Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

win xp Cannot load any Secure websites many spyware and spybot wont update


  • This topic is locked This topic is locked
24 replies to this topic

#1 hades6903

hades6903

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:12:07 PM

Posted 22 May 2009 - 03:15 PM

This has been a huge problem only reason I put my external back on is because is has my ethernet drivers but i can copy those to disc if I cant get rid of this. I run AVG antivirus. Here is my hijack this log. AVG found 13 trojans first time 5 2nd scan 2 3rd and 4th still runnin 5th...all on external hard drive...


Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.EXE
C:\WINDOWS\system32\CTHELPER.EXE
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\AVG\AVG8\avgui.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [CTDVDDET] "C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.EXE"
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [AnyDVD] "C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://dl8-cdn-09.sun.com/s/ESD7/JSCDL/jdk...ows-i586-jc.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

--
End of file - 6063 bytes


this is what I get from windowsupdate.com


Google
Error


Not Found
The requested URL /windowsupdate/v6/default.aspx was not found on this server.

BC AdBot (Login to Remove)

 


#2 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:07:07 PM

Posted 22 May 2009 - 04:18 PM

Hi hades6093,

Welcome to Bleeping Computer. My name is m0le and I will be helping you with your log.

Please give me a little time to go through your log and I will also let you know that I am a trainee so each stage of the fix will need to be checked by an expert coach before I post so there may be a slight delay. Don't worry I won't abandon you.
  • Please subscribe to this topic, if you haven't already, and wait for me to get back to you.
  • Please avoid installing/uninstalling or updating any programs and attempting any unsupervised fixes or scans. This can make helping you impossible.
  • Please reply to this post so I know you are there.
The forum is busy and we need to have replies as soon as possible. If I haven't had a reply after 2 days I will bump the topic and if you do not reply by the following day then I will close the topic.

Thanks :thumbup2:
Posted Image
m0le is a proud member of UNITE

#3 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:07:07 PM

Posted 22 May 2009 - 07:08 PM

Hi hades6903,

You did not post the entire HijackThis log but don't worry as I would like you to download and run DDS.

Please download DDS by sUBs from one of the following links. Save it to your desktop.

Download 1
Download 2
  • Double click on the DDS icon, allow it to run
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running
  • Notepad will open with the results, click no to the Optional_Scan
  • Follow the instructions that pop up for posting the results
  • Close the program window
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet. You can find information on A/V control HERE
Posted Image
m0le is a proud member of UNITE

#4 hades6903

hades6903
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:12:07 PM

Posted 22 May 2009 - 09:13 PM

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-05-14.01)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 5/21/2009 8:48:00 PM
System Uptime: 5/22/2009 2:04:24 AM (17 hours ago)

Motherboard: Dell Inc. | | 0M3918
Processor: Intel® Pentium® 4 CPU 3.40GHz | Microprocessor | 3391/800mhz
Processor: Intel® Pentium® 4 CPU 3.40GHz | Microprocessor | 3391/800mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 74 GiB total, 69.11 GiB free.
D: is CDROM ()
E: is CDROM (CDFS)
F: is FIXED (FAT32) - 200 GiB total, 15.98 GiB free.
G: is FIXED (NTFS) - 731 GiB total, 262.342 GiB free.

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP1: 5/21/2009 8:49:45 PM - System Checkpoint
RP2: 5/21/2009 9:13:32 PM - Installed Windows Installer KB893803v2.
RP3: 5/21/2009 9:15:58 PM - Installed ATI AVIVO Codecs
RP4: 5/21/2009 9:16:12 PM - Installed ATI Catalyst Control Center
RP5: 5/21/2009 9:17:22 PM - Installed ATI Parental Control & Encoder
RP6: 5/21/2009 9:37:33 PM - Installed Sound Blaster Audigy 2 ZS
RP7: 5/21/2009 9:37:45 PM - Installed Creative Diagnostics
RP8: 5/21/2009 9:37:58 PM - Installed Speaker Calibrator
RP9: 5/21/2009 9:38:26 PM - Installed Creative Restore Defaults
RP10: 5/21/2009 9:38:31 PM - Installed Creative AudioHQ
RP11: 5/21/2009 9:38:37 PM - Installed Your Application Name
RP12: 5/21/2009 9:38:42 PM - Installed Your Application Name
RP13: 5/21/2009 9:38:47 PM - Installed SoundFont Bank Manager
RP14: 5/21/2009 9:38:57 PM - Installed DTS Console
RP15: 5/21/2009 9:40:23 PM - Installed E-Center
RP16: 5/21/2009 9:40:28 PM - Installed Your Application Name
RP17: 5/21/2009 9:40:44 PM - Installed Your Application Name
RP18: 5/21/2009 10:37:26 PM - Installed AVG Free 8.5
RP19: 5/22/2009 12:27:26 AM - Installed BitDefender Total Security 2009
RP20: 5/22/2009 1:15:09 AM - Install AnyDVD
RP21: 5/22/2009 1:38:11 AM - Installed Java™ 6 Update 13
RP22: 5/22/2009 2:01:54 AM - Removed BitDefender Total Security 2009

==== Installed Programs ======================

µTorrent
1Click DVD Copy 4.2
AnyDVD
ATI - Software Uninstall Utility
ATI AVIVO Codecs
ATI Catalyst Control Center
ATI Display Driver
ATI Parental Control & Encoder
AVG Free 8.5
Catalyst Control Center - Branding
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Common
Catalyst Control Center Localization Chinese Standard
Catalyst Control Center Localization French
Catalyst Control Center Localization German
Catalyst Control Center Localization Spanish
ccc-core-preinstall
ccc-core-static
ccc-utility
CCC Help Chinese Standard
CCC Help English
CCC Help French
CCC Help German
CCC Help Spanish
CopyToDVD
Creative MediaSource
HijackThis 2.0.2
Hotfix for Windows Media Player 10 (KB903157)
Hotfix for Windows XP (KB888795)
Hotfix for Windows XP (KB891593)
Hotfix for Windows XP (KB899337)
Hotfix for Windows XP (KB899510)
Hotfix for Windows XP (KB902841)
Intel® PRO Network Adapters and Drivers
Java™ 6 Update 13
Microsoft .NET Framework (English) v1.0.3705
Microsoft .NET Framework 1.1
Microsoft .NET Framework 2.0
Microsoft Visual C++ 2005 Redistributable
Skins
Software Update for Web Folders
Sonic DLA
Sonic MyDVD
Sonic RecordNow!
Sonic Update Manager
Sound Blaster Audigy 2 ZS
Trojan Killer 2.0
Windows Installer 3.1 (KB893803)

==== Event Viewer Messages From Past Week ========

5/21/2009 9:39:22 PM, information: Windows File Protection [64001] - File replacement was attempted on the protected system file a3d.dll. This file was restored to the original version to maintain system stability. The file version of the bad file is 80.0.0.3, the version of the system file is 2.9.0.0.
5/21/2009 9:11:51 PM, error: SideBySide [59] - Resolve Partial Assembly failed for Microsoft.VC80.CRT. Reference error message: The referenced assembly is not installed on your system. .
5/21/2009 9:11:51 PM, error: SideBySide [59] - Generate Activation Context failed for C:\Documents and Settings\Admin\Local Settings\Temp\{43801800-cfee-11d2-a41b-006097b55ad3}\RegPermWriter.exe. Reference error message: The operation completed successfully. .
5/21/2009 9:11:51 PM, error: SideBySide [32] - Dependent Assembly Microsoft.VC80.CRT could not be found and Last Error was The referenced assembly is not installed on your system.
5/21/2009 8:48:18 PM, error: Setup [60055] - Windows Setup encountered non-fatal errors during installation. Please check the setuperr.log found in your Windows directory for more information.
5/21/2009 4:35:08 PM, error: PlugPlayManager [12] - The device 'Secondary IDE Channel' (PCIIDE\IDEChannel\4&136d273d&0&1) disappeared from the system without first being prepared for removal.

==== End Of File ===========================


DDS (Ver_09-05-14.01) - NTFSx86
Run by Admin at 19:11:33.76 on Fri 05/22/2009
Internet Explorer: 7.0.5730.11
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.2046.1388 [GMT -7:00]

AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.EXE
C:\WINDOWS\system32\CTHELPER.EXE
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\uTorrent\uTorrent.exe
C:\Documents and Settings\Admin\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.yahoo.com/
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\tfswshx.dll
BHO: AVG Security Toolbar: {a057a204-bacc-4d26-9990-79a187e2698e} - c:\progra~1\avg\avg8\AVGTOO~1.DLL
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: AVG Security Toolbar: {a057a204-bacc-4d26-9990-79a187e2698e} - c:\progra~1\avg\avg8\AVGTOO~1.DLL
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [GridinSoft Trojan Killer] "c:\program files\gridinsoft trojan killer\trojankiller.exe" 0
mRun: [ehTray] c:\windows\ehome\ehtray.exe
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [CTSysVol] c:\program files\creative\sbaudigy2zs\surround mixer\CTSysVol.exe /r
mRun: [CTDVDDET] "c:\program files\creative\sbaudigy2zs\dvdaudio\CTDVDDET.EXE"
mRun: [UpdReg] c:\windows\UpdReg.EXE
mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
mRun: [dla] c:\windows\system32\dla\tfswctrl.exe
mRun: [UpdateManager] "c:\program files\common files\sonic\update manager\sgtray.exe" /r
mRun: [AnyDVD] "c:\program files\slysoft\anydvd\AnyDVD.exe"
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
dRunOnce: [nltide_2] regsvr32 /s /n /i:U shell32
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://dl8-cdn-09.sun.com/s/ESD7/JSCDL/jdk/6u13-b03/jinstall-6u13-windows-i586-jc.cab?e=1242981552273&h=f751ca4d7069e138e28a8ce5b1b47edd/&filename=jinstall-6u13-windows-i586-jc.cab
DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
Notify: AtiExtEvent - Ati2evxx.dll
Notify: avgrsstarter - avgrsstx.dll

============= SERVICES / DRIVERS ===============

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-5-21 325896]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2009-5-21 27784]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-5-21 108552]
R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\avg\avg8\avgemc.exe [2009-5-21 908568]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2009-5-21 298776]
R3 AtiHdmiService;ATI Function Driver for HDMI Service;c:\windows\system32\drivers\AtiHdmi.sys [2009-5-21 93184]

=============== Created Last 30 ================

2009-05-22 12:47 <DIR> --d----- c:\program files\GridinSoft Trojan Killer
2009-05-22 12:31 <DIR> --d----- c:\program files\Trend Micro
2009-05-22 10:41 <DIR> --d----- c:\docume~1\admin\applic~1\CopyToDvd
2009-05-22 10:31 <DIR> --d----- c:\docume~1\admin\applic~1\1ClickDVDCopy
2009-05-22 02:03 <DIR> --d----- c:\windows\system32\appmgmt
2009-05-22 01:38 410,984 a------- c:\windows\system32\deploytk.dll
2009-05-22 01:38 73,728 a------- c:\windows\system32\javacpl.cpl
2009-05-22 01:17 39,488 a------- c:\windows\system32\drivers\Pcouffin.sys
2009-05-22 01:17 <DIR> --d----- c:\program files\vso
2009-05-22 01:16 <DIR> --d----- c:\program files\LG Software Innovations
2009-05-22 01:15 <DIR> --d----- c:\program files\SlySoft
2009-05-22 00:28 <DIR> --d----- c:\windows\system32\logs
2009-05-22 00:26 <DIR> --d----- c:\program files\common files\BitDefender
2009-05-22 00:10 <DIR> --d----- c:\program files\uTorrent
2009-05-22 00:10 <DIR> --d----- c:\docume~1\admin\applic~1\uTorrent
2009-05-21 23:59 <DIR> --d----- c:\program files\common files\Sonic
2009-05-21 23:57 <DIR> --d----- c:\program files\common files\Sonic Shared
2009-05-21 23:57 <DIR> --d----- c:\program files\Sonic
2009-05-21 22:58 <DIR> --d-h--- C:\$AVG8.VAULT$
2009-05-21 22:37 11,952 a------- c:\windows\system32\avgrsstx.dll
2009-05-21 22:37 108,552 a------- c:\windows\system32\drivers\avgtdix.sys
2009-05-21 22:37 325,896 a------- c:\windows\system32\drivers\avgldx86.sys
2009-05-21 22:37 <DIR> --d----- c:\windows\system32\drivers\Avg
2009-05-21 22:37 <DIR> --d----- c:\docume~1\admin\applic~1\AVGTOOLBAR
2009-05-21 22:37 <DIR> --d----- c:\program files\AVG
2009-05-21 22:37 <DIR> --d----- c:\docume~1\alluse~1\applic~1\avg8
2009-05-21 21:45 4,932,819 a------- c:\windows\{00000003-00000000-00000000-00001102-00000004-20061102}.BAK
2009-05-21 21:45 4,932,819 a------- c:\windows\{00000003-00000000-00000000-00001102-00000004-20061102}.CDF
2009-05-21 21:45 0 a------- c:\windows\ativpsrm.bin
2009-05-21 21:45 31,056 a------- c:\windows\system32\BMXStateBkp-{00000003-00000000-00000000-00001102-00000004-20061102}.rfx
2009-05-21 21:45 31,056 a------- c:\windows\system32\BMXState-{00000003-00000000-00000000-00001102-00000004-20061102}.rfx
2009-05-21 21:45 30,528 a------- c:\windows\system32\BMXCtrlState-{00000003-00000000-00000000-00001102-00000004-20061102}.rfx
2009-05-21 21:45 30,528 a------- c:\windows\system32\BMXBkpCtrlState-{00000003-00000000-00000000-00001102-00000004-20061102}.rfx
2009-05-21 21:45 1,080 a------- c:\windows\system32\settingsbkup.sfm
2009-05-21 21:45 1,080 a------- c:\windows\system32\settings.sfm
2009-05-21 21:45 384 a------- c:\windows\system32\DVCStateBkp-{00000003-00000000-00000000-00001102-00000004-20061102}.dat
2009-05-21 21:45 384 a------- c:\windows\system32\DVCState-{00000003-00000000-00000000-00001102-00000004-20061102}.dat
2009-05-21 21:38 77,824 a------- c:\windows\system32\ctdvda32.dll
2009-05-21 21:38 12,288 a------- c:\windows\system32\AHQCpURes.dll
2009-05-21 21:37 136 a------- c:\windows\SBWIN.INI
2009-05-21 21:37 62,976 a------- c:\windows\system32\CTDetres.dll
2009-05-21 21:37 17,350 a------- c:\windows\system32\CTDetect.hlp
2009-05-21 21:37 641 a------- c:\windows\system32\CTDetect.cnt
2009-05-21 21:37 44,032 -------- c:\windows\system32\CTSVCCDA.EXE
2009-05-21 21:37 25,088 -------- c:\windows\system32\CTSVCCTL.EXE
2009-05-21 21:37 331,776 -------- c:\windows\system32\CTMEDENG.DLL
2009-05-21 21:37 139,264 a------- c:\windows\system32\Video.skn
2009-05-21 21:37 24,576 a------- c:\windows\system32\CTMERes.DLL
2009-05-21 21:33 <DIR> --d----- c:\program files\Creative
2009-05-21 21:33 99 a------- c:\windows\Č
2009-05-21 21:15 <DIR> --d----- c:\program files\common files\ATI Technologies
2009-05-21 21:12 146,048 ac------ c:\windows\system32\dllcache\portcls.sys
2009-05-21 21:12 <DIR> --d----- c:\program files\ATI Technologies
2009-05-21 21:08 1,902 -------- c:\windows\system32\SetupBD.din
2009-05-21 21:08 154,112 ac------ c:\windows\system32\dllcache\e100b325.sys
2009-05-21 21:08 154,112 a------- c:\windows\system32\drivers\e100b325.sys
2009-05-21 21:08 118,784 a------- c:\windows\system32\Prounstl.exe
2009-05-21 21:08 24,064 a------- c:\windows\system32\IntelNic.dll
2009-05-21 21:08 12,288 a------- c:\windows\system32\e100bmsg.dll
2009-05-21 21:08 5,110 a------- c:\windows\system32\e100b325.din
2009-05-21 21:08 <DIR> --d----- C:\drvrtmp
2009-05-21 21:08 <DIR> --d----- C:\dell
2009-05-21 21:02 26,496 ac------ c:\windows\system32\dllcache\usbstor.sys
2009-05-21 20:49 <DIR> --d----- c:\documents and settings\Admin
2009-05-21 20:48 <DIR> --ds---- c:\windows\system32\Microsoft
2009-05-21 20:48 8,192 a------- c:\windows\REGLOCS.OLD
2009-05-21 20:46 400,384 ac------ c:\windows\system32\dllcache\fxsxp32.dll
2009-05-21 20:45 22,752 a------- c:\windows\system32\spupdsvc.exe
2009-05-21 20:44 <DIR> --d----- c:\program files\Windows Plus
2009-05-21 20:44 11,452 a------- c:\windows\system32\mypixdx.chm
2009-05-21 20:44 3,343,360 a------- c:\windows\system32\nature.scr
2009-05-21 20:44 1,742,336 a------- c:\windows\system32\mypixdx.scr
2009-05-21 20:44 5,068,800 a------- c:\windows\system32\davinci.scr
2009-05-21 20:44 7,093,760 a------- c:\windows\system32\space.scr
2009-05-21 20:44 4,396,544 a------- c:\windows\system32\wpgldfsh.scr
2009-05-21 20:44 8,704 a------- c:\windows\system32\igdetect.dll
2009-05-21 20:44 85,504 a------- c:\windows\system32\mhn.dll
2009-05-21 20:44 11,008 a------- c:\windows\system32\drivers\mhndrv.sys
2009-05-21 20:39 <DIR> --dsh--- c:\documents and settings\all users\DRM
2009-05-21 20:39 488 a---hr-- c:\windows\system32\WindowsLogon.manifest
2009-05-21 20:39 488 a---hr-- c:\windows\system32\logonui.exe.manifest
2009-05-21 20:39 749 a---hr-- c:\windows\WindowsShell.Manifest
2009-05-21 20:39 749 a---hr-- c:\windows\system32\wuaucpl.cpl.manifest
2009-05-21 20:39 749 a---hr-- c:\windows\system32\sapi.cpl.manifest
2009-05-21 20:39 749 a---hr-- c:\windows\system32\nwc.cpl.manifest
2009-05-21 20:39 749 a---hr-- c:\windows\system32\ncpa.cpl.manifest
2009-05-21 20:39 749 a---hr-- c:\windows\system32\cdplayer.exe.manifest
2009-05-21 20:39 <DIR> --d-h--- c:\program files\WindowsUpdate
2009-05-21 20:38 <DIR> --d----- c:\program files\common files\MSSoap
2009-05-21 20:36 <DIR> --d----- c:\program files\Online Services
2009-05-21 20:36 <DIR> --d----- c:\program files\Windows Media Connect 2
2009-05-21 20:36 <DIR> --d----- c:\program files\Messenger
2009-05-21 20:36 <DIR> --d----- c:\program files\Windows NT
2009-05-21 16:31 <DIR> --d----- c:\program files\common files\ODBC
2009-05-21 16:31 <DIR> --d----- c:\program files\common files\SpeechEngines
2009-05-21 16:31 <DIR> --d--r-- c:\documents and settings\all users\Documents

==================== Find3M ====================

2009-05-22 00:21 86,811 a------- c:\windows\pchealth\helpctr\offlinecache\index.dat
2009-05-21 23:57 108,544 -------- c:\windows\system32\pxcpyi64.exe
2009-05-21 23:57 104,960 -------- c:\windows\system32\pxinsi64.exe
2009-05-21 20:37 21,640 a------- c:\windows\system32\emptyregdb.dat

============= FINISH: 19:11:49.42 ===============


I also have a external hard drive to do my xbox games and torrents i believe this is where prob is comin from im workin on backin up xbox games pics and music and formatting it if needed if not lemme know

#5 hades6903

hades6903
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:12:07 PM

Posted 23 May 2009 - 06:29 AM

i dont know what to do

#6 hades6903

hades6903
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:12:07 PM

Posted 23 May 2009 - 06:33 AM

well I already posted that log didnt I? I put both logs up like asked? I am new to this sort of thing so I am just doing what I am asked...

My next solutions is backing up the external wiping it and starting over with both hard drives if that doesnt fix it then buy a new internal and start over there...that is if you guys cant help me here...

#7 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:07:07 PM

Posted 23 May 2009 - 01:54 PM

Hades6093,

I will review the log and get back to you.

It does take a little time to analyse and I have to run the fixes past a coach first.

Don't worry I won't abandon you. :thumbup2:
Posted Image
m0le is a proud member of UNITE

#8 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:07:07 PM

Posted 24 May 2009 - 07:47 AM

Hi Hades6093,

The log shows that you have been using so called peer-to-peer or file-sharing programmes (in your case uTorrent). These programmes allow to share files between users as the name(s) suggest. In today's world the cyber crime has come a long way and any means is used to infect personal computers to make use of their stored data or machine power for further propagation of their malware files. A popular means is the use of file-sharing tools as a tremendous amount of prospective victims can be reached through it.

It is therefore possible to be infected by downloading manipulated files via peer-to-peer tools and thus suggested to be used with intense care. Some further readings on this subject, along the included links, are as follows: "File-Sharing, otherwise known as Peer To Peer" and "Risks of File-Sharing Technology."

