2009-03-24 15:41:20 | 00,275,968 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\winsrv.dll
[2009-03-24 15:41:20 | 00,275,968 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\winsrv.dll
[2009-03-24 15:41:20 | 00,170,496 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\winmm.dll
[2009-03-24 15:41:20 | 00,170,496 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\winmm.dll
[2009-03-24 15:41:20 | 00,104,448 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\wiavideo.dll
[2009-03-24 15:41:20 | 00,104,448 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\wiavideo.dll
[2009-03-24 15:41:20 | 00,093,184 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\winscard.dll
[2009-03-24 15:41:20 | 00,093,184 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\winscard.dll
[2009-03-24 15:41:20 | 00,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\winsta.dll
[2009-03-24 15:41:20 | 00,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\winsta.dll
[2009-03-24 15:41:20 | 00,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\winipsec.dll
[2009-03-24 15:41:20 | 00,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\winipsec.dll
[2009-03-24 15:41:20 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\winrnr.dll
[2009-03-24 15:41:20 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\winrnr.dll
[2009-03-24 15:41:19 | 00,166,912 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\wintrust.dll
[2009-03-24 15:41:19 | 00,166,912 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\wintrust.dll
[2009-03-24 15:41:18 | 00,442,398 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\wmadmoe.dll
[2009-03-24 15:41:18 | 00,442,398 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\wmadmoe.dll
[2009-03-24 15:41:18 | 00,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\wmasf.dll
[2009-03-24 15:41:18 | 00,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\wmasf.dll
[2009-03-24 15:41:18 | 00,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\wmadmod.dll
[2009-03-24 15:41:18 | 00,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\wmadmod.dll
[2009-03-24 15:41:18 | 00,167,936 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\wldap32.dll
[2009-03-24 15:41:18 | 00,167,936 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\wldap32.dll
[2009-03-24 15:41:18 | 00,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\wlnotify.dll
[2009-03-24 15:41:18 | 00,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\wlnotify.dll
[2009-03-24 15:41:18 | 00,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\wmdmlog.dll
[2009-03-24 15:41:18 | 00,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\wmdmlog.dll
[2009-03-24 15:41:18 | 00,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\wmdmps.dll
[2009-03-24 15:41:18 | 00,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\wmdmps.dll
[2009-03-24 15:41:18 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\wmi.dll
[2009-03-24 15:41:18 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\wmi.dll
[2009-03-24 15:41:18 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\winver.exe
[2009-03-24 15:41:18 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\winver.exe
[2009-03-24 15:41:17 | 01,998,848 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\wmploc.dll
[2009-03-24 15:41:17 | 01,998,848 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\wmploc.dll
[2009-03-24 15:41:17 | 01,392,640 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\wmpui.dll
[2009-03-24 15:41:17 | 01,392,640 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\wmpui.dll
[2009-03-24 15:41:17 | 01,302,528 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\wmpcore.dll
[2009-03-24 15:41:17 | 01,302,528 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\wmpcore.dll
[2009-03-24 15:41:17 | 01,216,512 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\wmvcore.dll
[2009-03-24 15:41:17 | 01,216,512 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\wmvcore.dll
[2009-03-24 15:41:17 | 00,298,496 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\wmstream.dll
[2009-03-24 15:41:17 | 00,298,496 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\wmstream.dll
[2009-03-24 15:41:17 | 00,294,912 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\wmvdmod.dll
[2009-03-24 15:41:17 | 00,294,912 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\wmvdmod.dll
[2009-03-24 15:41:17 | 00,278,559 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\wmv8ds32.ax
[2009-03-24 15:41:17 | 00,278,559 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\wmv8ds32.ax
[2009-03-24 15:41:17 | 00,258,048 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\wmvds32.ax
[2009-03-24 15:41:17 | 00,258,048 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\wmvds32.ax
[2009-03-24 15:41:17 | 00,253,952 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\wmpcd.dll
[2009-03-24 15:41:17 | 00,253,952 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\wmnetmgr.dll
[2009-03-24 15:41:17 | 00,253,952 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\wmpcd.dll
[2009-03-24 15:41:17 | 00,253,952 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\wmnetmgr.dll
[2009-03-24 15:41:17 | 00,247,808 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\wow32.dll
[2009-03-24 15:41:17 | 00,247,808 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\wow32.dll
[2009-03-24 15:41:17 | 00,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\wmp.ocx
[2009-03-24 15:41:17 | 00,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\wmp.ocx
[2009-03-24 15:41:17 | 00,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\wmsdmoe.dll
[2009-03-24 15:41:17 | 00,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\wmsdmoe.dll
[2009-03-24 15:41:17 | 00,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\wmsdmod.dll
[2009-03-24 15:41:17 | 00,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\wmsdmod.dll
[2009-03-24 15:41:17 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\wmpshell.dll
[2009-03-24 15:41:17 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\wmpshell.dll
[2009-03-24 15:41:16 | 00,317,952 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\zipfldr.dll
[2009-03-24 15:41:16 | 00,317,952 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\zipfldr.dll
[2009-03-24 15:41:16 | 00,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\wzcsvc.dll
[2009-03-24 15:41:16 | 00,165,744 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\xenroll.dll
[2009-03-24 15:41:16 | 00,165,744 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\xenroll.dll
[2009-03-24 15:41:16 | 00,118,834 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\wscript.exe
[2009-03-24 15:41:16 | 00,118,834 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\wscript.exe
[2009-03-24 15:41:16 | 00,102,448 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\wshom.ocx
[2009-03-24 15:41:16 | 00,102,448 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\wshom.ocx
[2009-03-24 15:41:16 | 00,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\xactsrv.dll
[2009-03-24 15:41:16 | 00,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\xactsrv.dll
[2009-03-24 15:41:16 | 00,075,264 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\ws2_32.dll
[2009-03-24 15:41:16 | 00,075,264 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\ws2_32.dll
[2009-03-24 15:41:16 | 00,065,585 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\wshext.dll
[2009-03-24 15:41:16 | 00,065,585 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\wshext.dll
[2009-03-24 15:41:16 | 00,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\wzcdlg.dll
[2009-03-24 15:41:16 | 00,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\wzcdlg.dll
[2009-03-24 15:41:16 | 00,046,080 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\wstdecod.dll
[2009-03-24 15:41:16 | 00,046,080 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\wstdecod.dll
[2009-03-24 15:41:16 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\wsnmp32.dll
[2009-03-24 15:41:16 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\wsnmp32.dll
[2009-03-24 15:41:16 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\wpabaln.exe
[2009-03-24 15:41:16 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\wpabaln.exe
[2009-03-24 15:41:16 | 00,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\wpnpinst.exe
[2009-03-24 15:41:16 | 00,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\wpnpinst.exe
[2009-03-24 15:41:16 | 00,028,721 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\wshcon.dll
[2009-03-24 15:41:16 | 00,028,721 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\wshcon.dll
[2009-03-24 15:41:16 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\xcopy.exe
[2009-03-24 15:41:16 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\xcopy.exe
[2009-03-24 15:41:16 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\wsock32.dll
[2009-03-24 15:41:16 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\wsock32.dll
[2009-03-24 15:41:16 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\wzcsapi.dll
[2009-03-24 15:41:16 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\ws2help.dll
[2009-03-24 15:41:16 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\ws2help.dll
[2009-03-24 15:41:16 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\wshtcpip.dll
[2009-03-24 15:41:16 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\wshtcpip.dll
[2009-03-24 15:41:16 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\wtsapi32.dll
[2009-03-24 15:41:16 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\wtsapi32.dll
[2009-03-24 15:41:16 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\wship6.dll
[2009-03-24 15:41:16 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\wship6.dll
[2009-03-24 15:41:16 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\wshrm.dll
[2009-03-24 15:41:16 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\wshrm.dll
[2009-03-24 15:41:16 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\xolehlp.dll
[2009-03-24 15:41:16 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\xolehlp.dll
[2009-03-24 15:41:14 | 00,926,720 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\kernel32.dll
[2009-03-24 15:41:14 | 00,926,720 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\kernel32.dll
[2009-03-24 15:41:14 | 00,669,696 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\lsasrv.dll
[2009-03-24 15:41:14 | 00,669,696 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\lsasrv.dll
[2009-03-24 15:41:14 | 00,578,560 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\autoconv.exe
[2009-03-24 15:41:14 | 00,578,560 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\autoconv.exe
[2009-03-24 15:41:14 | 00,565,760 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\autochk.exe
[2009-03-24 15:41:14 | 00,565,760 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\autochk.exe
[2009-03-24 15:41:14 | 00,557,568 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\comctl32.dll
[2009-03-24 15:41:14 | 00,557,568 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\comctl32.dll
[2009-03-24 15:41:14 | 00,549,888 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\advapi32.dll
[2009-03-24 15:41:14 | 00,549,888 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\advapi32.dll
[2009-03-24 15:41:14 | 00,375,808 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\cmd.exe
[2009-03-24 15:41:14 | 00,375,808 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\cmd.exe
[2009-03-24 15:41:14 | 00,292,352 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\localspl.dll
[2009-03-24 15:41:14 | 00,292,352 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\localspl.dll
[2009-03-24 15:41:14 | 00,258,048 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\comdlg32.dll
[2009-03-24 15:41:14 | 00,258,048 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\comdlg32.dll
[2009-03-24 15:41:14 | 00,130,048 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\desk.cpl
[2009-03-24 15:41:14 | 00,130,048 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\desk.cpl
[2009-03-24 15:41:14 | 00,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\imagehlp.dll
[2009-03-24 15:41:14 | 00,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\imagehlp.dll
[2009-03-24 15:41:14 | 00,098,816 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\dhcpcsvc.dll
[2009-03-24 15:41:14 | 00,098,816 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dhcpcsvc.dll
[2009-03-24 15:41:14 | 00,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\locator.exe
[2009-03-24 15:41:14 | 00,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\locator.exe
[2009-03-24 15:41:14 | 00,040,448 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\ftp.exe
[2009-03-24 15:41:14 | 00,040,448 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\ftp.exe
[2009-03-24 15:41:14 | 00,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\csrsrv.dll
[2009-03-24 15:41:14 | 00,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\csrsrv.dll
[2009-03-24 15:41:14 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\mgmtapi.dll
[2009-03-24 15:41:14 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\mgmtapi.dll
[2009-03-24 15:41:14 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\lmhsvc.dll
[2009-03-24 15:41:14 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\lmhsvc.dll
[2009-03-24 15:41:13 | 01,799,552 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\win32k.sys
[2009-03-24 15:41:13 | 01,799,552 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\win32k.sys
[2009-03-24 15:41:13 | 00,927,744 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\syssetup.dll
[2009-03-24 15:41:13 | 00,927,744 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\syssetup.dll
[2009-03-24 15:41:13 | 00,922,624 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\setupapi.dll
[2009-03-24 15:41:13 | 00,922,624 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\setupapi.dll
[2009-03-24 15:41:13 | 00,674,304 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\ntdll.dll
[2009-03-24 15:41:13 | 00,674,304 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\ntdll.dll
[2009-03-24 15:41:13 | 00,630,784 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\rasdlg.dll
[2009-03-24 15:41:13 | 00,630,784 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\rasdlg.dll
[2009-03-24 15:41:13 | 00,569,344 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\oleaut32.dll
[2009-03-24 15:41:13 | 00,569,344 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\oleaut32.dll
[2009-03-24 15:41:13 | 00,522,240 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\printui.dll
[2009-03-24 15:41:13 | 00,522,240 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\printui.dll
[2009-03-24 15:41:13 | 00,411,136 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\samsrv.dll
[2009-03-24 15:41:13 | 00,411,136 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\samsrv.dll
[2009-03-24 15:41:13 | 00,395,776 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\ntvdm.exe
[2009-03-24 15:41:13 | 00,395,776 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\ntvdm.exe
[2009-03-24 15:41:13 | 00,302,080 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\untfs.dll
[2009-03-24 15:41:13 | 00,302,080 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\untfs.dll
[2009-03-24 15:41:13 | 00,270,848 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\sysdm.cpl
[2009-03-24 15:41:13 | 00,270,848 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\sysdm.cpl
[2009-03-24 15:41:13 | 00,268,800 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\ulib.dll
[2009-03-24 15:41:13 | 00,268,800 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\ulib.dll
[2009-03-24 15:41:13 | 00,214,528 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\rasapi32.dll
[2009-03-24 15:41:13 | 00,214,528 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\rasapi32.dll
[2009-03-24 15:41:13 | 00,179,200 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\acpi.sys
[2009-03-24 15:41:13 | 00,133,632 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\schannel.dll
[2009-03-24 15:41:13 | 00,133,632 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\nwprovau.dll
[2009-03-24 15:41:13 | 00,133,632 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\schannel.dll
[2009-03-24 15:41:13 | 00,133,632 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\nwprovau.dll
[2009-03-24 15:41:13 | 00,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\winspool.drv
[2009-03-24 15:41:13 | 00,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\winspool.drv
[2009-03-24 15:41:13 | 00,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System\winspool.drv
[2009-03-24 15:41:13 | 00,130,688 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\afd.sys
[2009-03-24 15:41:13 | 00,130,688 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\afd.sys
[2009-03-24 15:41:13 | 00,130,048 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\sessmgr.exe
[2009-03-24 15:41:13 | 00,130,048 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\sessmgr.exe
[2009-03-24 15:41:13 | 00,122,472 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\aec.sys
[2009-03-24 15:41:13 | 00,120,832 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\wkssvc.dll
[2009-03-24 15:41:13 | 00,120,832 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\wkssvc.dll
[2009-03-24 15:41:13 | 00,108,032 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\msv1_0.dll
[2009-03-24 15:41:13 | 00,108,032 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msv1_0.dll
[2009-03-24 15:41:13 | 00,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\services.exe
[2009-03-24 15:41:13 | 00,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\services.exe
[2009-03-24 15:41:13 | 00,095,232 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\win32spl.dll
[2009-03-24 15:41:13 | 00,095,232 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\win32spl.dll
[2009-03-24 15:41:13 | 00,093,184 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\scardsvr.exe
[2009-03-24 15:41:13 | 00,093,184 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\scardsvr.exe
[2009-03-24 15:41:13 | 00,087,040 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\srvsvc.dll
[2009-03-24 15:41:13 | 00,087,040 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\srvsvc.dll
[2009-03-24 15:41:13 | 00,086,656 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\atapi.sys
[2009-03-24 15:41:13 | 00,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\rasauto.dll
[2009-03-24 15:41:13 | 00,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\rasauto.dll
[2009-03-24 15:41:13 | 00,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\ntprint.dll
[2009-03-24 15:41:13 | 00,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\ntprint.dll
[2009-03-24 15:41:13 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\nslookup.exe
[2009-03-24 15:41:13 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\nslookup.exe
[2009-03-24 15:41:13 | 00,062,208 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\cdfs.sys
[2009-03-24 15:41:13 | 00,062,208 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\cdfs.sys
[2009-03-24 15:41:13 | 00,057,216 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\atmarpc.sys
[2009-03-24 15:41:13 | 00,057,216 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\atmarpc.sys
[2009-03-24 15:41:13 | 00,055,808 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\rasman.dll
[2009-03-24 15:41:13 | 00,055,808 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\rasman.dll
[2009-03-24 15:41:13 | 00,054,784 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\samlib.dll
[2009-03-24 15:41:13 | 00,054,784 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\samlib.dll
[2009-03-24 15:41:13 | 00,054,016 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\arp1394.sys
[2009-03-24 15:41:13 | 00,053,888 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\atmlane.sys
[2009-03-24 15:41:13 | 00,053,888 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\atmlane.sys
[2009-03-24 15:41:13 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\rastapi.dll
[2009-03-24 15:41:13 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\rastapi.dll
[2009-03-24 15:41:13 | 00,053,376 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\bridge.sys
[2009-03-24 15:41:13 | 00,053,376 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\bridge.sys
[2009-03-24 15:41:13 | 00,047,488 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\cdrom.sys
[2009-03-24 15:41:13 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\smss.exe
[2009-03-24 15:41:13 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\smss.exe
[2009-03-24 15:41:13 | 00,044,928 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\classpnp.sys
[2009-03-24 15:41:13 | 00,044,928 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\classpnp.sys
[2009-03-24 15:41:13 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\tcpmonui.dll
[2009-03-24 15:41:13 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\tcpmonui.dll
[2009-03-24 15:41:13 | 00,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\perfctrs.dll
[2009-03-24 15:41:13 | 00,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\perfctrs.dll
[2009-03-24 15:41:13 | 00,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\rshx32.dll
[2009-03-24 15:41:13 | 00,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\rshx32.dll
[2009-03-24 15:41:13 | 00,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\msgsvc.dll
[2009-03-24 15:41:13 | 00,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msgsvc.dll
[2009-03-24 15:41:13 | 00,033,664 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\disk.sys
[2009-03-24 15:41:13 | 00,032,000 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\amdk6.sys
[2009-03-24 15:41:13 | 00,031,360 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\crusoe.sys
[2009-03-24 15:41:13 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\userinit.exe
[2009-03-24 15:41:13 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\userinit.exe
[2009-03-24 15:41:13 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\savedump.exe
[2009-03-24 15:41:13 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\savedump.exe
[2009-03-24 15:41:13 | 00,016,256 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\ccdecode.sys
[2009-03-24 15:41:13 | 00,013,568 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\asyncmac.sys
[2009-03-24 15:41:13 | 00,013,568 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\asyncmac.sys
[2009-03-24 15:41:13 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\ntlsapi.dll
[2009-03-24 15:41:13 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\ntlsapi.dll
[2009-03-24 15:41:12 | 00,780,928 | ---- | C] (Microsoft Corp., Veritas Software) -- C:\WINNT\System32\drivers\dmboot.sys
[2009-03-24 15:41:12 | 00,780,928 | ---- | C] (Microsoft Corp., Veritas Software) -- C:\WINNT\System32\dllcache\dmboot.sys
[2009-03-24 15:41:12 | 00,533,504 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\ntfs.sys
[2009-03-24 15:41:12 | 00,533,504 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\ntfs.sys
[2009-03-24 15:41:12 | 00,407,680 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\mrxsmb.sys
[2009-03-24 15:41:12 | 00,407,680 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\mrxsmb.sys
[2009-03-24 15:41:12 | 00,181,632 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\rdpdr.sys
[2009-03-24 15:41:12 | 00,172,672 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\mrxdav.sys
[2009-03-24 15:41:12 | 00,172,672 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\mrxdav.sys
[2009-03-24 15:41:12 | 00,163,840 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\rdbss.sys
[2009-03-24 15:41:12 | 00,163,840 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\rdbss.sys
[2009-03-24 15:41:12 | 00,161,536 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\ndis.sys
[2009-03-24 15:41:12 | 00,161,536 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\ndis.sys
[2009-03-24 15:41:12 | 00,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\kmixer.sys
[2009-03-24 15:41:12 | 00,150,272 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\netbt.sys
[2009-03-24 15:41:12 | 00,150,272 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\netbt.sys
[2009-03-24 15:41:12 | 00,146,304 | ---- | C] (Microsoft Corp., Veritas Software) -- C:\WINNT\System32\drivers\dmio.sys
[2009-03-24 15:41:12 | 00,146,304 | ---- | C] (Microsoft Corp., Veritas Software) -- C:\WINNT\System32\dllcache\dmio.sys
[2009-03-24 15:41:12 | 00,144,768 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\fastfat.sys
[2009-03-24 15:41:12 | 00,144,768 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\fastfat.sys
[2009-03-24 15:41:12 | 00,135,040 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\portcls.sys
[2009-03-24 15:41:12 | 00,134,144 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\ks.sys
[2009-03-24 15:41:12 | 00,116,352 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\pcmcia.sys
[2009-03-24 15:41:12 | 00,107,912 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\rdpwd.sys
[2009-03-24 15:41:12 | 00,107,912 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\rdpwd.sys
[2009-03-24 15:41:12 | 00,103,936 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\mup.sys
[2009-03-24 15:41:12 | 00,103,936 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\mup.sys
[2009-03-24 15:41:12 | 00,088,320 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\ndiswan.sys
[2009-03-24 15:41:12 | 00,088,320 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\ndiswan.sys
[2009-03-24 15:41:12 | 00,084,864 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\nwlnkipx.sys
[2009-03-24 15:41:12 | 00,084,864 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\nwlnkipx.sys
[2009-03-24 15:41:12 | 00,083,712 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\nabtsfec.sys
[2009-03-24 15:41:12 | 00,079,744 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\ksecdd.sys
[2009-03-24 15:41:12 | 00,079,744 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\ksecdd.sys
[2009-03-24 15:41:12 | 00,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\ipnat.sys
[2009-03-24 15:41:12 | 00,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\ipnat.sys
[2009-03-24 15:41:12 | 00,076,160 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\parport.sys
[2009-03-24 15:41:12 | 00,068,224 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\dxg.sys
[2009-03-24 15:41:12 | 00,068,224 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\dxg.sys
[2009-03-24 15:41:12 | 00,065,920 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\psched.sys
[2009-03-24 15:41:12 | 00,065,920 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\psched.sys
[2009-03-24 15:41:12 | 00,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\pci.sys
[2009-03-24 15:41:12 | 00,062,208 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\mf.sys
[2009-03-24 15:41:12 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\drmk.sys
[2009-03-24 15:41:12 | 00,056,960 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\nic1394.sys
[2009-03-24 15:41:12 | 00,056,064 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\ipsec.sys
[2009-03-24 15:41:12 | 00,056,064 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\ipsec.sys
[2009-03-24 15:41:12 | 00,055,808 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\redbook.sys
[2009-03-24 15:41:12 | 00,050,944 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\i8042prt.sys
[2009-03-24 15:41:12 | 00,050,048 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\dmusic.sys
[2009-03-24 15:41:12 | 00,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\rasl2tp.sys
[2009-03-24 15:41:12 | 00,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\rasl2tp.sys
[2009-03-24 15:41:12 | 00,046,464 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\raspptp.sys
[2009-03-24 15:41:12 | 00,046,464 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\raspptp.sys
[2009-03-24 15:41:12 | 00,039,296 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\imapi.sys
[2009-03-24 15:41:12 | 00,039,296 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\imapi.sys
[2009-03-24 15:41:12 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\raspppoe.sys
[2009-03-24 15:41:12 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\raspppoe.sys
[2009-03-24 15:41:12 | 00,037,760 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\nmnt.sys
[2009-03-24 15:41:12 | 00,037,760 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\nmnt.sys
[2009-03-24 15:41:12 | 00,037,504 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\mountmgr.sys
[2009-03-24 15:41:12 | 00,037,504 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\mountmgr.sys
[2009-03-24 15:41:12 | 00,034,816 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\p3.sys
[2009-03-24 15:41:12 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\msgpc.sys
[2009-03-24 15:41:12 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msgpc.sys
[2009-03-24 15:41:12 | 00,033,152 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\netbios.sys
[2009-03-24 15:41:12 | 00,033,152 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\hidclass.sys
[2009-03-24 15:41:12 | 00,033,152 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\netbios.sys
[2009-03-24 15:41:12 | 00,030,592 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\processr.sys
[2009-03-24 15:41:12 | 00,029,568 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\npfs.sys
[2009-03-24 15:41:12 | 00,029,568 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\npfs.sys
[2009-03-24 15:41:12 | 00,028,800 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\modem.sys
[2009-03-24 15:41:12 | 00,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\rndismp.sys
[2009-03-24 15:41:12 | 00,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\rndismp.sys
[2009-03-24 15:41:12 | 00,026,240 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\fdc.sys
[2009-03-24 15:41:12 | 00,023,680 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\pciidex.sys
[2009-03-24 15:41:12 | 00,023,680 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\hidparse.sys
[2009-03-24 15:41:12 | 00,023,424 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\kbdclass.sys
[2009-03-24 15:41:12 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\mouclass.sys
[2009-03-24 15:41:12 | 00,019,712 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\flpydisk.sys
[2009-03-24 15:41:12 | 00,019,584 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\ipinip.sys
[2009-03-24 15:41:12 | 00,019,584 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\ipinip.sys
[2009-03-24 15:41:12 | 00,018,048 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\msfs.sys
[2009-03-24 15:41:12 | 00,018,048 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msfs.sys
[2009-03-24 15:41:12 | 00,013,184 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\diskdump.sys
