Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Latest News: Microsoft's New Edge Browser to Support Chrome Extensions - Even Malicious Ones

Featured Deal: Get 99% off The The 2019 Ethical Hacker Master Class Bundle

Security Tool and maybe some other badguys

Started by Rac9n , Nov 11 2009 09:28 PM

This topic is locked

22 replies to this topic

#1 Rac9n

Members
15 posts
OFFLINE

Local time:11:46 AM

Posted 11 November 2009 - 09:28 PM

This post was initially moved from this forum to "Am I infected?", and now that I have the logs I'm posting it over here again~.

"Okayso, about a week ago the "Security Tool" fake anti-spyware program started popping up on my computer. I hadn't seen it or heard of it before, and especially didn't remember downloading or initiating it, so I was immediately suspicious. I found most of the files associated with it, and deleted them, and the popups and "notifications" have since stopped. What I did was all manual search and delete, though, so I may have missed pieces of it. I've tried "Rkill", but that ended up freezing and shutting down my computer. At about the same time as all of this was going on, my internet started acting up. Any google search result was redirected to a site like "thefeedwater" or a random assortment of advertising pages. If google search results provided the full URL, I could copy and paste and still get through successfully. Most helpful websites, like microsoft.com, symantec.com, almost any anti-spyware or internet security site (anything HELPFUL at ALL), my brower is unable to access. I checked the hosts file, but if I understood it correctly, that wasn't the problem. I tried renaming the hosts file, but the problem persists. In my C:\WINDOWS and C:\WINDOWS\system32 folders, there are a lot of exe files that don't belong. Many of the known badguys I have deleted myself, but some of them keep reappearing, and run on startup. The most persistent are "sv1.exe", "svchust.exe", and "isvchost.exe". In my task manager, once I have ended the previous three that are obviously fake, I have exactly ten instances of "svchost.exe" running. There were at one point constantly four or more instances of "iexplore.exe" running, even when I didn't even have internet explorer open. On top of that, even more instances would appear as actual pop ups, consistently. I actually ended up DELETING iexplore.exe, and I'm now using CravingExplorer, a Japanese browser. Unfortunately (or, fortunately?), this means I can only have one window or tab up at a time and there are no popups.

Additional problems: On restart, about 70% of the time explorer.exe won't start on it's own. It asks me to login with a password I never created (blank, no password), and I've never had to do this before. As soon as it's finished restarting, a dialogue box appears with "UserInit Logon Application - Data Execution Prevention". If I try to start task manager, a similar window appears. I can start the task manager if I hold down ctrl+alt+delete, and then I can start explorer.exe from there. Soon after start up, there's a popup error message saying that a "calc.dll" cannot be found.

Three times recently, I've found three new icons that appear to link to pornographic websites on my desktop. In hindsight, I don't remember what they were actually shortcuts TO.

I've downloaded and run MalwareBytes, Super Anti-Spyware, and Spybot - Search & Destory. Each found a large number of results, and removed them successfully, but the problems have persisted."

"A few updates:
The 'Userinit Logon Application - Data Execution Prevention" popup only appears when explorer.exe does NOT start on its own. Also, if explorer.exe never starts, for any other application I try to start, INCLUDING task manager, the same "Data Execution Prevention"/"Windows has closed this program to prtoect your computer" window appears. Usually though, after several minutes, I can start at least explorer. If it restarts normally, then these windows never appear. Also the three pairs of other error windows that I mentioned in the first post, only appear AFTER explorer.exe has started. The first two say "Error loading C:\WINDOWS\system32\calc.dll The specified module could not be found." and "Error loading "C:\DOCUME~1\COMPAQ~1\ntuser.dll The specified module could not be found."
After closeing, that pair doesn't appear again until the next restart, after explorer.exe starts.
The next pair to appear is a Norton "High Risk Virus Alert" window, "Norton has detected and removed a virus from your computer." The details say:
"Object Name: C:\Documents and Sett...\svc[4].php
Virus Name: W32.Pinfi
Action Taken: The file was repaired."
After clicking OK, the window reappears everal times. The window that usually pops up in tandem with that has the title "csrs32", and says "Run-time error '53': File not found." After clinking OK, this one usually reappears a few times as well.

The next one has the title "DiscUpdMgr.exe - Application Error", and says "The application failed to initialize properly (0x0000007b). Click OK to terminate the application." The window pops up again as soon as I click OK, at least one more time."

Rootrepeal:

ROOTREPEAL © AD, 2007-2009
==================================================
Scan Start Time: 2009/11/10 15:49
Program Version: Version 1.3.5.0
Windows Version: Windows XP Media Center Edition SP2
==================================================

Drivers
-------------------
Name: dump_atapi.sys
Image Path: C:\WINDOWS\System32\Drivers\dump_atapi.sys
Address: 0xF3571000 Size: 98304 File Visible: No Signed: -
Status: -

Name: dump_WMILIB.SYS
Image Path: C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS
Address: 0xF7ABE000 Size: 8192 File Visible: No Signed: -
Status: -

Name: rootrepeal.sys
Image Path: C:\WINDOWS\system32\drivers\rootrepeal.sys
Address: 0xB8EE8000 Size: 49152 File Visible: No Signed: -
Status: -

Hidden/Locked Files
-------------------
Path: C:\hiberfil.sys
Status: Locked to the Windows API!

Path: C:\WINDOWS\ftpcache\ftpcache
Status: Locked to the Windows API!

Path: C:\WINDOWS\SxsCaPendDel\SxsCaPendDel
Status: Locked to the Windows API!

Path: c:\windows\system32\wmdtc.exe
Status: Allocation size mismatch (API: 110592, Raw: 90112)

Path: C:\WINDOWS\Config\Config
Status: Locked to the Windows API!

Path: C:\WINDOWS\Connection Wizard\Connection Wizard
Status: Locked to the Windows API!

Path: C:\WINDOWS\PIF\PIF
Status: Locked to the Windows API!

Path: C:\WINDOWS\Minidump\Minidump
Status: Locked to the Windows API!

Path: C:\WINDOWS\setup.pss\setup.pss
Status: Locked to the Windows API!

Path: C:\WINDOWS\msdownld.tmp\msdownld.tmp
Status: Locked to the Windows API!

Path: C:\WINDOWS\$hf_mig$\KB904706\KB904706
Status: Locked to the Windows API!

Path: C:\WINDOWS\$hf_mig$\KB912812\KB912812
Status: Locked to the Windows API!

Path: C:\WINDOWS\$hf_mig$\KB912945\KB912945
Status: Locked to the Windows API!

Path: C:\WINDOWS\$hf_mig$\KB920213\KB920213
Status: Locked to the Windows API!

Path: C:\WINDOWS\$hf_mig$\KB924496\KB924496
Status: Locked to the Windows API!

Path: C:\WINDOWS\$hf_mig$\KB925454\KB925454
Status: Locked to the Windows API!

Path: C:\WINDOWS\$hf_mig$\KB932168\KB932168
Status: Locked to the Windows API!

Path: C:\WINDOWS\$hf_mig$\KB933729\KB933729
Status: Locked to the Windows API!

Path: C:\WINDOWS\$hf_mig$\KB941568\KB941568
Status: Locked to the Windows API!

Path: C:\WINDOWS\Registration\CRMLog\CRMLog
Status: Locked to the Windows API!

Path: C:\WINDOWS\Temp\nsf291.tmp\nsf291.tmp
Status: Locked to the Windows API!

Path: C:\WINDOWS\Temp\~nsu.tmp\~nsu.tmp
Status: Locked to the Windows API!

Path: C:\WINDOWS\twain_32\OMCAM\OMCAM
Status: Locked to the Windows API!

Path: C:\WINDOWS\assembly\tmp\tmp
Status: Locked to the Windows API!

Path: C:\WINDOWS\ime\imejp98\imejp98
Status: Locked to the Windows API!

Path: C:\WINDOWS\java\classes\classes
Status: Locked to the Windows API!

Path: C:\WINDOWS\java\trustlib\trustlib
Status: Locked to the Windows API!

Path: C:\WINDOWS\msapps\msinfo\msinfo
Status: Locked to the Windows API!

Path: c:\documents and settings\compaq_administrator\local settings\temp\1912890612.exe
Status: Allocation size mismatch (API: 49152, Raw: 28672)

Path: c:\documents and settings\compaq_administrator\local settings\temp\1530140642.exe
Status: Allocation size mismatch (API: 49152, Raw: 28672)

Path: C:\WINDOWS\SoftwareDistribution\AuthCabs\Downloaded\Downloaded
Status: Locked to the Windows API!

Path: C:\WINDOWS\SoftwareDistribution\SelfUpdate\Registered\Registered
Status: Locked to the Windows API!

Path: C:\WINDOWS\Sun\Java\Deployment\Deployment
Status: Locked to the Windows API!

Path: C:\WINDOWS\Temp\TempRec\TempSBE\TempSBE
Status: Locked to the Windows API!

Path: C:\WINDOWS\pchealth\ErrorRep\QHEADLES\QHEADLES
Status: Locked to the Windows API!

Path: C:\WINDOWS\pchealth\ErrorRep\QSIGNOFF\QSIGNOFF
Status: Locked to the Windows API!

Path: C:\WINDOWS\pchealth\ErrorRep\UserDumps\UserDumps
Status: Locked to the Windows API!

Path: C:\WINDOWS\pchealth\helpctr\batch\batch
Status: Locked to the Windows API!

Path: C:\WINDOWS\pchealth\helpctr\HelpFiles\HelpFiles
Status: Locked to the Windows API!

Path: C:\WINDOWS\pchealth\helpctr\InstalledSKUs\InstalledSKUs
Status: Locked to the Windows API!