It is also important to note that sharing entertainment files and proprietary software infringes the copyright laws in many countries over the world and you are putting yourself at risk of being indicted through organisations watching over the rights of the authors of such files (i.e. the RIAA for music files, or the MPAA for movie files in the USA) or the authors of the files themselves.

Naturally there are also legal ways to use these services, such as downloading Linux distributions or office suites such as "Open Office."


Back to your problem

The log shows no infections on the main machine so to clean the removable devices do the following:

Please download Flash_Disinfector.exe by sUBs and save it to your desktop.
  • Double-click Flash_Disinfector.exe to run it and follow any prompts that may appear.
  • The utility may ask you to insert your flash drive and/or other removable drives. Please do so and allow the utility to clean up those drives as well.
  • Hold down the Shift key when inserting the drive until Windows detects it to keep autorun.inf from executing if it is present.
  • Wait until it has finished scanning and then exit the program.
  • Reboot your computer when done.
Note: As part of its routine, Flash_Disinfector will create a hidden folder named autorun.inf in each partition and every USB drive that was plugged in when you ran it. Do not delete this folder...it will help protect your drives from future infection by keeping the autorun file from being installed on the root drive and running other malicious files.


Just to double-check the PC
  • Please download GMER from one of the following locations, and save it to your desktop:
    • Main Mirror
      This version will download a randomly named file (Recommended)
    • Zip Mirror
      This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.
  • Close any and all open programs, as this process may crash your computer.
  • Double click Posted Image or Posted Image on your desktop.
  • Allow the gmer.sys driver to load if asked.
  • You may see this window. If you do, click No.
    Posted Image
  • Click on Posted Image and wait for the scan to finish.
  • If you see a rootkit warning window, click OK.
  • Push Posted Image and save the logfile to your desktop.
  • Copy and Paste the contents of that file in your next post.

Then

Download and Run OTViewit
  • Please download OTViewIt by OldTimer.
  • Save it to your desktop.
  • Double click on the Posted Image icon on your desktop.
  • Click the "Scan All Users" checkbox.
  • Push the Posted Image button.
  • Two reports will open, copy and paste them in a reply here:
  • OTViewIt.txt <-- Will be opened
  • Extra.txt <-- Will be minimized
Thanks :thumbup2
Posted Image
m0le is a proud member of UNITE

#9 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:07:07 PM

Posted 26 May 2009 - 11:48 AM

Hi Hades6093,

I have not had a reply from you for 2 days. Can you please tell me if you still need help with your computer as I am unable to help other members with their problems while I have your topic still open.

If you like you can PM me.

Thanks,


m0le
Posted Image
m0le is a proud member of UNITE

#10 hades6903

hades6903
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:12:07 PM

Posted 28 May 2009 - 09:16 PM

GMER 1.0.15.14972 - http://www.gmer.net
Rootkit scan 2009-05-28 19:14:19
Windows 5.1.2600 Service Pack 2


---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2816] USER32.dll!DialogBoxParamW 7E425F8F 5 Bytes JMP 009D5415 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2816] USER32.dll!DialogBoxIndirectParamW 7E432062 5 Bytes JMP 00B6C510 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2816] USER32.dll!MessageBoxIndirectA 7E43A06A 5 Bytes JMP 00B6C491 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2816] USER32.dll!DialogBoxParamA 7E43B12C 5 Bytes JMP 00B6C4D5 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2816] USER32.dll!MessageBoxExW 7E450750 5 Bytes JMP 00B6C3D9 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2816] USER32.dll!MessageBoxExA 7E450774 5 Bytes JMP 00B6C413 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2816] USER32.dll!DialogBoxIndirectParamA 7E456CD0 5 Bytes JMP 00B6C54B C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2816] USER32.dll!MessageBoxIndirectW 7E466425 5 Bytes JMP 00B6C44D C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2912] USER32.dll!DialogBoxParamW 7E425F8F 5 Bytes JMP 009D5415 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2912] USER32.dll!DialogBoxIndirectParamW 7E432062 5 Bytes JMP 00B6C510 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2912] USER32.dll!MessageBoxIndirectA 7E43A06A 5 Bytes JMP 00B6C491 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2912] USER32.dll!DialogBoxParamA 7E43B12C 5 Bytes JMP 00B6C4D5 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2912] USER32.dll!MessageBoxExW 7E450750 5 Bytes JMP 00B6C3D9 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2912] USER32.dll!MessageBoxExA 7E450774 5 Bytes JMP 00B6C413 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2912] USER32.dll!DialogBoxIndirectParamA 7E456CD0 5 Bytes JMP 00B6C54B C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2912] USER32.dll!MessageBoxIndirectW 7E466425 5 Bytes JMP 00B6C44D C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\WINDOWS\msa.exe[204] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!CreateWindowExA] [00416195] C:\WINDOWS\msa.exe
IAT C:\WINDOWS\msa.exe[204] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!CreateWindowExW] [0041620B] C:\WINDOWS\msa.exe
IAT C:\WINDOWS\msa.exe[204] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!ShowWindow] [00416281] C:\WINDOWS\msa.exe
IAT C:\WINDOWS\msa.exe[204] @ C:\WINDOWS\system32\WININET.dll [USER32.dll!CreateWindowExW] [0041620B] C:\WINDOWS\msa.exe
IAT C:\WINDOWS\msa.exe[204] @ C:\WINDOWS\system32\WININET.dll [USER32.dll!SetWindowPos] [0041632B] C:\WINDOWS\msa.exe
IAT C:\WINDOWS\msa.exe[204] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!CreateWindowExA] [00416195] C:\WINDOWS\msa.exe
IAT C:\WINDOWS\msa.exe[204] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!CreateWindowExW] [0041620B] C:\WINDOWS\msa.exe
IAT C:\WINDOWS\msa.exe[204] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!SetWindowPos] [0041632B] C:\WINDOWS\msa.exe
IAT C:\WINDOWS\msa.exe[204] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!ShowWindow] [00416281] C:\WINDOWS\msa.exe
IAT C:\WINDOWS\msa.exe[204] @ C:\WINDOWS\system32\shell32.dll [USER32.dll!CreateWindowExW] [0041620B] C:\WINDOWS\msa.exe
IAT C:\WINDOWS\msa.exe[204] @ C:\WINDOWS\system32\shell32.dll [USER32.dll!ShowWindow] [00416281] C:\WINDOWS\msa.exe
IAT C:\WINDOWS\msa.exe[204] @ C:\WINDOWS\system32\shell32.dll [USER32.dll!SetWindowPos] [0041632B] C:\WINDOWS\msa.exe
IAT C:\WINDOWS\msa.exe[204] @ C:\WINDOWS\system32\USERENV.dll [USER32.dll!SetWindowPos] [0041632B] C:\WINDOWS\msa.exe
IAT C:\WINDOWS\msa.exe[204] @ C:\WINDOWS\system32\USERENV.dll [USER32.dll!ShowWindow] [00416281] C:\WINDOWS\msa.exe
IAT C:\DOCUME~1\Admin\LOCALS~1\Temp\13827.exe[1456] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!CreateWindowExA] [00416384] C:\DOCUME~1\Admin\LOCALS~1\Temp\13827.exe
IAT C:\DOCUME~1\Admin\LOCALS~1\Temp\13827.exe[1456] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!CreateWindowExW] [004163FA] C:\DOCUME~1\Admin\LOCALS~1\Temp\13827.exe
IAT C:\DOCUME~1\Admin\LOCALS~1\Temp\13827.exe[1456] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!ShowWindow] [00416470] C:\DOCUME~1\Admin\LOCALS~1\Temp\13827.exe
IAT C:\DOCUME~1\Admin\LOCALS~1\Temp\13827.exe[1456] @ C:\WINDOWS\system32\wininet.dll [USER32.dll!CreateWindowExW] [004163FA] C:\DOCUME~1\Admin\LOCALS~1\Temp\13827.exe
IAT C:\DOCUME~1\Admin\LOCALS~1\Temp\13827.exe[1456] @ C:\WINDOWS\system32\wininet.dll [USER32.dll!SetWindowPos] [0041651A] C:\DOCUME~1\Admin\LOCALS~1\Temp\13827.exe
IAT C:\DOCUME~1\Admin\LOCALS~1\Temp\13827.exe[1456] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!CreateWindowExA] [00416384] C:\DOCUME~1\Admin\LOCALS~1\Temp\13827.exe
IAT C:\DOCUME~1\Admin\LOCALS~1\Temp\13827.exe[1456] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!CreateWindowExW] [004163FA] C:\DOCUME~1\Admin\LOCALS~1\Temp\13827.exe
IAT C:\DOCUME~1\Admin\LOCALS~1\Temp\13827.exe[1456] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!SetWindowPos] [0041651A] C:\DOCUME~1\Admin\LOCALS~1\Temp\13827.exe
IAT C:\DOCUME~1\Admin\LOCALS~1\Temp\13827.exe[1456] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!ShowWindow] [00416470] C:\DOCUME~1\Admin\LOCALS~1\Temp\13827.exe
IAT C:\DOCUME~1\Admin\LOCALS~1\Temp\13827.exe[1456] @ C:\WINDOWS\system32\shell32.dll [USER32.dll!CreateWindowExW] [004163FA] C:\DOCUME~1\Admin\LOCALS~1\Temp\13827.exe
IAT C:\DOCUME~1\Admin\LOCALS~1\Temp\13827.exe[1456] @ C:\WINDOWS\system32\shell32.dll [USER32.dll!ShowWindow] [00416470] C:\DOCUME~1\Admin\LOCALS~1\Temp\13827.exe
IAT C:\DOCUME~1\Admin\LOCALS~1\Temp\13827.exe[1456] @ C:\WINDOWS\system32\shell32.dll [USER32.dll!SetWindowPos] [0041651A] C:\DOCUME~1\Admin\LOCALS~1\Temp\13827.exe
IAT C:\DOCUME~1\Admin\LOCALS~1\Temp\13827.exe[1456] @ C:\WINDOWS\system32\USERENV.dll [USER32.dll!SetWindowPos] [0041651A] C:\DOCUME~1\Admin\LOCALS~1\Temp\13827.exe
IAT C:\DOCUME~1\Admin\LOCALS~1\Temp\13827.exe[1456] @ C:\WINDOWS\system32\USERENV.dll [USER32.dll!ShowWindow] [00416470] C:\DOCUME~1\Admin\LOCALS~1\Temp\13827.exe

---- Devices - GMER 1.0.15 ----

AttachedDevice \Driver\Tcpip \Device\Ip avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \FileSystem\Fastfat \Fat fltMgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

Device \FileSystem\Fs_Rec \FileSystem\UdfsCdRomRecognizer tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)
Device \FileSystem\Fs_Rec \FileSystem\FatCdRomRecognizer tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)
Device \FileSystem\Fs_Rec \FileSystem\CdfsRecognizer tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)
Device \FileSystem\Fs_Rec \FileSystem\FatDiskRecognizer tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)
Device \FileSystem\Fs_Rec \FileSystem\UdfsDiskRecognizer tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)
Device \FileSystem\Cdfs \Cdfs tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)

---- Files - GMER 1.0.15 ----

File C:\Documents and Settings\Admin\Cookies\admin@delb.opt.fimserve[2].txt 713 bytes
File C:\Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\LOS1CTQD\st[1] 4376 bytes

---- EOF - GMER 1.0.15 ----

#11 hades6903

hades6903
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:12:07 PM

Posted 28 May 2009 - 09:29 PM

OTViewIt logfile created on: 5/28/2009 7:17:16 PM - Run
OTViewIt by OldTimer - Version 1.0.21.0 Folder = C:\Documents and Settings\Admin\Desktop
Windows XP Media Center Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.25 Gb Available Physical Memory | 62.75% Memory free
3.85 Gb Paging File | 3.23 Gb Available in Paging File | 83.79% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.50 Gb Total Space | 65.95 Gb Free Space | 88.53% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 199.96 Gb Total Space | 15.14 Gb Free Space | 7.57% Space Free | Partition Type: FAT32
Drive G: | 731.50 Gb Total Space | 668.83 Gb Free Space | 91.43% Space Free | Partition Type: NTFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: MCE_PC
Current User Name: Admin
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Whitelist: On
File Age = 30 Days

========== Processes ==========

[2009/01/05 07:08:00 | 00,598,016 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe
[2009/01/05 07:08:00 | 00,598,016 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe
[2009/05/21 22:37:27 | 00,298,776 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe
[2009/05/28 13:28:10 | 00,120,836 | ---- | M] () -- C:\WINDOWS\msa.exe
[1999/12/12 18:01:00 | 00,044,032 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\CTSVCCDA.EXE
[2004/08/10 01:04:40 | 00,194,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ehome\ehRecvr.exe
[2004/08/10 01:04:42 | 00,102,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ehome\ehSched.exe
[2009/05/22 01:38:24 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
[2004/08/10 01:04:42 | 00,059,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ehome\ehtray.exe
[2009/05/21 22:37:28 | 01,947,928 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgtray.exe
[2004/08/12 22:05:00 | 00,122,939 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\dla\tfswctrl.exe
[2009/05/22 01:38:26 | 00,148,888 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
[2004/03/10 18:50:52 | 00,028,672 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\CTHELPER.EXE
[2003/09/17 10:43:36 | 00,057,344 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe
[2003/06/18 01:00:00 | 00,045,056 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.exe
[2009/05/28 13:28:11 | 00,012,288 | ---- | M] () -- C:\Documents and Settings\Admin\Local Settings\Temp\mediacodec.exe
[2009/05/21 22:37:29 | 00,486,680 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgrsx.exe
[2009/05/21 22:37:29 | 00,594,712 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgnsx.exe
[2009/05/21 22:37:28 | 00,908,568 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgemc.exe
[2007/06/28 17:10:00 | 01,175,552 | ---- | M] () -- C:\Program Files\WiFiConnector\NintendoWFCReg.exe
[2009/05/21 22:37:29 | 00,692,504 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgcsrvx.exe
[2004/08/10 01:04:36 | 00,045,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ehome\ehmsas.exe
[2004/09/07 04:01:00 | 01,945,600 | ---- | M] () -- C:\Program Files\Sonic\Sonic Solutions Product CD\RecordNow!\RecordNow.exe
[2007/11/10 18:26:03 | 00,622,080 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\IEXPLORE.EXE
[2009/05/28 13:28:05 | 00,124,932 | ---- | M] () -- C:\Documents and Settings\Admin\Local Settings\Temp\13827.exe
[2007/11/10 18:26:03 | 00,622,080 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\IEXPLORE.EXE
[2009/05/28 19:16:49 | 00,422,912 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Admin\Desktop\OTViewIt.exe

========== (O23) Win32 Services ==========

[2005/09/23 04:28:32 | 00,029,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
[2009/01/05 07:08:00 | 00,598,016 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe -- (Ati HotKey Poller [Auto | Running])
[2009/04/28 21:05:00 | 00,593,920 | ---- | M] () -- C:\WINDOWS\system32\ati2sgag.exe -- (ATI Smart [Auto | Stopped])
[2009/05/21 22:37:28 | 00,908,568 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgemc.exe -- (avg8emc [Auto | Running])
[2009/05/21 22:37:27 | 00,298,776 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe -- (avg8wd [Auto | Running])
[2005/09/23 04:28:56 | 00,066,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
[1999/12/12 18:01:00 | 00,044,032 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\CTSVCCDA.EXE -- (Creative Service for CDROM Access [Auto | Running])
[2004/08/10 01:04:40 | 00,194,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ehome\ehRecvr.exe -- (ehRecvr [Auto | Running])
[2004/08/10 01:04:42 | 00,102,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ehome\ehSched.exe -- (ehSched [Auto | Running])
[2009/05/22 01:38:24 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running])
[2007/06/17 13:37:19 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdfmgr.exe -- (UMWdf [On_Demand | Stopped])
[2005/10/06 15:12:30 | 00,855,552 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Connect 2\wmccds.exe -- (WMConnectCDS [On_Demand | Stopped])

========== Driver Services ==========

[2009/05/09 16:40:09 | 00,103,872 | ---- | M] (SlySoft, Inc.) -- C:\WINDOWS\system32\drivers\AnyDVD.sys -- (AnyDVD [On_Demand | Running])
[2009/04/28 20:30:44 | 03,643,904 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag [On_Demand | Running])
[2009/01/05 07:12:00 | 00,093,184 | R--- | M] (ATI Research Inc.) -- C:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService [On_Demand | Running])
[2009/05/21 22:37:32 | 00,325,896 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (AvgLdx86 [System | Running])
[2009/05/21 22:37:32 | 00,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (AvgMfx86 [System | Running])
[2009/05/21 22:37:36 | 00,108,552 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (AvgTdiX [System | Running])
[2004/07/12 19:09:32 | 00,645,360 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\drivers\ctac32k.sys -- (ctac32k [On_Demand | Running])
[2004/08/05 19:43:26 | 00,366,384 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\drivers\ctaud2k.sys -- (ctaud2k [On_Demand | Running])
[2003/11/12 05:11:54 | 00,333,600 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\drivers\ctdvda2k.sys -- (ctdvda2k [On_Demand | Stopped])
[2004/07/12 19:11:58 | 00,006,096 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\drivers\ctprxy2k.sys -- (ctprxy2k [On_Demand | Running])
[2004/07/12 19:12:36 | 00,130,288 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k [On_Demand | Running])
[2004/08/04 00:21:00 | 00,087,136 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\drvmcdb.sys -- (drvmcdb [Boot | Running])
[2004/08/12 23:56:00 | 00,040,544 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\drvnddm.sys -- (drvnddm [Auto | Running])
[2004/02/10 12:49:14 | 00,154,112 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\drivers\e100b325.sys -- (E100B [On_Demand | Running])
[2009/02/17 10:11:30 | 00,024,232 | ---- | M] (Elaborate Bytes AG) -- C:\WINDOWS\system32\drivers\ElbyCDIO.sys -- (ElbyCDIO [System | Running])
[2004/07/12 19:13:14 | 00,145,488 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\drivers\emupia2k.sys -- (emupia [On_Demand | Running])
[2004/08/03 23:08:22 | 00,010,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum [On_Demand | Running])
[2004/08/12 00:40:50 | 00,904,752 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\drivers\ha10kx2k.sys -- (ha10kx2k [On_Demand | Running])
[2004/07/12 19:15:48 | 00,148,432 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\drivers\haP16v2k.sys -- (hap16v2k [On_Demand | Running])
[2007/06/17 13:32:44 | 00,138,752 | ---- | M] (Windows ® Server 2003 DDK provider) -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus [On_Demand | Running])
[2004/06/22 08:05:12 | 00,051,088 | ---- | M] (HP) -- C:\WINDOWS\system32\drivers\hpzid412.sys -- (HPZid412 [On_Demand | Running])
[2004/06/22 08:05:12 | 00,016,496 | ---- | M] (HP) -- C:\WINDOWS\system32\drivers\HPZipr12.sys -- (HPZipr12 [On_Demand | Running])
[2004/06/22 08:05:12 | 00,021,744 | ---- | M] (HP) -- C:\WINDOWS\system32\drivers\HPZius12.sys -- (HPZius12 [On_Demand | Running])
[2006/12/31 22:00:00 | 00,014,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\kbdhid.sys -- (kbdhid [System | Running])
[2004/07/12 19:11:28 | 00,178,672 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv [On_Demand | Running])
[2009/05/22 01:17:21 | 00,039,488 | ---- | M] (VSO Software) -- C:\WINDOWS\system32\drivers\Pcouffin.sys -- (Pcouffin [On_Demand | Running])
[2006/12/31 22:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink [On_Demand | Running])
[2004/08/01 23:03:00 | 00,020,576 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\pxhelp20.sys -- (PxHelp20 [Boot | Running])
[2007/06/17 13:35:15 | 00,062,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\rspndr.sys -- (rspndr [Auto | Running])
[2006/04/10 14:02:00 | 00,162,816 | ---- | M] (Ralink Technology Inc.) -- C:\WINDOWS\system32\drivers\RT25USBAP.SYS -- (RT25USBAP [On_Demand | Running])
[2007/06/17 13:35:21 | 00,163,644 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv [Auto | Running])
[2004/07/14 08:29:04 | 00,005,627 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\sscdbhk5.sys -- (sscdbhk5 [System | Running])
[2004/07/14 08:28:50 | 00,023,545 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\ssrtln.sys -- (ssrtln [System | Running])
[2004/08/12 22:05:00 | 00,025,723 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\dla\tfsnboio.sys -- (tfsnboio [Auto | Running])
[2004/08/12 22:05:00 | 00,034,843 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\dla\tfsncofs.sys -- (tfsncofs [Auto | Running])
[2004/08/12 22:05:00 | 00,004,123 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\dla\tfsndrct.sys -- (tfsndrct [Auto | Running])
[2004/08/12 22:05:00 | 00,002,239 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\dla\tfsndres.sys -- (tfsndres [Auto | Running])
[2004/08/12 22:05:00 | 00,086,202 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\dla\tfsnifs.sys -- (tfsnifs [Auto | Running])
[2004/08/12 22:05:00 | 00,014,715 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\dla\tfsnopio.sys -- (tfsnopio [Auto | Running])
[2004/08/12 22:05:00 | 00,006,363 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\dla\tfsnpool.sys -- (tfsnpool [Auto | Running])
[2004/08/12 22:05:00 | 00,098,714 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\dla\tfsnudf.sys -- (tfsnudf [Auto | Running])
[2004/08/12 22:05:00 | 00,100,603 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\dla\tfsnudfa.sys -- (tfsnudfa [Auto | Running])

========== (R ) Internet Explorer ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main]
"Default_Page_URL"=http://go.microsoft.com/fwlink/?LinkId=69157
"Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896
"Default_Secondary_Page_URL"=
"Extensions Off Page"=about:NoAdd-ons
"Local Page"=%SystemRoot%\system32\blank.htm
"Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896
"Security Risk Page"=about:SecurityRisk
"Start Page"=http://go.microsoft.com/fwlink/?LinkId=69157

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main]
"AlwaysUseDefaultPrinter"=yes
"Local Page"=C:\WINDOWS\system32\blank.htm
"Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896
"Start Page"=http://www.yahoo.com/

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main]
"AlwaysUseDefaultPrinter"=yes

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main]
"AlwaysUseDefaultPrinter"=yes

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main]
"AlwaysUseDefaultPrinter"=yes

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main]
"AlwaysUseDefaultPrinter"=yes

[HKEY_USERS\S-1-5-21-854245398-57989841-725345543-500\SOFTWARE\Microsoft\Internet Explorer\Main]
"AlwaysUseDefaultPrinter"=yes
"Local Page"=C:\WINDOWS\system32\blank.htm
"Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896
"Start Page"=http://www.yahoo.com/

[HKEY_USERS\S-1-5-21-854245398-57989841-725345543-500\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-854245398-57989841-725345543-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0

========== (O1) Hosts File ==========

HOSTS File = (801 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
First 25 entries...
127.0.0.1 localhost
127.0.0.1 matrix.bitdefender.com

========== (O2) BHO's ==========

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\]
{18DF081C-E8AD-4283-A596-FA578C2EBDC3} (HKLM) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} (HKLM) -- C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)
{500BCA15-57A7-4eaf-8143-8C619470B13D} (HKLM) -- C:\WINDOWS\system32\msxml71.dll ()
{5CA3D70E-1895-11CF-8E15-001234567890} (HKLM) -- C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)
{A057A204-BACC-4D26-9990-79A187E2698E} (HKLM) -- C:\Program Files\AVG\AVG8\avgtoolbar.dll (AVG Technologies CZ, s.r.o.)
{DBC80044-A445-435b-BC74-9C25C1C588A9} (HKLM) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
{E7E6F031-17CE-4C07-BC86-EABFE594F69C} (HKLM) -- C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)

========== (O3) Toolbars ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
"{A057A204-BACC-4D26-9990-79A187E2698E}" (HKLM) -- C:\Program Files\AVG\AVG8\avgtoolbar.dll (AVG Technologies CZ, s.r.o.)