[2009-03-24 15:41:12 | 00,013,184 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\diskdump.sys
[2009-03-24 15:41:12 | 00,012,160 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\ndisuio.sys
[2009-03-24 15:41:12 | 00,010,496 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\irenum.sys
[2009-03-24 15:41:12 | 00,010,496 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\irenum.sys
[2009-03-24 15:41:12 | 00,008,064 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\ndisip.sys
[2009-03-24 15:41:12 | 00,006,400 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\mskssrv.sys
[2009-03-24 15:41:12 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\mspclock.sys
[2009-03-24 15:41:12 | 00,004,992 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\mstee.sys
[2009-03-24 15:41:12 | 00,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\mspqm.sys
[2009-03-24 15:41:12 | 00,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\intelide.sys
[2009-03-24 15:41:12 | 00,002,816 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\drmkaud.sys
[2009-03-24 15:41:11 | 00,089,984 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\scsiport.sys
[2009-03-24 15:41:11 | 00,089,984 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\scsiport.sys
[2009-03-24 15:41:11 | 00,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\serial.sys
[2009-03-24 15:41:11 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\sonydcam.sys
[2009-03-24 15:41:11 | 00,014,976 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\serenum.sys
[2009-03-24 15:41:11 | 00,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\slip.sys
[2009-03-24 15:41:11 | 00,010,496 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\sfloppy.sys
[2009-03-24 15:41:11 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\splitter.sys
[2009-03-24 15:41:10 | 01,896,704 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\ntkrnlpa.exe
[2009-03-24 15:41:10 | 00,330,368 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\srv.sys
[2009-03-24 15:41:10 | 00,330,368 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\srv.sys
[2009-03-24 15:41:10 | 00,327,168 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\tcpip.sys
[2009-03-24 15:41:10 | 00,327,168 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\tcpip.sys
[2009-03-24 15:41:10 | 00,180,032 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\tcpip6.sys
[2009-03-24 15:41:10 | 00,180,032 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\tcpip6.sys
[2009-03-24 15:41:10 | 00,137,088 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\update.sys
[2009-03-24 15:41:10 | 00,137,088 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\update.sys
[2009-03-24 15:41:10 | 00,128,768 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\hal.dll
[2009-03-24 15:41:10 | 00,123,264 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\usbport.sys
[2009-03-24 15:41:10 | 00,079,616 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\wdmaud.sys
[2009-03-24 15:41:10 | 00,070,400 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\sr.sys
[2009-03-24 15:41:10 | 00,070,400 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\sr.sys
[2009-03-24 15:41:10 | 00,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\videoprt.sys
[2009-03-24 15:41:10 | 00,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\videoprt.sys
[2009-03-24 15:41:10 | 00,063,872 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\udfs.sys
[2009-03-24 15:41:10 | 00,063,872 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\udfs.sys
[2009-03-24 15:41:10 | 00,057,472 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\sysaudio.sys
[2009-03-24 15:41:10 | 00,050,688 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\usbhub.sys
[2009-03-24 15:41:10 | 00,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\volsnap.sys
[2009-03-24 15:41:10 | 00,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\volsnap.sys
[2009-03-24 15:41:10 | 00,042,752 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\stream.sys
[2009-03-24 15:41:10 | 00,037,896 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\termdd.sys
[2009-03-24 15:41:10 | 00,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\wanarp.sys
[2009-03-24 15:41:10 | 00,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\wanarp.sys
[2009-03-24 15:41:10 | 00,024,960 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\usbccgp.sys
[2009-03-24 15:41:10 | 00,024,832 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\usbprint.sys
[2009-03-24 15:41:10 | 00,021,760 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\usbstor.sys
[2009-03-24 15:41:10 | 00,020,232 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\tdtcp.sys
[2009-03-24 15:41:10 | 00,020,232 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\tdtcp.sys
[2009-03-24 15:41:10 | 00,019,584 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\vga.sys
[2009-03-24 15:41:10 | 00,019,584 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\vga.sys
[2009-03-24 15:41:10 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\usbuhci.sys
[2009-03-24 15:41:10 | 00,018,560 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\wstcodec.sys
[2009-03-24 15:41:10 | 00,016,256 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\tdi.sys
[2009-03-24 15:41:10 | 00,016,256 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\tdi.sys
[2009-03-24 15:41:10 | 00,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\usbintel.sys
[2009-03-24 15:41:10 | 00,014,592 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\streamip.sys
[2009-03-24 15:41:10 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\usbscan.sys
[2009-03-24 15:41:10 | 00,013,696 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\tape.sys
[2009-03-24 15:41:10 | 00,013,696 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\tape.sys
[2009-03-24 15:41:10 | 00,011,144 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\tdpipe.sys
[2009-03-24 15:41:10 | 00,011,144 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\tdpipe.sys
[2009-03-24 15:41:10 | 00,011,136 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\usb8023.sys
[2009-03-24 15:41:10 | 00,011,136 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\usb8023.sys
[2009-03-24 15:41:10 | 00,004,352 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\viaide.sys
[2009-03-24 15:41:10 | 00,003,840 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\swenum.sys
[2009-03-24 15:41:09 | 01,982,208 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\ntoskrnl.exe
[2009-03-24 15:41:09 | 00,014,366 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\asfsipc.dll
[2009-03-24 15:41:09 | 00,014,366 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\asfsipc.dll
[2009-03-24 15:41:08 | 00,802,816 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dxmrtp.dll
[2009-03-24 15:41:08 | 00,802,816 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\dxmrtp.dll
[2009-03-24 15:41:08 | 00,550,400 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\rtcdll.dll
[2009-03-24 15:41:08 | 00,550,400 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\rtcdll.dll
[2009-03-24 15:41:08 | 00,405,504 | ---- | C] (Macromedia, Inc.) -- C:\WINNT\System32\dllcache\swflash.ocx
[2009-03-24 15:41:08 | 00,364,544 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\mstvca.dll
[2009-03-24 15:41:08 | 00,364,544 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\mstvca.dll
[2009-03-24 15:41:08 | 00,308,736 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\mstvgs.dll
[2009-03-24 15:41:08 | 00,308,736 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\mstvgs.dll
[2009-03-24 15:41:08 | 00,153,600 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\wuv3is.dll
[2009-03-24 15:41:08 | 00,153,600 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\wuv3is.dll
[2009-03-24 15:41:08 | 00,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\msdvdopt.dll
[2009-03-24 15:41:08 | 00,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msdvdopt.dll
[2009-03-24 15:41:08 | 00,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\iuctl.dll
[2009-03-24 15:41:08 | 00,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\iuctl.dll
[2009-03-24 15:41:08 | 00,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\mspmspsv.dll
[2009-03-24 15:41:08 | 00,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\mspmspsv.dll
[2009-03-24 15:41:08 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\wupdinfo.dll
[2009-03-24 15:41:08 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\wupdinfo.dll
[2009-03-24 15:41:07 | 01,026,828 | ---- | C] () -- C:\WINNT\System32\dllcache\sysmain.sdb
[2009-03-24 15:41:06 | 00,190,010 | ---- | C] () -- C:\WINNT\System32\dllcache\apphelp.sdb
[2009-03-24 15:41:06 | 00,134,164 | ---- | C] () -- C:\WINNT\System32\dllcache\msimain.sdb
[2009-03-24 15:41:06 | 00,008,104 | ---- | C] () -- C:\WINNT\System32\dllcache\drvmain.sdb
[2009-03-24 15:41:05 | 01,229,312 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\acgenral.dll
[2009-03-24 15:41:05 | 00,370,688 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\aclayers.dll
[2009-03-24 15:41:05 | 00,204,288 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\acspecfc.dll
[2009-03-24 15:41:05 | 00,148,480 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\acverfyr.dll
[2009-03-24 15:41:05 | 00,105,472 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\acxtrnal.dll
[2009-03-24 15:41:05 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\aclua.dll
[2009-03-24 15:41:04 | 01,761,253 | ---- | C] () -- C:\WINNT\System32\dllcache\nt5.cat
[2009-03-24 15:41:04 | 01,085,913 | ---- | C] () -- C:\WINNT\System32\dllcache\ntprint.cat
[2009-03-24 15:41:04 | 00,379,415 | ---- | C] () -- C:\WINNT\System32\dllcache\nt5inf.cat
[2009-03-24 15:41:04 | 00,031,136 | ---- | C] () -- C:\WINNT\System32\dllcache\fp4.cat
[2009-03-24 15:41:04 | 00,013,608 | ---- | C] () -- C:\WINNT\System32\dllcache\ims.cat
[2009-03-24 15:41:04 | 00,010,024 | ---- | C] () -- C:\WINNT\System32\dllcache\msmsgs.cat
[2009-03-24 15:41:04 | 00,007,100 | ---- | C] () -- C:\WINNT\System32\dllcache\mstsweb.cat
[2009-03-24 14:29:35 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\spmsg.dll
[2009-03-24 14:29:32 | 00,000,000 | ---D | C] -- C:\WINNT\System32\ReinstallBackups
[2009-03-24 14:25:36 | 00,926,720 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\_004060_.tmp.dll
[2009-03-24 14:25:36 | 00,674,304 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\_004051_.tmp.dll
[2009-03-24 14:25:36 | 00,630,784 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\_004041_.tmp.dll
[2009-03-24 14:25:36 | 00,569,344 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\_004046_.tmp.dll
[2009-03-24 14:25:36 | 00,557,568 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\_004068_.tmp.dll
[2009-03-24 14:25:36 | 00,549,888 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\_004072_.tmp.dll
[2009-03-24 14:25:36 | 00,411,136 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\_004036_.tmp.dll
[2009-03-24 14:25:36 | 00,292,352 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\_004058_.tmp.dll
[2009-03-24 14:25:36 | 00,214,528 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\_004043_.tmp.dll
[2009-03-24 14:25:36 | 00,133,632 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\_004033_.tmp.dll
[2009-03-24 14:25:36 | 00,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\_004032_.tmp.dll
[2009-03-24 14:25:36 | 00,098,816 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\_004064_.tmp.dll
[2009-03-24 14:25:36 | 00,087,040 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\_004028_.tmp.dll
[2009-03-24 14:25:36 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\_004029_.tmp.dll
[2009-03-24 14:25:36 | 00,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\_004066_.tmp.dll
[2009-03-24 14:25:34 | 00,095,232 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\_004020_.tmp.dll
[2009-03-24 14:25:33 | 00,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\_004019_.tmp.dll
[2009-03-24 14:25:33 | 00,120,832 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\_004018_.tmp.dll
[2009-03-24 14:25:33 | 00,068,224 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\_003995_.tmp.dll
[2009-03-23 00:25:44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Support.com
[2009-03-22 21:47:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2009-03-22 21:30:19 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2009-03-22 21:24:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
[2009-03-22 21:17:52 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\wingb.ime
[2009-03-22 21:17:50 | 00,041,600 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\weitekp9.dll
[2009-03-22 21:17:50 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\weitekp9.sys
[2009-03-22 21:17:47 | 00,048,256 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\w32.dll
[2009-03-22 21:17:41 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\tsprof.exe
[2009-03-22 21:17:38 | 00,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\thawbrkr.dll
[2009-03-22 21:17:37 | 00,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\tdipx.sys
[2009-03-22 21:17:37 | 00,019,464 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\tdspx.sys
[2009-03-22 21:17:37 | 00,013,192 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\tdasync.sys
[2009-03-22 21:17:33 | 00,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\srusbusd.dll
[2009-03-22 21:17:31 | 00,143,422 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\softkey.dll
[2009-03-22 21:17:31 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\EXCH_snprfdll.dll
[2009-03-22 21:17:30 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\snmpstup.dll
[2009-03-22 21:17:29 | 00,431,104 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\EXCH_smtpsvc.dll
[2009-03-22 21:17:29 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\EXCH_smtpctrs.dll
[2009-03-22 21:17:29 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\EXCH_smtpapi.dll
[2009-03-22 21:17:29 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\smimsgif.dll
[2009-03-22 21:17:29 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\smierrsy.dll
[2009-03-22 21:17:28 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\sm9aw.dll
[2009-03-22 21:17:28 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\smb6w.dll
[2009-03-22 21:17:28 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\sma3w.dll
[2009-03-22 21:17:28 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\sm93w.dll
[2009-03-22 21:17:28 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\sm92w.dll
[2009-03-22 21:17:28 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\sm90w.dll
[2009-03-22 21:17:28 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\sm8dw.dll
[2009-03-22 21:17:28 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\smierrsm.dll
[2009-03-22 21:17:27 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\sm87w.dll
[2009-03-22 21:17:27 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\sm81w.dll
[2009-03-22 21:17:27 | 00,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\sm8cw.dll
[2009-03-22 21:17:27 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\sm8aw.dll
[2009-03-22 21:17:27 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\sm89w.dll
[2009-03-22 21:17:27 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\sm59w.dll
[2009-03-22 21:17:27 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\simptcp.dll
[2009-03-22 21:17:19 | 00,205,824 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\EXCH_seo.dll
[2009-03-22 21:17:19 | 00,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\EXCH_scripto.dll
[2009-03-22 21:17:19 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\EXCH_seos.dll
[2009-03-22 21:17:17 | 00,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINNT\System32\dllcache\rwia330.dll
[2009-03-22 21:17:17 | 00,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINNT\System32\dllcache\rwia001.dll
[2009-03-22 21:17:17 | 00,026,624 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINNT\System32\dllcache\rw330ext.dll
[2009-03-22 21:17:17 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\rw001ext.dll
[2009-03-22 21:17:17 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\EXCH_rwnh.dll
[2009-03-22 21:17:15 | 00,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\EXCH_regtrace.exe
[2009-03-22 21:17:14 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\register.exe
[2009-03-22 21:17:12 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\quser.exe
[2009-03-22 21:17:12 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\query.exe
[2009-03-22 21:17:10 | 00,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\pmxviceo.dll
[2009-03-22 21:17:10 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\pmxmcro.dll
[2009-03-22 21:17:10 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\pmxgl.dll
[2009-03-22 21:17:07 | 00,036,927 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\padrs411.dll
[2009-03-22 21:17:07 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\padrs412.dll
[2009-03-22 21:17:04 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\EXCH_ntfsdrv.dll
[2009-03-22 21:17:00 | 00,229,439 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\multibox.dll
[2009-03-22 21:16:59 | 00,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\mtstocom.exe
[2009-03-22 21:16:55 | 01,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msir3jp.lex
[2009-03-22 21:16:55 | 00,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msir3jp.dll
[2009-03-22 21:16:48 | 00,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\mga.sys
[2009-03-22 21:16:48 | 00,092,032 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\mga.dll
[2009-03-22 21:16:47 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\EXCH_mailmsg.dll
[2009-03-22 21:16:43 | 01,158,818 | ---- | C] () -- C:\WINNT\System32\dllcache\korwbrkr.lex
[2009-03-22 21:16:43 | 00,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\korwbrkr.dll
[2009-03-22 21:16:42 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\kbdvntc.dll
[2009-03-22 21:16:42 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\kbdusa.dll
[2009-03-22 21:16:42 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\kbdurdu.dll
[2009-03-22 21:16:41 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\kbdth3.dll
[2009-03-22 21:16:41 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\kbdth2.dll
[2009-03-22 21:16:41 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\kbdth1.dll
[2009-03-22 21:16:41 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\kbdth0.dll
[2009-03-22 21:16:41 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\kbdsyr2.dll
[2009-03-22 21:16:41 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\kbdsyr1.dll
[2009-03-22 21:16:40 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\kbdnecat.dll
[2009-03-22 21:16:40 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\kbdnecnt.dll
[2009-03-22 21:16:40 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\kbdnec95.dll
[2009-03-22 21:16:40 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\kbdlk41a.dll
[2009-03-22 21:16:40 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\kbdlk41j.dll
[2009-03-22 21:16:39 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\kbdinpun.dll
[2009-03-22 21:16:39 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\kbdintel.dll
[2009-03-22 21:16:39 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\kbdintam.dll
[2009-03-22 21:16:39 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\kbdinmar.dll
[2009-03-22 21:16:39 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\kbdinkan.dll
[2009-03-22 21:16:39 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\kbdinhin.dll
[2009-03-22 21:16:38 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\kbdibm02.dll
[2009-03-22 21:16:38 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\kbdinguj.dll
[2009-03-22 21:16:38 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\kbdindev.dll
[2009-03-22 21:16:38 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\kbdheb.dll
[2009-03-22 21:16:38 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\kbdgeo.dll
[2009-03-22 21:16:37 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\kbdax2.dll
[2009-03-22 21:16:37 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\kbdfa.dll
[2009-03-22 21:16:37 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\kbddiv2.dll
[2009-03-22 21:16:37 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\kbddiv1.dll
[2009-03-22 21:16:37 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\kbdarmw.dll
[2009-03-22 21:16:37 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\kbdarme.dll
[2009-03-22 21:16:36 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\kbd106n.dll
[2009-03-22 21:16:36 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\kbd101a.dll
[2009-03-22 21:16:36 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\kbd101.dll
[2009-03-22 21:16:36 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\kbda3.dll
[2009-03-22 21:16:36 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\kbda2.dll
[2009-03-22 21:16:36 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\kbda1.dll
[2009-03-22 21:16:35 | 00,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\jupiw.dll
[2009-03-22 21:16:33 | 00,315,452 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\imskf.dll
[2009-03-22 21:16:32 | 00,471,102 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\imskdic.dll
[2009-03-22 21:16:32 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\imkrinst.exe
[2009-03-22 21:16:31 | 00,045,109 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\imjpuex.exe
[2009-03-22 21:16:30 | 00,057,398 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\imjpdadm.exe
[2009-03-22 21:16:29 | 00,311,359 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\imepadsv.exe
[2009-03-22 21:16:29 | 00,134,339 | ---- | C] () -- C:\WINNT\System32\dllcache\imekr.lex
[2009-03-22 21:16:29 | 00,102,463 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\imepadsm.dll
[2009-03-22 21:16:29 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\imekrmig.exe
[2009-03-22 21:16:23 | 10,129,408 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\hwxkor.dll
[2009-03-22 21:16:18 | 13,463,552 | ---- | C] () -- C:\WINNT\System32\dllcache\hwxjpn.dll
[2009-03-22 21:16:14 | 10,096,640 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\hwxcht.dll
[2009-03-22 21:16:13 | 00,108,827 | ---- | C] () -- C:\WINNT\System32\dllcache\hanja.lex
[2009-03-22 21:16:13 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\hanjadic.dll
[2009-03-22 21:16:11 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\fxsroute.dll
[2009-03-22 21:16:11 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\fxssend.exe
[2009-03-22 21:16:10 | 00,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\fxsclntr.dll
[2009-03-22 21:16:10 | 00,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\fxscfgwz.dll
[2009-03-22 21:16:09 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\ftlx041e.dll
[2009-03-22 21:16:08 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\EXCH_fcachdll.dll
[2009-03-22 21:16:08 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\flattemp.exe
[2009-03-22 21:16:07 | 00,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\et4000.sys
[2009-03-22 21:16:07 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\f3ahvoas.dll
[2009-03-22 21:16:06 | 00,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINNT\System32\dllcache\esuimgd.dll
[2009-03-22 21:16:06 | 00,045,056 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINNT\System32\dllcache\esunid.dll
[2009-03-22 21:16:06 | 00,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINNT\System32\dllcache\esucmd.dll
[2009-03-22 21:15:57 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\cprofile.exe
[2009-03-22 21:15:53 | 00,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\chtbrkr.dll
[2009-03-22 21:15:52 | 01,677,824 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\chsbrkr.dll
[2009-03-22 21:15:52 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\chgport.exe
[2009-03-22 21:15:52 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\chgusr.exe
[2009-03-22 21:15:52 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\chglogon.exe
[2009-03-22 21:15:52 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\change.exe
[2009-03-22 21:15:51 | 00,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINNT\System32\dllcache\cap7146.sys
[2009-03-22 21:15:50 | 00,218,112 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\c_g18030.dll
[2009-03-22 21:15:50 | 00,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\c_iscii.dll
[2009-03-22 21:15:50 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\c_is2022.dll
[2009-03-22 21:15:47 | 00,312,832 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\EXCH_aqueue.dll
[2009-03-22 21:15:47 | 00,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\EXCH_aqadmin.dll
[2009-03-22 21:15:46 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\agt0804.dll
[2009-03-22 21:15:46 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\agt0412.dll
[2009-03-22 21:15:46 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\agt0411.dll
[2009-03-22 21:15:46 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\agt040d.dll
[2009-03-22 21:15:46 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\agt0404.dll
[2009-03-22 21:15:46 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\agt0401.dll
[2009-03-22 21:15:45 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\EXCH_adsiisex.dll
[2009-03-22 21:15:39 | 02,134,528 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\EXCH_smtpsnap.dll
[2009-03-22 21:15:39 | 00,175,104 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\EXCH_smtpadm.dll
[2009-03-22 21:15:18 | 00,039,552 | ---- | C] (Brother Industries Ltd.) -- C:\WINNT\System32\drivers\BRPARWDM.SYS
[2009-03-22 21:15:03 | 00,000,000 | ---- | C] () -- C:\CONFIG.SYS
[2009-03-22 21:08:03 | 00,000,488 | RH-- | C] () -- C:\WINNT\System32\logonui.exe.manifest
[2009-03-22 21:07:54 | 00,000,749 | RH-- | C] () -- C:\WINNT\WindowsShell.Manifest
[2009-03-22 21:07:54 | 00,000,749 | RH-- | C] () -- C:\WINNT\System32\wuaucpl.cpl.manifest
[2009-03-22 21:07:54 | 00,000,749 | RH-- | C] () -- C:\WINNT\System32\sapi.cpl.manifest
[2009-03-22 21:07:54 | 00,000,749 | RH-- | C] () -- C:\WINNT\System32\ncpa.cpl.manifest
[2009-03-22 21:07:30 | 00,520,192 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\wmpvis.dll
[2009-03-22 21:07:29 | 00,319,551 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\wmmres.dll
[2009-03-22 21:07:29 | 00,163,906 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\wmmutil.dll
[2009-03-22 21:07:29 | 00,110,657 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\wmmfilt.dll
[2009-03-22 21:07:27 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msoobe.exe
[2009-03-22 21:07:12 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\icwtutor.exe
[2009-03-22 21:07:12 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\icwres.dll
[2009-03-22 21:07:12 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\trialoc.dll
[2009-03-22 21:06:49 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Pictures
[2009-03-22 21:06:49 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Music
[2009-03-22 21:05:31 | 00,082,432 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\comrepl.dll
[2009-03-22 21:05:31 | 00,082,432 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\comrepl.dll
[2009-03-22 21:05:31 | 00,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\stclient.dll
[2009-03-22 21:05:31 | 00,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\stclient.dll
[2009-03-22 21:05:31 | 00,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\comaddin.dll
[2009-03-22 21:05:31 | 00,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\comaddin.dll
[2009-03-22 21:05:31 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\mtxlegih.dll
[2009-03-22 21:05:31 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\mtxlegih.dll
[2009-03-22 21:05:31 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\mtxdm.dll
[2009-03-22 21:05:31 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\mtxdm.dll
[2009-03-22 21:05:31 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\dcomcnfg.exe
[2009-03-22 21:05:31 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\comrereg.exe
[2009-03-22 21:05:31 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dcomcnfg.exe
[2009-03-22 21:05:31 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\mtxex.dll
[2009-03-22 21:05:31 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\mtxex.dll
[2009-03-22 21:05:29 | 00,147,456 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\comsnap.dll
[2009-03-22 21:05:29 | 00,147,456 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\comsnap.dll
[2009-03-22 20:50:04 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\agt0408.dll
[2009-03-22 20:50:04 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\agt040e.dll
[2009-03-22 20:50:04 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\agt041f.dll
[2009-03-22 20:50:04 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\agt0419.dll
[2009-03-22 20:50:04 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\agt0415.dll
[2009-03-22 20:50:04 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\agt0405.dll
[2009-03-22 20:49:58 | 00,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINNT\System32\spxcoins.dll
[2009-03-22 20:49:58 | 00,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINNT\System32\dllcache\spxcoins.dll
[2009-03-22 20:49:58 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\irclass.dll
[2009-03-22 20:49:58 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\irclass.dll
[2009-03-22 20:49:50 | 00,000,084 | -HS- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\desktop.ini
[2009-03-22 20:49:50 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Documents\desktop.ini
[2009-03-22 20:49:50 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\desktop.ini
[2009-03-22 20:49:49 | 00,037,484 | ---- | C] () -- C:\WINNT\System32\dllcache\MW770.CAT
[2009-03-22 20:49:49 | 00,013,472 | ---- | C] () -- C:\WINNT\System32\dllcache\HPCRDP.CAT
[2009-03-22 20:49:49 | 00,008,574 | ---- | C] () -- C:\WINNT\System32\dllcache\IASNT4.CAT
[2009-03-22 20:49:49 | 00,007,046 | ---- | C] () -- C:\WINNT\System32\dllcache\OEMBIOS.CAT
[2009-03-22 20:49:48 | 00,797,189 | ---- | C] () -- C:\WINNT\System32\dllcache\NT5IIS.CAT
[2009-03-22 20:49:48 | 00,399,645 | ---- | C] () -- C:\WINNT\System32\dllcache\MAPIMIG.CAT
[2009-03-22 20:48:46 | 00,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2009-03-21 17:42:57 | 02,433,045 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\Chad.zip
[2009-03-21 17:35:53 | 12,170,900 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\My Documents.zip
[2009-03-21 17:34:01 | 00,070,260 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\Braeden-docs.zip
[2009-02-27 10:29:46 | 00,000,000 | RH-D | C] -- C:\$VAULT$.AVG