Path: C:\WINDOWS\pchealth\helpctr\Temp\Temp
Status: Locked to the Windows API!

Path: C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a
Status: Locked to the Windows API!

Path: C:\WINDOWS\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a
Status: Locked to the Windows API!

Path: C:\WINDOWS\ime\imejp\applets\applets
Status: Locked to the Windows API!

Path: C:\WINDOWS\SoftwareDistribution\Download\cfdf673d5f64980a67e3f1a551949306\backup\backup
Status: Locked to the Windows API!

Path: C:\WINDOWS\SoftwareDistribution\Download\86a5d4ec598b957d3e4d2a7951b2c258\backup\backup
Status: Locked to the Windows API!

Path: C:\WINDOWS\SoftwareDistribution\Download\5760d4b301d053a8878e2025a64e5970\backup\backup
Status: Locked to the Windows API!

Path: C:\WINDOWS\SoftwareDistribution\Download\f90f6c0c452945125b5a22f96ec4c469\backup\backup
Status: Locked to the Windows API!

Path: C:\WINDOWS\SoftwareDistribution\Download\fbdd9f75315c1cf9ff63f37aaca267d3\backup\backup
Status: Locked to the Windows API!

Path: C:\WINDOWS\pchealth\helpctr\Config\CheckPoint\CheckPoint
Status: Locked to the Windows API!

Path: C:\WINDOWS\pchealth\helpctr\System\DFS\DFS
Status: Locked to the Windows API!

Path: C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1102.tmp\ZAP1102.tmp
Status: Locked to the Windows API!

Path: C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2A9.tmp\ZAP2A9.tmp
Status: Locked to the Windows API!

Path: C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5C78.tmp\ZAP5C78.tmp
Status: Locked to the Windows API!

Path: C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5E2C.tmp\ZAP5E2C.tmp
Status: Locked to the Windows API!

Path: C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\Temporary ASP.NET Files
Status: Locked to the Windows API!

Path: C:\WINDOWS\Help\SBSI\Training\WXPPRO\Cbz\Cbz
Status: Locked to the Windows API!

Path: C:\WINDOWS\Help\SBSI\Training\WXPPRO\Lib\Lib
Status: Locked to the Windows API!

Path: C:\WINDOWS\Help\SBSI\Training\WXPPRO\Wave\Wave
Status: Locked to the Windows API!

Path: C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\backup\root\root
Status: Locked to the Windows API!

Path: C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\Temporary ASP.NET Files\Bind Logs\Bind Logs
Status: Locked to the Windows API!

Path: C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Temporary ASP.NET Files\Bind Logs\Bind Logs
Status: Locked to the Windows API!

Path: C:\WINDOWS\Installer\$PatchCache$\Managed\0DC1503A46F231838AD88BCDDC8E8F7C\3.2.30729\3.2.30729
Status: Locked to the Windows API!

Path: C:\WINDOWS\Installer\$PatchCache$\Managed\DC3BF90CC0D3D2F398A9A6D1762F70F3\2.2.30729\2.2.30729
Status: Locked to the Windows API!

Path: C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\backup\asms\70\70
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Compaq_Administrator\Local Settings\Apps\2.0\MA9MC3N1.X95\XOG30PY8.VG8\manifests\clickonce_bootstrap.exe.cdf-ms
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Compaq_Administrator\Local Settings\Apps\2.0\MA9MC3N1.X95\XOG30PY8.VG8\manifests\clickonce_bootstrap.exe.manifest
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Lauren1\Local Settings\Apps\2.0\G2NDDRY6.XW6\X6W9MK49.7QG\manifests\clickonce_bootstrap.exe.cdf-ms
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Lauren1\Local Settings\Apps\2.0\G2NDDRY6.XW6\X6W9MK49.7QG\manifests\clickonce_bootstrap.exe.manifest
Status: Locked to the Windows API!

Path: C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\backup\asms\10\policy\policy
Status: Locked to the Windows API!

Path: C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\backup\asms\51\msft\msft
Status: Locked to the Windows API!

Path: C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\backup\asms\52\msft\msft
Status: Locked to the Windows API!

Path: C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\backup\asms\60\msft\msft
Status: Locked to the Windows API!

Path: C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\backup\asms\51\policy\msft\msft
Status: Locked to the Windows API!

Path: C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\backup\asms\52\policy\msft\msft
Status: Locked to the Windows API!

==EOF==

DDS (Ver_09-10-26.01) - NTFSx86
Run by Compaq_Administrator at 15:47:34.20 on Tue 11/10/2009
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.958.591 [GMT -5:00]

AV: Norton Internet Security 2006 *On-access scanning enabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Internet Security 2006 *enabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
svchost.exe
svchost.exe
c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
c:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\WINDOWS\system32\FastNetSrv.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\Program Files\CravingExplorer\CravingExplorer.exe
svchost.exe C:\WINDOWS\TEMP\VRT4.tmp
C:\WINDOWS\svchost.exe
C:\WINDOWS\svchust.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\TEMP\36229618.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\TEMP\936906225.exe
C:\WINDOWS\TEMP\1837614032.exe
C:\Documents and Settings\Compaq_Administrator\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.webweb123.com
uSearch Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=64&bd=PRESARIO&pf=desktop
uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=64&bd=PRESARIO&pf=desktop
uDefault_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=64&bd=PRESARIO&pf=desktop
uSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=64&bd=PRESARIO&pf=desktop
mStart Page = hxxp://www.webweb123.com
mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=64&bd=PRESARIO&pf=desktop
mSearchAssistant = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=64&bd=PRESARIO&pf=desktop
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} -
mURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} -
BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.5.0_06\bin\ssv.dll
BHO: CNavExtBho Class: {a8f38d8d-e480-4d52-b7a2-731bb6995fdd} - c:\program files\norton internet security\norton antivirus\NavShExt.dll
BHO: hpWebHelper Class: {aaae832a-5fff-4661-9c8f-369692d1dcb9} - c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\plugin\WebHelper.dll
BHO: ¹¤³Ì1.IE360: {c5aa3460-d54c-4131-8e3c-5f3ec9446bd5} - c:\windows\system32\QingYL.dll
TB: Norton AntiVirus: {c4069e3a-68f1-403e-b40e-20066696354b} - c:\program files\norton internet security\norton antivirus\NavShExt.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} -
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [calc] rundll32.exe c:\docume~1\compaq~1\ntuser.dll,_IWMPEvents@0
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
mRun: [ehTray] c:\windows\ehome\ehtray.exe
mRun: [ftutil2] rundll32.exe ftutil2.dll,SetWriteCacheMode
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [AlwaysReady Power Message APP] ARPWRMSG.EXE
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /install
mRun: [Recguard] c:\windows\sminst\RECGUARD.EXE
mRun: [<NO NAME>]
mRun: [PCDrProfiler] "c:\program files\pc-doctor 5 for windows\RunProfiler.exe" -r
mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe"
mRun: [IS CfgWiz] c:\program files\norton internet security\cfgwiz.exe /GUID {F073BDC9-0D67-4ff0-879E-27241C843828} /MODE CfgWiz /CMDLINE "REBOOT"
mRun: [SSC_UserPrompt] "c:\program files\common files\symantec shared\security center\UsrPrmpt.exe"
mRun: [HPBootOp] "c:\program files\hewlett-packard\hp boot optimizer\HPBootOp.exe" /run
mRun: [Reminder] "c:\windows\creator\Remind_XP.exe"
mRun: [HP Software Update] c:\program files\hp\hp software update\HPwuSchd2.exe
mRun: [calc] rundll32.exe c:\windows\system32\calc.dll,_IWMPEvents@0
mRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes anti-malware\mbam.exe" /runcleanupscript
mRun: [msnmager] c:\windows\system32\rundll32.exe c:\windows\temp\ahbhig.dll,Set1
mRun: [rass32] c:\windows\system32\rass32.exe
mRunOnce: [ÑN@] d14e4000
dRunOnce: [FlashPlayerUpdate] c:\windows\system32\macromed\flash\GetFlash.exe
StartupFolder: c:\docume~1\compaq~1\startm~1\programs\startup\metacafe.lnk - c:\program files\metacafe\MetacafeAgent.exe
StartupFolder: c:\docume~1\compaq~1\startm~1\programs\startup\scandisk.lnk - c:\windows\system32\rundll32.exe
StartupFolder: c:\docume~1\compaq~1\startm~1\programs\startup\wkcalrem.lnk - c:\program files\common files\microsoft shared\works shared\WkCalRem.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\compaq~1.lnk - c:\program files\compaq connections\5577497\program\Compaq Connections.exe
mPolicies-system: EnableLUA = 0 (0x0)
dPolicies-explorer: NoFolderOptions = 1 (0x1)
dPolicies-system: DisableRegistryTools = 1 (0x1)
IE: {E2D4D26B-0180-43a4-B05F-462D6D54C789} - c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\iebutton\support.htm
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC} - c:\program files\java\jre1.5.0_06\bin\ssv.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
Trusted Zone: trymedia.com
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://www.travelsdir.com/
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.dll
AppInit_DLLs: c:\windows\system32\kbdnet.dll,c:\windows\temp\128xxx.dll,c:\windows\temp\32110333.dll,c:\windows\temp\32110usc.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
mASetup: {43fR72BA-R2h9-13R1-bRbf-eaKfR836gWl5} - %SystemRoot%\system32\winnt.exe
mASetup: {43fz72BA-z2h9-13Y1-bYbf-eaKfY836gYl5} - %SystemRoot%\system32\332.exe