========== (O4) Run Keys ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" (Adobe Systems Incorporated)
"ATICustomerCare"="C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe" (Advanced Micro Devices, Inc.)
"ATIModeChange"=Ati2mdxx.exe (ATI Technologies, Inc.)
"AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
"CTDVDDET"="C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.EXE" (Creative Technology Ltd)
"CTHelper"=CTHELPER.EXE (Creative Technology Ltd)
"CTSysVol"=C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe /r (Creative Technology Ltd)
"dla"=C:\WINDOWS\system32\dla\tfswctrl.exe (Sonic Solutions)
"ehTray"=C:\WINDOWS\ehome\ehtray.exe (Microsoft Corporation)
"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun (Advanced Micro Devices, Inc.)
"SunJavaUpdateSched"="C:\Program Files\Java\jre6\bin\jusched.exe" (Sun Microsystems, Inc.)
"UpdateManager"="C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r (Sonic Solutions)
"UpdReg"=C:\WINDOWS\UpdReg.EXE (Creative Technology Ltd.)

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Cognac"=C:\DOCUME~1\Admin\LOCALS~1\Temp\13827.exe ()
"ColdWare"=C:\WINDOWS\msa.exe ()
"GridinSoft Trojan Killer"="C:\Program Files\GridinSoft Trojan Killer\trojankiller.exe" 0 File not found
"mediacodec.exe"=C:\DOCUME~1\Admin\LOCALS~1\Temp\mediacodec.exe ()

[HKEY_USERS\S-1-5-21-854245398-57989841-725345543-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Cognac"=C:\DOCUME~1\Admin\LOCALS~1\Temp\13827.exe ()
"ColdWare"=C:\WINDOWS\msa.exe ()
"GridinSoft Trojan Killer"="C:\Program Files\GridinSoft Trojan Killer\trojankiller.exe" 0 File not found
"mediacodec.exe"=C:\DOCUME~1\Admin\LOCALS~1\Temp\mediacodec.exe ()

========== (O4) RunOnce Keys ==========

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_2"=regsvr32 /s /n /i:U shell32 (Microsoft Corporation)

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_2"=regsvr32 /s /n /i:U shell32 (Microsoft Corporation)

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_2"=regsvr32 /s /n /i:U shell32 (Microsoft Corporation)

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_2"=regsvr32 /s /n /i:U shell32 (Microsoft Corporation)

========== (O4) Startup Folders ==========

[2007/06/28 17:10:00 | 01,175,552 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Run Registration Tool.lnk = C:\Program Files\WiFiConnector\NintendoWFCReg.exe

========== (O6 & O7) Current Version Policies ==========

[HKEY_CURRENT_USER\Software\policies\microsoft\internet explorer]
"Windows Update Menu Text"=Microsoft Update

[HKEY_USERS\.DEFAULT\Software\policies\microsoft\internet explorer]
"Windows Update Menu Text"=Microsoft Update

[HKEY_USERS\S-1-5-18\Software\policies\microsoft\internet explorer]
"Windows Update Menu Text"=Microsoft Update

[HKEY_USERS\S-1-5-19\Software\policies\microsoft\internet explorer]
"Windows Update Menu Text"=Microsoft Update

[HKEY_USERS\S-1-5-20\Software\policies\microsoft\internet explorer]
"Windows Update Menu Text"=Microsoft Update

[HKEY_USERS\S-1-5-21-854245398-57989841-725345543-500\Software\policies\microsoft\internet explorer]
"Windows Update Menu Text"=Microsoft Update

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoCDBurning"=1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.mss -- File not found
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.the -- File not found

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=36
"NoDriveAutoRun"=FF FF FF FF [binary data]

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145

[HKEY_USERS\S-1-5-21-854245398-57989841-725345543-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=36
"NoDriveAutoRun"=FF FF FF FF [binary data]

========== (O9) IE Extensions ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
{e2e2dd38-d088-4134-82b7-f2ba38496583}: Menu: @xpsp3res.dll,-20001 -- %SystemRoot%\Network Diagnostic\xpnetdiag.exe [2007/06/17 13:36:38 | 00,557,568 | ---- | M] (Microsoft Corporation)
{FB5F1910-F110-11d2-BB9E-00C04F795683}: Button: Messenger -- %ProgramFiles%\Messenger\msmsgs.exe [2004/10/13 14:21:24 | 01,694,208 | ---- | M] (Microsoft Corporation)
{FB5F1910-F110-11d2-BB9E-00C04F795683}: Menu: Windows Messenger -- %ProgramFiles%\Messenger\msmsgs.exe [2004/10/13 14:21:24 | 01,694,208 | ---- | M] (Microsoft Corporation)

========== (O12) Internet Explorer Plugins ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\]
PluginsPage: "" = http://activex.microsoft.com/controls/find...=%s&mime=%s
PluginsPageFriendlyName: "" = Microsoft ActiveX Gallery

========== (O13) Default Prefixes ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix]
""=http://

========== (O16) DPF ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\]
{8AD9C840-044E-11D1-B3E9-00805F499D93}: http://dl8-cdn-09.sun.com/s/ESD7/JSCDL/jdk...ows-i586-jc.cab -- Java Plug-in 1.6.0_13
{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab -- Java Plug-in 1.6.0_13
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab -- Java Plug-in 1.6.0_13

========== (O17) DNS Name Servers ==========

{606E4A81-72E2-412D-993B-46CB61428CA8} (Servers: | Description: 1394 Net Adapter)
{C5698CCD-FD6B-42CA-8B87-FD272329342F} (Servers: | Description: Nintendo Wi-Fi USB Connector)
{E486F88F-DF94-4826-9B56-68798EFC2E3C} (Servers: | Description: Intel® PRO/100 VE Network Connection)

========== (O20) Winlogon Notify Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\]
AtiExtEvent: "DllName" = Ati2evxx.dll -- C:\WINDOWS\system32\ati2evxx.dll (ATI Technologies Inc.)
avgrsstarter: "DllName" = avgrsstx.dll -- C:\WINDOWS\system32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)

========== Safeboot Options ==========

"AlternateShell"=cmd.exe

========== CDRom AutoRun Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]
"AutoRun" = 1

========== Autorun Files on Drives ==========

AUTOEXEC.BAT []
[2009/05/21 20:40:24 | 00,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT -- [ NTFS ]

autorun.inf []
[2009/05/28 16:53:21 | 00,000,000 | RHSD | M] -- C:\autorun.inf -- [ NTFS ]

autorun.inf []
[2009/05/28 16:53:22 | 00,000,000 | RHSD | M] -- F:\autorun.inf -- [ FAT32 ]

autorun.inf []
[2009/05/28 16:53:21 | 00,000,000 | RHSD | M] -- G:\autorun.inf -- [ NTFS ]

