Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Task manager disabled/multiple pop-ups/Trojan fraudpack


  • This topic is locked This topic is locked
14 replies to this topic

#1 Spidermonkey

Spidermonkey

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:01:02 PM

Posted 20 September 2009 - 03:50 PM

Had a trojan fraudpack virus(I think). Corrupted the rundll32.exe file. Backed up files and reinstalled windows. Now I can't get into task manager. Says it has been disabled by the administrator. Some programs won't run. Pop-ups are constant. Would not let me run dds program. I am posting the hijack log and the rootrepeal log. I was wondering if I need to reinstall windows again but this time do I delete the partition on the drive. It only has one partition. Also was wondering if formatting the drive would do any good. I have deleted 2 files from C:/documents and settings/allusers.windows/applicationdata folder. Any help would be greatly appreciated.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:13:58 PM, on 9/20/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Embarq Online Security 8\Common\FSM32.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Common Files\AOL\1253270060\ee\AOLSoftware.exe
C:\WINDOWS\system32\winupdate.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Embarq Online Security 8\Anti-Virus\fsgk32st.exe
C:\Program Files\Embarq Online Security 8\Common\FSMA32.EXE
C:\Program Files\Embarq Online Security 8\Anti-Virus\FSGK32.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Embarq Online Security 8\Common\FSMB32.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Embarq Online Security 8\Common\FCH32.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Embarq Online Security 8\Anti-Virus\fsqh.exe
C:\Program Files\Embarq Online Security 8\Common\FAMEH32.EXE
C:\Program Files\Embarq Online Security 8\FSPC\fspc.exe
C:\Program Files\Embarq Online Security 8\Anti-Virus\fssm32.exe
C:\Program Files\Embarq Online Security 8\FSGUI\fsguidll.exe
C:\Program Files\Embarq Online Security 8\FSAUA\program\fsaua.exe
C:\Program Files\Embarq Online Security 8\FWES\Program\fsdfwd.exe
C:\Program Files\Embarq Online Security 8\FSAUA\program\fsus.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Embarq Online Security 8\Anti-Virus\fsav32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Spidermonkey\Local Settings\Temporary Internet Files\Content.IE5\54QLL7O7\HijackThis[1].exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.myembarq.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: IAOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL Toolbar\aoltb.dll
O2 - BHO: AOL Toolbar Loader - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL Toolbar\aoltb.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL Toolbar\aoltb.dll
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Embarq Online Security 8\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Embarq Online Security 8\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1253270060\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [winupdate.exe] C:\WINDOWS\system32\winupdate.exe
O4 - HKLM\..\Run: [14989534] C:\Documents and Settings\All Users.WINDOWS\Application Data\14989534\14989534.exe
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [15815624] C:\Documents and Settings\All Users.WINDOWS\Application Data\15815624\15815624.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [zawavereb] Rundll32.exe "c:\windows\system32\gigivada.dll",a
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &AOL Toolbar Search - C:\Documents and Settings\All Users.WINDOWS\Application Data\AOL\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Embarq Online Security 8\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Embarq Online Security 8\FSPC\fspcmsie.dll
O9 - Extra 'Tools' menuitem: Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Embarq Online Security 8\FSPC\fspcmsie.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1253240351890
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20270.www2.hp.com/ediags/gmn2/inst...tDetection2.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} (PCPitstop Exam) - http://utilities.pcpitstop.com/da2/PCPitStop2.cab
O20 - AppInit_DLLs: c:\windows\system32\boserote.dll jasosise.dll c:\windows\system32\gigivada.dll
O21 - SSODL: papigetav - {a9cad2bb-071e-4f5e-848e-2d49eb110cbd} - c:\windows\system32\boserote.dll (file missing)
O21 - SSODL: masulirod - {9118f73c-8879-4496-b936-8f9f833084f2} - c:\windows\system32\gigivada.dll
O22 - SharedTaskScheduler: tokatiluy - {a9cad2bb-071e-4f5e-848e-2d49eb110cbd} - c:\windows\system32\boserote.dll (file missing)
O22 - SharedTaskScheduler: tokatiluy - {9118f73c-8879-4496-b936-8f9f833084f2} - c:\windows\system32\gigivada.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\Embarq Online Security 8\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\Embarq Online Security 8\FSAUA\program\fsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Embarq Online Security 8\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Embarq Online Security 8\Common\FSMA32.EXE
O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files\Embarq Online Security 8\ORSP Client\fsorsp.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe

--
End of file - 8078 bytes

Attached Files



BC AdBot (Login to Remove)

 


#2 Buckeye_Sam

Buckeye_Sam

    Malware Expert


  • Members
  • 17,382 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Pickerington, Ohio
  • Local time:12:02 PM

Posted 21 September 2009 - 05:21 PM

Hello! :(
My name is Sam and I will be helping you.

In order to see what's going on with your computer I will ask for you to post various logs from the tools that we will use to resolve your issue. Please also share with me any information about how your computer is reacting and behaving each step of the way as we work through this process.


Please download Malwarebytes Anti-Malware and save it to your desktop.
alternate download link 1
alternate download link 2
  • Make sure you are connected to the Internet.
  • Double-click on Download_mbam-setup.exe to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
  • MBAM will automatically start and you will be asked to update the program before performing a scan. If an update is found, the program will automatically update itself. Press the OK button to close that box and continue. If you encounter any problems while downloading the updates, manually download them from here and just double-click on mbam-rules.exe to install.
  • On the Scanner tab:
    • Make sure the "Perform Quick Scan" option is selected.
    • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
  • Back at the main Scanner screen, click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad and you may be prompted to restart your computer. (see Note below)
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply and exit MBAM.
Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts. Click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.




We need to create an OTL Report
  • Please download OTL from here
  • Save it to your desktop.
  • Double click on the icon on your desktop.
  • Click the "Scan All Users" checkbox.
  • Push the "Run Scan" button.
  • The scan should take just a few minutes.
  • Copy the log that opens up and paste it back here in your next reply.

Posted Image If I have helped you in any way, please consider a donation to help me continue the fight against malware.


Failing to respond back to the person that is giving up their own time to help you not only is insensitive and disrespectful, but it guarantees that you will never receive help from me again. Please thank your helpers and there will always be help here when you need it!


========================================================

#3 Spidermonkey

Spidermonkey
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:01:02 PM

Posted 21 September 2009 - 06:53 PM

Hi Sam. Thanks for your assistance. I have copied the logs below that you requested. When I restarted after the scan I had numerous popups that all ended in BAD IMAGE. I just clicked ok and kept going. When I opened up the notepad files to copy the logs this is the message I got each time.

Notepad.Exe-Bad Image

The application or DLL C:\WINDOWS\system32\jasosise.dll is not a valid Windows image. Please check this against your installation diskette.

This is the type of popups I was getting on restart.

OTL Extras logfile created on: 9/21/2009 7:29:48 PM - Run 1
OTL by OldTimer - Version 3.0.14.0 Folder = C:\Documents and Settings\Spidermonkey\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

958.42 Mb Total Physical Memory | 452.44 Mb Available Physical Memory | 47.21% Memory free
2.26 Gb Paging File | 1.72 Gb Available in Paging File | 76.08% Paging File free
Paging file location(s): C:\pagefile.sys 1440 2880 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 298.09 Gb Total Space | 231.86 Gb Free Space | 77.78% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: WILLIAMSFAMILY
Current User Name: Spidermonkey
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- C:\WINDOWS\hh.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
chm.file [open] -- "C:\WINDOWS\hh.exe" %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Common Files\aol\acs\AOLDial.exe" = C:\Program Files\Common Files\aol\acs\AOLDial.exe:*:Enabled:AOL Connectivity Service Dialer -- (AOL LLC)
"C:\Program Files\Common Files\aol\acs\AOLacsd.exe" = C:\Program Files\Common Files\aol\acs\AOLacsd.exe:*:Enabled:AOL Connectivity Service -- (AOL LLC)
"C:\Program Files\Common Files\aol\1253270060\ee\aolsoftware.exe" = C:\Program Files\Common Files\aol\1253270060\ee\aolsoftware.exe:*:Enabled:AOL Shared Components -- (AOL LLC)
"C:\Program Files\AOL 9.1\waol.exe" = C:\Program Files\AOL 9.1\waol.exe:*:Enabled:AOL -- (AOL, LLC.)
"C:\Program Files\Common Files\aol\Loader\aolload.exe" = C:\Program Files\Common Files\aol\Loader\aolload.exe:*:Enabled:AOL Loader -- (AOL LLC)
"C:\Program Files\Common Files\aol\System Information\sinf.exe" = C:\Program Files\Common Files\aol\System Information\sinf.exe:*:Enabled:AOL System Information -- (AOL LLC)
"C:\Program Files\Common Files\aol\TopSpeed\3.0\aoltpsd3.exe" = C:\Program Files\Common Files\aol\TopSpeed\3.0\aoltpsd3.exe:*:Enabled:AOL -- (AOL LLC)
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\WINDOWS\explorer.exe" = C:\WINDOWS\explorer.exe:*:Enabled:Explorer -- (Microsoft Corporation)
"C:\Documents and Settings\All Users.WINDOWS\Application Data\14989534\14989534.exe" = C:\Documents and Settings\All Users.WINDOWS\Application Data\14989534\14989534.exe:*:Enabled:14989534 -- File not found
"C:\Program Files\Embarq Online Security 8\Anti-Virus\fssm32.exe" = C:\Program Files\Embarq Online Security 8\Anti-Virus\fssm32.exe:*:Enabled:fssm32 -- (F-Secure Corp.)
"C:\Program Files\Embarq Online Security 8\Anti-Virus\fsgk32.exe" = C:\Program Files\Embarq Online Security 8\Anti-Virus\fsgk32.exe:*:Enabled:FSGK32 -- (F-Secure Corp.)
"C:\Documents and Settings\All Users.WINDOWS\Application Data\15815624\15815624.exe" = C:\Documents and Settings\All Users.WINDOWS\Application Data\15815624\15815624.exe:*:Enabled:15815624 -- File not found
"C:\Program Files\Embarq Online Security 8\FSPC\fspc.exe" = C:\Program Files\Embarq Online Security 8\FSPC\fspc.exe:*:Enabled:fspc -- (F-Secure Corporation)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{10E1E87C-656C-4D08-86D6-5443D28583BE}" = TrayApp
"{13F00518-807A-4B3A-83B0-A7CD90F3A398}" = MarketResearch
"{1753255A-0AEB-4220-8C75-607B73F0C133}" = Copy
"{22466889-7642-488d-AA0E-F619704CF7AB}" = DeviceDiscovery
"{29FA38B4-0AE4-4D0D-8A51-6165BB990BB0}" = WebReg
"{2F28B3C9-2C89-4206-8B33-8ADC9577C49B}" = Scan
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}" = HPSSupply
"{543E938C-BDC4-4933-A612-01293996845F}" = UnloadSupport
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{797EE0CA-8165-405C-B5CE-F11EC20F1BB0}" = Microsoft VC9 runtime libraries
"{824D3839-DAA1-4315-A822-7AE3E620E528}" = VideoToolkit01
"{8389382B-53BA-4A87-8854-91E3D80A5AC7}" = HP Photosmart Essential2.01
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{91120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{AB40272D-92AB-4F30-B36B-22EDE16F8FE5}" = HP Update
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AEA07F97-9088-497c-8821-0F36BD5DC251}" = HPProductAssistant
"{AF7FC1CA-79DF-43c3-90A3-33EFEB9294CE}" = AIO_Scan
"{B4B1F18B-5CED-4f8f-8A8F-1BD0503C222E}" = DJ_AIO_ProductContext
"{B4F35A00-24FD-4fb3-BF5E-413D5423434D}" = DJ_AIO_Software_min
"{BCD6CD1A-0DBE-412E-9F25-3B500D1E6BA1}" = SolutionCenter
"{C1920D73-7374-49d9-8C37-58A6E49078A5}" = F2100_Help
"{C5EF81AC-FE4C-4157-97E3-2E08B000742A}" = F2100_doccd
"{CA50045C-5119-48e7-9BA7-6B317379857A}" = DJ_AIO_Software
"{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}" = HP Product Detection
"{D0E39A1D-0CEE-4D85-B4A2-E3BE990D075E}" = Destination Component
"{E2662C24-B31E-4349-A084-32EB76E8B760}" = BufferChm
"{E9C18EBD-85BE-47D0-AA73-3FEDCC976B04}" = Toolbox
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1C409F0-8322-4c87-BD08-2F62777D490D}" = F2100
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{F72E2DDC-3DB8-4190-A21D-63883D955FE7}" = PSSWCORE
"{FA8A44D7-3E8A-4034-9C4F-088FA6B72BC4}" = HP Deskjet All-In-One Software 9.0
"{FD8D8B04-BEAD-4A55-AA1D-62D2373E7DEA}" = Status
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AOL Toolbar" = AOL Toolbar
"AOL Uninstaller" = AOL Uninstaller (Choose which Products to Remove)
"F-Secure Product 444" = EMBARQ® Online Security
"HijackThis" = HijackThis 2.0.2
"HP Imaging Device Functions" = HP Imaging Device Functions 9.0
"HP Photosmart Essential" = HP Photosmart Essential 2.01
"HP Solution Center & Imaging Support Tools" = HP Solution Center 9.0
"HPExtendedCapabilities" = HP Customer Participation Program 9.0
"ie8" = Windows Internet Explorer 8
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"NVIDIA Drivers" = NVIDIA Drivers
"PROPLUSR" = Microsoft Office Professional Plus 2007
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"Spyware Doctor" = Spyware Doctor 6.1
"ViewpointMediaPlayer" = Viewpoint Media Player
"Windows XP Service Pack" = Windows XP Service Pack 3

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 9/21/2009 6:58:28 PM | Computer Name = WILLIAMSFAMILY | Source = F-Secure Anti-Virus | ID = 103
Description = 38 2009-09-21 18:58:28-04:00 williamsfamily WILLIAMSFAMILY\Spidermonkey
F-Secure Anti-Virus Spyware detected: Type: adware Family: Name: AdWare.Win32.Virtumonde
Object: C:\WINDOWS\system32\fovayaga.dll

Error - 9/21/2009 7:01:55 PM | Computer Name = WILLIAMSFAMILY | Source = F-Secure Anti-Virus | ID = 103
Description = 39 2009-09-21 19:01:55-04:00 williamsfamily WILLIAMSFAMILY\Spidermonkey
F-Secure Anti-Virus Crash detected. \Device\HarddiskVolume1\Documents and Settings\Jeff\Local
Settings\Temp\Cookies\jeff@socialmedia[2].txt

Error - 9/21/2009 7:22:30 PM | Computer Name = WILLIAMSFAMILY | Source = F-Secure Anti-Virus | ID = 103
Description = 40 2009-09-21 19:22:29-04:00 williamsfamily WILLIAMSFAMILY\Spidermonkey
F-Secure Anti-Virus Malicious code found in file C:\WINDOWS\system32\wahafuhi.exe.
Infection: Trojan.Win32.FraudPack.tyj

Error - 9/21/2009 7:22:30 PM | Computer Name = WILLIAMSFAMILY | Source = F-Secure Anti-Virus | ID = 103
Description = 41 2009-09-21 19:22:30-04:00 williamsfamily WILLIAMSFAMILY\Spidermonkey
F-Secure Anti-Virus Malicious code found in file C:\WINDOWS\system32\wenijalu.exe.
Infection: Trojan.Win32.FraudPack.tyj

Error - 9/21/2009 7:22:30 PM | Computer Name = WILLIAMSFAMILY | Source = F-Secure Anti-Virus | ID = 103
Description = 42 2009-09-21 19:22:30-04:00 williamsfamily WILLIAMSFAMILY\Spidermonkey
F-Secure Anti-Virus Malicious code found in file C:\WINDOWS\system32\vinabino.exe.
Infection: Trojan.Win32.FraudPack.tyj

Error - 9/21/2009 7:22:30 PM | Computer Name = WILLIAMSFAMILY | Source = F-Secure Anti-Virus | ID = 103
Description = 43 2009-09-21 19:22:30-04:00 williamsfamily WILLIAMSFAMILY\Spidermonkey
F-Secure Anti-Virus Malicious code found in file C:\WINDOWS\system32\napokoku.exe.
Infection: Trojan.Win32.FraudPack.tyj

Error - 9/21/2009 7:22:30 PM | Computer Name = WILLIAMSFAMILY | Source = F-Secure Anti-Virus | ID = 103
Description = 44 2009-09-21 19:22:30-04:00 williamsfamily WILLIAMSFAMILY\Spidermonkey
F-Secure Anti-Virus Malicious code found in file C:\WINDOWS\system32\wolugeri.exe.
Infection: Trojan.Win32.FraudPack.tyj

Error - 9/21/2009 7:22:30 PM | Computer Name = WILLIAMSFAMILY | Source = F-Secure Anti-Virus | ID = 103
Description = 45 2009-09-21 19:22:30-04:00 williamsfamily WILLIAMSFAMILY\Spidermonkey
F-Secure Anti-Virus Spyware detected: Type: adware Family: Name: AdWare.Win32.Virtumonde
Object: C:\WINDOWS\system32\nolomipu.dll

Error - 9/21/2009 7:22:31 PM | Computer Name = WILLIAMSFAMILY | Source = F-Secure Anti-Virus | ID = 103
Description = 46 2009-09-21 19:22:31-04:00 williamsfamily WILLIAMSFAMILY\Spidermonkey
F-Secure Anti-Virus Malicious code found in file C:\WINDOWS\system32\wuzakoba.exe.
Infection: Trojan.Win32.FraudPack.tyj

Error - 9/21/2009 7:31:10 PM | Computer Name = WILLIAMSFAMILY | Source = F-Secure Anti-Virus | ID = 103
Description = 1 2009-09-21 19:31:09-04:00 williamsfamily WILLIAMSFAMILY\Spidermonkey
F-Secure Anti-Virus Spyware detected: Type: adware Family: Name: AdWare.Win32.Virtumonde
Object: C:\WINDOWS\system32\fovayaga.dll

[ Application Events ]
Error - 9/21/2009 6:58:28 PM | Computer Name = WILLIAMSFAMILY | Source = F-Secure Anti-Virus | ID = 103
Description = 38 2009-09-21 18:58:28-04:00 williamsfamily WILLIAMSFAMILY\Spidermonkey
F-Secure Anti-Virus Spyware detected: Type: adware Family: Name: AdWare.Win32.Virtumonde
Object: C:\WINDOWS\system32\fovayaga.dll

Error - 9/21/2009 7:01:55 PM | Computer Name = WILLIAMSFAMILY | Source = F-Secure Anti-Virus | ID = 103
Description = 39 2009-09-21 19:01:55-04:00 williamsfamily WILLIAMSFAMILY\Spidermonkey
F-Secure Anti-Virus Crash detected. \Device\HarddiskVolume1\Documents and Settings\Jeff\Local
Settings\Temp\Cookies\jeff@socialmedia[2].txt

Error - 9/21/2009 7:22:30 PM | Computer Name = WILLIAMSFAMILY | Source = F-Secure Anti-Virus | ID = 103
Description = 40 2009-09-21 19:22:29-04:00 williamsfamily WILLIAMSFAMILY\Spidermonkey
F-Secure Anti-Virus Malicious code found in file C:\WINDOWS\system32\wahafuhi.exe.
Infection: Trojan.Win32.FraudPack.tyj

Error - 9/21/2009 7:22:30 PM | Computer Name = WILLIAMSFAMILY | Source = F-Secure Anti-Virus | ID = 103
Description = 41 2009-09-21 19:22:30-04:00 williamsfamily WILLIAMSFAMILY\Spidermonkey
F-Secure Anti-Virus Malicious code found in file C:\WINDOWS\system32\wenijalu.exe.
Infection: Trojan.Win32.FraudPack.tyj

Error - 9/21/2009 7:22:30 PM | Computer Name = WILLIAMSFAMILY | Source = F-Secure Anti-Virus | ID = 103
Description = 42 2009-09-21 19:22:30-04:00 williamsfamily WILLIAMSFAMILY\Spidermonkey
F-Secure Anti-Virus Malicious code found in file C:\WINDOWS\system32\vinabino.exe.
Infection: Trojan.Win32.FraudPack.tyj

Error - 9/21/2009 7:22:30 PM | Computer Name = WILLIAMSFAMILY | Source = F-Secure Anti-Virus | ID = 103
Description = 43 2009-09-21 19:22:30-04:00 williamsfamily WILLIAMSFAMILY\Spidermonkey
F-Secure Anti-Virus Malicious code found in file C:\WINDOWS\system32\napokoku.exe.
Infection: Trojan.Win32.FraudPack.tyj

Error - 9/21/2009 7:22:30 PM | Computer Name = WILLIAMSFAMILY | Source = F-Secure Anti-Virus | ID = 103
Description = 44 2009-09-21 19:22:30-04:00 williamsfamily WILLIAMSFAMILY\Spidermonkey
F-Secure Anti-Virus Malicious code found in file C:\WINDOWS\system32\wolugeri.exe.
Infection: Trojan.Win32.FraudPack.tyj

Error - 9/21/2009 7:22:30 PM | Computer Name = WILLIAMSFAMILY | Source = F-Secure Anti-Virus | ID = 103
Description = 45 2009-09-21 19:22:30-04:00 williamsfamily WILLIAMSFAMILY\Spidermonkey
F-Secure Anti-Virus Spyware detected: Type: adware Family: Name: AdWare.Win32.Virtumonde
Object: C:\WINDOWS\system32\nolomipu.dll

Error - 9/21/2009 7:22:31 PM | Computer Name = WILLIAMSFAMILY | Source = F-Secure Anti-Virus | ID = 103
Description = 46 2009-09-21 19:22:31-04:00 williamsfamily WILLIAMSFAMILY\Spidermonkey
F-Secure Anti-Virus Malicious code found in file C:\WINDOWS\system32\wuzakoba.exe.
Infection: Trojan.Win32.FraudPack.tyj

Error - 9/21/2009 7:31:10 PM | Computer Name = WILLIAMSFAMILY | Source = F-Secure Anti-Virus | ID = 103
Description = 1 2009-09-21 19:31:09-04:00 williamsfamily WILLIAMSFAMILY\Spidermonkey
F-Secure Anti-Virus Spyware detected: Type: adware Family: Name: AdWare.Win32.Virtumonde
Object: C:\WINDOWS\system32\fovayaga.dll

[ System Events ]
Error - 9/20/2009 7:29:11 AM | Computer Name = WILLIAMSFAMILY | Source = Service Control Manager | ID = 7034
Description = The AOL Connectivity Service service terminated unexpectedly. It
has done this 1 time(s).

Error - 9/20/2009 7:30:05 AM | Computer Name = WILLIAMSFAMILY | Source = System Error | ID = 1003
Description = Error code 000000f4, parameter1 00000003, parameter2 85e25718, parameter3
85e2588c, parameter4 805d297c.

Error - 9/20/2009 7:58:01 AM | Computer Name = WILLIAMSFAMILY | Source = Service Control Manager | ID = 7034
Description = The NVIDIA Display Driver Service service terminated unexpectedly.
It has done this 1 time(s).

Error - 9/20/2009 7:58:02 AM | Computer Name = WILLIAMSFAMILY | Source = Service Control Manager | ID = 7034
Description = The PC Tools Auxiliary Service service terminated unexpectedly. It
has done this 1 time(s).

Error - 9/20/2009 7:58:22 AM | Computer Name = WILLIAMSFAMILY | Source = Service Control Manager | ID = 7034
Description = The F-Secure Automatic Update Agent service terminated unexpectedly.
It has done this 1 time(s).

Error - 9/20/2009 7:58:23 AM | Computer Name = WILLIAMSFAMILY | Source = Service Control Manager | ID = 7034
Description = The F-Secure Anti-Virus Firewall Daemon service terminated unexpectedly.
It has done this 1 time(s).

Error - 9/20/2009 7:58:23 AM | Computer Name = WILLIAMSFAMILY | Source = Service Control Manager | ID = 7034
Description = The F-Secure ORSP Client service terminated unexpectedly. It has
done this 1 time(s).

Error - 9/20/2009 7:58:23 AM | Computer Name = WILLIAMSFAMILY | Source = Service Control Manager | ID = 7034
Description = The FSGKHS service terminated unexpectedly. It has done this 1 time(s).

Error - 9/20/2009 7:58:23 AM | Computer Name = WILLIAMSFAMILY | Source = Service Control Manager | ID = 7034
Description = The F-Secure Management Agent service terminated unexpectedly. It
has done this 1 time(s).

Error - 9/20/2009 3:06:55 PM | Computer Name = WILLIAMSFAMILY | Source = Service Control Manager | ID = 7034
Description = The Application Layer Gateway Service service terminated unexpectedly.
It has done this 1 time(s).


< End of report >

OTL logfile created on: 9/21/2009 7:29:48 PM - Run 1
OTL by OldTimer - Version 3.0.14.0 Folder = C:\Documents and Settings\Spidermonkey\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

958.42 Mb Total Physical Memory | 452.44 Mb Available Physical Memory | 47.21% Memory free
2.26 Gb Paging File | 1.72 Gb Available in Paging File | 76.08% Paging File free
Paging file location(s): C:\pagefile.sys 1440 2880 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 298.09 Gb Total Space | 231.86 Gb Free Space | 77.78% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: WILLIAMSFAMILY
Current User Name: Spidermonkey
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2006/10/23 08:50:35 | 00,046,640 | R--- | M] (AOL LLC) -- C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
PRC - [2009/04/06 11:28:54 | 00,215,648 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Embarq Online Security 8\Anti-Virus\fsgk32st.exe
PRC - [2009/04/06 11:34:16 | 00,117,400 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Embarq Online Security 8\Common\FSMA32.EXE
PRC - [2009/04/06 11:28:54 | 00,440,416 | ---- | M] (F-Secure Corp.) -- C:\Program Files\Embarq Online Security 8\Anti-Virus\FSGK32.EXE
PRC - [2009/04/06 11:34:18 | 00,232,088 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Embarq Online Security 8\Common\FSMB32.EXE
PRC - [2008/09/17 23:55:00 | 00,163,908 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvsvc32.exe
PRC - [2009/01/07 12:40:56 | 00,348,752 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsAuxs.exe
PRC - [2009/04/06 11:34:12 | 00,125,592 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Embarq Online Security 8\Common\FCH32.EXE
PRC - [2009/04/06 11:34:10 | 00,404,064 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Embarq Online Security 8\Common\FAMEH32.EXE
PRC - [2009/04/06 11:28:54 | 00,043,680 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Embarq Online Security 8\Anti-Virus\fsqh.exe
PRC - [2009/04/06 11:34:46 | 00,707,168 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Embarq Online Security 8\FSPC\fspc.exe
PRC - [2008/04/13 20:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
PRC - [2009/04/06 11:27:58 | 00,490,080 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Embarq Online Security 8\FSAUA\program\fsaua.exe
PRC - [2009/04/06 11:35:58 | 00,055,904 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Embarq Online Security 8\ORSP Client\fsorsp.exe
PRC - [2009/04/06 11:29:48 | 00,510,560 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Embarq Online Security 8\FWES\Program\fsdfwd.exe
PRC - [2009/04/06 11:28:56 | 00,519,776 | ---- | M] (F-Secure Corp.) -- C:\Program Files\Embarq Online Security 8\Anti-Virus\fssm32.exe
PRC - [2009/04/09 07:43:06 | 00,174,688 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Embarq Online Security 8\FSAUA\program\fsus.exe
PRC - [2009/04/06 11:28:52 | 00,349,280 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Embarq Online Security 8\Anti-Virus\fsav32.exe
PRC - [2009/04/06 11:34:14 | 00,182,936 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Embarq Online Security 8\Common\FSM32.EXE
PRC - [2007/03/11 22:34:40 | 00,049,152 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
PRC - [2008/06/24 14:34:50 | 00,041,824 | ---- | M] (AOL LLC) -- C:\Program Files\Common Files\AOL\1253270060\ee\AOLSoftware.exe
PRC - [2009/09/11 13:33:48 | 18,717,696 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.EXE
PRC - [2009/07/22 22:44:50 | 01,181,064 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsTray.exe
PRC - [2007/03/11 22:26:24 | 00,210,520 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
PRC - [2009/04/06 11:32:52 | 00,604,768 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Embarq Online Security 8\FSGUI\fsguidll.exe
PRC - [2008/11/06 07:42:59 | 00,039,208 | ---- | M] (AOL, LLC.) -- C:\Program Files\AOL 9.1\waol.exe
PRC - [2007/03/11 22:32:42 | 00,151,552 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
PRC - [2008/11/06 07:42:59 | 00,054,568 | ---- | M] (AOL, LLC.) -- C:\Program Files\AOL 9.1\shellmon.exe
PRC - [2009/09/21 19:29:17 | 00,514,560 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Spidermonkey\Desktop\OTL.exe

========== Win32 Services (SafeList) ==========

SRV - [2006/10/23 08:50:35 | 00,046,640 | R--- | M] (AOL LLC) -- C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe -- (AOL ACS [Auto | Running])
SRV - [2009/04/06 11:28:54 | 00,215,648 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Embarq Online Security 8\Anti-Virus\fsgk32st.exe -- (F-Secure Gatekeeper Handler Starter [Auto | Running])
SRV - [2009/04/06 11:27:58 | 00,490,080 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Embarq Online Security 8\FSAUA\program\fsaua.exe -- (FSAUA [On_Demand | Running])
SRV - [2009/04/06 11:29:48 | 00,510,560 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Embarq Online Security 8\FWES\Program\fsdfwd.exe -- (FSDFWD [On_Demand | Running])
SRV - [2009/04/06 11:34:16 | 00,117,400 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Embarq Online Security 8\Common\FSMA32.EXE -- (FSMA [Auto | Running])
SRV - [2009/04/06 11:35:58 | 00,055,904 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Embarq Online Security 8\ORSP Client\fsorsp.exe -- (FSORSPClient [On_Demand | Running])
SRV - [2008/04/13 20:12:02 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2007/06/04 22:14:50 | 00,217,088 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll -- (hpqcxs08 [On_Demand | Running])
SRV - [2007/06/04 22:14:50 | 00,131,072 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll -- (hpqddsvc [Auto | Running])
SRV - [2006/11/08 16:35:36 | 00,043,520 | ---- | M] (Hewlett-Packard) -- C:\WINDOWS\System32\HPZinw12.dll -- (Net Driver HPZ12 [Auto | Running])
SRV - [2008/09/17 23:55:00 | 00,163,908 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvsvc32.exe -- (NVSvc [Auto | Running])
SRV - [2006/10/26 19:49:34 | 00,441,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped])
SRV - [2006/10/26 14:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
SRV - [2006/11/08 16:35:38 | 00,053,248 | ---- | M] (Hewlett-Packard) -- C:\WINDOWS\System32\HPZipm12.dll -- (Pml Driver HPZ12 [Auto | Running])
SRV - [2009/01/07 12:40:56 | 00,348,752 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsAuxs.exe -- (sdAuxService [Auto | Running])

========== Driver Services (SafeList) ==========

DRV - [2008/08/05 20:10:12 | 01,684,736 | ---- | M] (Creative) -- C:\WINDOWS\System32\drivers\Ambfilt.sys -- (Ambfilt [On_Demand | Stopped])
DRV - [2007/04/16 21:46:00 | 00,033,792 | ---- | M] (Advanced Micro Devices) -- C:\WINDOWS\System32\DRIVERS\AmdPPM.sys -- (AmdPPM [System | Running])
DRV - [2009/04/06 11:28:58 | 00,039,776 | ---- | M] () -- C:\Program Files\Embarq Online Security 8\Anti-Virus\Win2K\FSfilter.sys -- (F-Secure Filter [Disabled | Stopped])
DRV - [2009/09/18 01:12:40 | 00,099,960 | ---- | M] () -- C:\Program Files\Embarq Online Security 8\Anti-Virus\minifilter\fsgk.sys -- (F-Secure Gatekeeper [On_Demand | Running])
DRV - [2009/04/06 11:33:18 | 00,067,808 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Embarq Online Security 8\HIPS\drivers\fshs.sys -- (F-Secure HIPS [System | Running])
DRV - [2009/04/06 11:28:58 | 00,025,184 | ---- | M] () -- C:\Program Files\Embarq Online Security 8\Anti-Virus\Win2K\FSrec.sys -- (F-Secure Recognizer [Disabled | Stopped])
DRV - [2009/09/17 22:00:50 | 00,033,920 | ---- | M] () -- C:\WINDOWS\system32\Drivers\fsbts.sys -- (fsbts [Boot | Running])
DRV - [2009/04/06 11:29:46 | 00,079,872 | ---- | M] (F-Secure Corporation) -- C:\WINDOWS\System32\drivers\fsdfw.sys -- (FSFW [Boot | Running])
DRV - [2008/04/13 12:36:05 | 00,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) -- C:\WINDOWS\System32\DRIVERS\HDAudBus.sys -- (HDAudBus [On_Demand | Running])
DRV - [2007/03/08 15:20:48 | 00,049,920 | ---- | M] (HP) -- C:\WINDOWS\System32\DRIVERS\HPZid412.sys -- (HPZid412 [On_Demand | Running])
DRV - [2007/03/08 15:20:49 | 00,016,496 | ---- | M] (HP) -- C:\WINDOWS\System32\DRIVERS\HPZipr12.sys -- (HPZipr12 [On_Demand | Running])
DRV - [2007/03/08 15:20:50 | 00,021,568 | ---- | M] (HP) -- C:\WINDOWS\System32\DRIVERS\HPZius12.sys -- (HPZius12 [On_Demand | Running])
DRV - [2009/09/11 21:45:48 | 05,911,552 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\RtkHDAud.sys -- (IntcAzAudAddService [On_Demand | Running])
DRV - [2004/08/04 01:41:35 | 00,606,684 | ---- | M] (LT) -- C:\WINDOWS\System32\DRIVERS\ltmdmnt.sys -- (ltmodem5 [On_Demand | Running])
DRV - [2006/01/04 15:41:48 | 01,389,056 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\System32\drivers\Monfilt.sys -- (Monfilt [On_Demand | Stopped])
DRV - [2008/09/17 23:55:00 | 06,132,576 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\DRIVERS\nv4_mini.sys -- (nv [On_Demand | Running])
DRV - [2008/08/01 18:36:20 | 00,054,784 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\DRIVERS\NVENETFD.sys -- (NVENETFD [On_Demand | Running])
DRV - [2008/08/01 18:36:26 | 00,022,016 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\DRIVERS\nvnetbus.sys -- (nvnetbus [On_Demand | Running])
DRV - [2003/03/31 15:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])
DRV - [2009/03/25 06:29:52 | 00,130,432 | ---- | M] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\System32\DRIVERS\Rtnicxp.sys -- (RTL8023xp [On_Demand | Running])
DRV - [2004/08/04 01:31:32 | 00,020,992 | ---- | M] (Realtek Semiconductor Corporation) -- C:\WINDOWS\System32\DRIVERS\RTL8139.SYS -- (rtl8139 [On_Demand | Stopped])
DRV - [2007/11/13 06:25:53 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped])
DRV - [2008/04/13 14:45:12 | 00,060,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbaudio.sys -- (usbaudio [On_Demand | Stopped])
DRV - [2003/01/10 17:13:04 | 00,033,588 | R--- | M] (America Online, Inc.) -- C:\WINDOWS\System32\DRIVERS\wanatw4.sys -- (wanatw [On_Demand | Running])

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - URLSearchHook: {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL Toolbar\aoltb.dll (AOL LLC)


IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-682003330-1580436667-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\S-1-5-21-682003330-1580436667-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
IE - HKU\S-1-5-21-682003330-1580436667-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.myembarq.com/
IE - URLSearchHook: {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL Toolbar\aoltb.dll (AOL LLC)
IE - HKU\S-1-5-21-682003330-1580436667-725345543-1004\S-1-5-21-682003330-1580436667-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}:6.0.16
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.13


[2009/09/18 19:49:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Spidermonkey\Application Data\mozilla\Extensions
[2009/09/18 19:49:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Spidermonkey\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/09/18 19:49:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Spidermonkey\Application Data\mozilla\Firefox\Profiles\9a59ib8f.default\extensions
[2009/09/10 18:33:48 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/08/08 14:44:47 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/04/01 22:25:34 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[2009/09/05 18:00:32 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
[2009/08/08 14:44:40 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/08/08 14:44:40 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2009/05/01 17:02:48 | 01,044,480 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files\mozilla firefox\plugins\libdivx.dll
[2009/09/05 18:00:22 | 00,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeploytk.dll
[2009/05/12 14:46:20 | 01,650,992 | ---- | M] (DivX,Inc.) -- C:\Program Files\mozilla firefox\plugins\npdivx32.dll
[2009/08/08 14:44:43 | 00,065,528 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll
[2006/10/26 20:12:16 | 00,016,192 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL
[2009/08/28 21:36:57 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin.dll
[2009/08/28 21:36:57 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll
[2009/08/28 21:36:57 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll
[2009/08/28 21:36:57 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll
[2009/08/28 21:36:57 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll
[2009/08/28 21:36:57 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll
[2009/08/28 21:36:57 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll
[2009/07/08 14:21:38 | 00,032,456 | ---- | M] (NOS Microsystems Ltd.) -- C:\Program Files\mozilla firefox\plugins\np_gp.dll
[2009/05/01 17:02:48 | 00,200,704 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files\mozilla firefox\plugins\ssldivx.dll
[2009/05/31 02:41:32 | 00,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2009/05/31 02:41:32 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2009/05/31 02:41:32 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2009/05/31 02:41:32 | 00,002,343 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2009/05/31 02:41:32 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009/05/31 02:41:32 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2009/05/31 02:41:32 | 00,000,792 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml

O1 HOSTS File: (734 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AOL Toolbar Loader) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL Toolbar\aoltb.dll (AOL LLC)
O3 - HKLM\..\Toolbar: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL Toolbar\aoltb.dll (AOL LLC)
O3 - HKU\S-1-5-21-682003330-1580436667-725345543-1004\..\Toolbar\WebBrowser: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL Toolbar\aoltb.dll (AOL LLC)
O4 - HKLM..\Run: [F-Secure Manager] C:\Program Files\Embarq Online Security 8\Common\FSM32.EXE (F-Secure Corporation)
O4 - HKLM..\Run: [F-Secure TNB] C:\Program Files\Embarq Online Security 8\FSGUI\TNBUtil.exe (F-Secure Corporation)
O4 - HKLM..\Run: [HostManager] C:\Program Files\Common Files\AOL\1253270060\ee\AOLSoftware.exe (AOL LLC)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe (Hewlett-Packard Co.)
O4 - HKLM..\Run: [ISTray] C:\Program Files\Spyware Doctor\pctsTray.exe (PC Tools)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)
O4 - HKU\S-1-5-21-682003330-1580436667-725345543-1004..\Run: [AOL Fast Start] C:\Program Files\AOL 9.1\AOL.EXE (AOL, LLC.)
O4 - Startup: C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
O4 - Startup: C:\Documents and Settings\Jeff\Start Menu\Programs\Startup\Fanbase.lnk = C:\Program Files\Fanbase\Fanbase.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetActiveDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-682003330-1580436667-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-682003330-1580436667-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 0
O7 - HKU\S-1-5-21-682003330-1580436667-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetActiveDesktop = 0
O7 - HKU\S-1-5-21-682003330-1580436667-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 0
O8 - Extra context menu item: &AOL Toolbar Search - C:\Documents and Settings\All Users.WINDOWS\Application Data\AOL\ieToolbar\resources\en-US\local\search.html ()
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Embarq Online Security 8\FSPC\fspcmsie.dll (F-Secure Corporation)
O9 - Extra 'Tools' menuitem : Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Embarq Online Security 8\FSPC\fspcmsie.dll (F-Secure Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Embarq Online Security 8\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Embarq Online Security 8\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Embarq Online Security 8\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\System32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\System32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files\Embarq Online Security 8\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-21-682003330-1580436667-725345543-1004\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O15 - HKU\S-1-5-21-682003330-1580436667-725345543-1004\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/...b?1253240351890 (WUWebControl Class)
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20270.www2.hp.com/ediags/gmn2/inst...tDetection2.cab (GMNRev Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} http://utilities.pcpitstop.com/da2/PCPitStop2.cab (PCPitstop Exam)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (c:\windows\system32\boserote.dll) - C:\WINDOWS\System32\boserote.dll File not found
O20 - AppInit_DLLs: (jasosise.dll) - C:\WINDOWS\System32\jasosise.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O21 - SSODL: papigetav - {a9cad2bb-071e-4f5e-848e-2d49eb110cbd} - C:\WINDOWS\System32\boserote.dll File not found
O22 - SharedTaskScheduler: {a9cad2bb-071e-4f5e-848e-2d49eb110cbd} - tokatiluy - C:\WINDOWS\System32\boserote.dll File not found
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/10/31 01:20:24 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found