============= SERVICES / DRIVERS ===============

R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2009-10-12 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2009-10-12 74480]
R2 fastnetsrv;fastnetsrv;c:\windows\system32\FastNetSrv.exe [2004-8-9 66048]
R2 Ias;Network Security;c:\windows\system32\svchost.exe -k netsvcs [2004-8-9 14336]
R2 Net_Login;Net_Login;c:\windows\svchust.exe [2009-11-9 588289]
R2 NetLogin;Net Login;c:\windows\svchost.exe [2009-11-9 1169920]
S2 BtwSrv;BtwSrv;c:\windows\system32\svchost.exe -k netsvcs [2004-8-9 14336]
S2 prio_svc;Prio Service;c:\program files\prio\prio_svc.exe [2009-9-12 25088]
S3 daqdrv;daqdrv;c:\windows\system32\daqdrv.sys [2004-8-9 2304]
S3 getPlusHelper;getPlus® Helper;c:\windows\system32\svchost.exe -k getPlusHelper [2004-8-9 14336]
S3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2009-10-12 7408]

=============== Created Last 30 ================

2009-11-10 15:01:19 58880 ----a-w- c:\windows\system32\332.exe
2009-11-10 15:01:19 152 ----a-w- c:\windows\system32\api.reg
2009-11-10 15:01:18 40960 ----a-w- c:\windows\system32\rass32.exe
2009-11-10 14:57:56 88576 ----a-w- c:\windows\system32\B.tmp
2009-11-10 14:57:55 11264 ----a-w- c:\windows\system32\6.tmp
2009-11-10 14:57:55 1 ----a-w- c:\windows\system32\7.tmp
2009-11-10 14:57:46 176 ----a-w- c:\windows\system32\5.tmp
2009-11-10 02:58:43 59392 ----a-w- c:\windows\system32\winnt.exe
2009-11-09 22:56:47 151553 ----a-w- c:\windows\sv1.exe
2009-11-09 22:55:46 588289 ----a-w- c:\windows\svchust.exe
2009-11-09 22:54:47 1169920 ----a-w- c:\windows\svchost.exe
2009-11-09 22:54:30 443393 ----a-w- c:\windows\isvchost.exe
2009-11-09 15:14:00 0 d-----w- c:\program files\Prio
2009-11-09 04:02:20 0 d-----w- c:\docume~1\alluse~1\applic~1\SUPERAntiSpyware.com
2009-11-09 04:02:15 0 d-----w- c:\program files\SUPERAntiSpyware
2009-11-09 04:02:15 0 d-----w- c:\docume~1\compaq~1\applic~1\SUPERAntiSpyware.com
2009-11-09 04:01:41 0 d-----w- c:\program files\common files\Wise Installation Wizard
2009-11-09 03:29:47 0 d-----w- c:\docume~1\alluse~1\applic~1\SecTaskMan
2009-11-09 03:29:42 0 d-----w- c:\program files\Security Task Manager
2009-11-09 01:47:21 0 d-----w- c:\docume~1\compaq~1\applic~1\Malwarebytes
2009-11-09 01:47:15 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-11-09 01:47:14 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-11-09 01:47:14 0 d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes
2009-11-09 01:47:13 0 d-----w- c:\program files\Malwarebytes Anti-Malware
2009-11-08 20:18:01 0 d-----w- c:\program files\Spybot - Search & Destroy
2009-11-08 20:18:01 0 d-----w- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy
2009-11-08 19:19:53 825 ----a-w- c:\windows\system32\wininit.dll
2009-11-08 19:13:17 32768 ----a-w- c:\windows\system32\QingYL.dll
2009-11-08 18:23:13 1677824 ----a-w- c:\windows\system32\chsbrkr.dll
2009-11-08 18:23:12 838144 ----a-w- c:\windows\system32\chtbrkr.dll
2009-11-08 18:23:12 1486 ----a-w- c:\windows\system32\noise.kor
2009-11-08 18:23:12 1158818 ----a-w- c:\windows\system32\korwbrkr.lex
2009-11-08 18:23:10 70656 ----a-w- c:\windows\system32\korwbrkr.dll
2009-11-08 18:23:10 2060 ----a-w- c:\windows\system32\noise.jpn
2009-11-08 18:23:09 1875968 ----a-w- c:\windows\system32\msir3jp.lex
2009-11-08 18:23:08 98304 ----a-w- c:\windows\system32\msir3jp.dll
2009-11-08 18:21:41 47066 ----a-w- c:\windows\system32\ksc.nls
2009-11-08 18:21:41 189986 ----a-w- c:\windows\system32\c_1361.nls
2009-11-08 18:21:41 177698 ----a-w- c:\windows\system32\c_10003.nls
2009-11-08 18:21:20 6144 ----a-w- c:\windows\system32\kbdlk41j.dll
2009-11-08 18:21:19 6656 ----a-w- c:\windows\system32\kbdlk41a.dll
2009-11-08 18:21:18 9216 ----a-w- c:\windows\system32\kbdnecAT.dll
2009-11-08 18:21:17 7168 ----a-w- c:\windows\system32\kbdnec95.dll
2009-11-08 18:21:16 7680 ----a-w- c:\windows\system32\kbdnecNT.dll
2009-11-08 18:21:10 7168 ----a-w- c:\windows\system32\f3ahvoas.dll
2009-11-08 18:21:08 7168 ----a-w- c:\windows\system32\kbdibm02.dll
2009-11-08 18:21:07 6144 ----a-w- c:\windows\system32\kbd106n.dll
2009-11-08 18:21:06 6144 ----a-w- c:\windows\system32\kbdax2.dll
2009-11-08 18:21:05 6144 ----a-w- c:\windows\system32\kbd101.dll
2009-11-08 18:18:39 482304 ----a-w- c:\windows\system32\PINTLGNT.IME
2009-11-08 18:18:38 156672 ----a-w- c:\windows\system32\WINZM.IME
2009-11-08 18:18:36 156672 ----a-w- c:\windows\system32\WINSP.IME
2009-11-08 18:18:35 156672 ----a-w- c:\windows\system32\WINPY.IME
2009-11-08 18:18:34 94720 ----a-w- c:\windows\system32\imekr61.ime
2009-11-08 18:18:21 811064 ----a-w- c:\windows\system32\imjp81k.dll
2009-11-08 18:18:20 340023 ----a-w- c:\windows\system32\imjp81.ime
2009-11-08 18:17:03 8192 ----a-w- c:\windows\system32\kbdkor.dll
2009-11-08 18:17:01 8704 ----a-w- c:\windows\system32\kbdjpn.dll
2009-11-08 18:16:58 6144 ----a-w- c:\windows\system32\kbd106.dll
2009-11-08 18:16:56 5632 ----a-w- c:\windows\system32\kbd103.dll
2009-11-08 18:16:54 6144 ----a-w- c:\windows\system32\kbd101c.dll
2009-11-08 18:16:47 6144 ----a-w- c:\windows\system32\kbd101b.dll
2009-11-08 10:21:02 221 ----a-w- c:\windows\system32\winset.ini
2009-11-08 06:01:46 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys
2009-11-08 05:22:20 0 d-sh--w- c:\documents and settings\compaq_administrator\PrivacIE
2009-11-08 05:22:01 0 d-sh--r- c:\windows\system32\dllcache
2009-11-08 05:17:57 0 d-sh--w- c:\documents and settings\compaq_administrator\IETldCache
2009-11-08 05:14:35 0 dc-h--w- c:\windows\ie8
2009-11-08 05:08:26 0 d-----w- c:\program files\uTorrent
2009-11-08 05:01:44 0 d-----w- c:\program files\Audacity 1.3 Beta (Unicode)
2009-11-08 04:57:23 0 d-----w- c:\program files\CCleaner
2009-11-08 04:54:14 0 d-----w- c:\program files\VideoLAN
2009-11-08 04:49:43 0 d-----w- c:\windows\system32\appmgmt
2009-11-08 04:19:59 6144 ----a-w- c:\windows\system32\WinRAR.dll
2009-11-08 04:18:33 0 ----a-w- c:\windows\system32\EB.tmp
2009-11-08 04:18:32 88576 ----a-w- c:\windows\system32\EA.tmp
2009-11-08 04:18:31 52 ----a-w- c:\windows\system32\E9.tmp
2009-11-08 04:11:50 0 d-sh--r- C:\cmdcons
2009-11-08 04:11:26 0 d-----w- c:\windows\setupupd
2009-11-08 04:09:18 1819 --sha-r- c:\windows\system32\drivers\103C_HP_CPC_RE474AA-ABA SR2023WM NA680_YC_0Pres_QCNH640_E64NAemREA4_48_INAOS_SASUSTek Computer INC._V1.05_B3.00_T060630_WXP2_L409_M959_J160_7AMD_8Athlon 64_92.2_#061225_N_Z14F12F20_G10DE0241.MRK
2009-11-08 04:07:30 0 d-----w- c:\docume~1\compaq~1\applic~1\Intuit
2009-11-08 04:07:29 0 d-----w- c:\docume~1\compaq~1\applic~1\Symantec
2009-11-07 21:05:34 0 --sha-w- C:\284294437
2009-11-07 20:38:13 120 ----a-w- c:\windows\Pcuhumu.dat
2009-11-07 20:38:13 0 ----a-w- c:\windows\Fdona.bin
2009-11-06 20:59:09 0 d-----w- C:\$AVG
2009-11-06 20:57:04 0 d-----w- c:\docume~1\alluse~1\applic~1\avg9
2009-11-06 20:08:23 0 d-----w- c:\program files\WinPcap
2009-10-23 19:20:38 0 d-----w- C:\HOVER
2009-10-23 17:29:34 0 d-----w- c:\docume~1\compaq~1\applic~1\CravingExplorer

==================== Find3M ====================

2009-11-08 22:08:06 33792 ----a-w- c:\windows\system32\clipsrv.exe
2009-11-08 21:33:37 33792 ----a-w- c:\windows\system32\netdde.exe
2009-11-08 21:31:44 33792 ----a-w- c:\windows\system32\mnmsrvc.exe
2009-09-12 17:25:32 51448 ----a-w- c:\windows\system32\drivers\prio.sys
2009-08-25 13:54:06 8192 ----a-w- c:\windows\winsock.reg
2009-08-25 13:54:06 20480 ----a-w- c:\windows\winsock2.reg
2008-08-17 18:47:01 0 ----a-w- c:\program files\temp01
2007-09-16 13:05:59 20480 ----a-w- c:\program files\Community Service Log.xls
1999-07-07 00:00:00 6 --sh--r- c:\windows\@@desktop.dat

============= FINISH: 15:48:30.82 ===============

Can anyone help, please~?