========== Files/Folders - Created Within 30 Days ==========

[13 C:\WINDOWS\System32\*.tmp files]
[3 C:\WINDOWS\*.tmp files]
[2009/05/28 19:16:42 | 00,422,912 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Admin\Desktop\OTViewIt.exe
[2009/05/28 18:11:41 | 00,000,000 | ---D | C] -- C:\Program Files\ATI
[2009/05/28 18:08:52 | 00,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2009/05/28 18:08:09 | 00,001,478 | ---- | C] () -- C:\Documents and Settings\Admin\Desktop\'Folding@Home'.lnk
[2009/05/28 18:08:09 | 00,000,000 | ---D | C] -- C:\ATI
[2009/05/28 17:55:57 | 00,001,080 | ---- | C] () -- C:\WINDOWS\System32\settingsbkup.sfm
[2009/05/28 17:55:57 | 00,001,080 | ---- | C] () -- C:\WINDOWS\System32\settings.sfm
[2009/05/28 17:53:12 | 04,933,091 | ---- | C] () -- C:\WINDOWS\{00000003-00000000-00000000-00001102-00000004-20061102}.BAK
[2009/05/28 17:53:09 | 04,933,091 | ---- | C] () -- C:\WINDOWS\{00000003-00000000-00000000-00001102-00000004-20061102}.CDF
[2009/05/28 17:39:42 | 00,033,232 | ---- | C] () -- C:\WINDOWS\System32\BMXStateBkp-{00000003-00000000-00000000-00001102-00000004-20061102}.rfx
[2009/05/28 17:39:42 | 00,033,232 | ---- | C] () -- C:\WINDOWS\System32\BMXState-{00000003-00000000-00000000-00001102-00000004-20061102}.rfx
[2009/05/28 17:39:42 | 00,032,448 | ---- | C] () -- C:\WINDOWS\System32\BMXCtrlState-{00000003-00000000-00000000-00001102-00000004-20061102}.rfx
[2009/05/28 17:39:42 | 00,032,448 | ---- | C] () -- C:\WINDOWS\System32\BMXBkpCtrlState-{00000003-00000000-00000000-00001102-00000004-20061102}.rfx
[2009/05/28 17:39:42 | 00,000,384 | ---- | C] () -- C:\WINDOWS\System32\DVCStateBkp-{00000003-00000000-00000000-00001102-00000004-20061102}.dat
[2009/05/28 17:39:42 | 00,000,384 | ---- | C] () -- C:\WINDOWS\System32\DVCState-{00000003-00000000-00000000-00001102-00000004-20061102}.dat
[2009/05/28 17:39:16 | 00,127,226 | ---- | C] () -- C:\WINDOWS\System32\ctdlang.dat
[2009/05/28 17:39:16 | 00,053,932 | ---- | C] () -- C:\WINDOWS\System32\ctdaught.dat
[2009/05/28 17:39:15 | 00,020,480 | ---- | C] (Creative Technology Limited) -- C:\WINDOWS\INRES.DLL
[2009/05/28 17:39:13 | 00,184,320 | ---- | C] () -- C:\WINDOWS\PSCONV.EXE
[2009/05/28 17:39:13 | 00,180,224 | ---- | C] (Creative Technology Limited) -- C:\WINDOWS\READREG.EXE
[2009/05/28 17:39:13 | 00,077,824 | ---- | C] (Creative Labs) -- C:\WINDOWS\System32\EAXAC3.DLL
[2009/05/28 17:39:13 | 00,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\KILLAPPS.EXE
[2009/05/28 17:39:13 | 00,036,864 | ---- | C] () -- C:\WINDOWS\System32\REGPLIB.EXE
[2009/05/28 17:39:13 | 00,000,194 | ---- | C] () -- C:\WINDOWS\System32\KILL.INI
[2009/05/28 17:39:13 | 00,000,059 | ---- | C] () -- C:\WINDOWS\System32\DEFAULT8.SFM
[2009/05/28 17:39:13 | 00,000,059 | ---- | C] () -- C:\WINDOWS\System32\DEFAULT4.SFM
[2009/05/28 17:39:13 | 00,000,059 | ---- | C] () -- C:\WINDOWS\System32\DEFAULT.SFM
[2009/05/28 17:39:12 | 02,259,067 | ---- | C] () -- C:\WINDOWS\System32\DEFAULT.ECW
[2009/05/28 17:39:09 | 04,932,463 | ---- | C] () -- C:\WINDOWS\CTDVAUDY.CDF
[2009/05/28 17:39:06 | 04,174,814 | ---- | C] () -- C:\WINDOWS\System32\CT4MGM.SF2
[2009/05/28 17:39:06 | 02,167,684 | ---- | C] () -- C:\WINDOWS\System32\CT2MGM.SF2
[2009/05/28 17:39:05 | 01,048,576 | ---- | C] () -- C:\WINDOWS\System32\CT1MGM.ROM
[2009/05/28 17:39:05 | 00,065,536 | ---- | C] ( ) -- C:\WINDOWS\System32\dllcache\a3d.dll
[2009/05/28 17:39:05 | 00,065,536 | ---- | C] ( ) -- C:\WINDOWS\System32\a3d.dll
[2009/05/28 17:30:19 | 00,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2009/05/28 16:58:22 | 00,286,208 | ---- | C] () -- C:\Documents and Settings\Admin\Desktop\gmer.exe
[2009/05/28 16:57:52 | 00,278,221 | ---- | C] () -- C:\Documents and Settings\Admin\Desktop\gmer.zip
[2009/05/28 16:53:21 | 00,000,000 | RHSD | C] -- C:\autorun.inf
[2009/05/28 16:39:57 | 00,132,597 | ---- | C] () -- C:\Documents and Settings\Admin\Desktop\Flash_Disinfector.exe
[2009/05/28 13:28:19 | 00,120,836 | ---- | C] () -- C:\WINDOWS\msa.exe
[2009/05/28 13:28:13 | 00,000,240 | -H-- | C] () -- C:\WINDOWS\tasks\{5B57CF47-0BFA-43c6-ACF9-3B3653DCADBA}.job
[2009/05/28 13:28:09 | 00,134,660 | ---- | C] () -- C:\WINDOWS\System32\msxml71.dll
[2009/05/28 13:28:06 | 00,000,286 | -H-- | C] () -- C:\WINDOWS\tasks\{783AF354-B514-42d6-970E-3E8BF0A5279C}.job
[2009/05/27 16:27:03 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Admin\My Documents\Spybot
[2009/05/26 21:06:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Application Data\Leadertech
[2009/05/26 20:07:29 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdjpn.dll
[2009/05/26 20:07:29 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdjpn.dll
[2009/05/26 20:07:29 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkor.dll
[2009/05/26 20:07:29 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkor.dll
[2009/05/26 20:07:29 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbd101c.dll
[2009/05/26 20:07:29 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbd101b.dll
[2009/05/26 20:07:29 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbd103.dll
[2009/05/26 18:38:52 | 00,000,330 | ---- | C] () -- C:\Documents and Settings\Admin\Desktop\ForexTrader.appref-ms
[2009/05/26 18:37:43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Local Settings\Application Data\Deployment
[2009/05/25 10:47:55 | 00,000,695 | ---- | C] () -- C:\Documents and Settings\Admin\Desktop\Shortcut to SporeApp.lnk
[2009/05/25 06:27:47 | 00,000,734 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Acrobat.com.lnk
[2009/05/25 06:27:29 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2009/05/25 06:27:05 | 00,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2009/05/25 06:27:01 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2009/05/25 06:26:53 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2009/05/25 06:26:53 | 00,000,000 | ---D | C] -- C:\Program Files\Adobe
[2009/05/25 06:26:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Desktop\Adobe Reader 9 Installer
[2009/05/25 06:24:21 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Local Settings\Application Data\Adobe
[2009/05/25 06:24:10 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NOS
[2009/05/25 06:24:07 | 00,000,000 | ---D | C] -- C:\Program Files\NOS
[2009/05/25 04:05:42 | 02,737,324 | ---- | C] () -- C:\Documents and Settings\Admin\My Documents\ExchangeSpring08.pdf
[2009/05/25 00:18:26 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Admin\My Documents\My Spore Creations
[2009/05/25 00:17:56 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Application Data\Spore
[2009/05/24 19:05:48 | 00,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbprint.sys
[2009/05/24 19:05:48 | 00,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbprint.sys
[2009/05/24 19:05:40 | 00,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbscan.sys
[2009/05/24 19:05:40 | 00,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbscan.sys
[2009/05/24 19:05:03 | 00,000,000 | -H-D | C] -- C:\Config.Msi
[2009/05/24 19:04:24 | 00,000,000 | ---D | C] -- C:\temp
[2009/05/23 16:35:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Admin\My Documents\Incomplete
[2009/05/23 16:34:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Application Data\Adobe
[2009/05/23 16:34:23 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Admin\My Documents\LimeWire
[2009/05/23 16:34:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Application Data\Mozilla
[2009/05/23 16:33:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Application Data\LimeWire
[2009/05/23 16:33:44 | 00,001,578 | ---- | C] () -- C:\Documents and Settings\Admin\Desktop\LimeWire 5.1.3.lnk
[2009/05/23 16:33:22 | 00,000,000 | ---D | C] -- C:\Program Files\LimeWire
[2009/05/23 16:32:57 | 16,510,368 | ---- | C] (Lime Wire LLC) -- C:\Documents and Settings\Admin\My Documents\LimeWireWin.exe
[2009/05/23 13:41:35 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Admin\My Documents\My Videos
[2009/05/23 13:27:17 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SlySoft
[2009/05/22 22:24:37 | 00,000,599 | ---- | C] () -- C:\Documents and Settings\Admin\Desktop\Shortcut to Xbox Backup Creator.lnk
[2009/05/22 22:21:45 | 00,407,040 | ---- | C] (Scene Release) -- C:\Documents and Settings\Admin\My Documents\Xbox Backup Creator.exe
[2009/05/22 22:21:42 | 00,032,768 | ---- | C] (Frog ASPI / Millenod) -- C:\Documents and Settings\Admin\My Documents\FrogASPI.dll
[2009/05/22 22:10:43 | 00,000,000 | ---D | C] -- C:\Program Files\Xbox Backup Creator
[2009/05/22 22:10:23 | 03,750,912 | ---- | C] () -- C:\Documents and Settings\Admin\My Documents\Xbox Backup Creator v2.5.exe
[2009/05/22 22:10:23 | 00,396,130 | ---- | C] () -- C:\Documents and Settings\Admin\My Documents\Xbox_Backup_Creator_v2.8.0.275.zip
[2009/05/22 22:09:58 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Application Data\WinRAR
[2009/05/22 22:09:52 | 00,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2009/05/22 22:09:43 | 01,358,454 | ---- | C] () -- C:\Documents and Settings\Admin\My Documents\wrar39b2.exe
[2009/05/22 22:07:45 | 03,015,064 | ---- | C] () -- C:\Documents and Settings\Admin\My Documents\Xbox_Backup_Creator_v2.8.0.275.rar
[2009/05/22 20:18:25 | 00,000,799 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Run Registration Tool.lnk
[2009/05/22 20:18:24 | 00,000,000 | ---D | C] -- C:\Program Files\WiFiConnector
[2009/05/22 20:17:14 | 00,000,430 | ---- | C] () -- C:\WINDOWS\System32\drivers\etc\hosts.ics
[2009/05/22 20:14:59 | 01,787,868 | ---- | C] () -- C:\Documents and Settings\Admin\Desktop\Nintendo_WFC_USB.zip
[2009/05/22 19:25:35 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups
[2009/05/22 19:19:34 | 01,283,448 | ---- | C] (Xceed Software Inc. 1-450-442-2626 info@xceedsoft.com www.xceedsoft.com) -- C:\Documents and Settings\Admin\Desktop\R78727.EXE
[2009/05/22 19:18:49 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Application Data\ImgBurn
[2009/05/22 19:18:34 | 00,001,589 | ---- | C] () -- C:\Documents and Settings\Admin\Desktop\abgx360 GUI.lnk
[2009/05/22 19:17:02 | 00,000,000 | ---D | C] -- C:\Program Files\abgx360
[2009/05/22 19:11:22 | 00,359,883 | ---- | C] () -- C:\Documents and Settings\Admin\Desktop\dds.scr
[2009/05/22 13:17:31 | 00,002,715 | ---- | C] () -- C:\Documents and Settings\Admin\My Documents\[isoHunt]_GridinSoft.Trojan.Killer.v2.0.0.2.WinALL.Cracked-CzW.torrent
[2009/05/22 13:14:09 | 00,000,682 | ---- | C] () -- C:\Documents and Settings\Admin\Desktop\Shortcut to uTorrent.lnk
[2009/05/22 13:13:42 | 00,001,149 | ---- | C] () -- C:\Documents and Settings\Admin\My Documents\Trojan_Killer_2.0.2.1_crack_serial_keygen_activation_full_by_zemurkaj12[www.btmon.com].torrent
[2009/05/22 12:47:07 | 00,000,000 | ---D | C] -- C:\Program Files\GridinSoft Trojan Killer
[2009/05/22 12:46:08 | 06,750,851 | ---- | C] (GridinSoft, Inc. ) -- C:\Documents and Settings\Admin\My Documents\trojankiller-setup.exe
[2009/05/22 12:31:17 | 00,001,734 | ---- | C] () -- C:\Documents and Settings\Admin\Desktop\HijackThis.lnk
[2009/05/22 12:31:16 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009/05/22 12:31:10 | 00,812,344 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\Admin\My Documents\HJTInstall.exe
[2009/05/22 12:19:58 | 16,409,960 | ---- | C] (Safer Networking Limited ) -- C:\Documents and Settings\Admin\My Documents\spybotsd162.exe
[2009/05/22 10:41:04 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Application Data\CopyToDvd
[2009/05/22 10:31:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Application Data\1ClickDVDCopy
[2009/05/22 02:03:54 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2009/05/22 01:39:08 | 00,000,000 | ---D | C] -- C:\WINDOWS\Sun
[2009/05/22 01:38:14 | 00,000,000 | ---D | C] -- C:\Program Files\Java
[2009/05/22 01:37:19 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Application Data\Sun
[2009/05/22 01:35:49 | 00,000,803 | ---- | C] () -- C:\Documents and Settings\Admin\Desktop\Internet Explorer.lnk
[2009/05/22 01:20:32 | 00,000,527 | ---- | C] () -- C:\Documents and Settings\Admin\Desktop\Shortcut to ImgBurn.lnk
[2009/05/22 01:17:21 | 00,039,488 | ---- | C] (VSO Software) -- C:\WINDOWS\System32\drivers\Pcouffin.sys
[2009/05/22 01:17:21 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Admin\My Documents\PcSetup
[2009/05/22 01:17:17 | 00,000,745 | ---- | C] () -- C:\Documents and Settings\Admin\Desktop\CopyToDVD SE.lnk
[2009/05/22 01:17:13 | 00,000,000 | ---D | C] -- C:\Program Files\vso
[2009/05/22 01:16:54 | 00,001,000 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\1Click Dvd Copy 4.2.lnk
[2009/05/22 01:16:42 | 00,000,000 | ---D | C] -- C:\Program Files\LG Software Innovations
[2009/05/22 01:15:16 | 00,000,754 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AnyDVD.lnk
[2009/05/22 01:15:09 | 00,000,000 | ---D | C] -- C:\Program Files\SlySoft
[2009/05/22 01:01:12 | 00,000,801 | ---- | C] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2009/05/22 00:54:53 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Local Settings\Application Data\Identities
[2009/05/22 00:28:20 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\logs
[2009/05/22 00:26:20 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\BitDefender
[2009/05/22 00:13:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Admin\My Documents\Downloads
[2009/05/22 00:10:45 | 00,000,630 | ---- | C] () -- C:\Documents and Settings\Admin\Desktop\µTorrent.lnk
[2009/05/22 00:10:39 | 00,000,000 | ---D | C] -- C:\Program Files\uTorrent
[2009/05/22 00:10:37 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Application Data\uTorrent
[2009/05/22 00:01:08 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Application Data\Sonic
[2009/05/21 23:59:22 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Sonic
[2009/05/21 23:59:18 | 00,002,038 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Burn CDs & DVDs with RecordNow!.lnk
[2009/05/21 23:58:37 | 00,001,791 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Start MyDVD.lnk
[2009/05/21 23:57:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\pss
[2009/05/21 23:57:29 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Sonic Shared
[2009/05/21 23:57:26 | 00,000,138 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2009/05/21 23:57:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\dla
[2009/05/21 23:57:26 | 00,000,000 | ---D | C] -- C:\Program Files\Sonic
[2009/05/21 23:53:17 | 00,000,000 | -HSD | C] -- C:\RECYCLER
[2009/05/21 22:58:51 | 00,000,000 | -H-D | C] -- C:\$AVG8.VAULT$
[2009/05/21 22:37:37 | 00,011,952 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2009/05/21 22:37:37 | 00,001,507 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AVG Free 8.5.lnk
[2009/05/21 22:37:36 | 00,108,552 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2009/05/21 22:37:32 | 00,325,896 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2009/05/21 22:37:32 | 00,027,784 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
[2009/05/21 22:37:31 | 36,510,148 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2009/05/21 22:37:31 | 06,061,540 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\avi7.avg
[2009/05/21 22:37:31 | 00,434,673 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\miniavi.avg
[2009/05/21 22:37:31 | 00,062,921 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg
[2009/05/21 22:37:31 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\Avg
[2009/05/21 22:37:31 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Application Data\AVGTOOLBAR
[2009/05/21 22:37:27 | 00,000,000 | ---D | C] -- C:\Program Files\AVG
[2009/05/21 22:37:26 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\avg8
[2009/05/21 22:28:16 | 65,103,168 | ---- | C] (AVG Technologies) -- C:\Documents and Settings\Admin\My Documents\avg_free_stf_en_85_339a1525.exe
[2009/05/21 21:46:22 | 00,016,208 | ---- | C] () -- C:\Documents and Settings\Admin\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009/05/21 21:46:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Local Settings\Application Data\ATI
[2009/05/21 21:46:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Application Data\ATI
[2009/05/21 21:45:29 | 00,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2009/05/21 21:44:47 | 04,821,350 | -H-- | C] () -- C:\Documents and Settings\Admin\Local Settings\Application Data\IconCache.db
[2009/05/21 21:39:46 | 01,247,400 | ---- | C] () -- C:\WINDOWS\System32\CTAA1.DAT
[2009/05/21 21:39:44 | 00,149,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MFCANS32.DLL
[2009/05/21 21:39:44 | 00,108,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MFCUIA32.DLL
[2009/05/21 21:39:44 | 00,054,784 | ---- | C] (Blue Sky Software Corporation.) -- C:\WINDOWS\System32\INETWH32.DLL
[2009/05/21 21:39:44 | 00,053,552 | ---- | C] (Creative® Technology Ltd.) -- C:\WINDOWS\CTCCW.DLL
[2009/05/21 21:39:44 | 00,000,231 | ---- | C] () -- C:\WINDOWS\AC3API.INI
[2009/05/21 21:39:43 | 01,048,576 | ---- | C] () -- C:\WINDOWS\System32\SFMAN.DAT
[2009/05/21 21:39:43 | 00,026,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\CTL3D.DLL
[2009/05/21 21:39:42 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Defaults
[2009/05/21 21:39:37 | 00,010,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\gameenum.sys
[2009/05/21 21:39:37 | 00,010,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gameenum.sys
[2009/05/21 21:39:20 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Application Data\Creative
[2009/05/21 21:39:16 | 00,014,424 | ---- | C] () -- C:\WINDOWS\System32\Aud2_Del.ini
[2009/05/21 21:39:16 | 00,000,030 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2009/05/21 21:39:16 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Data
[2009/05/21 21:39:14 | 00,007,406 | ---- | C] () -- C:\WINDOWS\System32\SBAudigy.ico
[2009/05/21 21:39:13 | 00,264,466 | ---- | C] () -- C:\WINDOWS\System32\ctsbas2w.dat
[2009/05/21 21:39:13 | 00,140,643 | ---- | C] () -- C:\WINDOWS\System32\ctbas2w.dat
[2009/05/21 21:39:13 | 00,001,912 | ---- | C] () -- C:\WINDOWS\System32\Audigy.bmp
[2009/05/21 21:39:04 | 00,000,184 | ---- | C] () -- C:\WINDOWS\System32\e000001.dat
[2009/05/21 21:37:50 | 00,000,136 | ---- | C] () -- C:\WINDOWS\SBWIN.INI
[2009/05/21 21:33:36 | 00,000,000 | ---D | C] -- C:\Program Files\Creative
[2009/05/21 21:33:29 | 00,000,099 | ---- | C] () -- C:\WINDOWS\Č
[2009/05/21 21:15:59 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies
[2009/05/21 21:13:25 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
[2009/05/21 21:13:11 | 00,006,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\splitter.sys
[2009/05/21 21:13:11 | 00,006,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\splitter.sys
[2009/05/21 21:13:10 | 00,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\wdmaud.sys
[2009/05/21 21:13:10 | 00,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wdmaud.sys
[2009/05/21 21:13:09 | 00,052,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\DMusic.sys
[2009/05/21 21:13:09 | 00,052,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmusic.sys
[2009/05/21 21:13:08 | 00,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\swmidi.sys
[2009/05/21 21:13:08 | 00,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swmidi.sys
[2009/05/21 21:13:07 | 00,142,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\aec.sys
[2009/05/21 21:13:07 | 00,142,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aec.sys
[2009/05/21 21:13:06 | 00,172,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\kmixer.sys
[2009/05/21 21:13:06 | 00,172,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kmixer.sys
[2009/05/21 21:13:05 | 00,002,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmkaud.sys
[2009/05/21 21:13:05 | 00,002,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmkaud.sys
[2009/05/21 21:13:04 | 00,060,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sysaudio.sys
[2009/05/21 21:13:04 | 00,060,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sysaudio.sys
[2009/05/21 21:13:03 | 00,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\MSKSSRV.sys
[2009/05/21 21:13:03 | 00,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mskssrv.sys
[2009/05/21 21:13:02 | 00,004,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\MSPQM.sys
[2009/05/21 21:13:02 | 00,004,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspqm.sys
[2009/05/21 21:13:00 | 00,005,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\MSPCLOCK.sys
[2009/05/21 21:13:00 | 00,005,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspclock.sys
[2009/05/21 21:12:58 | 00,146,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\portcls.sys
[2009/05/21 21:12:58 | 00,146,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\portcls.sys
[2009/05/21 21:12:58 | 00,130,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksproxy.ax
[2009/05/21 21:12:58 | 00,130,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksproxy.ax
[2009/05/21 21:12:58 | 00,093,184 | R--- | C] (ATI Research Inc.) -- C:\WINDOWS\System32\drivers\AtiHdmi.sys
[2009/05/21 21:12:58 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksuser.dll
[2009/05/21 21:12:58 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksuser.dll
[2009/05/21 21:12:57 | 00,060,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmk.sys
[2009/05/21 21:12:57 | 00,060,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmk.sys
[2009/05/21 21:12:35 | 00,593,920 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2009/05/21 21:12:34 | 00,016,032 | ---- | C] () -- C:\WINDOWS\atiogl.xml
[2009/05/21 21:12:31 | 00,007,167 | R--- | C] () -- C:\WINDOWS\System32\atifglpf.xml
[2009/05/21 21:12:29 | 00,887,724 | R--- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2009/05/21 21:12:28 | 03,107,788 | R--- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2009/05/21 21:12:27 | 03,107,788 | R--- | C] () -- C:\WINDOWS\System32\ativvaxx.dat
[2009/05/21 21:12:27 | 00,188,348 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2009/05/21 21:12:13 | 00,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2009/05/21 21:12:13 | 00,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2009/05/21 21:11:49 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2009/05/21 21:10:56 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Application Data\Macromedia
[2009/05/21 21:08:46 | 00,001,902 | ---- | C] () -- C:\WINDOWS\System32\SetupBD.din
[2009/05/21 21:08:25 | 00,012,288 | ---- | C] () -- C:\WINDOWS\System32\e100bmsg.dll
[2009/05/21 21:08:25 | 00,005,110 | ---- | C] () -- C:\WINDOWS\System32\e100b325.din
[2009/05/21 21:08:25 | 00,000,000 | ---D | C] -- C:\drvrtmp
[2009/05/21 21:08:23 | 00,000,000 | ---D | C] -- C:\dell
[2009/05/21 21:02:02 | 00,026,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\USBSTOR.SYS
[2009/05/21 21:02:02 | 00,026,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbstor.sys
[2009/05/21 20:49:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Application Data\Identities
[2009/05/21 20:49:10 | 00,000,076 | -HS- | C] () -- C:\Documents and Settings\Admin\My Documents\desktop.ini
[2009/05/21 20:49:10 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Admin\My Documents\My Pictures
[2009/05/21 20:49:10 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Admin\My Documents\My Music
[2009/05/21 20:49:10 | 00,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
[2009/05/21 20:49:09 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2009/05/21 20:49:06 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\Recorded TV
[2009/05/21 20:49:04 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\Admin\Application Data\desktop.ini
[2009/05/21 20:49:03 | 00,000,084 | -HS- | C] () -- C:\Documents and Settings\Admin\Start Menu\Programs\Startup\desktop.ini
[2009/05/21 20:49:03 | 00,000,000 | --SD | C] -- C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft
[2009/05/21 20:49:03 | 00,000,000 | --SD | C] -- C:\Documents and Settings\Admin\Application Data\Microsoft
[2009/05/21 20:48:53 | 00,000,006 | -H-- | C] () -- C:\WINDOWS\tasks\SA.DAT
[2009/05/21 20:48:53 | 00,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2009/05/21 20:48:52 | 00,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft
[2009/05/21 20:48:51 | 00,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2009/05/21 20:48:11 | 00,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009/05/21 20:47:46 | 00,041,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.dll
[2009/05/21 20:47:46 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.sys
[2009/05/21 20:47:45 | 00,363,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3svc.dll
[2009/05/21 20:47:45 | 00,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wam51.dll
[2009/05/21 20:47:45 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamreg51.dll
[2009/05/21 20:47:45 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamps51.dll
[2009/05/21 20:47:45 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3svapi.dll
[2009/05/21 20:47:44 | 00,426,041 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicepad.dll
[2009/05/21 20:47:44 | 00,086,073 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicesub.dll
[2009/05/21 20:47:44 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ext.dll
[2009/05/21 20:47:44 | 00,048,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32.dll
[2009/05/21 20:47:44 | 00,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ctrs51.dll
[2009/05/21 20:47:42 | 00,103,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uihelper.dll
[2009/05/21 20:47:42 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe
[2009/05/21 20:47:41 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tools.dll
[2009/05/21 20:47:40 | 00,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\thawbrkr.dll
[2009/05/21 20:47:40 | 00,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdipx.sys
[2009/05/21 20:47:40 | 00,019,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdspx.sys
[2009/05/21 20:47:40 | 00,013,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdasync.sys
[2009/05/21 20:47:39 | 00,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\svcext51.dll
[2009/05/21 20:47:39 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\status.dll
[2009/05/21 20:47:38 | 00,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusbusd.dll
[2009/05/21 20:47:38 | 00,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sspifilt.dll
[2009/05/21 20:47:38 | 00,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ssinc51.dll
[2009/05/21 20:47:37 | 00,040,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpthrd.dll
[2009/05/21 20:47:37 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpstup.dll
[2009/05/21 20:47:37 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmptrap.exe
[2009/05/21 20:47:37 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll
[2009/05/21 20:47:36 | 00,456,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpsvc.dll
[2009/05/21 20:47:36 | 00,358,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpincl.dll
[2009/05/21 20:47:36 | 00,259,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpcl.dll
[2009/05/21 20:47:36 | 00,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpsmir.dll
[2009/05/21 20:47:36 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmp.exe
[2009/05/21 20:47:36 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpmib.dll
[2009/05/21 20:47:35 | 00,236,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smi2smir.exe
[2009/05/21 20:47:35 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\simptcp.dll
[2009/05/21 20:47:35 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsm.dll
[2009/05/21 20:47:35 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll
[2009/05/21 20:47:35 | 00,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpapi.dll
[2009/05/21 20:47:35 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smimsgif.dll
[2009/05/21 20:47:35 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsy.dll
[2009/05/21 20:47:33 | 00,221,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\seo.dll
[2009/05/21 20:47:33 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seos.dll
[2009/05/21 20:47:32 | 00,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_scripto.dll
[2009/05/21 20:47:32 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rwnh.dll
[2009/05/21 20:47:31 | 00,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe
[2009/05/21 20:47:31 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcref.dll
[2009/05/21 20:47:30 | 00,020,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ramdisk.sys
[2009/05/21 20:47:30 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quser.exe
[2009/05/21 20:47:30 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe
[2009/05/21 20:47:29 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe
[2009/05/21 20:47:29 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pwsdata.dll
[2009/05/21 20:47:27 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\permchk.dll
[2009/05/21 20:47:26 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pagecnt.dll
[2009/05/21 20:47:24 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll
[2009/05/21 20:47:23 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nextlink.dll
[2009/05/21 20:47:23 | 00,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nsepm.dll
[2009/05/21 20:47:21 | 00,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtstocom.exe
[2009/05/21 20:47:20 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msiregmv.exe
[2009/05/21 20:47:16 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migregdb.exe
[2009/05/21 20:47:15 | 00,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.sys
[2009/05/21 20:47:15 | 00,092,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.dll
[2009/05/21 20:47:15 | 00,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\metada51.dll
[2009/05/21 20:47:15 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mdsync.dll
[2009/05/21 20:47:14 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll
[2009/05/21 20:47:14 | 00,037,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\md5filt.dll
[2009/05/21 20:47:14 | 00,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lpdsvc.dll
[2009/05/21 20:47:14 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lprmon.dll
[2009/05/21 20:47:13 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lmmib2.dll
[2009/05/21 20:47:13 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logscrpt.dll
[2009/05/21 20:47:13 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lonsint.dll
[2009/05/21 20:47:12 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdvntc.dll
[2009/05/21 20:47:12 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdusa.dll
[2009/05/21 20:47:12 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdurdu.dll
[2009/05/21 20:47:11 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth3.dll
[2009/05/21 20:47:11 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth2.dll
[2009/05/21 20:47:11 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinpun.dll
[2009/05/21 20:47:11 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth1.dll
[2009/05/21 20:47:11 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth0.dll
[2009/05/21 20:47:11 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr2.dll
[2009/05/21 20:47:11 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr1.dll
[2009/05/21 20:47:11 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintel.dll
[2009/05/21 20:47:11 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintam.dll
[2009/05/21 20:47:11 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinmar.dll
[2009/05/21 20:47:10 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinkan.dll
[2009/05/21 20:47:10 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinhin.dll
[2009/05/21 20:47:10 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinguj.dll
[2009/05/21 20:47:10 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdindev.dll
[2009/05/21 20:47:10 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdheb.dll
[2009/05/21 20:47:10 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdfa.dll
[2009/05/21 20:47:10 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv2.dll
[2009/05/21 20:47:10 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv1.dll
[2009/05/21 20:47:10 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgeo.dll
[2009/05/21 20:47:09 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iscomlog.dll
[2009/05/21 20:47:09 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iwrps.dll
[2009/05/21 20:47:09 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isapips.dll
[2009/05/21 20:47:09 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda3.dll
[2009/05/21 20:47:09 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda2.dll
[2009/05/21 20:47:09 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda1.dll
[2009/05/21 20:47:09 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarmw.dll
[2009/05/21 20:47:09 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarme.dll
[2009/05/21 20:47:08 | 00,257,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infocomm.dll
[2009/05/21 20:47:08 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iprip.dll
[2009/05/21 20:47:08 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infoctrs.dll
[2009/05/21 20:47:07 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetin51.exe
[2009/05/21 20:47:06 | 00,274,489 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputyc.dll
[2009/05/21 20:47:06 | 00,262,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputy.exe
[2009/05/21 20:47:06 | 00,233,527 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjprw.exe
[2009/05/21 20:47:06 | 00,208,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpmig.exe
[2009/05/21 20:47:06 | 00,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2009/05/21 20:47:05 | 00,716,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcus.dll
[2009/05/21 20:47:05 | 00,368,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcic.dll
[2009/05/21 20:47:05 | 00,155,705 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdsvr.exe
[2009/05/21 20:47:05 | 00,081,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.dll
[2009/05/21 20:47:04 | 00,811,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81k.dll
[2009/05/21 20:47:04 | 00,340,023 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81.ime
[2009/05/21 20:47:03 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekr61.ime
[2009/05/21 20:47:03 | 00,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iislog51.dll
[2009/05/21 20:47:03 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iiscrmap.dll
[2009/05/21 20:47:03 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisfecnv.dll
[2009/05/21 20:47:03 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iissync.exe
[2009/05/21 20:47:03 | 00,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iismui.dll
[2009/05/21 20:47:02 | 00,145,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iische51.dll
[2009/05/21 20:47:02 | 00,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisclex4.dll
[2009/05/21 20:47:02 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisadmin.dll
[2009/05/21 20:47:01 | 00,268,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpext.dll
[2009/05/21 20:47:01 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpod51.dll
[2009/05/21 20:47:01 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hostmib.dll
[2009/05/21 20:47:01 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpmb51.dll
[2009/05/21 20:46:59 | 00,400,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsxp32.dll
[2009/05/21 20:46:59 | 00,192,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxswzrd.dll
[2009/05/21 20:46:59 | 00,154,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsui.dll
[2009/05/21 20:46:59 | 00,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gzip.dll
[2009/05/21 20:46:58 | 00,562,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsst.dll
[2009/05/21 20:46:58 | 00,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxstiff.dll
[2009/05/21 20:46:58 | 00,267,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssvc.exe
[2009/05/21 20:46:58 | 00,246,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxst30.dll
[2009/05/21 20:46:58 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsroute.dll
[2009/05/21 20:46:58 | 00,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsmon.dll
[2009/05/21 20:46:58 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssend.exe
[2009/05/21 20:46:58 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsperf.dll
[2009/05/21 20:46:58 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsres.dll
[2009/05/21 20:46:57 | 00,285,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscomex.dll
[2009/05/21 20:46:57 | 00,229,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscover.exe
[2009/05/21 20:46:57 | 00,143,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclnt.exe
[2009/05/21 20:46:57 | 00,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclntr.dll
[2009/05/21 20:46:57 | 00,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscfgwz.dll
[2009/05/21 20:46:57 | 00,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscom.dll
[2009/05/21 20:46:57 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsevent.dll
[2009/05/21 20:46:57 | 00,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsdrv.dll
[2009/05/21 20:46:57 | 00,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsext32.dll
[2009/05/21 20:46:56 | 00,452,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsapi.dll
[2009/05/21 20:46:56 | 00,125,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpsv251.dll
[2009/05/21 20:46:56 | 00,094,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fpencode.dll