========== Files - Modified Within 30 Days ==========

[374 C:\WINNT\System32\*.tmp files]
[10 C:\WINNT\*.tmp files]
[3 C:\Documents and Settings\Owner\My Documents\*.tmp files]
[2013-08-26 06:38:02 | 00,001,025 | -HS- | M] () -- C:\WINNT\System32\l34501.sys
[2009-03-28 00:22:34 | 00,286,208 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\ptemqm3p.exe
[2009-03-27 12:30:20 | 00,375,808 | ---- | M] (Microsoft Corporation) -- C:\WINNT\System32\CF16848.exe
[2009-03-27 12:08:55 | 00,000,006 | -H-- | M] () -- C:\WINNT\tasks\SA.DAT
[2009-03-27 12:07:20 | 00,002,048 | --S- | M] () -- C:\WINNT\bootstat.dat
[2009-03-27 12:07:10 | 10,730,74176 | -HS- | M] () -- C:\hiberfil.sys
[2009-03-27 12:07:10 | 00,371,280 | ---- | M] () -- C:\WINNT\System32\FNTCACHE.DAT
[2009-03-27 11:20:50 | 00,000,320 | ---- | M] () -- C:\WINNT\Dsktop.ini
[2009-03-27 11:20:03 | 00,000,864 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Desktop Assistant.lnk
[2009-03-27 11:18:40 | 00,000,833 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\WinASO Registry Optimizer.lnk
[2009-03-27 11:15:10 | 00,001,158 | ---- | M] () -- C:\WINNT\System32\wpa.dbl
[2009-03-25 10:24:20 | 00,498,688 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTListIt2.exe
[2009-03-24 16:24:55 | 04,240,656 | -H-- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\IconCache.db
[2009-03-24 16:07:52 | 00,025,065 | ---- | M] () -- C:\WINNT\System32\wmpscheme.xml
[2009-03-24 16:07:49 | 00,023,392 | ---- | M] () -- C:\WINNT\System32\nscompat.tlb
[2009-03-24 16:07:49 | 00,016,832 | ---- | M] () -- C:\WINNT\System32\amcompat.tlb
[2009-03-24 15:57:36 | 00,002,848 | ---- | M] () -- C:\WINNT\System32\spupdsvc.inf
[2009-03-24 15:51:51 | 00,222,368 | RHS- | M] () -- C:\ntldr
[2009-03-24 15:51:51 | 00,045,124 | RHS- | M] () -- C:\NTDETECT.COM
[2009-03-24 14:56:59 | 00,001,480 | ---- | M] () -- C:\WINNT\win.ini
[2009-03-24 14:56:59 | 00,000,327 | ---- | M] () -- C:\WINNT\system.ini
[2009-03-24 14:56:59 | 00,000,207 | -HS- | M] () -- C:\boot.ini
[2009-03-24 14:53:05 | 00,299,552 | ---- | M] () -- C:\WINNT\WMSysPrx.prx
[2009-03-22 21:31:00 | 00,501,674 | ---- | M] () -- C:\WINNT\System32\PerfStringBackup.INI
[2009-03-22 21:31:00 | 00,422,210 | ---- | M] () -- C:\WINNT\System32\perfh009.dat
[2009-03-22 21:31:00 | 00,070,732 | ---- | M] () -- C:\WINNT\System32\perfc009.dat
[2009-03-22 21:19:56 | 00,000,350 | ---- | M] () -- C:\WINNT\System32\$winnt$.inf
[2009-03-22 21:15:05 | 00,000,084 | -HS- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\desktop.ini
[2009-03-22 21:15:03 | 00,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2009-03-22 21:13:35 | 00,004,073 | ---- | M] () -- C:\WINNT\ODBCINST.INI
[2009-03-22 21:08:03 | 00,000,488 | RH-- | M] () -- C:\WINNT\System32\WindowsLogon.manifest
[2009-03-22 21:08:03 | 00,000,488 | RH-- | M] () -- C:\WINNT\System32\logonui.exe.manifest
[2009-03-22 21:07:54 | 00,000,749 | RH-- | M] () -- C:\WINNT\WindowsShell.Manifest
[2009-03-22 21:07:54 | 00,000,749 | RH-- | M] () -- C:\WINNT\System32\wuaucpl.cpl.manifest
[2009-03-22 21:07:54 | 00,000,749 | RH-- | M] () -- C:\WINNT\System32\sapi.cpl.manifest
[2009-03-22 21:07:54 | 00,000,749 | RH-- | M] () -- C:\WINNT\System32\nwc.cpl.manifest
[2009-03-22 21:07:54 | 00,000,749 | RH-- | M] () -- C:\WINNT\System32\ncpa.cpl.manifest
[2009-03-22 21:07:54 | 00,000,749 | RH-- | M] () -- C:\WINNT\System32\cdplayer.exe.manifest
[2009-03-22 21:06:44 | 00,023,348 | ---- | M] () -- C:\WINNT\System32\emptyregdb.dat
[2009-03-22 20:49:50 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\All Users\Documents\desktop.ini
[2009-03-22 20:49:50 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\desktop.ini
[2009-03-21 17:43:07 | 02,433,045 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\Chad.zip
[2009-03-21 17:37:50 | 12,170,900 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\My Documents.zip
[2009-03-21 17:34:01 | 00,070,260 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\Braeden-docs.zip
< End of report >

#6 oldrndrt

oldrndrt
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:03 PM

Posted 28 March 2009 - 04:21 AM

Sam,

Here is the second file/report generated by OTListIT2. The file was named "Extras.txt":


OTListIt Extras logfile created on: 2009-03-28 00:25:30 - Run 1
OTListIt2 by OldTimer - Version 2.0.7.2 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Home Edition (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2600.0000)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: yyyy-MM-dd

1023.30 Mb Total Physical Memory | 727.80 Mb Available Physical Memory | 71.12% Memory free
2.40 Gb Paging File | 2.16 Gb Available in Paging File | 89.84% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072;

%SystemDrive% = C: | %SystemRoot% = C:\WINNT | %ProgramFiles% = C:\Program Files
Drive C: | 37.27 Gb Total Space | 15.88 Gb Free Space | 42.60% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 28.62 Gb Total Space | 10.94 Gb Free Space | 38.24% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: HOMECOMPUTER
Current User Name: Owner
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Output = Standard
File Age = 30 Days
Company Name Whitelist: On