========== Files/Folders - Created Within 30 Days ==========

[4 C:\WINDOWS\*.tmp files]
[2009/09/21 19:29:15 | 00,514,560 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Spidermonkey\Desktop\OTL.exe
[2009/09/21 18:53:59 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\19895.exe
[2009/09/21 18:53:03 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Spidermonkey\Application Data\Malwarebytes
[2009/09/21 18:52:56 | 00,000,703 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/09/21 18:52:53 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/09/21 18:52:51 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/09/21 18:52:51 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/09/21 18:52:51 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Malwarebytes
[2009/09/21 18:51:05 | 04,045,528 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Spidermonkey\Desktop\mbam-setup.exe
[2009/09/21 18:21:00 | 03,029,920 | ---- | C] () -- C:\Documents and Settings\Spidermonkey\My Documents\TheWoodSpider_1.wmv
[2009/09/21 18:17:45 | 00,084,625 | ---- | C] () -- C:\Documents and Settings\Spidermonkey\My Documents\ATT00076.jpg
[2009/09/21 18:01:32 | 00,143,444 | ---- | C] () -- C:\Documents and Settings\Spidermonkey\My Documents\EMT Driver Charged with Murder had Methadone in System at Time of Accident.docx
[2009/09/21 17:53:59 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\19718.exe
[2009/09/21 16:53:58 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\18716.exe
[2009/09/21 15:53:56 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\17421.exe
[2009/09/21 14:53:56 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\12382.exe
[2009/09/21 13:53:55 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\292.exe
[2009/09/21 12:53:55 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\153.exe
[2009/09/21 11:53:54 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\3902.exe
[2009/09/21 10:53:54 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\14604.exe
[2009/09/21 09:53:53 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\32391.exe
[2009/09/21 08:53:53 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\5436.exe
[2009/09/21 07:53:53 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\4827.exe
[2009/09/21 06:53:52 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\11942.exe
[2009/09/21 05:53:52 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\2995.exe
[2009/09/21 04:53:51 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\491.exe
[2009/09/21 03:53:51 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\9961.exe
[2009/09/21 02:53:50 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\16827.exe
[2009/09/21 01:53:50 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\23281.exe
[2009/09/20 15:38:52 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\Spidermonkey\Desktop\settings.dat
[2009/09/20 15:38:21 | 00,472,064 | ---- | C] ( ) -- C:\Documents and Settings\Spidermonkey\Desktop\RootRepeal.exe
[2009/09/20 15:35:39 | 00,359,932 | ---- | C] () -- C:\Documents and Settings\Spidermonkey\Desktop\dds.scr
[2009/09/20 15:11:30 | 00,001,741 | ---- | C] () -- C:\Documents and Settings\Spidermonkey\Desktop\HijackThis.lnk
[2009/09/20 15:11:29 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009/09/19 14:12:06 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP
[2009/09/19 10:42:34 | 00,001,644 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Spyware Doctor.lnk
[2009/09/19 10:42:32 | 00,064,392 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctplsg.sys
[2009/09/19 10:42:32 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
[2009/09/19 10:42:29 | 00,000,000 | ---D | C] -- C:\Program Files\Spyware Doctor
[2009/09/19 10:42:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Spidermonkey\Application Data\PC Tools
[2009/09/19 10:42:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\PC Tools
[2009/09/19 07:01:29 | 00,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009/09/19 06:55:00 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\28145.exe
[2009/09/19 05:55:00 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\5705.exe
[2009/09/19 04:55:00 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\24464.exe
[2009/09/19 03:55:00 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\26962.exe
[2009/09/19 02:55:00 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\29358.exe
[2009/09/19 01:55:00 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\11478.exe
[2009/09/19 00:55:00 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\15724.exe
[2009/09/18 23:54:59 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\19169.exe
[2009/09/18 22:54:59 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\26500.exe
[2009/09/18 21:54:59 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\6334.exe
[2009/09/18 20:54:59 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\18467.exe
[2009/09/18 19:54:59 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\41.exe
[2009/09/18 19:49:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Spidermonkey\Local Settings\Application Data\Mozilla
[2009/09/18 19:49:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Spidermonkey\Application Data\Mozilla
[2009/09/18 15:58:00 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Spidermonkey\Application Data\Adobe
[2009/09/18 15:54:08 | 00,940,794 | ---- | C] () -- C:\WINDOWS\System32\LoopyMusic.wav
[2009/09/18 15:54:08 | 00,146,650 | ---- | C] () -- C:\WINDOWS\System32\BuzzingBee.wav
[2009/09/18 15:52:02 | 00,006,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\splitter.sys
[2009/09/18 15:52:02 | 00,006,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\splitter.sys
[2009/09/18 15:52:00 | 00,083,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\wdmaud.sys
[2009/09/18 15:52:00 | 00,083,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wdmaud.sys
[2009/09/18 15:52:00 | 00,052,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\DMusic.sys
[2009/09/18 15:52:00 | 00,052,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmusic.sys
[2009/09/18 15:51:58 | 00,056,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\swmidi.sys
[2009/09/18 15:51:58 | 00,056,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swmidi.sys
[2009/09/18 15:51:57 | 00,142,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\aec.sys
[2009/09/18 15:51:57 | 00,142,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aec.sys
[2009/09/18 15:51:56 | 00,172,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\kmixer.sys
[2009/09/18 15:51:56 | 00,172,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kmixer.sys
[2009/09/18 15:51:55 | 00,002,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmkaud.sys
[2009/09/18 15:51:55 | 00,002,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmkaud.sys
[2009/09/18 15:51:53 | 00,060,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sysaudio.sys
[2009/09/18 15:51:53 | 00,060,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sysaudio.sys
[2009/09/18 15:51:52 | 00,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\MSKSSRV.sys
[2009/09/18 15:51:52 | 00,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mskssrv.sys
[2009/09/18 15:51:51 | 00,004,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\MSPQM.sys
[2009/09/18 15:51:51 | 00,004,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspqm.sys
[2009/09/18 15:51:49 | 00,005,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\MSPCLOCK.sys
[2009/09/18 15:51:49 | 00,005,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspclock.sys
[2009/09/18 15:51:19 | 01,826,816 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SkyTel.exe
[2009/09/18 15:51:19 | 01,482,752 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RtlUpd.exe
[2009/09/18 15:51:19 | 00,880,640 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\RTSndMgr.CPL
[2009/09/18 15:51:19 | 00,405,504 | ---- | C] (Realtek Semiconductor Crop.) -- C:\WINDOWS\vncutil.exe
[2009/09/18 15:51:19 | 00,077,824 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE
[2009/09/18 15:51:18 | 09,715,200 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTLCPL.EXE
[2009/09/18 15:51:18 | 05,911,552 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\RtkHDAud.sys
[2009/09/18 15:51:18 | 00,041,472 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\RtkCoInstXP.dll
[2009/09/18 15:51:17 | 00,122,880 | ---- | C] (Realtek Semiconductor) -- C:\WINDOWS\RtkAudioService.exe
[2009/09/18 15:51:15 | 18,717,696 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.EXE
[2009/09/18 15:51:12 | 02,170,880 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\MicCal.exe
[2009/09/18 15:51:12 | 01,389,056 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\drivers\Monfilt.sys
[2009/09/18 15:51:08 | 02,808,832 | ---- | C] (RealTek Semicoductor Corp.) -- C:\WINDOWS\ALCWZRD.EXE
[2009/09/18 15:51:08 | 01,684,736 | ---- | C] (Creative) -- C:\WINDOWS\System32\drivers\Ambfilt.sys
[2009/09/18 15:51:08 | 00,278,528 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\ALSNDMGR.CPL
[2009/09/18 15:51:08 | 00,057,344 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\ALCMTR.EXE
[2009/09/18 15:51:01 | 00,831,488 | R--- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RtlExUpd.dll
[2009/09/18 15:31:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\PCPitstop
[2009/09/18 06:51:16 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Spidermonkey\Local Settings\Application Data\Microsoft Help
[2009/09/18 06:51:14 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft Help
[2009/09/18 06:38:56 | 02,785,792 | ---- | C] () -- C:\Documents and Settings\Spidermonkey\My Documents\BBQInvitation.pps
[2009/09/18 06:36:52 | 00,054,147 | ---- | C] () -- C:\VETlog.dmp
[2009/09/18 06:36:43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Spidermonkey\Application Data\Viewpoint
[2009/09/18 06:36:33 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Spidermonkey\Application Data\AOL
[2009/09/18 06:36:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Macromedia
[2009/09/18 06:36:17 | 00,000,619 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\AOL 9.1.lnk
[2009/09/18 06:35:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Viewpoint
[2009/09/18 06:35:07 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Documents\AOL Downloads
[2009/09/18 06:35:04 | 00,033,588 | R--- | C] (America Online, Inc.) -- C:\WINDOWS\System32\drivers\wanatw4.sys
[2009/09/18 06:34:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\AOL OCP
[2009/09/18 06:34:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Spidermonkey\Local Settings\Application Data\AOL
[2009/09/18 06:34:16 | 00,000,000 | ---D | C] -- C:\WINDOWS\aolshare
[2009/09/18 06:34:06 | 00,000,000 | ---D | C] -- C:\Program Files\AOL 9.1
[2009/09/18 06:34:06 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\AOL
[2009/09/18 04:05:03 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\AOL Downloads
[2009/09/18 04:05:02 | 00,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009/09/18 04:01:28 | 00,000,810 | ---- | C] () -- C:\Documents and Settings\Spidermonkey\Desktop\Internet Explorer.lnk
[2009/09/18 03:49:19 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Spidermonkey\Application Data\Macromedia
[2009/09/18 03:42:56 | 00,060,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\USBAUDIO.sys
[2009/09/18 03:42:55 | 00,146,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\portcls.sys
[2009/09/18 03:42:55 | 00,146,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\portcls.sys
[2009/09/18 03:42:55 | 00,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksproxy.ax
[2009/09/18 03:42:55 | 00,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksproxy.ax
[2009/09/18 03:42:55 | 00,060,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmk.sys
[2009/09/18 03:42:55 | 00,060,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmk.sys
[2009/09/18 03:42:55 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksuser.dll
[2009/09/18 03:42:55 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksuser.dll
[2009/09/18 03:40:31 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\WEBREG
[2009/09/18 03:39:44 | 00,001,865 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\HP Photosmart Essential 2.01.lnk
[2009/09/18 03:39:14 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\HPSSUPPLY
[2009/09/18 03:38:46 | 00,001,815 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2009/09/18 03:38:24 | 00,000,991 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\HP Solution Center.lnk
[2009/09/18 03:38:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\HP Product Assistant
[2009/09/18 03:38:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\HP
[2009/09/18 03:36:58 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Hewlett-Packard
[2009/09/18 03:36:43 | 00,117,760 | ---- | C] (Hewlett-Packard Company) -- C:\WINDOWS\System32\hpzll5ha.dll
[2009/09/18 03:36:32 | 00,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbscan.sys
[2009/09/18 03:36:32 | 00,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbscan.sys
[2009/09/18 03:36:26 | 00,267,864 | ---- | C] (Hewlett-Packard) -- C:\WINDOWS\System32\hpzids01.dll
[2009/09/18 03:36:23 | 00,675,840 | ---- | C] (Hewlett-Packard) -- C:\WINDOWS\System32\hpowiax3.dll
[2009/09/18 03:36:23 | 00,569,344 | ---- | C] (Hewlett-Packard Co.) -- C:\WINDOWS\System32\hpotscl3.dll
[2009/09/18 03:36:23 | 00,303,104 | ---- | C] (Hewlett-Packard Co.) -- C:\WINDOWS\System32\hpovst10.dll
[2009/09/18 03:36:08 | 00,026,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\USBSTOR.SYS
[2009/09/18 03:36:08 | 00,026,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbstor.sys
[2009/09/18 03:35:30 | 00,140,997 | ---- | C] () -- C:\WINDOWS\hpoins14.dat
[2009/09/18 03:35:30 | 00,002,000 | ---- | C] () -- C:\WINDOWS\hpomdl14.dat
[2009/09/18 03:34:30 | 00,506,560 | ---- | C] () -- C:\WINDOWS\System32\autorun.inf
[2009/09/18 03:22:28 | 00,000,000 | ---D | C] -- C:\WINDOWS\Downloaded Installations
[2009/09/18 03:17:00 | 00,446,464 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvunrm.exe
[2009/09/18 03:17:00 | 00,006,045 | ---- | C] () -- C:\WINDOWS\System32\nvnrm.nvu
[2009/09/18 03:17:00 | 00,004,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin
[2009/09/18 03:16:47 | 00,200,712 | ---- | C] () -- C:\WINDOWS\System32\nvapps.xml
[2009/09/18 03:16:36 | 00,453,152 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvuninst.exe
[2009/09/18 03:16:36 | 00,453,152 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvudisp.exe
[2009/09/18 03:16:36 | 00,018,394 | ---- | C] () -- C:\WINDOWS\System32\nvdisp.nvu
[2009/09/18 02:56:25 | 00,049,920 | ---- | C] (HP) -- C:\WINDOWS\System32\drivers\HPZid412.sys
[2009/09/18 02:56:25 | 00,016,496 | ---- | C] (HP) -- C:\WINDOWS\System32\drivers\HPZipr12.sys
[2009/09/18 02:25:48 | 00,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2009/09/18 02:06:06 | 00,121,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xmllite.dll
[2009/09/18 02:06:04 | 01,119,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmsdmoe2.dll
[2009/09/18 02:06:04 | 01,001,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmvdmoe2.dll
[2009/09/18 02:06:04 | 00,897,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmspdmoe.dll
[2009/09/18 02:06:04 | 00,809,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmvdmod.dll
[2009/09/18 02:06:04 | 00,759,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmsdmod.dll
[2009/09/18 02:06:04 | 00,485,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmspdmod.dll
[2009/09/18 02:06:04 | 00,303,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmstream.dll
[2009/09/18 02:06:04 | 00,278,559 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmv8ds32.ax
[2009/09/18 02:06:04 | 00,258,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmvds32.ax
[2009/09/18 02:06:04 | 00,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpns.dll
[2009/09/18 02:06:04 | 00,115,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmsdmoe.dll
[2009/09/18 02:06:04 | 00,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpshell.dll
[2009/09/18 02:06:04 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpui.dll
[2009/09/18 02:06:04 | 00,010,457 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.hta
[2009/09/18 02:06:04 | 00,001,771 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.css
[2009/09/18 02:06:04 | 00,000,855 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpocm.inf
[2009/09/18 02:06:04 | 00,000,420 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmploc.js
[2009/09/18 02:06:03 | 02,940,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmploc.dll
[2009/09/18 02:06:03 | 00,613,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.chm
[2009/09/18 02:06:03 | 00,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud7.wav
[2009/09/18 02:06:03 | 00,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud6.wav
[2009/09/18 02:06:03 | 00,276,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmphoto.dll
[2009/09/18 02:06:03 | 00,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud9.wav
[2009/09/18 02:06:03 | 00,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud8.wav
[2009/09/18 02:06:03 | 00,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud3.wav
[2009/09/18 02:06:03 | 00,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpband.dll
[2009/09/18 02:06:03 | 00,086,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud5.wav
[2009/09/18 02:06:03 | 00,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud4.wav
[2009/09/18 02:06:03 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmplayer.exe
[2009/09/18 02:06:03 | 00,067,374 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.adm
[2009/09/18 02:06:03 | 00,023,195 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplay.chm
[2009/09/18 02:06:03 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpcore.dll
[2009/09/18 02:06:03 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpcd.dll
[2009/09/18 02:06:02 | 00,354,468 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud1.wav
[2009/09/18 02:06:02 | 00,151,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmidx.dll
[2009/09/18 02:06:02 | 00,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpasf.dll
[2009/09/18 02:06:02 | 00,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud2.wav
[2009/09/18 02:06:02 | 00,029,070 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmp.inf
[2009/09/18 02:06:02 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmp.ocx
[2009/09/18 02:06:01 | 00,670,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmadmoe.dll
[2009/09/18 02:06:01 | 00,408,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmadmod.dll
[2009/09/18 02:06:01 | 00,168,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmerror.dll
[2009/09/18 02:06:01 | 00,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmdmlog.dll
[2009/09/18 02:06:01 | 00,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmdmps.dll
[2009/09/18 02:06:01 | 00,017,272 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmdm.inf
[2009/09/18 02:06:01 | 00,008,677 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm7.gif
[2009/09/18 02:06:01 | 00,007,892 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm9.gif
[2009/09/18 02:06:01 | 00,007,636 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm2.gif
[2009/09/18 02:06:01 | 00,007,369 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm4.gif
[2009/09/18 02:06:01 | 00,006,769 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmfsdk.inf
[2009/09/18 02:06:01 | 00,006,241 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm3.gif
[2009/09/18 02:06:01 | 00,006,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm6.gif
[2009/09/18 02:06:01 | 00,005,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm1.gif
[2009/09/18 02:06:01 | 00,004,193 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm8.gif
[2009/09/18 02:06:01 | 00,002,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm5.gif
[2009/09/18 02:06:00 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wlanapi.dll
[2009/09/18 02:05:59 | 00,712,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\windowscodecs.dll
[2009/09/18 02:05:59 | 00,346,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\windowscodecsext.dll
[2009/09/18 02:05:58 | 00,300,969 | ---- | C] () -- C:\WINDOWS\System32\dllcache\viz.wmv
[2009/09/18 02:05:58 | 00,017,489 | ---- | C] () -- C:\WINDOWS\System32\dllcache\videobg.gif
[2009/09/18 02:05:58 | 00,005,290 | ---- | C] () -- C:\WINDOWS\System32\dllcache\vidsamp.gif
[2009/09/18 02:05:56 | 00,208,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unregmp2.exe
[2009/09/18 02:05:55 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsgqec.dll
[2009/09/18 02:05:55 | 00,050,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tspkg.dll
[2009/09/18 02:05:54 | 00,023,829 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tourbg.gif
[2009/09/18 02:05:54 | 00,003,187 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tour.js
[2009/09/18 02:05:54 | 00,002,469 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplay.gif
[2009/09/18 02:05:54 | 00,002,450 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpause.gif
[2009/09/18 02:05:54 | 00,002,375 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplayh.gif
[2009/09/18 02:05:54 | 00,002,371 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpauseh.gif
[2009/09/18 02:05:53 | 00,001,398 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taon.gif
[2009/09/18 02:05:53 | 00,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taonh.gif
[2009/09/18 02:05:53 | 00,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoff.gif
[2009/09/18 02:05:53 | 00,001,367 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoffh.gif
[2009/09/18 02:05:50 | 00,086,016 | ---- | C] (Sipro Lab Telecom Inc.) -- C:\WINDOWS\System32\dllcache\sl_anet.acm
[2009/09/18 02:05:50 | 00,001,148 | ---- | C] () -- C:\WINDOWS\System32\dllcache\snd.htm
[2009/09/18 02:05:49 | 00,152,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shmedia.dll
[2009/09/18 02:05:49 | 00,000,908 | ---- | C] () -- C:\WINDOWS\System32\dllcache\skins.inf
[2009/09/18 02:05:48 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sffp_mmc.sys
[2009/09/18 02:05:47 | 00,774,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setup_wm.exe
[2009/09/18 02:05:47 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\setupn.exe
[2009/09/18 02:05:46 | 00,572,557 | ---- | C] () -- C:\WINDOWS\System32\dllcache\rtuner.wmv
[2009/09/18 02:05:45 | 00,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rhttpaa.dll
[2009/09/18 02:05:45 | 00,066,725 | ---- | C] () -- C:\WINDOWS\System32\dllcache\revert.wmz
[2009/09/18 02:05:44 | 00,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qutil.dll
[2009/09/18 02:05:44 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rasqec.dll
[2009/09/18 02:05:43 | 00,291,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qagentrt.dll
[2009/09/18 02:05:43 | 00,150,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qagent.dll
[2009/09/18 02:05:43 | 00,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qcliprov.dll
[2009/09/18 02:05:42 | 00,412,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\photometadatahandler.dll
[2009/09/18 02:05:42 | 00,077,307 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plyr_err.chm
[2009/09/18 02:05:42 | 00,001,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst6.wpl
[2009/09/18 02:05:42 | 00,001,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst5.wpl
[2009/09/18 02:05:42 | 00,001,474 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst3.wpl
[2009/09/18 02:05:42 | 00,001,451 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst12.wpl
[2009/09/18 02:05:42 | 00,001,448 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst4.wpl
[2009/09/18 02:05:42 | 00,001,250 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst1.wpl
[2009/09/18 02:05:42 | 00,001,049 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst2.wpl
[2009/09/18 02:05:42 | 00,001,046 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst7.wpl
[2009/09/18 02:05:42 | 00,001,036 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst8.wpl
[2009/09/18 02:05:42 | 00,000,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst11.wpl
[2009/09/18 02:05:42 | 00,000,787 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst10.wpl
[2009/09/18 02:05:42 | 00,000,784 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst9.wpl
[2009/09/18 02:05:42 | 00,000,783 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst13.wpl
[2009/09/18 02:05:42 | 00,000,775 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst14.wpl
[2009/09/18 02:05:42 | 00,000,733 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst15.wpl
[2009/09/18 02:05:41 | 00,144,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\onex.dll
[2009/09/18 02:05:39 | 00,375,519 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nuskin.wmv
[2009/09/18 02:05:38 | 00,226,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npdrmv2.dll
[2009/09/18 02:05:38 | 00,022,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npds.zip
[2009/09/18 02:05:38 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npwmsdrm.dll
[2009/09/18 02:05:38 | 00,000,403 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npdrmv2.zip
[2009/09/18 02:05:36 | 00,193,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napmontr.dll
[2009/09/18 02:05:36 | 00,176,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napstat.exe
[2009/09/18 02:05:36 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napipsec.dll
[2009/09/18 02:05:35 | 01,307,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml6.dll
[2009/09/18 02:05:35 | 01,307,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6.dll
[2009/09/18 02:05:35 | 00,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml6r.dll
[2009/09/18 02:05:35 | 00,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6r.dll
[2009/09/18 02:05:34 | 00,245,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mswmdm.dll
[2009/09/18 02:05:34 | 00,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msshavmsg.dll
[2009/09/18 02:05:33 | 00,356,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msscp.dll
[2009/09/18 02:05:33 | 00,201,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspmsp.dll
[2009/09/18 02:05:33 | 00,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mssha.dll
[2009/09/18 02:05:33 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msscds32.ax
[2009/09/18 02:05:33 | 00,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspmsnsv.dll
[2009/09/18 02:05:31 | 00,259,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msnetobj.dll
[2009/09/18 02:05:29 | 00,844,314 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdxm.ocx
[2009/09/18 02:05:29 | 00,004,126 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdxmlc.dll
[2009/09/18 02:05:28 | 00,294,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msaud32.acm
[2009/09/18 02:05:28 | 00,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadds32.ax
[2009/09/18 02:05:27 | 00,384,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mp4sdmod.dll
[2009/09/18 02:05:27 | 00,368,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpvis.dll
[2009/09/18 02:05:27 | 00,262,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpg4ds32.ax
[2009/09/18 02:05:27 | 00,240,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpg4dmod.dll
[2009/09/18 02:05:27 | 00,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplay32.exe
[2009/09/18 02:05:27 | 00,097,117 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.hlp
[2009/09/18 02:05:27 | 00,018,286 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.inf
[2009/09/18 02:05:27 | 00,004,639 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplayer2.exe
[2009/09/18 02:05:27 | 00,002,778 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogoh.gif
[2009/09/18 02:05:27 | 00,002,545 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogo.gif
[2009/09/18 02:05:27 | 00,001,885 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.cnt
[2009/09/18 02:05:26 | 00,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcex.dll
[2009/09/18 02:05:26 | 00,310,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mp43dmod.dll
[2009/09/18 02:05:26 | 00,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\microsoft.managementconsole.dll
[2009/09/18 02:05:26 | 00,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcfxcommon.dll
[2009/09/18 02:05:26 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcperf.exe
[2009/09/18 02:05:25 | 00,786,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migrate.exe
[2009/09/18 02:05:23 | 00,457,607 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mdlib.wmv
[2009/09/18 02:05:22 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\laprxy.dll
[2009/09/18 02:05:19 | 00,290,816 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\WINDOWS\System32\dllcache\l3codeca.acm
[2009/09/18 02:05:19 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kmsvc.dll
[2009/09/18 02:05:19 | 00,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\l2gpstore.dll
[2009/09/18 02:05:18 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpash.dll
[2009/09/18 02:05:17 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdnepr.dll
[2009/09/18 02:05:17 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdiultn.dll
[2009/09/18 02:05:17 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbhc.dll
[2009/09/18 02:05:13 | 00,001,261 | ---- | C] () -- C:\WINDOWS\System32\pid.inf
[2009/09/18 02:05:11 | 00,144,384 | ---- | C] (Windows ® Server 2003 DDK provider) -- C:\WINDOWS\System32\drivers\hdaudbus.sys
[2009/09/18 02:05:08 | 00,005,971 | ---- | C] () -- C:\WINDOWS\System32\dllcache\events.js
[2009/09/18 02:05:07 | 00,184,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapp3hst.dll
[2009/09/18 02:05:07 | 00,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapphost.dll
[2009/09/18 02:05:07 | 00,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappcfg.dll
[2009/09/18 02:05:07 | 00,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappgnui.dll
[2009/09/18 02:05:07 | 00,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapqec.dll
[2009/09/18 02:05:07 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappprxy.dll
[2009/09/18 02:05:07 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapsvc.dll
[2009/09/18 02:05:07 | 00,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapolqec.dll
[2009/09/18 02:05:06 | 00,695,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmv2clt.dll
[2009/09/18 02:05:06 | 00,299,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmclien.dll
[2009/09/18 02:05:06 | 00,087,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmstor.dll
[2009/09/18 02:05:05 | 00,650,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3ui.dll
[2009/09/18 02:05:05 | 00,132,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3svc.dll
[2009/09/18 02:05:05 | 00,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3cfg.dll
[2009/09/18 02:05:05 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3msm.dll
[2009/09/18 02:05:05 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3gpclnt.dll
[2009/09/18 02:05:05 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3api.dll
[2009/09/18 02:05:05 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3dlg.dll
[2009/09/18 02:05:04 | 00,294,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dlimport.exe
[2009/09/18 02:05:04 | 00,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dhcpqec.dll
[2009/09/18 02:05:04 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dimsroam.dll
[2009/09/18 02:05:04 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dimsntfy.dll
[2009/09/18 02:05:02 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\custsat.dll
[2009/09/18 02:05:02 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\credssp.dll
[2009/09/18 02:05:01 | 00,381,425 | ---- | C] () -- C:\WINDOWS\System32\dllcache\copycd.wmv
[2009/09/18 02:05:01 | 00,184,959 | ---- | C] () -- C:\WINDOWS\System32\dllcache\compact.wmz
[2009/09/18 02:05:01 | 00,009,585 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.css
[2009/09/18 02:05:01 | 00,008,298 | ---- | C] () -- C:\WINDOWS\System32\dllcache\contents.htm
[2009/09/18 02:05:01 | 00,006,878 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.js
[2009/09/18 02:05:01 | 00,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnth.gif
[2009/09/18 02:05:01 | 00,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnt.gif
[2009/09/18 02:05:01 | 00,000,772 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cntd.gif
[2009/09/18 02:05:00 | 00,000,760 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapph.gif
[2009/09/18 02:05:00 | 00,000,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapp.gif
[2009/09/18 02:04:59 | 00,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cewmdm.dll
[2009/09/18 02:04:58 | 00,286,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\blackbox.dll
[2009/09/18 02:04:58 | 00,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\azroles.dll
[2009/09/18 02:04:58 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx4.dll
[2009/09/18 02:04:58 | 00,000,999 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bktrh.gif
[2009/09/18 02:04:55 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asferror.dll
[2009/09/18 02:04:54 | 00,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\aaclient.dll
[2009/09/18 01:41:29 | 00,100,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iecompat.dll
[2009/09/18 01:41:22 | 00,594,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2009/09/18 01:41:22 | 00,246,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieproxy.dll
[2009/09/18 01:41:22 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2009/09/18 01:41:22 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpshims.dll
[2009/09/18 01:41:21 | 01,985,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2009/09/18 01:32:21 | 00,153,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\triedit.dll
[2009/09/18 01:31:25 | 00,046,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tzchange.exe
[2009/09/18 01:30:57 | 01,315,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoe.dll
[2009/09/18 01:30:51 | 02,066,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstscax.dll
[2009/09/18 01:28:16 | 00,401,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcss.dll
[2009/09/18 01:28:16 | 00,284,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pdh.dll
[2009/09/18 01:28:15 | 00,730,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lsasrv.dll
[2009/09/18 01:28:15 | 00,714,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntdll.dll
[2009/09/18 01:28:15 | 00,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\advapi32.dll
[2009/09/18 01:28:15 | 00,473,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fastprox.dll
[2009/09/18 01:28:15 | 00,453,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprvsd.dll
[2009/09/18 01:28:15 | 00,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprvse.exe
[2009/09/18 01:28:15 | 00,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\services.exe
[2009/09/18 01:28:14 | 02,189,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe
[2009/09/18 01:28:14 | 02,145,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe
[2009/09/18 01:28:14 | 02,023,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe
[2009/09/18 01:27:58 | 01,203,922 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sysmain.sdb
[2009/09/18 01:27:58 | 00,215,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wordpad.exe
[2009/09/18 01:27:58 | 00,002,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsp4res.dll
[2009/09/18 01:27:23 | 00,333,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srv.sys
[2009/09/18 01:26:38 | 00,455,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys
[2009/09/18 01:26:30 | 00,337,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netapi32.dll
[2009/09/18 01:26:26 | 00,331,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadce.dll
[2009/09/18 01:26:11 | 00,691,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcomm.dll
[2009/09/18 01:25:50 | 00,272,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthport.sys
[2009/09/18 01:25:47 | 00,203,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rmcast.sys
[2009/09/18 01:20:21 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Windows Genuine Advantage
[2009/09/18 01:18:23 | 00,000,508 | ---- | C] () -- C:\WINDOWS\tasks\Scheduled scanning task.job
[2009/09/18 01:17:26 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Spidermonkey\Application Data\F-Secure
[2009/09/18 01:12:41 | 00,069,232 | ---- | C] () -- C:\Documents and Settings\Spidermonkey\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009/09/18 01:00:32 | 00,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2009/09/17 22:43:08 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spnpinst.exe
[2009/09/17 22:43:07 | 00,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img
[2009/09/17 22:43:07 | 00,007,208 | ---- | C] () -- C:\WINDOWS\System32\secupd.sig
[2009/09/17 22:43:07 | 00,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2009/09/17 22:31:05 | 00,013,726 | ---- | C] () -- C:\WINDOWS\System32\wpa.bak
[2009/09/17 22:26:54 | 01,082,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\esent.dll
[2009/09/17 22:25:59 | 00,008,704 | ---- | C] () -- C:\Documents and Settings\Spidermonkey\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/09/17 22:22:13 | 00,026,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spupdsvc.exe
[2009/09/17 22:21:47 | 00,016,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2009/09/17 22:21:34 | 00,354,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winhttp.dll
[2009/09/17 22:21:34 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qmgrprxy.dll
[2009/09/17 22:21:34 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx2.dll
[2009/09/17 22:21:34 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx3.dll
[2009/09/17 22:19:42 | 00,561,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll
[2009/09/17 22:19:42 | 00,323,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll
[2009/09/17 22:19:42 | 00,213,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaucpl.cpl
[2009/09/17 22:19:42 | 00,043,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wups2.dll
[2009/09/17 22:19:42 | 00,034,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wups.dll
[2009/09/17 22:19:42 | 00,031,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll.mui
[2009/09/17 22:19:42 | 00,023,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaucpl.cpl.mui
[2009/09/17 22:19:42 | 00,023,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll.mui
[2009/09/17 22:19:42 | 00,018,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng.dll.mui
[2009/09/17 21:55:55 | 03,755,574 | -H-- | C] () -- C:\Documents and Settings\Spidermonkey\Local Settings\Application Data\IconCache.db
[2009/09/17 21:55:20 | 00,033,920 | ---- | C] () -- C:\WINDOWS\System32\drivers\fsbts.sys
[2009/09/17 21:55:14 | 00,079,872 | ---- | C] (F-Secure Corporation) -- C:\WINDOWS\System32\drivers\fsdfw.sys
[2009/09/17 21:54:40 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\fssg
[2009/09/17 21:53:16 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\f-secure
[2009/09/17 21:52:53 | 74,069,184 | ---- | C] (F-Secure Corporation) -- C:\Documents and Settings\Spidermonkey\Desktop\Embarq_RTM_8.02-109.exe
[2009/09/17 21:28:08 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Spidermonkey\Application Data\Identities
[2009/09/17 21:28:04 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Spidermonkey\My Documents\My Pictures
[2009/09/17 21:28:04 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Spidermonkey\My Documents\My Music
[2009/09/17 21:27:59 | 00,000,000 | --SD | C] -- C:\Documents and Settings\Spidermonkey\Application Data\Microsoft
[2009/09/17 21:27:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Spidermonkey\Local Settings\Application Data\Microsoft
[2009/09/17 21:24:17 | 00,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2009/09/17 21:23:31 | 00,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009/09/17 21:23:24 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winzm.ime
[2009/09/17 21:23:23 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winsp.ime
[2009/09/17 21:23:23 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winpy.ime
[2009/09/17 21:23:23 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winime.ime
[2009/09/17 21:23:22 | 00,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winar30.ime
[2009/09/17 21:23:22 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wingb.ime
[2009/09/17 21:23:20 | 00,041,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.dll
[2009/09/17 21:23:20 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.sys
[2009/09/17 21:23:19 | 00,426,041 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicepad.dll
[2009/09/17 21:23:19 | 00,086,073 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicesub.dll
[2009/09/17 21:23:19 | 00,048,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32.dll
[2009/09/17 21:23:17 | 00,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniime.dll
[2009/09/17 21:23:17 | 00,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unicdime.ime
[2009/09/17 21:23:16 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe
[2009/09/17 21:23:15 | 00,571,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlgnt.ime
[2009/09/17 21:23:15 | 00,455,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintsetp.exe
[2009/09/17 21:23:15 | 00,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\thawbrkr.dll
[2009/09/17 21:23:15 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlphr.exe
[2009/09/17 21:23:15 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmigrate.dll
[2009/09/17 21:23:14 | 00,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdipx.sys
[2009/09/17 21:23:14 | 00,019,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdspx.sys
[2009/09/17 21:23:14 | 00,013,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdasync.sys
[2009/09/17 21:23:12 | 00,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusbusd.dll
[2009/09/17 21:23:11 | 00,143,422 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\softkey.dll
[2009/09/17 21:23:11 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpstup.dll
[2009/09/17 21:23:11 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll
[2009/09/17 21:23:10 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb6w.dll
[2009/09/17 21:23:10 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma3w.dll
[2009/09/17 21:23:10 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsm.dll
[2009/09/17 21:23:10 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll
[2009/09/17 21:23:10 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpapi.dll
[2009/09/17 21:23:10 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smimsgif.dll
[2009/09/17 21:23:10 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsy.dll
[2009/09/17 21:23:09 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm9aw.dll
[2009/09/17 21:23:09 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm87w.dll
[2009/09/17 21:23:09 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm81w.dll
[2009/09/17 21:23:09 | 00,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8cw.dll
[2009/09/17 21:23:09 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm93w.dll
[2009/09/17 21:23:09 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm92w.dll
[2009/09/17 21:23:09 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm90w.dll
[2009/09/17 21:23:09 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8dw.dll
[2009/09/17 21:23:09 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8aw.dll
[2009/09/17 21:23:09 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm89w.dll
[2009/09/17 21:23:09 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm59w.dll
[2009/09/17 21:23:09 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\simptcp.dll
[2009/09/17 21:23:07 | 00,205,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seo.dll
[2009/09/17 21:23:07 | 00,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_scripto.dll
[2009/09/17 21:23:07 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seos.dll
[2009/09/17 21:23:06 | 00,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2009/09/17 21:23:06 | 00,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2009/09/17 21:23:06 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_rwnh.dll
[2009/09/17 21:23:05 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\romanime.ime
[2009/09/17 21:23:04 | 00,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe
[2009/09/17 21:23:04 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe
[2009/09/17 21:23:03 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quick.ime
[2009/09/17 21:23:03 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quser.exe
[2009/09/17 21:23:03 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe
[2009/09/17 21:23:02 | 00,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxviceo.dll
[2009/09/17 21:23:02 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxmcro.dll
[2009/09/17 21:23:02 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxgl.dll
[2009/09/17 21:23:01 | 00,482,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlgnt.ime
[2009/09/17 21:23:01 | 00,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2009/09/17 21:23:01 | 00,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phon.ime
[2009/09/17 21:23:01 | 00,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlphr.exe
[2009/09/17 21:23:01 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmigrate.dll
[2009/09/17 21:23:01 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlcsd.dll
[2009/09/17 21:23:00 | 00,036,927 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs411.dll
[2009/09/17 21:23:00 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs404.dll
[2009/09/17 21:23:00 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs804.dll
[2009/09/17 21:23:00 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs412.dll
[2009/09/17 21:22:58 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll
[2009/09/17 21:22:56 | 00,229,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\multibox.dll
[2009/09/17 21:22:52 | 01,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.lex
[2009/09/17 21:22:52 | 00,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.dll
[2009/09/17 21:22:48 | 00,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.sys
[2009/09/17 21:22:48 | 00,092,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.dll
[2009/09/17 21:22:48 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll
[2009/09/17 21:22:46 | 01,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2009/09/17 21:22:46 | 00,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\korwbrkr.dll
[2009/09/17 21:22:46 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdvntc.dll
[2009/09/17 21:22:46 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdusa.dll
[2009/09/17 21:22:45 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecat.dll
[2009/09/17 21:22:45 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecnt.dll
[2009/09/17 21:22:45 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnec95.dll
[2009/09/17 21:22:45 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth3.dll
[2009/09/17 21:22:45 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth2.dll
[2009/09/17 21:22:45 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdurdu.dll
[2009/09/17 21:22:45 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth1.dll
[2009/09/17 21:22:45 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth0.dll
[2009/09/17 21:22:45 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr2.dll
[2009/09/17 21:22:45 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr1.dll
[2009/09/17 21:22:44 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinpun.dll
[2009/09/17 21:22:44 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintel.dll
[2009/09/17 21:22:44 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintam.dll
[2009/09/17 21:22:44 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinmar.dll
[2009/09/17 21:22:44 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinkan.dll
[2009/09/17 21:22:44 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinhin.dll
[2009/09/17 21:22:44 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinguj.dll
[2009/09/17 21:22:44 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdindev.dll
[2009/09/17 21:22:43 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdheb.dll
[2009/09/17 21:22:43 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdfa.dll
[2009/09/17 21:22:43 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv2.dll
[2009/09/17 21:22:43 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv1.dll
[2009/09/17 21:22:43 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda3.dll
[2009/09/17 21:22:43 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda2.dll
[2009/09/17 21:22:43 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgeo.dll
[2009/09/17 21:22:43 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarmw.dll
[2009/09/17 21:22:43 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarme.dll
[2009/09/17 21:22:42 | 00,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jupiw.dll
[2009/09/17 21:22:42 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101a.dll
[2009/09/17 21:22:42 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda1.dll
[2009/09/17 21:22:40 | 00,471,102 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskdic.dll
[2009/09/17 21:22:40 | 00,315,455 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskf.dll
[2009/09/17 21:22:40 | 00,274,489 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputyc.dll
[2009/09/17 21:22:40 | 00,262,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputy.exe
[2009/09/17 21:22:40 | 00,102,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imlang.dll
[2009/09/17 21:22:40 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imkrinst.exe
[2009/09/17 21:22:40 | 00,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2009/09/17 21:22:40 | 00,045,109 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpuex.exe
[2009/09/17 21:22:39 | 00,233,527 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjprw.exe
[2009/09/17 21:22:39 | 00,208,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpmig.exe
[2009/09/17 21:22:38 | 00,811,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81k.dll
[2009/09/17 21:22:38 | 00,716,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcus.dll
[2009/09/17 21:22:38 | 00,368,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcic.dll
[2009/09/17 21:22:38 | 00,340,023 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81.ime
[2009/09/17 21:22:38 | 00,311,359 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsv.exe
[2009/09/17 21:22:38 | 00,307,257 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.exe
[2009/09/17 21:22:38 | 00,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2009/09/17 21:22:38 | 00,155,705 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdsvr.exe
[2009/09/17 21:22:38 | 00,081,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.dll
[2009/09/17 21:22:38 | 00,057,398 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdadm.exe
[2009/09/17 21:22:37 | 00,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2009/09/17 21:22:37 | 00,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrcic.dll
[2009/09/17 21:22:37 | 00,102,463 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsm.dll
[2009/09/17 21:22:37 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekr61.ime
[2009/09/17 21:22:37 | 00,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmbx.dll
[2009/09/17 21:22:37 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmig.exe
[2009/09/17 21:22:34 | 10,129,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxkor.dll
[2009/09/17 21:22:31 | 13,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2009/09/17 21:22:29 | 10,096,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxcht.dll
[2009/09/17 21:22:28 | 00,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2009/09/17 21:22:28 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hanjadic.dll
[2009/09/17 21:22:27 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsroute.dll
[2009/09/17 21:22:27 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssend.exe
[2009/09/17 21:22:26 | 00,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclntr.dll
[2009/09/17 21:22:26 | 00,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscfgwz.dll
[2009/09/17 21:22:26 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftlx041e.dll
[2009/09/17 21:22:25 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll
[2009/09/17 21:22:25 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe
[2009/09/17 21:22:24 | 00,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll
[2009/09/17 21:22:24 | 00,045,056 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll
[2009/09/17 21:22:24 | 00,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll
[2009/09/17 21:22:24 | 00,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\et4000.sys
[2009/09/17 21:22:23 | 00,514,587 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\edb500.dll
[2009/09/17 21:22:20 | 00,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dayi.ime
[2009/09/17 21:22:19 | 00,057,399 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cplexe.exe
[2009/09/17 21:22:19 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cprofile.exe
[2009/09/17 21:22:18 | 00,480,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintsetp.exe
[2009/09/17 21:22:18 | 00,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintime.dll
[2009/09/17 21:22:18 | 00,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2009/09/17 21:22:18 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtskdic.dll
[2009/09/17 21:22:18 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintlgnt.ime
[2009/09/17 21:22:17 | 01,677,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chsbrkr.dll
[2009/09/17 21:22:17 | 00,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtbrkr.dll
[2009/09/17 21:22:17 | 00,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtmbx.dll
[2009/09/17 21:22:17 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgport.exe
[2009/09/17 21:22:17 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgusr.exe
[2009/09/17 21:22:17 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chglogon.exe
[2009/09/17 21:22:17 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\change.exe
[2009/09/17 21:22:16 | 00,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chajei.ime
[2009/09/17 21:22:16 | 00,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2009/09/17 21:22:15 | 00,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_iscii.dll
[2009/09/17 21:22:15 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_is2022.dll
[2009/09/17 21:22:14 | 00,312,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqueue.dll
[2009/09/17 21:22:14 | 00,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll
[2009/09/17 21:22:13 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll
[2009/09/17 21:22:10 | 02,134,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpsnap.dll
[2009/09/17 21:22:10 | 00,175,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpadm.dll
[2009/09/17 21:22:00 | 00,002,577 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT
[2009/09/17 21:21:59 | 00,025,065 | ---- | C] () -- C:\WINDOWS\System32\wmpscheme.xml
[2009/09/17 21:21:58 | 00,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2009/09/17 21:21:58 | 00,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2009/09/17 21:21:57 | 00,299,552 | ---- | C] () -- C:\WINDOWS\WMSysPrx.prx
[2009/09/17 21:21:52 | 00,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mapi32.dll
[2009/09/17 21:21:52 | 00,000,006 | -H-- | C] () -- C:\WINDOWS\tasks\SA.DAT
[2009/09/17 21:21:16 | 00,000,488 | RH-- | C] () -- C:\WINDOWS\System32\WindowsLogon.manifest
[2009/09/17 21:21:16 | 00,000,488 | RH-- | C] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2009/09/17 21:21:12 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\WindowsShell.Manifest
[2009/09/17 21:21:12 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2009/09/17 21:21:12 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2009/09/17 21:21:12 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2009/09/17 21:21:12 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2009/09/17 21:21:12 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2009/09/17 21:21:03 | 04,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex
[2009/09/17 21:20:42 | 00,099,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helphost.exe
[2009/09/17 21:20:42 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrslv.dll
[2009/09/17 21:20:42 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrcdlg.dll
[2009/09/17 21:20:42 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\racpldlg.dll
[2009/09/17 21:20:42 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\notiflag.exe
[2009/09/17 21:20:42 | 00,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrdm.dll
[2009/09/17 21:20:42 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\brpinfo.dll
[2009/09/17 21:20:42 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atrace.dll
[2009/09/17 21:20:42 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\atrace.dll
[2009/09/17 21:20:42 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hcappres.dll
[2009/09/17 21:20:40 | 00,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2009/09/17 21:20:40 | 00,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2009/09/17 21:20:34 | 00,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srdiag.exe
[2009/09/17 21:20:33 | 00,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msg723.acm
[2009/09/17 21:20:33 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mnmsrvc.exe
[2009/09/17 21:20:33 | 00,032,768 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\isrdbg32.dll
[2009/09/17 21:20:33 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmevtmsg.dll
[2009/09/17 21:20:33 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmevtmsg.dll
[2009/09/17 21:20:33 | 00,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf
[2009/09/17 21:20:32 | 00,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\acctres.dll
[2009/09/17 21:20:32 | 00,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\acctres.dll
[2009/09/17 21:20:31 | 00,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetres.dll
[2009/09/17 21:20:30 | 00,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcfg.dll
[2009/09/17 21:20:30 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\isign32.dll
[2009/09/17 21:20:30 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwdial.dll
[2009/09/17 21:20:30 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwphbk.dll
[2009/09/17 21:20:30 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icfgnt5.dll
[2009/09/17 21:20:30 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icfgnt5.dll
[2009/09/17 21:20:28 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trialoc.dll
[2009/09/17 21:20:27 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwtutor.exe
[2009/09/17 21:20:27 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwres.dll
[2009/09/17 21:20:27 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isignup.exe
[2009/09/17 21:20:23 | 00,409,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qmgr.dll
[2009/09/17 21:20:19 | 00,239,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srrstr.dll
[2009/09/17 21:20:19 | 00,171,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srsvc.dll
[2009/09/17 21:20:18 | 00,364,544 | ---- | C] (Microsoft Corporation (written by Digital Renaissance Inc.)) -- C:\WINDOWS\System32\dllcache\npdsplay.dll
[2009/09/17 21:20:18 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ils.dll
[2009/09/17 21:20:18 | 00,073,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sr.sys
[2009/09/17 21:20:18 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srclient.dll
[2009/09/17 21:20:17 | 00,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msh261.drv
[2009/09/17 21:20:17 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msconf.dll
[2009/09/17 21:20:17 | 00,034,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mnmdd.dll
[2009/09/17 21:20:17 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmmkcert.dll
[2009/09/17 21:20:14 | 00,691,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcomm.dll
[2009/09/17 21:20:14 | 00,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoeacct.dll
[2009/09/17 21:20:14 | 00,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoert2.dll
[2009/09/17 21:20:13 | 00,274,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstask.dll
[2009/09/17 21:20:13 | 00,192,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\schedsvc.dll
[2009/09/17 21:20:13 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstinit.exe
[2009/09/17 21:20:06 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users.WINDOWS\Documents\My Pictures
[2009/09/17 21:20:06 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users.WINDOWS\Documents\My Music
[2009/09/17 21:20:02 | 00,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009/09/17 21:19:43 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\write.exe
[2009/09/17 21:19:43 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\write.exe
[2009/09/17 21:19:39 | 00,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\accwiz.exe
[2009/09/17 21:19:39 | 00,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndvol32.exe
[2009/09/17 21:19:39 | 00,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndvol32.exe
[2009/09/17 21:19:39 | 00,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndrec32.exe
[2009/09/17 21:19:39 | 00,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\access.cpl
[2009/09/17 21:19:39 | 00,044,544 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\hticons.dll
[2009/09/17 21:19:38 | 00,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avtapi.dll
[2009/09/17 21:19:38 | 00,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avtapi.dll
[2009/09/17 21:19:38 | 00,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avwav.dll
[2009/09/17 21:19:38 | 00,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avwav.dll
[2009/09/17 21:19:38 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winchat.exe
[2009/09/17 21:19:38 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winchat.exe
[2009/09/17 21:19:38 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avmeter.dll
[2009/09/17 21:19:38 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avmeter.dll
[2009/09/17 21:19:35 | 00,065,978 | ---- | C] () -- C:\WINDOWS\Soap Bubbles.bmp
[2009/09/17 21:19:35 | 00,065,954 | ---- | C] () -- C:\WINDOWS\Prairie Wind.bmp
[2009/09/17 21:19:35 | 00,065,832 | ---- | C] () -- C:\WINDOWS\Santa Fe Stucco.bmp
[2009/09/17 21:19:35 | 00,026,680 | ---- | C] () -- C:\WINDOWS\River Sumida.bmp
[2009/09/17 21:19:35 | 00,026,582 | ---- | C] () -- C:\WINDOWS\Greenstone.bmp
[2009/09/17 21:19:35 | 00,017,362 | ---- | C] () -- C:\WINDOWS\Rhododendron.bmp
[2009/09/17 21:19:35 | 00,017,336 | ---- | C] () -- C:\WINDOWS\Gone Fishing.bmp
[2009/09/17 21:19:35 | 00,017,062 | ---- | C] () -- C:\WINDOWS\Coffee Bean.bmp
[2009/09/17 21:19:35 | 00,016,730 | ---- | C] () -- C:\WINDOWS\FeatherTexture.bmp
[2009/09/17 21:19:35 | 00,009,522 | ---- | C] () -- C:\WINDOWS\Zapotec.bmp
[2009/09/17 21:19:35 | 00,001,272 | ---- | C] () -- C:\WINDOWS\Blue Lace 16.bmp
[2009/09/17 21:19:34 | 00,605,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\getuname.dll
[2009/09/17 21:19:34 | 00,605,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\getuname.dll
[2009/09/17 21:19:34 | 00,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\calc.exe
[2009/09/17 21:19:34 | 00,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\calc.exe
[2009/09/17 21:19:34 | 00,093,702 | ---- | C] () -- C:\WINDOWS\System32\subrange.uce
[2009/09/17 21:19:34 | 00,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\charmap.exe
[2009/09/17 21:19:34 | 00,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\charmap.exe
[2009/09/17 21:19:34 | 00,060,458 | ---- | C] () -- C:\WINDOWS\System32\ideograf.uce
[2009/09/17 21:19:34 | 00,024,006 | ---- | C] () -- C:\WINDOWS\System32\gb2312.uce
[2009/09/17 21:19:34 | 00,022,984 | ---- | C] () -- C:\WINDOWS\System32\bopomofo.uce
[2009/09/17 21:19:34 | 00,016,740 | ---- | C] () -- C:\WINDOWS\System32\shiftjis.uce
[2009/09/17 21:19:34 | 00,012,876 | ---- | C] () -- C:\WINDOWS\System32\korean.uce
[2009/09/17 21:19:34 | 00,008,484 | ---- | C] () -- C:\WINDOWS\System32\kanji_2.uce
[2009/09/17 21:19:34 | 00,006,948 | ---- | C] () -- C:\WINDOWS\System32\kanji_1.uce
[2009/09/17 21:19:33 | 00,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mshearts.exe
[2009/09/17 21:19:33 | 00,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshearts.exe
[2009/09/17 21:19:33 | 00,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winmine.exe
[2009/09/17 21:19:33 | 00,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmine.exe
[2009/09/17 21:19:33 | 00,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sol.exe
[2009/09/17 21:19:33 | 00,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sol.exe
[2009/09/17 21:19:33 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\freecell.exe
[2009/09/17 21:19:33 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\freecell.exe
[2009/09/17 21:19:33 | 00,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tdtcp.sys
[2009/09/17 21:19:33 | 00,012,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tdpipe.sys
[2009/09/17 21:19:32 | 00,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdshost.exe
[2009/09/17 21:19:32 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\regini.exe
[2009/09/17 21:19:32 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\regini.exe
[2009/09/17 21:19:32 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qwinsta.exe
[2009/09/17 21:19:32 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qwinsta.exe
[2009/09/17 21:19:32 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msg.exe
[2009/09/17 21:19:32 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msg.exe
[2009/09/17 21:19:32 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qprocess.exe
[2009/09/17 21:19:32 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsshutdn.exe
[2009/09/17 21:19:32 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qappsrv.exe
[2009/09/17 21:19:32 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsshutdn.exe
[2009/09/17 21:19:32 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qappsrv.exe
[2009/09/17 21:19:32 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tskill.exe
[2009/09/17 21:19:32 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tskill.exe
[2009/09/17 21:19:32 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rwinsta.exe
[2009/09/17 21:19:32 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rwinsta.exe
[2009/09/17 21:19:32 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\logoff.exe
[2009/09/17 21:19:32 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logoff.exe
[2009/09/17 21:19:32 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsdiscon.exe
[2009/09/17 21:19:32 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscon.exe
[2009/09/17 21:19:32 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\shadow.exe
[2009/09/17 21:19:32 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsdiscon.exe
[2009/09/17 21:19:32 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscon.exe
[2009/09/17 21:19:32 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shadow.exe
[2009/09/17 21:19:32 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\reset.exe
[2009/09/17 21:19:32 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\reset.exe
[2009/09/17 21:19:32 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpcfgex.dll
[2009/09/17 21:19:32 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpcfgex.dll
[2009/09/17 21:19:32 | 00,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h
[2009/09/17 21:19:32 | 00,001,161 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2009/09/17 21:19:31 | 00,956,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtctm.dll
[2009/09/17 21:19:31 | 00,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcuiu.dll
[2009/09/17 21:19:31 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtclog.dll
[2009/09/17 21:19:31 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cdmodem.dll
[2009/09/17 21:19:31 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cdmodem.dll
[2009/09/17 21:19:31 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xolehlp.dll
[2009/09/17 21:19:31 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtc.exe
[2009/09/17 21:19:31 | 00,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h
[2009/09/17 21:19:30 | 00,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comrepl.dll
[2009/09/17 21:19:30 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\colbact.dll
[2009/09/17 21:19:30 | 00,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\stclient.dll
[2009/09/17 21:19:30 | 00,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxlegih.dll
[2009/09/17 21:19:30 | 00,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxdm.dll
[2009/09/17 21:19:30 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comaddin.dll
[2009/09/17 21:19:30 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtsadmin.tlb
[2009/09/17 21:19:30 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dcomcnfg.exe
[2009/09/17 21:19:30 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxex.dll
[2009/09/17 21:19:29 | 00,539,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comuid.dll
[2009/09/17 21:19:29 | 00,498,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clbcatq.dll
[2009/09/17 21:19:29 | 00,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrv.dll
[2009/09/17 21:19:29 | 00,167,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsnap.dll
[2009/09/17 21:19:29 | 00,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clbcatex.dll
[2009/09/17 21:19:29 | 00,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvps.dll
[2009/09/17 21:19:29 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmi2xml.dll
[2009/09/17 21:19:27 | 00,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmitimep.dll
[2009/09/17 21:19:26 | 00,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\updprov.dll
[2009/09/17 21:19:26 | 00,075,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipicmp.dll
[2009/09/17 21:19:26 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmplprov.dll
[2009/09/17 21:19:26 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmimsg.dll
[2009/09/17 21:19:26 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemdisp.tlb
[2009/09/17 21:19:26 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trnsprov.dll
[2009/09/17 21:19:26 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpcons.dll
[2009/09/17 21:19:26 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.tlb
[2009/09/17 21:19:26 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unsecapp.exe
[2009/09/17 21:19:26 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmtr.dll
[2009/09/17 21:19:26 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmt.exe
[2009/09/17 21:19:26 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.dll
[2009/09/17 21:19:25 | 00,273,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msiprov.dll
[2009/09/17 21:19:25 | 00,120,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsprov.dll
[2009/09/17 21:19:25 | 00,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc
[2009/09/17 21:19:25 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fwdprov.dll
[2009/09/17 21:19:24 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\servdeps.dll
[2009/09/17 21:19:24 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmfutil.dll
[2009/09/17 21:19:23 | 00,343,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mspaint.exe
[2009/09/17 21:19:23 | 00,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmprops.dll
[2009/09/17 21:19:23 | 00,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mplay32.exe
[2009/09/17 21:19:23 | 00,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clipbrd.exe
[2009/09/17 21:19:22 | 02,066,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstscax.dll
[2009/09/17 21:19:22 | 01,809,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng.dll
[2009/09/17 21:19:22 | 01,809,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaueng.dll
[2009/09/17 21:19:22 | 00,677,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstsc.exe
[2009/09/17 21:19:22 | 00,538,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spider.exe
[2009/09/17 21:19:22 | 00,139,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rdpwd.sys
[2009/09/17 21:19:22 | 00,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscfgwmi.dll
[2009/09/17 21:19:22 | 00,051,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauclt.exe
[2009/09/17 21:19:22 | 00,051,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauclt.exe
[2009/09/17 21:19:22 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauserv.dll
[2009/09/17 21:19:21 | 00,428,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcprx.dll
[2009/09/17 21:19:21 | 00,295,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\termsrv.dll
[2009/09/17 21:19:21 | 00,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdchost.dll
[2009/09/17 21:19:21 | 00,141,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sessmgr.exe
[2009/09/17 21:19:21 | 00,087,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpwsx.dll
[2009/09/17 21:19:21 | 00,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpclip.exe
[2009/09/17 21:19:21 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\remotepg.dll
[2009/09/17 21:19:21 | 00,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscupgrd.exe
[2009/09/17 21:19:21 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cfgbkend.dll
[2009/09/17 21:19:21 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpsnd.dll
[2009/09/17 21:19:21 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdsaddin.exe
[2009/09/17 21:19:21 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icaapi.dll
[2009/09/17 21:19:20 | 01,267,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsvcs.dll
[2009/09/17 21:19:20 | 00,625,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvut.dll
[2009/09/17 21:19:17 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\licwmi.dll
[2009/09/17 21:19:11 | 00,196,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rdpdr.sys
[2009/09/17 21:19:11 | 00,040,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\termdd.sys
[2009/09/17 16:50:54 | 00,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\audstub.sys
[2009/09/17 16:50:46 | 00,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbprint.sys
[2009/09/17 16:50:45 | 00,057,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\redbook.sys
[2009/09/17 16:50:38 | 00,606,684 | ---- | C] (LT) -- C:\WINDOWS\System32\drivers\ltmdmnt.sys
[2009/09/17 16:50:37 | 00,020,992 | ---- | C] (Realtek Semiconductor Corporation) -- C:\WINDOWS\System32\drivers\rtl8139.sys
[2009/09/17 16:50:31 | 00,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\usbui.dll
[2009/09/17 16:48:53 | 00,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2009/09/17 16:48:47 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28603.nls
[2009/09/17 16:48:46 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_857.nls
[2009/09/17 16:48:46 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28599.nls
[2009/09/17 16:48:46 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10081.nls
[2009/09/17 16:48:46 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuq.dll
[2009/09/17 16:48:46 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuf.dll
[2009/09/17 16:48:46 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtuq.dll
[2009/09/17 16:48:46 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtuf.dll
[2009/09/17 16:48:46 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdazel.dll
[2009/09/17 16:48:46 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdazel.dll
[2009/09/17 16:48:45 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28595.NLS
[2009/09/17 16:48:45 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10017.nls
[2009/09/17 16:48:45 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10007.nls
[2009/09/17 16:48:45 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycc.dll
[2009/09/17 16:48:45 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbduzb.dll
[2009/09/17 16:48:45 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdur.dll
[2009/09/17 16:48:45 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtat.dll
[2009/09/17 16:48:45 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru1.dll
[2009/09/17 16:48:45 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru.dll
[2009/09/17 16:48:45 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmon.dll
[2009/09/17 16:48:45 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkyr.dll
[2009/09/17 16:48:45 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkaz.dll
[2009/09/17 16:48:45 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbu.dll
[2009/09/17 16:48:45 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdblr.dll
[2009/09/17 16:48:45 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdaze.dll
[2009/09/17 16:48:45 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdycc.dll
[2009/09/17 16:48:45 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbduzb.dll
[2009/09/17 16:48:45 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdur.dll
[2009/09/17 16:48:45 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtat.dll
[2009/09/17 16:48:45 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdru1.dll
[2009/09/17 16:48:45 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdru.dll
[2009/09/17 16:48:45 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdmon.dll
[2009/09/17 16:48:45 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkyr.dll
[2009/09/17 16:48:45 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkaz.dll
[2009/09/17 16:48:45 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdbu.dll
[2009/09/17 16:48:45 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdblr.dll
[2009/09/17 16:48:45 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdaze.dll
[2009/09/17 16:48:44 | 00,008,192 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhept.dll
[2009/09/17 16:48:44 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhept.dll
[2009/09/17 16:48:44 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela3.dll
[2009/09/17 16:48:44 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhela3.dll
[2009/09/17 16:48:44 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela2.dll
[2009/09/17 16:48:44 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdgkl.dll
[2009/09/17 16:48:44 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhela2.dll
[2009/09/17 16:48:44 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgkl.dll
[2009/09/17 16:48:44 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe319.dll
[2009/09/17 16:48:44 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe220.dll
[2009/09/17 16:48:44 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe.dll
[2009/09/17 16:48:44 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe319.dll
[2009/09/17 16:48:44 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe220.dll
[2009/09/17 16:48:44 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe.dll
[2009/09/17 16:48:43 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_869.nls
[2009/09/17 16:48:43 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_737.nls
[2009/09/17 16:48:43 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_875.nls
[2009/09/17 16:48:43 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28597.NLS
[2009/09/17 16:48:43 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10006.nls
[2009/09/17 16:48:43 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv1.dll
[2009/09/17 16:48:43 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv.dll
[2009/09/17 16:48:43 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdest.dll
[2009/09/17 16:48:43 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlv1.dll
[2009/09/17 16:48:43 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlv.dll
[2009/09/17 16:48:43 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdest.dll
[2009/09/17 16:48:43 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt1.dll
[2009/09/17 16:48:43 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt.dll
[2009/09/17 16:48:43 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlt1.dll
[2009/09/17 16:48:43 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlt.dll
[2009/09/17 16:48:42 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_866.nls
[2009/09/17 16:48:42 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_855.nls
[2009/09/17 16:48:42 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28594.NLS
[2009/09/17 16:48:41 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_852.nls
[2009/09/17 16:48:41 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10082.nls
[2009/09/17 16:48:41 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10029.nls
[2009/09/17 16:48:41 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10010.nls
[2009/09/17 16:48:41 | 00,007,168 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz.dll
[2009/09/17 16:48:41 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz.dll
[2009/09/17 16:48:41 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycl.dll
[2009/09/17 16:48:41 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl1.dll
[2009/09/17 16:48:41 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl.dll
[2009/09/17 16:48:41 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpl.dll
[2009/09/17 16:48:41 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu.dll
[2009/09/17 16:48:41 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz2.dll
[2009/09/17 16:48:41 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz1.dll
[2009/09/17 16:48:41 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcr.dll
[2009/09/17 16:48:41 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\KBDAL.DLL
[2009/09/17 16:48:41 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdycl.dll
[2009/09/17 16:48:41 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsl1.dll
[2009/09/17 16:48:41 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsl.dll
[2009/09/17 16:48:41 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdpl.dll
[2009/09/17 16:48:41 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhu.dll
[2009/09/17 16:48:41 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz2.dll
[2009/09/17 16:48:41 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz1.dll
[2009/09/17 16:48:41 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcr.dll
[2009/09/17 16:48:41 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdal.dll
[2009/09/17 16:48:41 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdro.dll
[2009/09/17 16:48:41 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpl1.dll
[2009/09/17 16:48:41 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu1.dll
[2009/09/17 16:48:41 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdro.dll
[2009/09/17 16:48:41 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdpl1.dll
[2009/09/17 16:48:41 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhu1.dll
[2009/09/17 16:48:40 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_20127.nls
[2009/09/17 16:48:39 | 00,176,157 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dllcache\dgrpsetu.dll
[2009/09/17 16:48:39 | 00,176,157 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dgrpsetu.dll
[2009/09/17 16:48:39 | 00,103,424 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\EqnClass.Dll
[2009/09/17 16:48:39 | 00,103,424 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqnclass.dll
[2009/09/17 16:48:39 | 00,085,020 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dllcache\dgsetup.dll
[2009/09/17 16:48:39 | 00,085,020 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dgsetup.dll
[2009/09/17 16:48:39 | 00,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\spxcoins.dll
[2009/09/17 16:48:39 | 00,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxcoins.dll
[2009/09/17 16:48:39 | 00,013,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wfwnet.drv
[2009/09/17 16:48:39 | 00,013,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\WFWNET.DRV
[2009/09/17 16:48:39 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irclass.dll
[2009/09/17 16:48:39 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irclass.dll
[2009/09/17 16:48:39 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\irenum.sys
[2009/09/17 16:48:39 | 00,009,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ver.dll
[2009/09/17 16:48:39 | 00,009,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VER.DLL
[2009/09/17 16:48:39 | 00,002,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vga.drv
[2009/09/17 16:48:39 | 00,002,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VGA.DRV
[2009/09/17 16:48:38 | 00,126,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msvideo.dll
[2009/09/17 16:48:38 | 00,126,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MSVIDEO.DLL
[2009/09/17 16:48:38 | 00,109,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avifile.dll
[2009/09/17 16:48:38 | 00,109,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVIFILE.DLL
[2009/09/17 16:48:38 | 00,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\olecli.dll
[2009/09/17 16:48:38 | 00,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLECLI.DLL
[2009/09/17 16:48:38 | 00,073,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mciavi.drv
[2009/09/17 16:48:38 | 00,073,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIAVI.DRV
[2009/09/17 16:48:38 | 00,069,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avicap.dll
[2009/09/17 16:48:38 | 00,069,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVICAP.DLL
[2009/09/17 16:48:38 | 00,068,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\mmsystem.dll
[2009/09/17 16:48:38 | 00,032,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\commdlg.dll
[2009/09/17 16:48:38 | 00,032,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\COMMDLG.DLL
[2009/09/17 16:48:38 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mciwave.drv
[2009/09/17 16:48:38 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIWAVE.DRV
[2009/09/17 16:48:38 | 00,025,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mciseq.drv
[2009/09/17 16:48:38 | 00,025,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCISEQ.DRV
[2009/09/17 16:48:38 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\olesvr.dll
[2009/09/17 16:48:38 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLESVR.DLL
[2009/09/17 16:48:38 | 00,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tapi.dll
[2009/09/17 16:48:38 | 00,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TAPI.DLL
[2009/09/17 16:48:38 | 00,009,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lzexpand.dll
[2009/09/17 16:48:38 | 00,009,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\LZEXPAND.DLL
[2009/09/17 16:48:38 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shell.dll
[2009/09/17 16:48:38 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SHELL.DLL
[2009/09/17 16:48:38 | 00,004,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\timer.drv
[2009/09/17 16:48:38 | 00,004,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TIMER.DRV
[2009/09/17 16:48:38 | 00,003,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\system.drv
[2009/09/17 16:48:38 | 00,003,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SYSTEM.DRV
[2009/09/17 16:48:38 | 00,002,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mouse.drv
[2009/09/17 16:48:38 | 00,002,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MOUSE.DRV
[2009/09/17 16:48:38 | 00,002,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\keyboard.drv
[2009/09/17 16:48:38 | 00,002,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\KEYBOARD.DRV
[2009/09/17 16:48:38 | 00,001,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sound.drv
[2009/09/17 16:48:38 | 00,001,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SOUND.DRV
[2009/09/17 16:48:38 | 00,001,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mmtask.tsk
[2009/09/17 16:48:38 | 00,001,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MMTASK.TSK
[2009/09/17 16:48:37 | 00,146,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\winspool.drv
[2009/09/17 16:48:37 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\notepad.exe
[2009/09/17 16:48:37 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\TASKMAN.EXE
[2009/09/17 16:48:37 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\taskman.exe
[2009/09/17 16:48:37 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\batt.dll
[2009/09/17 16:48:37 | 00,001,688 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2009/09/17 16:48:36 | 00,074,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\storprop.dll
[2009/09/17 16:48:32 | 00,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2009/09/17 16:48:32 | 00,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2009/09/17 16:48:32 | 00,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2009/09/17 16:48:32 | 00,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2009/09/17 16:48:32 | 00,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2009/09/17 16:48:32 | 00,007,029 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2009/09/17 16:48:19 | 00,000,000 | --SD | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft
[2009/09/17 16:48:01 | 00,264,616 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/09/17 16:47:15 | 00,000,237 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf
[2009/09/16 08:07:31 | 00,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2009/09/15 19:38:39 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Games
[2009/09/07 16:09:48 | 00,000,000 | ---D | C] -- C:\Program Files\termma
[2009/09/05 17:58:42 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2009/08/30 00:11:21 | 00,000,000 | ---D | C] -- C:\Program Files\PokerStars
[2009/06/20 19:55:17 | 00,088,576 | -HS- | C] () -- C:\WINDOWS\System32\nohiyizi.dll
[2009/06/20 07:55:02 | 00,088,064 | -HS- | C] () -- C:\WINDOWS\System32\gigivada.dll
[2009/06/20 07:55:02 | 00,050,688 | -HS- | C] () -- C:\WINDOWS\System32\fovayaga.dll
[2009/06/19 07:55:13 | 00,050,688 | -HS- | C] () -- C:\WINDOWS\System32\jabihoju.dll
[2009/06/19 07:55:13 | 00,050,688 | -HS- | C] () -- C:\WINDOWS\System32\gasowihu.dll
[2009/06/19 07:55:13 | 00,050,688 | ---- | C] () -- C:\WINDOWS\System32\jasosise.dll
[2009/06/19 07:54:41 | 00,088,064 | -HS- | C] () -- C:\WINDOWS\System32\beromavu.dll
[2009/06/19 07:54:41 | 00,050,688 | -HS- | C] () -- C:\WINDOWS\System32\folelali.dll
[2009/03/03 12:18:04 | 00,073,728 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2008/09/17 23:55:00 | 01,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2008/09/17 23:55:00 | 01,503,232 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2008/09/17 23:55:00 | 01,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2008/09/17 23:55:00 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008/09/17 23:55:00 | 00,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2003/03/31 15:00:00 | 00,000,702 | ---- | C] () -- C:\WINDOWS\win.ini
[2003/03/31 15:00:00 | 00,000,231 | ---- | C] () -- C:\WINDOWS\system.ini