BC AdBot (Login to Remove)

BleepingComputer.com
Register to remove ads

#2 Buckeye_Sam

Malware Expert

Members
17,382 posts
OFFLINE

Gender:Male
Location:Pickerington, Ohio
Local time:11:46 AM

Posted 12 November 2009 - 08:22 AM

Hello!

My name is Sam and I will be helping you.

In order to see what's going on with your computer I'll ask for you to post various logs from the tools that we will use to resolve your issue. Please also share with me any information about how your computer is reacting and behaving each step of the way as we work through this process.

Please download ComboFix from one of these locations:

Link 1
Link 2
Link 3

Important!
You should NOT use Combofix unless you have been instructed to do so by a Malware Removal Expert.
It is intended by its creator to be used under the guidance and supervision of an Malware Removal Expert, not for private use.
Using this tool incorrectly could lead to disastrous problems with your operating system such as preventing it from ever starting again.

Make sure that you save ComboFix.exe to your Desktop

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
Double click on ComboFix.exe & follow the prompts.
As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Posted Image

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Posted Image

Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please copy and paste the contents of C:\ComboFix.txt in your next reply.

If I have helped you in any way, please consider a donation to help me continue the fight against malware.

Failing to respond back to the person that is giving up their own time to help you not only is insensitive and disrespectful, but it guarantees that you will never receive help from me again. Please thank your helpers and there will always be help here when you need it!

========================================================

#3 Rac9n

Topic Starter

Members
15 posts
OFFLINE

Local time:11:46 AM

Posted 12 November 2009 - 11:09 AM

Thanks for the quick response!

Uwah, I downloaded it, and it tried to run. My computer beeped twice, and then Error message:

"!! ALERT !! It is NOT SAFE to continue!

The contents of the ComboFix package has been compromised.
Please download a fresh copy from:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Note: You may be infected with the file patching virus 'Virut'."

Edited by Rac9n, 12 November 2009 - 11:43 AM.

#4 Buckeye_Sam

Malware Expert

Members
17,382 posts
OFFLINE

Gender:Male
Location:Pickerington, Ohio
Local time:11:46 AM

Posted 12 November 2009 - 05:39 PM

That's not a good sign at all. Virut is a file infector and there isn't a good fix for it. Often a format becomes the only option, so you should begin to prepare for that possibility.

Let's see what we can do.

Download Dr.Web CureIt to the desktop:
ftp://ftp.drweb.com/pub/drweb/cureit/drweb-cureit.exe

Doubleclick the drweb-cureit.exe file and Allow to run the express scan
This will scan the files currently running in memory and when something is found, click the yes button when it asks you if you want to cure it. This is only a short scan.
Once the short scan has finished, mark the drives that you want to scan.
Select all drives. A red dot shows which drives have been chosen.
Click the green arrow at the right, and the scan will start.
Click 'Yes to all' if it asks if you want to cure/move the file.
When the scan has finished, in the menu, click file and choose save report list
Save the report to your desktop. The report will be called DrWeb.csv
Close Dr.Web Cureit.

Note: If you have problems with DrWeb shutting down before it completes the scan you can perform a custom scan and select individual folders to scan. In that case start with C:\Windows\System32

Please post the contents of the log from DrWeb in your next reply.

#5 Rac9n

Topic Starter

Members
15 posts
OFFLINE

Local time:11:46 AM

Posted 13 November 2009 - 12:46 AM

Ugh, this thing is giving me a fit! I had to actually get someone to download the exe for me, because I could never even use the link you provided (same Server Not Found, no access to helpful webpages problem I mentioned earlier). I can run the express scan just fine, but if I try the full or custom scan, it'll get about 25 or 30% finished before the computer restarts and I get a pop up saying that "The system has recovered from a serious error."

For now, I can post the results of the Express Scan. When it ran the first time, it found nearly 1000 infected files, I think. Pretty much every .exe or .dll in the system32 folder, everything from svchost to mspaint, was infected. It cured all but a few, and on the second and third times through, only 20 or so files made the list. There were a handful that were marked something like "trojan.inject.origin", and all of those were "Incurable. Moved."

So, here's the Drweb.csv from the third Express scan.

332.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
8.tmp;C:\WINDOWS\system32;Win32.HLLW.Lime.based.18;Deleted.;
FastNetSrv.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
opeia.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
W1NL0g0.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
win.dll;C:\WINDOWS\system32;Probably DLOADER.Trojan;;
winnt.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
wmdtc.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
zmdpmg.exe;C:\WINDOWS\system32;Probably DLOADER.Trojan;;
1834853112.exe;C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp;Probably DLOADER.Trojan;;
2735759322.exe;C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp;Probably DLOADER.Trojan;;
32717151.exe;C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp;Probably DLOADER.Trojan;;
3636960934.exe;C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp;Probably DLOADER.Trojan;;
93408125.exe;C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp;Probably DLOADER.Trojan;;
SSUPDATE.EXE;C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp;Win32.Virut.56;Cured.;
16071818.exe;C:\WINDOWS\temp;Probably DLOADER.Trojan;;
1816089031.exe;C:\WINDOWS\temp;Probably DLOADER.Trojan;;
1816662537.exe;C:\WINDOWS\temp;Probably DLOADER.Trojan;;
1832214046.exe;C:\WINDOWS\temp;Probably DLOADER.Trojan;;
2717123441.exe;C:\WINDOWS\temp;Probably DLOADER.Trojan;;
2717685947.exe;C:\WINDOWS\temp;Probably DLOADER.Trojan;;
2732892153.exe;C:\WINDOWS\temp;Probably DLOADER.Trojan;;
27568726.exe;C:\WINDOWS\temp;Trojan.MulDrop.origin;Incurable.Moved.;
27609326.exe;C:\WINDOWS\temp;Win32.Virut.56;Cured.;
27609326.exe;C:\WINDOWS\temp;Probably DLOADER.Trojan;;
27823428.exe;C:\WINDOWS\temp;Win32.Virut.56;Cured.;
27846828.exe;C:\WINDOWS\temp;Win32.Virut.56;Cured.;
27887529.exe;C:\WINDOWS\temp;Win32.Virut.56;Cured.;
27887529.exe;C:\WINDOWS\temp;Trojan.Bfkq.142;Deleted.;
27948429.exe;C:\WINDOWS\temp;Trojan.Inject.origin;Incurable.Moved.;
28068731.exe;C:\WINDOWS\temp;Win32.Virut.56;Cured.;
28175032.exe;C:\WINDOWS\temp;Win32.Virut.56;Cured.;
29639056.exe;C:\WINDOWS\temp;Probably DLOADER.Trojan;;
301913333.dll;C:\WINDOWS\temp;Trojan.DownLoad1.2423;Deleted.;
30317127.exe;C:\WINDOWS\temp;Probably DLOADER.Trojan;;
3618479655.exe;C:\WINDOWS\temp;Probably DLOADER.Trojan;;
361901870.exe;C:\WINDOWS\temp;Probably DLOADER.Trojan;;
363363590.exe;C:\WINDOWS\temp;Probably DLOADER.Trojan;;
451963126.exe;C:\WINDOWS\temp;Probably DLOADER.Trojan;;
4520187512.exe;C:\WINDOWS\temp;Probably DLOADER.Trojan;;
5420729617.exe;C:\WINDOWS\temp;Probably DLOADER.Trojan;;
5421443724.exe;C:\WINDOWS\temp;Probably DLOADER.Trojan;;
6322160932.exe;C:\WINDOWS\temp;Probably DLOADER.Trojan;;
6322721837.exe;C:\WINDOWS\temp;Probably DLOADER.Trojan;;
7223425044.exe;C:\WINDOWS\temp;Probably DLOADER.Trojan;;
8124478155.exe;C:\WINDOWS\temp;Probably DLOADER.Trojan;;
931503139.exe;C:\WINDOWS\temp;Probably DLOADER.Trojan;;
gggebc.dll;C:\WINDOWS\temp;Trojan.DownLoad.40421;Deleted.;
t4m0_442728438155.bk.old;C:\WINDOWS\temp;Win32.Virut.56;Cured.;
svchost.exe;c:\windows;Win32.Virut.56;Cured.;
svchost.exe;c:\windows;Trojan.Click.27697;Deleted.;
svchust.exe;c:\windows;Win32.Virut.56;Cured.;
svchust.exe;c:\windows;Trojan.Click.27697;Deleted.;
win.dll;c:\windows\system32;Probably DLOADER.Trojan;;
zmdpmg.exe;c:\windows\system32;Probably DLOADER.Trojan;;

Again, thanks for the quick response~

Edited by Rac9n, 13 November 2009 - 12:47 AM.

#6 Buckeye_Sam

Malware Expert

Members
17,382 posts
OFFLINE

Gender:Male
Location:Pickerington, Ohio
Local time:11:46 AM

Posted 13 November 2009 - 09:09 AM

Here's the part where we determine if you'll need to format or not. When you run DrWeb now, does it come up clean or is it still finding the same 20 or so files that are infected?