[2009/05/21 20:46:56 | 00,020,541 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmdll.dll
[2009/05/21 20:46:56 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpctrs2.dll
[2009/05/21 20:46:56 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpmib.dll
[2009/05/21 20:46:55 | 00,618,605 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4autl.dll
[2009/05/21 20:46:55 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll
[2009/05/21 20:46:55 | 00,024,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmcgi.exe
[2009/05/21 20:46:55 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe
[2009/05/21 20:46:54 | 00,101,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntagnt.dll
[2009/05/21 20:46:54 | 00,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntwin.exe
[2009/05/21 20:46:54 | 00,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\et4000.sys
[2009/05/21 20:46:54 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntcmd.exe
[2009/05/21 20:46:54 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\exstrace.dll
[2009/05/21 20:46:53 | 00,514,587 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\edb500.dll
[2009/05/21 20:46:50 | 00,042,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\davcdata.exe
[2009/05/21 20:46:49 | 00,057,399 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cplexe.exe
[2009/05/21 20:46:49 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\convlog.exe
[2009/05/21 20:46:49 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\controt.dll
[2009/05/21 20:46:49 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\counters.dll
[2009/05/21 20:46:49 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cprofile.exe
[2009/05/21 20:46:48 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\compfilt.dll
[2009/05/21 20:46:46 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgport.exe
[2009/05/21 20:46:46 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgusr.exe
[2009/05/21 20:46:46 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chglogon.exe
[2009/05/21 20:46:46 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\change.exe
[2009/05/21 20:46:45 | 00,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2009/05/21 20:46:43 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\browscap.dll
[2009/05/21 20:46:42 | 00,369,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asp51.dll
[2009/05/21 20:46:42 | 00,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asptxn.dll
[2009/05/21 20:46:42 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aspperf.dll
[2009/05/21 20:46:42 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\authfilt.dll
[2009/05/21 20:46:41 | 00,331,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aqueue.dll
[2009/05/21 20:46:41 | 00,108,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\appconf.dll
[2009/05/21 20:46:41 | 00,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll
[2009/05/21 20:46:41 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll
[2009/05/21 20:46:40 | 00,049,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adrot.dll
[2009/05/21 20:46:40 | 00,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admexs.dll
[2009/05/21 20:46:40 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admxprox.dll
[2009/05/21 20:46:38 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamregps.dll
[2009/05/21 20:46:37 | 00,032,827 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptest.exe
[2009/05/21 20:46:37 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptsat.dll
[2009/05/21 20:46:37 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\staxmem.dll
[2009/05/21 20:46:36 | 02,134,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpsnap.dll
[2009/05/21 20:46:36 | 00,189,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpadm.dll
[2009/05/21 20:46:36 | 00,020,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.dll
[2009/05/21 20:46:36 | 00,016,437 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.exe
[2009/05/21 20:46:32 | 00,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logui.ocx
[2009/05/21 20:46:32 | 00,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isatq.dll
[2009/05/21 20:46:31 | 00,829,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmgr.dll
[2009/05/21 20:46:31 | 00,169,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisui.dll
[2009/05/21 20:46:31 | 00,133,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrtl.dll
[2009/05/21 20:46:31 | 00,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrstas.exe
[2009/05/21 20:46:31 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetsloc.dll
[2009/05/21 20:46:31 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infoadmn.dll
[2009/05/21 20:46:31 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmgr.exe
[2009/05/21 20:46:30 | 00,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisext51.dll
[2009/05/21 20:46:30 | 00,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iismap.dll
[2009/05/21 20:46:30 | 00,020,538 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpremadm.exe
[2009/05/21 20:46:30 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisreset.exe
[2009/05/21 20:46:30 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpsapi2.dll
[2009/05/21 20:46:30 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrstap.dll
[2009/05/21 20:46:29 | 00,876,653 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4awel.dll
[2009/05/21 20:46:29 | 00,598,071 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmc.dll
[2009/05/21 20:46:29 | 00,208,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmcsat.dll
[2009/05/21 20:46:29 | 00,188,494 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpcount.exe
[2009/05/21 20:46:29 | 00,109,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98swin.exe
[2009/05/21 20:46:29 | 00,049,212 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4awebs.dll
[2009/05/21 20:46:29 | 00,020,541 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpexedll.dll
[2009/05/21 20:46:29 | 00,014,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98sadm.exe
[2009/05/21 20:46:28 | 00,184,435 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4amsft.dll
[2009/05/21 20:46:28 | 00,147,513 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4apws.dll
[2009/05/21 20:46:28 | 00,102,509 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4atxt.dll
[2009/05/21 20:46:28 | 00,082,035 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4anscp.dll
[2009/05/21 20:46:28 | 00,049,210 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4areg.dll
[2009/05/21 20:46:28 | 00,041,020 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4avnb.dll
[2009/05/21 20:46:28 | 00,032,826 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4avss.dll
[2009/05/21 20:46:27 | 00,275,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\certwiz.ocx
[2009/05/21 20:46:27 | 00,188,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cfgwiz.exe
[2009/05/21 20:46:27 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\certmap.ocx
[2009/05/21 20:46:27 | 00,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cnfgprts.ocx
[2009/05/21 20:46:27 | 00,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\coadmin.dll
[2009/05/21 20:46:26 | 00,290,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adsiis51.dll
[2009/05/21 20:46:26 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admwprox.dll
[2009/05/21 20:46:26 | 00,020,540 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.dll
[2009/05/21 20:46:26 | 00,016,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.exe
[2009/05/21 20:46:26 | 00,016,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.exe
[2009/05/21 20:46:25 | 00,020,540 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.dll
[2009/05/21 20:46:24 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom
[2009/05/21 20:46:24 | 00,000,000 | ---D | C] -- C:\Program Files\microsoft frontpage
[2009/05/21 20:46:01 | 00,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\irbus.sys
[2009/05/21 20:46:01 | 00,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\hidir.sys
[2009/05/21 20:45:36 | 00,022,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spupdsvc.exe
[2009/05/21 20:45:36 | 00,013,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2009/05/21 20:44:39 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Plus
[2009/05/21 20:44:38 | 00,011,452 | ---- | C] () -- C:\WINDOWS\System32\mypixdx.chm
[2009/05/21 20:44:37 | 03,343,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nature.scr
[2009/05/21 20:44:37 | 01,742,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mypixdx.scr
[2009/05/21 20:44:36 | 05,068,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\davinci.scr
[2009/05/21 20:44:34 | 07,093,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\space.scr
[2009/05/21 20:44:31 | 04,396,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wpgldfsh.scr
[2009/05/21 20:44:20 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\igdetect.dll
[2009/05/21 20:44:19 | 00,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mhn.dll
[2009/05/21 20:44:19 | 00,011,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mhndrv.sys
[2009/05/21 20:40:47 | 00,000,000 | R-SD | C] -- C:\WINDOWS\assembly
[2009/05/21 20:40:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET
[2009/05/21 20:40:46 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\URTTemp
[2009/05/21 20:40:24 | 00,002,577 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT
[2009/05/21 20:40:24 | 00,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2009/05/21 20:40:24 | 00,000,000 | RHS- | C] () -- C:\IO.SYS
[2009/05/21 20:40:24 | 00,000,000 | ---- | C] () -- C:\WINDOWS\control.ini
[2009/05/21 20:40:24 | 00,000,000 | ---- | C] () -- C:\CONFIG.SYS
[2009/05/21 20:40:24 | 00,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT
[2009/05/21 20:40:20 | 00,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2009/05/21 20:40:20 | 00,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2009/05/21 20:40:19 | 00,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2009/05/21 20:39:03 | 00,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate
[2009/05/21 20:38:51 | 04,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex
[2009/05/21 20:38:44 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX
[2009/05/21 20:38:27 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoobe.exe
[2009/05/21 20:38:26 | 00,099,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helphost.exe
[2009/05/21 20:38:26 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\notiflag.exe
[2009/05/21 20:38:26 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\brpinfo.dll
[2009/05/21 20:38:26 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atrace.dll
[2009/05/21 20:38:26 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\atrace.dll
[2009/05/21 20:38:26 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hcappres.dll
[2009/05/21 20:38:24 | 00,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2009/05/21 20:38:24 | 00,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2009/05/21 20:38:24 | 00,000,002 | ---- | C] () -- C:\WINDOWS\System32\desktop.ini
[2009/05/21 20:38:24 | 00,000,002 | ---- | C] () -- C:\WINDOWS\desktop.ini
[2009/05/21 20:38:19 | 00,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srdiag.exe
[2009/05/21 20:38:19 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmevtmsg.dll
[2009/05/21 20:38:19 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmevtmsg.dll
[2009/05/21 20:38:19 | 00,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf
[2009/05/21 20:38:18 | 00,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msg723.acm
[2009/05/21 20:38:18 | 00,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\acctres.dll
[2009/05/21 20:38:18 | 00,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\acctres.dll
[2009/05/21 20:38:18 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msinfo32.exe
[2009/05/21 20:38:18 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wb32.exe
[2009/05/21 20:38:18 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cb32.exe
[2009/05/21 20:38:17 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Services
[2009/05/21 20:38:15 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwtutor.exe
[2009/05/21 20:38:15 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwres.dll
[2009/05/21 20:38:15 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trialoc.dll
[2009/05/21 20:38:15 | 00,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssoapr.dll
[2009/05/21 20:38:15 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icfgnt5.dll
[2009/05/21 20:38:15 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isignup.exe
[2009/05/21 20:38:15 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icfgnt5.dll
[2009/05/21 20:38:15 | 00,000,065 | RH-- | C] () -- C:\WINDOWS\tasks\desktop.ini
[2009/05/21 20:38:15 | 00,000,000 | --SD | C] -- C:\WINDOWS\Tasks
[2009/05/21 20:38:14 | 00,235,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssoap1.dll
[2009/05/21 20:38:14 | 00,093,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieinfo5.ocx
[2009/05/21 20:38:14 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wisc10.dll
[2009/05/21 20:38:14 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap
[2009/05/21 20:38:11 | 03,166,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msgr3en.dll
[2009/05/21 20:38:11 | 00,725,566 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srchui.dll
[2009/05/21 20:38:11 | 00,058,434 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srchctls.dll
[2009/05/21 20:38:11 | 00,000,000 | ---D | C] -- C:\WINDOWS\srchasst
[2009/05/21 20:38:10 | 00,819,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setup_wm.exe
[2009/05/21 20:38:10 | 00,765,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vgx.dll
[2009/05/21 20:38:10 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpband.dll
[2009/05/21 20:38:09 | 00,991,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migrate.exe
[2009/05/21 20:38:09 | 00,352,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpvis.dll
[2009/05/21 20:38:09 | 00,226,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npdrmv2.dll
[2009/05/21 20:38:09 | 00,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpns.dll
[2009/05/21 20:38:09 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmplayer.exe
[2009/05/21 20:38:09 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\custsat.dll
[2009/05/21 20:38:09 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npwmsdrm.dll
[2009/05/21 20:38:08 | 00,364,544 | ---- | C] (Microsoft Corporation (written by Digital Renaissance Inc.)) -- C:\WINDOWS\System32\dllcache\npdsplay.dll
[2009/05/21 20:38:08 | 00,325,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll
[2009/05/21 20:38:08 | 00,325,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wucltui.dll
[2009/05/21 20:38:08 | 00,203,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuweb.dll
[2009/05/21 20:38:08 | 00,203,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuweb.dll
[2009/05/21 20:38:08 | 00,194,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng1.dll
[2009/05/21 20:38:08 | 00,194,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaueng1.dll
[2009/05/21 20:38:08 | 00,025,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauserv.dll
[2009/05/21 20:38:08 | 00,025,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauserv.dll
[2009/05/21 20:38:08 | 00,004,639 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.exe
[2009/05/21 20:38:07 | 01,710,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng.dll
[2009/05/21 20:38:07 | 01,710,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaueng.dll
[2009/05/21 20:38:07 | 00,549,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll
[2009/05/21 20:38:07 | 00,549,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuapi.dll
[2009/05/21 20:38:07 | 00,216,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaucpl.cpl
[2009/05/21 20:38:07 | 00,216,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaucpl.cpl
[2009/05/21 20:38:07 | 00,172,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauclt1.exe
[2009/05/21 20:38:07 | 00,172,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauclt1.exe
[2009/05/21 20:38:07 | 00,053,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauclt.exe
[2009/05/21 20:38:07 | 00,053,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauclt.exe
[2009/05/21 20:38:07 | 00,033,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wups.dll
[2009/05/21 20:38:07 | 00,033,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wups.dll
[2009/05/21 20:38:07 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qmgrprxy.dll
[2009/05/21 20:38:07 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qmgrprxy.dll
[2009/05/21 20:38:07 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bitsprx2.dll
[2009/05/21 20:38:07 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx2.dll
[2009/05/21 20:38:07 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bitsprx3.dll
[2009/05/21 20:38:07 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx3.dll
[2009/05/21 20:38:06 | 00,382,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qmgr.dll
[2009/05/21 20:38:06 | 00,382,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qmgr.dll
[2009/05/21 20:38:05 | 04,256,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2res.dll
[2009/05/21 20:38:05 | 00,325,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2fxb.dll
[2009/05/21 20:38:05 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2res2.dll
[2009/05/21 20:38:05 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2eres.dll
[2009/05/21 20:38:04 | 03,555,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\moviemk.exe
[2009/05/21 20:38:04 | 00,502,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2fxa.dll
[2009/05/21 20:38:04 | 00,402,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2filt.dll
[2009/05/21 20:38:04 | 00,167,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2ae.dll
[2009/05/21 20:38:04 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2ext.dll
[2009/05/21 20:38:03 | 00,000,000 | ---D | C] -- C:\Program Files\Movie Maker
[2009/05/21 20:38:02 | 00,563,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobmain.dll
[2009/05/21 20:38:02 | 00,122,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobcomm.dll
[2009/05/21 20:38:02 | 00,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oobebaln.exe
[2009/05/21 20:38:02 | 00,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobshel.dll
[2009/05/21 20:38:02 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobweb.dll
[2009/05/21 20:38:02 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobdl.dll
[2009/05/21 20:38:00 | 00,150,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uploadm.exe
[2009/05/21 20:38:00 | 00,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pchshell.dll
[2009/05/21 20:38:00 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrslv.dll
[2009/05/21 20:38:00 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\safrslv.dll
[2009/05/21 20:38:00 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrcdlg.dll
[2009/05/21 20:38:00 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\racpldlg.dll
[2009/05/21 20:38:00 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\safrcdlg.dll
[2009/05/21 20:38:00 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\racpldlg.dll
[2009/05/21 20:38:00 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pchsvc.dll
[2009/05/21 20:38:00 | 00,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrdm.dll
[2009/05/21 20:38:00 | 00,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\safrdm.dll
[2009/05/21 20:37:58 | 00,743,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe
[2009/05/21 20:37:58 | 00,376,320 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msinfo.dll
[2009/05/21 20:37:58 | 00,169,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msconfig.exe
[2009/05/21 20:37:58 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hscupd.exe
[2009/05/21 20:37:57 | 00,768,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpctr.exe
[2009/05/21 20:37:57 | 00,128,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\fltMgr.sys
[2009/05/21 20:37:57 | 00,128,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fltmgr.sys
[2009/05/21 20:37:57 | 00,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fltMc.exe
[2009/05/21 20:37:57 | 00,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fltmc.exe
[2009/05/21 20:37:57 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fltlib.dll
[2009/05/21 20:37:57 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fltlib.dll
[2009/05/21 20:37:56 | 00,380,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rstrui.exe
[2009/05/21 20:37:56 | 00,239,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srrstr.dll
[2009/05/21 20:37:56 | 00,239,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srrstr.dll
[2009/05/21 20:37:56 | 00,170,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srsvc.dll
[2009/05/21 20:37:56 | 00,170,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srsvc.dll
[2009/05/21 20:37:56 | 00,073,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sr.sys
[2009/05/21 20:37:56 | 00,073,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sr.sys
[2009/05/21 20:37:56 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srclient.dll
[2009/05/21 20:37:56 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srclient.dll
[2009/05/21 20:37:56 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore
[2009/05/21 20:37:55 | 00,229,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmas.dll
[2009/05/21 20:37:55 | 00,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msh261.drv
[2009/05/21 20:37:55 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ils.dll
[2009/05/21 20:37:55 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ils.dll
[2009/05/21 20:37:55 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msconf.dll
[2009/05/21 20:37:55 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msconf.dll
[2009/05/21 20:37:55 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dcap32.dll
[2009/05/21 20:37:55 | 00,034,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mnmdd.dll
[2009/05/21 20:37:55 | 00,034,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mnmdd.dll
[2009/05/21 20:37:55 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mnmsrvc.exe
[2009/05/21 20:37:55 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mnmsrvc.exe
[2009/05/21 20:37:55 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmmkcert.dll
[2009/05/21 20:37:55 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmmkcert.dll
[2009/05/21 20:37:55 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmasnt.dll
[2009/05/21 20:37:54 | 00,385,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\callcont.dll
[2009/05/21 20:37:54 | 00,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mst120.dll
[2009/05/21 20:37:54 | 00,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nac.dll
[2009/05/21 20:37:54 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmchat.dll
[2009/05/21 20:37:54 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmcom.dll
[2009/05/21 20:37:54 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rrcm.dll
[2009/05/21 20:37:54 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mst123.dll
[2009/05/21 20:37:54 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\h323cc.dll
[2009/05/21 20:37:54 | 00,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\confmrsl.dll
[2009/05/21 20:37:53 | 01,032,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\conf.exe
[2009/05/21 20:37:53 | 00,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmwb.dll
[2009/05/21 20:37:53 | 00,172,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmoldwb.dll
[2009/05/21 20:37:53 | 00,151,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmft.dll
[2009/05/21 20:37:53 | 00,000,000 | ---D | C] -- C:\Program Files\NetMeeting
[2009/05/21 20:37:52 | 00,510,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab32.dll
[2009/05/21 20:37:52 | 00,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoeacct.dll
[2009/05/21 20:37:52 | 00,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoeacct.dll
[2009/05/21 20:37:52 | 00,249,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab32res.dll
[2009/05/21 20:37:52 | 00,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoert2.dll
[2009/05/21 20:37:52 | 00,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoert2.dll
[2009/05/21 20:37:52 | 00,086,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\directdb.dll
[2009/05/21 20:37:52 | 00,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wabimp.dll
[2009/05/21 20:37:52 | 00,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetres.dll
[2009/05/21 20:37:52 | 00,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetres.dll
[2009/05/21 20:37:52 | 00,046,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab.exe
[2009/05/21 20:37:52 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wabfind.dll
[2009/05/21 20:37:52 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wabmig.exe
[2009/05/21 20:37:51 | 01,314,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoe.dll
[2009/05/21 20:37:51 | 00,679,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcomm.dll
[2009/05/21 20:37:51 | 00,679,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcomm.dll
[2009/05/21 20:37:51 | 00,104,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oeimport.dll
[2009/05/21 20:37:51 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msimn.exe
[2009/05/21 20:37:50 | 02,479,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoeres.dll
[2009/05/21 20:37:50 | 00,274,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstask.dll
[2009/05/21 20:37:50 | 00,274,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstask.dll
[2009/05/21 20:37:50 | 00,190,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\schedsvc.dll
[2009/05/21 20:37:50 | 00,190,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\schedsvc.dll
[2009/05/21 20:37:50 | 00,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setup50.exe
[2009/05/21 20:37:50 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oemig50.exe
[2009/05/21 20:37:50 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oemiglib.dll
[2009/05/21 20:37:50 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstinit.exe
[2009/05/21 20:37:50 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstinit.exe
[2009/05/21 20:37:50 | 00,000,000 | ---D | C] -- C:\Program Files\Outlook Express
[2009/05/21 20:37:49 | 00,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcfg.dll
[2009/05/21 20:37:49 | 00,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcfg.dll
[2009/05/21 20:37:49 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\isign32.dll
[2009/05/21 20:37:49 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isign32.dll
[2009/05/21 20:37:49 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwdial.dll
[2009/05/21 20:37:49 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwdial.dll
[2009/05/21 20:37:49 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwphbk.dll
[2009/05/21 20:37:49 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwphbk.dll
[2009/05/21 20:37:48 | 00,561,179 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dao360.dll
[2009/05/21 20:37:48 | 00,214,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwconn1.exe
[2009/05/21 20:37:48 | 00,172,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwhelp.dll
[2009/05/21 20:37:48 | 00,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwconn2.exe
[2009/05/21 20:37:48 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwconn.dll
[2009/05/21 20:37:48 | 00,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwutil.dll
[2009/05/21 20:37:48 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwdl.dll
[2009/05/21 20:37:48 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwrmind.exe
[2009/05/21 20:37:48 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetwiz.exe
[2009/05/21 20:37:47 | 00,487,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oledb32.dll
[2009/05/21 20:37:47 | 00,217,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sqlxmlx.dll
[2009/05/21 20:37:47 | 00,204,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaps.dll
[2009/05/21 20:37:47 | 00,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdatl3.dll
[2009/05/21 20:37:47 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaosp.dll
[2009/05/21 20:37:47 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oledb32r.dll
[2009/05/21 20:37:47 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxactps.dll
[2009/05/21 20:37:47 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdatt.dll
[2009/05/21 20:37:47 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdasqlr.dll
[2009/05/21 20:37:47 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaurl.dll
[2009/05/21 20:37:46 | 00,536,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado15.dll
[2009/05/21 20:37:46 | 00,315,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdasql.dll
[2009/05/21 20:37:46 | 00,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaora.dll
[2009/05/21 20:37:46 | 00,200,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadox.dll
[2009/05/21 20:37:46 | 00,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadomd.dll
[2009/05/21 20:37:46 | 00,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msjro.dll
[2009/05/21 20:37:46 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado27.tlb
[2009/05/21 20:37:46 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado26.tlb
[2009/05/21 20:37:46 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado25.tlb
[2009/05/21 20:37:46 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado21.tlb
[2009/05/21 20:37:46 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado20.tlb
[2009/05/21 20:37:46 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadrh15.dll
[2009/05/21 20:37:46 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msador15.dll
[2009/05/21 20:37:46 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msader15.dll
[2009/05/21 20:37:46 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaorar.dll
[2009/05/21 20:37:46 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdasc.dll
[2009/05/21 20:37:46 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaer.dll
[2009/05/21 20:37:46 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaenum.dll
[2009/05/21 20:37:46 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdadc.dll
[2009/05/21 20:37:45 | 00,331,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadce.dll
[2009/05/21 20:37:45 | 00,200,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaprst.dll
[2009/05/21 20:37:45 | 00,155,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadds.dll
[2009/05/21 20:37:45 | 00,143,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadco.dll
[2009/05/21 20:37:45 | 00,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdarem.dll
[2009/05/21 20:37:45 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcf.dll
[2009/05/21 20:37:45 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcs.dll
[2009/05/21 20:37:45 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdfmap.dll
[2009/05/21 20:37:45 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msaddsr.dll
[2009/05/21 20:37:45 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcer.dll
[2009/05/21 20:37:45 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaremr.dll
[2009/05/21 20:37:45 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaprsr.dll
[2009/05/21 20:37:45 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcor.dll
[2009/05/21 20:37:45 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcfr.dll
[2009/05/21 20:37:44 | 00,622,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iexplore.exe
[2009/05/21 20:37:44 | 00,153,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\triedit.dll
[2009/05/21 20:37:44 | 00,128,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dhtmled.ocx
[2009/05/21 20:37:44 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedw.exe
[2009/05/21 20:37:44 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hmmapi.dll
[2009/05/21 20:37:44 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\System
[2009/05/21 20:37:43 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Pictures
[2009/05/21 20:37:43 | 00,000,000 | ---D | C] -- C:\Program Files\Internet Explorer
[2009/05/21 20:37:17 | 00,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009/05/21 20:37:09 | 00,000,000 | ---D | C] -- C:\Program Files\ComPlus Applications
[2009/05/21 20:37:07 | 00,000,037 | ---- | C] () -- C:\WINDOWS\vbaddin.ini
[2009/05/21 20:37:07 | 00,000,036 | ---- | C] () -- C:\WINDOWS\vb.ini
[2009/05/21 20:37:03 | 00,000,000 | ---D | C] -- C:\WINDOWS\Registration
[2009/05/21 20:36:57 | 00,000,000 | ---D | C] -- C:\Program Files\Online Services
[2009/05/21 20:36:50 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Media Player
[2009/05/21 20:36:48 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Media Connect 2
[2009/05/21 20:36:47 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\write.exe
[2009/05/21 20:36:47 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\write.exe
[2009/05/21 20:36:47 | 00,000,000 | ---D | C] -- C:\Program Files\Messenger
[2009/05/21 20:36:42 | 00,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndvol32.exe
[2009/05/21 20:36:42 | 00,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndvol32.exe
[2009/05/21 20:36:41 | 00,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avtapi.dll
[2009/05/21 20:36:41 | 00,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avtapi.dll
[2009/05/21 20:36:41 | 00,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avwav.dll
[2009/05/21 20:36:41 | 00,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avwav.dll
[2009/05/21 20:36:41 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winchat.exe
[2009/05/21 20:36:41 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winchat.exe
[2009/05/21 20:36:41 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avmeter.dll
[2009/05/21 20:36:41 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avmeter.dll
[2009/05/21 20:36:37 | 00,065,978 | ---- | C] () -- C:\WINDOWS\Soap Bubbles.bmp
[2009/05/21 20:36:37 | 00,065,954 | ---- | C] () -- C:\WINDOWS\Prairie Wind.bmp
[2009/05/21 20:36:37 | 00,065,832 | ---- | C] () -- C:\WINDOWS\Santa Fe Stucco.bmp
[2009/05/21 20:36:37 | 00,026,680 | ---- | C] () -- C:\WINDOWS\River Sumida.bmp
[2009/05/21 20:36:37 | 00,026,582 | ---- | C] () -- C:\WINDOWS\Greenstone.bmp
[2009/05/21 20:36:37 | 00,017,362 | ---- | C] () -- C:\WINDOWS\Rhododendron.bmp
[2009/05/21 20:36:37 | 00,017,336 | ---- | C] () -- C:\WINDOWS\Gone Fishing.bmp
[2009/05/21 20:36:37 | 00,017,062 | ---- | C] () -- C:\WINDOWS\Coffee Bean.bmp
[2009/05/21 20:36:37 | 00,016,730 | ---- | C] () -- C:\WINDOWS\FeatherTexture.bmp
[2009/05/21 20:36:37 | 00,009,522 | ---- | C] () -- C:\WINDOWS\Zapotec.bmp
[2009/05/21 20:36:36 | 00,605,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\getuname.dll
[2009/05/21 20:36:36 | 00,605,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\getuname.dll
[2009/05/21 20:36:36 | 00,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\charmap.exe
[2009/05/21 20:36:36 | 00,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\charmap.exe
[2009/05/21 20:36:36 | 00,001,272 | ---- | C] () -- C:\WINDOWS\Blue Lace 16.bmp
[2009/05/21 20:36:35 | 00,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\calc.exe
[2009/05/21 20:36:35 | 00,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\calc.exe
[2009/05/21 20:36:35 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\regini.exe
[2009/05/21 20:36:35 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\regini.exe
[2009/05/21 20:36:35 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qwinsta.exe
[2009/05/21 20:36:35 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qwinsta.exe
[2009/05/21 20:36:35 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsshutdn.exe
[2009/05/21 20:36:35 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qappsrv.exe
[2009/05/21 20:36:35 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsshutdn.exe
[2009/05/21 20:36:35 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qappsrv.exe
[2009/05/21 20:36:35 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tskill.exe
[2009/05/21 20:36:35 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tskill.exe
[2009/05/21 20:36:35 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rwinsta.exe
[2009/05/21 20:36:35 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rwinsta.exe
[2009/05/21 20:36:35 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsdiscon.exe
[2009/05/21 20:36:35 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscon.exe
[2009/05/21 20:36:35 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\shadow.exe
[2009/05/21 20:36:35 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsdiscon.exe
[2009/05/21 20:36:35 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscon.exe
[2009/05/21 20:36:35 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shadow.exe
[2009/05/21 20:36:35 | 00,013,223 | ---- | C] () -- C:\WINDOWS\System32\tslabels.ini
[2009/05/21 20:36:35 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\reset.exe
[2009/05/21 20:36:35 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\reset.exe
[2009/05/21 20:36:35 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpcfgex.dll
[2009/05/21 20:36:35 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpcfgex.dll