========== Files - Modified Within 30 Days ==========

[1 C:\WINDOWS\System32\*.tmp files]
[4 C:\WINDOWS\*.tmp files]
[2009/09/21 19:29:55 | 00,011,168 | -H-- | M] () -- C:\WINDOWS\System32\nobusewa
[2009/09/21 19:29:17 | 00,514,560 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Spidermonkey\Desktop\OTL.exe
[2009/09/21 19:27:11 | 00,054,147 | ---- | M] () -- C:\VETlog.dmp
[2009/09/21 19:27:06 | 00,069,232 | ---- | M] () -- C:\Documents and Settings\Spidermonkey\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009/09/21 19:27:06 | 00,000,702 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/09/21 19:26:35 | 00,200,712 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2009/09/21 19:24:52 | 00,013,726 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/09/21 19:24:52 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/09/21 19:24:50 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/09/21 19:23:30 | 03,755,574 | -H-- | M] () -- C:\Documents and Settings\Spidermonkey\Local Settings\Application Data\IconCache.db
[2009/09/21 18:53:59 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\19895.exe
[2009/09/21 18:52:56 | 00,000,703 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/09/21 18:51:05 | 04,045,528 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Spidermonkey\Desktop\mbam-setup.exe
[2009/09/21 18:21:12 | 03,029,920 | ---- | M] () -- C:\Documents and Settings\Spidermonkey\My Documents\TheWoodSpider_1.wmv
[2009/09/21 18:17:46 | 00,084,625 | ---- | M] () -- C:\Documents and Settings\Spidermonkey\My Documents\ATT00076.jpg
[2009/09/21 18:01:32 | 00,143,444 | ---- | M] () -- C:\Documents and Settings\Spidermonkey\My Documents\EMT Driver Charged with Murder had Methadone in System at Time of Accident.docx
[2009/09/21 17:53:59 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\19718.exe
[2009/09/21 16:53:58 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\18716.exe
[2009/09/21 15:53:56 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\17421.exe
[2009/09/21 14:53:56 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\12382.exe
[2009/09/21 13:53:55 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\292.exe
[2009/09/21 12:53:55 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\153.exe
[2009/09/21 11:53:54 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\3902.exe
[2009/09/21 10:53:54 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\14604.exe
[2009/09/21 09:53:53 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\32391.exe
[2009/09/21 08:53:53 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\5436.exe
[2009/09/21 07:55:26 | 00,073,216 | -HS- | M] () -- C:\WINDOWS\System32\nonebetu.exe
[2009/09/21 07:53:53 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\4827.exe
[2009/09/21 06:53:52 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\11942.exe
[2009/09/21 05:53:52 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\2995.exe
[2009/09/21 04:53:51 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\491.exe
[2009/09/21 03:53:51 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\9961.exe
[2009/09/21 02:53:50 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\16827.exe
[2009/09/21 01:53:50 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\23281.exe
[2009/09/21 00:53:49 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\28145.exe
[2009/09/21 00:05:23 | 00,000,508 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled scanning task.job
[2009/09/20 23:53:49 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\5705.exe
[2009/09/20 22:53:48 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\24464.exe
[2009/09/20 21:53:48 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\26962.exe
[2009/09/20 20:53:47 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\29358.exe
[2009/09/20 19:55:18 | 00,088,576 | -HS- | M] () -- C:\WINDOWS\System32\nohiyizi.dll
[2009/09/20 19:53:47 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\11478.exe
[2009/09/20 18:53:46 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\15724.exe
[2009/09/20 17:53:46 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\19169.exe
[2009/09/20 16:53:45 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\26500.exe
[2009/09/20 15:53:44 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\6334.exe
[2009/09/20 15:38:52 | 00,000,000 | ---- | M] () -- C:\Documents and Settings\Spidermonkey\Desktop\settings.dat
[2009/09/20 15:38:22 | 00,472,064 | ---- | M] ( ) -- C:\Documents and Settings\Spidermonkey\Desktop\RootRepeal.exe
[2009/09/20 15:35:39 | 00,359,932 | ---- | M] () -- C:\Documents and Settings\Spidermonkey\Desktop\dds.scr
[2009/09/20 15:11:30 | 00,001,741 | ---- | M] () -- C:\Documents and Settings\Spidermonkey\Desktop\HijackThis.lnk
[2009/09/20 14:53:43 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\18467.exe
[2009/09/20 13:53:43 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\41.exe
[2009/09/20 07:55:03 | 00,088,064 | -HS- | M] () -- C:\WINDOWS\System32\gigivada.dll
[2009/09/19 10:42:34 | 00,001,644 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Spyware Doctor.lnk
[2009/09/19 07:55:12 | 00,050,688 | -HS- | M] () -- C:\WINDOWS\System32\folelali.dll
[2009/09/19 07:54:42 | 00,088,064 | -HS- | M] () -- C:\WINDOWS\System32\beromavu.dll
[2009/09/19 07:01:29 | 00,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009/09/18 15:54:08 | 00,940,794 | ---- | M] () -- C:\WINDOWS\System32\LoopyMusic.wav
[2009/09/18 15:54:08 | 00,146,650 | ---- | M] () -- C:\WINDOWS\System32\BuzzingBee.wav
[2009/09/18 14:46:01 | 00,264,616 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/09/18 06:39:09 | 02,785,792 | ---- | M] () -- C:\Documents and Settings\Spidermonkey\My Documents\BBQInvitation.pps
[2009/09/18 06:36:17 | 00,000,619 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\AOL 9.1.lnk
[2009/09/18 06:36:15 | 00,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2009/09/18 04:05:02 | 00,000,335 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2009/09/18 04:01:28 | 00,000,810 | ---- | M] () -- C:\Documents and Settings\Spidermonkey\Desktop\Internet Explorer.lnk
[2009/09/18 03:40:23 | 00,140,997 | ---- | M] () -- C:\WINDOWS\hpoins14.dat
[2009/09/18 03:39:44 | 00,001,865 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\HP Photosmart Essential 2.01.lnk
[2009/09/18 03:38:46 | 00,001,815 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2009/09/18 03:38:24 | 00,000,991 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\HP Solution Center.lnk
[2009/09/18 03:07:32 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/09/18 02:27:30 | 00,318,732 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/09/18 02:27:30 | 00,043,236 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/09/18 02:27:29 | 00,367,288 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/09/18 02:14:39 | 00,250,048 | RHS- | M] () -- C:\ntldr
[2009/09/18 01:00:37 | 00,000,316 | RHS- | M] () -- C:\boot.ini
[2009/09/18 00:55:33 | 00,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2009/09/17 22:31:04 | 00,013,726 | ---- | M] () -- C:\WINDOWS\System32\wpa.bak
[2009/09/17 22:26:04 | 00,008,704 | ---- | M] () -- C:\Documents and Settings\Spidermonkey\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/09/17 22:00:50 | 00,033,920 | ---- | M] () -- C:\WINDOWS\System32\drivers\fsbts.sys
[2009/09/17 21:52:53 | 74,069,184 | ---- | M] (F-Secure Corporation) -- C:\Documents and Settings\Spidermonkey\Desktop\Embarq_RTM_8.02-109.exe
[2009/09/17 21:28:08 | 00,025,065 | ---- | M] () -- C:\WINDOWS\System32\wmpscheme.xml
[2009/09/17 21:24:17 | 00,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD
[2009/09/17 21:23:33 | 00,000,237 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2009/09/17 21:22:00 | 00,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2009/09/17 21:22:00 | 00,000,000 | ---- | M] () -- C:\WINDOWS\control.ini
[2009/09/17 21:21:58 | 00,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2009/09/17 21:21:58 | 00,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2009/09/17 21:21:57 | 00,299,552 | ---- | M] () -- C:\WINDOWS\WMSysPrx.prx
[2009/09/17 21:21:52 | 00,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2009/09/17 21:21:16 | 00,000,488 | RH-- | M] () -- C:\WINDOWS\System32\WindowsLogon.manifest
[2009/09/17 21:21:16 | 00,000,488 | RH-- | M] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2009/09/17 21:21:12 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\WindowsShell.Manifest
[2009/09/17 21:21:12 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2009/09/17 21:21:12 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2009/09/17 21:21:12 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2009/09/17 21:21:12 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2009/09/17 21:21:12 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2009/09/17 21:20:02 | 00,021,640 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009/09/17 21:20:00 | 00,000,037 | ---- | M] () -- C:\WINDOWS\vbaddin.ini
[2009/09/17 21:20:00 | 00,000,036 | ---- | M] () -- C:\WINDOWS\vb.ini
[2009/09/17 16:48:48 | 00,000,231 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/09/11 21:45:48 | 05,911,552 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\RtkHDAud.sys
[2009/09/11 13:33:48 | 18,717,696 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.EXE
[2009/09/10 14:54:06 | 00,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/09/10 14:53:50 | 00,019,160 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/09/03 21:30:30 | 00,405,504 | ---- | M] (Realtek Semiconductor Crop.) -- C:\WINDOWS\vncutil.exe
[2009/09/02 14:56:14 | 00,041,472 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\RtkCoInstXP.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 128 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:DFC5A2B2
< End of report >

Malwarebytes' Anti-Malware 1.41
Database version: 2839
Windows 5.1.2600 Service Pack 3

9/21/2009 7:22:46 PM
mbam-log-2009-09-21 (19-22-46).txt

Scan type: Quick Scan
Objects scanned: 190362
Time elapsed: 26 minute(s), 26 second(s)

Memory Processes Infected: 1
Memory Modules Infected: 2
Registry Keys Infected: 7
Registry Values Infected: 7
Registry Data Items Infected: 12
Folders Infected: 4
Files Infected: 54

Memory Processes Infected:
C:\WINDOWS\system32\winupdate.exe (Trojan.FakeAlert) -> Unloaded process successfully.

Memory Modules Infected:
C:\WINDOWS\system32\nagujeja.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\jasosise.dll (Trojan.Vundo) -> Delete on reboot.

Registry Keys Infected:
HKEY_CLASSES_ROOT\CLSID\{eefc3f7d-4aea-490a-a9a8-b942a2ce24ef} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{19127ad2-394b-70f5-c650-b97867baa1f7} (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{43bf8cd1-c5d5-2230-7bb2-98f22c2b7dc6} (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{19127ad2-394b-70f5-c650-b97867baa1f7} (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{43bf8cd1-c5d5-2230-7bb2-98f22c2b7dc6} (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\systemsecurity2009 (Rogue.TotalSecurity) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\AVR (Rogue.AdvancedVirusRemover) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\zawavereb (Trojan.Vundo.H) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{eefc3f7d-4aea-490a-a9a8-b942a2ce24ef} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\vodewipat (Trojan.Vundo.H) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\winupdate.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Network\UID (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\14989534 (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\15815624 (Rogue.Multiple) -> Quarantined and deleted successfully.

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Vundo.H) -> Data: c:\windows\system32\nagujeja.dll -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Vundo.H) -> Data: system32\nagujeja.dll -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Trojan.FakeAlert) -> Data: c:\windows\system32\sdra64.exe -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Trojan.FakeAlert) -> Data: system32\sdra64.exe -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop\NoChangingWallpaper (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktopChanges (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSetActiveDesktop (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\activedesktop\NoChangingWallpaper (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktopChanges (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSetActiveDesktop (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Hijack.Userinit) -> Bad: (C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\sdra64.exe,) Good: (Userinit.exe) -> Quarantined and deleted successfully.

Folders Infected:
C:\Program Files\AdvancedVirusRemover (Rogue.AdvancedVirusRemover) -> Quarantined and deleted successfully.
C:\Documents and Settings\Spidermonkey\Start Menu\Programs\Total Security (Rogue.TotalSecurity) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stef.WILLIAMSFAMILY\Start Menu\Programs\Total Security (Rogue.TotalSecurity) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lowsec (Stolen.data) -> Delete on reboot.

Files Infected:
c:\WINDOWS\system32\nagujeja.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\winupdate.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\RECYCLER\S-1-5-21-682003330-1580436667-725345543-1004\Dc4\junk.exe (Rogue.TotalSecurity) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dokakuru.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tihaduza.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wahafuhi.exe (Rogue.TotalSecurity) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wenijalu.exe (Rogue.TotalSecurity) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vinabino.exe (Rogue.TotalSecurity) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mulipiza.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\napokoku.exe (Rogue.TotalSecurity) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wolugeri.exe (Rogue.TotalSecurity) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nolomipu.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\winhelper.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wuzakoba.exe (Rogue.TotalSecurity) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\zahasila.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\zobedagu.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rudedepo.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\runivito.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jeff\Local Settings\Temp\10D.tmp (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jeff\Local Settings\Temp\18D.0mp (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jeff\Local Settings\Temp\1F4.0mp (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jeff\Local Settings\Temp\243.tmp (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jeff\Local Settings\Temp\2830.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jeff\Local Settings\Temp\29B.0mp (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jeff\Local Settings\Temp\313.0mp (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jeff\Local Settings\Temp\31A.0mp (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jeff\Local Settings\Temp\32.0mp (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jeff\Local Settings\Temp\409.0mp (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jeff\Local Settings\Temp\418.0mp (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jeff\Local Settings\Temp\41E.0mp (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jeff\Local Settings\Temp\424.0mp (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jeff\Local Settings\Temp\427.0mp (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jeff\Local Settings\Temp\~.exe (Trojan.Wantvi) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jeff\Local Settings\Temp\84.0mp (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jeff\Local Settings\Temp\8E.0mp (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jeff\Local Settings\Temp\F2.0mp (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\8XYR0DIV\RegistryConvoy_Setup[1].exe (Rogue.RegTidy) -> Quarantined and deleted successfully.
C:\Documents and Settings\Spidermonkey\Start Menu\Programs\Total Security\Total Security 2009.lnk (Rogue.TotalSecurity) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stef.WILLIAMSFAMILY\Start Menu\Programs\Total Security\Total Security 2009.lnk (Rogue.TotalSecurity) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lowsec\local.ds (Stolen.data) -> Delete on reboot.
C:\WINDOWS\system32\lowsec\user.ds (Stolen.data) -> Delete on reboot.
C:\Documents and Settings\Stef.WILLIAMSFAMILY\Desktop\Total Security 2009.lnk (Rogue.TotalSecurity) -> Quarantined and deleted successfully.
C:\Documents and Settings\Spidermonkey\Application Data\Microsoft\Internet Explorer\Quick Launch\Advanced Virus Remover.lnk (Rogue.AdvancedVirusRemover) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\jasosise.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\sdra64.exe (Trojan.FakeAlert) -> Delete on reboot.
C:\Documents and Settings\Jeff\Local Settings\Temp\tmpwr2 (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jeff\Local Settings\Temp\tmpwr3 (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jeff\Local Settings\Temp\tmpwr4 (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jeff\Local Settings\Temp\tmpwr5 (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jeff\Local Settings\Temp\tmpwr6 (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jeff\Local Settings\Temp\tmpwr7 (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jeff\Local Settings\Temp\tmpwr8 (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jeff\Local Settings\Temp\tmpwr9 (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Documents\gifnoc.xtx (Trojan.Agent) -> Quarantined and deleted successfully.

#4 Spidermonkey

Spidermonkey
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:01:02 PM

Posted 21 September 2009 - 11:25 PM

Hi Sam. Thank's for your assistance in getting my computer up and running again. Everything seems to be running ok now. I will monitor it for a couple of days and post back if it starts acting up again. God Bless and H ave a Great Day.

#5 Buckeye_Sam

Buckeye_Sam

    Malware Expert


  • Members
  • 17,382 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Pickerington, Ohio
  • Local time:12:02 PM

Posted 22 September 2009 - 03:04 PM

Did you run the Malwarebytes scan before or after you ran the OTL scan? I still see several issues in your log.
Posted Image If I have helped you in any way, please consider a donation to help me continue the fight against malware.