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[2008-04-13 13:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation) -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
File not found -- C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1
File not found -- C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
File not found -- C:\PROGRA~1\Yahoo!\MESSEN~1\YPAGER.EXE:*:Enabled:Yahoo! Messenger
[2007-07-16 15:17:40 | 00,091,376 | ---- | M] (Yahoo! Inc.) -- C:\PROGRA~1\Yahoo!\MESSEN~1\yserver.exe:*:Enabled:Yahoo! FT Server
[2008-01-14 13:34:10 | 00,208,941 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer
File not found -- C:\My Downloads\LimeWire\LimeWire.exe:*:Enabled:LimeWire
[2004-05-03 13:39:58 | 03,756,032 | ---- | M] () -- C:\Program Files\CoffeeCup Software\CoffeeCup Free FTP\FreeFTP.exe:*:Enabled:FreeFTP
File not found -- C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe:*:Enabled:Kodak Software Updater
[2005-10-31 10:56:00 | 00,700,416 | ---- | M] (LimeWire) -- C:\StubInstaller.exe:*:Disabled:LimeWire swarmed installer
[2008-11-04 11:31:14 | 07,685,424 | ---- | M] (Apple Inc.) -- C:\Program Files\QuickTime\QuickTimePlayer.exe:*:Enabled:QuickTime Player
[2008-09-18 13:50:21 | 00,147,456 | ---- | M] (Lime Wire, LLC) -- C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire
[2003-05-14 05:21:28 | 01,847,296 | ---- | M] (Support.com, Inc.) -- C:\Program Files\Support.com\bin\tgcmd.exe:*:Disabled:Support.com Scheduler and Command Dispatcher
[2008-04-13 19:12:28 | 01,695,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger
File not found -- C:\Program Files\Grisoft\AVG7\avginet.exe:*:Enabled:avginet.exe
File not found -- C:\Program Files\Grisoft\AVG7\avgamsvr.exe:*:Enabled:avgamsvr.exe
File not found -- C:\Program Files\Grisoft\AVG7\avgcc.exe:*:Enabled:avgcc.exe
[2008-04-13 13:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation) -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
[2007-07-16 15:17:38 | 04,670,704 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger
[2004-03-04 11:26:20 | 00,174,592 | ---- | M] (Lexmark International, Inc.) -- C:\WINNT\system32\LEXPPS.EXE:*:Enabled:LEXPPS.EXE
File not found -- C:\Program Files\Yahoo! Games\Flip Words\FlipWords.exe:*:Enabled:FlipWords
File not found -- C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1
File not found -- C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)
[2008-06-04 01:18:11 | 00,796,440 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe
[2008-11-20 14:20:48 | 14,294,824 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes
[2008-12-12 12:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour
File not found -- C:\WINNT\system32\javacypt.exe:*:Enabled:Explorer

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{01001202-823E-46CD-A70E-BEE818F97169}" = Microsoft Encarta Encyclopedia Standard 2002
"{0456ebd7-5f67-4ab6-852e-63781e3f389c}" = Macromedia Flash Player
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{0D048BE8-AE02-4CB5-A428-616B9848E4A7}" = BlackBerry Desktop Software 4.3
"{12BDDF23-B1DB-49C8-92D3-3E6841CCED61}" = Microsoft Streets and Trips 2002
"{172423F9-522A-483A-AD65-03600CE4CA4F}" = Microsoft Works 6-9 Converter
"{225AF9A1-B556-88D5-94AA-0010B5426419}" = My DSC
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2A9C3F41-DACA-37AB-84FB-2E6193C42151}" = Google Gears
"{2DFF31F9-7893-4922-AF66-C9A1EB4EBB31}" = Rhapsody Player Engine
"{318AB667-3230-41B5-A617-CB3BF748D371}" = iTunes
"{3248F0A8-6813-11D6-A77B-00B0D0150040}" = J2SE Runtime Environment 5.0 Update 4
"{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
"{3248F0A8-6813-11D6-A77B-00B0D0150110}" = J2SE Runtime Environment 5.0 Update 11
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java™ 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java™ 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java™ 6 Update 7
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{43F29DE6-D9D6-11D5-A857-0010B508C148}" = Human Neuroanatomy
"{55A369BE-C40B-4699-99AD-0563A9D9C237}" = ArcSoft VideoImpression 1.6
"{582D2A53-F426-4C5E-A2E6-43C1AB36B907}" = Safari
"{5EED93A8-33AD-46A7-A6AC-4DEAFBEFEEE1}" = Roxio Media Manager
"{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}" = Windows Genuine Advantage v1.3.0254.0
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6DA9102E-199F-43A0-A36B-6EF48081A658}" = MobileMe Control Panel
"{6ECB39BD-73C2-44DD-B1A0-898207C58D8B}" = HP Photo and Imaging 2.0 - All-in-One Drivers
"{7148F0A8-6813-11D6-A77B-00B0D0142090}" = Java 2 Runtime Environment, SE v1.4.2_09
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{797703D4-461B-4BC9-AACA-292917F3A47F}" = ArcSoft PhotoImpression
"{7FB6053A-C51D-4508-A7FD-75F2C0C921AD}" = Picaboo 2.0.406
"{82DFB852-9594-4668-9C66-28BB6E94BCB2}" = hp psc 2100 series
"{8DE73C0C-34EA-4888-86DB-EEDB9B69DB94}" = HelpSpot
"{90AF0409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office PowerPoint Viewer 2003
"{91110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{949460AD-3C77-44FD-8D78-BF605EF28114}" = EMEA02
"{9867A917-5D17-40DE-83BA-BEA5293194B1}" = HP Photo and Imaging 2.0 - All-in-One
"{9F185C48-595B-401A-A1D6-AAB324890DC4}" = GiPo@MoveOnBoot 1.9.5
"{A1B7B9B3-E1D2-41CA-9B4A-F18DC2710704}" = Microsoft Works 6.0
"{A5460871-42FF-45CD-A634-01C755E9CEA1}" = ArcSoft PhotoBase 3
"{A586D09E-1D2C-11D3-9A6B-00105A98B681}" = Microsoft Picture It! Express 2000
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-A71000000002}" = Adobe Reader 7.1.0
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B41FCFEE-EA00-496C-8387-82E730E334FD}" = eyeQ
"{B508B3F1-A24A-32C0-B310-85786919EF28}" = Microsoft .NET Framework 2.0 Service Pack 1
"{B66899F2-C58D-4CEC-9FA8-867883FFB707}" = CoffeeCup Free FTP
"{BA68600E-96D9-4E92-80F2-26B9681B5A63}" = Microsoft Office Outlook 2003 with Business Contact Manager Update
"{BD3DCAB0-3FE5-44FB-90DA-EFB0A2CD1387}" = Works Synchronization
"{C1939820-A945-11D4-86F6-0001031E5712}" = DVD Player
"{C3A439E4-7303-491F-A678-CEA36A87D517}" = Microsoft Works Suite Add-in for Microsoft Word
"{C769A271-7E1C-48F9-B331-474600DD4C06}" = Microsoft Picture It! Photo 2002
"{C8F7C1E5-0150-11D6-A96C-00D05908F85D}" = USB Driver
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CF5193F7-6B37-11D5-B7D2-00AA00A204F1}" = Microsoft Money 2002 System Pack
"{DC19E750-988B-4005-A355-85EF66055EFE}" = Works Suite OS Pack
"{DCBD0769-BAD5-40AD-BCD9-68FADC5231D5}" = ArcSoft Funhouse
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E09B48B5-E141-427A-AB0C-D3605127224A}" = Microsoft SQL Server Desktop Engine (MICROSOFTSMLBIZ)
"{E2B5C27E-5937-4F44-84F8-0104D1FF1C0B}" = green label Calendars
"{E3436EE2-D5CB-4249-840B-3A0140CC34C3}" = PhoneTools
"{E7298FD5-1386-11D5-8D6C-0050DAD32D95}" = Microsoft Money 2002
"{EC4455AB-F155-4CC1-A4C5-88F3777F9886}" = Apple Mobile Device Support
"{F3301464-BA26-11D3-8D89-00D0B7218812}" = 2Wire Gateway
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F958CA02-BB40-4007-894B-258729456EE4}" = QuickTime
"Ad-Aware" = Ad-Aware
"Ad-aware 6 Personal" = Ad-aware 6 Personal
"Adobe Acrobat 5.0" = Adobe Acrobat 5.0
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"AVG8Uninstall" = AVG Free 8.0
"BlackBerry_{0D048BE8-AE02-4CB5-A428-616B9848E4A7}" = BlackBerry Desktop Software 4.3
"Charter" = Charter Pipeline Professor
"Charter Automated Solution Controls Installation_is1" = Charter Solution Controls Installation
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Dell Photo Printer 720" = Dell Photo Printer 720
"Desktop Assistant" = Desktop Assistant
"EasyGPS_is1" = EasyGPS 3.0
"EPSON Printer and Utilities" = EPSON Printer Software
"goodsearch" = GoodSearch Toolbar
"GTW V.92 Voice Modem" = GTW V.92 Voice Modem
"HijackThis" = HijackThis 2.0.2
"HOPDKey" = Hooked on Phonics Learn to Read
"hp instant support" = hp instant support
"HP PSC 2100 Series" = HP Photo and Imaging 2.0 - hp psc 2100 series
"hyy_0405_calendar2" = hyy_0405_calendar2 Wallpaper
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"InstallShield_{43F29DE6-D9D6-11D5-A857-0010B508C148}" = Human Neuroanatomy
"LimeWire" = LimeWire 4.18.8
"LiveReg" = LiveReg (Symantec Corporation)
"LiveUpdate" = LiveUpdate 1.80 (Symantec Corporation)
"Macromedia Shockwave Player" = Macromedia Shockwave Player
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA" = NVIDIA Windows 2000/XP Display Drivers
"NVIDIA Display Driver" = NVIDIA Display Driver
"PCDoctor" = PC-Doctor for Windows
"PhoTagsExpress" = PhoTags Express
"PhotoScape" = PhotoScape
"Picasa2" = Picasa 2
"PROSet" = Intel® PRO Network Adapters and Drivers
"RealPlayer 6.0" = RealPlayer
"Shockwave" = Shockwave
"Sierra Home Architect" = Sierra Home Architect
"SK_PS2MillenniumKeyboard" = PS/2 Millennium Keyboard
"SmartDraw 7 Trial Edition" = SmartDraw 7 Trial Edition
"TaxACT 2003" = TaxACT 2003
"TaxACT 2004" = TaxACT 2004
"TaxACT 2005" = TaxACT 2005
"TaxACT 2006" = TaxACT 2006
"TaxACT 2007" = TaxACT 2007
"ViewpointMediaPlayer" = Viewpoint Media Player (Remove Only)
"WeatherBug" = WeatherBug
"WinASO Registry Optimizer 4.2_is1" = WinASO Registry Optimizer 4.2
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinZip" = WinZip
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Works2002Setup" = Microsoft Works 2002 Setup Launcher
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Mail" = Yahoo! Internet Mail
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Toolbar" = Yahoo! Toolbar
"YInstHelper" = Yahoo! Install Manager

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Move Networks Player - IE" = Move Networks Media Player for Internet Explorer

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-4258192708-3009342548-3091673561-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Move Networks Player - IE" = Move Networks Media Player for Internet Explorer

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 2009-03-24 05:57:57 | Computer Name = HOMECOMPUTER | Source = Google Update | ID = 20
Description =

Error - 2009-03-24 06:05:16 | Computer Name = HOMECOMPUTER | Source = Application Error | ID = 1000
Description = Faulting application aawtray.exe, version 8.0.0.0, faulting module
aawtray.exe, version 8.0.0.0, fault address 0x00006323.

Error - 2009-03-24 17:11:22 | Computer Name = HOMECOMPUTER | Source = EventSystem | ID = 4609
Description = The COM+ Event System detected a bad return code during its internal
processing. HRESULT was 8007043C from line 44 of d:\nt\com\com1x\src\events\tier1\eventsystemobj.cpp.
Please contact Microsoft Product Support Services to report this erro

Error - 2009-03-24 17:11:22 | Computer Name = HOMECOMPUTER | Source = VSS | ID = 8193
Description = Volume Shadow Copy Service error: Unexpected error calling routine
CoCreateInstance. hr = 0x80040206.

Error - 2009-03-26 03:47:07 | Computer Name = HOMECOMPUTER | Source = EventSystem | ID = 4609
Description = The COM+ Event System detected a bad return code during its internal
processing. HRESULT was 8007043C from line 44 of d:\nt\com\com1x\src\events\tier1\eventsystemobj.cpp.
Please contact Microsoft Product Support Services to report this erro

Error - 2009-03-26 03:47:07 | Computer Name = HOMECOMPUTER | Source = VSS | ID = 8193
Description = Volume Shadow Copy Service error: Unexpected error calling routine
CoCreateInstance. hr = 0x80040206.

Error - 2009-03-26 04:01:55 | Computer Name = HOMECOMPUTER | Source = Lavasoft Ad-Aware Service | ID = 0
Description =

Error - 2009-03-26 10:51:24 | Computer Name = HOMECOMPUTER | Source = Lavasoft Ad-Aware Service | ID = 0
Description =

Error - 2009-03-27 12:20:38 | Computer Name = HOMECOMPUTER | Source = MsiInstaller | ID = 11706
Description = Product: SpywareRemover -- Error 1706.No valid source could be found
for product SpywareRemover. The Windows Installer cannot continue.

Error - 2009-03-27 12:20:49 | Computer Name = HOMECOMPUTER | Source = MsiInstaller | ID = 11706
Description = Product: SpywareRemover -- Error 1706.No valid source could be found
for product SpywareRemover. The Windows Installer cannot continue.

[ System Events ]
Error - 2009-03-27 13:32:45 | Computer Name = HOMECOMPUTER | Source = SideBySide | ID = 16842816
Description = Syntax error in manifest or policy file "C:\WINNT\WinSxS\Policies\x86_Policy.6.0.Microsoft.Windows.Common-Controls_6595b64144ccf1df_x-ww_5ddad775\6.0.2600.5512.Policy"
on line 9. The root or application manifest contains the noInherit element but the
dependent assembly manifest does not contain the noInheritable element. Application
manifests which contain the noInherit element may only depend on assemblies which
are noInheritable.

Error - 2009-03-27 13:32:45 | Computer Name = HOMECOMPUTER | Source = SideBySide | ID = 16842810
Description = Syntax error in manifest or policy file "C:\WINNT\WinSxS\Policies\x86_Policy.6.0.Microsoft.Windows.Common-Controls_6595b64144ccf1df_x-ww_5ddad775\6.0.2600.5512.Policy"
on line 9.

Error - 2009-03-27 13:32:45 | Computer Name = HOMECOMPUTER | Source = SideBySide | ID = 16842785
Description = The application failed to launch because of an invalid manifest.

Error - 2009-03-27 13:32:45 | Computer Name = HOMECOMPUTER | Source = SideBySide | ID = 16842811
Description = Resolve Partial Assembly failed for Microsoft.Windows.Common-Controls.
Reference
error message: The manifest file contains one or more syntax errors. .

Error - 2009-03-27 13:32:45 | Computer Name = HOMECOMPUTER | Source = SideBySide | ID = 16842811
Description = Generate Activation Context failed for C:\Program Files\Microsoft
Office\OFFICE11\msohev.dll. Reference error message: The operation completed successfully.
.

Error - 2009-03-27 13:32:45 | Computer Name = HOMECOMPUTER | Source = SideBySide | ID = 16842816
Description = Syntax error in manifest or policy file "C:\WINNT\WinSxS\Policies\x86_Policy.6.0.Microsoft.Windows.Common-Controls_6595b64144ccf1df_x-ww_5ddad775\6.0.2600.5512.Policy"
on line 9. The root or application manifest contains the noInherit element but the
dependent assembly manifest does not contain the noInheritable element. Application
manifests which contain the noInherit element may only depend on assemblies which
are noInheritable.

Error - 2009-03-27 13:32:45 | Computer Name = HOMECOMPUTER | Source = SideBySide | ID = 16842810
Description = Syntax error in manifest or policy file "C:\WINNT\WinSxS\Policies\x86_Policy.6.0.Microsoft.Windows.Common-Controls_6595b64144ccf1df_x-ww_5ddad775\6.0.2600.5512.Policy"
on line 9.

Error - 2009-03-27 13:32:45 | Computer Name = HOMECOMPUTER | Source = SideBySide | ID = 16842785
Description = The application failed to launch because of an invalid manifest.

Error - 2009-03-27 13:32:45 | Computer Name = HOMECOMPUTER | Source = SideBySide | ID = 16842811
Description = Resolve Partial Assembly failed for Microsoft.Windows.Common-Controls.
Reference
error message: The manifest file contains one or more syntax errors. .

Error - 2009-03-27 13:32:45 | Computer Name = HOMECOMPUTER | Source = SideBySide | ID = 16842811
Description = Generate Activation Context failed for C:\Program Files\Microsoft
Office\OFFICE11\msohev.dll. Reference error message: The operation completed successfully.
.


< End of report >

#7 oldrndrt

oldrndrt
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:03 PM

Posted 28 March 2009 - 04:23 AM

Sam,

Here is the content of the file/report generated by GMER:

GMER 1.0.15.14966 - http://www.gmer.net
Rootkit scan 2009-03-28 03:08:29
Windows 5.1.2600


---- System - GMER 1.0.15 ----

Code 865ABE18 ZwEnumerateKey
Code 865ABDE0 ZwFlushInstructionCache
Code 865C096E IofCallDriver
Code 865B01D6 IofCompleteRequest

---- Kernel code sections - GMER 1.0.15 ----

.text ntoskrnl.exe!KeInitializeInterrupt + B79 804D4F8E 1 Byte [06]
.text ntoskrnl.exe!IofCallDriver 804EC022 5 Bytes JMP 865C0973
.text ntoskrnl.exe!IofCompleteRequest 804EC051 5 Bytes JMP 865B01DB
PAGE ntoskrnl.exe!ZwEnumerateKey 8056A5DC 5 Bytes JMP 865ABE1C
PAGE ntoskrnl.exe!ZwFlushInstructionCache 8057C60F 5 Bytes JMP 865ABDE4
? C:\ComboFix\catchme.sys The system cannot find the file specified. !