#7 Rac9n

Topic Starter

Members
15 posts
OFFLINE

Local time:11:46 AM

Posted 13 November 2009 - 11:16 PM

Huh. I ran the Express Scan again, and some of the files from previous scans are no longer on the list, but some that WEREN'T on the previous list are now.

Here's the report, if it helps.

This doesn't look like good news, does it? B:
Should I not have posted on Friday the thirteenth~?

16071818.exe;C:\WINDOWS\temp;Probably DLOADER.Trojan;;
1816089031.exe;C:\WINDOWS\temp;Probably DLOADER.Trojan;;
1816662537.exe;C:\WINDOWS\temp;Probably DLOADER.Trojan;;
1831787547.exe;C:\WINDOWS\temp;Trojan.MulDrop.origin;Incurable.Moved.;
1831832847.exe;C:\WINDOWS\temp;Win32.Virut.56;Cured.;
1831832847.exe;C:\WINDOWS\temp;Probably DLOADER.Trojan;;
1832046849.exe;C:\WINDOWS\temp;Win32.Virut.56;Cured.;
1832096850.exe;C:\WINDOWS\temp;Win32.Virut.56;Cured.;
1832096850.exe;C:\WINDOWS\temp;Trojan.Bfkq.142;Deleted.;
1832148450.exe;C:\WINDOWS\temp;Trojan.Inject.origin;Incurable.Moved.;
1832214046.exe;C:\WINDOWS\temp;Probably DLOADER.Trojan;;
1832259352.exe;C:\WINDOWS\temp;Win32.Virut.56;Cured.;
1832323452.exe;C:\WINDOWS\temp;Win32.Virut.56;Cured.;
1834853112.exe;C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp;Probably DLOADER.Trojan;;
2717123441.exe;C:\WINDOWS\temp;Probably DLOADER.Trojan;;
2717685947.exe;C:\WINDOWS\temp;Probably DLOADER.Trojan;;
2732503154.exe;C:\WINDOWS\temp;Trojan.MulDrop.origin;Incurable.Moved.;
2732545354.exe;C:\WINDOWS\temp;Win32.Virut.56;Cured.;
2732545354.exe;C:\WINDOWS\temp;Probably DLOADER.Trojan;;
2732759357.exe;C:\WINDOWS\temp;Win32.Virut.56;Cured.;
2732815657.exe;C:\WINDOWS\temp;Win32.Virut.56;Cured.;
2732815657.exe;C:\WINDOWS\temp;Trojan.Bfkq.142;Deleted.;
2732857858.exe;C:\WINDOWS\temp;Trojan.Inject.origin;Incurable.Moved.;
2732892153.exe;C:\WINDOWS\temp;Probably DLOADER.Trojan;;
2732968759.exe;C:\WINDOWS\temp;Win32.Virut.56;Cured.;
2733023459.exe;C:\WINDOWS\temp;Win32.Virut.56;Cured.;
2735759322.exe;C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp;Probably DLOADER.Trojan;;
27609326.exe;C:\WINDOWS\temp;Probably DLOADER.Trojan;;
29639056.exe;C:\WINDOWS\temp;Probably DLOADER.Trojan;;
30293732.exe;C:\WINDOWS\temp;Trojan.MulDrop.origin;Incurable.Moved.;
30317127.exe;C:\WINDOWS\temp;Probably DLOADER.Trojan;;
30337532.exe;C:\WINDOWS\temp;Win32.Virut.56;Cured.;
30337532.exe;C:\WINDOWS\temp;Probably DLOADER.Trojan;;
30553134.exe;C:\WINDOWS\temp;Win32.Virut.56;Cured.;
30598435.exe;C:\WINDOWS\temp;Win32.Virut.56;Cured.;
30653135.exe;C:\WINDOWS\temp;Win32.Virut.56;Cured.;
30653135.exe;C:\WINDOWS\temp;Trojan.Bfkq.142;Deleted.;
30720336.exe;C:\WINDOWS\temp;Trojan.Inject.origin;Incurable.Moved.;
30853137.exe;C:\WINDOWS\temp;Win32.Virut.56;Cured.;
30921838.exe;C:\WINDOWS\temp;Win32.Virut.56;Cured.;
32717151.exe;C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp;Probably DLOADER.Trojan;;
332.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
3618479655.exe;C:\WINDOWS\temp;Probably DLOADER.Trojan;;
361901870.exe;C:\WINDOWS\temp;Probably DLOADER.Trojan;;
363318751.exe;C:\WINDOWS\temp;Trojan.MulDrop.origin;Incurable.Moved.;
363322811.exe;C:\WINDOWS\temp;Win32.Virut.56;Cured.;
363322811.exe;C:\WINDOWS\temp;Probably DLOADER.Trojan;;
363344213.exe;C:\WINDOWS\temp;Win32.Virut.56;Cured.;
363349534.exe;C:\WINDOWS\temp;Win32.Virut.56;Cured.;
363349534.exe;C:\WINDOWS\temp;Trojan.Bfkq.142;Deleted.;
363352654.exe;C:\WINDOWS\temp;Trojan.Inject.origin;Incurable.Moved.;
363363590.exe;C:\WINDOWS\temp;Probably DLOADER.Trojan;;
363364535.exe;C:\WINDOWS\temp;Win32.Virut.56;Cured.;
3636960934.exe;C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp;Probably DLOADER.Trojan;;
375613333.dll;C:\WINDOWS\temp;Trojan.DownLoad1.2423;Deleted.;
442613333.dll;C:\WINDOWS\temp;Trojan.DownLoad1.2423;Deleted.;
451963126.exe;C:\WINDOWS\temp;Probably DLOADER.Trojan;;
4520187512.exe;C:\WINDOWS\temp;Probably DLOADER.Trojan;;
453381877.exe;C:\WINDOWS\temp;Trojan.MulDrop.origin;Incurable.Moved.;
453387348.exe;C:\WINDOWS\temp;Win32.Virut.56;Cured.;
453387348.exe;C:\WINDOWS\temp;Probably DLOADER.Trojan;;
4534089010.exe;C:\WINDOWS\temp;Win32.Virut.56;Cured.;
4534156211.exe;C:\WINDOWS\temp;Win32.Virut.56;Cured.;
515613333.dll;C:\WINDOWS\temp;Trojan.DownLoad1.2423;Deleted.;
5420729617.exe;C:\WINDOWS\temp;Probably DLOADER.Trojan;;
5421443724.exe;C:\WINDOWS\temp;Probably DLOADER.Trojan;;
5434354612.exe;C:\WINDOWS\temp;Trojan.MulDrop.origin;Incurable.Moved.;
5434421813.exe;C:\WINDOWS\temp;Win32.Virut.56;Cured.;
5434421813.exe;C:\WINDOWS\temp;Probably DLOADER.Trojan;;
5434634315.exe;C:\WINDOWS\temp;Win32.Virut.56;Cured.;
5434710916.exe;C:\WINDOWS\temp;Win32.Virut.56;Cured.;
55713333.dll;C:\WINDOWS\temp;Trojan.DownLoad1.2423;Deleted.;
582613333.dll;C:\WINDOWS\temp;Trojan.DownLoad1.2423;Deleted.;
6322160932.exe;C:\WINDOWS\temp;Probably DLOADER.Trojan;;
6322721837.exe;C:\WINDOWS\temp;Probably DLOADER.Trojan;;
6334896818.exe;C:\WINDOWS\temp;Trojan.MulDrop.origin;Incurable.Moved.;
6334957819.exe;C:\WINDOWS\temp;Win32.Virut.56;Cured.;
6334957819.exe;C:\WINDOWS\temp;Probably DLOADER.Trojan;;
6335170321.exe;C:\WINDOWS\temp;Win32.Virut.56;Cured.;
6335243721.exe;C:\WINDOWS\temp;Win32.Virut.56;Cured.;
7223425044.exe;C:\WINDOWS\temp;Probably DLOADER.Trojan;;
7235462524.exe;C:\WINDOWS\temp;Trojan.MulDrop.origin;Incurable.Moved.;
7235514024.exe;C:\WINDOWS\temp;Win32.Virut.56;Cured.;
7235514024.exe;C:\WINDOWS\temp;Probably DLOADER.Trojan;;
7235723426.exe;C:\WINDOWS\temp;Win32.Virut.56;Cured.;
7235800027.exe;C:\WINDOWS\temp;Win32.Virut.56;Cured.;
8.tmp;C:\WINDOWS\system32;Win32.HLLW.Lime.based.18;Deleted.;
8124478155.exe;C:\WINDOWS\temp;Probably DLOADER.Trojan;;
931082840.exe;C:\WINDOWS\temp;Trojan.MulDrop.origin;Incurable.Moved.;
931128140.exe;C:\WINDOWS\temp;Win32.Virut.56;Cured.;
931128140.exe;C:\WINDOWS\temp;Probably DLOADER.Trojan;;
931342142.exe;C:\WINDOWS\temp;Win32.Virut.56;Cured.;
931367143.exe;C:\WINDOWS\temp;Win32.Virut.56;Cured.;
931400043.exe;C:\WINDOWS\temp;Win32.Virut.56;Cured.;
931400043.exe;C:\WINDOWS\temp;Trojan.Bfkq.142;Deleted.;
931443743.exe;C:\WINDOWS\temp;Trojan.Inject.origin;Incurable.Moved.;
931503139.exe;C:\WINDOWS\temp;Probably DLOADER.Trojan;;
931576545.exe;C:\WINDOWS\temp;Win32.Virut.56;Cured.;
931631245.exe;C:\WINDOWS\temp;Win32.Virut.56;Cured.;
93408125.exe;C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp;Probably DLOADER.Trojan;;
beefii.dll;C:\WINDOWS\temp;Trojan.DownLoad.40421;Deleted.;
dcmyw.exe;C:\WINDOWS\temp;Win32.Virut.56;Cured.;
dcmyw.exe;C:\WINDOWS\temp;DDoS.Attack.230;Deleted.;
discover.exe;c:\program files\disc;Win32.Virut.56;Cured.;
hpsysdrv.exe;c:\windows\system;Win32.Virut.56;Cured.;
jusched.exe;c:\program files\java\jre1.5.0_06\bin;Win32.Virut.56;Cured.;
mueow.exe;C:\WINDOWS\temp;Win32.Virut.56;Cured.;
mueow.exe;C:\WINDOWS\temp;DDoS.Attack.230;Deleted.;
sm12v.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
sm12v.exe;C:\WINDOWS\system32;DDoS.Attack.230;Deleted.;
SSUPDATE.EXE;C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp;Win32.Virut.56;Cured.;
svchost.exe;c:\windows;Win32.Virut.56;Cured.;
svchost.exe;c:\windows;Trojan.Click.27697;Deleted.;
svchust.exe;c:\windows;Win32.Virut.56;Cured.;
svchust.exe;c:\windows;Trojan.Click.27697;Deleted.;
W1NL0g0.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
win.dll;C:\WINDOWS\system32;Probably DLOADER.Trojan;;
win.dll;c:\windows\system32;Probably DLOADER.Trojan;;
winnt.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
wmdtc.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
zmdpmg.exe;C:\WINDOWS\system32;Probably DLOADER.Trojan;;
zmdpmg.exe;c:\windows\system32;Probably DLOADER.Trojan;;