Failing to respond back to the person that is giving up their own time to help you not only is insensitive and disrespectful, but it guarantees that you will never receive help from me again. Please thank your helpers and there will always be help here when you need it!


========================================================

#6 Spidermonkey

Spidermonkey
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:01:02 PM

Posted 22 September 2009 - 04:11 PM

I ran the Malwarebytes scan first then the OTL scan.

#7 Buckeye_Sam

Buckeye_Sam

    Malware Expert


  • Members
  • 17,382 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Pickerington, Ohio
  • Local time:12:02 PM

Posted 23 September 2009 - 07:28 AM

In that case, you still have several infections.

Please run a free online scan with the ESET Online Scanner
Note: You will need to use Internet Explorer for this scan
  • Tick the box next to YES, I accept the Terms of Use
  • Click Start
  • When asked, allow the ActiveX control to install
  • Click Start
  • Make sure that the options Remove found threats and the option Scan unwanted applications is checked
  • Click Scan (This scan can take several hours, so please be patient)
  • Once the scan is completed, you may close the window
  • Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
  • Copy and paste that log as a reply to this topic


Please post a new log from OTL after running the Eset scan.
Posted Image If I have helped you in any way, please consider a donation to help me continue the fight against malware.


Failing to respond back to the person that is giving up their own time to help you not only is insensitive and disrespectful, but it guarantees that you will never receive help from me again. Please thank your helpers and there will always be help here when you need it!


========================================================

#8 Spidermonkey

Spidermonkey
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:01:02 PM

Posted 25 September 2009 - 12:56 PM

Here is the eset logs and the new otl log. You were right. Still having some problems. Thanks for your help.



ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# version=6
# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
# OnlineScanner.ocx=1.0.0.6050
# api_version=3.0.2
# EOSSerial=43d2a8e8527f274a988856dd4fcec860
# end=stopped
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2009-09-23 01:19:02
# local_time=2009-09-23 09:19:02 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=2305 21 100 100 958304843750
# scanned=9718
# found=0
# cleaned=0
# scan_time=328
esets_scanner_update returned -1 esets_gle=53251
# version=6
# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
# OnlineScanner.ocx=1.0.0.6050
# api_version=3.0.2
# EOSSerial=43d2a8e8527f274a988856dd4fcec860
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2009-09-23 02:24:57
# local_time=2009-09-23 10:24:57 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=2305 21 100 100 997853281250
# scanned=137405
# found=28
# cleaned=28
# scan_time=3703
C:\Documents and Settings\Jeff\Local Settings\Temp\24B.tmp a variant of Win32/Kryptik.AKT trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\Jeff\Local Settings\Temp\a.0xe Win32/TrojanDownloader.FakeAlert.AHS trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\Jeff\Local Settings\Temp\b.0xe Win32/TrojanDownloader.FakeAlert.AIN trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\Jeff\Local Settings\Temp\c.exe a variant of Win32/Kryptik.AMF trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\Jeff\Local Settings\Temp\d.0xe Win32/TrojanDownloader.FakeAlert.AHS trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\Jeff\Local Settings\Temp\e.0xe Win32/TrojanDownloader.FakeAlert.AIN trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\Jeff\Local Settings\Temp\f.exe a variant of Win32/Kryptik.AMF trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\Jeff\Local Settings\Temp\g.exe a variant of Win32/Kryptik.AMF trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\Jeff\Local Settings\Temp\h.exe Win32/TrojanDownloader.FakeAlert.AIN trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\Jeff\Local Settings\Temp\msxml71.0ll Win32/TrojanDownloader.FakeAlert.AIM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\RECYCLER\S-1-5-21-776561741-117609710-839522115-500\Dc1\tmp\wispex.html Win32/Adware.WinAntiVirus application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\system32\beromavu.dll a variant of Win32/Adware.Virtumonde.NFM application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\system32\bikuhagu.dll a variant of Win32/Adware.Virtumonde.NFM application (cleaned by deleting (after the next restart) - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\system32\folelali.dll a variant of Win32/Adware.Virtumonde.NFM application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\system32\gigivada.dll a variant of Win32/Adware.Virtumonde.NFM application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\system32\hekunupi.dll a variant of Win32/Adware.Virtumonde.NFM application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\system32\hupekepo.dll a variant of Win32/Adware.Virtumonde.NFM application (cleaned by deleting (after the next restart) - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\system32\levururi.dll a variant of Win32/Adware.Virtumonde.NFM application (cleaned by deleting (after the next restart) - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\system32\lidanufu.dll a variant of Win32/Adware.Virtumonde.NFM application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\system32\nohiyizi.dll a variant of Win32/Adware.Virtumonde.NFM application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\system32\nonebetu.exe a variant of Win32/Adware.Virtumonde.NFM application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\system32\palifomu.dll a variant of Win32/Adware.Virtumonde.NFM application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\system32\pefedamu.dll a variant of Win32/Adware.Virtumonde.NFM application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\system32\sizumeju.dll a variant of Win32/Adware.Virtumonde.NFM application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\system32\tuwejipe.dll a variant of Win32/Adware.Virtumonde.NFM application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\system32\wujidali.dll a variant of Win32/Adware.Virtumonde.NFM application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\system32\yezoyeta.dll a variant of Win32/Adware.Virtumonde.NFM application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\system32\zagonibu.dll a variant of Win32/Adware.Virtumonde.NFM application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

OTL logfile created on: 9/25/2009 1:37:21 PM - Run 2
OTL by OldTimer - Version 3.0.14.0 Folder = C:\Documents and Settings\Spidermonkey\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

958.42 Mb Total Physical Memory | 453.46 Mb Available Physical Memory | 47.31% Memory free
2.26 Gb Paging File | 1.53 Gb Available in Paging File | 67.79% Paging File free
Paging file location(s): C:\pagefile.sys 1440 2880 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 298.09 Gb Total Space | 230.89 Gb Free Space | 77.46% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: WILLIAMSFAMILY
Current User Name: Spidermonkey
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2006/10/23 08:50:35 | 00,046,640 | R--- | M] (AOL LLC) -- C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
PRC - [2009/05/29 13:41:26 | 00,144,712 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2009/04/06 11:28:54 | 00,215,648 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Embarq Online Security 8\Anti-Virus\fsgk32st.exe
PRC - [2009/04/06 11:34:16 | 00,117,400 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Embarq Online Security 8\Common\FSMA32.EXE
PRC - [2009/04/06 11:28:54 | 00,440,416 | ---- | M] (F-Secure Corp.) -- C:\Program Files\Embarq Online Security 8\Anti-Virus\FSGK32.EXE
PRC - [2009/04/06 11:34:18 | 00,232,088 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Embarq Online Security 8\Common\FSMB32.EXE
PRC - [2008/09/17 23:55:00 | 00,163,908 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvsvc32.exe
PRC - [2009/04/06 11:34:12 | 00,125,592 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Embarq Online Security 8\Common\FCH32.EXE
PRC - [2009/01/07 12:40:56 | 00,348,752 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsAuxs.exe
PRC - [2009/04/06 11:34:10 | 00,404,064 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Embarq Online Security 8\Common\FAMEH32.EXE
PRC - [2009/04/06 11:28:54 | 00,043,680 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Embarq Online Security 8\Anti-Virus\fsqh.exe
PRC - [2009/04/06 11:34:46 | 00,707,168 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Embarq Online Security 8\FSPC\fspc.exe
PRC - [2009/04/06 11:27:58 | 00,490,080 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Embarq Online Security 8\FSAUA\program\fsaua.exe
PRC - [2009/04/06 11:28:56 | 00,519,776 | ---- | M] (F-Secure Corp.) -- C:\Program Files\Embarq Online Security 8\Anti-Virus\fssm32.exe
PRC - [2009/04/06 11:35:58 | 00,055,904 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Embarq Online Security 8\ORSP Client\fsorsp.exe
PRC - [2009/04/06 11:29:48 | 00,510,560 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Embarq Online Security 8\FWES\Program\fsdfwd.exe
PRC - [2009/04/09 07:43:06 | 00,174,688 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Embarq Online Security 8\FSAUA\program\fsus.exe
PRC - [2009/04/06 11:28:52 | 00,349,280 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Embarq Online Security 8\Anti-Virus\fsav32.exe
PRC - [2008/04/13 20:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
PRC - [2009/04/06 11:34:14 | 00,182,936 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Embarq Online Security 8\Common\FSM32.EXE
PRC - [2007/03/11 22:34:40 | 00,049,152 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
PRC - [2008/06/24 14:34:50 | 00,041,824 | ---- | M] (AOL LLC) -- C:\Program Files\Common Files\AOL\1253270060\ee\AOLSoftware.exe
PRC - [2009/04/06 11:32:52 | 00,604,768 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Embarq Online Security 8\FSGUI\fsguidll.exe
PRC - [2009/09/11 13:33:48 | 18,717,696 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.EXE
PRC - [2009/07/22 22:44:50 | 01,181,064 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsTray.exe
PRC - [2009/09/08 21:09:42 | 00,305,440 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe
PRC - [2007/03/11 22:26:24 | 00,210,520 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
PRC - [2009/09/08 21:09:30 | 00,545,568 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
PRC - [2007/03/11 22:32:42 | 00,151,552 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
PRC - [2008/11/06 07:42:59 | 00,039,208 | ---- | M] (AOL, LLC.) -- C:\Program Files\AOL 9.1\waol.exe
PRC - [2008/11/06 07:42:59 | 00,054,568 | ---- | M] (AOL, LLC.) -- C:\Program Files\AOL 9.1\shellmon.exe
PRC - [2009/03/08 14:09:26 | 00,638,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
PRC - [2009/03/08 14:09:26 | 00,638,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
PRC - [2009/09/21 19:29:17 | 00,514,560 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Spidermonkey\Desktop\OTL.exe

========== Win32 Services (SafeList) ==========

SRV - [2006/10/23 08:50:35 | 00,046,640 | R--- | M] (AOL LLC) -- C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe -- (AOL ACS [Auto | Running])
SRV - [2009/05/29 13:41:26 | 00,144,712 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device [Auto | Running])
SRV - [2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Running])
SRV - [2009/04/06 11:28:54 | 00,215,648 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Embarq Online Security 8\Anti-Virus\fsgk32st.exe -- (F-Secure Gatekeeper Handler Starter [Auto | Running])
SRV - [2009/04/06 11:27:58 | 00,490,080 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Embarq Online Security 8\FSAUA\program\fsaua.exe -- (FSAUA [On_Demand | Running])
SRV - [2009/04/06 11:29:48 | 00,510,560 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Embarq Online Security 8\FWES\Program\fsdfwd.exe -- (FSDFWD [On_Demand | Running])
SRV - [2009/04/06 11:34:16 | 00,117,400 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Embarq Online Security 8\Common\FSMA32.EXE -- (FSMA [Auto | Running])
SRV - [2009/04/06 11:35:58 | 00,055,904 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Embarq Online Security 8\ORSP Client\fsorsp.exe -- (FSORSPClient [On_Demand | Running])
SRV - [2008/04/13 20:12:02 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2007/06/04 22:14:50 | 00,217,088 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll -- (hpqcxs08 [On_Demand | Running])
SRV - [2007/06/04 22:14:50 | 00,131,072 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll -- (hpqddsvc [Auto | Running])
SRV - [2009/09/08 21:09:30 | 00,545,568 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service [On_Demand | Running])
SRV - [2006/11/08 16:35:36 | 00,043,520 | ---- | M] (Hewlett-Packard) -- C:\WINDOWS\System32\HPZinw12.dll -- (Net Driver HPZ12 [Auto | Running])
SRV - [2008/09/17 23:55:00 | 00,163,908 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvsvc32.exe -- (NVSvc [Auto | Running])
SRV - [2006/10/26 19:49:34 | 00,441,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped])
SRV - [2006/10/26 14:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
SRV - [2006/11/08 16:35:38 | 00,053,248 | ---- | M] (Hewlett-Packard) -- C:\WINDOWS\System32\HPZipm12.dll -- (Pml Driver HPZ12 [Auto | Running])
SRV - [2009/01/07 12:40:56 | 00,348,752 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsAuxs.exe -- (sdAuxService [Auto | Running])
SRV - [2009/09/24 20:03:46 | 00,182,768 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [On_Demand | Stopped])

========== Driver Services (SafeList) ==========

DRV - [2008/08/05 20:10:12 | 01,684,736 | ---- | M] (Creative) -- C:\WINDOWS\System32\drivers\Ambfilt.sys -- (Ambfilt [On_Demand | Stopped])
DRV - [2007/04/16 21:46:00 | 00,033,792 | ---- | M] (Advanced Micro Devices) -- C:\WINDOWS\System32\DRIVERS\AmdPPM.sys -- (AmdPPM [System | Running])
DRV - [2009/04/06 11:28:58 | 00,039,776 | ---- | M] () -- C:\Program Files\Embarq Online Security 8\Anti-Virus\Win2K\FSfilter.sys -- (F-Secure Filter [Disabled | Stopped])
DRV - [2009/09/18 01:12:40 | 00,099,960 | ---- | M] () -- C:\Program Files\Embarq Online Security 8\Anti-Virus\minifilter\fsgk.sys -- (F-Secure Gatekeeper [On_Demand | Running])
DRV - [2009/04/06 11:33:18 | 00,067,808 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Embarq Online Security 8\HIPS\drivers\fshs.sys -- (F-Secure HIPS [System | Running])
DRV - [2009/04/06 11:28:58 | 00,025,184 | ---- | M] () -- C:\Program Files\Embarq Online Security 8\Anti-Virus\Win2K\FSrec.sys -- (F-Secure Recognizer [Disabled | Stopped])
DRV - [2009/09/17 22:00:50 | 00,033,920 | ---- | M] () -- C:\WINDOWS\system32\Drivers\fsbts.sys -- (fsbts [Boot | Running])
DRV - [2009/04/06 11:29:46 | 00,079,872 | ---- | M] (F-Secure Corporation) -- C:\WINDOWS\System32\drivers\fsdfw.sys -- (FSFW [Boot | Running])
DRV - [2009/05/18 14:17:00 | 00,026,600 | ---- | M] (GEAR Software Inc.) -- C:\WINDOWS\System32\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM [On_Demand | Running])
DRV - [2008/04/13 12:36:05 | 00,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) -- C:\WINDOWS\System32\DRIVERS\HDAudBus.sys -- (HDAudBus [On_Demand | Running])
DRV - [2007/03/08 15:20:48 | 00,049,920 | ---- | M] (HP) -- C:\WINDOWS\System32\DRIVERS\HPZid412.sys -- (HPZid412 [On_Demand | Running])
DRV - [2007/03/08 15:20:49 | 00,016,496 | ---- | M] (HP) -- C:\WINDOWS\System32\DRIVERS\HPZipr12.sys -- (HPZipr12 [On_Demand | Running])
DRV - [2007/03/08 15:20:50 | 00,021,568 | ---- | M] (HP) -- C:\WINDOWS\System32\DRIVERS\HPZius12.sys -- (HPZius12 [On_Demand | Running])
DRV - [2009/09/11 21:45:48 | 05,911,552 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\RtkHDAud.sys -- (IntcAzAudAddService [On_Demand | Running])
DRV - [2004/08/04 01:41:35 | 00,606,684 | ---- | M] (LT) -- C:\WINDOWS\System32\DRIVERS\ltmdmnt.sys -- (ltmodem5 [On_Demand | Running])
DRV - [2006/01/04 15:41:48 | 01,389,056 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\System32\drivers\Monfilt.sys -- (Monfilt [On_Demand | Stopped])
DRV - [2008/09/17 23:55:00 | 06,132,576 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\DRIVERS\nv4_mini.sys -- (nv [On_Demand | Running])
DRV - [2008/08/01 18:36:20 | 00,054,784 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\DRIVERS\NVENETFD.sys -- (NVENETFD [On_Demand | Running])
DRV - [2008/08/01 18:36:26 | 00,022,016 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\DRIVERS\nvnetbus.sys -- (nvnetbus [On_Demand | Running])
DRV - [2003/03/31 15:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])
DRV - [2009/03/25 06:29:52 | 00,130,432 | ---- | M] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\System32\DRIVERS\Rtnicxp.sys -- (RTL8023xp [On_Demand | Running])
DRV - [2004/08/04 01:31:32 | 00,020,992 | ---- | M] (Realtek Semiconductor Corporation) -- C:\WINDOWS\System32\DRIVERS\RTL8139.SYS -- (rtl8139 [On_Demand | Stopped])
DRV - [2007/11/13 06:25:53 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped])
DRV - [2008/04/13 14:45:12 | 00,060,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbaudio.sys -- (usbaudio [On_Demand | Stopped])
DRV - [2003/01/10 17:13:04 | 00,033,588 | R--- | M] (America Online, Inc.) -- C:\WINDOWS\System32\DRIVERS\wanatw4.sys -- (wanatw [On_Demand | Running])

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - URLSearchHook: {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL Toolbar\aoltb.dll (AOL LLC)


IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-682003330-1580436667-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\S-1-5-21-682003330-1580436667-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
IE - HKU\S-1-5-21-682003330-1580436667-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.myembarq.com/
IE - URLSearchHook: {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL Toolbar\aoltb.dll (AOL LLC)
IE - HKU\S-1-5-21-682003330-1580436667-725345543-1004\S-1-5-21-682003330-1580436667-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-682003330-1580436667-725345543-1004\S-1-5-21-682003330-1580436667-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}:6.0.16
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.13


[2009/09/18 19:49:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Spidermonkey\Application Data\mozilla\Extensions
[2009/09/18 19:49:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Spidermonkey\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/09/18 19:49:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Spidermonkey\Application Data\mozilla\Firefox\Profiles\9a59ib8f.default\extensions
[2009/09/24 19:32:29 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/08/08 14:44:47 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/04/01 22:25:34 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[2009/09/05 18:00:32 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
[2009/08/08 14:44:40 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/08/08 14:44:40 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2009/05/01 17:02:48 | 01,044,480 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files\mozilla firefox\plugins\libdivx.dll
[2009/09/05 18:00:22 | 00,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeploytk.dll
[2009/05/12 14:46:20 | 01,650,992 | ---- | M] (DivX,Inc.) -- C:\Program Files\mozilla firefox\plugins\npdivx32.dll
[2009/08/08 14:44:43 | 00,065,528 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll
[2006/10/26 20:12:16 | 00,016,192 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL
[2009/08/28 21:36:57 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin.dll
[2009/08/28 21:36:57 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll
[2009/08/28 21:36:57 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll
[2009/08/28 21:36:57 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll
[2009/08/28 21:36:57 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll
[2009/08/28 21:36:57 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll
[2009/08/28 21:36:57 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll
[2009/07/08 14:21:38 | 00,032,456 | ---- | M] (NOS Microsystems Ltd.) -- C:\Program Files\mozilla firefox\plugins\np_gp.dll
[2009/05/01 17:02:48 | 00,200,704 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files\mozilla firefox\plugins\ssldivx.dll
[2009/05/31 02:41:32 | 00,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2009/05/31 02:41:32 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2009/05/31 02:41:32 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2009/05/31 02:41:32 | 00,002,343 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2009/05/31 02:41:32 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009/05/31 02:41:32 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2009/05/31 02:41:32 | 00,000,792 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml

O1 HOSTS File: (734 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (AOL Toolbar Loader) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL Toolbar\aoltb.dll (AOL LLC)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL Toolbar\aoltb.dll (AOL LLC)
O3 - HKU\S-1-5-21-682003330-1580436667-725345543-1004\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\S-1-5-21-682003330-1580436667-725345543-1004\..\Toolbar\WebBrowser: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL Toolbar\aoltb.dll (AOL LLC)
O4 - HKLM..\Run: [16944534] C:\Documents and Settings\All Users.WINDOWS\Application Data\16944534\16944534.exe File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [F-Secure Manager] C:\Program Files\Embarq Online Security 8\Common\FSM32.EXE (F-Secure Corporation)
O4 - HKLM..\Run: [F-Secure TNB] C:\Program Files\Embarq Online Security 8\FSGUI\TNBUtil.exe (F-Secure Corporation)
O4 - HKLM..\Run: [HostManager] C:\Program Files\Common Files\AOL\1253270060\ee\AOLSoftware.exe (AOL LLC)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe (Hewlett-Packard Co.)
O4 - HKLM..\Run: [ISTray] C:\Program Files\Spyware Doctor\pctsTray.exe (PC Tools)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Inc.)
O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [zawavereb] C:\WINDOWS\System32\kolifoko.DLL ()
O4 - HKU\S-1-5-21-682003330-1580436667-725345543-1004..\Run: [AOL Fast Start] C:\Program Files\AOL 9.1\AOL.EXE (AOL, LLC.)
O4 - HKU\S-1-5-21-682003330-1580436667-725345543-1004..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
O4 - Startup: C:\Documents and Settings\Jeff\Start Menu\Programs\Startup\Fanbase.lnk = C:\Program Files\Fanbase\Fanbase.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetActiveDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-682003330-1580436667-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-682003330-1580436667-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 0
O7 - HKU\S-1-5-21-682003330-1580436667-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetActiveDesktop = 0
O7 - HKU\S-1-5-21-682003330-1580436667-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 0
O8 - Extra context menu item: &AOL Toolbar Search - C:\Documents and Settings\All Users.WINDOWS\Application Data\AOL\ieToolbar\resources\en-US\local\search.html ()
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Embarq Online Security 8\FSPC\fspcmsie.dll (F-Secure Corporation)
O9 - Extra 'Tools' menuitem : Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Embarq Online Security 8\FSPC\fspcmsie.dll (F-Secure Corporation)
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Embarq Online Security 8\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Embarq Online Security 8\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Embarq Online Security 8\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\System32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\System32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files\Embarq Online Security 8\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-21-682003330-1580436667-725345543-1004\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O15 - HKU\S-1-5-21-682003330-1580436667-725345543-1004\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwa...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/...b?1253240351890 (WUWebControl Class)
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20270.www2.hp.com/ediags/gmn2/inst...tDetection2.cab (GMNRev Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} http://utilities.pcpitstop.com/da2/PCPitStop2.cab (PCPitstop Exam)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (c:\windows\system32\boserote.dll) - C:\WINDOWS\System32\boserote.dll File not found
O20 - AppInit_DLLs: (hupekepo.dll) - File not found
O20 - AppInit_DLLs: (c:\windows\system32\kolifoko.dll) - C:\WINDOWS\System32\kolifoko.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O21 - SSODL: digelopet - {4eb07c3b-b9d9-4629-ba4e-35c9394ecde0} - C:\WINDOWS\System32\kolifoko.dll ()
O21 - SSODL: papigetav - {a9cad2bb-071e-4f5e-848e-2d49eb110cbd} - C:\WINDOWS\System32\boserote.dll File not found
O22 - SharedTaskScheduler: {4eb07c3b-b9d9-4629-ba4e-35c9394ecde0} - gahurihor - C:\WINDOWS\System32\kolifoko.dll ()
O22 - SharedTaskScheduler: {a9cad2bb-071e-4f5e-848e-2d49eb110cbd} - tokatiluy - C:\WINDOWS\System32\boserote.dll File not found
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/10/31 01:20:24 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found