---- Kernel IAT/EAT - GMER 1.0.15 ----

IAT \SystemRoot\System32\DRIVERS\rasl2tp.sys[NDIS.SYS!NdisMRegisterMiniport] [F768451E] IPVNMon.sys (IPVNMon/Visual Networks)
IAT \SystemRoot\System32\DRIVERS\rasl2tp.sys[NDIS.SYS!NdisMSetAttributesEx] [F7684744] IPVNMon.sys (IPVNMon/Visual Networks)
IAT \SystemRoot\System32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisCloseAdapter] [F768471A] IPVNMon.sys (IPVNMon/Visual Networks)
IAT \SystemRoot\System32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisOpenAdapter] [F76846A7] IPVNMon.sys (IPVNMon/Visual Networks)
IAT \SystemRoot\System32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisMSetAttributesEx] [F7684744] IPVNMon.sys (IPVNMon/Visual Networks)
IAT \SystemRoot\System32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisRegisterProtocol] [F7684380] IPVNMon.sys (IPVNMon/Visual Networks)
IAT \SystemRoot\System32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisMRegisterMiniport] [F768451E] IPVNMon.sys (IPVNMon/Visual Networks)
IAT \SystemRoot\System32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisCloseAdapter] [F768471A] IPVNMon.sys (IPVNMon/Visual Networks)
IAT \SystemRoot\System32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisOpenAdapter] [F76846A7] IPVNMon.sys (IPVNMon/Visual Networks)
IAT \SystemRoot\System32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisRegisterProtocol] [F7684380] IPVNMon.sys (IPVNMon/Visual Networks)
IAT \SystemRoot\System32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisMSetAttributesEx] [F7684744] IPVNMon.sys (IPVNMon/Visual Networks)
IAT \SystemRoot\System32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisMRegisterMiniport] [F768451E] IPVNMon.sys (IPVNMon/Visual Networks)
IAT \SystemRoot\System32\DRIVERS\raspptp.sys[NDIS.SYS!NdisMRegisterMiniport] [F768451E] IPVNMon.sys (IPVNMon/Visual Networks)
IAT \SystemRoot\System32\DRIVERS\raspptp.sys[NDIS.SYS!NdisMSetAttributesEx] [F7684744] IPVNMon.sys (IPVNMon/Visual Networks)
IAT \SystemRoot\System32\DRIVERS\raspti.sys[NDIS.SYS!NdisMSetAttributesEx] [F7684744] IPVNMon.sys (IPVNMon/Visual Networks)
IAT \SystemRoot\System32\DRIVERS\raspti.sys[NDIS.SYS!NdisMRegisterMiniport] [F768451E] IPVNMon.sys (IPVNMon/Visual Networks)
IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisRegisterProtocol] [F7684380] IPVNMon.sys (IPVNMon/Visual Networks)
IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisCloseAdapter] [F768471A] IPVNMon.sys (IPVNMon/Visual Networks)
IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisOpenAdapter] [F76846A7] IPVNMon.sys (IPVNMon/Visual Networks)
IAT \SystemRoot\System32\DRIVERS\tcpip.sys[NDIS.SYS!NdisCloseAdapter] [F768471A] IPVNMon.sys (IPVNMon/Visual Networks)
IAT \SystemRoot\System32\DRIVERS\tcpip.sys[NDIS.SYS!NdisRegisterProtocol] [F7684380] IPVNMon.sys (IPVNMon/Visual Networks)
IAT \SystemRoot\System32\DRIVERS\tcpip.sys[NDIS.SYS!NdisOpenAdapter] [F76846A7] IPVNMon.sys (IPVNMon/Visual Networks)
IAT \SystemRoot\System32\DRIVERS\wanarp.sys[NDIS.SYS!NdisRegisterProtocol] [F7684380] IPVNMon.sys (IPVNMon/Visual Networks)
IAT \SystemRoot\System32\DRIVERS\wanarp.sys[NDIS.SYS!NdisOpenAdapter] [F76846A7] IPVNMon.sys (IPVNMon/Visual Networks)
IAT \SystemRoot\System32\DRIVERS\wanarp.sys[NDIS.SYS!NdisCloseAdapter] [F768471A] IPVNMon.sys (IPVNMon/Visual Networks)
IAT \SystemRoot\System32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisRegisterProtocol] [F7684380] IPVNMon.sys (IPVNMon/Visual Networks)
IAT \SystemRoot\System32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisCloseAdapter] [F768471A] IPVNMon.sys (IPVNMon/Visual Networks)
IAT \SystemRoot\System32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisOpenAdapter] [F76846A7] IPVNMon.sys (IPVNMon/Visual Networks)

---- Services - GMER 1.0.15 ----

Service C:\WINNT\system32\drivers\UACwnfyqlpr.sys (*** hidden *** ) [SYSTEM] UACd.sys <-- ROOTKIT !!!

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\UACd.sys
Reg HKLM\SYSTEM\CurrentControlSet\Services\UACd.sys@start 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\UACd.sys@type 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\UACd.sys@imagepath \systemroot\system32\drivers\UACwnfyqlpr.sys
Reg HKLM\SYSTEM\CurrentControlSet\Services\UACd.sys@group file system
Reg HKLM\SYSTEM\CurrentControlSet\Services\UACd.sys\modules
Reg HKLM\SYSTEM\CurrentControlSet\Services\UACd.sys\modules@UACd \\?\globalroot\systemroot\system32\drivers\UACwnfyqlpr.sys
Reg HKLM\SYSTEM\CurrentControlSet\Services\UACd.sys\modules@UACc \\?\globalroot\systemroot\system32\UACdqxndlax.dll
Reg HKLM\SYSTEM\CurrentControlSet\Services\UACd.sys\modules@UACsr \\?\globalroot\systemroot\system32\UACjoqhxwbu.dat
Reg HKLM\SYSTEM\ControlSet002\Services\UACd.sys
Reg HKLM\SYSTEM\ControlSet002\Services\UACd.sys@start 1
Reg HKLM\SYSTEM\ControlSet002\Services\UACd.sys@type 1
Reg HKLM\SYSTEM\ControlSet002\Services\UACd.sys@imagepath \systemroot\system32\drivers\UACwnfyqlpr.sys
Reg HKLM\SYSTEM\ControlSet002\Services\UACd.sys@group file system
Reg HKLM\SYSTEM\ControlSet002\Services\UACd.sys\modules
Reg HKLM\SYSTEM\ControlSet002\Services\UACd.sys\modules@UACd \\?\globalroot\systemroot\system32\drivers\UACwnfyqlpr.sys
Reg HKLM\SYSTEM\ControlSet002\Services\UACd.sys\modules@UACc \\?\globalroot\systemroot\system32\UACdqxndlax.dll
Reg HKLM\SYSTEM\ControlSet002\Services\UACd.sys\modules@UACsr \\?\globalroot\systemroot\system32\UACjoqhxwbu.dat
Reg HKLM\SYSTEM\ControlSet003\Services\UACd.sys
Reg HKLM\SYSTEM\ControlSet003\Services\UACd.sys@start 1
Reg HKLM\SYSTEM\ControlSet003\Services\UACd.sys@type 1
Reg HKLM\SYSTEM\ControlSet003\Services\UACd.sys@imagepath \systemroot\system32\drivers\UACwnfyqlpr.sys
Reg HKLM\SYSTEM\ControlSet003\Services\UACd.sys@group file system
Reg HKLM\SYSTEM\ControlSet003\Services\UACd.sys\modules
Reg HKLM\SYSTEM\ControlSet003\Services\UACd.sys\modules@UACd \\?\globalroot\systemroot\system32\drivers\UACwnfyqlpr.sys
Reg HKLM\SYSTEM\ControlSet003\Services\UACd.sys\modules@UACc \\?\globalroot\systemroot\system32\UACdqxndlax.dll
Reg HKLM\SYSTEM\ControlSet003\Services\UACd.sys\modules@UACsr \\?\globalroot\systemroot\system32\UACjoqhxwbu.dat
Reg HKLM\SYSTEM\ControlSet004\Services\UACd.sys
Reg HKLM\SYSTEM\ControlSet004\Services\UACd.sys@start 1
Reg HKLM\SYSTEM\ControlSet004\Services\UACd.sys@type 1
Reg HKLM\SYSTEM\ControlSet004\Services\UACd.sys@imagepath \systemroot\system32\drivers\UACwnfyqlpr.sys
Reg HKLM\SYSTEM\ControlSet004\Services\UACd.sys@group file system
Reg HKLM\SYSTEM\ControlSet004\Services\UACd.sys\modules
Reg HKLM\SYSTEM\ControlSet004\Services\UACd.sys\modules@UACd \\?\globalroot\systemroot\system32\drivers\UACwnfyqlpr.sys
Reg HKLM\SYSTEM\ControlSet004\Services\UACd.sys\modules@UACc \\?\globalroot\systemroot\system32\UACdqxndlax.dll
Reg HKLM\SYSTEM\ControlSet004\Services\UACd.sys\modules@UACsr \\?\globalroot\systemroot\system32\UACjoqhxwbu.dat
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@AppInit_DLLs avgrsstx.dll
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@DeviceNotSelectedTimeout 15
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@GDIProcessHandleQuota 10000
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@Spooler yes
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@swapdisk
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@TransmissionRetryTimeout 90
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@USERProcessHandleQuota 10000

---- Files - GMER 1.0.15 ----

File C:\WINNT\system32\UACdqxndlax.dll 30208 bytes executable
File C:\WINNT\system32\drivers\UACwnfyqlpr.sys 56320 bytes executable <-- ROOTKIT !!!
File C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\FRBX7YFW\www.joinameriprise.com.\careers 0 bytes
File C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\FRBX7YFW\www.joinameriprise.com.\careers\global 0 bytes
File C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\FRBX7YFW\www.joinameriprise.com.\careers\global\media 0 bytes
File C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\FRBX7YFW\www.joinameriprise.com.\careers\global\media\marquee.swf 0 bytes
File C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\FRBX7YFW\www.joinameriprise.com.\careers\global\media\marquee.swf\ameripriseMarquee.sol 62 bytes
File C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.joinameriprise.com.\settings.sol 93 bytes

---- EOF - GMER 1.0.15 ----

#8 Buckeye_Sam

Buckeye_Sam

    Malware Expert


  • Members
  • 17,382 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Pickerington, Ohio
  • Local time:08:03 PM

Posted 28 March 2009 - 10:18 AM

That log is not normally that large, but it looks like Windows was updated in the last week or so.

I see the problem and Combofix is right tool for the job here. But clearly something is not working quite right so let's get rid of the version of Combofix that you have now and start from scratch.

First off, kill this process(or anything similiar with CF#####.exe) if you see it still running.

CF16848.exe



Next.

Follow this process to uninstall Combofix.
  • Click START then RUN
  • Now type Combofix /u in the runbox and click OK

  • Posted Image


===============


Now let's take it from the beginning and see where it gets us this time.
When you save Combofix to your desktop, save it as combo-fix.exe (with the hyphen).



Please download ComboFix from one of these locations:

Link 1
Link 2
Link 3

Important!
You should NOT use Combofix unless you have been instructed to do so by a Malware Removal Expert.
It is intended by its creator to be used under the guidance and supervision of an Malware Removal Expert, not for private use.
Using this tool incorrectly could lead to disastrous problems with your operating system such as preventing it from ever starting again.



Make sure that you save ComboFix.exe to your Desktop
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools

  • Double click on ComboFix.exe & follow the prompts.

  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.

  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.


Posted Image


Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Posted Image


Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.
Posted Image If I have helped you in any way, please consider a donation to help me continue the fight against malware.


Failing to respond back to the person that is giving up their own time to help you not only is insensitive and disrespectful, but it guarantees that you will never receive help from me again. Please thank your helpers and there will always be help here when you need it!


========================================================

#9 oldrndrt

oldrndrt
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:03 PM

Posted 28 March 2009 - 03:57 PM

That log is not normally that large, but it looks like Windows was updated in the last week or so.

I see the problem and Combofix is right tool for the job here. But clearly something is not working quite right so let's get rid of the version of Combofix that you have now and start from scratch.

First off, kill this process(or anything similiar with CF#####.exe) if you see it still running.

CF16848.exe



Next.

Follow this process to uninstall Combofix.

  • Click START then RUN
  • Now type Combofix /u in the runbox and click OK
  • Posted Image
===============


Now let's take it from the beginning and see where it gets us this time.
When you save Combofix to your desktop, save it as combo-fix.exe (with the hyphen).



Please download ComboFix from one of these locations:


Sam,

Thanks for helping! I am a bit confused with the computer, because some strange things are happening as we progress. You said it looks like the computer has been updated recently, but I don't believe it has been "intentionally" updated, and further, we had SP3 installed on it when this all started and now it doesn't seem to indicate ANY SP's have been installed, and even displays the "alert" dialogue that "this version of WinXP is no longer secure..click here to download the SP". Also, some of the programs in the start menu won't "initialize" and some are missing from the "Start Menu" altogether but still on the hard drive and can be started by dclicking the executable. Others are listed in the Start Menu and will run normally. Still others, like apple itunes apple mobile device support, Google updater, and such are not listed on the Start Menu, nor in the "Startup" section of the Start Menu and yet start with Windows.

I attempted to remove the old version of ComboFix, but it gives me an error that it cannot find ComboFix. I located the directory where it is installed, and tried it that way (C:\ComboFix\ComboFix /u) but got the same error, so ComboFix has not been uninstalled as yet.

I installed the Windows recovery console, and during the install I got an error to the effect that something wasn't found, but when I clicked OK, it went ahead and [apparently] finished the install. When it finished, it seemed to have finished normally and asked for a reboot, which I did. When the computer rebooted, it offered to run the Recovery Console OR WinXP, indicating it was there, but there is no entry on the Start Menu for it.

I will await your response before I continue with your instructions; I have already downloaded the new version of ComboFix as requested and am ready to move forward if able. Thanks again for your help!

George

#10 Buckeye_Sam

Buckeye_Sam

    Malware Expert


  • Members
  • 17,382 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Pickerington, Ohio
  • Local time:08:03 PM

Posted 28 March 2009 - 06:10 PM

It almost sounds like a backup was restored and it didn't go well.

Just delete combofix.exe from your computer now and then download the new version, making sure to save it as combo-fix.exe
Posted Image If I have helped you in any way, please consider a donation to help me continue the fight against malware.


Failing to respond back to the person that is giving up their own time to help you not only is insensitive and disrespectful, but it guarantees that you will never receive help from me again. Please thank your helpers and there will always be help here when you need it!


========================================================

#11 oldrndrt

oldrndrt
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:03 PM

Posted 28 March 2009 - 08:00 PM

Sam,

The fouled restore sounds reasonable, but I didn't undertake a restore (I did look for a "restore point" to maybe roll back to, but Windows System Restore indicated there were no restore points to use so I never initiated that). It is possible my daughter tried a system restore from the GateWay discs that came with the system though she didn't mention it when I picked the computer up.

Combo-Fix is giving an error, when I try to run it, indicating that AVG-FREE_Resident is running, but I cannot find any reference to it in Task Manager, and the copy on the computer will not run due to the problems with the SP level...it requires minimum SP2 and the system doesn't indicate any SP level. I have SP2 on CD, would it help/hurt to install it and then continue?

I have attempted to uninstall AVG from Control Panel, to no avail, and also tried to run the setup program for AVG to uninstall it temporarily that way. It continues to fail because of the SP level. Combo-Fix indicates that possible damage to the system could occur if I run it without resolving the problem with AVG...any suggestions? I have attached a gif of the error message if it would be helpful.

I will continue to try to find a way to disable or uninstall the AVG and run the Combo-Fix...if you have additional info, please let me know. Thanks Again!

George

Attached File  ComboFix_Err.gif   10.31KB   5 downloads

#12 oldrndrt

oldrndrt
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:03 PM

Posted 28 March 2009 - 11:28 PM

Hello Sam,

I tried twice more to remove AVG with a utility from their website, and it said it completed normally. I had also tried unsuccessfully several times to run the install program to uninstall the software (and also through Control Panel) to no avail due to the SP level of XP at this time. I got clean results on the "AVG-removal" utility. It seems to have completed normally and has deleted all file associated with AVG, at least to the point it deleted the install directories for the program.

I went ahead and let Combo-Fix run, even thought it still gives the AVG-Resident error and it produced this logfile:

============================================================

ComboFix 09-03-28.04 - Owner 2009-03-28 22:36:49.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.0.1252.1.1033.18.1023.793 [GMT -5:00]
Running from: c:\documents and settings\Owner\Desktop\Combo-Fix.exe
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated)
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\winnt\system32\_003849_.tmp.dll
c:\winnt\system32\_004011_.tmp.dll
c:\winnt\system32\_004012_.tmp.dll
c:\winnt\system32\_004013_.tmp.dll
c:\winnt\system32\_004014_.tmp.dll
c:\winnt\system32\_004018_.tmp.dll
c:\winnt\system32\_004019_.tmp.dll
c:\winnt\system32\_004020_.tmp.dll
c:\winnt\system32\_004021_.tmp.dll
c:\winnt\system32\_004028_.tmp.dll
c:\winnt\system32\_004029_.tmp.dll
c:\winnt\system32\_004030_.tmp.dll
c:\winnt\system32\_004032_.tmp.dll
c:\winnt\system32\_004033_.tmp.dll
c:\winnt\system32\_004036_.tmp.dll
c:\winnt\system32\_004037_.tmp.dll
c:\winnt\system32\_004040_.tmp.dll
c:\winnt\system32\_004041_.tmp.dll
c:\winnt\system32\_004043_.tmp.dll
c:\winnt\system32\_004046_.tmp.dll
c:\winnt\system32\_004051_.tmp.dll
c:\winnt\system32\_004053_.tmp.dll
c:\winnt\system32\_004056_.tmp.dll
c:\winnt\system32\_004058_.tmp.dll
c:\winnt\system32\_004059_.tmp.dll
c:\winnt\system32\_004060_.tmp.dll
c:\winnt\system32\_004061_.tmp.dll
c:\winnt\system32\_004064_.tmp.dll
c:\winnt\system32\_004066_.tmp.dll
c:\winnt\system32\_004067_.tmp.dll
c:\winnt\system32\_004068_.tmp.dll
c:\winnt\system32\_004072_.tmp.dll
c:\winnt\system32\drivers\UACwnfyqlpr.sys
c:\winnt\system32\UACbdviwyka.dll
c:\winnt\system32\UACdqxndlax.dll
c:\winnt\system32\UACjoqhxwbu.dat
c:\winnt\system32\UACkicxlldm.log
c:\winnt\system32\UACncvkckkt.log
c:\winnt\system32\UACnrsmkowx.log
c:\winnt\system32\UACsievximn.dll
c:\winnt\system32\UACwxpulnqw.dll
c:\winnt\system32\vcar3sdu3yaj3.dll
.
---- Previous Run -------
.
c:\winnt\patch.exe
c:\winnt\system32\drivers\nfr.sys
c:\winnt\system32\frmwrk32.exe
c:\winnt\system32\init32.exe
c:\winnt\system32\system
c:\winnt\system32\system\mcafeepf.dll
c:\winnt\system32\win32hlp.cnf

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_ICF


((((((((((((((((((((((((( Files Created from 2009-02-28 to 2009-03-29 )))))))))))))))))))))))))))))))
.