[2009/05/21 20:36:35 | 00,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h
[2009/05/21 20:36:35 | 00,001,161 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2009/05/21 20:36:34 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msg.exe
[2009/05/21 20:36:34 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msg.exe
[2009/05/21 20:36:34 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtsadmin.tlb
[2009/05/21 20:36:34 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cdmodem.dll
[2009/05/21 20:36:34 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cdmodem.dll
[2009/05/21 20:36:34 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\logoff.exe
[2009/05/21 20:36:34 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logoff.exe
[2009/05/21 20:36:34 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dcomcnfg.exe
[2009/05/21 20:36:34 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrereg.exe
[2009/05/21 20:36:34 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dcomcnfg.exe
[2009/05/21 20:36:34 | 00,001,931 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.ini
[2009/05/21 20:36:34 | 00,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h
[2009/05/21 20:36:33 | 00,147,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comsnap.dll
[2009/05/21 20:36:33 | 00,147,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsnap.dll
[2009/05/21 20:36:33 | 00,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrepl.dll
[2009/05/21 20:36:33 | 00,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comrepl.dll
[2009/05/21 20:36:33 | 00,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\stclient.dll
[2009/05/21 20:36:33 | 00,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\stclient.dll
[2009/05/21 20:36:33 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmi2xml.dll
[2009/05/21 20:36:33 | 00,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comaddin.dll
[2009/05/21 20:36:33 | 00,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comaddin.dll
[2009/05/21 20:36:33 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxlegih.dll
[2009/05/21 20:36:33 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxlegih.dll
[2009/05/21 20:36:33 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxdm.dll
[2009/05/21 20:36:33 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxdm.dll
[2009/05/21 20:36:33 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxex.dll
[2009/05/21 20:36:33 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxex.dll
[2009/05/21 20:36:30 | 00,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\updprov.dll
[2009/05/21 20:36:30 | 00,075,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipicmp.dll
[2009/05/21 20:36:30 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmimsg.dll
[2009/05/21 20:36:30 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemdisp.tlb
[2009/05/21 20:36:30 | 00,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmitimep.dll
[2009/05/21 20:36:30 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.tlb
[2009/05/21 20:36:30 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmtr.dll
[2009/05/21 20:36:30 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmt.exe
[2009/05/21 20:36:30 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.dll
[2009/05/21 20:36:29 | 00,273,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msiprov.dll
[2009/05/21 20:36:29 | 00,120,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsprov.dll
[2009/05/21 20:36:29 | 00,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc
[2009/05/21 20:36:29 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmplprov.dll
[2009/05/21 20:36:29 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trnsprov.dll
[2009/05/21 20:36:29 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fwdprov.dll
[2009/05/21 20:36:29 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpcons.dll
[2009/05/21 20:36:29 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unsecapp.exe
[2009/05/21 20:36:19 | 00,214,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wordpad.exe
[2009/05/21 20:36:19 | 00,183,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\accwiz.exe
[2009/05/21 20:36:19 | 00,183,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\accwiz.exe
[2009/05/21 20:36:19 | 00,000,000 | ---D | C] -- C:\Program Files\MSN
[2009/05/21 20:36:18 | 00,539,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dialer.exe
[2009/05/21 20:36:18 | 00,343,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mspaint.exe
[2009/05/21 20:36:18 | 00,343,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspaint.exe
[2009/05/21 20:36:18 | 00,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndrec32.exe
[2009/05/21 20:36:18 | 00,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndrec32.exe
[2009/05/21 20:36:18 | 00,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mplay32.exe
[2009/05/21 20:36:18 | 00,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplay32.exe
[2009/05/21 20:36:18 | 00,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\access.cpl
[2009/05/21 20:36:18 | 00,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\access.cpl
[2009/05/21 20:36:18 | 00,000,000 | ---D | C] -- C:\Program Files\Windows NT
[2009/05/21 20:36:17 | 01,866,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstscax.dll
[2009/05/21 20:36:17 | 01,866,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstscax.dll
[2009/05/21 20:36:17 | 00,600,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstsc.exe
[2009/05/21 20:36:17 | 00,600,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstsc.exe
[2009/05/21 20:36:17 | 00,139,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rdpwd.sys
[2009/05/21 20:36:17 | 00,139,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwd.sys
[2009/05/21 20:36:17 | 00,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscfgwmi.dll
[2009/05/21 20:36:17 | 00,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscfgwmi.dll
[2009/05/21 20:36:17 | 00,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tdtcp.sys
[2009/05/21 20:36:17 | 00,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdtcp.sys
[2009/05/21 20:36:17 | 00,012,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tdpipe.sys
[2009/05/21 20:36:17 | 00,012,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdpipe.sys
[2009/05/21 20:36:16 | 00,295,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\termsrv.dll
[2009/05/21 20:36:16 | 00,295,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\termsrv.dll
[2009/05/21 20:36:16 | 00,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdchost.dll
[2009/05/21 20:36:16 | 00,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdchost.dll
[2009/05/21 20:36:16 | 00,140,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sessmgr.exe
[2009/05/21 20:36:16 | 00,140,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sessmgr.exe
[2009/05/21 20:36:16 | 00,087,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpwsx.dll
[2009/05/21 20:36:16 | 00,087,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwsx.dll
[2009/05/21 20:36:16 | 00,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdshost.exe
[2009/05/21 20:36:16 | 00,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdshost.exe
[2009/05/21 20:36:16 | 00,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpclip.exe
[2009/05/21 20:36:16 | 00,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpclip.exe
[2009/05/21 20:36:16 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\remotepg.dll
[2009/05/21 20:36:16 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\remotepg.dll
[2009/05/21 20:36:16 | 00,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscupgrd.exe
[2009/05/21 20:36:16 | 00,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscupgrd.exe
[2009/05/21 20:36:16 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qprocess.exe
[2009/05/21 20:36:16 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qprocess.exe
[2009/05/21 20:36:16 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpsnd.dll
[2009/05/21 20:36:16 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpsnd.dll
[2009/05/21 20:36:16 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdsaddin.exe
[2009/05/21 20:36:16 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdsaddin.exe
[2009/05/21 20:36:16 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icaapi.dll
[2009/05/21 20:36:16 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icaapi.dll
[2009/05/21 20:36:15 | 00,956,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtctm.dll
[2009/05/21 20:36:15 | 00,956,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtctm.dll
[2009/05/21 20:36:15 | 00,427,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcprx.dll
[2009/05/21 20:36:15 | 00,427,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtcprx.dll
[2009/05/21 20:36:15 | 00,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcuiu.dll
[2009/05/21 20:36:15 | 00,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtcuiu.dll
[2009/05/21 20:36:15 | 00,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxoci.dll
[2009/05/21 20:36:15 | 00,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxoci.dll
[2009/05/21 20:36:15 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cfgbkend.dll
[2009/05/21 20:36:15 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cfgbkend.dll
[2009/05/21 20:36:15 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xolehlp.dll
[2009/05/21 20:36:15 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xolehlp.dll
[2009/05/21 20:36:15 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc
[2009/05/21 20:36:14 | 00,195,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comadmin.dll
[2009/05/21 20:36:14 | 00,110,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clbcatex.dll
[2009/05/21 20:36:14 | 00,110,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clbcatex.dll
[2009/05/21 20:36:14 | 00,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\catsrvps.dll
[2009/05/21 20:36:14 | 00,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvps.dll
[2009/05/21 20:36:14 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\colbact.dll
[2009/05/21 20:36:14 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\colbact.dll
[2009/05/21 20:36:14 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtclog.dll
[2009/05/21 20:36:14 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtclog.dll
[2009/05/21 20:36:14 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrepl.exe
[2009/05/21 20:36:14 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtc.exe
[2009/05/21 20:36:14 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtc.exe
[2009/05/21 20:36:14 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Com
[2009/05/21 20:36:13 | 01,269,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comsvcs.dll
[2009/05/21 20:36:13 | 01,269,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsvcs.dll
[2009/05/21 20:36:13 | 00,625,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\catsrvut.dll
[2009/05/21 20:36:13 | 00,625,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvut.dll
[2009/05/21 20:36:13 | 00,539,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comuid.dll
[2009/05/21 20:36:13 | 00,539,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comuid.dll
[2009/05/21 20:36:13 | 00,498,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clbcatq.dll
[2009/05/21 20:36:13 | 00,498,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clbcatq.dll
[2009/05/21 20:36:13 | 00,225,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\catsrv.dll
[2009/05/21 20:36:13 | 00,225,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrv.dll
[2009/05/21 20:36:11 | 00,437,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprvsd.dll
[2009/05/21 20:36:11 | 00,358,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmic.exe
[2009/05/21 20:36:11 | 00,218,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprvse.exe
[2009/05/21 20:36:11 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipcima.dll
[2009/05/21 20:36:11 | 00,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmisvc.dll
[2009/05/21 20:36:11 | 00,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprov.dll
[2009/05/21 20:36:11 | 00,140,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmidcprv.dll
[2009/05/21 20:36:11 | 00,132,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipdskq.dll
[2009/05/21 20:36:11 | 00,126,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiapsrv.exe
[2009/05/21 20:36:11 | 00,095,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiutils.dll
[2009/05/21 20:36:11 | 00,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiaprpl.dll
[2009/05/21 20:36:11 | 00,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipjobj.dll
[2009/05/21 20:36:11 | 00,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipiprt.dll
[2009/05/21 20:36:11 | 00,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmicookr.dll
[2009/05/21 20:36:11 | 00,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipsess.dll
[2009/05/21 20:36:10 | 00,531,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcore.dll
[2009/05/21 20:36:10 | 00,273,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemess.dll
[2009/05/21 20:36:10 | 00,214,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcomn.dll
[2009/05/21 20:36:10 | 00,197,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemupgd.dll
[2009/05/21 20:36:10 | 00,196,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiadap.exe
[2009/05/21 20:36:10 | 00,196,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcntl.dll
[2009/05/21 20:36:10 | 00,178,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemdisp.dll
[2009/05/21 20:36:10 | 00,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\viewprov.dll
[2009/05/21 20:36:10 | 00,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemtest.exe
[2009/05/21 20:36:10 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcons.dll
[2009/05/21 20:36:10 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemsvc.dll
[2009/05/21 20:36:10 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemprox.dll
[2009/05/21 20:36:10 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiapres.dll
[2009/05/21 20:36:09 | 00,237,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\provthrd.dll
[2009/05/21 20:36:09 | 00,212,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntevt.dll
[2009/05/21 20:36:09 | 00,177,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\repdrvfs.dll
[2009/05/21 20:36:09 | 00,123,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mofd.dll
[2009/05/21 20:36:09 | 00,092,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\policman.dll
[2009/05/21 20:36:09 | 00,086,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\stdprov.dll
[2009/05/21 20:36:09 | 00,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ncprov.dll
[2009/05/21 20:36:09 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scrcons.exe
[2009/05/21 20:36:09 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\krnlprov.dll
[2009/05/21 20:36:09 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mofcomp.exe
[2009/05/21 20:36:08 | 01,352,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cimwin32.dll
[2009/05/21 20:36:08 | 00,472,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fastprox.dll
[2009/05/21 20:36:08 | 00,247,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\esscli.dll
[2009/05/21 20:36:08 | 00,185,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\framedyn.dll
[2009/05/21 20:36:07 | 00,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmprops.dll
[2009/05/21 20:36:07 | 00,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmprops.dll
[2009/05/21 20:36:07 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\licwmi.dll
[2009/05/21 20:36:07 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\licwmi.dll
[2009/05/21 20:36:07 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\servdeps.dll
[2009/05/21 20:36:07 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\servdeps.dll
[2009/05/21 20:36:07 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmfutil.dll
[2009/05/21 20:36:07 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mmfutil.dll
[2009/05/21 20:36:06 | 00,040,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\termdd.sys
[2009/05/21 20:36:05 | 00,196,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rdpdr.sys
[2009/05/21 20:36:05 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Videos
[2009/05/21 16:35:22 | 00,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\audstub.sys
[2009/05/21 16:35:01 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\hidserv.dll
[2009/05/21 16:34:43 | 00,057,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\redbook.sys
[2009/05/21 16:34:08 | 00,006,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\enum1394.sys
[2009/05/21 16:33:50 | 00,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\usbui.dll
[2009/05/21 16:32:04 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Music
[2009/05/21 16:32:02 | 00,004,512 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2009/05/21 16:31:59 | 00,471,326 | ---- | C] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/05/21 16:31:59 | 00,000,000 | -HSD | C] -- C:\WINDOWS\Installer
[2009/05/21 16:31:58 | 00,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009/05/21 16:31:58 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC
[2009/05/21 16:31:57 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spcommon.dll
[2009/05/21 16:31:57 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spcplui.dll
[2009/05/21 16:31:56 | 01,685,606 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.spd
[2009/05/21 16:31:56 | 00,774,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spttseng.dll
[2009/05/21 16:31:56 | 00,643,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa
[2009/05/21 16:31:56 | 00,605,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa
[2009/05/21 16:31:56 | 00,000,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.sdf
[2009/05/21 16:31:55 | 00,741,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapi.dll
[2009/05/21 16:31:55 | 00,155,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapi.cpl
[2009/05/21 16:31:55 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapisvr.exe
[2009/05/21 16:31:55 | 00,000,000 | R--D | C] -- C:\Program Files
[2009/05/21 16:31:55 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeechEngines
[2009/05/21 16:31:55 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Shared
[2009/05/21 16:31:55 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files
[2009/05/21 16:31:52 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuq.dll
[2009/05/21 16:31:52 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuf.dll
[2009/05/21 16:31:52 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtuq.dll
[2009/05/21 16:31:52 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtuf.dll
[2009/05/21 16:31:52 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbduzb.dll
[2009/05/21 16:31:52 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtat.dll
[2009/05/21 16:31:52 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmon.dll
[2009/05/21 16:31:52 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkyr.dll
[2009/05/21 16:31:52 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkaz.dll
[2009/05/21 16:31:52 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdazel.dll
[2009/05/21 16:31:52 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdaze.dll
[2009/05/21 16:31:52 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbduzb.dll
[2009/05/21 16:31:52 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtat.dll
[2009/05/21 16:31:52 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdmon.dll
[2009/05/21 16:31:52 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkyr.dll
[2009/05/21 16:31:52 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkaz.dll
[2009/05/21 16:31:52 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdazel.dll
[2009/05/21 16:31:52 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdaze.dll
[2009/05/21 16:31:51 | 00,008,192 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhept.dll
[2009/05/21 16:31:51 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhept.dll
[2009/05/21 16:31:51 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela3.dll
[2009/05/21 16:31:51 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhela3.dll
[2009/05/21 16:31:51 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela2.dll
[2009/05/21 16:31:51 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdgkl.dll
[2009/05/21 16:31:51 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhela2.dll
[2009/05/21 16:31:51 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgkl.dll
[2009/05/21 16:31:51 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycc.dll
[2009/05/21 16:31:51 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdur.dll
[2009/05/21 16:31:51 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru1.dll
[2009/05/21 16:31:51 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru.dll
[2009/05/21 16:31:51 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe319.dll
[2009/05/21 16:31:51 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe220.dll
[2009/05/21 16:31:51 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe.dll
[2009/05/21 16:31:51 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbu.dll
[2009/05/21 16:31:51 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdblr.dll
[2009/05/21 16:31:51 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdycc.dll
[2009/05/21 16:31:51 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdur.dll
[2009/05/21 16:31:51 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdru1.dll
[2009/05/21 16:31:51 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdru.dll
[2009/05/21 16:31:51 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe319.dll
[2009/05/21 16:31:51 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe220.dll
[2009/05/21 16:31:51 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe.dll
[2009/05/21 16:31:51 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdbu.dll
[2009/05/21 16:31:51 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdblr.dll
[2009/05/21 16:31:50 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt040e.dll
[2009/05/21 16:31:50 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0415.dll
[2009/05/21 16:31:50 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0405.dll
[2009/05/21 16:31:50 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv1.dll
[2009/05/21 16:31:50 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv.dll
[2009/05/21 16:31:50 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdest.dll
[2009/05/21 16:31:50 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlv1.dll
[2009/05/21 16:31:50 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlv.dll
[2009/05/21 16:31:50 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdest.dll
[2009/05/21 16:31:50 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt1.dll
[2009/05/21 16:31:50 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt.dll
[2009/05/21 16:31:50 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlt1.dll
[2009/05/21 16:31:50 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlt.dll
[2009/05/21 16:31:48 | 00,007,168 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz.dll
[2009/05/21 16:31:48 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz.dll
[2009/05/21 16:31:48 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycl.dll
[2009/05/21 16:31:48 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl1.dll
[2009/05/21 16:31:48 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl.dll
[2009/05/21 16:31:48 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpl.dll
[2009/05/21 16:31:48 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu.dll
[2009/05/21 16:31:48 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz2.dll
[2009/05/21 16:31:48 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz1.dll
[2009/05/21 16:31:48 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcr.dll
[2009/05/21 16:31:48 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\KBDAL.DLL
[2009/05/21 16:31:48 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdycl.dll
[2009/05/21 16:31:48 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsl1.dll
[2009/05/21 16:31:48 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsl.dll
[2009/05/21 16:31:48 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdpl.dll
[2009/05/21 16:31:48 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhu.dll
[2009/05/21 16:31:48 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz2.dll
[2009/05/21 16:31:48 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz1.dll
[2009/05/21 16:31:48 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcr.dll
[2009/05/21 16:31:48 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdal.dll
[2009/05/21 16:31:48 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdro.dll
[2009/05/21 16:31:48 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpl1.dll
[2009/05/21 16:31:48 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu1.dll
[2009/05/21 16:31:48 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdro.dll
[2009/05/21 16:31:48 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdpl1.dll
[2009/05/21 16:31:48 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhu1.dll
[2009/05/21 16:31:43 | 00,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\spxcoins.dll
[2009/05/21 16:31:43 | 00,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxcoins.dll
[2009/05/21 16:31:43 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irclass.dll
[2009/05/21 16:31:43 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irclass.dll
[2009/05/21 16:31:42 | 00,126,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MSVIDEO.DLL
[2009/05/21 16:31:42 | 00,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLECLI.DLL
[2009/05/21 16:31:42 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLESVR.DLL
[2009/05/21 16:31:42 | 00,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TAPI.DLL
[2009/05/21 16:31:42 | 00,013,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\WFWNET.DRV
[2009/05/21 16:31:42 | 00,009,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VER.DLL
[2009/05/21 16:31:42 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SHELL.DLL
[2009/05/21 16:31:42 | 00,004,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TIMER.DRV
[2009/05/21 16:31:42 | 00,003,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SYSTEM.DRV
[2009/05/21 16:31:42 | 00,002,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VGA.DRV
[2009/05/21 16:31:42 | 00,001,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SOUND.DRV
[2009/05/21 16:31:41 | 00,109,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVIFILE.DLL
[2009/05/21 16:31:41 | 00,073,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIAVI.DRV
[2009/05/21 16:31:41 | 00,069,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVICAP.DLL
[2009/05/21 16:31:41 | 00,032,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\COMMDLG.DLL
[2009/05/21 16:31:41 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIWAVE.DRV
[2009/05/21 16:31:41 | 00,025,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCISEQ.DRV
[2009/05/21 16:31:41 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\TASKMAN.EXE
[2009/05/21 16:31:41 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\taskman.exe
[2009/05/21 16:31:41 | 00,009,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\LZEXPAND.DLL
[2009/05/21 16:31:41 | 00,002,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MOUSE.DRV
[2009/05/21 16:31:41 | 00,002,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\KEYBOARD.DRV
[2009/05/21 16:31:41 | 00,001,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MMTASK.TSK
[2009/05/21 16:31:40 | 00,146,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\WINSPOOL.DRV
[2009/05/21 16:31:40 | 00,074,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\storprop.dll
[2009/05/21 16:31:40 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\NOTEPAD.EXE
[2009/05/21 16:31:40 | 00,068,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MMSYSTEM.DLL
[2009/05/21 16:31:40 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\irenum.sys
[2009/05/21 16:31:40 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irenum.sys
[2009/05/21 16:31:40 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\batt.dll
[2009/05/21 16:31:40 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\batt.dll
[2009/05/21 16:31:40 | 00,001,688 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2009/05/21 16:31:32 | 00,000,084 | -HS- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\desktop.ini
[2009/05/21 16:31:32 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Documents\desktop.ini
[2009/05/21 16:31:32 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\desktop.ini
[2009/05/21 16:31:10 | 00,141,702 | ---- | C] () -- C:\WINDOWS\System32\dllcache\netfx.cat
[2009/05/21 16:31:10 | 00,031,965 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mediactr.cat
[2009/05/21 16:31:10 | 00,024,209 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn7.cat
[2009/05/21 16:31:10 | 00,011,651 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn9.cat
[2009/05/21 16:31:09 | 01,086,058 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NTPRINT.CAT
[2009/05/21 16:31:09 | 01,042,903 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP2.CAT
[2009/05/21 16:31:09 | 00,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2009/05/21 16:31:09 | 00,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2009/05/21 16:31:09 | 00,110,116 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tabletpc.cat
[2009/05/21 16:31:09 | 00,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2009/05/21 16:31:09 | 00,031,281 | ---- | C] () -- C:\WINDOWS\System32\dllcache\FP4.CAT
[2009/05/21 16:31:09 | 00,013,753 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IMS.CAT
[2009/05/21 16:31:09 | 00,009,581 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSMSGS.CAT
[2009/05/21 16:31:09 | 00,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2009/05/21 16:31:09 | 00,007,382 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2009/05/21 16:31:09 | 00,007,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat
[2009/05/21 16:31:09 | 00,007,245 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSTSWEB.CAT
[2009/05/21 16:31:08 | 02,012,670 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5.CAT
[2009/05/21 16:31:08 | 00,502,724 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5INF.CAT
[2009/05/21 16:30:59 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2009/05/21 16:30:59 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot
[2009/05/21 16:30:53 | 00,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2009/05/21 16:30:37 | 00,246,423 | ---- | C] () -- C:\DPsFnshr.exe
[2009/05/21 16:30:37 | 00,211,039 | ---- | C] () -- C:\DSPdsblr.exe
[2009/05/21 16:30:37 | 00,202,187 | ---- | C] () -- C:\pmtimer.exe
[2009/05/21 16:30:37 | 00,137,728 | ---- | C] () -- C:\mute.exe
[2009/05/21 16:30:37 | 00,055,808 | ---- | C] (Microsoft Corporation) -- C:\devcon.exe
[2009/05/21 16:30:37 | 00,020,992 | ---- | C] () -- C:\makePNF.exe
[2009/05/21 16:30:37 | 00,000,630 | ---- | C] () -- C:\DPsFnshr.ini
[2009/05/21 16:30:37 | 00,000,000 | ---- | C] () -- C:\ATICCC.ins
[2009/05/21 16:30:30 | 00,063,212 | ---- | C] () -- C:\DriverPack_MassStorage_wnt5_x86-32.ini
[2009/05/21 16:30:25 | 00,000,420 | ---- | C] () -- C:\DriverPack_CPU_wnt5_x86-32.ini
[2009/05/21 16:30:13 | 00,000,000 | ---D | C] -- C:\D
[2009/05/21 16:30:05 | 00,000,000 | -HSD | C] -- C:\System Volume Information
[2009/05/21 16:30:05 | 00,000,000 | ---D | C] -- C:\Documents and Settings
[2009/05/21 16:30:04 | 00,107,008 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/05/21 16:29:41 | 00,000,211 | -HS- | C] () -- C:\boot.ini
[2009/05/21 16:29:38 | 00,000,916 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf
[2009/05/21 16:29:35 | 00,000,000 | ---D | C] -- C:\install
[2009/05/21 16:26:47 | 00,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files
[2009/05/21 16:26:47 | 00,000,000 | R-SD | C] -- C:\WINDOWS\Fonts
[2009/05/21 16:26:47 | 00,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2009/05/21 16:26:47 | 00,000,000 | R--D | C] -- C:\WINDOWS\Web
[2009/05/21 16:26:47 | 00,000,000 | -H-D | C] -- C:\WINDOWS\inf
[2009/05/21 16:26:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\WinSxS
[2009/05/21 16:26:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2009/05/21 16:26:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\twain_32
[2009/05/21 16:26:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2009/05/21 16:26:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\wins
[2009/05/21 16:26:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem
[2009/05/21 16:26:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt
[2009/05/21 16:26:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\spool
[2009/05/21 16:26:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt
[2009/05/21 16:26:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup
[2009/05/21 16:26:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ras
[2009/05/21 16:26:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2009/05/21 16:26:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe
[2009/05/21 16:26:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\npp
[2009/05/21 16:26:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\mui
[2009/05/21 16:26:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed
[2009/05/21 16:26:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv
[2009/05/21 16:26:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\IME
[2009/05/21 16:26:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml
[2009/05/21 16:26:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ias
[2009/05/21 16:26:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\export
[2009/05/21 16:26:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\en-us
[2009/05/21 16:26:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\en
[2009/05/21 16:26:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc
[2009/05/21 16:26:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn
[2009/05/21 16:26:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers
[2009/05/21 16:26:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp
[2009/05/21 16:26:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\config
[2009/05/21 16:26:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi
[2009/05/21 16:26:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\3076
[2009/05/21 16:26:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\2052
[2009/05/21 16:26:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1054
[2009/05/21 16:26:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1042
[2009/05/21 16:26:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1041
[2009/05/21 16:26:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1037
[2009/05/21 16:26:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1033
[2009/05/21 16:26:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1031
[2009/05/21 16:26:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1028
[2009/05/21 16:26:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1025
[2009/05/21 16:26:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\system32
[2009/05/21 16:26:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\system
[2009/05/21 16:26:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2009/05/21 16:26:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\security
[2009/05/21 16:26:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\Resources
[2009/05/21 16:26:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\repair
[2009/05/21 16:26:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\Provisioning
[2009/05/21 16:26:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\PeerNet
[2009/05/21 16:26:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\pchealth
[2009/05/21 16:26:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\Offline Web Pages
[2009/05/21 16:26:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\Network Diagnostic
[2009/05/21 16:26:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\mui
[2009/05/21 16:26:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\msapps
[2009/05/21 16:26:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\msagent
[2009/05/21 16:26:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\Media
[2009/05/21 16:26:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2009/05/21 16:26:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\java
[2009/05/21 16:26:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\ime
[2009/05/21 16:26:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\Help
[2009/05/21 16:26:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\ehome
[2009/05/21 16:26:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache
[2009/05/21 16:26:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\Debug
[2009/05/21 16:26:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\Cursors
[2009/05/21 16:26:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard
[2009/05/21 16:26:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\Config
[2009/05/21 16:26:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\AppPatch
[2009/05/21 16:26:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\addins
[2009/05/21 16:26:47 | 00,000,000 | ---D | C] -- C:\WINDOWS
[2009/05/09 16:40:09 | 00,103,872 | ---- | C] (SlySoft, Inc.) -- C:\WINDOWS\System32\drivers\AnyDVD.sys