========== Files/Folders - Created Within 30 Days ==========

[4 C:\WINDOWS\*.tmp files]
[2009/09/24 20:11:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Spidermonkey\Local Settings\Application Data\Google
[2009/09/24 20:11:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Spidermonkey\Application Data\Google
[2009/09/24 20:03:40 | 00,000,000 | ---D | C] -- C:\Program Files\Google
[2009/09/24 20:03:40 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Google
[2009/09/23 19:57:10 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\trash
[2009/09/23 09:11:11 | 00,000,000 | ---D | C] -- C:\Program Files\ESET
[2009/09/23 01:44:30 | 00,000,743 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\PokerStars.lnk
[2009/09/23 01:43:59 | 00,000,000 | ---D | C] -- C:\Program Files\PokerStars
[2009/09/22 22:40:12 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Spidermonkey\Local Settings\Application Data\Adobe
[2009/09/22 22:39:33 | 00,001,736 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Adobe Reader 9.lnk
[2009/09/22 22:39:23 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Adobe
[2009/09/21 22:20:22 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Spidermonkey\Application Data\Apple Computer
[2009/09/21 22:20:10 | 00,002,137 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\iTunes.lnk
[2009/09/21 22:20:07 | 00,107,368 | ---- | C] (GEAR Software Inc.) -- C:\WINDOWS\System32\GEARAspi.dll
[2009/09/21 22:20:07 | 00,026,600 | ---- | C] (GEAR Software Inc.) -- C:\WINDOWS\System32\drivers\GEARAspiWDM.sys
[2009/09/21 22:19:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/09/21 22:18:36 | 00,001,611 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\QuickTime Player.lnk
[2009/09/21 22:18:05 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Apple Computer
[2009/09/21 22:17:22 | 00,000,284 | ---- | C] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/09/21 22:17:22 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Spidermonkey\Local Settings\Application Data\Apple
[2009/09/21 22:16:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Apple
[2009/09/21 22:15:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Spidermonkey\Local Settings\Application Data\Apple Computer
[2009/09/21 20:50:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Spidermonkey\Local Settings\Application Data\PCHealth
[2009/09/21 19:29:15 | 00,514,560 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Spidermonkey\Desktop\OTL.exe
[2009/09/21 18:53:59 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\19895.exe
[2009/09/21 18:53:03 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Spidermonkey\Application Data\Malwarebytes
[2009/09/21 18:52:56 | 00,000,703 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/09/21 18:52:53 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/09/21 18:52:51 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/09/21 18:52:51 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/09/21 18:52:51 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Malwarebytes
[2009/09/21 18:21:00 | 03,029,920 | ---- | C] () -- C:\Documents and Settings\Spidermonkey\My Documents\TheWoodSpider_1.wmv
[2009/09/21 18:17:45 | 00,084,625 | ---- | C] () -- C:\Documents and Settings\Spidermonkey\My Documents\ATT00076.jpg
[2009/09/21 18:01:32 | 00,143,444 | ---- | C] () -- C:\Documents and Settings\Spidermonkey\My Documents\EMT Driver Charged with Murder had Methadone in System at Time of Accident.docx
[2009/09/21 17:53:59 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\19718.exe
[2009/09/21 16:53:58 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\18716.exe
[2009/09/21 15:53:56 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\17421.exe
[2009/09/21 14:53:56 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\12382.exe
[2009/09/21 13:53:55 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\292.exe
[2009/09/21 12:53:55 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\153.exe
[2009/09/21 11:53:54 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\3902.exe
[2009/09/21 10:53:54 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\14604.exe
[2009/09/21 09:53:53 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\32391.exe
[2009/09/21 08:53:53 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\5436.exe
[2009/09/21 07:53:53 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\4827.exe
[2009/09/21 06:53:52 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\11942.exe
[2009/09/21 05:53:52 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\2995.exe
[2009/09/21 04:53:51 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\491.exe
[2009/09/21 03:53:51 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\9961.exe
[2009/09/21 02:53:50 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\16827.exe
[2009/09/21 01:53:50 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\23281.exe
[2009/09/20 15:38:21 | 00,472,064 | ---- | C] ( ) -- C:\Documents and Settings\Spidermonkey\Desktop\RootRepeal.exe
[2009/09/20 15:35:39 | 00,359,932 | ---- | C] () -- C:\Documents and Settings\Spidermonkey\Desktop\dds.scr
[2009/09/20 15:11:30 | 00,001,741 | ---- | C] () -- C:\Documents and Settings\Spidermonkey\Desktop\HijackThis.lnk
[2009/09/20 15:11:29 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009/09/19 14:12:06 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP
[2009/09/19 10:42:32 | 00,064,392 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctplsg.sys
[2009/09/19 10:42:32 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
[2009/09/19 10:42:29 | 00,000,000 | ---D | C] -- C:\Program Files\Spyware Doctor
[2009/09/19 10:42:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Spidermonkey\Application Data\PC Tools
[2009/09/19 10:42:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\PC Tools
[2009/09/19 07:01:29 | 00,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009/09/19 06:55:00 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\28145.exe
[2009/09/19 05:55:00 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\5705.exe
[2009/09/19 04:55:00 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\24464.exe
[2009/09/19 03:55:00 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\26962.exe
[2009/09/19 02:55:00 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\29358.exe
[2009/09/19 01:55:00 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\11478.exe
[2009/09/19 00:55:00 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\15724.exe
[2009/09/18 23:54:59 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\19169.exe
[2009/09/18 22:54:59 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\26500.exe
[2009/09/18 21:54:59 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\6334.exe
[2009/09/18 20:54:59 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\18467.exe
[2009/09/18 19:54:59 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\41.exe
[2009/09/18 19:49:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Spidermonkey\Local Settings\Application Data\Mozilla
[2009/09/18 19:49:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Spidermonkey\Application Data\Mozilla
[2009/09/18 15:58:00 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Spidermonkey\Application Data\Adobe
[2009/09/18 15:54:08 | 00,940,794 | ---- | C] () -- C:\WINDOWS\System32\LoopyMusic.wav
[2009/09/18 15:54:08 | 00,146,650 | ---- | C] () -- C:\WINDOWS\System32\BuzzingBee.wav
[2009/09/18 15:52:02 | 00,006,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\splitter.sys
[2009/09/18 15:52:02 | 00,006,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\splitter.sys
[2009/09/18 15:52:00 | 00,083,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\wdmaud.sys
[2009/09/18 15:52:00 | 00,083,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wdmaud.sys
[2009/09/18 15:52:00 | 00,052,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\DMusic.sys
[2009/09/18 15:52:00 | 00,052,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmusic.sys
[2009/09/18 15:51:58 | 00,056,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\swmidi.sys
[2009/09/18 15:51:58 | 00,056,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swmidi.sys
[2009/09/18 15:51:57 | 00,142,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\aec.sys
[2009/09/18 15:51:57 | 00,142,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aec.sys
[2009/09/18 15:51:56 | 00,172,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\kmixer.sys
[2009/09/18 15:51:56 | 00,172,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kmixer.sys
[2009/09/18 15:51:55 | 00,002,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmkaud.sys
[2009/09/18 15:51:55 | 00,002,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmkaud.sys
[2009/09/18 15:51:53 | 00,060,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sysaudio.sys
[2009/09/18 15:51:53 | 00,060,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sysaudio.sys
[2009/09/18 15:51:52 | 00,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\MSKSSRV.sys
[2009/09/18 15:51:52 | 00,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mskssrv.sys
[2009/09/18 15:51:51 | 00,004,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\MSPQM.sys
[2009/09/18 15:51:51 | 00,004,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspqm.sys
[2009/09/18 15:51:49 | 00,005,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\MSPCLOCK.sys
[2009/09/18 15:51:49 | 00,005,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspclock.sys
[2009/09/18 15:51:19 | 01,826,816 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SkyTel.exe
[2009/09/18 15:51:19 | 01,482,752 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RtlUpd.exe
[2009/09/18 15:51:19 | 00,880,640 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\RTSndMgr.CPL
[2009/09/18 15:51:19 | 00,405,504 | ---- | C] (Realtek Semiconductor Crop.) -- C:\WINDOWS\vncutil.exe
[2009/09/18 15:51:19 | 00,077,824 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE
[2009/09/18 15:51:18 | 09,715,200 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTLCPL.EXE
[2009/09/18 15:51:18 | 05,911,552 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\RtkHDAud.sys
[2009/09/18 15:51:18 | 00,041,472 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\RtkCoInstXP.dll
[2009/09/18 15:51:17 | 00,122,880 | ---- | C] (Realtek Semiconductor) -- C:\WINDOWS\RtkAudioService.exe
[2009/09/18 15:51:15 | 18,717,696 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.EXE
[2009/09/18 15:51:12 | 02,170,880 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\MicCal.exe
[2009/09/18 15:51:12 | 01,389,056 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\drivers\Monfilt.sys
[2009/09/18 15:51:08 | 02,808,832 | ---- | C] (RealTek Semicoductor Corp.) -- C:\WINDOWS\ALCWZRD.EXE
[2009/09/18 15:51:08 | 01,684,736 | ---- | C] (Creative) -- C:\WINDOWS\System32\drivers\Ambfilt.sys
[2009/09/18 15:51:08 | 00,278,528 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\ALSNDMGR.CPL
[2009/09/18 15:51:08 | 00,057,344 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\ALCMTR.EXE
[2009/09/18 15:51:01 | 00,831,488 | R--- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RtlExUpd.dll
[2009/09/18 15:31:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\PCPitstop
[2009/09/18 06:51:16 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Spidermonkey\Local Settings\Application Data\Microsoft Help
[2009/09/18 06:51:14 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft Help
[2009/09/18 06:38:56 | 02,785,792 | ---- | C] () -- C:\Documents and Settings\Spidermonkey\My Documents\BBQInvitation.pps
[2009/09/18 06:36:52 | 00,113,236 | ---- | C] () -- C:\VETlog.dmp
[2009/09/18 06:36:43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Spidermonkey\Application Data\Viewpoint
[2009/09/18 06:36:33 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Spidermonkey\Application Data\AOL
[2009/09/18 06:36:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Macromedia
[2009/09/18 06:36:17 | 00,000,619 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\AOL 9.1.lnk
[2009/09/18 06:35:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Viewpoint
[2009/09/18 06:35:07 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Documents\AOL Downloads
[2009/09/18 06:35:04 | 00,033,588 | R--- | C] (America Online, Inc.) -- C:\WINDOWS\System32\drivers\wanatw4.sys
[2009/09/18 06:34:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\AOL OCP
[2009/09/18 06:34:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Spidermonkey\Local Settings\Application Data\AOL
[2009/09/18 06:34:16 | 00,000,000 | ---D | C] -- C:\WINDOWS\aolshare
[2009/09/18 06:34:06 | 00,000,000 | ---D | C] -- C:\Program Files\AOL 9.1
[2009/09/18 06:34:06 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\AOL
[2009/09/18 04:05:03 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\AOL Downloads
[2009/09/18 04:05:02 | 00,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009/09/18 04:01:28 | 00,000,810 | ---- | C] () -- C:\Documents and Settings\Spidermonkey\Desktop\Internet Explorer.lnk
[2009/09/18 03:49:19 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Spidermonkey\Application Data\Macromedia
[2009/09/18 03:42:56 | 00,060,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\USBAUDIO.sys
[2009/09/18 03:42:55 | 00,146,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\portcls.sys
[2009/09/18 03:42:55 | 00,146,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\portcls.sys
[2009/09/18 03:42:55 | 00,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksproxy.ax
[2009/09/18 03:42:55 | 00,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksproxy.ax
[2009/09/18 03:42:55 | 00,060,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmk.sys
[2009/09/18 03:42:55 | 00,060,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmk.sys
[2009/09/18 03:42:55 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksuser.dll
[2009/09/18 03:42:55 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksuser.dll
[2009/09/18 03:40:31 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\WEBREG
[2009/09/18 03:39:44 | 00,001,865 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\HP Photosmart Essential 2.01.lnk
[2009/09/18 03:39:14 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\HPSSUPPLY
[2009/09/18 03:38:46 | 00,001,815 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2009/09/18 03:38:24 | 00,000,991 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\HP Solution Center.lnk
[2009/09/18 03:38:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\HP Product Assistant
[2009/09/18 03:38:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\HP
[2009/09/18 03:36:58 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Hewlett-Packard
[2009/09/18 03:36:43 | 00,117,760 | ---- | C] (Hewlett-Packard Company) -- C:\WINDOWS\System32\hpzll5ha.dll
[2009/09/18 03:36:32 | 00,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbscan.sys
[2009/09/18 03:36:32 | 00,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbscan.sys
[2009/09/18 03:36:26 | 00,267,864 | ---- | C] (Hewlett-Packard) -- C:\WINDOWS\System32\hpzids01.dll
[2009/09/18 03:36:23 | 00,675,840 | ---- | C] (Hewlett-Packard) -- C:\WINDOWS\System32\hpowiax3.dll
[2009/09/18 03:36:23 | 00,569,344 | ---- | C] (Hewlett-Packard Co.) -- C:\WINDOWS\System32\hpotscl3.dll
[2009/09/18 03:36:23 | 00,303,104 | ---- | C] (Hewlett-Packard Co.) -- C:\WINDOWS\System32\hpovst10.dll
[2009/09/18 03:36:08 | 00,026,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\USBSTOR.SYS
[2009/09/18 03:36:08 | 00,026,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbstor.sys
[2009/09/18 03:35:30 | 00,140,997 | ---- | C] () -- C:\WINDOWS\hpoins14.dat
[2009/09/18 03:35:30 | 00,002,000 | ---- | C] () -- C:\WINDOWS\hpomdl14.dat
[2009/09/18 03:34:30 | 00,506,560 | ---- | C] () -- C:\WINDOWS\System32\autorun.inf
[2009/09/18 03:22:28 | 00,000,000 | ---D | C] -- C:\WINDOWS\Downloaded Installations
[2009/09/18 03:17:00 | 00,446,464 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvunrm.exe
[2009/09/18 03:17:00 | 00,006,045 | ---- | C] () -- C:\WINDOWS\System32\nvnrm.nvu
[2009/09/18 03:17:00 | 00,004,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin
[2009/09/18 03:16:47 | 00,200,712 | ---- | C] () -- C:\WINDOWS\System32\nvapps.xml
[2009/09/18 03:16:36 | 00,453,152 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvuninst.exe
[2009/09/18 03:16:36 | 00,453,152 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvudisp.exe
[2009/09/18 03:16:36 | 00,018,394 | ---- | C] () -- C:\WINDOWS\System32\nvdisp.nvu
[2009/09/18 02:56:25 | 00,049,920 | ---- | C] (HP) -- C:\WINDOWS\System32\drivers\HPZid412.sys
[2009/09/18 02:56:25 | 00,016,496 | ---- | C] (HP) -- C:\WINDOWS\System32\drivers\HPZipr12.sys
[2009/09/18 02:25:48 | 00,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2009/09/18 02:06:06 | 00,121,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xmllite.dll
[2009/09/18 02:06:04 | 01,119,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmsdmoe2.dll
[2009/09/18 02:06:04 | 01,001,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmvdmoe2.dll
[2009/09/18 02:06:04 | 00,897,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmspdmoe.dll
[2009/09/18 02:06:04 | 00,809,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmvdmod.dll
[2009/09/18 02:06:04 | 00,759,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmsdmod.dll
[2009/09/18 02:06:04 | 00,485,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmspdmod.dll
[2009/09/18 02:06:04 | 00,303,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmstream.dll
[2009/09/18 02:06:04 | 00,278,559 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmv8ds32.ax
[2009/09/18 02:06:04 | 00,258,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmvds32.ax
[2009/09/18 02:06:04 | 00,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpns.dll
[2009/09/18 02:06:04 | 00,115,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmsdmoe.dll
[2009/09/18 02:06:04 | 00,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpshell.dll
[2009/09/18 02:06:04 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpui.dll
[2009/09/18 02:06:04 | 00,010,457 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.hta
[2009/09/18 02:06:04 | 00,001,771 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.css
[2009/09/18 02:06:04 | 00,000,855 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpocm.inf
[2009/09/18 02:06:04 | 00,000,420 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmploc.js
[2009/09/18 02:06:03 | 02,940,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmploc.dll
[2009/09/18 02:06:03 | 00,613,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.chm
[2009/09/18 02:06:03 | 00,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud7.wav
[2009/09/18 02:06:03 | 00,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud6.wav
[2009/09/18 02:06:03 | 00,276,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmphoto.dll
[2009/09/18 02:06:03 | 00,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud9.wav
[2009/09/18 02:06:03 | 00,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud8.wav
[2009/09/18 02:06:03 | 00,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud3.wav
[2009/09/18 02:06:03 | 00,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpband.dll
[2009/09/18 02:06:03 | 00,086,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud5.wav
[2009/09/18 02:06:03 | 00,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud4.wav
[2009/09/18 02:06:03 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmplayer.exe
[2009/09/18 02:06:03 | 00,067,374 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.adm
[2009/09/18 02:06:03 | 00,023,195 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplay.chm
[2009/09/18 02:06:03 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpcore.dll
[2009/09/18 02:06:03 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpcd.dll
[2009/09/18 02:06:02 | 00,354,468 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud1.wav
[2009/09/18 02:06:02 | 00,151,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmidx.dll
[2009/09/18 02:06:02 | 00,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpasf.dll
[2009/09/18 02:06:02 | 00,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud2.wav
[2009/09/18 02:06:02 | 00,029,070 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmp.inf
[2009/09/18 02:06:02 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmp.ocx
[2009/09/18 02:06:01 | 00,670,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmadmoe.dll
[2009/09/18 02:06:01 | 00,408,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmadmod.dll
[2009/09/18 02:06:01 | 00,168,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmerror.dll
[2009/09/18 02:06:01 | 00,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmdmlog.dll
[2009/09/18 02:06:01 | 00,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmdmps.dll
[2009/09/18 02:06:01 | 00,017,272 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmdm.inf
[2009/09/18 02:06:01 | 00,008,677 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm7.gif
[2009/09/18 02:06:01 | 00,007,892 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm9.gif
[2009/09/18 02:06:01 | 00,007,636 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm2.gif
[2009/09/18 02:06:01 | 00,007,369 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm4.gif
[2009/09/18 02:06:01 | 00,006,769 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmfsdk.inf
[2009/09/18 02:06:01 | 00,006,241 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm3.gif
[2009/09/18 02:06:01 | 00,006,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm6.gif
[2009/09/18 02:06:01 | 00,005,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm1.gif
[2009/09/18 02:06:01 | 00,004,193 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm8.gif
[2009/09/18 02:06:01 | 00,002,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm5.gif
[2009/09/18 02:06:00 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wlanapi.dll
[2009/09/18 02:05:59 | 00,712,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\windowscodecs.dll
[2009/09/18 02:05:59 | 00,346,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\windowscodecsext.dll
[2009/09/18 02:05:58 | 00,300,969 | ---- | C] () -- C:\WINDOWS\System32\dllcache\viz.wmv
[2009/09/18 02:05:58 | 00,017,489 | ---- | C] () -- C:\WINDOWS\System32\dllcache\videobg.gif
[2009/09/18 02:05:58 | 00,005,290 | ---- | C] () -- C:\WINDOWS\System32\dllcache\vidsamp.gif
[2009/09/18 02:05:56 | 00,208,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unregmp2.exe
[2009/09/18 02:05:55 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsgqec.dll
[2009/09/18 02:05:55 | 00,050,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tspkg.dll
[2009/09/18 02:05:54 | 00,023,829 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tourbg.gif
[2009/09/18 02:05:54 | 00,003,187 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tour.js
[2009/09/18 02:05:54 | 00,002,469 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplay.gif
[2009/09/18 02:05:54 | 00,002,450 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpause.gif
[2009/09/18 02:05:54 | 00,002,375 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplayh.gif
[2009/09/18 02:05:54 | 00,002,371 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpauseh.gif
[2009/09/18 02:05:53 | 00,001,398 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taon.gif
[2009/09/18 02:05:53 | 00,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taonh.gif
[2009/09/18 02:05:53 | 00,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoff.gif
[2009/09/18 02:05:53 | 00,001,367 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoffh.gif
[2009/09/18 02:05:50 | 00,086,016 | ---- | C] (Sipro Lab Telecom Inc.) -- C:\WINDOWS\System32\dllcache\sl_anet.acm
[2009/09/18 02:05:50 | 00,001,148 | ---- | C] () -- C:\WINDOWS\System32\dllcache\snd.htm
[2009/09/18 02:05:49 | 00,152,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shmedia.dll
[2009/09/18 02:05:49 | 00,000,908 | ---- | C] () -- C:\WINDOWS\System32\dllcache\skins.inf
[2009/09/18 02:05:48 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sffp_mmc.sys
[2009/09/18 02:05:47 | 00,774,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setup_wm.exe
[2009/09/18 02:05:47 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\setupn.exe
[2009/09/18 02:05:46 | 00,572,557 | ---- | C] () -- C:\WINDOWS\System32\dllcache\rtuner.wmv
[2009/09/18 02:05:45 | 00,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rhttpaa.dll
[2009/09/18 02:05:45 | 00,066,725 | ---- | C] () -- C:\WINDOWS\System32\dllcache\revert.wmz
[2009/09/18 02:05:44 | 00,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qutil.dll
[2009/09/18 02:05:44 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rasqec.dll
[2009/09/18 02:05:43 | 00,291,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qagentrt.dll
[2009/09/18 02:05:43 | 00,150,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qagent.dll
[2009/09/18 02:05:43 | 00,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qcliprov.dll
[2009/09/18 02:05:42 | 00,412,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\photometadatahandler.dll
[2009/09/18 02:05:42 | 00,077,307 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plyr_err.chm
[2009/09/18 02:05:42 | 00,001,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst6.wpl
[2009/09/18 02:05:42 | 00,001,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst5.wpl
[2009/09/18 02:05:42 | 00,001,474 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst3.wpl
[2009/09/18 02:05:42 | 00,001,451 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst12.wpl
[2009/09/18 02:05:42 | 00,001,448 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst4.wpl
[2009/09/18 02:05:42 | 00,001,250 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst1.wpl
[2009/09/18 02:05:42 | 00,001,049 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst2.wpl
[2009/09/18 02:05:42 | 00,001,046 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst7.wpl
[2009/09/18 02:05:42 | 00,001,036 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst8.wpl
[2009/09/18 02:05:42 | 00,000,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst11.wpl
[2009/09/18 02:05:42 | 00,000,787 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst10.wpl
[2009/09/18 02:05:42 | 00,000,784 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst9.wpl
[2009/09/18 02:05:42 | 00,000,783 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst13.wpl
[2009/09/18 02:05:42 | 00,000,775 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst14.wpl
[2009/09/18 02:05:42 | 00,000,733 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst15.wpl
[2009/09/18 02:05:41 | 00,144,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\onex.dll
[2009/09/18 02:05:39 | 00,375,519 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nuskin.wmv
[2009/09/18 02:05:38 | 00,226,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npdrmv2.dll
[2009/09/18 02:05:38 | 00,022,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npds.zip
[2009/09/18 02:05:38 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npwmsdrm.dll
[2009/09/18 02:05:38 | 00,000,403 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npdrmv2.zip
[2009/09/18 02:05:36 | 00,193,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napmontr.dll
[2009/09/18 02:05:36 | 00,176,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napstat.exe
[2009/09/18 02:05:36 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napipsec.dll
[2009/09/18 02:05:35 | 01,307,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml6.dll
[2009/09/18 02:05:35 | 01,307,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6.dll
[2009/09/18 02:05:35 | 00,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml6r.dll
[2009/09/18 02:05:35 | 00,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6r.dll
[2009/09/18 02:05:34 | 00,245,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mswmdm.dll
[2009/09/18 02:05:34 | 00,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msshavmsg.dll
[2009/09/18 02:05:33 | 00,356,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msscp.dll
[2009/09/18 02:05:33 | 00,201,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspmsp.dll
[2009/09/18 02:05:33 | 00,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mssha.dll
[2009/09/18 02:05:33 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msscds32.ax
[2009/09/18 02:05:33 | 00,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspmsnsv.dll
[2009/09/18 02:05:31 | 00,259,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msnetobj.dll
[2009/09/18 02:05:29 | 00,844,314 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdxm.ocx
[2009/09/18 02:05:29 | 00,004,126 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdxmlc.dll
[2009/09/18 02:05:28 | 00,294,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msaud32.acm
[2009/09/18 02:05:28 | 00,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadds32.ax
[2009/09/18 02:05:27 | 00,384,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mp4sdmod.dll
[2009/09/18 02:05:27 | 00,368,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpvis.dll
[2009/09/18 02:05:27 | 00,262,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpg4ds32.ax
[2009/09/18 02:05:27 | 00,240,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpg4dmod.dll
[2009/09/18 02:05:27 | 00,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplay32.exe
[2009/09/18 02:05:27 | 00,097,117 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.hlp
[2009/09/18 02:05:27 | 00,018,286 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.inf
[2009/09/18 02:05:27 | 00,004,639 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplayer2.exe
[2009/09/18 02:05:27 | 00,002,778 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogoh.gif
[2009/09/18 02:05:27 | 00,002,545 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogo.gif
[2009/09/18 02:05:27 | 00,001,885 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.cnt
[2009/09/18 02:05:26 | 00,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcex.dll
[2009/09/18 02:05:26 | 00,310,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mp43dmod.dll
[2009/09/18 02:05:26 | 00,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\microsoft.managementconsole.dll
[2009/09/18 02:05:26 | 00,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcfxcommon.dll
[2009/09/18 02:05:26 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcperf.exe
[2009/09/18 02:05:25 | 00,786,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migrate.exe
[2009/09/18 02:05:23 | 00,457,607 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mdlib.wmv
[2009/09/18 02:05:22 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\laprxy.dll
[2009/09/18 02:05:19 | 00,290,816 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\WINDOWS\System32\dllcache\l3codeca.acm
[2009/09/18 02:05:19 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kmsvc.dll
[2009/09/18 02:05:19 | 00,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\l2gpstore.dll
[2009/09/18 02:05:18 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpash.dll
[2009/09/18 02:05:17 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdnepr.dll
[2009/09/18 02:05:17 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdiultn.dll
[2009/09/18 02:05:17 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbhc.dll
[2009/09/18 02:05:13 | 00,001,261 | ---- | C] () -- C:\WINDOWS\System32\pid.inf
[2009/09/18 02:05:11 | 00,144,384 | ---- | C] (Windows ® Server 2003 DDK provider) -- C:\WINDOWS\System32\drivers\hdaudbus.sys
[2009/09/18 02:05:08 | 00,005,971 | ---- | C] () -- C:\WINDOWS\System32\dllcache\events.js
[2009/09/18 02:05:07 | 00,184,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapp3hst.dll
[2009/09/18 02:05:07 | 00,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapphost.dll
[2009/09/18 02:05:07 | 00,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappcfg.dll
[2009/09/18 02:05:07 | 00,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappgnui.dll
[2009/09/18 02:05:07 | 00,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapqec.dll
[2009/09/18 02:05:07 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappprxy.dll
[2009/09/18 02:05:07 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapsvc.dll
[2009/09/18 02:05:07 | 00,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapolqec.dll
[2009/09/18 02:05:06 | 00,695,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmv2clt.dll
[2009/09/18 02:05:06 | 00,299,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmclien.dll
[2009/09/18 02:05:06 | 00,087,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmstor.dll
[2009/09/18 02:05:05 | 00,650,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3ui.dll
[2009/09/18 02:05:05 | 00,132,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3svc.dll
[2009/09/18 02:05:05 | 00,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3cfg.dll
[2009/09/18 02:05:05 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3msm.dll
[2009/09/18 02:05:05 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3gpclnt.dll
[2009/09/18 02:05:05 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3api.dll
[2009/09/18 02:05:05 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3dlg.dll
[2009/09/18 02:05:04 | 00,294,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dlimport.exe
[2009/09/18 02:05:04 | 00,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dhcpqec.dll
[2009/09/18 02:05:04 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dimsroam.dll
[2009/09/18 02:05:04 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dimsntfy.dll
[2009/09/18 02:05:02 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\custsat.dll
[2009/09/18 02:05:02 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\credssp.dll
[2009/09/18 02:05:01 | 00,381,425 | ---- | C] () -- C:\WINDOWS\System32\dllcache\copycd.wmv
[2009/09/18 02:05:01 | 00,184,959 | ---- | C] () -- C:\WINDOWS\System32\dllcache\compact.wmz
[2009/09/18 02:05:01 | 00,009,585 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.css
[2009/09/18 02:05:01 | 00,008,298 | ---- | C] () -- C:\WINDOWS\System32\dllcache\contents.htm
[2009/09/18 02:05:01 | 00,006,878 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.js
[2009/09/18 02:05:01 | 00,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnth.gif
[2009/09/18 02:05:01 | 00,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnt.gif
[2009/09/18 02:05:01 | 00,000,772 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cntd.gif
[2009/09/18 02:05:00 | 00,000,760 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapph.gif
[2009/09/18 02:05:00 | 00,000,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapp.gif
[2009/09/18 02:04:59 | 00,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cewmdm.dll
[2009/09/18 02:04:58 | 00,286,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\blackbox.dll
[2009/09/18 02:04:58 | 00,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\azroles.dll
[2009/09/18 02:04:58 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx4.dll
[2009/09/18 02:04:58 | 00,000,999 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bktrh.gif
[2009/09/18 02:04:55 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asferror.dll
[2009/09/18 02:04:54 | 00,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\aaclient.dll
[2009/09/18 01:41:29 | 00,100,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iecompat.dll
[2009/09/18 01:41:22 | 00,594,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2009/09/18 01:41:22 | 00,246,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieproxy.dll
[2009/09/18 01:41:22 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2009/09/18 01:41:22 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpshims.dll
[2009/09/18 01:41:21 | 01,985,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2009/09/18 01:32:21 | 00,153,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\triedit.dll
[2009/09/18 01:31:25 | 00,046,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tzchange.exe
[2009/09/18 01:30:57 | 01,315,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoe.dll
[2009/09/18 01:30:51 | 02,066,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstscax.dll
[2009/09/18 01:28:16 | 00,401,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcss.dll
[2009/09/18 01:28:16 | 00,284,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pdh.dll
[2009/09/18 01:28:15 | 00,730,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lsasrv.dll
[2009/09/18 01:28:15 | 00,714,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntdll.dll
[2009/09/18 01:28:15 | 00,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\advapi32.dll
[2009/09/18 01:28:15 | 00,473,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fastprox.dll
[2009/09/18 01:28:15 | 00,453,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprvsd.dll
[2009/09/18 01:28:15 | 00,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprvse.exe
[2009/09/18 01:28:15 | 00,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\services.exe
[2009/09/18 01:28:14 | 02,189,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe
[2009/09/18 01:28:14 | 02,145,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe
[2009/09/18 01:28:14 | 02,023,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe
[2009/09/18 01:27:58 | 01,203,922 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sysmain.sdb
[2009/09/18 01:27:58 | 00,215,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wordpad.exe
[2009/09/18 01:27:58 | 00,002,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsp4res.dll
[2009/09/18 01:27:23 | 00,333,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srv.sys
[2009/09/18 01:26:38 | 00,455,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys
[2009/09/18 01:26:30 | 00,337,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netapi32.dll
[2009/09/18 01:26:26 | 00,331,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadce.dll
[2009/09/18 01:26:11 | 00,691,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcomm.dll
[2009/09/18 01:25:50 | 00,272,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthport.sys
[2009/09/18 01:25:47 | 00,203,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rmcast.sys
[2009/09/18 01:20:21 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Windows Genuine Advantage
[2009/09/18 01:18:23 | 00,000,508 | ---- | C] () -- C:\WINDOWS\tasks\Scheduled scanning task.job
[2009/09/18 01:17:26 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Spidermonkey\Application Data\F-Secure
[2009/09/18 01:12:41 | 00,069,232 | ---- | C] () -- C:\Documents and Settings\Spidermonkey\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009/09/18 01:00:32 | 00,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2009/09/17 22:43:08 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spnpinst.exe
[2009/09/17 22:43:07 | 00,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img
[2009/09/17 22:43:07 | 00,007,208 | ---- | C] () -- C:\WINDOWS\System32\secupd.sig
[2009/09/17 22:43:07 | 00,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2009/09/17 22:31:05 | 00,013,726 | ---- | C] () -- C:\WINDOWS\System32\wpa.bak
[2009/09/17 22:26:54 | 01,082,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\esent.dll
[2009/09/17 22:25:59 | 00,008,704 | ---- | C] () -- C:\Documents and Settings\Spidermonkey\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/09/17 22:22:13 | 00,026,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spupdsvc.exe
[2009/09/17 22:21:47 | 00,016,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2009/09/17 22:21:34 | 00,354,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winhttp.dll
[2009/09/17 22:21:34 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qmgrprxy.dll
[2009/09/17 22:21:34 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx2.dll
[2009/09/17 22:21:34 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx3.dll
[2009/09/17 22:19:42 | 00,561,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll
[2009/09/17 22:19:42 | 00,323,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll
[2009/09/17 22:19:42 | 00,213,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaucpl.cpl
[2009/09/17 22:19:42 | 00,043,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wups2.dll
[2009/09/17 22:19:42 | 00,034,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wups.dll
[2009/09/17 22:19:42 | 00,031,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll.mui
[2009/09/17 22:19:42 | 00,023,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaucpl.cpl.mui
[2009/09/17 22:19:42 | 00,023,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll.mui
[2009/09/17 22:19:42 | 00,018,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng.dll.mui
[2009/09/17 21:55:55 | 05,359,974 | -H-- | C] () -- C:\Documents and Settings\Spidermonkey\Local Settings\Application Data\IconCache.db
[2009/09/17 21:55:20 | 00,033,920 | ---- | C] () -- C:\WINDOWS\System32\drivers\fsbts.sys
[2009/09/17 21:55:14 | 00,079,872 | ---- | C] (F-Secure Corporation) -- C:\WINDOWS\System32\drivers\fsdfw.sys
[2009/09/17 21:54:40 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\fssg
[2009/09/17 21:53:16 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\f-secure
[2009/09/17 21:52:53 | 74,069,184 | ---- | C] (F-Secure Corporation) -- C:\Documents and Settings\Spidermonkey\Desktop\Embarq_RTM_8.02-109.exe
[2009/09/17 21:28:08 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Spidermonkey\Application Data\Identities
[2009/09/17 21:28:04 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Spidermonkey\My Documents\My Pictures
[2009/09/17 21:28:04 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Spidermonkey\My Documents\My Music
[2009/09/17 21:27:59 | 00,000,000 | --SD | C] -- C:\Documents and Settings\Spidermonkey\Application Data\Microsoft
[2009/09/17 21:27:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Spidermonkey\Local Settings\Application Data\Microsoft
[2009/09/17 21:24:17 | 00,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2009/09/17 21:23:31 | 00,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009/09/17 21:23:24 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winzm.ime
[2009/09/17 21:23:23 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winsp.ime
[2009/09/17 21:23:23 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winpy.ime
[2009/09/17 21:23:23 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winime.ime
[2009/09/17 21:23:22 | 00,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winar30.ime
[2009/09/17 21:23:22 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wingb.ime
[2009/09/17 21:23:20 | 00,041,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.dll
[2009/09/17 21:23:20 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.sys
[2009/09/17 21:23:19 | 00,426,041 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicepad.dll
[2009/09/17 21:23:19 | 00,086,073 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicesub.dll
[2009/09/17 21:23:19 | 00,048,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32.dll
[2009/09/17 21:23:17 | 00,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniime.dll
[2009/09/17 21:23:17 | 00,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unicdime.ime
[2009/09/17 21:23:16 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe
[2009/09/17 21:23:15 | 00,571,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlgnt.ime
[2009/09/17 21:23:15 | 00,455,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintsetp.exe
[2009/09/17 21:23:15 | 00,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\thawbrkr.dll
[2009/09/17 21:23:15 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlphr.exe
[2009/09/17 21:23:15 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmigrate.dll
[2009/09/17 21:23:14 | 00,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdipx.sys
[2009/09/17 21:23:14 | 00,019,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdspx.sys
[2009/09/17 21:23:14 | 00,013,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdasync.sys
[2009/09/17 21:23:12 | 00,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusbusd.dll
[2009/09/17 21:23:11 | 00,143,422 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\softkey.dll
[2009/09/17 21:23:11 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpstup.dll
[2009/09/17 21:23:11 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll
[2009/09/17 21:23:10 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb6w.dll
[2009/09/17 21:23:10 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma3w.dll
[2009/09/17 21:23:10 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsm.dll
[2009/09/17 21:23:10 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll
[2009/09/17 21:23:10 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpapi.dll
[2009/09/17 21:23:10 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smimsgif.dll
[2009/09/17 21:23:10 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsy.dll
[2009/09/17 21:23:09 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm9aw.dll
[2009/09/17 21:23:09 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm87w.dll
[2009/09/17 21:23:09 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm81w.dll
[2009/09/17 21:23:09 | 00,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8cw.dll
[2009/09/17 21:23:09 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm93w.dll
[2009/09/17 21:23:09 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm92w.dll
[2009/09/17 21:23:09 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm90w.dll
[2009/09/17 21:23:09 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8dw.dll
[2009/09/17 21:23:09 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8aw.dll
[2009/09/17 21:23:09 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm89w.dll
[2009/09/17 21:23:09 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm59w.dll
[2009/09/17 21:23:09 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\simptcp.dll
[2009/09/17 21:23:07 | 00,205,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seo.dll
[2009/09/17 21:23:07 | 00,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_scripto.dll
[2009/09/17 21:23:07 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seos.dll
[2009/09/17 21:23:06 | 00,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2009/09/17 21:23:06 | 00,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2009/09/17 21:23:06 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_rwnh.dll
[2009/09/17 21:23:05 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\romanime.ime
[2009/09/17 21:23:04 | 00,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe
[2009/09/17 21:23:04 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe
[2009/09/17 21:23:03 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quick.ime
[2009/09/17 21:23:03 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quser.exe
[2009/09/17 21:23:03 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe
[2009/09/17 21:23:02 | 00,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxviceo.dll
[2009/09/17 21:23:02 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxmcro.dll
[2009/09/17 21:23:02 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxgl.dll
[2009/09/17 21:23:01 | 00,482,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlgnt.ime
[2009/09/17 21:23:01 | 00,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2009/09/17 21:23:01 | 00,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phon.ime
[2009/09/17 21:23:01 | 00,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlphr.exe
[2009/09/17 21:23:01 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmigrate.dll
[2009/09/17 21:23:01 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlcsd.dll
[2009/09/17 21:23:00 | 00,036,927 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs411.dll
[2009/09/17 21:23:00 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs404.dll
[2009/09/17 21:23:00 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs804.dll
[2009/09/17 21:23:00 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs412.dll
[2009/09/17 21:22:58 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll
[2009/09/17 21:22:56 | 00,229,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\multibox.dll
[2009/09/17 21:22:52 | 01,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.lex
[2009/09/17 21:22:52 | 00,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.dll
[2009/09/17 21:22:48 | 00,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.sys
[2009/09/17 21:22:48 | 00,092,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.dll
[2009/09/17 21:22:48 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll
[2009/09/17 21:22:46 | 01,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2009/09/17 21:22:46 | 00,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\korwbrkr.dll
[2009/09/17 21:22:46 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdvntc.dll
[2009/09/17 21:22:46 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdusa.dll
[2009/09/17 21:22:45 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecat.dll
[2009/09/17 21:22:45 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecnt.dll
[2009/09/17 21:22:45 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnec95.dll
[2009/09/17 21:22:45 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth3.dll
[2009/09/17 21:22:45 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth2.dll
[2009/09/17 21:22:45 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdurdu.dll
[2009/09/17 21:22:45 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth1.dll
[2009/09/17 21:22:45 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth0.dll
[2009/09/17 21:22:45 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr2.dll
[2009/09/17 21:22:45 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr1.dll
[2009/09/17 21:22:44 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinpun.dll
[2009/09/17 21:22:44 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintel.dll
[2009/09/17 21:22:44 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintam.dll
[2009/09/17 21:22:44 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinmar.dll
[2009/09/17 21:22:44 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinkan.dll
[2009/09/17 21:22:44 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinhin.dll
[2009/09/17 21:22:44 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinguj.dll
[2009/09/17 21:22:44 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdindev.dll
[2009/09/17 21:22:43 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdheb.dll
[2009/09/17 21:22:43 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdfa.dll
[2009/09/17 21:22:43 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv2.dll
[2009/09/17 21:22:43 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv1.dll
[2009/09/17 21:22:43 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda3.dll
[2009/09/17 21:22:43 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda2.dll
[2009/09/17 21:22:43 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgeo.dll
[2009/09/17 21:22:43 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarmw.dll
[2009/09/17 21:22:43 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarme.dll
[2009/09/17 21:22:42 | 00,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jupiw.dll
[2009/09/17 21:22:42 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101a.dll
[2009/09/17 21:22:42 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda1.dll
[2009/09/17 21:22:40 | 00,471,102 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskdic.dll
[2009/09/17 21:22:40 | 00,315,455 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskf.dll
[2009/09/17 21:22:40 | 00,274,489 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputyc.dll
[2009/09/17 21:22:40 | 00,262,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputy.exe
[2009/09/17 21:22:40 | 00,102,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imlang.dll
[2009/09/17 21:22:40 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imkrinst.exe
[2009/09/17 21:22:40 | 00,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2009/09/17 21:22:40 | 00,045,109 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpuex.exe
[2009/09/17 21:22:39 | 00,233,527 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjprw.exe
[2009/09/17 21:22:39 | 00,208,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpmig.exe
[2009/09/17 21:22:38 | 00,811,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81k.dll
[2009/09/17 21:22:38 | 00,716,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcus.dll
[2009/09/17 21:22:38 | 00,368,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcic.dll
[2009/09/17 21:22:38 | 00,340,023 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81.ime
[2009/09/17 21:22:38 | 00,311,359 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsv.exe
[2009/09/17 21:22:38 | 00,307,257 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.exe
[2009/09/17 21:22:38 | 00,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2009/09/17 21:22:38 | 00,155,705 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdsvr.exe
[2009/09/17 21:22:38 | 00,081,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.dll
[2009/09/17 21:22:38 | 00,057,398 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdadm.exe
[2009/09/17 21:22:37 | 00,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2009/09/17 21:22:37 | 00,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrcic.dll
[2009/09/17 21:22:37 | 00,102,463 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsm.dll
[2009/09/17 21:22:37 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekr61.ime
[2009/09/17 21:22:37 | 00,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmbx.dll
[2009/09/17 21:22:37 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmig.exe
[2009/09/17 21:22:34 | 10,129,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxkor.dll
[2009/09/17 21:22:31 | 13,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2009/09/17 21:22:29 | 10,096,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxcht.dll
[2009/09/17 21:22:28 | 00,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2009/09/17 21:22:28 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hanjadic.dll
[2009/09/17 21:22:27 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsroute.dll
[2009/09/17 21:22:27 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssend.exe
[2009/09/17 21:22:26 | 00,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclntr.dll
[2009/09/17 21:22:26 | 00,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscfgwz.dll
[2009/09/17 21:22:26 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftlx041e.dll
[2009/09/17 21:22:25 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll
[2009/09/17 21:22:25 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe
[2009/09/17 21:22:24 | 00,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll
[2009/09/17 21:22:24 | 00,045,056 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll
[2009/09/17 21:22:24 | 00,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll
[2009/09/17 21:22:24 | 00,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\et4000.sys
[2009/09/17 21:22:23 | 00,514,587 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\edb500.dll
[2009/09/17 21:22:20 | 00,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dayi.ime
[2009/09/17 21:22:19 | 00,057,399 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cplexe.exe
[2009/09/17 21:22:19 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cprofile.exe
[2009/09/17 21:22:18 | 00,480,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintsetp.exe
[2009/09/17 21:22:18 | 00,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintime.dll
[2009/09/17 21:22:18 | 00,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2009/09/17 21:22:18 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtskdic.dll
[2009/09/17 21:22:18 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintlgnt.ime
[2009/09/17 21:22:17 | 01,677,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chsbrkr.dll
[2009/09/17 21:22:17 | 00,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtbrkr.dll
[2009/09/17 21:22:17 | 00,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtmbx.dll
[2009/09/17 21:22:17 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgport.exe
[2009/09/17 21:22:17 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgusr.exe
[2009/09/17 21:22:17 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chglogon.exe
[2009/09/17 21:22:17 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\change.exe
[2009/09/17 21:22:16 | 00,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chajei.ime
[2009/09/17 21:22:16 | 00,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2009/09/17 21:22:15 | 00,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_iscii.dll
[2009/09/17 21:22:15 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_is2022.dll
[2009/09/17 21:22:14 | 00,312,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqueue.dll
[2009/09/17 21:22:14 | 00,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll
[2009/09/17 21:22:13 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll
[2009/09/17 21:22:10 | 02,134,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpsnap.dll
[2009/09/17 21:22:10 | 00,175,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpadm.dll
[2009/09/17 21:22:00 | 00,002,577 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT
[2009/09/17 21:21:59 | 00,025,065 | ---- | C] () -- C:\WINDOWS\System32\wmpscheme.xml
[2009/09/17 21:21:58 | 00,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2009/09/17 21:21:58 | 00,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2009/09/17 21:21:57 | 00,299,552 | ---- | C] () -- C:\WINDOWS\WMSysPrx.prx
[2009/09/17 21:21:52 | 00,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mapi32.dll
[2009/09/17 21:21:52 | 00,000,006 | -H-- | C] () -- C:\WINDOWS\tasks\SA.DAT
[2009/09/17 21:21:16 | 00,000,488 | RH-- | C] () -- C:\WINDOWS\System32\WindowsLogon.manifest
[2009/09/17 21:21:16 | 00,000,488 | RH-- | C] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2009/09/17 21:21:12 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\WindowsShell.Manifest
[2009/09/17 21:21:12 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2009/09/17 21:21:12 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2009/09/17 21:21:12 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2009/09/17 21:21:12 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2009/09/17 21:21:12 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2009/09/17 21:21:03 | 04,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex
[2009/09/17 21:20:42 | 00,099,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helphost.exe
[2009/09/17 21:20:42 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrslv.dll
[2009/09/17 21:20:42 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrcdlg.dll
[2009/09/17 21:20:42 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\racpldlg.dll
[2009/09/17 21:20:42 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\notiflag.exe
[2009/09/17 21:20:42 | 00,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrdm.dll
[2009/09/17 21:20:42 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\brpinfo.dll
[2009/09/17 21:20:42 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atrace.dll
[2009/09/17 21:20:42 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\atrace.dll
[2009/09/17 21:20:42 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hcappres.dll
[2009/09/17 21:20:40 | 00,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2009/09/17 21:20:40 | 00,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2009/09/17 21:20:34 | 00,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srdiag.exe
[2009/09/17 21:20:33 | 00,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msg723.acm
[2009/09/17 21:20:33 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mnmsrvc.exe
[2009/09/17 21:20:33 | 00,032,768 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\isrdbg32.dll
[2009/09/17 21:20:33 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmevtmsg.dll
[2009/09/17 21:20:33 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmevtmsg.dll
[2009/09/17 21:20:33 | 00,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf
[2009/09/17 21:20:32 | 00,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\acctres.dll
[2009/09/17 21:20:32 | 00,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\acctres.dll
[2009/09/17 21:20:31 | 00,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetres.dll
[2009/09/17 21:20:30 | 00,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcfg.dll
[2009/09/17 21:20:30 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\isign32.dll
[2009/09/17 21:20:30 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwdial.dll
[2009/09/17 21:20:30 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwphbk.dll
[2009/09/17 21:20:30 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icfgnt5.dll
[2009/09/17 21:20:30 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icfgnt5.dll
[2009/09/17 21:20:28 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trialoc.dll
[2009/09/17 21:20:27 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwtutor.exe
[2009/09/17 21:20:27 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwres.dll
[2009/09/17 21:20:27 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isignup.exe
[2009/09/17 21:20:23 | 00,409,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qmgr.dll
[2009/09/17 21:20:19 | 00,239,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srrstr.dll
[2009/09/17 21:20:19 | 00,171,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srsvc.dll
[2009/09/17 21:20:18 | 00,364,544 | ---- | C] (Microsoft Corporation (written by Digital Renaissance Inc.)) -- C:\WINDOWS\System32\dllcache\npdsplay.dll
[2009/09/17 21:20:18 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ils.dll
[2009/09/17 21:20:18 | 00,073,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sr.sys
[2009/09/17 21:20:18 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srclient.dll
[2009/09/17 21:20:17 | 00,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msh261.drv
[2009/09/17 21:20:17 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msconf.dll
[2009/09/17 21:20:17 | 00,034,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mnmdd.dll
[2009/09/17 21:20:17 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmmkcert.dll
[2009/09/17 21:20:14 | 00,691,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcomm.dll
[2009/09/17 21:20:14 | 00,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoeacct.dll
[2009/09/17 21:20:14 | 00,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoert2.dll
[2009/09/17 21:20:13 | 00,274,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstask.dll
[2009/09/17 21:20:13 | 00,192,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\schedsvc.dll
[2009/09/17 21:20:13 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstinit.exe
[2009/09/17 21:20:06 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users.WINDOWS\Documents\My Pictures
[2009/09/17 21:20:06 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users.WINDOWS\Documents\My Music
[2009/09/17 21:20:02 | 00,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009/09/17 21:19:43 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\write.exe
[2009/09/17 21:19:43 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\write.exe
[2009/09/17 21:19:39 | 00,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\accwiz.exe
[2009/09/17 21:19:39 | 00,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndvol32.exe
[2009/09/17 21:19:39 | 00,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndvol32.exe
[2009/09/17 21:19:39 | 00,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndrec32.exe
[2009/09/17 21:19:39 | 00,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\access.cpl
[2009/09/17 21:19:39 | 00,044,544 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\hticons.dll
[2009/09/17 21:19:38 | 00,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avtapi.dll
[2009/09/17 21:19:38 | 00,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avtapi.dll
[2009/09/17 21:19:38 | 00,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avwav.dll
[2009/09/17 21:19:38 | 00,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avwav.dll
[2009/09/17 21:19:38 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winchat.exe
[2009/09/17 21:19:38 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winchat.exe
[2009/09/17 21:19:38 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avmeter.dll
[2009/09/17 21:19:38 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avmeter.dll
[2009/09/17 21:19:35 | 00,065,978 | ---- | C] () -- C:\WINDOWS\Soap Bubbles.bmp
[2009/09/17 21:19:35 | 00,065,954 | ---- | C] () -- C:\WINDOWS\Prairie Wind.bmp
[2009/09/17 21:19:35 | 00,065,832 | ---- | C] () -- C:\WINDOWS\Santa Fe Stucco.bmp
[2009/09/17 21:19:35 | 00,026,680 | ---- | C] () -- C:\WINDOWS\River Sumida.bmp
[2009/09/17 21:19:35 | 00,026,582 | ---- | C] () -- C:\WINDOWS\Greenstone.bmp
[2009/09/17 21:19:35 | 00,017,362 | ---- | C] () -- C:\WINDOWS\Rhododendron.bmp
[2009/09/17 21:19:35 | 00,017,336 | ---- | C] () -- C:\WINDOWS\Gone Fishing.bmp
[2009/09/17 21:19:35 | 00,017,062 | ---- | C] () -- C:\WINDOWS\Coffee Bean.bmp
[2009/09/17 21:19:35 | 00,016,730 | ---- | C] () -- C:\WINDOWS\FeatherTexture.bmp
[2009/09/17 21:19:35 | 00,009,522 | ---- | C] () -- C:\WINDOWS\Zapotec.bmp
[2009/09/17 21:19:35 | 00,001,272 | ---- | C] () -- C:\WINDOWS\Blue Lace 16.bmp
[2009/09/17 21:19:34 | 00,605,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\getuname.dll
[2009/09/17 21:19:34 | 00,605,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\getuname.dll
[2009/09/17 21:19:34 | 00,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\calc.exe
[2009/09/17 21:19:34 | 00,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\calc.exe
[2009/09/17 21:19:34 | 00,093,702 | ---- | C] () -- C:\WINDOWS\System32\subrange.uce
[2009/09/17 21:19:34 | 00,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\charmap.exe
[2009/09/17 21:19:34 | 00,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\charmap.exe
[2009/09/17 21:19:34 | 00,060,458 | ---- | C] () -- C:\WINDOWS\System32\ideograf.uce
[2009/09/17 21:19:34 | 00,024,006 | ---- | C] () -- C:\WINDOWS\System32\gb2312.uce
[2009/09/17 21:19:34 | 00,022,984 | ---- | C] () -- C:\WINDOWS\System32\bopomofo.uce
[2009/09/17 21:19:34 | 00,016,740 | ---- | C] () -- C:\WINDOWS\System32\shiftjis.uce
[2009/09/17 21:19:34 | 00,012,876 | ---- | C] () -- C:\WINDOWS\System32\korean.uce
[2009/09/17 21:19:34 | 00,008,484 | ---- | C] () -- C:\WINDOWS\System32\kanji_2.uce
[2009/09/17 21:19:34 | 00,006,948 | ---- | C] () -- C:\WINDOWS\System32\kanji_1.uce
[2009/09/17 21:19:33 | 00,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mshearts.exe
[2009/09/17 21:19:33 | 00,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshearts.exe
[2009/09/17 21:19:33 | 00,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winmine.exe
[2009/09/17 21:19:33 | 00,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmine.exe
[2009/09/17 21:19:33 | 00,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sol.exe
[2009/09/17 21:19:33 | 00,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sol.exe
[2009/09/17 21:19:33 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\freecell.exe
[2009/09/17 21:19:33 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\freecell.exe
[2009/09/17 21:19:33 | 00,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tdtcp.sys
[2009/09/17 21:19:33 | 00,012,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tdpipe.sys
[2009/09/17 21:19:32 | 00,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdshost.exe
[2009/09/17 21:19:32 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\regini.exe
[2009/09/17 21:19:32 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\regini.exe
[2009/09/17 21:19:32 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qwinsta.exe
[2009/09/17 21:19:32 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qwinsta.exe
[2009/09/17 21:19:32 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msg.exe
[2009/09/17 21:19:32 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msg.exe
[2009/09/17 21:19:32 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qprocess.exe
[2009/09/17 21:19:32 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsshutdn.exe
[2009/09/17 21:19:32 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qappsrv.exe
[2009/09/17 21:19:32 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsshutdn.exe
[2009/09/17 21:19:32 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qappsrv.exe
[2009/09/17 21:19:32 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tskill.exe
[2009/09/17 21:19:32 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tskill.exe
[2009/09/17 21:19:32 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rwinsta.exe
[2009/09/17 21:19:32 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rwinsta.exe
[2009/09/17 21:19:32 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\logoff.exe
[2009/09/17 21:19:32 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logoff.exe
[2009/09/17 21:19:32 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsdiscon.exe
[2009/09/17 21:19:32 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscon.exe
[2009/09/17 21:19:32 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\shadow.exe
[2009/09/17 21:19:32 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsdiscon.exe
[2009/09/17 21:19:32 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscon.exe
[2009/09/17 21:19:32 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shadow.exe
[2009/09/17 21:19:32 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\reset.exe
[2009/09/17 21:19:32 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\reset.exe
[2009/09/17 21:19:32 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpcfgex.dll
[2009/09/17 21:19:32 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpcfgex.dll
[2009/09/17 21:19:32 | 00,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h
[2009/09/17 21:19:32 | 00,001,161 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2009/09/17 21:19:31 | 00,956,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtctm.dll
[2009/09/17 21:19:31 | 00,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcuiu.dll
[2009/09/17 21:19:31 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtclog.dll
[2009/09/17 21:19:31 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cdmodem.dll
[2009/09/17 21:19:31 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cdmodem.dll
[2009/09/17 21:19:31 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xolehlp.dll
[2009/09/17 21:19:31 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtc.exe
[2009/09/17 21:19:31 | 00,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h
[2009/09/17 21:19:30 | 00,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comrepl.dll
[2009/09/17 21:19:30 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\colbact.dll
[2009/09/17 21:19:30 | 00,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\stclient.dll
[2009/09/17 21:19:30 | 00,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxlegih.dll
[2009/09/17 21:19:30 | 00,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxdm.dll
[2009/09/17 21:19:30 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comaddin.dll
[2009/09/17 21:19:30 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtsadmin.tlb
[2009/09/17 21:19:30 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dcomcnfg.exe
[2009/09/17 21:19:30 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxex.dll
[2009/09/17 21:19:29 | 00,539,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comuid.dll
[2009/09/17 21:19:29 | 00,498,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clbcatq.dll
[2009/09/17 21:19:29 | 00,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrv.dll
[2009/09/17 21:19:29 | 00,167,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsnap.dll
[2009/09/17 21:19:29 | 00,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clbcatex.dll
[2009/09/17 21:19:29 | 00,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvps.dll
[2009/09/17 21:19:29 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmi2xml.dll
[2009/09/17 21:19:27 | 00,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmitimep.dll
[2009/09/17 21:19:26 | 00,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\updprov.dll
[2009/09/17 21:19:26 | 00,075,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipicmp.dll
[2009/09/17 21:19:26 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmplprov.dll
[2009/09/17 21:19:26 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmimsg.dll
[2009/09/17 21:19:26 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemdisp.tlb
[2009/09/17 21:19:26 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trnsprov.dll
[2009/09/17 21:19:26 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpcons.dll
[2009/09/17 21:19:26 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.tlb
[2009/09/17 21:19:26 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unsecapp.exe
[2009/09/17 21:19:26 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmtr.dll
[2009/09/17 21:19:26 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmt.exe
[2009/09/17 21:19:26 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.dll
[2009/09/17 21:19:25 | 00,273,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msiprov.dll
[2009/09/17 21:19:25 | 00,120,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsprov.dll
[2009/09/17 21:19:25 | 00,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc
[2009/09/17 21:19:25 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fwdprov.dll
[2009/09/17 21:19:24 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\servdeps.dll
[2009/09/17 21:19:24 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmfutil.dll
[2009/09/17 21:19:23 | 00,343,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mspaint.exe
[2009/09/17 21:19:23 | 00,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmprops.dll
[2009/09/17 21:19:23 | 00,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mplay32.exe
[2009/09/17 21:19:23 | 00,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clipbrd.exe
[2009/09/17 21:19:22 | 02,066,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstscax.dll
[2009/09/17 21:19:22 | 01,809,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng.dll
[2009/09/17 21:19:22 | 01,809,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaueng.dll
[2009/09/17 21:19:22 | 00,677,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstsc.exe
[2009/09/17 21:19:22 | 00,538,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spider.exe
[2009/09/17 21:19:22 | 00,139,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rdpwd.sys
[2009/09/17 21:19:22 | 00,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscfgwmi.dll
[2009/09/17 21:19:22 | 00,051,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauclt.exe
[2009/09/17 21:19:22 | 00,051,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauclt.exe
[2009/09/17 21:19:22 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauserv.dll
[2009/09/17 21:19:21 | 00,428,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcprx.dll
[2009/09/17 21:19:21 | 00,295,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\termsrv.dll
[2009/09/17 21:19:21 | 00,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdchost.dll
[2009/09/17 21:19:21 | 00,141,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sessmgr.exe
[2009/09/17 21:19:21 | 00,087,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpwsx.dll
[2009/09/17 21:19:21 | 00,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpclip.exe
[2009/09/17 21:19:21 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\remotepg.dll
[2009/09/17 21:19:21 | 00,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscupgrd.exe
[2009/09/17 21:19:21 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cfgbkend.dll
[2009/09/17 21:19:21 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpsnd.dll
[2009/09/17 21:19:21 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdsaddin.exe
[2009/09/17 21:19:21 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icaapi.dll
[2009/09/17 21:19:20 | 01,267,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsvcs.dll
[2009/09/17 21:19:20 | 00,625,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvut.dll
[2009/09/17 21:19:17 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\licwmi.dll
[2009/09/17 21:19:11 | 00,196,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rdpdr.sys
[2009/09/17 21:19:11 | 00,040,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\termdd.sys
[2009/09/17 16:50:54 | 00,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\audstub.sys
[2009/09/17 16:50:46 | 00,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbprint.sys
[2009/09/17 16:50:45 | 00,057,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\redbook.sys
[2009/09/17 16:50:38 | 00,606,684 | ---- | C] (LT) -- C:\WINDOWS\System32\drivers\ltmdmnt.sys
[2009/09/17 16:50:37 | 00,020,992 | ---- | C] (Realtek Semiconductor Corporation) -- C:\WINDOWS\System32\drivers\rtl8139.sys
[2009/09/17 16:50:31 | 00,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\usbui.dll
[2009/09/17 16:48:53 | 00,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2009/09/17 16:48:47 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28603.nls
[2009/09/17 16:48:46 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_857.nls
[2009/09/17 16:48:46 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28599.nls
[2009/09/17 16:48:46 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10081.nls
[2009/09/17 16:48:46 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuq.dll
[2009/09/17 16:48:46 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuf.dll
[2009/09/17 16:48:46 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtuq.dll
[2009/09/17 16:48:46 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtuf.dll
[2009/09/17 16:48:46 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdazel.dll
[2009/09/17 16:48:46 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdazel.dll
[2009/09/17 16:48:45 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28595.NLS
[2009/09/17 16:48:45 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10017.nls
[2009/09/17 16:48:45 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10007.nls
[2009/09/17 16:48:45 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycc.dll
[2009/09/17 16:48:45 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbduzb.dll
[2009/09/17 16:48:45 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdur.dll
[2009/09/17 16:48:45 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtat.dll
[2009/09/17 16:48:45 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru1.dll
[2009/09/17 16:48:45 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru.dll
[2009/09/17 16:48:45 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmon.dll
[2009/09/17 16:48:45 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkyr.dll
[2009/09/17 16:48:45 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkaz.dll
[2009/09/17 16:48:45 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbu.dll
[2009/09/17 16:48:45 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdblr.dll
[2009/09/17 16:48:45 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdaze.dll
[2009/09/17 16:48:45 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdycc.dll
[2009/09/17 16:48:45 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbduzb.dll
[2009/09/17 16:48:45 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdur.dll
[2009/09/17 16:48:45 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtat.dll
[2009/09/17 16:48:45 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdru1.dll
[2009/09/17 16:48:45 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdru.dll
[2009/09/17 16:48:45 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdmon.dll
[2009/09/17 16:48:45 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkyr.dll
[2009/09/17 16:48:45 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkaz.dll
[2009/09/17 16:48:45 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdbu.dll
[2009/09/17 16:48:45 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdblr.dll
[2009/09/17 16:48:45 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdaze.dll
[2009/09/17 16:48:44 | 00,008,192 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhept.dll
[2009/09/17 16:48:44 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhept.dll
[2009/09/17 16:48:44 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela3.dll
[2009/09/17 16:48:44 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhela3.dll
[2009/09/17 16:48:44 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela2.dll
[2009/09/17 16:48:44 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdgkl.dll
[2009/09/17 16:48:44 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhela2.dll
[2009/09/17 16:48:44 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgkl.dll
[2009/09/17 16:48:44 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe319.dll
[2009/09/17 16:48:44 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe220.dll
[2009/09/17 16:48:44 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe.dll
[2009/09/17 16:48:44 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe319.dll
[2009/09/17 16:48:44 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe220.dll
[2009/09/17 16:48:44 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe.dll
[2009/09/17 16:48:43 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_869.nls
[2009/09/17 16:48:43 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_737.nls
[2009/09/17 16:48:43 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_875.nls
[2009/09/17 16:48:43 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28597.NLS
[2009/09/17 16:48:43 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10006.nls
[2009/09/17 16:48:43 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv1.dll
[2009/09/17 16:48:43 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv.dll
[2009/09/17 16:48:43 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdest.dll
[2009/09/17 16:48:43 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlv1.dll
[2009/09/17 16:48:43 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlv.dll
[2009/09/17 16:48:43 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdest.dll
[2009/09/17 16:48:43 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt1.dll
[2009/09/17 16:48:43 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt.dll
[2009/09/17 16:48:43 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlt1.dll
[2009/09/17 16:48:43 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlt.dll
[2009/09/17 16:48:42 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_866.nls
[2009/09/17 16:48:42 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_855.nls
[2009/09/17 16:48:42 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28594.NLS
[2009/09/17 16:48:41 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_852.nls
[2009/09/17 16:48:41 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10082.nls
[2009/09/17 16:48:41 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10029.nls
[2009/09/17 16:48:41 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10010.nls
[2009/09/17 16:48:41 | 00,007,168 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz.dll
[2009/09/17 16:48:41 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz.dll
[2009/09/17 16:48:41 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycl.dll
[2009/09/17 16:48:41 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl1.dll
[2009/09/17 16:48:41 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl.dll
[2009/09/17 16:48:41 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpl.dll
[2009/09/17 16:48:41 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu.dll
[2009/09/17 16:48:41 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz2.dll
[2009/09/17 16:48:41 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz1.dll
[2009/09/17 16:48:41 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcr.dll
[2009/09/17 16:48:41 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\KBDAL.DLL
[2009/09/17 16:48:41 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdycl.dll
[2009/09/17 16:48:41 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsl1.dll
[2009/09/17 16:48:41 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsl.dll
[2009/09/17 16:48:41 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdpl.dll
[2009/09/17 16:48:41 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhu.dll
[2009/09/17 16:48:41 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz2.dll
[2009/09/17 16:48:41 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz1.dll
[2009/09/17 16:48:41 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcr.dll
[2009/09/17 16:48:41 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdal.dll
[2009/09/17 16:48:41 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdro.dll
[2009/09/17 16:48:41 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpl1.dll
[2009/09/17 16:48:41 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu1.dll
[2009/09/17 16:48:41 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdro.dll
[2009/09/17 16:48:41 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdpl1.dll
[2009/09/17 16:48:41 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhu1.dll
[2009/09/17 16:48:40 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_20127.nls
[2009/09/17 16:48:39 | 00,176,157 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dllcache\dgrpsetu.dll
[2009/09/17 16:48:39 | 00,176,157 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dgrpsetu.dll
[2009/09/17 16:48:39 | 00,103,424 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\EqnClass.Dll
[2009/09/17 16:48:39 | 00,103,424 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqnclass.dll
[2009/09/17 16:48:39 | 00,085,020 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dllcache\dgsetup.dll
[2009/09/17 16:48:39 | 00,085,020 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dgsetup.dll
[2009/09/17 16:48:39 | 00,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\spxcoins.dll
[2009/09/17 16:48:39 | 00,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxcoins.dll
[2009/09/17 16:48:39 | 00,013,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wfwnet.drv
[2009/09/17 16:48:39 | 00,013,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\WFWNET.DRV
[2009/09/17 16:48:39 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irclass.dll
[2009/09/17 16:48:39 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irclass.dll
[2009/09/17 16:48:39 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\irenum.sys
[2009/09/17 16:48:39 | 00,009,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ver.dll
[2009/09/17 16:48:39 | 00,009,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VER.DLL
[2009/09/17 16:48:39 | 00,002,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vga.drv
[2009/09/17 16:48:39 | 00,002,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VGA.DRV
[2009/09/17 16:48:38 | 00,126,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msvideo.dll
[2009/09/17 16:48:38 | 00,126,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MSVIDEO.DLL
[2009/09/17 16:48:38 | 00,109,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avifile.dll
[2009/09/17 16:48:38 | 00,109,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVIFILE.DLL
[2009/09/17 16:48:38 | 00,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\olecli.dll
[2009/09/17 16:48:38 | 00,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLECLI.DLL
[2009/09/17 16:48:38 | 00,073,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mciavi.drv
[2009/09/17 16:48:38 | 00,073,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIAVI.DRV
[2009/09/17 16:48:38 | 00,069,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avicap.dll
[2009/09/17 16:48:38 | 00,069,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVICAP.DLL
[2009/09/17 16:48:38 | 00,068,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\mmsystem.dll
[2009/09/17 16:48:38 | 00,032,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\commdlg.dll
[2009/09/17 16:48:38 | 00,032,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\COMMDLG.DLL
[2009/09/17 16:48:38 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mciwave.drv
[2009/09/17 16:48:38 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIWAVE.DRV
[2009/09/17 16:48:38 | 00,025,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mciseq.drv
[2009/09/17 16:48:38 | 00,025,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCISEQ.DRV
[2009/09/17 16:48:38 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\olesvr.dll
[2009/09/17 16:48:38 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLESVR.DLL
[2009/09/17 16:48:38 | 00,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tapi.dll
[2009/09/17 16:48:38 | 00,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TAPI.DLL
[2009/09/17 16:48:38 | 00,009,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lzexpand.dll
[2009/09/17 16:48:38 | 00,009,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\LZEXPAND.DLL
[2009/09/17 16:48:38 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shell.dll
[2009/09/17 16:48:38 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SHELL.DLL
[2009/09/17 16:48:38 | 00,004,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\timer.drv
[2009/09/17 16:48:38 | 00,004,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TIMER.DRV
[2009/09/17 16:48:38 | 00,003,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\system.drv
[2009/09/17 16:48:38 | 00,003,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SYSTEM.DRV
[2009/09/17 16:48:38 | 00,002,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mouse.drv
[2009/09/17 16:48:38 | 00,002,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MOUSE.DRV
[2009/09/17 16:48:38 | 00,002,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\keyboard.drv
[2009/09/17 16:48:38 | 00,002,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\KEYBOARD.DRV
[2009/09/17 16:48:38 | 00,001,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sound.drv
[2009/09/17 16:48:38 | 00,001,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SOUND.DRV
[2009/09/17 16:48:38 | 00,001,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mmtask.tsk
[2009/09/17 16:48:38 | 00,001,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MMTASK.TSK
[2009/09/17 16:48:37 | 00,146,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\winspool.drv
[2009/09/17 16:48:37 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\notepad.exe
[2009/09/17 16:48:37 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\TASKMAN.EXE
[2009/09/17 16:48:37 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\taskman.exe
[2009/09/17 16:48:37 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\batt.dll
[2009/09/17 16:48:37 | 00,001,688 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2009/09/17 16:48:36 | 00,074,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\storprop.dll
[2009/09/17 16:48:32 | 00,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2009/09/17 16:48:32 | 00,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2009/09/17 16:48:32 | 00,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2009/09/17 16:48:32 | 00,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2009/09/17 16:48:32 | 00,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2009/09/17 16:48:32 | 00,007,029 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2009/09/17 16:48:19 | 00,000,000 | --SD | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft
[2009/09/17 16:48:01 | 00,264,616 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/09/17 16:47:15 | 00,000,237 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf
[2009/09/16 08:07:31 | 00,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2009/09/15 19:38:39 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Games
[2009/09/07 16:09:48 | 00,000,000 | ---D | C] -- C:\Program Files\termma
[2009/09/05 17:58:42 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2009/09/05 01:54:48 | 00,094,208 | ---- | C] (Apple Inc.) -- C:\WINDOWS\System32\QuickTimeVR.qtx
[2009/09/05 01:54:48 | 00,069,632 | ---- | C] (Apple Inc.) -- C:\WINDOWS\System32\QuickTime.qts
[2009/06/23 19:57:06 | 00,088,576 | -HS- | C] () -- C:\WINDOWS\System32\kolifoko.dll
[2009/06/23 19:57:06 | 00,037,376 | -HS- | C] () -- C:\WINDOWS\System32\fahuhuli.dll
[2009/03/03 12:18:04 | 00,073,728 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2008/09/17 23:55:00 | 01,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2008/09/17 23:55:00 | 01,503,232 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2008/09/17 23:55:00 | 01,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2008/09/17 23:55:00 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008/09/17 23:55:00 | 00,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2003/03/31 15:00:00 | 00,000,702 | ---- | C] () -- C:\WINDOWS\win.ini
[2003/03/31 15:00:00 | 00,000,231 | ---- | C] () -- C:\WINDOWS\system.ini