2009-03-28 21:05 . 2009-03-28 21:12 <DIR> d-------- c:\program files\Security Task Manager
2009-03-28 21:05 . 2009-03-28 21:11 <DIR> d-------- c:\documents and settings\All Users\Application Data\SecTaskMan
2009-03-28 20:42 . 2009-03-28 20:42 <DIR> d-------- c:\program files\Uniblue
2009-03-28 19:30 . 2009-03-28 19:30 <DIR> d-------- c:\program files\IrfanView
2009-03-28 15:22 . 2009-03-28 15:22 158,720 --a------ c:\winnt\exajesux.dll
2009-03-27 11:18 . 2009-03-27 11:18 <DIR> d-------- c:\program files\WinASO
2009-03-26 22:54 . 2009-03-26 22:54 <DIR> d-------- c:\documents and settings\All Users\Application Data\AntiVir PersonalEdition Classic
2009-03-26 17:39 . 2009-03-26 17:39 <DIR> d-------- c:\winnt\system32\MpEngineStore
2009-03-24 22:08 . 2008-04-13 13:32 129,792 --a------ c:\temp\fltmgr.sys
2009-03-24 21:29 . 2009-03-24 21:29 <DIR> d-------- C:\upd7bin
2009-03-24 21:29 . 2009-03-24 21:30 <DIR> d-------- C:\avg7upd
2009-03-24 15:57 . 2009-03-24 15:57 2,848 --a------ c:\winnt\system32\spupdsvc.inf
2009-03-24 15:46 . 2004-08-04 00:56 8,384,000 --a------ c:\winnt\system32\SET24C.tmp
2009-03-24 15:45 . 2004-08-04 00:56 359,936 --a------ c:\winnt\system32\SET154.tmp
2009-03-24 15:45 . 2004-08-04 00:56 264,192 --a------ c:\winnt\system32\SET16D.tmp
2009-03-24 15:45 . 2004-08-04 00:56 82,944 --a------ c:\winnt\system32\SET16A.tmp
2009-03-24 15:45 . 2004-08-04 00:56 22,528 --a------ c:\winnt\system32\SET15C.tmp
2009-03-24 15:45 . 2004-08-04 00:56 19,968 --a------ c:\winnt\system32\SET169.tmp
2009-03-24 15:45 . 2004-08-04 00:56 19,968 --a------ c:\winnt\system32\SET15F.tmp
2009-03-24 15:45 . 2004-08-04 00:56 18,432 --a------ c:\winnt\system32\SET158.tmp
2009-03-24 15:45 . 2004-08-04 00:56 5,632 --a------ c:\winnt\system32\SET17F.tmp
2009-03-24 15:44 . 2004-07-17 11:40 19,528 --a------ c:\winnt\002671_.tmp
2009-03-24 14:32 . 2004-08-04 00:56 1,251,840 --a------ c:\winnt\system32\SET415.tmp
2009-03-24 14:31 . 2004-08-04 00:56 8,384,000 --a------ c:\winnt\system32\SET207.tmp
2009-03-24 14:30 . 2004-08-04 00:56 723,456 --a------ c:\winnt\system32\SET1A6.tmp
2009-03-24 14:29 . 2004-07-17 11:40 19,528 --a------ c:\winnt\002665_.tmp
2009-03-24 14:25 . 2001-08-30 05:30 68,224 --------- c:\winnt\system32\drivers\_003995_.tmp.dll
2009-03-23 00:25 . 2009-03-23 00:25 <DIR> d-------- c:\documents and settings\All Users\Application Data\Support.com
2009-03-22 21:47 . 2009-03-22 21:48 <DIR> d-------- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-03-22 21:24 . 2009-03-22 21:24 <DIR> d-------- c:\documents and settings\All Users\Application Data\Lavasoft
2009-03-22 21:16 . 2001-08-30 05:30 13,463,552 --a--c--- c:\winnt\system32\dllcache\hwxjpn.dll
2009-03-22 21:15 . 2001-08-17 22:36 2,134,528 --a--c--- c:\winnt\system32\dllcache\EXCH_smtpsnap.dll
2009-03-22 21:08 . 2009-03-22 21:14 <DIR> d--hs---- c:\documents and settings\All Users\DRM
2009-03-22 21:08 . 2009-03-22 21:08 488 -rah----- c:\winnt\system32\logonui.exe.manifest
2009-03-22 21:07 . 2001-08-30 05:30 520,192 --a--c--- c:\winnt\system32\dllcache\wmpvis.dll
2009-03-22 21:07 . 2001-08-30 05:30 319,551 --a--c--- c:\winnt\system32\dllcache\wmmres.dll
2009-03-22 21:07 . 2001-08-30 05:30 163,906 --a--c--- c:\winnt\system32\dllcache\wmmutil.dll
2009-03-22 21:07 . 2001-08-30 05:30 110,657 --a--c--- c:\winnt\system32\dllcache\wmmfilt.dll
2009-03-22 21:07 . 2001-08-30 05:30 73,728 --a--c--- c:\winnt\system32\dllcache\icwtutor.exe
2009-03-22 21:07 . 2001-08-30 05:30 61,440 --a--c--- c:\winnt\system32\dllcache\icwres.dll
2009-03-22 21:07 . 2001-08-30 05:30 40,960 --a--c--- c:\winnt\system32\dllcache\trialoc.dll
2009-03-22 21:07 . 2001-08-30 05:30 28,160 --a--c--- c:\winnt\system32\dllcache\msoobe.exe
2009-03-22 21:07 . 2009-03-22 21:07 749 -rah----- c:\winnt\WindowsShell.Manifest
2009-03-22 21:07 . 2009-03-22 21:07 749 -rah----- c:\winnt\system32\wuaucpl.cpl.manifest
2009-03-22 21:07 . 2009-03-22 21:07 749 -rah----- c:\winnt\system32\sapi.cpl.manifest
2009-03-22 21:07 . 2009-03-22 21:07 749 -rah----- c:\winnt\system32\ncpa.cpl.manifest
2009-03-22 20:50 . 2001-08-30 05:30 22,016 --a--c--- c:\winnt\system32\dllcache\agt0408.dll
2009-03-22 20:50 . 2001-08-30 05:30 19,968 --a--c--- c:\winnt\system32\dllcache\agt040e.dll
2009-03-22 20:50 . 2001-08-30 05:30 19,456 --a--c--- c:\winnt\system32\dllcache\agt041f.dll
2009-03-22 20:50 . 2001-08-30 05:30 19,456 --a--c--- c:\winnt\system32\dllcache\agt0419.dll
2009-03-22 20:50 . 2001-08-30 05:30 19,456 --a--c--- c:\winnt\system32\dllcache\agt0415.dll
2009-03-22 20:50 . 2001-08-30 05:30 19,456 --a--c--- c:\winnt\system32\dllcache\agt0405.dll
2009-03-22 20:49 . 2009-03-22 21:06 <DIR> dr------- c:\documents and settings\All Users\Documents
2009-03-22 20:49 . 2001-08-30 05:30 1,085,913 -ra------ c:\winnt\SETA2.tmp
2009-03-22 20:49 . 2001-08-30 05:30 797,189 --a--c--- c:\winnt\system32\dllcache\NT5IIS.CAT
2009-03-22 20:49 . 2001-08-30 05:30 399,645 --a--c--- c:\winnt\system32\dllcache\MAPIMIG.CAT
2009-03-22 20:49 . 2001-08-30 05:30 37,484 --a--c--- c:\winnt\system32\dllcache\MW770.CAT
2009-03-22 20:49 . 2001-08-30 05:30 24,661 --a------ c:\winnt\system32\spxcoins.dll
2009-03-22 20:49 . 2001-08-30 05:30 24,661 --a--c--- c:\winnt\system32\dllcache\spxcoins.dll
2009-03-22 20:49 . 2001-08-30 05:30 13,608 -ra------ c:\winnt\SETAE.tmp
2009-03-22 20:49 . 2001-08-30 05:30 13,472 --a--c--- c:\winnt\system32\dllcache\HPCRDP.CAT
2009-03-22 20:49 . 2001-08-30 05:30 13,312 --a------ c:\winnt\system32\irclass.dll
2009-03-22 20:49 . 2001-08-30 05:30 13,312 --a--c--- c:\winnt\system32\dllcache\irclass.dll
2009-03-22 20:49 . 2001-08-30 05:30 8,574 --a--c--- c:\winnt\system32\dllcache\IASNT4.CAT
2009-03-22 20:49 . 2001-08-30 05:30 7,046 --a--c--- c:\winnt\system32\dllcache\OEMBIOS.CAT

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-03-28 21:09 --------- d-----w c:\program files\Lavasoft
2009-03-28 20:11 --------- d-----w c:\documents and settings\Owner\Application Data\WeatherBug
2009-03-28 19:24 --------- d-----w c:\program files\Safari
2009-03-28 05:18 --------- d-----w c:\documents and settings\Owner\Application Data\Apple Computer
2009-03-27 16:33 --------- d-----w c:\documents and settings\Owner\Application Data\SmartDraw
2009-03-27 16:19 --------- d-----w c:\program files\2nd Story Software
2009-03-21 18:11 --------- d-----w c:\documents and settings\Owner\Application Data\Support.com
2009-02-19 18:24 76,314 ----a-w C:\wpiv.exe
2009-02-19 18:24 39,936 ----a-w C:\jfbnfciu.exe
2009-02-19 18:24 26,624 ----a-w C:\ywruf.exe
2009-02-19 18:24 1,415 ----a-w C:\nfr.bat
2009-02-16 15:31 64,160 ----a-w c:\winnt\system32\drivers\Lbd.sys
2009-02-11 01:37 --------- d-----w c:\documents and settings\Braeden Lee Waldrop\Application Data\WeatherBug
2009-02-06 19:10 --------- d-----w c:\documents and settings\Owner\Application Data\Roxio
2009-02-06 19:10 --------- d-----w c:\documents and settings\LocalService\Application Data\Roxio
2009-02-06 19:04 256 ----a-w c:\documents and settings\Owner\pool.bin
2009-02-06 19:03 --------- d-----w c:\documents and settings\Owner\Application Data\Research In Motion
2009-02-06 18:49 --------- d-----w c:\program files\Roxio
2009-02-06 18:49 --------- d-----w c:\program files\Common Files\Sonic Shared
2009-02-06 18:47 --------- d-----w c:\program files\Common Files\Roxio Shared
2009-02-06 18:46 --------- d-----w c:\program files\Common Files\InstallShield
2009-02-06 18:32 --------- d-----w c:\program files\Common Files\Research In Motion
2009-02-06 18:31 --------- d-----w c:\program files\Research In Motion
2009-02-05 14:32 --------- d-----w c:\program files\Spybot - Search & Destroy
2009-01-28 19:09 --------- d-----w c:\program files\Microsoft Works
2008-10-05 23:23 61,224 ----a-w c:\documents and settings\Owner\GoToAssistDownloadHelper.exe
2008-04-30 16:54 557,056 ----a-w c:\documents and settings\Owner\GoToAssist_phone__317_en.exe
2007-01-23 20:41 376,901 ----a-w c:\program files\Uninstall My Web Search.dll
2005-05-28 23:57 61,520 ----a-w c:\documents and settings\Owner\Application Data\GDIPFONTCACHEV1.DAT
.

------- Sigcheck -------

2008-04-13 13:53 36608 3bb22519a194418d5fec05d800a19ad0 c:\winnt\system32\drivers\ip6fw.sys
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvMediaCenter"="c:\winnt\System32\NVMCTRAY.DLL" [2003-10-06 49152]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SSRunScript"="c:\program files\Support.com\Charter\bin\SSRunScript.exe" [2003-02-19 40960]
"Pvecot"="c:\winnt\exajesux.dll" [2009-03-28 158720]
"MSConfig"="c:\winnt\PCHealth\HelpCtr\Binaries\MSConfig.exe" [2001-08-30 145408]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"NvMediaCenter"="c:\winnt\System32\NVMCTRAY.DLL" [2003-10-06 49152]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=avgrsstx.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0lsdelete\0sprestrt

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\fke9mt7ra1vhv6uet4gm1wrykvl94j
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\gm61r7jhn8ct9hw8ae7b2oak5v51pvqbl
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\jsf8uiw3jnjgffght
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Keyboard Preload Check
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\kiigyjnkpx644ttye1y7xamvfxilixluf7p63p
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ob01xihlbg9gosvsfglebgdh84nwbimo
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Owner
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UserFaultCheck
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\wwkbj9img3urx39d9zpxk7hq2f6es

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
--a------ 2008-09-03 20:12 111936 c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GWMDMpi]
--a------ 2001-11-27 08:55 40960 c:\winnt\GWMDMpi.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
--a------ 2008-11-20 14:20 290088 c:\program files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Microsoft Works Portfolio]
--a------ 2001-08-23 17:52 331830 c:\program files\Microsoft Works\wkssb.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Microsoft Works Update Detection]
--a------ 2001-08-17 00:41 28738 c:\program files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MoneyAgent]
--a------ 2001-07-25 11:00 184376 c:\program files\Microsoft Money\System\Money Express.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MoneyStartUp10.0]
--a------ 2001-07-25 11:00 241714 c:\program files\Microsoft Money\System\Activation.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
--a------ 2003-10-06 14:16 5058560 c:\winnt\system32\nvcpl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-11-04 11:30 413696 c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
-rahs---- 2008-09-16 12:16 1833296 c:\program files\Spybot - Search & Destroy\TeaTimer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a------ 2008-02-22 05:25 144784 c:\program files\Java\jre1.6.0_05\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tgcmd]
--a------ 2003-05-14 05:21 1847296 c:\program files\Support.com\bin\tgcmd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
--a------ 2008-01-14 13:33 180269 c:\program files\Common Files\Real\Update_OB\realsched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Weather]
--a------ 2004-07-30 15:57 1593344 c:\program files\AWS\WeatherBug\Weather.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WorksFUD]
--a------ 2001-10-05 20:34 24576 c:\program files\Microsoft Works\wkfud.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GWMDMMSG]
--a------ 2001-11-27 08:55 101615 c:\winnt\GWMDMMSG.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Hot Key Kbd 9910 Daemon]
--a------ 2001-01-03 15:50 66048 c:\winnt\system32\SK9910DM.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
--a------ 2003-10-06 14:16 741376 c:\winnt\system32\nwiz.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"Lavasoft Ad-Aware Service"=2 (0x2)
"iPod Service"=3 (0x3)
"gupdate1c95886a6a0fc80"=2 (0x2)
"Bonjour Service"=2 (0x2)
"Apple Mobile Device"=2 (0x2)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\PROGRA~1\\Yahoo!\\MESSEN~1\\yserver.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"c:\\Program Files\\CoffeeCup Software\\CoffeeCup Free FTP\\FreeFTP.exe"=
"c:\\StubInstaller.exe"=
"c:\\Program Files\\QuickTime\\QuickTimePlayer.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\Support.com\\bin\\tgcmd.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\WINNT\\system32\\LEXPPS.EXE"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=

S0 Lbd;Lbd;c:\winnt\system32\drivers\Lbd.sys [2009-02-16 64160]
S1 95676840;95676840;c:\winnt\System32\drivers\95676840.sys --> c:\winnt\System32\drivers\95676840.sys [?]
S1 brcasski;brcasski;\??\c:\winnt\system32\drivers\brcasski.sys --> c:\winnt\system32\drivers\brcasski.sys [?]
S1 pqedljzq;pqedljzq;\??\c:\winnt\system32\drivers\pqedljzq.sys --> c:\winnt\system32\drivers\pqedljzq.sys [?]
S3 brfilt;Brother MFC Filter Driver;c:\winnt\system32\drivers\BrFilt.sys [2007-07-11 2944]
S3 brparimg;Brother Multi Function Parallel Image driver;c:\winnt\system32\drivers\BrParImg.sys [2007-07-11 3168]
S3 BrParWdm;Brother WDM Parallel Driver;c:\winnt\system32\drivers\BRPARWDM.SYS [2009-03-22 39552]
S3 BrSerWDM;Brother WDM Serial driver;c:\winnt\system32\drivers\BrSerWdm.sys [2007-07-11 60416]
S3 PCDRDRV;Pcdr Helper Driver;\??\c:\atf\Qctest\PCDoc\PCDRDRV.sys --> c:\atf\Qctest\PCDoc\PCDRDRV.sys [?]
S4 gupdate1c95886a6a0fc80;Google Update Service (gupdate1c95886a6a0fc80);"c:\program files\Google\Update\GoogleUpdate.exe" /svc --> c:\program files\Google\Update\GoogleUpdate.exe [?]
S4 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2009-01-18 951632]

--- Other Services/Drivers In Memory ---

*Deregistered* - IPVNMon
.
Contents of the 'Scheduled Tasks' folder

2009-03-28 c:\winnt\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-03-28 17:54]

2009-03-29 c:\winnt\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34]

2004-05-27 c:\winnt\Tasks\FRU Task #Hewlett-Packard#hp psc 2100 series#1076808790.job
- c:\program files\Hewlett-Packard\Digital Imaging\Bin\hpqfrucl.exe [2003-04-09 18:56]

2009-03-29 c:\winnt\Tasks\GoogleUpdateTaskMachine.job
- c:\program files\Google\Update\GoogleUpdate.exe []

2002-12-07 c:\winnt\Tasks\Symantec NetDetect.job
- c:\program files\Symantec\LiveUpdate\NDETECT.EXE [2002-08-07 10:04]
.
- - - - ORPHANS REMOVED - - - -

HKLM-Run-Owipadiw - c:\winnt\Syativeba.dll
SSODL-FiRYtBSzqjem-{5CEC4268-F646-E8C2-A343-4950780C2406} - (no file)
Notify-hgGywVOe - hgGywVOe.dll
MSConfigStartUp-Framework Windows - frmwrk32.exe


.
------- Supplementary Scan -------
.
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
mSearch Bar = hxxp://red.clientapps.yahoo.com/customize/ie/defaults/sb/sbcydsl/*http://www.yahoo.com/search/ie.html
uInternet Settings,ProxyOverride = 127.0.0.1;*.local
uSearchURL,(Default) = hxxp://red.clientapps.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com
IE: E&xport to Microsoft Excel - c:\progra~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
IE: {{c95fe080-8f5d-11d2-a20b-00aa003c157a} - %SystemRoot%\web\related.htm
Trusted Zone: familychristian.com\www
Trusted Zone: utdallas.edu
DPF: Microsoft XML Parser for Java
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-03-28 22:47:43
Windows 5.1.2600 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...


**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(432)
c:\winnt\system32\ODBC32.dll
c:\winnt\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll

- - - - - - - > 'lsass.exe'(488)
c:\winnt\system32\MSVCIRT.dll
c:\winnt\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
c:\winnt\System32\dssenh.dll
.
------------------------ Other Running Processes ------------------------
.
c:\winnt\system32\LEXBCES.EXE
c:\winnt\system32\LEXPPS.EXE
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe
c:\winnt\system32\nvsvc32.exe
c:\winnt\system32\WgaTray.exe
c:\winnt\system32\rundll32.exe
.
**************************************************************************
.
Completion time: 2009-03-28 22:54:28 - machine was rebooted [Owner]
ComboFix-quarantined-files.txt 2009-03-29 03:53:11

Pre-Run: 17,078,517,760 bytes free
Post-Run: 16,950,595,584 bytes free

Current=1 Default=1 Failed=0 LastKnownGood=4 Sets=1,2,3,4
333 --- E O F --- 2009-02-12 09:08:21

==============================================================

Thanks again for your help...George

#13 Buckeye_Sam

Buckeye_Sam

    Malware Expert


  • Members
  • 17,382 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Pickerington, Ohio
  • Local time:08:03 PM

Posted 29 March 2009 - 09:01 AM

Progress! :thumbup2:
Let's clean up a bit more with Combofix and then you need to visit Windows Update and get all the critical updates it finds for your system. There will be a lot of them.