========== Files - Modified Within 30 Days ==========

[13 C:\WINDOWS\System32\*.tmp files]
[3 C:\WINDOWS\*.tmp files]
[2009/05/28 19:16:49 | 00,422,912 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Admin\Desktop\OTViewIt.exe
[2009/05/28 19:05:01 | 00,000,286 | -H-- | M] () -- C:\WINDOWS\tasks\{783AF354-B514-42d6-970E-3E8BF0A5279C}.job
[2009/05/28 19:00:12 | 00,000,240 | -H-- | M] () -- C:\WINDOWS\tasks\{5B57CF47-0BFA-43c6-ACF9-3B3653DCADBA}.job
[2009/05/28 18:08:09 | 00,001,478 | ---- | M] () -- C:\Documents and Settings\Admin\Desktop\'Folding@Home'.lnk
[2009/05/28 17:57:49 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/05/28 17:57:42 | 00,000,430 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.ics
[2009/05/28 17:56:45 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/05/28 17:56:36 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/05/28 17:55:57 | 00,033,232 | ---- | M] () -- C:\WINDOWS\System32\BMXStateBkp-{00000003-00000000-00000000-00001102-00000004-20061102}.rfx
[2009/05/28 17:55:57 | 00,033,232 | ---- | M] () -- C:\WINDOWS\System32\BMXState-{00000003-00000000-00000000-00001102-00000004-20061102}.rfx
[2009/05/28 17:55:57 | 00,032,448 | ---- | M] () -- C:\WINDOWS\System32\BMXCtrlState-{00000003-00000000-00000000-00001102-00000004-20061102}.rfx
[2009/05/28 17:55:57 | 00,032,448 | ---- | M] () -- C:\WINDOWS\System32\BMXBkpCtrlState-{00000003-00000000-00000000-00001102-00000004-20061102}.rfx
[2009/05/28 17:55:57 | 00,001,080 | ---- | M] () -- C:\WINDOWS\System32\settingsbkup.sfm
[2009/05/28 17:55:57 | 00,001,080 | ---- | M] () -- C:\WINDOWS\System32\settings.sfm
[2009/05/28 17:55:57 | 00,000,384 | ---- | M] () -- C:\WINDOWS\System32\DVCStateBkp-{00000003-00000000-00000000-00001102-00000004-20061102}.dat
[2009/05/28 17:55:57 | 00,000,384 | ---- | M] () -- C:\WINDOWS\System32\DVCState-{00000003-00000000-00000000-00001102-00000004-20061102}.dat
[2009/05/28 17:53:18 | 04,933,091 | ---- | M] () -- C:\WINDOWS\{00000003-00000000-00000000-00001102-00000004-20061102}.CDF
[2009/05/28 17:53:18 | 04,933,091 | ---- | M] () -- C:\WINDOWS\{00000003-00000000-00000000-00001102-00000004-20061102}.BAK
[2009/05/28 17:50:55 | 00,000,099 | ---- | M] () -- C:\WINDOWS\Č
[2009/05/28 17:36:49 | 00,000,136 | ---- | M] () -- C:\WINDOWS\SBWIN.INI
[2009/05/28 17:25:34 | 36,510,148 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2009/05/28 17:25:34 | 00,062,921 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg
[2009/05/28 16:57:55 | 00,278,221 | ---- | M] () -- C:\Documents and Settings\Admin\Desktop\gmer.zip
[2009/05/28 16:40:17 | 00,132,597 | ---- | M] () -- C:\Documents and Settings\Admin\Desktop\Flash_Disinfector.exe
[2009/05/28 13:28:10 | 00,120,836 | ---- | M] () -- C:\WINDOWS\msa.exe
[2009/05/28 13:28:09 | 00,134,660 | ---- | M] () -- C:\WINDOWS\System32\msxml71.dll
[2009/05/28 09:30:22 | 00,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2009/05/26 18:38:46 | 00,000,330 | ---- | M] () -- C:\Documents and Settings\Admin\Desktop\ForexTrader.appref-ms
[2009/05/25 10:47:55 | 00,000,695 | ---- | M] () -- C:\Documents and Settings\Admin\Desktop\Shortcut to SporeApp.lnk
[2009/05/25 06:27:47 | 00,000,734 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Acrobat.com.lnk
[2009/05/25 04:05:50 | 02,737,324 | ---- | M] () -- C:\Documents and Settings\Admin\My Documents\ExchangeSpring08.pdf
[2009/05/23 16:33:44 | 00,001,578 | ---- | M] () -- C:\Documents and Settings\Admin\Desktop\LimeWire 5.1.3.lnk
[2009/05/23 16:33:01 | 16,510,368 | ---- | M] (Lime Wire LLC) -- C:\Documents and Settings\Admin\My Documents\LimeWireWin.exe
[2009/05/23 13:24:22 | 00,000,754 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AnyDVD.lnk
[2009/05/22 22:24:37 | 00,000,599 | ---- | M] () -- C:\Documents and Settings\Admin\Desktop\Shortcut to Xbox Backup Creator.lnk
[2009/05/22 22:09:48 | 01,358,454 | ---- | M] () -- C:\Documents and Settings\Admin\My Documents\wrar39b2.exe
[2009/05/22 22:07:57 | 03,015,064 | ---- | M] () -- C:\Documents and Settings\Admin\My Documents\Xbox_Backup_Creator_v2.8.0.275.rar
[2009/05/22 20:18:25 | 00,000,799 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Run Registration Tool.lnk
[2009/05/22 20:15:05 | 01,787,868 | ---- | M] () -- C:\Documents and Settings\Admin\Desktop\Nintendo_WFC_USB.zip
[2009/05/22 19:19:43 | 01,283,448 | ---- | M] (Xceed Software Inc. 1-450-442-2626 info@xceedsoft.com www.xceedsoft.com) -- C:\Documents and Settings\Admin\Desktop\R78727.EXE
[2009/05/22 19:18:34 | 00,001,589 | ---- | M] () -- C:\Documents and Settings\Admin\Desktop\abgx360 GUI.lnk
[2009/05/22 19:11:30 | 00,359,883 | ---- | M] () -- C:\Documents and Settings\Admin\Desktop\dds.scr
[2009/05/22 13:17:31 | 00,002,715 | ---- | M] () -- C:\Documents and Settings\Admin\My Documents\[isoHunt]_GridinSoft.Trojan.Killer.v2.0.0.2.WinALL.Cracked-CzW.torrent
[2009/05/22 13:14:09 | 00,000,682 | ---- | M] () -- C:\Documents and Settings\Admin\Desktop\Shortcut to uTorrent.lnk
[2009/05/22 13:13:46 | 00,001,149 | ---- | M] () -- C:\Documents and Settings\Admin\My Documents\Trojan_Killer_2.0.2.1_crack_serial_keygen_activation_full_by_zemurkaj12[www.btmon.com].torrent
[2009/05/22 12:46:13 | 06,750,851 | ---- | M] (GridinSoft, Inc. ) -- C:\Documents and Settings\Admin\My Documents\trojankiller-setup.exe
[2009/05/22 12:31:17 | 00,001,734 | ---- | M] () -- C:\Documents and Settings\Admin\Desktop\HijackThis.lnk
[2009/05/22 12:31:14 | 00,812,344 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\Admin\My Documents\HJTInstall.exe
[2009/05/22 12:20:07 | 16,409,960 | ---- | M] (Safer Networking Limited ) -- C:\Documents and Settings\Admin\My Documents\spybotsd162.exe
[2009/05/22 02:06:24 | 00,471,326 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/05/22 02:06:24 | 00,401,064 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/05/22 02:06:24 | 00,062,344 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/05/22 02:04:02 | 04,821,350 | -H-- | M] () -- C:\Documents and Settings\Admin\Local Settings\Application Data\IconCache.db
[2009/05/22 01:35:49 | 00,000,803 | ---- | M] () -- C:\Documents and Settings\Admin\Desktop\Internet Explorer.lnk
[2009/05/22 01:20:32 | 00,000,527 | ---- | M] () -- C:\Documents and Settings\Admin\Desktop\Shortcut to ImgBurn.lnk
[2009/05/22 01:17:21 | 00,039,488 | ---- | M] (VSO Software) -- C:\WINDOWS\System32\drivers\Pcouffin.sys
[2009/05/22 01:17:17 | 00,000,745 | ---- | M] () -- C:\Documents and Settings\Admin\Desktop\CopyToDVD SE.lnk
[2009/05/22 01:16:54 | 00,001,000 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\1Click Dvd Copy 4.2.lnk
[2009/05/22 01:01:12 | 00,000,801 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2009/05/22 00:10:45 | 00,000,630 | ---- | M] () -- C:\Documents and Settings\Admin\Desktop\µTorrent.lnk
[2009/05/22 00:01:11 | 00,016,208 | ---- | M] () -- C:\Documents and Settings\Admin\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009/05/22 00:00:47 | 00,107,008 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/05/21 23:58:47 | 00,002,038 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Burn CDs & DVDs with RecordNow!.lnk
[2009/05/21 23:57:54 | 00,001,791 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Start MyDVD.lnk
[2009/05/21 23:57:27 | 00,000,138 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2009/05/21 22:37:37 | 00,011,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2009/05/21 22:37:37 | 00,001,507 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG Free 8.5.lnk
[2009/05/21 22:37:36 | 00,108,552 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2009/05/21 22:37:32 | 00,325,896 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2009/05/21 22:37:32 | 00,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
[2009/05/21 22:37:31 | 06,061,540 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\avi7.avg
[2009/05/21 22:37:31 | 00,434,673 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\miniavi.avg
[2009/05/21 22:30:52 | 65,103,168 | ---- | M] (AVG Technologies) -- C:\Documents and Settings\Admin\My Documents\avg_free_stf_en_85_339a1525.exe
[2009/05/21 21:45:29 | 00,000,000 | ---- | M] () -- C:\WINDOWS\ativpsrm.bin
[2009/05/21 21:39:04 | 00,000,184 | ---- | M] () -- C:\WINDOWS\System32\e000001.dat
[2009/05/21 20:49:49 | 00,000,076 | -HS- | M] () -- C:\Documents and Settings\Admin\My Documents\desktop.ini
[2009/05/21 20:48:51 | 00,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD
[2009/05/21 20:48:18 | 00,004,512 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/05/21 20:48:18 | 00,000,916 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2009/05/21 20:40:29 | 00,000,084 | -HS- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\desktop.ini
[2009/05/21 20:40:29 | 00,000,084 | -HS- | M] () -- C:\Documents and Settings\Admin\Start Menu\Programs\Startup\desktop.ini
[2009/05/21 20:40:24 | 00,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2009/05/21 20:40:24 | 00,000,477 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/05/21 20:40:24 | 00,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2009/05/21 20:40:24 | 00,000,000 | RHS- | M] () -- C:\IO.SYS
[2009/05/21 20:40:24 | 00,000,000 | ---- | M] () -- C:\WINDOWS\control.ini
[2009/05/21 20:40:24 | 00,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2009/05/21 20:40:24 | 00,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2009/05/21 20:40:21 | 00,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2009/05/21 20:40:20 | 00,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2009/05/21 20:40:20 | 00,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2009/05/21 20:40:10 | 00,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2009/05/21 20:37:17 | 00,021,640 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009/05/21 20:37:07 | 00,000,037 | ---- | M] () -- C:\WINDOWS\vbaddin.ini
[2009/05/21 20:37:07 | 00,000,036 | ---- | M] () -- C:\WINDOWS\vb.ini
[2009/05/21 20:35:29 | 00,000,211 | -HS- | M] () -- C:\boot.ini
[2009/05/21 16:31:46 | 00,000,231 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/05/21 16:31:32 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\All Users\Documents\desktop.ini
[2009/05/21 16:31:32 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\desktop.ini
[2009/05/21 16:31:32 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\Admin\Application Data\desktop.ini
[2009/05/09 16:40:09 | 00,103,872 | ---- | M] (SlySoft, Inc.) -- C:\WINDOWS\System32\drivers\AnyDVD.sys
[2009/04/28 21:05:00 | 00,593,920 | ---- | M] () -- C:\WINDOWS\System32\ati2sgag.exe
< End of report >