I think this list contains 82 files. Blegh.

Again, thanks~

#8 Buckeye_Sam

Malware Expert

Members
17,382 posts
OFFLINE

Gender:Male
Location:Pickerington, Ohio
Local time:11:46 AM

Posted 14 November 2009 - 08:53 AM

Ok, let's see what we can accomplish.

We need to create an OTL Report

Please download OTL from here
Save it to your desktop.
Double click on the icon on your desktop.
Click the "Scan All Users" checkbox.
Push the "Run Scan" button.
The scan should take just a few minutes.
Copy the log that opens up and paste it back here in your next reply.

#9 Rac9n

Topic Starter

Members
15 posts
OFFLINE

Local time:11:46 AM

Posted 14 November 2009 - 10:52 AM

Here's the OTL Report.
I appreciate all of your help very much~!

It also finished scanning and opened up an "Extras.txt" file. Should I include that as well~?

OTL logfile created on: 11/14/2009 10:47:35 AM - Run 1
OTL by OldTimer - Version 3.1.5.0 Folder = C:\Documents and Settings\Compaq_Administrator\Desktop
Windows XP Media Center Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

958.48 Mb Total Physical Memory | 256.30 Mb Available Physical Memory | 26.74% Memory free
2.26 Gb Paging File | 1.75 Gb Available in Paging File | 77.45% Paging File free
Paging file location(s): C:\pagefile.sys 1440 2880 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 140.48 Gb Total Space | 51.08 Gb Free Space | 36.36% Space Free | Partition Type: NTFS
Drive D: | 8.56 Gb Total Space | 0.54 Gb Free Space | 6.28% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: DKLSCOTT
Current User Name: Compaq_Administrator
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2009/11/14 10:47:11 | 00,549,888 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Administrator\Desktop\OTL.exe
PRC - [2009/11/13 23:02:01 | 00,072,704 | ---- | M] (Hewlett-Packard Company) -- c:\WINDOWS\system\hpsysdrv.exe
PRC - [2009/11/13 22:58:20 | 00,057,344 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
PRC - [2009/11/13 22:58:18 | 01,093,632 | ---- | M] (Digital Interactive Systems Corporation) -- C:\Program Files\DISC\DISCover.exe
PRC - [2009/11/13 22:57:28 | 00,040,960 | ---- | M] () -- C:\WINDOWS\Temp\931576545.exe
PRC - [2009/11/13 22:57:11 | 00,040,960 | ---- | M] () -- C:\WINDOWS\Temp\30853137.exe
PRC - [2009/11/13 22:57:05 | 00,040,960 | ---- | M] () -- C:\WINDOWS\Temp\2732968759.exe
PRC - [2009/11/13 22:57:01 | 00,040,960 | ---- | M] () -- C:\WINDOWS\Temp\1832259352.exe
PRC - [2009/11/12 23:46:07 | 00,066,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ehome\ehmsas.exe
PRC - [2009/11/12 22:40:20 | 16,243,200 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.EXE
PRC - [2009/11/12 22:40:18 | 01,052,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2009/11/12 22:40:17 | 00,118,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ehome\mcrdsvc.exe
PRC - [2009/11/12 22:40:17 | 00,070,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ehome\ehtray.exe
PRC - [2009/11/12 22:40:03 | 01,696,768 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe
PRC - [2009/11/12 22:40:02 | 00,053,248 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
PRC - [2009/11/12 22:40:01 | 00,040,960 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe
PRC - [2009/11/12 22:39:31 | 00,069,120 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe
PRC - [2009/11/12 22:39:31 | 00,017,920 | ---- | M] (Microsoft® Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe
PRC - [2009/11/12 22:37:28 | 00,220,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvse.exe
PRC - [2009/11/11 15:46:40 | 02,352,392 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\dc17794074\u877pxp.exe
PRC - [2009/11/08 00:08:26 | 00,313,648 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent\uTorrent.exe
PRC - [2009/11/02 22:23:08 | 00,908,248 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009/10/30 15:08:00 | 00,124,216 | ---- | M] (Doctor Web, Ltd.) -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\dc17794074\47t5q7.exe
PRC - [2009/10/12 21:24:50 | 02,000,112 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2006/09/05 20:37:20 | 01,119,888 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
PRC - [2005/12/31 00:42:18 | 00,133,792 | ---- | M] (Symantec Corporation) -- c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
PRC - [2005/09/24 17:10:56 | 00,749,696 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
PRC - [2005/09/19 13:24:20 | 00,214,672 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
PRC - [2005/09/17 02:27:12 | 00,169,584 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
PRC - [2005/09/17 02:27:10 | 00,202,352 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\ccProxy.exe
PRC - [2005/09/17 02:27:06 | 00,192,112 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
PRC - [2005/09/17 02:27:02 | 00,052,848 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccApp.exe
PRC - [2004/08/09 23:00:00 | 00,067,584 | ---- | M] (Netopsystems AG) -- C:\WINDOWS\system32\FastNetSrv.exe

========== Modules (SafeList) ==========

MOD - [2009/11/14 10:47:11 | 00,549,888 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Administrator\Desktop\OTL.exe
MOD - [2009/11/13 20:57:27 | 00,011,776 | ---- | M] () -- c:\WINDOWS\Temp\275713usc.dll
MOD - [2009/11/13 20:57:26 | 00,025,088 | ---- | M] () -- c:\WINDOWS\Temp\5724xxx.dll
MOD - [2009/11/13 00:56:34 | 00,023,552 | ---- | M] () -- c:\WINDOWS\Temp\eahecg930.dll
MOD - [2009/11/12 22:12:14 | 00,065,536 | ---- | M] (USA) -- C:\WINDOWS\system32\fgjk4wvb.dll
MOD - [2006/09/05 20:18:53 | 00,024,613 | ---- | M] (BackWeb) -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\IadHide5.dll
MOD - [2005/09/23 20:38:24 | 00,123,488 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\AntiSpam\asOEHook.dll
MOD - [2005/09/17 02:33:36 | 00,377,968 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\ccL40.dll
MOD - [2004/08/10 06:00:00 | 01,050,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
MOD - [2004/08/09 23:00:00 | 00,185,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2003/03/19 05:14:52 | 00,499,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcp71.dll
MOD - [2003/02/21 13:42:22 | 00,348,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcr71.dll

========== Win32 Services (SafeList) ==========

SRV - File not found -- -- (smssv.exe)
SRV - File not found -- -- (NVSvc)
SRV - File not found -- -- (NetLogin)
SRV - File not found -- -- (Net_Login)
SRV - File not found -- -- (ImapiService)
SRV - File not found -- -- (Fax)
SRV - File not found -- -- (ehSched)
SRV - File not found -- -- (ehRecvr)
SRV - File not found -- -- (CiSvc)
SRV - File not found -- -- (ARSVC)
SRV - [2009/11/12 22:40:17 | 00,118,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ehome\mcrdsvc.exe -- (McrdSvc)
SRV - [2009/11/12 22:39:31 | 00,077,824 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2009/11/12 22:39:31 | 00,069,120 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService)
SRV - [2009/11/12 22:26:35 | 00,080,896 | ---- | M] () -- C:\WINDOWS\system32\zmdpmg.exe -- (Nationalbbs)
SRV - [2009/11/12 22:26:13 | 00,041,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdfmgr.exe -- (UMWdf)
SRV - [2009/11/11 11:24:34 | 00,077,867 | ---- | M] () -- C:\WINDOWS\system32\win.dll -- (win)
SRV - [2009/09/23 16:36:06 | 00,051,168 | ---- | M] (NOS Microsystems Ltd.) -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper)
SRV - [2006/09/05 20:37:20 | 01,119,888 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)
SRV - [2006/01/02 15:18:24 | 00,045,744 | ---- | M] (Symantec Corporation) -- c:\Program Files\Norton Internet Security\comHost.exe -- (comHost)
SRV - [2005/12/31 00:42:18 | 00,133,792 | ---- | M] (Symantec Corporation) -- c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe -- (navapsvc)
SRV - [2005/10/13 10:48:40 | 00,072,280 | ---- | M] (Symantec Corporation) -- c:\Program Files\Norton Internet Security\ccPwdSvc.exe -- (ccISPwdSvc)
SRV - [2005/09/24 17:10:56 | 00,749,696 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE -- (NSCService)
SRV - [2005/09/19 13:24:20 | 00,214,672 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe -- (SNDSrvc)
SRV - [2005/09/17 02:27:12 | 00,169,584 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe -- (ccSetMgr)
SRV - [2005/09/17 02:27:10 | 00,202,352 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\ccProxy.exe -- (ccProxy)
SRV - [2005/09/17 02:27:06 | 00,192,112 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe -- (ccEvtMgr)
SRV - [2005/09/15 17:21:14 | 01,160,800 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe -- (SPBBCSvc)
SRV - [2005/08/26 16:22:48 | 00,198,368 | ---- | M] (Symantec Corporation) -- c:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe -- (SAVScan)
SRV - [2004/08/09 23:00:00 | 00,067,584 | ---- | M] (Netopsystems AG) -- C:\WINDOWS\system32\FastNetSrv.exe -- (fastnetsrv)