Copy and paste ALL the following text in the Quote box below into Notepad.
Click on File(in the menu at the top)>Save as../Save as Type: 'All Files' /File name: CFScript to your desktop.

Folder::
c:\program files\Security Task Manager
c:\documents and settings\All Users\Application Data\SecTaskMan

File::
c:\winnt\System32\drivers\95676840.sys
c:\winnt\system32\drivers\brcasski.sys
c:\winnt\system32\drivers\pqedljzq.sys
c:\StubInstaller.exe
c:\winnt\exajesux.dll
C:\wpiv.exe
C:\jfbnfciu.exe
C:\ywruf.exe
C:\nfr.bat
c:\winnt\SETA2.tmp
c:\winnt\SETAE.tmp
c:\winnt\system32\SET24C.tmp
c:\winnt\system32\SET154.tmp
c:\winnt\system32\SET16D.tmp
c:\winnt\system32\SET16A.tmp
c:\winnt\system32\SET15C.tmp
c:\winnt\system32\SET169.tmp
c:\winnt\system32\SET15F.tmp
c:\winnt\system32\SET158.tmp
c:\winnt\system32\SET17F.tmp
c:\winnt\002671_.tmp
c:\winnt\system32\SET415.tmp
c:\winnt\system32\SET207.tmp
c:\winnt\system32\SET1A6.tmp
c:\winnt\002665_.tmp
c:\winnt\system32\drivers\_003995_.tmp.dll
c:\temp\fltmgr.sys

Dirlook::
c:\winnt\system32\MpEngineStore

Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Pvecot"=-

Driver::
95676840
brcasski
pqedljzq
Prior to running Combofix.exe you should disable your antivirus program.

Now drag then drop the CFScript file onto ComboFix.exe as seen in the image below.

Posted Image

This will start ComboFix again.
After reboot, (in case it asks to reboot), post the contents of Combofix.txt in your next reply.
Posted Image If I have helped you in any way, please consider a donation to help me continue the fight against malware.


Failing to respond back to the person that is giving up their own time to help you not only is insensitive and disrespectful, but it guarantees that you will never receive help from me again. Please thank your helpers and there will always be help here when you need it!


========================================================

#14 oldrndrt

oldrndrt
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:03 PM

Posted 29 March 2009 - 03:18 PM

Hello Sam,

Thanks once again for all your help. I have done as requested and will post the results log for Combo-Fix below. I will go to the windows update site and get all the critical updates as you advise. Do I need to do anything before that (such as wait for you to peruse the Combo-Fix log, etc.) or can I go ahead and get that done, and also, can I re-install my AV software and begin reinstalling the other software that lost "connectivity" with windows, or is there a way to restore that short of reinstalling? I primarily want to reassociate/reconnect the following with WinXP:

MSOffice, MSWorks, MSMoney, IExplore7, and a handful of plugins/runtime stuff, like Flash, Adobe Reader, Quiktime, Media Player, etc.

George

Here is the Combo-Fix Log (I will wait a bit before I do anything, to make sure I am clean to proceed):

ComboFix 09-03-28.06 - Owner 2009-03-29 14:50:25.3 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.0.1252.1.1033.18.1023.681 [GMT -5:00]
Running from: c:\documents and settings\Owner\Desktop\Combo-Fix.exe
Command switches used :: c:\documents and settings\Owner\Desktop\CFScript.txt
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated)
* Created a new restore point

FILE ::
C:\jfbnfciu.exe
C:\nfr.bat
c:\StubInstaller.exe
c:\temp\fltmgr.sys
c:\winnt\002665_.tmp
c:\winnt\002671_.tmp
c:\winnt\exajesux.dll
c:\winnt\SETA2.tmp
c:\winnt\SETAE.tmp
c:\winnt\system32\drivers\_003995_.tmp.dll
c:\winnt\System32\drivers\95676840.sys
c:\winnt\system32\drivers\brcasski.sys
c:\winnt\system32\drivers\pqedljzq.sys
c:\winnt\system32\SET154.tmp
c:\winnt\system32\SET158.tmp
c:\winnt\system32\SET15C.tmp
c:\winnt\system32\SET15F.tmp
c:\winnt\system32\SET169.tmp
c:\winnt\system32\SET16A.tmp
c:\winnt\system32\SET16D.tmp
c:\winnt\system32\SET17F.tmp
c:\winnt\system32\SET1A6.tmp
c:\winnt\system32\SET207.tmp
c:\winnt\system32\SET24C.tmp
c:\winnt\system32\SET415.tmp
C:\wpiv.exe
C:\ywruf.exe
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\All Users\Application Data\SecTaskMan
c:\documents and settings\All Users\Application Data\SecTaskMan\_dot3svcFA7402
c:\documents and settings\All Users\Application Data\SecTaskMan\_eapsvcE0C8400
c:\documents and settings\All Users\Application Data\SecTaskMan\_entreelist.dll
c:\documents and settings\All Users\Application Data\SecTaskMan\_enviewlist.dll
c:\documents and settings\All Users\Application Data\SecTaskMan\_exajesux9676C02
c:\documents and settings\All Users\Application Data\SecTaskMan\_SSRunScript4237A000
c:\documents and settings\All Users\Application Data\SecTaskMan\_Syativeba8880
c:\documents and settings\All Users\Application Data\SecTaskMan\_w3sslE723E00
c:\documents and settings\All Users\Application Data\SecTaskMan\_WPDShServiceObj1993A02
c:\documents and settings\All Users\Application Data\SecTaskMan\_WUDFSvc10A6DA00
c:\documents and settings\All Users\Application Data\SecTaskMan\_yt354E5624
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_057E91CDB88950043A5558FE6650E5EF
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_057E91CDB88950043A5558FE6650E5EF.dll
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_0B79C053C7D38EE4AB9A00CB3B5D2472
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_0B79C053C7D38EE4AB9A00CB3B5D2472.dll
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_0BACD3DB5EF3BF4409ADFE0B2ADC3178
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_0BACD3DB5EF3BF4409ADFE0B2ADC3178.dll
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_0E23E40C6140D434FA9B96967D309AFE
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_0E23E40C6140D434FA9B96967D309AFE.dll
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_12341rg
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_12345db
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_172A967CC1E79F843B13746400DDC460
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_172A967CC1E79F843B13746400DDC460.dll
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_1E8AEDA0112B8B14D84D9D5ABF405AAF
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_1E8AEDA0112B8B14D84D9D5ABF405AAF.dll
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_1F3B805BA42A0C233B0158879691FE82
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_1F3B805BA42A0C233B0158879691FE82.dll
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_20210010E328DC647AE0EB8E819F1796
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_20210010E328DC647AE0EB8E819F1796.dll
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_20AC859F04BB700498B452789254E64E
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_20AC859F04BB700498B452789254E64E.dll
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_21F5DB58FE9404B41B0E778DF5E699FB
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_21F5DB58FE9404B41B0E778DF5E699FB.dll
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_258BFD2849598664C96682BBE649CB2B
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_258BFD2849598664C96682BBE649CB2B.dll
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_32178270CA8BEC143864D37727543CB5
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_32178270CA8BEC143864D37727543CB5.dll
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_32FDDB21BD1B8C94293DE38614CCDE16
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_32FDDB21BD1B8C94293DE38614CCDE16.dll
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_35A2D285624FE5C42A6E341CBA639B70
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_35A2D285624FE5C42A6E341CBA639B70.dll
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_39CE826C71E84114CB7ED281B139AFF0
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_39CE826C71E84114CB7ED281B139AFF0.dll
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_3B9B7B1A2D1EAC14B9A41FD82C177040
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_3B9B7B1A2D1EAC14B9A41FD82C177040.dll
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_3ECDCD77DED23F261845507E5474D270
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_3ECDCD77DED23F261845507E5474D270.dll
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_4E934A3C3037F1946A87EC3AA6785D71
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_4E934A3C3037F1946A87EC3AA6785D71.dll
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_568774731F3A2774DA34AACFB6FC9FF9
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_568774731F3A2774DA34AACFB6FC9FF9.dll
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_5B84B90E141EA724BAC03D06157222A4
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_5B84B90E141EA724BAC03D06157222A4.dll
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_5DF8927E68315D11D8C60005AD3DD259
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_5DF8927E68315D11D8C60005AD3DD259.dll
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_68AB67CA7DA73301B7447A0100000020
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_68AB67CA7DA73301B7447A0100000020.dll
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_6ED92F346D9D5D118A7500015B801C84
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_6ED92F346D9D5D118A7500015B801C84.dll
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_6F1479AE2F7AB794BB4EE20D316694EB
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_6F1479AE2F7AB794BB4EE20D316694EB.dll
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_6F8CD9A7664240E4FB15EB94C9D520DB
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_6F8CD9A7664240E4FB15EB94C9D520DB.dll
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_719A768971D5ED0438ABEB5A9213491B
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_719A768971D5ED0438ABEB5A9213491B.dll
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_766BA81303235B146A71BCB37F843D17
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_766BA81303235B146A71BCB37F843D17.dll
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_7dbe654076f56ba458e23687e1f383c9
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_7dbe654076f56ba458e23687e1f383c9.dll
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_7F3915FC73B65D117B2D00AA002A401F
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_7F3915FC73B65D117B2D00AA002A401F.dll
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_84C581F9B595A1041A6DAA3B4298D04C
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_84C581F9B595A1041A6DAA3B4298D04C.dll
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_8663020007180A44EB446B23AFD487F0
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_8663020007180A44EB446B23AFD487F0.dll
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_8A0F841731866D117AB7000B0D410209
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_8A0F841731866D117AB7000B0D410209.dll
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_8A0F842331866D117AB7000B0D510004
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_8A0F842331866D117AB7000B0D510004.dll
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_8A0F842331866D117AB7000B0D510006
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_8A0F842331866D117AB7000B0D510006.dll
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_8A0F842331866D117AB7000B0D511001
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_8A0F842331866D117AB7000B0D511001.dll
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_8A0F842331866D117AB7000B0D610003
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_8A0F842331866D117AB7000B0D610003.dll
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_8A0F842331866D117AB7000B0D610005
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_8A0F842331866D117AB7000B0D610005.dll
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_8A0F842331866D117AB7000B0D610007
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_8A0F842331866D117AB7000B0D610007.dll
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_8A39DEE5DA337A646ACAD4AEBFFEEE1E
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_8A39DEE5DA337A646ACAD4AEBFFEEE1E.dll
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_8EB840D020EA5BC44A8216B689844E7A
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_8EB840D020EA5BC44A8216B689844E7A.dll
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_9040111900063D11C8EF10054038389C
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_9040111900063D11C8EF10054038389C.dll
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_9040FA0900063D11C8EF10054038389C
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_9040FA0900063D11C8EF10054038389C.dll
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_93BAD29AC2E44034A96BCB446EB8552E
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_93BAD29AC2E44034A96BCB446EB8552E.dll
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_9EC9653600AFC964FAC55E4D9DA3FC19
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_9EC9653600AFC964FAC55E4D9DA3FC19.dll
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_9F13FFD239872294FA669C1ABEE4BB13
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_9F13FFD239872294FA669C1ABEE4BB13.dll
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_9F324271A225A384DA563006C04EACF4
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_9F324271A225A384DA563006C04EACF4.dll
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_A3506BF7D15C80547ADF572F0C9C12DA
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_A3506BF7D15C80547ADF572F0C9C12DA.dll
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_B0B35DEDC76B4424EAA66DDFC3821DFE
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_B0B35DEDC76B4424EAA66DDFC3821DFE.dll
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_b25099274a207264182f8181add555d0
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_b25099274a207264182f8181add555d0.dll
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_BA5544CE551F1CC44A5C883F77F78968
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_BA5544CE551F1CC44A5C883F77F78968.dll
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_C0C37ED8AE43888468BDEEBDB996BD49
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_C0C37ED8AE43888468BDEEBDB996BD49.dll
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_D33A333FC5212A23D8ECC5D54132E172
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_D33A333FC5212A23D8ECC5D54132E172.dll
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_D45F1FB0CACE64E45A5A6AE00D33D2E3
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_D45F1FB0CACE64E45A5A6AE00D33D2E3.dll
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_DA06494977C3DF44D887FB06E52F1841
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_DA06494977C3DF44D887FB06E52F1841.dll
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_DB93BCE62C37DD441B0A9828705CD8B8
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_DB93BCE62C37DD441B0A9828705CD8B8.dll
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_DDA39468D428E8B4DB27C8D5DC5CA217
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_DDA39468D428E8B4DB27C8D5DC5CA217.dll
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_DDE7F2BCF1D91C3409CFF425AE1E271A
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_DDE7F2BCF1D91C3409CFF425AE1E271A.dll
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_E00686AB9D6929E4082F629B86B1A536
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_E00686AB9D6929E4082F629B86B1A536.dll
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_E053D762BA158B04FAF9ADE75D860744
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_E053D762BA158B04FAF9ADE75D860744.dll
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_E2019AD6F9910A343AB6E64F08186A85
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_E2019AD6F9910A343AB6E64F08186A85.dll
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_E90D685AC2D13D11A9B60001A5896B18
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_E90D685AC2D13D11A9B60001A5896B18.dll
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_EEFCF14B00AEC6943878287E033E43DF
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_EEFCF14B00AEC6943878287E033E43DF.dll
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_F65865963B6B0EB4ABB0F894B53E0233
c:\documents and settings\All Users\Application Data\SecTaskMan\icn_F65865963B6B0EB4ABB0F894B53E0233.dll
C:\jfbnfciu.exe
C:\nfr.bat
c:\program files\Security Task Manager
c:\program files\Security Task Manager\ascode.dll
c:\program files\Security Task Manager\bestell.txt
c:\program files\Security Task Manager\file_id.diz
c:\program files\Security Task Manager\Formulaire.txt
c:\program files\Security Task Manager\leggimi.txt
c:\program files\Security Task Manager\lgs_albanian.txt
c:\program files\Security Task Manager\lgs_Arabic.txt
c:\program files\Security Task Manager\lgs_bosnian.txt
c:\program files\Security Task Manager\lgs_bulgarian.txt
c:\program files\Security Task Manager\lgs_catalan.txt
c:\program files\Security Task Manager\lgs_chinese (Simplified).txt
c:\program files\Security Task Manager\lgs_chinese (Traditional).txt
c:\program files\Security Task Manager\lgs_croatian.txt
c:\program files\Security Task Manager\lgs_czech.txt
c:\program files\Security Task Manager\lgs_danish.txt
c:\program files\Security Task Manager\lgs_deutsch.txt
c:\program files\Security Task Manager\lgs_dutch.txt
c:\program files\Security Task Manager\lgs_english.txt
c:\program files\Security Task Manager\lgs_Español (latinoamérica).txt
c:\program files\Security Task Manager\lgs_estonian.txt
c:\program files\Security Task Manager\lgs_faroese.txt
c:\program files\Security Task Manager\lgs_finnish.txt
c:\program files\Security Task Manager\lgs_french.txt
c:\program files\Security Task Manager\lgs_galician.txt
c:\program files\Security Task Manager\lgs_greek.txt
c:\program files\Security Task Manager\lgs_hungarian.txt
c:\program files\Security Task Manager\lgs_indonesian.txt
c:\program files\Security Task Manager\lgs_italiano.txt
c:\program files\Security Task Manager\lgs_korean.txt
c:\program files\Security Task Manager\lgs_latvian.txt
c:\program files\Security Task Manager\lgs_macedonian.txt
c:\program files\Security Task Manager\lgs_norwegian.txt
c:\program files\Security Task Manager\lgs_norwegian_bokmaal.txt
c:\program files\Security Task Manager\lgs_norwegian_nynorsk.txt
c:\program files\Security Task Manager\lgs_polish.txt
c:\program files\Security Task Manager\lgs_portuguese (Brasil).txt
c:\program files\Security Task Manager\lgs_portuguese.txt
c:\program files\Security Task Manager\lgs_romanian.txt
c:\program files\Security Task Manager\lgs_russian.txt
c:\program files\Security Task Manager\lgs_serbian.txt
c:\program files\Security Task Manager\lgs_slovak.txt
c:\program files\Security Task Manager\lgs_slovenian.txt
c:\program files\Security Task Manager\lgs_spanish.txt
c:\program files\Security Task Manager\lgs_swedish.txt
c:\program files\Security Task Manager\lgs_thai.txt
c:\program files\Security Task Manager\lgs_turkish.txt
c:\program files\Security Task Manager\lgs_ukrainian.txt
c:\program files\Security Task Manager\lgs_vietnam.txt
c:\program files\Security Task Manager\liesmich.txt
c:\program files\Security Task Manager\LisezMoi.txt
c:\program files\Security Task Manager\manual_de.pdf
c:\program files\Security Task Manager\manual_en.pdf
c:\program files\Security Task Manager\manual_fr.pdf
c:\program files\Security Task Manager\order.txt
c:\program files\Security Task Manager\ordina.txt
c:\program files\Security Task Manager\pad_file.xml
c:\program files\Security Task Manager\psapi_.dll
c:\program files\Security Task Manager\Purchase Security Task Manager Now!.url
c:\program files\Security Task Manager\readme.txt
c:\program files\Security Task Manager\Setup.exe
c:\program files\Security Task Manager\SpyProDll.dll
c:\program files\Security Task Manager\SpyProtector.exe
c:\program files\Security Task Manager\TaskMan.exe
c:\program files\Security Task Manager\taskman_de.cnt
c:\program files\Security Task Manager\taskman_de.hlp
c:\program files\Security Task Manager\taskman_en.cnt
c:\program files\Security Task Manager\taskman_en.GID
c:\program files\Security Task Manager\taskman_en.hlp
c:\program files\Security Task Manager\taskman_fr.cnt
c:\program files\Security Task Manager\taskman_fr.hlp
c:\program files\Security Task Manager\taskman_rus.cnt
c:\program files\Security Task Manager\taskman_rus.hlp
c:\program files\Security Task Manager\uninstal.exe
c:\StubInstaller.exe
c:\winnt\002665_.tmp
c:\winnt\002671_.tmp
c:\winnt\exajesux.dll
c:\winnt\SETA2.tmp
c:\winnt\SETAE.tmp
c:\winnt\system32\drivers\_003995_.tmp.dll
c:\winnt\system32\SET154.tmp
c:\winnt\system32\SET158.tmp
c:\winnt\system32\SET15C.tmp
c:\winnt\system32\SET15F.tmp
c:\winnt\system32\SET169.tmp
c:\winnt\system32\SET16A.tmp
c:\winnt\system32\SET16D.tmp
c:\winnt\system32\SET17F.tmp
c:\winnt\system32\SET1A6.tmp
c:\winnt\system32\SET207.tmp
c:\winnt\system32\SET24C.tmp
c:\winnt\system32\SET415.tmp
C:\wpiv.exe
C:\ywruf.exe

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_95676840
-------\Service_brcasski
-------\Service_pqedljzq


((((((((((((((((((((((((( Files Created from 2009-02-28 to 2009-03-29 )))))))))))))))))))))))))))))))
.