========== Files - Modified Within 30 Days ==========

[1 C:\WINDOWS\System32\*.tmp files]
[4 C:\WINDOWS\*.tmp files]
[2009/09/25 08:51:21 | 00,113,236 | ---- | M] () -- C:\VETlog.dmp
[2009/09/25 06:13:26 | 00,000,702 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/09/25 00:03:41 | 00,000,508 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled scanning task.job
[2009/09/24 18:01:11 | 00,069,232 | ---- | M] () -- C:\Documents and Settings\Spidermonkey\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009/09/24 08:21:27 | 00,200,712 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2009/09/24 08:20:58 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/09/24 08:20:57 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/09/23 20:41:05 | 00,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009/09/23 20:40:45 | 05,359,974 | -H-- | M] () -- C:\Documents and Settings\Spidermonkey\Local Settings\Application Data\IconCache.db
[2009/09/23 20:33:47 | 00,011,168 | -H-- | M] () -- C:\WINDOWS\System32\nobusewa
[2009/09/23 19:57:10 | 01,082,916 | -HS- | M] () -- C:\WINDOWS\System32\roturule.exe
[2009/09/23 19:57:07 | 00,088,576 | -HS- | M] () -- C:\WINDOWS\System32\kolifoko.dll
[2009/09/23 19:57:06 | 00,037,376 | -HS- | M] () -- C:\WINDOWS\System32\fahuhuli.dll
[2009/09/23 08:06:00 | 00,013,726 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/09/23 02:47:56 | 00,002,137 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\iTunes.lnk
[2009/09/23 01:44:30 | 00,000,743 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\PokerStars.lnk
[2009/09/22 23:55:30 | 00,001,736 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Adobe Reader 9.lnk
[2009/09/22 16:07:06 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/09/21 23:40:25 | 00,264,616 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/09/21 22:18:36 | 00,001,611 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\QuickTime Player.lnk
[2009/09/21 19:29:17 | 00,514,560 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Spidermonkey\Desktop\OTL.exe
[2009/09/21 18:53:59 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\19895.exe
[2009/09/21 18:52:56 | 00,000,703 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/09/21 18:21:12 | 03,029,920 | ---- | M] () -- C:\Documents and Settings\Spidermonkey\My Documents\TheWoodSpider_1.wmv
[2009/09/21 18:17:46 | 00,084,625 | ---- | M] () -- C:\Documents and Settings\Spidermonkey\My Documents\ATT00076.jpg
[2009/09/21 18:01:32 | 00,143,444 | ---- | M] () -- C:\Documents and Settings\Spidermonkey\My Documents\EMT Driver Charged with Murder had Methadone in System at Time of Accident.docx
[2009/09/21 17:53:59 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\19718.exe
[2009/09/21 16:53:58 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\18716.exe
[2009/09/21 15:53:56 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\17421.exe
[2009/09/21 14:53:56 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\12382.exe
[2009/09/21 13:53:55 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\292.exe
[2009/09/21 12:53:55 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\153.exe
[2009/09/21 11:53:54 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\3902.exe
[2009/09/21 10:53:54 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\14604.exe
[2009/09/21 09:53:53 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\32391.exe
[2009/09/21 08:53:53 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\5436.exe
[2009/09/21 07:53:53 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\4827.exe
[2009/09/21 06:53:52 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\11942.exe
[2009/09/21 05:53:52 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\2995.exe
[2009/09/21 04:53:51 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\491.exe
[2009/09/21 03:53:51 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\9961.exe
[2009/09/21 02:53:50 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\16827.exe
[2009/09/21 01:53:50 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\23281.exe
[2009/09/21 00:53:49 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\28145.exe
[2009/09/20 23:53:49 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\5705.exe
[2009/09/20 22:53:48 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\24464.exe
[2009/09/20 21:53:48 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\26962.exe
[2009/09/20 20:53:47 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\29358.exe
[2009/09/20 19:53:47 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\11478.exe
[2009/09/20 18:53:46 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\15724.exe
[2009/09/20 17:53:46 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\19169.exe
[2009/09/20 16:53:45 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\26500.exe
[2009/09/20 15:53:44 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\6334.exe
[2009/09/20 15:38:22 | 00,472,064 | ---- | M] ( ) -- C:\Documents and Settings\Spidermonkey\Desktop\RootRepeal.exe
[2009/09/20 15:35:39 | 00,359,932 | ---- | M] () -- C:\Documents and Settings\Spidermonkey\Desktop\dds.scr
[2009/09/20 15:11:30 | 00,001,741 | ---- | M] () -- C:\Documents and Settings\Spidermonkey\Desktop\HijackThis.lnk
[2009/09/20 14:53:43 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\18467.exe
[2009/09/20 13:53:43 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\41.exe
[2009/09/18 15:54:08 | 00,940,794 | ---- | M] () -- C:\WINDOWS\System32\LoopyMusic.wav
[2009/09/18 15:54:08 | 00,146,650 | ---- | M] () -- C:\WINDOWS\System32\BuzzingBee.wav
[2009/09/18 06:39:09 | 02,785,792 | ---- | M] () -- C:\Documents and Settings\Spidermonkey\My Documents\BBQInvitation.pps
[2009/09/18 06:36:17 | 00,000,619 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\AOL 9.1.lnk
[2009/09/18 06:36:15 | 00,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2009/09/18 04:05:02 | 00,000,335 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2009/09/18 04:01:28 | 00,000,810 | ---- | M] () -- C:\Documents and Settings\Spidermonkey\Desktop\Internet Explorer.lnk
[2009/09/18 03:40:23 | 00,140,997 | ---- | M] () -- C:\WINDOWS\hpoins14.dat
[2009/09/18 03:39:44 | 00,001,865 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\HP Photosmart Essential 2.01.lnk
[2009/09/18 03:38:46 | 00,001,815 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2009/09/18 03:38:24 | 00,000,991 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\HP Solution Center.lnk
[2009/09/18 03:07:32 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/09/18 02:27:30 | 00,318,732 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/09/18 02:27:30 | 00,043,236 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/09/18 02:27:29 | 00,367,288 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/09/18 02:14:39 | 00,250,048 | RHS- | M] () -- C:\ntldr
[2009/09/18 01:00:37 | 00,000,316 | RHS- | M] () -- C:\boot.ini
[2009/09/18 00:55:33 | 00,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2009/09/17 22:31:04 | 00,013,726 | ---- | M] () -- C:\WINDOWS\System32\wpa.bak
[2009/09/17 22:26:04 | 00,008,704 | ---- | M] () -- C:\Documents and Settings\Spidermonkey\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/09/17 22:00:50 | 00,033,920 | ---- | M] () -- C:\WINDOWS\System32\drivers\fsbts.sys
[2009/09/17 21:52:53 | 74,069,184 | ---- | M] (F-Secure Corporation) -- C:\Documents and Settings\Spidermonkey\Desktop\Embarq_RTM_8.02-109.exe
[2009/09/17 21:28:08 | 00,025,065 | ---- | M] () -- C:\WINDOWS\System32\wmpscheme.xml
[2009/09/17 21:24:17 | 00,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD
[2009/09/17 21:23:33 | 00,000,237 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2009/09/17 21:22:00 | 00,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2009/09/17 21:22:00 | 00,000,000 | ---- | M] () -- C:\WINDOWS\control.ini
[2009/09/17 21:21:58 | 00,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2009/09/17 21:21:58 | 00,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2009/09/17 21:21:57 | 00,299,552 | ---- | M] () -- C:\WINDOWS\WMSysPrx.prx
[2009/09/17 21:21:52 | 00,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2009/09/17 21:21:16 | 00,000,488 | RH-- | M] () -- C:\WINDOWS\System32\WindowsLogon.manifest
[2009/09/17 21:21:16 | 00,000,488 | RH-- | M] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2009/09/17 21:21:12 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\WindowsShell.Manifest
[2009/09/17 21:21:12 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2009/09/17 21:21:12 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2009/09/17 21:21:12 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2009/09/17 21:21:12 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2009/09/17 21:21:12 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2009/09/17 21:20:02 | 00,021,640 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009/09/17 21:20:00 | 00,000,037 | ---- | M] () -- C:\WINDOWS\vbaddin.ini
[2009/09/17 21:20:00 | 00,000,036 | ---- | M] () -- C:\WINDOWS\vb.ini
[2009/09/17 16:48:48 | 00,000,231 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/09/11 21:45:48 | 05,911,552 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\RtkHDAud.sys
[2009/09/11 13:33:48 | 18,717,696 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.EXE
[2009/09/10 14:54:06 | 00,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/09/10 14:53:50 | 00,019,160 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/09/05 01:54:48 | 00,094,208 | ---- | M] (Apple Inc.) -- C:\WINDOWS\System32\QuickTimeVR.qtx
[2009/09/05 01:54:48 | 00,069,632 | ---- | M] (Apple Inc.) -- C:\WINDOWS\System32\QuickTime.qts
[2009/09/03 21:30:30 | 00,405,504 | ---- | M] (Realtek Semiconductor Crop.) -- C:\WINDOWS\vncutil.exe
[2009/09/02 14:56:14 | 00,041,472 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\RtkCoInstXP.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 128 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:DFC5A2B2
< End of report >

#9 Buckeye_Sam

Buckeye_Sam

    Malware Expert


  • Members
  • 17,382 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Pickerington, Ohio
  • Local time:12:02 PM

Posted 25 September 2009 - 06:30 PM

Run OTL.exe
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL
    O4 - HKLM..\Run: [16944534] C:\Documents and Settings\All Users.WINDOWS\Application Data\16944534\16944534.exe File not found
    O4 - HKLM..\Run: [zawavereb] C:\WINDOWS\System32\kolifoko.DLL ()
    O20 - AppInit_DLLs: (c:\windows\system32\boserote.dll) - C:\WINDOWS\System32\boserote.dll File not found
    O20 - AppInit_DLLs: (hupekepo.dll) - File not found
    O20 - AppInit_DLLs: (c:\windows\system32\kolifoko.dll) - C:\WINDOWS\System32\kolifoko.dll ()
    O21 - SSODL: digelopet - {4eb07c3b-b9d9-4629-ba4e-35c9394ecde0} - C:\WINDOWS\System32\kolifoko.dll ()
    O21 - SSODL: papigetav - {a9cad2bb-071e-4f5e-848e-2d49eb110cbd} - C:\WINDOWS\System32\boserote.dll File not found
    O22 - SharedTaskScheduler: {4eb07c3b-b9d9-4629-ba4e-35c9394ecde0} - gahurihor - C:\WINDOWS\System32\kolifoko.dll ()
    O22 - SharedTaskScheduler: {a9cad2bb-071e-4f5e-848e-2d49eb110cbd} - tokatiluy - C:\WINDOWS\System32\boserote.dll File not found
    
    
    :Files
    C:\WINDOWS\*.tmp
    C:\WINDOWS\System32\19895.exe
    C:\WINDOWS\System32\19718.exe
    C:\WINDOWS\System32\18716.exe
    C:\WINDOWS\System32\17421.exe
    C:\WINDOWS\System32\12382.exe
    C:\WINDOWS\System32\292.exe
    C:\WINDOWS\System32\153.exe
    C:\WINDOWS\System32\3902.exe
    C:\WINDOWS\System32\14604.exe
    C:\WINDOWS\System32\32391.exe
    C:\WINDOWS\System32\5436.exe
    C:\WINDOWS\System32\4827.exe
    C:\WINDOWS\System32\11942.exe
    C:\WINDOWS\System32\2995.exe
    C:\WINDOWS\System32\491.exe
    C:\WINDOWS\System32\9961.exe
    C:\WINDOWS\System32\16827.exe
    C:\WINDOWS\System32\23281.exe
    C:\WINDOWS\System32\28145.exe
    C:\WINDOWS\System32\5705.exe
    C:\WINDOWS\System32\24464.exe
    C:\WINDOWS\System32\26962.exe
    C:\WINDOWS\System32\29358.exe
    C:\WINDOWS\System32\11478.exe
    C:\WINDOWS\System32\15724.exe
    C:\WINDOWS\System32\19169.exe
    C:\WINDOWS\System32\26500.exe
    C:\WINDOWS\System32\6334.exe
    C:\WINDOWS\System32\18467.exe
    C:\WINDOWS\System32\41.exe
    C:\WINDOWS\System32\roturule.exe
    C:\WINDOWS\System32\kolifoko.dll
    C:\WINDOWS\System32\fahuhuli.dll
    C:\Documents and Settings\Jeff\Local Settings\Temp\*.0xe
    C:\Documents and Settings\Jeff\Local Settings\Temp\*.exe
    :Commands
    [purity]
    [emptytemp]
    [Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot when it is done
  • You will get a log that shows the results of the fix. Please post it.
  • Then also run and post a new OTL log.

Posted Image If I have helped you in any way, please consider a donation to help me continue the fight against malware.


Failing to respond back to the person that is giving up their own time to help you not only is insensitive and disrespectful, but it guarantees that you will never receive help from me again. Please thank your helpers and there will always be help here when you need it!


========================================================

#10 Spidermonkey

Spidermonkey
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:01:02 PM

Posted 26 September 2009 - 02:30 AM

All processes killed
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\16944534 not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\zawavereb deleted successfully.
File C:\WINDOWS\System32\kolifoko.DLL not found.
Registry delete failed. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:c:\windows\system32\boserote.dll scheduled to be deleted on reboot.
Registry delete failed. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:hupekepo.dll scheduled to be deleted on reboot.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:c:\windows\system32\kolifoko.dll deleted successfully.
File C:\WINDOWS\System32\kolifoko.dll not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\digelopet deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4eb07c3b-b9d9-4629-ba4e-35c9394ecde0}\ deleted successfully.
File C:\WINDOWS\System32\kolifoko.dll not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\papigetav not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a9cad2bb-071e-4f5e-848e-2d49eb110cbd}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\\{4eb07c3b-b9d9-4629-ba4e-35c9394ecde0} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4eb07c3b-b9d9-4629-ba4e-35c9394ecde0}\ not found.
File C:\WINDOWS\System32\kolifoko.dll not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\\{a9cad2bb-071e-4f5e-848e-2d49eb110cbd} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a9cad2bb-071e-4f5e-848e-2d49eb110cbd}\ not found.
========== FILES ==========
File\Folder C:\WINDOWS\*.tmp not found.
File\Folder C:\WINDOWS\System32\19895.exe not found.
File\Folder C:\WINDOWS\System32\19718.exe not found.
File\Folder C:\WINDOWS\System32\18716.exe not found.
File\Folder C:\WINDOWS\System32\17421.exe not found.
File\Folder C:\WINDOWS\System32\12382.exe not found.
File\Folder C:\WINDOWS\System32\292.exe not found.
File\Folder C:\WINDOWS\System32\153.exe not found.
File\Folder C:\WINDOWS\System32\3902.exe not found.
File\Folder C:\WINDOWS\System32\14604.exe not found.
File\Folder C:\WINDOWS\System32\32391.exe not found.
File\Folder C:\WINDOWS\System32\5436.exe not found.
File\Folder C:\WINDOWS\System32\4827.exe not found.
File\Folder C:\WINDOWS\System32\11942.exe not found.
File\Folder C:\WINDOWS\System32\2995.exe not found.
File\Folder C:\WINDOWS\System32\491.exe not found.
File\Folder C:\WINDOWS\System32\9961.exe not found.
File\Folder C:\WINDOWS\System32\16827.exe not found.
File\Folder C:\WINDOWS\System32\23281.exe not found.
File\Folder C:\WINDOWS\System32\28145.exe not found.
File\Folder C:\WINDOWS\System32\5705.exe not found.
File\Folder C:\WINDOWS\System32\24464.exe not found.
File\Folder C:\WINDOWS\System32\26962.exe not found.
File\Folder C:\WINDOWS\System32\29358.exe not found.
File\Folder C:\WINDOWS\System32\11478.exe not found.
File\Folder C:\WINDOWS\System32\15724.exe not found.
File\Folder C:\WINDOWS\System32\19169.exe not found.
File\Folder C:\WINDOWS\System32\26500.exe not found.
File\Folder C:\WINDOWS\System32\6334.exe not found.
File\Folder C:\WINDOWS\System32\18467.exe not found.
File\Folder C:\WINDOWS\System32\41.exe not found.
File\Folder C:\WINDOWS\System32\roturule.exe not found.
File\Folder C:\WINDOWS\System32\kolifoko.dll not found.
File\Folder C:\WINDOWS\System32\fahuhuli.dll not found.
File\Folder C:\Documents and Settings\Jeff\Local Settings\Temp\*.0xe not found.
File\Folder C:\Documents and Settings\Jeff\Local Settings\Temp\*.exe not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: All Users

User: All Users.WINDOWS

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User.WINDOWS
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Hedgehogness
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Jeff
->Temp folder emptied: 701197356 bytes
->Temporary Internet Files folder emptied: 171365274 bytes
->Java cache emptied: 139812968 bytes
->FireFox cache emptied: 97089411 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService.NT AUTHORITY
->Temp folder emptied: 0 bytes
File delete failed. C:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
->Temporary Internet Files folder emptied: 2853263 bytes

User: my documents

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 91813613 bytes

User: NetworkService.NT AUTHORITY
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 487129 bytes

User: Ryan
->Temp folder emptied: 6227210 bytes
->Temporary Internet Files folder emptied: 63954911 bytes
->Java cache emptied: 25493434 bytes
->FireFox cache emptied: 3168423 bytes

User: Spidermonkey
->Temp folder emptied: 591803579 bytes
->Temporary Internet Files folder emptied: 103741200 bytes
->FireFox cache emptied: 53277294 bytes

User: Stef
->Temp folder emptied: 10892006 bytes
->Temporary Internet Files folder emptied: 389857143 bytes
->Java cache emptied: 8433242 bytes
->FireFox cache emptied: 33573191 bytes

User: Stef.WILLIAMSFAMILY
->Temp folder emptied: 4250097 bytes
->Temporary Internet Files folder emptied: 66551 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 2577 bytes
Windows Temp folder emptied: 5968457 bytes
RecycleBin emptied: 119977386 bytes

Total Files Cleaned = -1592.22 mb


OTL by OldTimer - Version 3.0.14.0 log created on 09252009_203656

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...
Registry delete failed. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:c:\windows\system32\boserote.dll scheduled to be deleted on reboot.
Registry delete failed. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:hupekepo.dll scheduled to be deleted on reboot.

OTL logfile created on: 9/25/2009 8:54:40 PM - Run 3
OTL by OldTimer - Version 3.0.14.0 Folder = C:\Documents and Settings\Spidermonkey\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

958.42 Mb Total Physical Memory | 383.36 Mb Available Physical Memory | 40.00% Memory free
2.26 Gb Paging File | 1.69 Gb Available in Paging File | 74.96% Paging File free
Paging file location(s): C:\pagefile.sys 1440 2880 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 298.09 Gb Total Space | 235.15 Gb Free Space | 78.89% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: WILLIAMSFAMILY
Current User Name: Spidermonkey
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2006/10/23 08:50:35 | 00,046,640 | R--- | M] (AOL LLC) -- C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
PRC - [2009/05/29 13:41:26 | 00,144,712 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2009/04/06 11:28:54 | 00,215,648 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Embarq Online Security 8\Anti-Virus\fsgk32st.exe
PRC - [2009/04/06 11:34:16 | 00,117,400 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Embarq Online Security 8\Common\FSMA32.EXE
PRC - [2009/04/06 11:28:54 | 00,440,416 | ---- | M] (F-Secure Corp.) -- C:\Program Files\Embarq Online Security 8\Anti-Virus\FSGK32.EXE
PRC - [2009/04/06 11:34:18 | 00,232,088 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Embarq Online Security 8\Common\FSMB32.EXE
PRC - [2008/09/17 23:55:00 | 00,163,908 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvsvc32.exe
PRC - [2009/01/07 12:40:56 | 00,348,752 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsAuxs.exe
PRC - [2009/04/06 11:34:12 | 00,125,592 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Embarq Online Security 8\Common\FCH32.EXE
PRC - [2009/04/06 11:34:10 | 00,404,064 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Embarq Online Security 8\Common\FAMEH32.EXE
PRC - [2009/04/06 11:28:54 | 00,043,680 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Embarq Online Security 8\Anti-Virus\fsqh.exe
PRC - [2009/04/06 11:34:46 | 00,707,168 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Embarq Online Security 8\FSPC\fspc.exe
PRC - [2009/04/06 11:35:58 | 00,055,904 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Embarq Online Security 8\ORSP Client\fsorsp.exe
PRC - [2009/04/06 11:29:48 | 00,510,560 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Embarq Online Security 8\FWES\Program\fsdfwd.exe
PRC - [2009/04/06 11:28:56 | 00,519,776 | ---- | M] (F-Secure Corp.) -- C:\Program Files\Embarq Online Security 8\Anti-Virus\fssm32.exe
PRC - [2009/04/06 11:27:58 | 00,490,080 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Embarq Online Security 8\FSAUA\program\fsaua.exe
PRC - [2009/04/09 07:43:06 | 00,174,688 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Embarq Online Security 8\FSAUA\program\fsus.exe
PRC - [2009/04/06 11:28:52 | 00,349,280 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Embarq Online Security 8\Anti-Virus\fsav32.exe
PRC - [2008/04/13 20:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
PRC - [2009/04/06 11:34:14 | 00,182,936 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Embarq Online Security 8\Common\FSM32.EXE
PRC - [2007/03/11 22:34:40 | 00,049,152 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
PRC - [2008/06/24 14:34:50 | 00,041,824 | ---- | M] (AOL LLC) -- C:\Program Files\Common Files\AOL\1253270060\ee\AOLSoftware.exe
PRC - [2009/04/06 11:32:52 | 00,604,768 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Embarq Online Security 8\FSGUI\fsguidll.exe
PRC - [2009/09/11 13:33:48 | 18,717,696 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.EXE
PRC - [2009/07/22 22:44:50 | 01,181,064 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsTray.exe
PRC - [2009/09/08 21:09:42 | 00,305,440 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe
PRC - [2009/02/27 17:10:28 | 00,035,696 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
PRC - [2008/11/06 07:42:59 | 00,039,208 | ---- | M] (AOL, LLC.) -- C:\Program Files\AOL 9.1\waol.exe
PRC - [2007/03/11 22:26:24 | 00,210,520 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
PRC - [2009/09/08 21:09:30 | 00,545,568 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
PRC - [2007/03/11 22:32:42 | 00,151,552 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
PRC - [2008/11/06 07:42:59 | 00,054,568 | ---- | M] (AOL, LLC.) -- C:\Program Files\AOL 9.1\shellmon.exe
PRC - [2009/09/21 19:29:17 | 00,514,560 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Spidermonkey\Desktop\OTL.exe

========== Win32 Services (SafeList) ==========

SRV - [2006/10/23 08:50:35 | 00,046,640 | R--- | M] (AOL LLC) -- C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe -- (AOL ACS [Auto | Running])
SRV - [2009/05/29 13:41:26 | 00,144,712 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device [Auto | Running])
SRV - [2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Running])
SRV - [2009/04/06 11:28:54 | 00,215,648 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Embarq Online Security 8\Anti-Virus\fsgk32st.exe -- (F-Secure Gatekeeper Handler Starter [Auto | Running])
SRV - [2009/04/06 11:27:58 | 00,490,080 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Embarq Online Security 8\FSAUA\program\fsaua.exe -- (FSAUA [On_Demand | Running])
SRV - [2009/04/06 11:29:48 | 00,510,560 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Embarq Online Security 8\FWES\Program\fsdfwd.exe -- (FSDFWD [On_Demand | Running])
SRV - [2009/04/06 11:34:16 | 00,117,400 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Embarq Online Security 8\Common\FSMA32.EXE -- (FSMA [Auto | Running])
SRV - [2009/04/06 11:35:58 | 00,055,904 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Embarq Online Security 8\ORSP Client\fsorsp.exe -- (FSORSPClient [On_Demand | Running])
SRV - [2009/09/24 20:03:46 | 00,182,768 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [On_Demand | Stopped])
SRV - [2008/04/13 20:12:02 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2007/06/04 22:14:50 | 00,217,088 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll -- (hpqcxs08 [On_Demand | Running])
SRV - [2007/06/04 22:14:50 | 00,131,072 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll -- (hpqddsvc [Auto | Running])
SRV - [2009/09/08 21:09:30 | 00,545,568 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service [On_Demand | Running])
SRV - [2006/11/08 16:35:36 | 00,043,520 | ---- | M] (Hewlett-Packard) -- C:\WINDOWS\System32\HPZinw12.dll -- (Net Driver HPZ12 [Auto | Running])
SRV - [2008/09/17 23:55:00 | 00,163,908 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvsvc32.exe -- (NVSvc [Auto | Running])
SRV - [2006/10/26 19:49:34 | 00,441,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped])
SRV - [2006/10/26 14:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
SRV - [2006/11/08 16:35:38 | 00,053,248 | ---- | M] (Hewlett-Packard) -- C:\WINDOWS\System32\HPZipm12.dll -- (Pml Driver HPZ12 [Auto | Running])
SRV - [2009/01/07 12:40:56 | 00,348,752 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsAuxs.exe -- (sdAuxService [Auto | Running])

========== Driver Services (SafeList) ==========

DRV - [2008/08/05 20:10:12 | 01,684,736 | ---- | M] (Creative) -- C:\WINDOWS\System32\drivers\Ambfilt.sys -- (Ambfilt [On_Demand | Stopped])
DRV - [2007/04/16 21:46:00 | 00,033,792 | ---- | M] (Advanced Micro Devices) -- C:\WINDOWS\System32\DRIVERS\AmdPPM.sys -- (AmdPPM [System | Running])
DRV - [2009/04/06 11:28:58 | 00,039,776 | ---- | M] () -- C:\Program Files\Embarq Online Security 8\Anti-Virus\Win2K\FSfilter.sys -- (F-Secure Filter [Disabled | Stopped])
DRV - [2009/09/18 01:12:40 | 00,099,960 | ---- | M] () -- C:\Program Files\Embarq Online Security 8\Anti-Virus\minifilter\fsgk.sys -- (F-Secure Gatekeeper [On_Demand | Running])
DRV - [2009/04/06 11:33:18 | 00,067,808 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Embarq Online Security 8\HIPS\drivers\fshs.sys -- (F-Secure HIPS [System | Running])
DRV - [2009/04/06 11:28:58 | 00,025,184 | ---- | M] () -- C:\Program Files\Embarq Online Security 8\Anti-Virus\Win2K\FSrec.sys -- (F-Secure Recognizer [Disabled | Stopped])
DRV - [2009/09/17 22:00:50 | 00,033,920 | ---- | M] () -- C:\WINDOWS\system32\Drivers\fsbts.sys -- (fsbts [Boot | Running])
DRV - [2009/04/06 11:29:46 | 00,079,872 | ---- | M] (F-Secure Corporation) -- C:\WINDOWS\System32\drivers\fsdfw.sys -- (FSFW [Boot | Running])
DRV - [2009/05/18 14:17:00 | 00,026,600 | ---- | M] (GEAR Software Inc.) -- C:\WINDOWS\System32\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM [On_Demand | Running])
DRV - [2008/04/13 12:36:05 | 00,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) -- C:\WINDOWS\System32\DRIVERS\HDAudBus.sys -- (HDAudBus [On_Demand | Running])
DRV - [2007/03/08 15:20:48 | 00,049,920 | ---- | M] (HP) -- C:\WINDOWS\System32\DRIVERS\HPZid412.sys -- (HPZid412 [On_Demand | Running])
DRV - [2007/03/08 15:20:49 | 00,016,496 | ---- | M] (HP) -- C:\WINDOWS\System32\DRIVERS\HPZipr12.sys -- (HPZipr12 [On_Demand | Running])
DRV - [2007/03/08 15:20:50 | 00,021,568 | ---- | M] (HP) -- C:\WINDOWS\System32\DRIVERS\HPZius12.sys -- (HPZius12 [On_Demand | Running])
DRV - [2009/09/11 21:45:48 | 05,911,552 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\RtkHDAud.sys -- (IntcAzAudAddService [On_Demand | Running])
DRV - [2004/08/04 01:41:35 | 00,606,684 | ---- | M] (LT) -- C:\WINDOWS\System32\DRIVERS\ltmdmnt.sys -- (ltmodem5 [On_Demand | Running])
DRV - [2006/01/04 15:41:48 | 01,389,056 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\System32\drivers\Monfilt.sys -- (Monfilt [On_Demand | Stopped])
DRV - [2008/09/17 23:55:00 | 06,132,576 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\DRIVERS\nv4_mini.sys -- (nv [On_Demand | Running])
DRV - [2008/08/01 18:36:20 | 00,054,784 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\DRIVERS\NVENETFD.sys -- (NVENETFD [On_Demand | Running])
DRV - [2008/08/01 18:36:26 | 00,022,016 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\DRIVERS\nvnetbus.sys -- (nvnetbus [On_Demand | Running])
DRV - [2003/03/31 15:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])
DRV - [2009/03/25 06:29:52 | 00,130,432 | ---- | M] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\System32\DRIVERS\Rtnicxp.sys -- (RTL8023xp [On_Demand | Running])
DRV - [2004/08/04 01:31:32 | 00,020,992 | ---- | M] (Realtek Semiconductor Corporation) -- C:\WINDOWS\System32\DRIVERS\RTL8139.SYS -- (rtl8139 [On_Demand | Stopped])
DRV - [2007/11/13 06:25:53 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped])
DRV - [2008/04/13 14:45:12 | 00,060,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbaudio.sys -- (usbaudio [On_Demand | Stopped])
DRV - [2003/01/10 17:13:04 | 00,033,588 | R--- | M] (America Online, Inc.) -- C:\WINDOWS\System32\DRIVERS\wanatw4.sys -- (wanatw [On_Demand | Running])

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - URLSearchHook: {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL Toolbar\aoltb.dll (AOL LLC)


IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-682003330-1580436667-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\S-1-5-21-682003330-1580436667-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
IE - HKU\S-1-5-21-682003330-1580436667-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.myembarq.com/
IE - URLSearchHook: {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL Toolbar\aoltb.dll (AOL LLC)
IE - HKU\S-1-5-21-682003330-1580436667-725345543-1004\S-1-5-21-682003330-1580436667-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-682003330-1580436667-725345543-1004\S-1-5-21-682003330-1580436667-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}:6.0.16
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.13


[2009/09/18 19:49:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Spidermonkey\Application Data\mozilla\Extensions
[2009/09/18 19:49:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Spidermonkey\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/09/18 19:49:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Spidermonkey\Application Data\mozilla\Firefox\Profiles\9a59ib8f.default\extensions
[2009/09/24 19:32:29 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/08/08 14:44:47 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/04/01 22:25:34 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[2009/09/05 18:00:32 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
[2009/08/08 14:44:40 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/08/08 14:44:40 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2009/05/01 17:02:48 | 01,044,480 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files\mozilla firefox\plugins\libdivx.dll
[2009/09/05 18:00:22 | 00,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeploytk.dll
[2009/05/12 14:46:20 | 01,650,992 | ---- | M] (DivX,Inc.) -- C:\Program Files\mozilla firefox\plugins\npdivx32.dll
[2009/08/08 14:44:43 | 00,065,528 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll
[2006/10/26 20:12:16 | 00,016,192 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL
[2009/08/28 21:36:57 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin.dll
[2009/08/28 21:36:57 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll
[2009/08/28 21:36:57 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll
[2009/08/28 21:36:57 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll
[2009/08/28 21:36:57 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll
[2009/08/28 21:36:57 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll
[2009/08/28 21:36:57 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll
[2009/07/08 14:21:38 | 00,032,456 | ---- | M] (NOS Microsystems Ltd.) -- C:\Program Files\mozilla firefox\plugins\np_gp.dll
[2009/05/01 17:02:48 | 00,200,704 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files\mozilla firefox\plugins\ssldivx.dll
[2009/05/31 02:41:32 | 00,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2009/05/31 02:41:32 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2009/05/31 02:41:32 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2009/05/31 02:41:32 | 00,002,343 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2009/05/31 02:41:32 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009/05/31 02:41:32 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2009/05/31 02:41:32 | 00,000,792 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml

O1 HOSTS File: (734 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (AOL Toolbar Loader) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL Toolbar\aoltb.dll (AOL LLC)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL Toolbar\aoltb.dll (AOL LLC)
O3 - HKU\S-1-5-21-682003330-1580436667-725345543-1004\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\S-1-5-21-682003330-1580436667-725345543-1004\..\Toolbar\WebBrowser: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL Toolbar\aoltb.dll (AOL LLC)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [F-Secure Manager] C:\Program Files\Embarq Online Security 8\Common\FSM32.EXE (F-Secure Corporation)
O4 - HKLM..\Run: [F-Secure TNB] C:\Program Files\Embarq Online Security 8\FSGUI\TNBUtil.exe (F-Secure Corporation)
O4 - HKLM..\Run: [HostManager] C:\Program Files\Common Files\AOL\1253270060\ee\AOLSoftware.exe (AOL LLC)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe (Hewlett-Packard Co.)
O4 - HKLM..\Run: [ISTray] C:\Program Files\Spyware Doctor\pctsTray.exe (PC Tools)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Inc.)
O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)
O4 - HKU\S-1-5-21-682003330-1580436667-725345543-1004..\Run: [AOL Fast Start] C:\Program Files\AOL 9.1\AOL.EXE (AOL, LLC.)
O4 - HKU\S-1-5-21-682003330-1580436667-725345543-1004..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKLM..\RunOnce: [OTL] C:\Documents and Settings\Spidermonkey\Desktop\OTL.exe (OldTimer Tools)
O4 - Startup: C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
O4 - Startup: C:\Documents and Settings\Jeff\Start Menu\Programs\Startup\Fanbase.lnk = C:\Program Files\Fanbase\Fanbase.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetActiveDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-682003330-1580436667-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-682003330-1580436667-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 0
O7 - HKU\S-1-5-21-682003330-1580436667-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetActiveDesktop = 0
O7 - HKU\S-1-5-21-682003330-1580436667-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 0
O8 - Extra context menu item: &AOL Toolbar Search - C:\Documents and Settings\All Users.WINDOWS\Application Data\AOL\ieToolbar\resources\en-US\local\search.html ()
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Embarq Online Security 8\FSPC\fspcmsie.dll (F-Secure Corporation)
O9 - Extra 'Tools' menuitem : Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Embarq Online Security 8\FSPC\fspcmsie.dll (F-Secure Corporation)
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Embarq Online Security 8\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Embarq Online Security 8\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Embarq Online Security 8\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\System32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\System32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files\Embarq Online Security 8\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-21-682003330-1580436667-725345543-1004\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O15 - HKU\S-1-5-21-682003330-1580436667-725345543-1004\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwa...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/...b?1253240351890 (WUWebControl Class)
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20270.www2.hp.com/ediags/gmn2/inst...tDetection2.cab (GMNRev Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} http://utilities.pcpitstop.com/da2/PCPitStop2.cab (PCPitstop Exam)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/10/31 01:20:24 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found

========== Files/Folders - Created Within 30 Days ==========

[2009/09/25 20:26:54 | 00,000,000 | ---D | C] -- C:\_OTL
[2009/09/24 20:11:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Spidermonkey\Local Settings\Application Data\Google
[2009/09/24 20:11:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Spidermonkey\Application Data\Google
[2009/09/24 20:03:40 | 00,000,000 | ---D | C] -- C:\Program Files\Google
[2009/09/24 20:03:40 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Google
[2009/09/23 19:57:10 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\trash
[2009/09/23 09:11:11 | 00,000,000 | ---D | C] -- C:\Program Files\ESET
[2009/09/23 01:44:30 | 00,000,743 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\PokerStars.lnk
[2009/09/23 01:43:59 | 00,000,000 | ---D | C] -- C:\Program Files\PokerStars
[2009/09/22 22:40:12 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Spidermonkey\Local Settings\Application Data\Adobe
[2009/09/22 22:39:33 | 00,001,736 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Adobe Reader 9.lnk
[2009/09/22 22:39:23 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Adobe
[2009/09/21 22:20:22 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Spidermonkey\Application Data\Apple Computer
[2009/09/21 22:20:10 | 00,002,137 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\iTunes.lnk
[2009/09/21 22:20:07 | 00,107,368 | ---- | C] (GEAR Software Inc.) -- C:\WINDOWS\System32\GEARAspi.dll
[2009/09/21 22:20:07 | 00,026,600 | ---- | C] (GEAR Software Inc.) -- C:\WINDOWS\System32\drivers\GEARAspiWDM.sys
[2009/09/21 22:19:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/09/21 22:18:36 | 00,001,611 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\QuickTime Player.lnk
[2009/09/21 22:18:05 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Apple Computer
[2009/09/21 22:17:22 | 00,000,284 | ---- | C] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/09/21 22:17:22 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Spidermonkey\Local Settings\Application Data\Apple
[2009/09/21 22:16:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Apple
[2009/09/21 22:15:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Spidermonkey\Local Settings\Application Data\Apple Computer
[2009/09/21 20:50:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Spidermonkey\Local Settings\Application Data\PCHealth
[2009/09/21 19:29:15 | 00,514,560 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Spidermonkey\Desktop\OTL.exe
[2009/09/21 18:53:03 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Spidermonkey\Application Data\Malwarebytes
[2009/09/21 18:52:56 | 00,000,703 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/09/21 18:52:53 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/09/21 18:52:51 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/09/21 18:52:51 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/09/21 18:52:51 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Malwarebytes
[2009/09/21 18:21:00 | 03,029,920 | ---- | C] () -- C:\Documents and Settings\Spidermonkey\My Documents\TheWoodSpider_1.wmv
[2009/09/21 18:17:45 | 00,084,625 | ---- | C] () -- C:\Documents and Settings\Spidermonkey\My Documents\ATT00076.jpg
[2009/09/21 18:01:32 | 00,143,444 | ---- | C] () -- C:\Documents and Settings\Spidermonkey\My Documents\EMT Driver Charged with Murder had Methadone in System at Time of Accident.docx
[2009/09/20 15:38:21 | 00,472,064 | ---- | C] ( ) -- C:\Documents and Settings\Spidermonkey\Desktop\RootRepeal.exe
[2009/09/20 15:35:39 | 00,359,932 | ---- | C] () -- C:\Documents and Settings\Spidermonkey\Desktop\dds.scr
[2009/09/20 15:11:30 | 00,001,741 | ---- | C] () -- C:\Documents and Settings\Spidermonkey\Desktop\HijackThis.lnk
[2009/09/20 15:11:29 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009/09/19 14:12:06 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP
[2009/09/19 10:42:32 | 00,064,392 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctplsg.sys
[2009/09/19 10:42:32 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
[2009/09/19 10:42:29 | 00,000,000 | ---D | C] -- C:\Program Files\Spyware Doctor
[2009/09/19 10:42:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Spidermonkey\Application Data\PC Tools
[2009/09/19 10:42:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\PC Tools
[2009/09/19 07:01:29 | 00,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009/09/18 19:49:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Spidermonkey\Local Settings\Application Data\Mozilla
[2009/09/18 19:49:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Spidermonkey\Application Data\Mozilla
[2009/09/18 15:58:00 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Spidermonkey\Application Data\Adobe
[2009/09/18 15:54:08 | 00,940,794 | ---- | C] () -- C:\WINDOWS\System32\LoopyMusic.wav
[2009/09/18 15:54:08 | 00,146,650 | ---- | C] () -- C:\WINDOWS\System32\BuzzingBee.wav
[2009/09/18 15:52:02 | 00,006,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\splitter.sys
[2009/09/18 15:52:02 | 00,006,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\splitter.sys
[2009/09/18 15:52:00 | 00,083,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\wdmaud.sys
[2009/09/18 15:52:00 | 00,083,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wdmaud.sys
[2009/09/18 15:52:00 | 00,052,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\DMusic.sys
[2009/09/18 15:52:00 | 00,052,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmusic.sys
[2009/09/18 15:51:58 | 00,056,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\swmidi.sys
[2009/09/18 15:51:58 | 00,056,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swmidi.sys
[2009/09/18 15:51:57 | 00,142,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\aec.sys
[2009/09/18 15:51:57 | 00,142,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aec.sys
[2009/09/18 15:51:56 | 00,172,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\kmixer.sys
[2009/09/18 15:51:56 | 00,172,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kmixer.sys
[2009/09/18 15:51:55 | 00,002,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmkaud.sys
[2009/09/18 15:51:55 | 00,002,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmkaud.sys
[2009/09/18 15:51:53 | 00,060,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sysaudio.sys
[2009/09/18 15:51:53 | 00,060,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sysaudio.sys
[2009/09/18 15:51:52 | 00,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\MSKSSRV.sys
[2009/09/18 15:51:52 | 00,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mskssrv.sys
[2009/09/18 15:51:51 | 00,004,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\MSPQM.sys
[2009/09/18 15:51:51 | 00,004,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspqm.sys
[2009/09/18 15:51:49 | 00,005,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\MSPCLOCK.sys
[2009/09/18 15:51:49 | 00,005,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspclock.sys
[2009/09/18 15:51:19 | 01,826,816 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SkyTel.exe
[2009/09/18 15:51:19 | 01,482,752 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RtlUpd.exe
[2009/09/18 15:51:19 | 00,880,640 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\RTSndMgr.CPL
[2009/09/18 15:51:19 | 00,405,504 | ---- | C] (Realtek Semiconductor Crop.) -- C:\WINDOWS\vncutil.exe
[2009/09/18 15:51:19 | 00,077,824 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE
[2009/09/18 15:51:18 | 09,715,200 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTLCPL.EXE
[2009/09/18 15:51:18 | 05,911,552 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\RtkHDAud.sys
[2009/09/18 15:51:18 | 00,041,472 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\RtkCoInstXP.dll
[2009/09/18 15:51:17 | 00,122,880 | ---- | C] (Realtek Semiconductor) -- C:\WINDOWS\RtkAudioService.exe
[2009/09/18 15:51:15 | 18,717,696 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.EXE
[2009/09/18 15:51:12 | 02,170,880 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\MicCal.exe
[2009/09/18 15:51:12 | 01,389,056 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\drivers\Monfilt.sys
[2009/09/18 15:51:08 | 02,808,832 | ---- | C] (RealTek Semicoductor Corp.) -- C:\WINDOWS\ALCWZRD.EXE
[2009/09/18 15:51:08 | 01,684,736 | ---- | C] (Creative) -- C:\WINDOWS\System32\drivers\Ambfilt.sys
[2009/09/18 15:51:08 | 00,278,528 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\ALSNDMGR.CPL
[2009/09/18 15:51:08 | 00,057,344 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\ALCMTR.EXE
[2009/09/18 15:51:01 | 00,831,488 | R--- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RtlExUpd.dll
[2009/09/18 15:31:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\PCPitstop
[2009/09/18 06:51:16 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Spidermonkey\Local Settings\Application Data\Microsoft Help
[2009/09/18 06:51:14 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft Help
[2009/09/18 06:38:56 | 02,785,792 | ---- | C] () -- C:\Documents and Settings\Spidermonkey\My Documents\BBQInvitation.pps
[2009/09/18 06:36:52 | 00,054,147 | ---- | C] () -- C:\VETlog.dmp
[2009/09/18 06:36:43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Spidermonkey\Application Data\Viewpoint
[2009/09/18 06:36:33 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Spidermonkey\Application Data\AOL
[2009/09/18 06:36:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Macromedia
[2009/09/18 06:36:17 | 00,000,619 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\AOL 9.1.lnk
[2009/09/18 06:35:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Viewpoint
[2009/09/18 06:35:07 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Documents\AOL Downloads
[2009/09/18 06:35:04 | 00,033,588 | R--- | C] (America Online, Inc.) -- C:\WINDOWS\System32\drivers\wanatw4.sys
[2009/09/18 06:34:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\AOL OCP
[2009/09/18 06:34:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Spidermonkey\Local Settings\Application Data\AOL
[2009/09/18 06:34:16 | 00,000,000 | ---D | C] -- C:\WINDOWS\aolshare
[2009/09/18 06:34:06 | 00,000,000 | ---D | C] -- C:\Program Files\AOL 9.1
[2009/09/18 06:34:06 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\AOL
[2009/09/18 04:05:03 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\AOL Downloads
[2009/09/18 04:05:02 | 00,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009/09/18 04:01:28 | 00,000,810 | ---- | C] () -- C:\Documents and Settings\Spidermonkey\Desktop\Internet Explorer.lnk
[2009/09/18 03:49:19 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Spidermonkey\Application Data\Macromedia
[2009/09/18 03:42:56 | 00,060,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\USBAUDIO.sys
[2009/09/18 03:42:55 | 00,146,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\portcls.sys
[2009/09/18 03:42:55 | 00,146,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\portcls.sys
[2009/09/18 03:42:55 | 00,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksproxy.ax
[2009/09/18 03:42:55 | 00,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksproxy.ax
[2009/09/18 03:42:55 | 00,060,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmk.sys
[2009/09/18 03:42:55 | 00,060,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmk.sys
[2009/09/18 03:42:55 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksuser.dll
[2009/09/18 03:42:55 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksuser.dll
[2009/09/18 03:40:31 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\WEBREG
[2009/09/18 03:39:44 | 00,001,865 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\HP Photosmart Essential 2.01.lnk
[2009/09/18 03:39:14 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\HPSSUPPLY
[2009/09/18 03:38:46 | 00,001,815 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2009/09/18 03:38:24 | 00,000,991 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\HP Solution Center.lnk
[2009/09/18 03:38:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\HP Product Assistant
[2009/09/18 03:38:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\HP
[2009/09/18 03:36:58 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Hewlett-Packard
[2009/09/18 03:36:43 | 00,117,760 | ---- | C] (Hewlett-Packard Company) -- C:\WINDOWS\System32\hpzll5ha.dll
[2009/09/18 03:36:32 | 00,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbscan.sys
[2009/09/18 03:36:32 | 00,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbscan.sys
[2009/09/18 03:36:26 | 00,267,864 | ---- | C] (Hewlett-Packard) -- C:\WINDOWS\System32\hpzids01.dll
[2009/09/18 03:36:23 | 00,675,840 | ---- | C] (Hewlett-Packard) -- C:\WINDOWS\System32\hpowiax3.dll
[2009/09/18 03:36:23 | 00,569,344 | ---- | C] (Hewlett-Packard Co.) -- C:\WINDOWS\System32\hpotscl3.dll
[2009/09/18 03:36:23 | 00,303,104 | ---- | C] (Hewlett-Packard Co.) -- C:\WINDOWS\System32\hpovst10.dll
[2009/09/18 03:36:08 | 00,026,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\USBSTOR.SYS
[2009/09/18 03:36:08 | 00,026,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbstor.sys
[2009/09/18 03:35:30 | 00,140,997 | ---- | C] () -- C:\WINDOWS\hpoins14.dat
[2009/09/18 03:35:30 | 00,002,000 | ---- | C] () -- C:\WINDOWS\hpomdl14.dat
[2009/09/18 03:34:30 | 00,506,560 | ---- | C] () -- C:\WINDOWS\System32\autorun.inf
[2009/09/18 03:22:28 | 00,000,000 | ---D | C] -- C:\WINDOWS\Downloaded Installations
[2009/09/18 03:17:00 | 00,446,464 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvunrm.exe
[2009/09/18 03:17:00 | 00,006,045 | ---- | C] () -- C:\WINDOWS\System32\nvnrm.nvu
[2009/09/18 03:17:00 | 00,004,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin
[2009/09/18 03:16:47 | 00,200,712 | ---- | C] () -- C:\WINDOWS\System32\nvapps.xml
[2009/09/18 03:16:36 | 00,453,152 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvuninst.exe
[2009/09/18 03:16:36 | 00,453,152 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvudisp.exe
[2009/09/18 03:16:36 | 00,018,394 | ---- | C] () -- C:\WINDOWS\System32\nvdisp.nvu
[2009/09/18 02:56:25 | 00,049,920 | ---- | C] (HP) -- C:\WINDOWS\System32\drivers\HPZid412.sys
[2009/09/18 02:56:25 | 00,016,496 | ---- | C] (HP) -- C:\WINDOWS\System32\drivers\HPZipr12.sys
[2009/09/18 02:25:48 | 00,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2009/09/18 02:06:06 | 00,121,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xmllite.dll
[2009/09/18 02:06:04 | 01,119,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmsdmoe2.dll
[2009/09/18 02:06:04 | 01,001,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmvdmoe2.dll
[2009/09/18 02:06:04 | 00,897,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmspdmoe.dll
[2009/09/18 02:06:04 | 00,809,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmvdmod.dll
[2009/09/18 02:06:04 | 00,759,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmsdmod.dll
[2009/09/18 02:06:04 | 00,485,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmspdmod.dll
[2009/09/18 02:06:04 | 00,303,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmstream.dll
[2009/09/18 02:06:04 | 00,278,559 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmv8ds32.ax
[2009/09/18 02:06:04 | 00,258,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmvds32.ax
[2009/09/18 02:06:04 | 00,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpns.dll
[2009/09/18 02:06:04 | 00,115,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmsdmoe.dll
[2009/09/18 02:06:04 | 00,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpshell.dll
[2009/09/18 02:06:04 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpui.dll
[2009/09/18 02:06:04 | 00,010,457 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.hta
[2009/09/18 02:06:04 | 00,001,771 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.css
[2009/09/18 02:06:04 | 00,000,855 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpocm.inf
[2009/09/18 02:06:04 | 00,000,420 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmploc.js
[2009/09/18 02:06:03 | 02,940,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmploc.dll
[2009/09/18 02:06:03 | 00,613,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.chm
[2009/09/18 02:06:03 | 00,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud7.wav
[2009/09/18 02:06:03 | 00,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud6.wav
[2009/09/18 02:06:03 | 00,276,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmphoto.dll
[2009/09/18 02:06:03 | 00,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud9.wav
[2009/09/18 02:06:03 | 00,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud8.wav
[2009/09/18 02:06:03 | 00,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud3.wav
[2009/09/18 02:06:03 | 00,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpband.dll
[2009/09/18 02:06:03 | 00,086,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud5.wav
[2009/09/18 02:06:03 | 00,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud4.wav
[2009/09/18 02:06:03 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmplayer.exe
[2009/09/18 02:06:03 | 00,067,374 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.adm
[2009/09/18 02:06:03 | 00,023,195 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplay.chm
[2009/09/18 02:06:03 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpcore.dll
[2009/09/18 02:06:03 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpcd.dll
[2009/09/18 02:06:02 | 00,354,468 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud1.wav
[2009/09/18 02:06:02 | 00,151,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmidx.dll
[2009/09/18 02:06:02 | 00,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpasf.dll
[2009/09/18 02:06:02 | 00,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud2.wav
[2009/09/18 02:06:02 | 00,029,070 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmp.inf
[2009/09/18 02:06:02 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmp.ocx
[2009/09/18 02:06:01 | 00,670,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmadmoe.dll
[2009/09/18 02:06:01 | 00,408,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmadmod.dll
[2009/09/18 02:06:01 | 00,168,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmerror.dll
[2009/09/18 02:06:01 | 00,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmdmlog.dll
[2009/09/18 02:06:01 | 00,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmdmps.dll
[2009/09/18 02:06:01 | 00,017,272 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmdm.inf
[2009/09/18 02:06:01 | 00,008,677 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm7.gif
[2009/09/18 02:06:01 | 00,007,892 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm9.gif
[2009/09/18 02:06:01 | 00,007,636 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm2.gif
[2009/09/18 02:06:01 | 00,007,369 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm4.gif
[2009/09/18 02:06:01 | 00,006,769 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmfsdk.inf
[2009/09/18 02:06:01 | 00,006,241 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm3.gif
[2009/09/18 02:06:01 | 00,006,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm6.gif
[2009/09/18 02:06:01 | 00,005,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm1.gif
[2009/09/18 02:06:01 | 00,004,193 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm8.gif
[2009/09/18 02:06:01 | 00,002,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm5.gif
[2009/09/18 02:06:00 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wlanapi.dll
[2009/09/18 02:05:59 | 00,712,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\windowscodecs.dll
[2009/09/18 02:05:59 | 00,346,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\windowscodecsext.dll
[2009/09/18 02:05:58 | 00,300,969 | ---- | C] () -- C:\WINDOWS\System32\dllcache\viz.wmv
[2009/09/18 02:05:58 | 00,017,489 | ---- | C] () -- C:\WINDOWS\System32\dllcache\videobg.gif
[2009/09/18 02:05:58 | 00,005,290 | ---- | C] () -- C:\WINDOWS\System32\dllcache\vidsamp.gif
[2009/09/18 02:05:56 | 00,208,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unregmp2.exe
[2009/09/18 02:05:55 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsgqec.dll
[2009/09/18 02:05:55 | 00,050,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tspkg.dll
[2009/09/18 02:05:54 | 00,023,829 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tourbg.gif
[2009/09/18 02:05:54 | 00,003,187 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tour.js
[2009/09/18 02:05:54 | 00,002,469 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplay.gif
[2009/09/18 02:05:54 | 00,002,450 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpause.gif
[2009/09/18 02:05:54 | 00,002,375 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplayh.gif
[2009/09/18 02:05:54 | 00,002,371 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpauseh.gif
[2009/09/18 02:05:53 | 00,001,398 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taon.gif
[2009/09/18 02:05:53 | 00,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taonh.gif
[2009/09/18 02:05:53 | 00,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoff.gif
[2009/09/18 02:05:53 | 00,001,367 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoffh.gif
[2009/09/18 02:05:50 | 00,086,016 | ---- | C] (Sipro Lab Telecom Inc.) -- C:\WINDOWS\System32\dllcache\sl_anet.acm
[2009/09/18 02:05:50 | 00,001,148 | ---- | C] () -- C:\WINDOWS\System32\dllcache\snd.htm
[2009/09/18 02:05:49 | 00,152,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shmedia.dll
[2009/09/18 02:05:49 | 00,000,908 | ---- | C] () -- C:\WINDOWS\System32\dllcache\skins.inf
[2009/09/18 02:05:48 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sffp_mmc.sys
[2009/09/18 02:05:47 | 00,774,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setup_wm.exe
[2009/09/18 02:05:47 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\setupn.exe
[2009/09/18 02:05:46 | 00,572,557 | ---- | C] () -- C:\WINDOWS\System32\dllcache\rtuner.wmv
[2009/09/18 02:05:45 | 00,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rhttpaa.dll
[2009/09/18 02:05:45 | 00,066,725 | ---- | C] () -- C:\WINDOWS\System32\dllcache\revert.wmz
[2009/09/18 02:05:44 | 00,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qutil.dll
[2009/09/18 02:05:44 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rasqec.dll
[2009/09/18 02:05:43 | 00,291,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qagentrt.dll
[2009/09/18 02:05:43 | 00,150,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qagent.dll
[2009/09/18 02:05:43 | 00,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qcliprov.dll
[2009/09/18 02:05:42 | 00,412,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\photometadatahandler.dll
[2009/09/18 02:05:42 | 00,077,307 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plyr_err.chm
[2009/09/18 02:05:42 | 00,001,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst6.wpl
[2009/09/18 02:05:42 | 00,001,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst5.wpl
[2009/09/18 02:05:42 | 00,001,474 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst3.wpl
[2009/09/18 02:05:42 | 00,001,451 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst12.wpl
[2009/09/18 02:05:42 | 00,001,448 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst4.wpl
[2009/09/18 02:05:42 | 00,001,250 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst1.wpl
[2009/09/18 02:05:42 | 00,001,049 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst2.wpl
[2009/09/18 02:05:42 | 00,001,046 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst7.wpl
[2009/09/18 02:05:42 | 00,001,036 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst8.wpl
[2009/09/18 02:05:42 | 00,000,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst11.wpl
[2009/09/18 02:05:42 | 00,000,787 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst10.wpl
[2009/09/18 02:05:42 | 00,000,784 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst9.wpl
[2009/09/18 02:05:42 | 00,000,783 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst13.wpl
[2009/09/18 02:05:42 | 00,000,775 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst14.wpl
[2009/09/18 02:05:42 | 00,000,733 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst15.wpl
[2009/09/18 02:05:41 | 00,144,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\onex.dll
[2009/09/18 02:05:39 | 00,375,519 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nuskin.wmv
[2009/09/18 02:05:38 | 00,226,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npdrmv2.dll
[2009/09/18 02:05:38 | 00,022,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npds.zip
[2009/09/18 02:05:38 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npwmsdrm.dll
[2009/09/18 02:05:38 | 00,000,403 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npdrmv2.zip
[2009/09/18 02:05:36 | 00,193,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napmontr.dll
[2009/09/18 02:05:36 | 00,176,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napstat.exe
[2009/09/18 02:05:36 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napipsec.dll
[2009/09/18 02:05:35 | 01,307,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml6.dll
[2009/09/18 02:05:35 | 01,307,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6.dll
[2009/09/18 02:05:35 | 00,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml6r.dll
[2009/09/18 02:05:35 | 00,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6r.dll
[2009/09/18 02:05:34 | 00,245,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mswmdm.dll
[2009/09/18 02:05:34 | 00,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msshavmsg.dll
[2009/09/18 02:05:33 | 00,356,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msscp.dll
[2009/09/18 02:05:33 | 00,201,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspmsp.dll
[2009/09/18 02:05:33 | 00,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mssha.dll
[2009/09/18 02:05:33 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msscds32.ax
[2009/09/18 02:05:33 | 00,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspmsnsv.dll
[2009/09/18 02:05:31 | 00,259,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msnetobj.dll
[2009/09/18 02:05:29 | 00,844,314 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdxm.ocx
[2009/09/18 02:05:29 | 00,004,126 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdxmlc.dll
[2009/09/18 02:05:28 | 00,294,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msaud32.acm
[2009/09/18 02:05:28 | 00,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadds32.ax
[2009/09/18 02:05:27 | 00,384,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mp4sdmod.dll
[2009/09/18 02:05:27 | 00,368,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpvis.dll
[2009/09/18 02:05:27 | 00,262,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpg4ds32.ax
[2009/09/18 02:05:27 | 00,240,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpg4dmod.dll
[2009/09/18 02:05:27 | 00,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplay32.exe
[2009/09/18 02:05:27 | 00,097,117 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.hlp
[2009/09/18 02:05:27 | 00,018,286 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.inf
[2009/09/18 02:05:27 | 00,004,639 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplayer2.exe
[2009/09/18 02:05:27 | 00,002,778 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogoh.gif
[2009/09/18 02:05:27 | 00,002,545 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogo.gif
[2009/09/18 02:05:27 | 00,001,885 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.cnt
[2009/09/18 02:05:26 | 00,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcex.dll
[2009/09/18 02:05:26 | 00,310,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mp43dmod.dll
[2009/09/18 02:05:26 | 00,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\microsoft.managementconsole.dll
[2009/09/18 02:05:26 | 00,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcfxcommon.dll
[2009/09/18 02:05:26 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcperf.exe
[2009/09/18 02:05:25 | 00,786,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migrate.exe
[2009/09/18 02:05:23 | 00,457,607 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mdlib.wmv
[2009/09/18 02:05:22 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\laprxy.dll
[2009/09/18 02:05:19 | 00,290,816 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\WINDOWS\System32\dllcache\l3codeca.acm
[2009/09/18 02:05:19 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kmsvc.dll
[2009/09/18 02:05:19 | 00,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\l2gpstore.dll
[2009/09/18 02:05:18 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpash.dll
[2009/09/18 02:05:17 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdnepr.dll
[2009/09/18 02:05:17 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdiultn.dll
[2009/09/18 02:05:17 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbhc.dll
[2009/09/18 02:05:13 | 00,001,261 | ---- | C] () -- C:\WINDOWS\System32\pid.inf
[2009/09/18 02:05:11 | 00,144,384 | ---- | C] (Windows ® Server 2003 DDK provider) -- C:\WINDOWS\System32\drivers\hdaudbus.sys
[2009/09/18 02:05:08 | 00,005,971 | ---- | C] () -- C:\WINDOWS\System32\dllcache\events.js
[2009/09/18 02:05:07 | 00,184,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapp3hst.dll
[2009/09/18 02:05:07 | 00,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapphost.dll
[2009/09/18 02:05:07 | 00,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappcfg.dll
[2009/09/18 02:05:07 | 00,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappgnui.dll
[2009/09/18 02:05:07 | 00,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapqec.dll
[2009/09/18 02:05:07 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappprxy.dll
[2009/09/18 02:05:07 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapsvc.dll
[2009/09/18 02:05:07 | 00,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapolqec.dll
[2009/09/18 02:05:06 | 00,695,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmv2clt.dll
[2009/09/18 02:05:06 | 00,299,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmclien.dll
[2009/09/18 02:05:06 | 00,087,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmstor.dll
[2009/09/18 02:05:05 | 00,650,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3ui.dll
[2009/09/18 02:05:05 | 00,132,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3svc.dll
[2009/09/18 02:05:05 | 00,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3cfg.dll
[2009/09/18 02:05:05 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3msm.dll
[2009/09/18 02:05:05 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3gpclnt.dll
[2009/09/18 02:05:05 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3api.dll
[2009/09/18 02:05:05 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3dlg.dll
[2009/09/18 02:05:04 | 00,294,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dlimport.exe
[2009/09/18 02:05:04 | 00,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dhcpqec.dll
[2009/09/18 02:05:04 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dimsroam.dll
[2009/09/18 02:05:04 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dimsntfy.dll
[2009/09/18 02:05:02 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\custsat.dll
[2009/09/18 02:05:02 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\credssp.dll
[2009/09/18 02:05:01 | 00,381,425 | ---- | C] () -- C:\WINDOWS\System32\dllcache\copycd.wmv
[2009/09/18 02:05:01 | 00,184,959 | ---- | C] () -- C:\WINDOWS\System32\dllcache\compact.wmz
[2009/09/18 02:05:01 | 00,009,585 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.css
[2009/09/18 02:05:01 | 00,008,298 | ---- | C] () -- C:\WINDOWS\System32\dllcache\contents.htm
[2009/09/18 02:05:01 | 00,006,878 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.js
[2009/09/18 02:05:01 | 00,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnth.gif
[2009/09/18 02:05:01 | 00,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnt.gif
[2009/09/18 02:05:01 | 00,000,772 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cntd.gif
[2009/09/18 02:05:00 | 00,000,760 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapph.gif
[2009/09/18 02:05:00 | 00,000,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapp.gif
[2009/09/18 02:04:59 | 00,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cewmdm.dll
[2009/09/18 02:04:58 | 00,286,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\blackbox.dll
[2009/09/18 02:04:58 | 00,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\azroles.dll
[2009/09/18 02:04:58 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx4.dll
[2009/09/18 02:04:58 | 00,000,999 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bktrh.gif
[2009/09/18 02:04:55 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asferror.dll
[2009/09/18 02:04:54 | 00,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\aaclient.dll
[2009/09/18 01:41:29 | 00,100,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iecompat.dll
[2009/09/18 01:41:22 | 00,594,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2009/09/18 01:41:22 | 00,246,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieproxy.dll
[2009/09/18 01:41:22 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2009/09/18 01:41:22 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpshims.dll
[2009/09/18 01:41:21 | 01,985,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2009/09/18 01:32:21 | 00,153,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\triedit.dll
[2009/09/18 01:31:25 | 00,046,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tzchange.exe
[2009/09/18 01:30:57 | 01,315,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoe.dll
[2009/09/18 01:30:51 | 02,066,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstscax.dll
[2009/09/18 01:28:16 | 00,401,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcss.dll
[2009/09/18 01:28:16 | 00,284,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pdh.dll
[2009/09/18 01:28:15 | 00,730,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lsasrv.dll
[2009/09/18 01:28:15 | 00,714,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntdll.dll
[2009/09/18 01:28:15 | 00,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\advapi32.dll
[2009/09/18 01:28:15 | 00,473,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fastprox.dll
[2009/09/18 01:28:15 | 00,453,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprvsd.dll
[2009/09/18 01:28:15 | 00,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprvse.exe
[2009/09/18 01:28:15 | 00,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\services.exe
[2009/09/18 01:28:14 | 02,189,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe
[2009/09/18 01:28:14 | 02,145,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe
[2009/09/18 01:28:14 | 02,023,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe
[2009/09/18 01:27:58 | 01,203,922 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sysmain.sdb
[2009/09/18 01:27:58 | 00,215,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wordpad.exe
[2009/09/18 01:27:58 | 00,002,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsp4res.dll
[2009/09/18 01:27:23 | 00,333,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srv.sys
[2009/09/18 01:26:38 | 00,455,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys
[2009/09/18 01:26:30 | 00,337,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netapi32.dll
[2009/09/18 01:26:26 | 00,331,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadce.dll
[2009/09/18 01:26:11 | 00,691,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcomm.dll
[2009/09/18 01:25:50 | 00,272,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthport.sys
[2009/09/18 01:25:47 | 00,203,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rmcast.sys
[2009/09/18 01:20:21 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Windows Genuine Advantage
[2009/09/18 01:18:23 | 00,000,508 | ---- | C] () -- C:\WINDOWS\tasks\Scheduled scanning task.job
[2009/09/18 01:17:26 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Spidermonkey\Application Data\F-Secure
[2009/09/18 01:12:41 | 00,069,232 | ---- | C] () -- C:\Documents and Settings\Spidermonkey\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009/09/18 01:00:32 | 00,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2009/09/17 22:43:08 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spnpinst.exe
[2009/09/17 22:43:07 | 00,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img
[2009/09/17 22:43:07 | 00,007,208 | ---- | C] () -- C:\WINDOWS\System32\secupd.sig
[2009/09/17 22:43:07 | 00,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2009/09/17 22:31:05 | 00,013,726 | ---- | C] () -- C:\WINDOWS\System32\wpa.bak
[2009/09/17 22:26:54 | 01,082,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\esent.dll
[2009/09/17 22:25:59 | 00,008,704 | ---- | C] () -- C:\Documents and Settings\Spidermonkey\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/09/17 22:22:13 | 00,026,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spupdsvc.exe
[2009/09/17 22:21:47 | 00,016,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2009/09/17 22:21:34 | 00,354,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winhttp.dll
[2009/09/17 22:21:34 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qmgrprxy.dll
[2009/09/17 22:21:34 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx2.dll
[2009/09/17 22:21:34 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx3.dll
[2009/09/17 22:19:42 | 00,561,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll
[2009/09/17 22:19:42 | 00,323,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll
[2009/09/17 22:19:42 | 00,213,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaucpl.cpl
[2009/09/17 22:19:42 | 00,043,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wups2.dll
[2009/09/17 22:19:42 | 00,034,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wups.dll
[2009/09/17 22:19:42 | 00,031,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll.mui
[2009/09/17 22:19:42 | 00,023,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaucpl.cpl.mui
[2009/09/17 22:19:42 | 00,023,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll.mui
[2009/09/17 22:19:42 | 00,018,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng.dll.mui
[2009/09/17 21:55:55 | 05,359,974 | -H-- | C] () -- C:\Documents and Settings\Spidermonkey\Local Settings\Application Data\IconCache.db
[2009/09/17 21:55:20 | 00,033,920 | ---- | C] () -- C:\WINDOWS\System32\drivers\fsbts.sys
[2009/09/17 21:55:14 | 00,079,872 | ---- | C] (F-Secure Corporation) -- C:\WINDOWS\System32\drivers\fsdfw.sys
[2009/09/17 21:54:40 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\fssg
[2009/09/17 21:53:16 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\f-secure
[2009/09/17 21:52:53 | 74,069,184 | ---- | C] (F-Secure Corporation) -- C:\Documents and Settings\Spidermonkey\Desktop\Embarq_RTM_8.02-109.exe
[2009/09/17 21:28:08 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Spidermonkey\Application Data\Identities
[2009/09/17 21:28:04 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Spidermonkey\My Documents\My Pictures
[2009/09/17 21:28:04 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Spidermonkey\My Documents\My Music
[2009/09/17 21:27:59 | 00,000,000 | --SD | C] -- C:\Documents and Settings\Spidermonkey\Application Data\Microsoft
[2009/09/17 21:27:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Spidermonkey\Local Settings\Application Data\Microsoft
[2009/09/17 21:24:17 | 00,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2009/09/17 21:23:31 | 00,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009/09/17 21:23:24 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winzm.ime
[2009/09/17 21:23:23 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winsp.ime
[2009/09/17 21:23:23 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winpy.ime
[2009/09/17 21:23:23 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winime.ime
[2009/09/17 21:23:22 | 00,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winar30.ime
[2009/09/17 21:23:22 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wingb.ime
[2009/09/17 21:23:20 | 00,041,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.dll
[2009/09/17 21:23:20 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.sys
[2009/09/17 21:23:19 | 00,426,041 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicepad.dll
[2009/09/17 21:23:19 | 00,086,073 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicesub.dll
[2009/09/17 21:23:19 | 00,048,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32.dll
[2009/09/17 21:23:17 | 00,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniime.dll
[2009/09/17 21:23:17 | 00,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unicdime.ime
[2009/09/17 21:23:16 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe
[2009/09/17 21:23:15 | 00,571,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlgnt.ime
[2009/09/17 21:23:15 | 00,455,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintsetp.exe
[2009/09/17 21:23:15 | 00,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\thawbrkr.dll
[2009/09/17 21:23:15 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlphr.exe
[2009/09/17 21:23:15 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmigrate.dll
[2009/09/17 21:23:14 | 00,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdipx.sys
[2009/09/17 21:23:14 | 00,019,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdspx.sys
[2009/09/17 21:23:14 | 00,013,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdasync.sys
[2009/09/17 21:23:12 | 00,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusbusd.dll
[2009/09/17 21:23:11 | 00,143,422 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\softkey.dll
[2009/09/17 21:23:11 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpstup.dll
[2009/09/17 21:23:11 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll
[2009/09/17 21:23:10 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb6w.dll
[2009/09/17 21:23:10 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma3w.dll
[2009/09/17 21:23:10 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsm.dll
[2009/09/17 21:23:10 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll
[2009/09/17 21:23:10 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpapi.dll
[2009/09/17 21:23:10 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smimsgif.dll
[2009/09/17 21:23:10 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsy.dll
[2009/09/17 21:23:09 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm9aw.dll
[2009/09/17 21:23:09 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm87w.dll
[2009/09/17 21:23:09 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm81w.dll
[2009/09/17 21:23:09 | 00,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8cw.dll
[2009/09/17 21:23:09 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm93w.dll
[2009/09/17 21:23:09 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm92w.dll
[2009/09/17 21:23:09 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm90w.dll
[2009/09/17 21:23:09 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8dw.dll
[2009/09/17 21:23:09 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8aw.dll
[2009/09/17 21:23:09 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm89w.dll
[2009/09/17 21:23:09 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm59w.dll
[2009/09/17 21:23:09 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\simptcp.dll
[2009/09/17 21:23:07 | 00,205,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seo.dll
[2009/09/17 21:23:07 | 00,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_scripto.dll
[2009/09/17 21:23:07 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seos.dll
[2009/09/17 21:23:06 | 00,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2009/09/17 21:23:06 | 00,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2009/09/17 21:23:06 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_rwnh.dll
[2009/09/17 21:23:05 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\romanime.ime
[2009/09/17 21:23:04 | 00,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe
[2009/09/17 21:23:04 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe
[2009/09/17 21:23:03 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quick.ime
[2009/09/17 21:23:03 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quser.exe
[2009/09/17 21:23:03 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe
[2009/09/17 21:23:02 | 00,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxviceo.dll
[2009/09/17 21:23:02 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxmcro.dll
[2009/09/17 21:23:02 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxgl.dll
[2009/09/17 21:23:01 | 00,482,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlgnt.ime
[2009/09/17 21:23:01 | 00,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2009/09/17 21:23:01 | 00,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phon.ime
[2009/09/17 21:23:01 | 00,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlphr.exe
[2009/09/17 21:23:01 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmigrate.dll
[2009/09/17 21:23:01 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlcsd.dll
[2009/09/17 21:23:00 | 00,036,927 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs411.dll
[2009/09/17 21:23:00 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs404.dll
[2009/09/17 21:23:00 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs804.dll
[2009/09/17 21:23:00 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs412.dll
[2009/09/17 21:22:58 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll
[2009/09/17 21:22:56 | 00,229,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\multibox.dll
[2009/09/17 21:22:52 | 01,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.lex
[2009/09/17 21:22:52 | 00,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.dll
[2009/09/17 21:22:48 | 00,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.sys
[2009/09/17 21:22:48 | 00,092,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.dll
[2009/09/17 21:22:48 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll
[2009/09/17 21:22:46 | 01,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2009/09/17 21:22:46 | 00,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\korwbrkr.dll
[2009/09/17 21:22:46 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdvntc.dll
[2009/09/17 21:22:46 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdusa.dll
[2009/09/17 21:22:45 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecat.dll
[2009/09/17 21:22:45 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecnt.dll
[2009/09/17 21:22:45 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnec95.dll
[2009/09/17 21:22:45 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth3.dll
[2009/09/17 21:22:45 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth2.dll
[2009/09/17 21:22:45 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdurdu.dll
[2009/09/17 21:22:45 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth1.dll
[2009/09/17 21:22:45 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth0.dll
[2009/09/17 21:22:45 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr2.dll
[2009/09/17 21:22:45 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr1.dll
[2009/09/17 21:22:44 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinpun.dll
[2009/09/17 21:22:44 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintel.dll
[2009/09/17 21:22:44 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintam.dll
[2009/09/17 21:22:44 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinmar.dll
[2009/09/17 21:22:44 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinkan.dll
[2009/09/17 21:22:44 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinhin.dll
[2009/09/17 21:22:44 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinguj.dll
[2009/09/17 21:22:44 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdindev.dll
[2009/09/17 21:22:43 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdheb.dll
[2009/09/17 21:22:43 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdfa.dll
[2009/09/17 21:22:43 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv2.dll
[2009/09/17 21:22:43 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv1.dll
[2009/09/17 21:22:43 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda3.dll
[2009/09/17 21:22:43 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda2.dll
[2009/09/17 21:22:43 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgeo.dll
[2009/09/17 21:22:43 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarmw.dll
[2009/09/17 21:22:43 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarme.dll
[2009/09/17 21:22:42 | 00,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jupiw.dll
[2009/09/17 21:22:42 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101a.dll
[2009/09/17 21:22:42 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda1.dll
[2009/09/17 21:22:40 | 00,471,102 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskdic.dll
[2009/09/17 21:22:40 | 00,315,455 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskf.dll
[2009/09/17 21:22:40 | 00,274,489 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputyc.dll
[2009/09/17 21:22:40 | 00,262,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputy.exe
[2009/09/17 21:22:40 | 00,102,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imlang.dll
[2009/09/17 21:22:40 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imkrinst.exe
[2009/09/17 21:22:40 | 00,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2009/09/17 21:22:40 | 00,045,109 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpuex.exe
[2009/09/17 21:22:39 | 00,233,527 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjprw.exe
[2009/09/17 21:22:39 | 00,208,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpmig.exe
[2009/09/17 21:22:38 | 00,811,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81k.dll
[2009/09/17 21:22:38 | 00,716,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcus.dll
[2009/09/17 21:22:38 | 00,368,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcic.dll
[2009/09/17 21:22:38 | 00,340,023 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81.ime
[2009/09/17 21:22:38 | 00,311,359 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsv.exe
[2009/09/17 21:22:38 | 00,307,257 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.exe
[2009/09/17 21:22:38 | 00,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2009/09/17 21:22:38 | 00,155,705 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdsvr.exe
[2009/09/17 21:22:38 | 00,081,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.dll
[2009/09/17 21:22:38 | 00,057,398 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdadm.exe
[2009/09/17 21:22:37 | 00,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2009/09/17 21:22:37 | 00,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrcic.dll
[2009/09/17 21:22:37 | 00,102,463 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsm.dll
[2009/09/17 21:22:37 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekr61.ime
[2009/09/17 21:22:37 | 00,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmbx.dll
[2009/09/17 21:22:37 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmig.exe
[2009/09/17 21:22:34 | 10,129,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxkor.dll
[2009/09/17 21:22:31 | 13,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2009/09/17 21:22:29 | 10,096,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxcht.dll
[2009/09/17 21:22:28 | 00,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2009/09/17 21:22:28 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hanjadic.dll
[2009/09/17 21:22:27 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsroute.dll
[2009/09/17 21:22:27 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssend.exe
[2009/09/17 21:22:26 | 00,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclntr.dll
[2009/09/17 21:22:26 | 00,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscfgwz.dll
[2009/09/17 21:22:26 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftlx041e.dll
[2009/09/17 21:22:25 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll
[2009/09/17 21:22:25 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe
[2009/09/17 21:22:24 | 00,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll
[2009/09/17 21:22:24 | 00,045,056 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll
[2009/09/17 21:22:24 | 00,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll
[2009/09/17 21:22:24 | 00,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\et4000.sys
[2009/09/17 21:22:23 | 00,514,587 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\edb500.dll
[2009/09/17 21:22:20 | 00,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dayi.ime
[2009/09/17 21:22:19 | 00,057,399 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cplexe.exe
[2009/09/17 21:22:19 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cprofile.exe
[2009/09/17 21:22:18 | 00,480,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintsetp.exe
[2009/09/17 21:22:18 | 00,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintime.dll
[2009/09/17 21:22:18 | 00,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2009/09/17 21:22:18 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtskdic.dll
[2009/09/17 21:22:18 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintlgnt.ime
[2009/09/17 21:22:17 | 01,677,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chsbrkr.dll
[2009/09/17 21:22:17 | 00,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtbrkr.dll
[2009/09/17 21:22:17 | 00,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtmbx.dll
[2009/09/17 21:22:17 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgport.exe
[2009/09/17 21:22:17 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgusr.exe
[2009/09/17 21:22:17 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chglogon.exe
[2009/09/17 21:22:17 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\change.exe
[2009/09/17 21:22:16 | 00,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chajei.ime
[2009/09/17 21:22:16 | 00,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2009/09/17 21:22:15 | 00,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_iscii.dll
[2009/09/17 21:22:15 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_is2022.dll
[2009/09/17 21:22:14 | 00,312,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqueue.dll
[2009/09/17 21:22:14 | 00,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll
[2009/09/17 21:22:13 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll
[2009/09/17 21:22:10 | 02,134,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpsnap.dll
[2009/09/17 21:22:10 | 00,175,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpadm.dll
[2009/09/17 21:22:00 | 00,002,577 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT
[2009/09/17 21:21:59 | 00,025,065 | ---- | C] () -- C:\WINDOWS\System32\wmpscheme.xml
[2009/09/17 21:21:58 | 00,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2009/09/17 21:21:58 | 00,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2009/09/17 21:21:57 | 00,299,552 | ---- | C] () -- C:\WINDOWS\WMSysPrx.prx
[2009/09/17 21:21:52 | 00,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mapi32.dll
[2009/09/17 21:21:52 | 00,000,006 | -H-- | C] () -- C:\WINDOWS\tasks\SA.DAT
[2009/09/17 21:21:16 | 00,000,488 | RH-- | C] () -- C:\WINDOWS\System32\WindowsLogon.manifest
[2009/09/17 21:21:16 | 00,000,488 | RH-- | C] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2009/09/17 21:21:12 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\WindowsShell.Manifest
[2009/09/17 21:21:12 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2009/09/17 21:21:12 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2009/09/17 21:21:12 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2009/09/17 21:21:12 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2009/09/17 21:21:12 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2009/09/17 21:21:03 | 04,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex
[2009/09/17 21:20:42 | 00,099,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helphost.exe
[2009/09/17 21:20:42 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrslv.dll
[2009/09/17 21:20:42 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrcdlg.dll
[2009/09/17 21:20:42 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\racpldlg.dll
[2009/09/17 21:20:42 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\notiflag.exe
[2009/09/17 21:20:42 | 00,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrdm.dll
[2009/09/17 21:20:42 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\brpinfo.dll
[2009/09/17 21:20:42 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atrace.dll
[2009/09/17 21:20:42 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\atrace.dll
[2009/09/17 21:20:42 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hcappres.dll
[2009/09/17 21:20:40 | 00,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2009/09/17 21:20:40 | 00,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2009/09/17 21:20:34 | 00,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srdiag.exe
[2009/09/17 21:20:33 | 00,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msg723.acm
[2009/09/17 21:20:33 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mnmsrvc.exe
[2009/09/17 21:20:33 | 00,032,768 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\isrdbg32.dll
[2009/09/17 21:20:33 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmevtmsg.dll
[2009/09/17 21:20:33 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmevtmsg.dll
[2009/09/17 21:20:33 | 00,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf
[2009/09/17 21:20:32 | 00,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\acctres.dll
[2009/09/17 21:20:32 | 00,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\acctres.dll
[2009/09/17 21:20:31 | 00,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetres.dll
[2009/09/17 21:20:30 | 00,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcfg.dll
[2009/09/17 21:20:30 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\isign32.dll
[2009/09/17 21:20:30 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwdial.dll
[2009/09/17 21:20:30 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwphbk.dll
[2009/09/17 21:20:30 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icfgnt5.dll
[2009/09/17 21:20:30 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icfgnt5.dll
[2009/09/17 21:20:28 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trialoc.dll
[2009/09/17 21:20:27 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwtutor.exe
[2009/09/17 21:20:27 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwres.dll
[2009/09/17 21:20:27 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isignup.exe
[2009/09/17 21:20:23 | 00,409,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qmgr.dll
[2009/09/17 21:20:19 | 00,239,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srrstr.dll
[2009/09/17 21:20:19 | 00,171,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srsvc.dll
[2009/09/17 21:20:18 | 00,364,544 | ---- | C] (Microsoft Corporation (written by Digital Renaissance Inc.)) -- C:\WINDOWS\System32\dllcache\npdsplay.dll
[2009/09/17 21:20:18 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ils.dll
[2009/09/17 21:20:18 | 00,073,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sr.sys
[2009/09/17 21:20:18 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srclient.dll
[2009/09/17 21:20:17 | 00,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msh261.drv
[2009/09/17 21:20:17 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msconf.dll
[2009/09/17 21:20:17 | 00,034,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mnmdd.dll
[2009/09/17 21:20:17 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmmkcert.dll
[2009/09/17 21:20:14 | 00,691,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcomm.dll
[2009/09/17 21:20:14 | 00,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoeacct.dll
[2009/09/17 21:20:14 | 00,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoert2.dll
[2009/09/17 21:20:13 | 00,274,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstask.dll
[2009/09/17 21:20:13 | 00,192,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\schedsvc.dll
[2009/09/17 21:20:13 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstinit.exe
[2009/09/17 21:20:06 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users.WINDOWS\Documents\My Pictures
[2009/09/17 21:20:06 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users.WINDOWS\Documents\My Music
[2009/09/17 21:20:02 | 00,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009/09/17 21:19:43 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\write.exe
[2009/09/17 21:19:43 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\write.exe
[2009/09/17 21:19:39 | 00,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\accwiz.exe
[2009/09/17 21:19:39 | 00,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndvol32.exe
[2009/09/17 21:19:39 | 00,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndvol32.exe
[2009/09/17 21:19:39 | 00,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndrec32.exe
[2009/09/17 21:19:39 | 00,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\access.cpl
[2009/09/17 21:19:39 | 00,044,544 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\hticons.dll
[2009/09/17 21:19:38 | 00,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avtapi.dll
[2009/09/17 21:19:38 | 00,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avtapi.dll
[2009/09/17 21:19:38 | 00,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avwav.dll
[2009/09/17 21:19:38 | 00,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avwav.dll
[2009/09/17 21:19:38 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winchat.exe
[2009/09/17 21:19:38 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winchat.exe
[2009/09/17 21:19:38 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avmeter.dll
[2009/09/17 21:19:38 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avmeter.dll
[2009/09/17 21:19:35 | 00,065,978 | ---- | C] () -- C:\WINDOWS\Soap Bubbles.bmp
[2009/09/17 21:19:35 | 00,065,954 | ---- | C] () -- C:\WINDOWS\Prairie Wind.bmp
[2009/09/17 21:19:35 | 00,065,832 | ---- | C] () -- C:\WINDOWS\Santa Fe Stucco.bmp
[2009/09/17 21:19:35 | 00,026,680 | ---- | C] () -- C:\WINDOWS\River Sumida.bmp
[2009/09/17 21:19:35 | 00,026,582 | ---- | C] () -- C:\WINDOWS\Greenstone.bmp
[2009/09/17 21:19:35 | 00,017,362 | ---- | C] () -- C:\WINDOWS\Rhododendron.bmp
[2009/09/17 21:19:35 | 00,017,336 | ---- | C] () -- C:\WINDOWS\Gone Fishing.bmp
[2009/09/17 21:19:35 | 00,017,062 | ---- | C] () -- C:\WINDOWS\Coffee Bean.bmp
[2009/09/17 21:19:35 | 00,016,730 | ---- | C] () -- C:\WINDOWS\FeatherTexture.bmp
[2009/09/17 21:19:35 | 00,009,522 | ---- | C] () -- C:\WINDOWS\Zapotec.bmp
[2009/09/17 21:19:35 | 00,001,272 | ---- | C] () -- C:\WINDOWS\Blue Lace 16.bmp
[2009/09/17 21:19:34 | 00,605,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\getuname.dll
[2009/09/17 21:19:34 | 00,605,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\getuname.dll
[2009/09/17 21:19:34 | 00,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\calc.exe
[2009/09/17 21:19:34 | 00,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\calc.exe
[2009/09/17 21:19:34 | 00,093,702 | ---- | C] () -- C:\WINDOWS\System32\subrange.uce
[2009/09/17 21:19:34 | 00,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\charmap.exe
[2009/09/17 21:19:34 | 00,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\charmap.exe
[2009/09/17 21:19:34 | 00,060,458 | ---- | C] () -- C:\WINDOWS\System32\ideograf.uce
[2009/09/17 21:19:34 | 00,024,006 | ---- | C] () -- C:\WINDOWS\System32\gb2312.uce
[2009/09/17 21:19:34 | 00,022,984 | ---- | C] () -- C:\WINDOWS\System32\bopomofo.uce
[2009/09/17 21:19:34 | 00,016,740 | ---- | C] () -- C:\WINDOWS\System32\shiftjis.uce
[2009/09/17 21:19:34 | 00,012,876 | ---- | C] () -- C:\WINDOWS\System32\korean.uce
[2009/09/17 21:19:34 | 00,008,484 | ---- | C] () -- C:\WINDOWS\System32\kanji_2.uce
[2009/09/17 21:19:34 | 00,006,948 | ---- | C] () -- C:\WINDOWS\System32\kanji_1.uce
[2009/09/17 21:19:33 | 00,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mshearts.exe
[2009/09/17 21:19:33 | 00,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshearts.exe
[2009/09/17 21:19:33 | 00,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winmine.exe
[2009/09/17 21:19:33 | 00,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmine.exe
[2009/09/17 21:19:33 | 00,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sol.exe
[2009/09/17 21:19:33 | 00,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sol.exe
[2009/09/17 21:19:33 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\freecell.exe
[2009/09/17 21:19:33 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\freecell.exe
[2009/09/17 21:19:33 | 00,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tdtcp.sys
[2009/09/17 21:19:33 | 00,012,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tdpipe.sys
[2009/09/17 21:19:32 | 00,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdshost.exe
[2009/09/17 21:19:32 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\regini.exe
[2009/09/17 21:19:32 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\regini.exe
[2009/09/17 21:19:32 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qwinsta.exe
[2009/09/17 21:19:32 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qwinsta.exe
[2009/09/17 21:19:32 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msg.exe
[2009/09/17 21:19:32 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msg.exe
[2009/09/17 21:19:32 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qprocess.exe
[2009/09/17 21:19:32 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsshutdn.exe
[2009/09/17 21:19:32 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qappsrv.exe
[2009/09/17 21:19:32 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsshutdn.exe
[2009/09/17 21:19:32 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qappsrv.exe
[2009/09/17 21:19:32 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tskill.exe
[2009/09/17 21:19:32 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tskill.exe
[2009/09/17 21:19:32 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rwinsta.exe
[2009/09/17 21:19:32 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rwinsta.exe
[2009/09/17 21:19:32 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\logoff.exe
[2009/09/17 21:19:32 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logoff.exe
[2009/09/17 21:19:32 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsdiscon.exe
[2009/09/17 21:19:32 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscon.exe
[2009/09/17 21:19:32 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\shadow.exe
[2009/09/17 21:19:32 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsdiscon.exe
[2009/09/17 21:19:32 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscon.exe
[2009/09/17 21:19:32 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shadow.exe
[2009/09/17 21:19:32 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\reset.exe
[2009/09/17 21:19:32 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\reset.exe
[2009/09/17 21:19:32 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpcfgex.dll
[2009/09/17 21:19:32 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpcfgex.dll
[2009/09/17 21:19:32 | 00,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h
[2009/09/17 21:19:32 | 00,001,161 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2009/09/17 21:19:31 | 00,956,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtctm.dll
[2009/09/17 21:19:31 | 00,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcuiu.dll
[2009/09/17 21:19:31 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtclog.dll
[2009/09/17 21:19:31 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cdmodem.dll
[2009/09/17 21:19:31 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cdmodem.dll
[2009/09/17 21:19:31 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xolehlp.dll
[2009/09/17 21:19:31 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtc.exe
[2009/09/17 21:19:31 | 00,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h
[2009/09/17 21:19:30 | 00,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comrepl.dll
[2009/09/17 21:19:30 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\colbact.dll
[2009/09/17 21:19:30 | 00,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\stclient.dll
[2009/09/17 21:19:30 | 00,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxlegih.dll
[2009/09/17 21:19:30 | 00,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxdm.dll
[2009/09/17 21:19:30 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comaddin.dll
[2009/09/17 21:19:30 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtsadmin.tlb
[2009/09/17 21:19:30 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dcomcnfg.exe
[2009/09/17 21:19:30 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxex.dll
[2009/09/17 21:19:29 | 00,539,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comuid.dll
[2009/09/17 21:19:29 | 00,498,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clbcatq.dll
[2009/09/17 21:19:29 | 00,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrv.dll
[2009/09/17 21:19:29 | 00,167,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsnap.dll
[2009/09/17 21:19:29 | 00,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clbcatex.dll
[2009/09/17 21:19:29 | 00,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvps.dll
[2009/09/17 21:19:29 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmi2xml.dll
[2009/09/17 21:19:27 | 00,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmitimep.dll
[2009/09/17 21:19:26 | 00,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\updprov.dll
[2009/09/17 21:19:26 | 00,075,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipicmp.dll
[2009/09/17 21:19:26 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmplprov.dll
[2009/09/17 21:19:26 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmimsg.dll
[2009/09/17 21:19:26 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemdisp.tlb
[2009/09/17 21:19:26 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trnsprov.dll
[2009/09/17 21:19:26 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpcons.dll
[2009/09/17 21:19:26 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.tlb
[2009/09/17 21:19:26 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unsecapp.exe
[2009/09/17 21:19:26 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmtr.dll
[2009/09/17 21:19:26 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmt.exe
[2009/09/17 21:19:26 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.dll
[2009/09/17 21:19:25 | 00,273,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msiprov.dll
[2009/09/17 21:19:25 | 00,120,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsprov.dll
[2009/09/17 21:19:25 | 00,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc
[2009/09/17 21:19:25 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fwdprov.dll
[2009/09/17 21:19:24 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\servdeps.dll
[2009/09/17 21:19:24 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmfutil.dll
[2009/09/17 21:19:23 | 00,343,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mspaint.exe
[2009/09/17 21:19:23 | 00,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmprops.dll
[2009/09/17 21:19:23 | 00,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mplay32.exe
[2009/09/17 21:19:23 | 00,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clipbrd.exe
[2009/09/17 21:19:22 | 02,066,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstscax.dll
[2009/09/17 21:19:22 | 01,809,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng.dll
[2009/09/17 21:19:22 | 01,809,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaueng.dll
[2009/09/17 21:19:22 | 00,677,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstsc.exe
[2009/09/17 21:19:22 | 00,538,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spider.exe
[2009/09/17 21:19:22 | 00,139,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rdpwd.sys
[2009/09/17 21:19:22 | 00,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscfgwmi.dll
[2009/09/17 21:19:22 | 00,051,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauclt.exe
[2009/09/17 21:19:22 | 00,051,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauclt.exe
[2009/09/17 21:19:22 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauserv.dll
[2009/09/17 21:19:21 | 00,428,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcprx.dll
[2009/09/17 21:19:21 | 00,295,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\termsrv.dll
[2009/09/17 21:19:21 | 00,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdchost.dll
[2009/09/17 21:19:21 | 00,141,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sessmgr.exe
[2009/09/17 21:19:21 | 00,087,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpwsx.dll
[2009/09/17 21:19:21 | 00,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpclip.exe
[2009/09/17 21:19:21 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\remotepg.dll
[2009/09/17 21:19:21 | 00,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscupgrd.exe
[2009/09/17 21:19:21 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cfgbkend.dll
[2009/09/17 21:19:21 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpsnd.dll
[2009/09/17 21:19:21 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdsaddin.exe
[2009/09/17 21:19:21 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icaapi.dll
[2009/09/17 21:19:20 | 01,267,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsvcs.dll
[2009/09/17 21:19:20 | 00,625,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvut.dll
[2009/09/17 21:19:17 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\licwmi.dll
[2009/09/17 21:19:11 | 00,196,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rdpdr.sys
[2009/09/17 21:19:11 | 00,040,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\termdd.sys
[2009/09/17 16:50:54 | 00,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\audstub.sys
[2009/09/17 16:50:46 | 00,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbprint.sys
[2009/09/17 16:50:45 | 00,057,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\redbook.sys
[2009/09/17 16:50:38 | 00,606,684 | ---- | C] (LT) -- C:\WINDOWS\System32\drivers\ltmdmnt.sys
[2009/09/17 16:50:37 | 00,020,992 | ---- | C] (Realtek Semiconductor Corporation) -- C:\WINDOWS\System32\drivers\rtl8139.sys
[2009/09/17 16:50:31 | 00,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\usbui.dll
[2009/09/17 16:48:53 | 00,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2009/09/17 16:48:47 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28603.nls
[2009/09/17 16:48:46 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_857.nls
[2009/09/17 16:48:46 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28599.nls
[2009/09/17 16:48:46 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10081.nls
[2009/09/17 16:48:46 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuq.dll
[2009/09/17 16:48:46 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuf.dll
[2009/09/17 16:48:46 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtuq.dll
[2009/09/17 16:48:46 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtuf.dll
[2009/09/17 16:48:46 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdazel.dll
[2009/09/17 16:48:46 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdazel.dll
[2009/09/17 16:48:45 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28595.NLS
[2009/09/17 16:48:45 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10017.nls
[2009/09/17 16:48:45 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10007.nls
[2009/09/17 16:48:45 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycc.dll
[2009/09/17 16:48:45 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbduzb.dll
[2009/09/17 16:48:45 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdur.dll
[2009/09/17 16:48:45 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtat.dll
[2009/09/17 16:48:45 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru1.dll
[2009/09/17 16:48:45 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru.dll
[2009/09/17 16:48:45 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmon.dll
[2009/09/17 16:48:45 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkyr.dll
[2009/09/17 16:48:45 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkaz.dll
[2009/09/17 16:48:45 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbu.dll
[2009/09/17 16:48:45 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdblr.dll
[2009/09/17 16:48:45 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdaze.dll
[2009/09/17 16:48:45 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdycc.dll
[2009/09/17 16:48:45 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbduzb.dll
[2009/09/17 16:48:45 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdur.dll
[2009/09/17 16:48:45 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtat.dll
[2009/09/17 16:48:45 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdru1.dll
[2009/09/17 16:48:45 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdru.dll
[2009/09/17 16:48:45 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdmon.dll
[2009/09/17 16:48:45 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkyr.dll
[2009/09/17 16:48:45 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkaz.dll
[2009/09/17 16:48:45 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdbu.dll
[2009/09/17 16:48:45 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdblr.dll
[2009/09/17 16:48:45 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdaze.dll
[2009/09/17 16:48:44 | 00,008,192 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhept.dll
[2009/09/17 16:48:44 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhept.dll
[2009/09/17 16:48:44 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela3.dll
[2009/09/17 16:48:44 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhela3.dll
[2009/09/17 16:48:44 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela2.dll
[2009/09/17 16:48:44 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdgkl.dll
[2009/09/17 16:48:44 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhela2.dll
[2009/09/17 16:48:44 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgkl.dll
[2009/09/17 16:48:44 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe319.dll
[2009/09/17 16:48:44 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe220.dll
[2009/09/17 16:48:44 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe.dll
[2009/09/17 16:48:44 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe319.dll
[2009/09/17 16:48:44 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe220.dll
[2009/09/17 16:48:44 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe.dll
[2009/09/17 16:48:43 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_869.nls
[2009/09/17 16:48:43 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_737.nls
[2009/09/17 16:48:43 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_875.nls
[2009/09/17 16:48:43 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28597.NLS
[2009/09/17 16:48:43 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10006.nls
[2009/09/17 16:48:43 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv1.dll
[2009/09/17 16:48:43 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv.dll
[2009/09/17 16:48:43 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdest.dll
[2009/09/17 16:48:43 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlv1.dll
[2009/09/17 16:48:43 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlv.dll
[2009/09/17 16:48:43 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdest.dll
[2009/09/17 16:48:43 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt1.dll
[2009/09/17 16:48:43 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt.dll
[2009/09/17 16:48:43 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlt1.dll
[2009/09/17 16:48:43 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlt.dll
[2009/09/17 16:48:42 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_866.nls
[2009/09/17 16:48:42 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_855.nls
[2009/09/17 16:48:42 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28594.NLS
[2009/09/17 16:48:41 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_852.nls
[2009/09/17 16:48:41 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10082.nls
[2009/09/17 16:48:41 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10029.nls
[2009/09/17 16:48:41 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10010.nls
[2009/09/17 16:48:41 | 00,007,168 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz.dll
[2009/09/17 16:48:41 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz.dll
[2009/09/17 16:48:41 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycl.dll
[2009/09/17 16:48:41 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl1.dll
[2009/09/17 16:48:41 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl.dll
[2009/09/17 16:48:41 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpl.dll
[2009/09/17 16:48:41 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu.dll
[2009/09/17 16:48:41 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz2.dll
[2009/09/17 16:48:41 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz1.dll
[2009/09/17 16:48:41 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcr.dll
[2009/09/17 16:48:41 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\KBDAL.DLL
[2009/09/17 16:48:41 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdycl.dll
[2009/09/17 16:48:41 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsl1.dll
[2009/09/17 16:48:41 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsl.dll
[2009/09/17 16:48:41 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdpl.dll
[2009/09/17 16:48:41 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhu.dll
[2009/09/17 16:48:41 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz2.dll
[2009/09/17 16:48:41 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz1.dll
[2009/09/17 16:48:41 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcr.dll
[2009/09/17 16:48:41 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdal.dll
[2009/09/17 16:48:41 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdro.dll
[2009/09/17 16:48:41 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpl1.dll
[2009/09/17 16:48:41 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu1.dll
[2009/09/17 16:48:41 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdro.dll
[2009/09/17 16:48:41 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdpl1.dll
[2009/09/17 16:48:41 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhu1.dll
[2009/09/17 16:48:40 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_20127.nls
[2009/09/17 16:48:39 | 00,176,157 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dllcache\dgrpsetu.dll
[2009/09/17 16:48:39 | 00,176,157 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dgrpsetu.dll
[2009/09/17 16:48:39 | 00,103,424 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\EqnClass.Dll
[2009/09/17 16:48:39 | 00,103,424 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqnclass.dll
[2009/09/17 16:48:39 | 00,085,020 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dllcache\dgsetup.dll
[2009/09/17 16:48:39 | 00,085,020 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dgsetup.dll
[2009/09/17 16:48:39 | 00,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\spxcoins.dll
[2009/09/17 16:48:39 | 00,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxcoins.dll
[2009/09/17 16:48:39 | 00,013,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wfwnet.drv
[2009/09/17 16:48:39 | 00,013,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\WFWNET.DRV
[2009/09/17 16:48:39 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irclass.dll
[2009/09/17 16:48:39 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irclass.dll
[2009/09/17 16:48:39 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\irenum.sys
[2009/09/17 16:48:39 | 00,009,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ver.dll
[2009/09/17 16:48:39 | 00,009,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VER.DLL
[2009/09/17 16:48:39 | 00,002,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vga.drv
[2009/09/17 16:48:39 | 00,002,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VGA.DRV
[2009/09/17 16:48:38 | 00,126,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msvideo.dll
[2009/09/17 16:48:38 | 00,126,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MSVIDEO.DLL
[2009/09/17 16:48:38 | 00,109,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avifile.dll
[2009/09/17 16:48:38 | 00,109,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVIFILE.DLL
[2009/09/17 16:48:38 | 00,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\olecli.dll
[2009/09/17 16:48:38 | 00,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLECLI.DLL
[2009/09/17 16:48:38 | 00,073,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mciavi.drv
[2009/09/17 16:48:38 | 00,073,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIAVI.DRV
[2009/09/17 16:48:38 | 00,069,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avicap.dll
[2009/09/17 16:48:38 | 00,069,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVICAP.DLL
[2009/09/17 16:48:38 | 00,068,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\mmsystem.dll
[2009/09/17 16:48:38 | 00,032,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\commdlg.dll
[2009/09/17 16:48:38 | 00,032,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\COMMDLG.DLL
[2009/09/17 16:48:38 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mciwave.drv
[2009/09/17 16:48:38 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIWAVE.DRV
[2009/09/17 16:48:38 | 00,025,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mciseq.drv
[2009/09/17 16:48:38 | 00,025,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCISEQ.DRV
[2009/09/17 16:48:38 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\olesvr.dll
[2009/09/17 16:48:38 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLESVR.DLL
[2009/09/17 16:48:38 | 00,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tapi.dll
[2009/09/17 16:48:38 | 00,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TAPI.DLL
[2009/09/17 16:48:38 | 00,009,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lzexpand.dll
[2009/09/17 16:48:38 | 00,009,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\LZEXPAND.DLL
[2009/09/17 16:48:38 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shell.dll
[2009/09/17 16:48:38 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SHELL.DLL
[2009/09/17 16:48:38 | 00,004,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\timer.drv
[2009/09/17 16:48:38 | 00,004,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TIMER.DRV
[2009/09/17 16:48:38 | 00,003,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\system.drv
[2009/09/17 16:48:38 | 00,003,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SYSTEM.DRV
[2009/09/17 16:48:38 | 00,002,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mouse.drv
[2009/09/17 16:48:38 | 00,002,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MOUSE.DRV
[2009/09/17 16:48:38 | 00,002,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\keyboard.drv
[2009/09/17 16:48:38 | 00,002,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\KEYBOARD.DRV
[2009/09/17 16:48:38 | 00,001,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sound.drv
[2009/09/17 16:48:38 | 00,001,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SOUND.DRV
[2009/09/17 16:48:38 | 00,001,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mmtask.tsk
[2009/09/17 16:48:38 | 00,001,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MMTASK.TSK
[2009/09/17 16:48:37 | 00,146,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\winspool.drv
[2009/09/17 16:48:37 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\notepad.exe
[2009/09/17 16:48:37 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\TASKMAN.EXE
[2009/09/17 16:48:37 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\taskman.exe
[2009/09/17 16:48:37 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\batt.dll
[2009/09/17 16:48:37 | 00,001,688 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2009/09/17 16:48:36 | 00,074,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\storprop.dll
[2009/09/17 16:48:32 | 00,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2009/09/17 16:48:32 | 00,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2009/09/17 16:48:32 | 00,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2009/09/17 16:48:32 | 00,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2009/09/17 16:48:32 | 00,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2009/09/17 16:48:32 | 00,007,029 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2009/09/17 16:48:19 | 00,000,000 | --SD | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft
[2009/09/17 16:48:01 | 00,264,616 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/09/17 16:47:15 | 00,000,237 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf
[2009/09/16 08:07:31 | 00,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2009/09/15 19:38:39 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Games
[2009/09/07 16:09:48 | 00,000,000 | ---D | C] -- C:\Program Files\termma
[2009/09/05 17:58:42 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2009/09/05 01:54:48 | 00,094,208 | ---- | C] (Apple Inc.) -- C:\WINDOWS\System32\QuickTimeVR.qtx
[2009/09/05 01:54:48 | 00,069,632 | ---- | C] (Apple Inc.) -- C:\WINDOWS\System32\QuickTime.qts
[2009/03/03 12:18:04 | 00,073,728 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2008/09/17 23:55:00 | 01,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2008/09/17 23:55:00 | 01,503,232 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2008/09/17 23:55:00 | 01,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2008/09/17 23:55:00 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008/09/17 23:55:00 | 00,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2003/03/31 15:00:00 | 00,000,702 | ---- | C] () -- C:\WINDOWS\win.ini
[2003/03/31 15:00:00 | 00,000,231 | ---- | C] () -- C:\WINDOWS\system.ini