========== Driver Services (SafeList) ==========

DRV - [2009/10/12 21:24:56 | 00,007,408 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2009/10/12 21:24:54 | 00,009,968 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2009/10/12 21:24:52 | 00,074,480 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2006/09/05 20:37:20 | 00,010,344 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\system32\drivers\symlcbrd.sys -- (symlcbrd)
DRV - [2006/06/14 13:04:12 | 04,299,264 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2006/05/09 17:50:00 | 03,535,680 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2006/04/25 11:00:00 | 00,799,208 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20060425.007\NAVEX15.SYS -- (NAVEX15)
DRV - [2006/04/25 11:00:00 | 00,077,864 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20060425.007\NAVENG.SYS -- (NAVENG)
DRV - [2006/03/09 13:00:00 | 00,046,080 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - [2006/03/03 17:31:04 | 00,013,056 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2006/03/03 17:31:02 | 00,034,176 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2005/12/06 13:20:50 | 00,241,664 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\drivers\HSXHWBS2.sys -- (HSXHWBS2)
DRV - [2005/12/06 13:20:42 | 00,670,208 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\drivers\HSX_CNXT.sys -- (winachsx)
DRV - [2005/12/06 13:20:40 | 00,936,448 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\drivers\HSX_DP.sys -- (HSX_DP)
DRV - [2005/10/05 17:57:08 | 00,012,544 | ---- | M] (Conexant) -- C:\WINDOWS\system32\drivers\mdmxsdk.sys -- (mdmxsdk)
DRV - [2005/09/17 02:20:06 | 00,108,168 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\SYMEVENT.SYS -- (SymEvent)
DRV - [2005/09/15 17:21:14 | 00,389,728 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV - [2005/09/01 21:07:36 | 00,199,408 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\SymcData\idsdefs\20050901.036\SymIDSCo.sys -- (SYMIDSCO)
DRV - [2005/08/26 16:22:50 | 00,053,896 | ---- | M] (Symantec Corporation) -- c:\Program Files\Norton Internet Security\Norton AntiVirus\Savrtpel.sys -- (SAVRTPEL)
DRV - [2005/08/26 16:22:48 | 00,334,984 | ---- | M] (Symantec Corporation) -- c:\Program Files\Norton Internet Security\Norton AntiVirus\savrt.sys -- (SAVRT)
DRV - [2005/06/29 19:03:18 | 00,175,104 | ---- | M] (Promise Technology, Inc.) -- C:\WINDOWS\system32\DRIVERS\ftsata2.sys -- (ftsata2)
DRV - [2005/03/09 16:53:00 | 00,036,352 | ---- | M] (Advanced Micro Devices) -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2005/01/08 02:07:18 | 00,138,752 | ---- | M] (Windows ® Server 2003 DDK provider) -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus)
DRV - [2004/08/09 23:00:00 | 00,027,440 | ---- | M] () -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2004/08/09 23:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2004/08/09 23:00:00 | 00,002,304 | ---- | M] () -- C:\WINDOWS\system32\daqdrv.sys -- (daqdrv)
DRV - [2004/08/03 16:31:34 | 00,020,992 | ---- | M] (Realtek Semiconductor Corporation) -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139)
DRV - [2003/11/05 09:45:12 | 00,017,408 | ---- | M] (Promise Technology, Inc.) -- C:\WINDOWS\system32\DRIVERS\bb-run.sys -- (bb-run)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.webweb123.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop

IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
IE - HKU\.DEFAULT\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
IE - HKU\S-1-5-18\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-2634742547-1843021351-2004436879-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
IE - HKU\S-1-5-21-2634742547-1843021351-2004436879-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
IE - HKU\S-1-5-21-2634742547-1843021351-2004436879-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\S-1-5-21-2634742547-1843021351-2004436879-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
IE - HKU\S-1-5-21-2634742547-1843021351-2004436879-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.webweb123.com
IE - HKU\S-1-5-21-2634742547-1843021351-2004436879-1007\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-2634742547-1843021351-2004436879-1007\S-1-5-21-2634742547-1843021351-2004436879-1007\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-2634742547-1843021351-2004436879-500\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\S-1-5-21-2634742547-1843021351-2004436879-500\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
IE - HKU\S-1-5-21-2634742547-1843021351-2004436879-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?p...&ar=msnhome
IE - HKU\S-1-5-21-2634742547-1843021351-2004436879-500\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-2634742547-1843021351-2004436879-500\S-1-5-21-2634742547-1843021351-2004436879-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://mamma.com/"
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1
FF - prefs.js..extensions.enabledItems: 6
FF - prefs.js..extensions.enabledItems: 2
FF - prefs.js..extensions.enabledItems: 49
FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.0.8
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.5

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/11/10 20:37:38 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/11/10 20:40:08 | 00,000,000 | ---D | M]

[2009/11/10 20:37:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Mozilla\Extensions
[2009/11/10 20:37:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/11/13 22:30:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Mozilla\Firefox\Profiles\qhygmvs7.default\extensions
[2009/11/10 20:38:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Mozilla\Firefox\Profiles\qhygmvs7.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
[2009/11/10 20:39:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Mozilla\Firefox\Profiles\qhygmvs7.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2009/11/10 20:37:44 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009/11/10 20:37:38 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/11/02 22:23:26 | 00,023,512 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll
[2009/11/02 22:23:27 | 00,137,176 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll
[2009/11/02 22:23:28 | 00,064,984 | ---- | M] (mozilla.org) -- C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
[2009/11/06 09:20:16 | 00,032,448 | ---- | M] (NOS Microsystems Ltd.) -- C:\Program Files\Mozilla Firefox\plugins\np_gp.dll
[2009/11/02 20:16:17 | 00,001,394 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom.xml
[2009/11/02 20:16:17 | 00,002,193 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\answers.xml
[2009/11/02 20:16:17 | 00,001,534 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\creativecommons.xml
[2009/11/02 20:16:17 | 00,002,344 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay.xml
[2009/11/02 20:16:17 | 00,002,371 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.xml
[2009/11/02 20:16:17 | 00,001,178 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia.xml
[2009/11/02 20:16:17 | 00,000,792 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo.xml