2009-03-29 02:11 . 2009-03-29 02:11 80,020 --ah----- c:\winnt\system32\mlfcache.dat
2009-03-29 00:26 . 2009-03-29 00:26 <DIR> d-------- C:\cabs
2009-03-29 00:26 . 2009-03-29 00:26 126,976 --a------ c:\winnt\system32\unzdll.dll
2009-03-28 20:42 . 2009-03-28 20:42 <DIR> d-------- c:\program files\Uniblue
2009-03-28 19:30 . 2009-03-28 19:30 <DIR> d-------- c:\program files\IrfanView
2009-03-27 11:18 . 2009-03-27 11:18 <DIR> d-------- c:\program files\WinASO
2009-03-26 22:54 . 2009-03-26 22:54 <DIR> d-------- c:\documents and settings\All Users\Application Data\AntiVir PersonalEdition Classic
2009-03-26 17:39 . 2009-03-26 17:39 <DIR> d-------- c:\winnt\system32\MpEngineStore
2009-03-24 21:29 . 2009-03-24 21:29 <DIR> d-------- C:\upd7bin
2009-03-24 21:29 . 2009-03-24 21:30 <DIR> d-------- C:\avg7upd
2009-03-24 15:57 . 2009-03-24 15:57 2,848 --a------ c:\winnt\system32\spupdsvc.inf
2009-03-24 15:46 . 2004-08-04 00:56 3,003,392 --a------ c:\winnt\system32\SET386.tmp
2009-03-24 15:42 . 2001-08-30 05:30 4,186,256 --------- c:\winnt\system32\dllcache\luna.mst
2009-03-24 14:32 . 2004-08-04 00:56 1,032,192 --a------ c:\winnt\SET492.tmp
2009-03-24 14:31 . 2004-08-04 00:56 3,003,392 --a------ c:\winnt\system32\SET2FA.tmp
2009-03-24 14:30 . 2004-08-04 00:56 713,216 --a------ c:\winnt\system32\SET1D2.tmp
2009-03-23 00:25 . 2009-03-23 00:25 <DIR> d-------- c:\documents and settings\All Users\Application Data\Support.com
2009-03-22 21:47 . 2009-03-22 21:48 <DIR> d-------- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-03-22 21:24 . 2009-03-22 21:24 <DIR> d-------- c:\documents and settings\All Users\Application Data\Lavasoft
2009-03-22 21:16 . 2001-08-30 05:30 13,463,552 --a--c--- c:\winnt\system32\dllcache\hwxjpn.dll
2009-03-22 21:15 . 2001-08-17 22:36 2,134,528 --a--c--- c:\winnt\system32\dllcache\EXCH_smtpsnap.dll
2009-03-22 21:08 . 2009-03-22 21:14 <DIR> d--hs---- c:\documents and settings\All Users\DRM
2009-03-22 21:08 . 2009-03-22 21:08 488 -rah----- c:\winnt\system32\logonui.exe.manifest
2009-03-22 21:07 . 2001-08-30 05:30 520,192 --a--c--- c:\winnt\system32\dllcache\wmpvis.dll
2009-03-22 21:07 . 2001-08-30 05:30 319,551 --a--c--- c:\winnt\system32\dllcache\wmmres.dll
2009-03-22 21:07 . 2001-08-30 05:30 163,906 --a--c--- c:\winnt\system32\dllcache\wmmutil.dll
2009-03-22 21:07 . 2001-08-30 05:30 110,657 --a--c--- c:\winnt\system32\dllcache\wmmfilt.dll
2009-03-22 21:07 . 2001-08-30 05:30 73,728 --a--c--- c:\winnt\system32\dllcache\icwtutor.exe
2009-03-22 21:07 . 2001-08-30 05:30 61,440 --a--c--- c:\winnt\system32\dllcache\icwres.dll
2009-03-22 21:07 . 2001-08-30 05:30 40,960 --a--c--- c:\winnt\system32\dllcache\trialoc.dll
2009-03-22 21:07 . 2001-08-30 05:30 28,160 --a--c--- c:\winnt\system32\dllcache\msoobe.exe
2009-03-22 21:07 . 2009-03-22 21:07 749 -rah----- c:\winnt\WindowsShell.Manifest
2009-03-22 21:07 . 2009-03-22 21:07 749 -rah----- c:\winnt\system32\wuaucpl.cpl.manifest
2009-03-22 21:07 . 2009-03-22 21:07 749 -rah----- c:\winnt\system32\sapi.cpl.manifest
2009-03-22 21:07 . 2009-03-22 21:07 749 -rah----- c:\winnt\system32\ncpa.cpl.manifest
2009-03-22 20:50 . 2001-08-30 05:30 22,016 --a--c--- c:\winnt\system32\dllcache\agt0408.dll
2009-03-22 20:50 . 2001-08-30 05:30 19,968 --a--c--- c:\winnt\system32\dllcache\agt040e.dll
2009-03-22 20:50 . 2001-08-30 05:30 19,456 --a--c--- c:\winnt\system32\dllcache\agt041f.dll
2009-03-22 20:50 . 2001-08-30 05:30 19,456 --a--c--- c:\winnt\system32\dllcache\agt0419.dll
2009-03-22 20:50 . 2001-08-30 05:30 19,456 --a--c--- c:\winnt\system32\dllcache\agt0415.dll
2009-03-22 20:50 . 2001-08-30 05:30 19,456 --a--c--- c:\winnt\system32\dllcache\agt0405.dll
2009-03-22 20:49 . 2009-03-22 21:06 <DIR> dr------- c:\documents and settings\All Users\Documents
2009-03-22 20:49 . 2001-08-30 05:30 797,189 --a--c--- c:\winnt\system32\dllcache\NT5IIS.CAT
2009-03-22 20:49 . 2001-08-30 05:30 399,645 --a--c--- c:\winnt\system32\dllcache\MAPIMIG.CAT
2009-03-22 20:49 . 2001-08-30 05:30 37,484 --a--c--- c:\winnt\system32\dllcache\MW770.CAT
2009-03-22 20:49 . 2001-08-30 05:30 24,661 --a------ c:\winnt\system32\spxcoins.dll
2009-03-22 20:49 . 2001-08-30 05:30 24,661 --a--c--- c:\winnt\system32\dllcache\spxcoins.dll
2009-03-22 20:49 . 2001-08-30 05:30 13,472 --a--c--- c:\winnt\system32\dllcache\HPCRDP.CAT
2009-03-22 20:49 . 2001-08-30 05:30 13,312 --a------ c:\winnt\system32\irclass.dll
2009-03-22 20:49 . 2001-08-30 05:30 13,312 --a--c--- c:\winnt\system32\dllcache\irclass.dll
2009-03-22 20:49 . 2001-08-30 05:30 8,574 --a--c--- c:\winnt\system32\dllcache\IASNT4.CAT
2009-03-22 20:49 . 2001-08-30 05:30 7,046 --a--c--- c:\winnt\system32\dllcache\OEMBIOS.CAT

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-03-29 05:26 --------- d-----w c:\program files\Gateway
2009-03-28 21:09 --------- d-----w c:\program files\Lavasoft
2009-03-28 20:11 --------- d-----w c:\documents and settings\Owner\Application Data\WeatherBug
2009-03-28 19:24 --------- d-----w c:\program files\Safari
2009-03-28 05:18 --------- d-----w c:\documents and settings\Owner\Application Data\Apple Computer
2009-03-27 16:33 --------- d-----w c:\documents and settings\Owner\Application Data\SmartDraw
2009-03-27 16:19 --------- d-----w c:\program files\2nd Story Software
2009-03-21 18:11 --------- d-----w c:\documents and settings\Owner\Application Data\Support.com
2009-02-16 15:31 64,160 ----a-w c:\winnt\system32\drivers\Lbd.sys
2009-02-11 01:37 --------- d-----w c:\documents and settings\Braeden Lee Waldrop\Application Data\WeatherBug
2009-02-06 19:10 --------- d-----w c:\documents and settings\Owner\Application Data\Roxio
2009-02-06 19:10 --------- d-----w c:\documents and settings\LocalService\Application Data\Roxio
2009-02-06 19:04 256 ----a-w c:\documents and settings\Owner\pool.bin
2009-02-06 19:03 --------- d-----w c:\documents and settings\Owner\Application Data\Research In Motion
2009-02-06 18:49 --------- d-----w c:\program files\Roxio
2009-02-06 18:49 --------- d-----w c:\program files\Common Files\Sonic Shared
2009-02-06 18:47 --------- d-----w c:\program files\Common Files\Roxio Shared
2009-02-06 18:46 --------- d-----w c:\program files\Common Files\InstallShield
2009-02-06 18:32 --------- d-----w c:\program files\Common Files\Research In Motion
2009-02-06 18:31 --------- d-----w c:\program files\Research In Motion
2009-02-05 14:32 --------- d-----w c:\program files\Spybot - Search & Destroy
2009-01-28 19:09 --------- d-----w c:\program files\Microsoft Works
2008-10-05 23:23 61,224 ----a-w c:\documents and settings\Owner\GoToAssistDownloadHelper.exe
2008-04-30 16:54 557,056 ----a-w c:\documents and settings\Owner\GoToAssist_phone__317_en.exe
2007-01-23 20:41 376,901 ----a-w c:\program files\Uninstall My Web Search.dll
2005-05-28 23:57 61,520 ----a-w c:\documents and settings\Owner\Application Data\GDIPFONTCACHEV1.DAT
.

(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.

---- Directory of c:\winnt\system32\MpEngineStore ----

2009-03-27 11:13 162 --a------ c:\winnt\system32\MpEngineStore\RebootActions\pqedljzq.dat
2009-03-27 11:13 162 --a------ c:\winnt\system32\MpEngineStore\RebootActions\brcasski.dat


------- Sigcheck -------

2008-04-13 13:53 36608 3bb22519a194418d5fec05d800a19ad0 c:\winnt\system32\drivers\ip6fw.sys
.
((((((((((((((((((((((((((((( SnapShot@2009-03-28_22.51.44.92 )))))))))))))))))))))))))))))))))))))))))
.
- 2009-03-28 08:44:48 32,768 ----a-w c:\winnt\system32\config\systemprofile\Cookies\index.dat
+ 2009-03-29 07:09:04 32,768 ----a-w c:\winnt\system32\config\systemprofile\Cookies\index.dat
- 2009-03-28 08:44:48 32,768 ----a-w c:\winnt\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2009-03-29 07:09:04 32,768 ----a-w c:\winnt\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
- 2009-03-28 08:44:48 65,536 ----a-w c:\winnt\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2009-03-29 07:09:04 65,536 ----a-w c:\winnt\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
- 2009-03-29 03:26:15 262,144 ----a-w c:\winnt\system32\config\systemprofile\NTUSER.DAT
+ 2009-03-29 19:50:07 262,144 ----a-w c:\winnt\system32\config\systemprofile\NTUSER.DAT
+ 2009-02-03 02:15:28 3,771,296 ----a-w c:\winnt\system32\Macromed\Flash\NPSWF32.dll
+ 2009-02-03 02:15:30 240,544 ----a-w c:\winnt\system32\Macromed\Flash\NPSWF32_FlashUtil.exe
+ 2009-03-29 05:16:33 84,661 ----a-w c:\winnt\system32\Macromed\Flash\uninstall_plugin.exe
+ 2009-03-29 19:57:18 16,384 ----atw c:\winnt\Temp\Perflib_Perfdata_574.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvMediaCenter"="c:\winnt\System32\NVMCTRAY.DLL" [2003-10-06 49152]
"Weather"="c:\program files\AWS\WeatherBug\Weather.exe" [2004-07-30 1593344]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2008-09-16 1833296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SSRunScript"="c:\program files\Support.com\Charter\bin\SSRunScript.exe" [2003-02-19 40960]
"WorksFUD"="c:\program files\Microsoft Works\wkfud.exe" [2001-10-05 24576]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-01-14 180269]
"tgcmd"="c:\program files\Support.com\bin\tgcmd.exe" [2003-05-14 1847296]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 144784]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-11-04 413696]
"NvCplDaemon"="c:\winnt\System32\NvCpl.dll" [2003-10-06 5058560]
"MoneyStartUp10.0"="c:\program files\Microsoft Money\System\Activation.exe" [2001-07-25 241714]
"Microsoft Works Update Detection"="c:\program files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe" [2001-08-17 28738]
"Microsoft Works Portfolio"="c:\program files\Microsoft Works\WksSb.exe" [2001-08-23 331830]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-11-20 290088]
"GWMDMpi"="c:\winnt\GWMDMpi.exe" [2001-11-27 40960]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-09-03 111936]
"nwiz"="nwiz.exe" [2003-10-06 c:\winnt\system32\nwiz.exe]
"Hot Key Kbd 9910 Daemon"="SK9910DM.EXE" [2001-01-03 c:\winnt\system32\SK9910DM.EXE]
"GWMDMMSG"="GWMDMMSG.exe" [2001-11-27 c:\winnt\GWMDMMSG.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"NvMediaCenter"="c:\winnt\System32\NVMCTRAY.DLL" [2003-10-06 49152]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\hgGywVOe]
[BU]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=avgrsstx.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0lsdelete\0sprestrt

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\PROGRA~1\\Yahoo!\\MESSEN~1\\yserver.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"c:\\Program Files\\CoffeeCup Software\\CoffeeCup Free FTP\\FreeFTP.exe"=
"c:\\Program Files\\QuickTime\\QuickTimePlayer.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\Support.com\\bin\\tgcmd.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\WINNT\\system32\\LEXPPS.EXE"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=

S0 Lbd;Lbd;c:\winnt\system32\drivers\Lbd.sys [2009-02-16 64160]
S2 gupdate1c95886a6a0fc80;Google Update Service (gupdate1c95886a6a0fc80);"c:\program files\Google\Update\GoogleUpdate.exe" /svc --> c:\program files\Google\Update\GoogleUpdate.exe [?]
S3 brfilt;Brother MFC Filter Driver;c:\winnt\system32\drivers\BrFilt.sys [2007-07-11 2944]
S3 brparimg;Brother Multi Function Parallel Image driver;c:\winnt\system32\drivers\BrParImg.sys [2007-07-11 3168]
S3 BrParWdm;Brother WDM Parallel Driver;c:\winnt\system32\drivers\BRPARWDM.SYS [2009-03-22 39552]
S3 BrSerWDM;Brother WDM Serial driver;c:\winnt\system32\drivers\BrSerWdm.sys [2007-07-11 60416]
S3 iscFlash;iscFlash;\??\c:\winnt\SYSTEM32\DRIVERS\iscflash.sys --> c:\winnt\SYSTEM32\DRIVERS\iscflash.sys [?]
S3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2009-01-18 951632]
S3 PCDRDRV;Pcdr Helper Driver;\??\c:\atf\Qctest\PCDoc\PCDRDRV.sys --> c:\atf\Qctest\PCDoc\PCDRDRV.sys [?]

--- Other Services/Drivers In Memory ---

*Deregistered* - IPVNMon
.
Contents of the 'Scheduled Tasks' folder

2009-03-28 c:\winnt\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-03-28 17:54]

2009-03-29 c:\winnt\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34]

2004-05-27 c:\winnt\Tasks\FRU Task #Hewlett-Packard#hp psc 2100 series#1076808790.job
- c:\program files\Hewlett-Packard\Digital Imaging\Bin\hpqfrucl.exe [2003-04-09 18:56]

2009-03-29 c:\winnt\Tasks\GoogleUpdateTaskMachine.job
- c:\program files\Google\Update\GoogleUpdate.exe []

2002-12-07 c:\winnt\Tasks\Symantec NetDetect.job
- c:\program files\Symantec\LiveUpdate\NDETECT.EXE [2002-08-07 10:04]
.
.
------- Supplementary Scan -------
.
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
mSearch Bar = hxxp://red.clientapps.yahoo.com/customize/ie/defaults/sb/sbcydsl/*http://www.yahoo.com/search/ie.html
uInternet Settings,ProxyOverride = 127.0.0.1;*.local
uSearchURL,(Default) = hxxp://red.clientapps.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com
IE: E&xport to Microsoft Excel - c:\progra~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
IE: {{c95fe080-8f5d-11d2-a20b-00aa003c157a} - %SystemRoot%\web\related.htm
Trusted Zone: familychristian.com\www
Trusted Zone: utdallas.edu
DPF: Microsoft XML Parser for Java
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-03-29 14:59:13
Windows 5.1.2600 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...


**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(428)
c:\winnt\system32\ODBC32.dll
c:\winnt\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll

- - - - - - - > 'lsass.exe'(484)
c:\winnt\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
c:\winnt\System32\dssenh.dll
.
------------------------ Other Running Processes ------------------------
.
c:\winnt\system32\LEXBCES.EXE
c:\winnt\system32\LEXPPS.EXE
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe
c:\winnt\system32\nvsvc32.exe
c:\winnt\system32\WgaTray.exe
c:\winnt\system32\rundll32.exe
c:\program files\iPod\bin\iPodService.exe
.
**************************************************************************
.
Completion time: 2009-03-29 15:06:35 - machine was rebooted
ComboFix-quarantined-files.txt 2009-03-29 20:05:17
ComboFix2.txt 2009-03-29 03:54:31

Pre-Run: 16,748,855,296 bytes free
Post-Run: 16,722,788,352 bytes free

Current=1 Default=1 Failed=0 LastKnownGood=4 Sets=1,2,3,4
514 --- E O F --- 2009-02-12 09:08:21

Edited by oldrndrt, 29 March 2009 - 03:20 PM.


#15 Buckeye_Sam

Buckeye_Sam

    Malware Expert


  • Members
  • 17,382 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Pickerington, Ohio
  • Local time:08:03 PM

Posted 29 March 2009 - 03:25 PM

I'm not fully convinced that we've got it all yet. In fact, I see some files in your log that we do need to address.
But, your computer is so insecure without those updates that it is vital that you get them installed quickly or risk reinfection very quickly.

Go ahead and run through this quick Combofix step and then go get all your Windows updates installed. Don't install any other software until you have all the Windows updates installed first, especially the service packs.

Copy and paste ALL the following text in the Quote box below into Notepad.
Click on File(in the menu at the top)>Save as../Save as Type: 'All Files' /File name: CFScript to your desktop.

Folder::
c:\winnt\system32\MpEngineStore

File::
c:\program files\Uninstall My Web Search.dll

Registry::
[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\hgGywVOe]
Prior to running Combofix.exe you should disable your antivirus program.

Now drag then drop the CFScript file onto ComboFix.exe as seen in the image below.

Posted Image

This will start ComboFix again.
After reboot, (in case it asks to reboot), post the contents of Combofix.txt in your next reply.


Let me know once you have all those updates installed, then we will run some scans and thoroughly check to be sure that you're clean.
Posted Image If I have helped you in any way, please consider a donation to help me continue the fight against malware.


Failing to respond back to the person that is giving up their own time to help you not only is insensitive and disrespectful, but it guarantees that you will never receive help from me again. Please thank your helpers and there will always be help here when you need it!


========================================================




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users