========== Files - Modified Within 30 Days ==========

[2009/09/25 20:52:40 | 00,054,147 | ---- | M] () -- C:\VETlog.dmp
[2009/09/25 20:52:36 | 00,000,702 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/09/25 20:52:05 | 00,200,712 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2009/09/25 20:48:12 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/09/25 20:48:09 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/09/25 20:32:19 | 00,013,726 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/09/25 20:32:17 | 00,264,616 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/09/25 00:03:41 | 00,000,508 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled scanning task.job
[2009/09/24 18:01:11 | 00,069,232 | ---- | M] () -- C:\Documents and Settings\Spidermonkey\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009/09/23 20:41:05 | 00,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009/09/23 20:40:45 | 05,359,974 | -H-- | M] () -- C:\Documents and Settings\Spidermonkey\Local Settings\Application Data\IconCache.db
[2009/09/23 20:33:47 | 00,011,168 | -H-- | M] () -- C:\WINDOWS\System32\nobusewa
[2009/09/23 02:47:56 | 00,002,137 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\iTunes.lnk
[2009/09/23 01:44:30 | 00,000,743 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\PokerStars.lnk
[2009/09/22 23:55:30 | 00,001,736 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Adobe Reader 9.lnk
[2009/09/22 16:07:06 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/09/21 22:18:36 | 00,001,611 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\QuickTime Player.lnk
[2009/09/21 19:29:17 | 00,514,560 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Spidermonkey\Desktop\OTL.exe
[2009/09/21 18:52:56 | 00,000,703 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/09/21 18:21:12 | 03,029,920 | ---- | M] () -- C:\Documents and Settings\Spidermonkey\My Documents\TheWoodSpider_1.wmv
[2009/09/21 18:17:46 | 00,084,625 | ---- | M] () -- C:\Documents and Settings\Spidermonkey\My Documents\ATT00076.jpg
[2009/09/21 18:01:32 | 00,143,444 | ---- | M] () -- C:\Documents and Settings\Spidermonkey\My Documents\EMT Driver Charged with Murder had Methadone in System at Time of Accident.docx
[2009/09/20 15:38:22 | 00,472,064 | ---- | M] ( ) -- C:\Documents and Settings\Spidermonkey\Desktop\RootRepeal.exe
[2009/09/20 15:35:39 | 00,359,932 | ---- | M] () -- C:\Documents and Settings\Spidermonkey\Desktop\dds.scr
[2009/09/20 15:11:30 | 00,001,741 | ---- | M] () -- C:\Documents and Settings\Spidermonkey\Desktop\HijackThis.lnk
[2009/09/18 15:54:08 | 00,940,794 | ---- | M] () -- C:\WINDOWS\System32\LoopyMusic.wav
[2009/09/18 15:54:08 | 00,146,650 | ---- | M] () -- C:\WINDOWS\System32\BuzzingBee.wav
[2009/09/18 06:39:09 | 02,785,792 | ---- | M] () -- C:\Documents and Settings\Spidermonkey\My Documents\BBQInvitation.pps
[2009/09/18 06:36:17 | 00,000,619 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\AOL 9.1.lnk
[2009/09/18 06:36:15 | 00,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2009/09/18 04:05:02 | 00,000,335 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2009/09/18 04:01:28 | 00,000,810 | ---- | M] () -- C:\Documents and Settings\Spidermonkey\Desktop\Internet Explorer.lnk
[2009/09/18 03:40:23 | 00,140,997 | ---- | M] () -- C:\WINDOWS\hpoins14.dat
[2009/09/18 03:39:44 | 00,001,865 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\HP Photosmart Essential 2.01.lnk
[2009/09/18 03:38:46 | 00,001,815 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2009/09/18 03:38:24 | 00,000,991 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\HP Solution Center.lnk
[2009/09/18 03:07:32 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/09/18 02:27:30 | 00,318,732 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/09/18 02:27:30 | 00,043,236 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/09/18 02:27:29 | 00,367,288 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/09/18 02:14:39 | 00,250,048 | RHS- | M] () -- C:\ntldr
[2009/09/18 01:00:37 | 00,000,316 | RHS- | M] () -- C:\boot.ini
[2009/09/18 00:55:33 | 00,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2009/09/17 22:31:04 | 00,013,726 | ---- | M] () -- C:\WINDOWS\System32\wpa.bak
[2009/09/17 22:26:04 | 00,008,704 | ---- | M] () -- C:\Documents and Settings\Spidermonkey\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/09/17 22:00:50 | 00,033,920 | ---- | M] () -- C:\WINDOWS\System32\drivers\fsbts.sys
[2009/09/17 21:52:53 | 74,069,184 | ---- | M] (F-Secure Corporation) -- C:\Documents and Settings\Spidermonkey\Desktop\Embarq_RTM_8.02-109.exe
[2009/09/17 21:28:08 | 00,025,065 | ---- | M] () -- C:\WINDOWS\System32\wmpscheme.xml
[2009/09/17 21:24:17 | 00,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD
[2009/09/17 21:23:33 | 00,000,237 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2009/09/17 21:22:00 | 00,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2009/09/17 21:22:00 | 00,000,000 | ---- | M] () -- C:\WINDOWS\control.ini
[2009/09/17 21:21:58 | 00,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2009/09/17 21:21:58 | 00,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2009/09/17 21:21:57 | 00,299,552 | ---- | M] () -- C:\WINDOWS\WMSysPrx.prx
[2009/09/17 21:21:52 | 00,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2009/09/17 21:21:16 | 00,000,488 | RH-- | M] () -- C:\WINDOWS\System32\WindowsLogon.manifest
[2009/09/17 21:21:16 | 00,000,488 | RH-- | M] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2009/09/17 21:21:12 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\WindowsShell.Manifest
[2009/09/17 21:21:12 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2009/09/17 21:21:12 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2009/09/17 21:21:12 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2009/09/17 21:21:12 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2009/09/17 21:21:12 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2009/09/17 21:20:02 | 00,021,640 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009/09/17 21:20:00 | 00,000,037 | ---- | M] () -- C:\WINDOWS\vbaddin.ini
[2009/09/17 21:20:00 | 00,000,036 | ---- | M] () -- C:\WINDOWS\vb.ini
[2009/09/17 16:48:48 | 00,000,231 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/09/11 21:45:48 | 05,911,552 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\RtkHDAud.sys
[2009/09/11 13:33:48 | 18,717,696 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.EXE
[2009/09/10 14:54:06 | 00,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/09/10 14:53:50 | 00,019,160 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/09/05 01:54:48 | 00,094,208 | ---- | M] (Apple Inc.) -- C:\WINDOWS\System32\QuickTimeVR.qtx
[2009/09/05 01:54:48 | 00,069,632 | ---- | M] (Apple Inc.) -- C:\WINDOWS\System32\QuickTime.qts
[2009/09/03 21:30:30 | 00,405,504 | ---- | M] (Realtek Semiconductor Crop.) -- C:\WINDOWS\vncutil.exe
[2009/09/02 14:56:14 | 00,041,472 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\RtkCoInstXP.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 128 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:DFC5A2B2
< End of report >

#11 Buckeye_Sam

Buckeye_Sam

    Malware Expert


  • Members
  • 17,382 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Pickerington, Ohio
  • Local time:12:02 PM

Posted 26 September 2009 - 12:59 PM

Please delete this file.

C:\WINDOWS\vncutil.exe

Otherwise it looks pretty good to me.
How are things on your end?
Posted Image If I have helped you in any way, please consider a donation to help me continue the fight against malware.


Failing to respond back to the person that is giving up their own time to help you not only is insensitive and disrespectful, but it guarantees that you will never receive help from me again. Please thank your helpers and there will always be help here when you need it!


========================================================

#12 Spidermonkey

Spidermonkey
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:01:02 PM

Posted 27 September 2009 - 02:12 AM

file deleted. Computer seems to be running fine now. Only thing it's doing that i can't figure out how to stop is the ad popups on IE. I've got it set to block all popups. Got me stumped. Thanks a bunch for your help. I will be making a donation to you when I get paid this week. Thanks again Sam.

BTW Congrats on your Buckeyes shutout tonight.

#13 Buckeye_Sam

Buckeye_Sam

    Malware Expert


  • Members
  • 17,382 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Pickerington, Ohio
  • Local time:12:02 PM

Posted 27 September 2009 - 12:31 PM

Are you getting popups all the time, or does it seem to related to specific websites?
Posted Image If I have helped you in any way, please consider a donation to help me continue the fight against malware.


Failing to respond back to the person that is giving up their own time to help you not only is insensitive and disrespectful, but it guarantees that you will never receive help from me again. Please thank your helpers and there will always be help here when you need it!


========================================================

#14 Spidermonkey

Spidermonkey
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:01:02 PM

Posted 01 October 2009 - 07:03 AM

Popups seem to have went away. They were popping up on random sites. Haven't seen any in a few days. I'll repost if it starts acting up again. Sent you $10 through Paypal. I know it's not much but it's all I can do right now. Your help was priceless in getting my system running right again. God Bless You and Thanks Again.

#15 Buckeye_Sam

Buckeye_Sam

    Malware Expert


  • Members
  • 17,382 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Pickerington, Ohio
  • Local time:12:02 PM

Posted 01 October 2009 - 07:18 AM

Thank you! :(

Here are some final steps and recommendations for you.

It's time to clean up.
  • Make sure you have an Internet Connection.
  • Double-click OTL.exe to run it.
  • Click on the CleanUp! button
  • A list of tool components used in the Cleanup of malware will be downloaded.
  • If your Firewall or Real Time protection attempts to block OtMoveit2 to reach the Internet, please allow the application to do so.
  • Click Yes to begin the Cleanup process and remove these components, including this application.
  • You will be asked to reboot the machine to finish the Cleanup process. If you are asked to reboot the machine choose Yes.


================




Now that you are clean, please follow these simple steps in order to keep your computer clean and secure:
  • Disable and Enable System Restore. - You should disable and reenable system restore to make sure there are no infected files found in a restore point left over from what we have just cleaned.

    You can find instructions on how to enable and reenable system restore here:

    Windows XP System Restore Guide

    Renable system restore with instructions from tutorial above

  • Use an AntiVirus Software - It is very important that your computer has an anti-virus software running on your machine. This alone can save you a lot of trouble with malware in the future.

    See this link for a listing of some online & their stand-alone antivirus programs:

    Virus, Spyware, and Malware Protection and Removal Resources

  • Update your AntiVirus Software - It is imperitive that you update your Antivirus software at least once a week (Even more if you wish). If you do not update your antivirus software then it will not be able to catch any of the new variants that may come out.

  • Use a Firewall - I can not stress how important it is that you use a Firewall on your computer. Without a firewall your computer is succeptible to being hacked and taken over. I am very serious about this and see it happen almost every day with my clients. Simply using a Firewall in its default configuration can lower your risk greatly.

    For a tutorial on Firewalls and a listing of some available ones see the link below:

    Understanding and Using Firewalls

  • Visit Microsoft's Windows Update Site Frequently - It is important that you visit http://www.windowsupdate.com regularly. This will ensure your computer has always the latest security updates available installed on your computer. If there are new updates to install, install them immediately, reboot your computer, and revisit the site until there are no more critical updates.

  • Install Spybot - Search and Destroy - Install and download Spybot - Search and Destroy with its TeaTimer option. This will provide realtime spyware & hijacker protection on your computer alongside your virus protection. You should also scan your computer with program on a regular basis just as you would an antivirus software.

    A tutorial on installing & using this product can be found here:

    Using Spybot - Search & Destroy to remove Spyware , Malware, and Hijackers

  • Install SpywareBlaster - SpywareBlaster will added a large list of programs and sites into your Internet Explorer settings that will protect you from running and downloading known malicious programs.

    A tutorial on installing & using this product can be found here:

    Using SpywareBlaster to protect your computer from Spyware and Malware

  • Update all these programs regularly - Make sure you update all the programs I have listed regularly. Without regular updates you WILL NOT be protected when new malicious programs are released.
Follow this list and your potential for being infected again will reduce dramatically.

:( :)
Posted Image If I have helped you in any way, please consider a donation to help me continue the fight against malware.


Failing to respond back to the person that is giving up their own time to help you not only is insensitive and disrespectful, but it guarantees that you will never receive help from me again. Please thank your helpers and there will always be help here when you need it!


========================================================




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users