#12 hades6903

hades6903
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:12:07 PM

Posted 28 May 2009 - 09:57 PM

OTViewIt Extras logfile created on: 5/28/2009 7:17:16 PM - Run
OTViewIt by OldTimer - Version 1.0.21.0 Folder = C:\Documents and Settings\Admin\Desktop
Windows XP Media Center Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.25 Gb Available Physical Memory | 62.75% Memory free
3.85 Gb Paging File | 3.23 Gb Available in Paging File | 83.79% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.50 Gb Total Space | 65.95 Gb Free Space | 88.53% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 199.96 Gb Total Space | 15.14 Gb Free Space | 7.57% Space Free | Partition Type: FAT32
Drive G: | 731.50 Gb Total Space | 668.83 Gb Free Space | 91.43% Space Free | Partition Type: NTFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: MCE_PC
Current User Name: Admin
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Whitelist: On
File Age = 30 Days

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled"=1
"AntiVirusDisableNotify"=0
"FirewallDisableNotify"=0
"UpdatesDisableNotify"=0
"AntiVirusOverride"=0
"FirewallOverride"=0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"EnableFirewall"=1
"DoNotAllowExceptions"=0
"DisableNotifications"=0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[2007/06/17 13:36:38 | 00,557,568 | ---- | M] (Microsoft Corporation) -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
[2006/12/31 22:00:00 | 00,140,800 | ---- | M] (Microsoft Corporation) -- %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
[2007/06/17 13:36:38 | 00,557,568 | ---- | M] (Microsoft Corporation) -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
[2006/12/31 22:00:00 | 00,140,800 | ---- | M] (Microsoft Corporation) -- %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
[2009/05/21 22:37:28 | 00,908,568 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe
[2009/05/21 22:37:28 | 01,085,208 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe
[2009/05/21 22:37:29 | 00,594,712 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe
[2009/05/22 00:10:39 | 00,267,056 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent
[2007/06/28 17:10:00 | 01,175,552 | ---- | M] () -- C:\Program Files\WiFiConnector\NintendoWFCReg.exe:*:Enabled:Nintendo Wi-Fi USB Connector
[2009/05/22 07:57:15 | 00,139,776 | ---- | M] (Lime Wire, LLC) -- C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire

========== (O18) Protocol Handlers ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
[2009/05/21 22:37:30 | 00,079,128 | ---- | M] (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG8\avgpp.dll (linkscanner:{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} (HKLM) [XPLPPFilter Class])

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
msdaipp: [HKLM - No CLSID value]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\] - Protocol Handlers
[2004/09/17 11:44:16 | 00,843,472 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\System\Ole DB\msdaipp.dll msdaipp\0x00000001:{E1D2BF42-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - MSDAMON.BINDER]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\] - Protocol Handlers
[2004/09/17 11:44:16 | 00,843,472 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\System\Ole DB\msdaipp.dll msdaipp\oledb:{E1D2BF40-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - MSDAIPP.BINDER]

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{055EE59D-217B-43A7-ABFF-507B966405D8}"=ATI Catalyst Control Center
"{09DA4F91-2A09-4232-AB8C-6BC740096DE3}"=Sonic Update Manager
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}"=Sonic DLA
"{1F63ED0B-EDD2-4037-B6AB-1358C624AF48}"=Scan
"{21657574-BD54-48A2-9450-EB03B2C7FC29}"=Sonic MyDVD
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}"=Java™ 6 Update 13
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}"=Acrobat.com
"{2FD9998F-B3F3-10D6-A31E-8E021337EC0B}"=CCC Help English
"{32BBD344-47DB-7027-7E1D-13DB78415784}"=ccc-core-preinstall
"{36CDA33B-909B-4719-97D1-C4B99309BDC7}"=ATI Parental Control & Encoder
"{56F3E1FF-54FE-4384-A153-6CCABA097814}"=Creative MediaSource
"{5A098C87-FA43-E81C-B206-4E0ADF7287B5}"=ccc-utility
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}"=Microsoft .NET Framework 2.0
"{72736F5F-520D-472A-88CC-7B02872FD34E}"=ATI Catalyst Registration
"{7299052b-02a4-4627-81f2-1818da5d550d}"=Microsoft Visual C++ 2005 Redistributable
"{7CCEBC24-62DB-4280-A8EC-BFA49F167920}"=Software Update for Web Folders
"{8777AC6D-89F9-4793-8266-DE406F343E89}"=QFolder
"{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}"=ATI AVIVO Codecs
"{9541FED0-327F-4DF0-8B96-EF57EF622F19}"=Sonic RecordNow!
"{9E2514D9-DC24-4634-B348-61F3EF0F1628}"=Sound Blaster Audigy 2 ZS
"{A1062847-0846-427A-92A1-BB8251A91E91}"=HP PSC & OfficeJet 4.2
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}"=Adobe AIR
"{A4EA3AB4-E78C-4286-96DF-26035507CE55}"=AiO_Scan
"{AC76BA86-7AD7-1033-7B44-A91000000001}"=Adobe Reader 9.1.1
"{AC76BA86-7AD7-5464-3428-900000000004}"=Spelling Dictionaries Support For Adobe Reader 9
"{B0889CBC-F889-A895-4EE9-8E0260C7D63F}"=Catalyst Control Center HydraVision Full
"{B10A4ACC-118A-8E9D-2CF3-A19BBC73B9C2}"=Catalyst Control Center Graphics Full Existing
"{B31CBE94-F497-9273-5766-DD4E11AA2D55}"=Catalyst Control Center Graphics Full New
"{B43357AA-3A6D-4D94-B56E-43C44D09E548}"=Microsoft .NET Framework (English) v1.0.3705
"{BA60C8FC-6712-5116-231C-6C5E05060866}"=Catalyst Control Center Graphics Light
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}"=Microsoft .NET Framework 1.1
"{CB654885-263B-E696-5690-3B341C22EC17}"=Catalyst Control Center Core Implementation
"{D3B1C799-CB73-42DE-BA0F-2344793A095C}"=Catalyst Control Center - Branding
"{E0520079-4024-8B23-738F-EC0792AA3502}"=ccc-core-static
"{ECA1A3B6-898F-4DCE-9F04-714CF3BA126B}"=Adobe Flash Player 10 Plugin
"{FB62FD97-DAA9-BEE9-1A31-3A47E33F4E24}"=Catalyst Control Center Graphics Previews Common
"1Click DVD Copy 4.2"=1Click DVD Copy 4.2
"abgx360"=abgx360 v1.0.1
"Adobe AIR"=Adobe AIR
"All ATI Software"=ATI - Software Uninstall Utility
"AnyDVD"=AnyDVD
"ATI Display Driver"=ATI Display Driver
"AVG8Uninstall"=AVG Free 8.5
"CopyToDVD_is1"=CopyToDVD
"HijackThis"=HijackThis 2.0.2
"HP Photo & Imaging"=HP Image Zone 4.2
"LimeWire"=LimeWire 5.1.3
"Microsoft .NET Framework 1.1 (1033)"=Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0"=Microsoft .NET Framework 2.0
"Microsoft .NET Framework Full v1.0.3705 (1033)"=Microsoft .NET Framework (English) v1.0.3705
"PROSet"=Intel® PRO Network Adapters and Drivers
"WiFiConnector"=Nintendo Wi-Fi USB Connector Registration Tool
"WinRAR archiver"=WinRAR archiver

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"998502f2522abe8d"=FOREXTrader
"uTorrent"=µTorrent

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-854245398-57989841-725345543-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"998502f2522abe8d"=FOREXTrader
"uTorrent"=µTorrent

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 5/28/2009 4:57:15 PM | Computer Name = MCE_PC | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: This network connection does not exist.

Error - 5/28/2009 4:57:15 PM | Computer Name = MCE_PC | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: This network connection does not exist.

Error - 5/28/2009 4:57:16 PM | Computer Name = MCE_PC | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: This network connection does not exist.

Error - 5/28/2009 5:48:12 PM | Computer Name = MCE_PC | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 7.0.5730.11, faulting module
mscoree.dll, version 2.0.50727.42, fault address 0x00030152.

Error - 5/28/2009 6:11:35 PM | Computer Name = MCE_PC | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 7.0.5730.11, faulting module
kernel32.dll, version 5.1.2600.2991, fault address 0x00012a5b.

Error - 5/28/2009 6:56:57 PM | Computer Name = MCE_PC | Source = Application Hang | ID = 1002
Description = Hanging application IEXPLORE.EXE, version 7.0.5730.11, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 5/28/2009 6:57:46 PM | Computer Name = MCE_PC | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 7.0.5730.11, faulting module
kernel32.dll, version 5.1.2600.2991, fault address 0x00012a5b.

Error - 5/28/2009 7:55:38 PM | Computer Name = MCE_PC | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 7.0.5730.11, faulting module
kernel32.dll, version 5.1.2600.2991, fault address 0x00012a5b.

Error - 5/28/2009 8:07:17 PM | Computer Name = MCE_PC | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 7.0.5730.11, faulting module
mscoree.dll, version 2.0.50727.42, fault address 0x00030152.

Error - 5/28/2009 8:27:32 PM | Computer Name = MCE_PC | Source = Application Error | ID = 1000
Description = Faulting application gmer.exe, version 1.0.15.14972, faulting module
gmer.exe, version 1.0.15.14972, fault address 0x0000c4b1.

[ System Events ]
Error - 5/28/2009 5:10:19 PM | Computer Name = MCE_PC | Source = Service Control Manager | ID = 7000
Description = The PfModNT service failed to start due to the following error: %%2

Error - 5/28/2009 5:10:20 PM | Computer Name = MCE_PC | Source = Service Control Manager | ID = 7000
Description = The PfModNT service failed to start due to the following error: %%2

Error - 5/28/2009 7:48:15 PM | Computer Name = MCE_PC | Source = ipnathlp | ID = 30013
Description = The DHCP allocator has disabled itself on IP address 172.16.0.1, since
the IP address is outside the 192.168.0.0/255.255.255.0 scope from which addresses
are being allocated to DHCP clients. To enable the DHCP allocator on this IP address,
please
change the scope to include the IP address, or change the IP address to fall within
the scope.

Error - 5/28/2009 7:55:28 PM | Computer Name = MCE_PC | Source = ipnathlp | ID = 30013
Description = The DHCP allocator has disabled itself on IP address 172.16.0.1, since
the IP address is outside the 192.168.0.0/255.255.255.0 scope from which addresses
are being allocated to DHCP clients. To enable the DHCP allocator on this IP address,
please
change the scope to include the IP address, or change the IP address to fall within
the scope.

Error - 5/28/2009 8:31:28 PM | Computer Name = MCE_PC | Source = ipnathlp | ID = 30013
Description = The DHCP allocator has disabled itself on IP address 172.16.0.1, since
the IP address is outside the 192.168.0.0/255.255.255.0 scope from which addresses
are being allocated to DHCP clients. To enable the DHCP allocator on this IP address,
please
change the scope to include the IP address, or change the IP address to fall within
the scope.

Error - 5/28/2009 8:31:35 PM | Computer Name = MCE_PC | Source = System Error | ID = 1003
Description = Error code 0000004e, parameter1 00000007, parameter2 00009b01, parameter3
00000002, parameter4 00000000.

Error - 5/28/2009 8:39:04 PM | Computer Name = MCE_PC | Source = Service Control Manager | ID = 7000
Description = The PfModNT service failed to start due to the following error: %%2

Error - 5/28/2009 8:39:04 PM | Computer Name = MCE_PC | Source = Service Control Manager | ID = 7000
Description = The PfModNT service failed to start due to the following error: %%2

Error - 5/28/2009 8:39:05 PM | Computer Name = MCE_PC | Source = Service Control Manager | ID = 7000
Description = The PfModNT service failed to start due to the following error: %%2

Error - 5/28/2009 8:57:42 PM | Computer Name = MCE_PC | Source = ipnathlp | ID = 30013
Description = The DHCP allocator has disabled itself on IP address 172.16.0.1, since
the IP address is outside the 192.168.0.0/255.255.255.0 scope from which addresses
are being allocated to DHCP clients. To enable the DHCP allocator on this IP address,
please
change the scope to include the IP address, or change the IP address to fall within
the scope.


< End of report >

#13 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:07:07 PM

Posted 29 May 2009 - 03:24 PM

Hi Hades6093,

Okay, let's see what we can do.

Firstly,

Interesting...when reviewing the log, it shows this:

C:\Documents and Settings\Admin\My Documents\[isoHunt]_GridinSoft.Trojan.Killer.v2.0.0.2.WinALL.Cracked-CzW.torrent

C:\Documents and Settings\Admin\My Documents\Trojan_Killer_2.0.2.1_crack_serial_keygen_activation_full_by_zemurkaj12[www.btmon.com].torrent


Someone on this system was trying to access cracks or a 'keygen'....this is a certain way to attract malware to your system. As well as being illegal, 'Cracks' and 'Keygens' are often associated or loaded with malware, and should be avoided (along with 'crack' sites).

Okay, let's start the fix

Please make sure you disable ALL of your Antivirus/Antispyware/Firewall prior to our fix.. Please visit HERE if you don't know how.. Please re-enable them after performing all steps given..

We need to backup your registry as we will be making changes there.
  • Please use the following link and scroll down to ERUNT and download it.
    http://aumha.org/freeware/freeware.php
  • For version with the Installer:
    Use the setup program to install ERUNT on your computer
  • For the zipped version:
    Unzip all the files into a folder of your choice.
Click Erunt.exe to backup your registry to the folder of your choice.

Note: to restore your registry, go to the folder and start ERDNT.exe

We need to execute an OTMoveIt3 script
  • Please download OTMoveIt3 by OldTimer and save it to your desktop.
  • Double click (or if your PC is running Vista, right-click and select Run As Adminstrator) the Posted Image icon on your desktop.
  • Paste the following code under the Posted Image area. Do not include the word "Code".
    :Files
    C:\WINDOWS\msa.exe
    C:\Documents and Settings\Admin\Local Settings\Temp\mediacodec.exe
    C:\Documents and Settings\Admin\Local Settings\Temp\13827.exe
    C:\WINDOWS\system32\msxml71.dll
    C:\WINDOWS\tasks\{5B57CF47-0BFA-43c6-ACF9-3B3653DCADBA}.job
    C:\WINDOWS\tasks\{783AF354-B514-42d6-970E-3E8BF0A5279C}.job
    C:\WINDOWS\System32\e000001.dat
    :Reg
    [-HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{500BCA15-57A7-4eaf-8143-8C619470B13D}]
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Cognac"=-
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ColdWare"=-
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "mediacodec.exe"=-
    [HKEY_USERS\S-1-5-21-854245398-57989841-725345543-500\SOFTWARE\Microsoft
    \Windows\CurrentVersion\Run]
    "Cognac"=-
    [HKEY_USERS\S-1-5-21-854245398-57989841-725345543-500\SOFTWARE\Microsoft
    \Windows\CurrentVersion\Run]
    "ColdWare"=-
    [HKEY_USERS\S-1-5-21-854245398-57989841-725345543-500\SOFTWARE\Microsoft
    \Windows\CurrentVersion\Run]
    "mediacodec.exe"=-
  • Push the large Posted Image button.
  • OTMI3 may ask to reboot the machine. Please do so if asked.
  • Copy/Paste the contents under the Posted Image line here in your next reply.
  • If you are unable to copy/paste from this window (as will be the case if the machine was rebooted), open Notepad (Start then All Programs then Accessories then Notepad), click File then Open, in the File Name box enter *.log and press the Enter key, navigate to the C:\_OTMoveIt\MovedFiles folder, and open the newest .log file present, and copy/paste the contents of that document back here in your next post.
Let's see how it likes that! :thumbup2:
Posted Image
m0le is a proud member of UNITE

#14 hades6903

hades6903
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:12:07 PM

Posted 30 May 2009 - 02:23 AM

well first so you know I was trying to get that stuff to fix my cpu and did not have the hundreds of $$ to pay to do it. Best buy wants $200 to remove virus and I could buy new barebone system for that so doesnt seem worth it.

2nd you should know I backed up my tera and formatted both drives reinstalled xp to internal and started over and still have the same problem...I am also going to dell support and downloading the bios and other recommended updates. I am also still doing your steps.

#15 hades6903

hades6903
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:12:07 PM

Posted 30 May 2009 - 02:47 AM

I believe because I wiped everything I am going to have to do the othr logs again but lemme try the dell updates if that doesnt work then im gonna try this brand new internal first and then see what happens with it if it still doesnt work we will repost the logs with the new internal because I would rather have it in the cpu




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users