Hosts file not found
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (CNavExtBho Class) - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll (Symantec Corporation)
O2 - BHO: (hpWebHelper Class) - {AAAE832A-5FFF-4661-9C8F-369692D1DCB9} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\WebHelper.dll (Hewlett-Packard)
O2 - BHO: (¹¤³Ì1.IE360) - {C5AA3460-D54C-4131-8E3C-5F3EC9446BD5} - C:\WINDOWS\system32\QingYL.dll (1.0 WinBug End)
O3 - HKLM\..\Toolbar: (Norton AntiVirus) - {C4069E3A-68F1-403E-B40E-20066696354B} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll (Symantec Corporation)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Norton AntiVirus) - {C4069E3A-68F1-403E-B40E-20066696354B} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll (Symantec Corporation)
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (Norton AntiVirus) - {C4069E3A-68F1-403E-B40E-20066696354B} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll (Symantec Corporation)
O3 - HKU\S-1-5-21-2634742547-1843021351-2004436879-1007\..\Toolbar\ShellBrowser: (Norton AntiVirus) - {C4069E3A-68F1-403E-B40E-20066696354B} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll (Symantec Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AlwaysReady Power Message APP] C:\WINDOWS\arpwrmsg.exe (Microsoft)
O4 - HKLM..\Run: [calc] C:\WINDOWS\System32\calc.DLL File not found
O4 - HKLM..\Run: [ccApp] c:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [ctfmon] C:\WINDOWS\System32\fgjk4wvb.DLL (USA)
O4 - HKLM..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ftutil2] C:\WINDOWS\System32\ftutil2.dll (Promise Technology, Inc.)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard Co.)
O4 - HKLM..\Run: [HPBootOp] C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [IS CfgWiz] c:\Program Files\Norton Internet Security\cfgwiz.exe (Symantec Corporation)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [PCDrProfiler] C:\Program Files\PC-Doctor 5 for Windows\RunProfiler.exe ()
O4 - HKLM..\Run: [rass32] C:\WINDOWS\system32\rass32.exe ()
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()
O4 - HKLM..\Run: [Reminder] C:\Windows\Creator\Remind_XP.exe (SoftThinks)
O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SSC_UserPrompt] c:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe (Symantec Corporation)
O4 - HKU\S-1-5-21-2634742547-1843021351-2004436879-1007..\Run: [calc] C:\DOCUME~1\COMPAQ~1\ntuser.DLL File not found
O4 - HKU\S-1-5-21-2634742547-1843021351-2004436879-1007..\Run: [MSMSGS] C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2634742547-1843021351-2004436879-1007..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKU\S-1-5-21-2634742547-1843021351-2004436879-1007..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - HKU\S-1-5-21-2634742547-1843021351-2004436879-500..\Run: [MSMSGS] C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [ÑN@] Reg Error: Invalid data type. File not found
O4 - HKU\.DEFAULT..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\System32\Macromed\Flash\GetFlash.exe File not found
O4 - HKU\S-1-5-18..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\System32\Macromed\Flash\GetFlash.exe File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Compaq Connections.lnk = C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe (Hewlett-Packard)
O4 - Startup: C:\Documents and Settings\Compaq_Administrator\Start Menu\Programs\Startup\Metacafe.lnk = C:\Program Files\Metacafe\MetacafeAgent.exe File not found
O4 - Startup: C:\Documents and Settings\Compaq_Administrator\Start Menu\Programs\Startup\wkcalrem.LNK = C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe (Microsoft® Corporation)
O4 - Startup: C:\Documents and Settings\Default User\Start Menu\Programs\Startup\Pin.lnk = C:\hp\bin\cloaker.exe (Hewlett-Packard Co.)
O4 - Startup: C:\Documents and Settings\Default User\Start Menu\Programs\Startup\PinMcLnk.lnk = C:\hp\bin\cloaker.exe (Hewlett-Packard Co.)
O4 - Startup: C:\Documents and Settings\Lauren.DAMACHINE\Start Menu\Programs\Startup\PinMcLnk.lnk = C:\hp\bin\cloaker.exe (Hewlett-Packard Co.)
O4 - Startup: C:\Documents and Settings\Lauren1\Start Menu\Programs\Startup\PinMcLnk.lnk = C:\hp\bin\cloaker.exe (Hewlett-Packard Co.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFolderOptions = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFolderOptions = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19_Classes\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20_Classes\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-21-2634742547-1843021351-2004436879-1007\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-21-2634742547-1843021351-2004436879-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2634742547-1843021351-2004436879-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: disableregistrytools = 0
O7 - HKU\S-1-5-21-2634742547-1843021351-2004436879-1007_Classes\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-21-2634742547-1843021351-2004436879-500\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-21-2634742547-1843021351-2004436879-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\NPJPI150_06.dll (Sun Microsystems, Inc.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra Button: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm ()
O9 - Extra 'Tools' menuitem : Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm ()
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: trymedia.com ([]http in Trusted sites)
O15 - HKLM\..Trusted Domains: trymedia.com ([]https in Trusted sites)
O15 - HKLM\..Trusted Domains: 58 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\.DEFAULT\..Trusted Domains: 57 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-18\..Trusted Domains: 57 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-21-2634742547-1843021351-2004436879-1007\..Trusted Domains: 57 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-21-2634742547-1843021351-2004436879-500\..Trusted Domains: 57 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (get_atlcom Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O20 - AppInit_DLLs: (c:\windows\system32\rdolib.dll) - C:\WINDOWS\system32\rdolib.dll (Microsoft Corporation)
O20 - AppInit_DLLs: (c:\windows\temp\eahecg930.dll) - c:\WINDOWS\Temp\eahecg930.dll ()
O20 - AppInit_DLLs: (c:\windows\temp\5724xxx.dll) - c:\WINDOWS\Temp\5724xxx.dll ()
O20 - AppInit_DLLs: (c:\windows\temp\275713usc.dll) - c:\WINDOWS\Temp\275713usc.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKU\.DEFAULT Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKU\.DEFAULT Winlogon: Shell - (c:\windows\system32\W1NL0g0.exe) - C:\WINDOWS\system32\W1NL0g0.exe (QvodPlayer)
O20 - HKU\S-1-5-18 Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKU\S-1-5-18 Winlogon: Shell - (c:\windows\system32\W1NL0g0.exe) - C:\WINDOWS\system32\W1NL0g0.exe (QvodPlayer)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\Temp\6746999953.dll ()
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/08/30 23:02:02 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001/07/27 08:07:38 | 00,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2004/04/30 00:01:14 | 00,000,053 | -HS- | M] () - D:\Autorun.inf -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found

========== Files/Folders - Created Within 30 Days ==========

[2009/11/14 10:47:11 | 00,549,888 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Administrator\Desktop\OTL.exe
[2009/11/14 01:57:38 | 00,049,152 | RHS- | C] (QvodPlayer) -- C:\WINDOWS\System32\W1NL0g0.exe
[2009/11/12 22:15:56 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\DoctorWeb
[2009/11/12 22:12:14 | 00,065,536 | ---- | C] (USA) -- C:\WINDOWS\System32\fgjk4wvb.dll
[2009/11/12 22:11:42 | 00,000,000 | ---D | C] -- C:\Program Files\Protection System
[2009/11/12 22:04:08 | 22,140,680 | ---- | C] (Doctor Web, Ltd.) -- C:\Documents and Settings\Compaq_Administrator\Desktop\drweb-cureit.exe
[2009/11/12 11:06:31 | 00,000,000 | ---D | C] -- C:\Qoobox
[2009/11/11 15:42:11 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\Compaq_Administrator\Recent
[2009/11/11 10:32:48 | 00,151,553 | ---- | C] (Andreas Hausladen) -- C:\WINDOWS\sv1.exe
[2009/11/10 20:37:37 | 00,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2009/11/10 12:36:11 | 00,476,160 | ---- | C] ( ) -- C:\Documents and Settings\Compaq_Administrator\Desktop\RootRepeal.exe
[2009/11/09 12:25:58 | 00,000,000 | ---D | C] -- C:\Program Files\NOS
[2009/11/09 12:25:58 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NOS
[2009/11/09 10:14:00 | 00,000,000 | ---D | C] -- C:\Program Files\Prio
[2009/11/08 23:02:20 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2009/11/08 23:02:15 | 00,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2009/11/08 23:02:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Application Data\SUPERAntiSpyware.com
[2009/11/08 23:01:41 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2009/11/08 22:29:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SecTaskMan
[2009/11/08 22:29:42 | 00,000,000 | ---D | C] -- C:\Program Files\Security Task Manager
[2009/11/08 20:47:21 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Malwarebytes
[2009/11/08 20:47:15 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/11/08 20:47:14 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/11/08 20:47:14 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/11/08 20:47:13 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes Anti-Malware
[2009/11/08 15:18:01 | 00,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2009/11/08 15:18:01 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2009/11/08 14:13:17 | 00,032,768 | ---- | C] (1.0 WinBug End) -- C:\WINDOWS\System32\QingYL.dll
[2009/11/08 13:23:13 | 01,677,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\chsbrkr.dll
[2009/11/08 13:23:12 | 00,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\chtbrkr.dll
[2009/11/08 13:23:10 | 00,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\korwbrkr.dll
[2009/11/08 13:23:09 | 01,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msir3jp.lex
[2009/11/08 13:23:08 | 00,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msir3jp.dll
[2009/11/08 13:22:27 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\WINGB.IME
[2009/11/08 13:22:26 | 00,218,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\c_g18030.dll
[2009/11/08 13:22:21 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbd101a.dll
[2009/11/08 13:21:20 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlk41j.dll
[2009/11/08 13:21:19 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlk41a.dll
[2009/11/08 13:21:18 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdnecAT.dll
[2009/11/08 13:21:17 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdnec95.dll
[2009/11/08 13:21:16 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdnecNT.dll
[2009/11/08 13:21:10 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\f3ahvoas.dll
[2009/11/08 13:21:08 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdibm02.dll
[2009/11/08 13:21:07 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbd106n.dll
[2009/11/08 13:21:06 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdax2.dll
[2009/11/08 13:21:05 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbd101.dll
[2009/11/08 13:19:37 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\c_is2022.dll
[2009/11/08 13:19:32 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\CINTLGNT.IME
[2009/11/08 13:19:11 | 00,571,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\TINTLGNT.IME
[2009/11/08 13:19:10 | 00,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winar30.ime
[2009/11/08 13:19:09 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\quick.ime
[2009/11/08 13:19:08 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\miniime.tpl
[2009/11/08 13:19:07 | 00,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\unicdime.ime
[2009/11/08 13:19:06 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winime.ime
[2009/11/08 13:19:05 | 00,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\uniime.dll
[2009/11/08 13:19:03 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\romanime.ime
[2009/11/08 13:19:02 | 00,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dayi.ime
[2009/11/08 13:19:01 | 00,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\phon.ime
[2009/11/08 13:19:00 | 00,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\chajei.ime
[2009/11/08 13:18:39 | 00,482,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\PINTLGNT.IME
[2009/11/08 13:18:38 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\WINZM.IME
[2009/11/08 13:18:36 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\WINSP.IME
[2009/11/08 13:18:35 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\WINPY.IME
[2009/11/08 13:18:34 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\imekr61.ime
[2009/11/08 13:18:21 | 00,811,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\imjp81k.dll
[2009/11/08 13:18:20 | 00,340,023 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\imjp81.ime
[2009/11/08 13:17:03 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkor.dll
[2009/11/08 13:17:01 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdjpn.dll
[2009/11/08 13:16:58 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbd106.dll
[2009/11/08 13:16:56 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbd103.dll
[2009/11/08 13:16:54 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbd101c.dll
[2009/11/08 13:16:47 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbd101b.dll
[2009/11/08 01:01:46 | 00,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbprint.sys
[2009/11/08 00:22:20 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\Compaq_Administrator\PrivacIE
[2009/11/08 00:22:01 | 00,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2009/11/08 00:17:57 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\Compaq_Administrator\IETldCache
[2009/11/08 00:14:35 | 00,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2009/11/08 00:14:35 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US
[2009/11/08 00:08:26 | 00,000,000 | ---D | C] -- C:\Program Files\uTorrent
[2009/11/08 00:01:56 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Audacity
[2009/11/08 00:01:44 | 00,000,000 | ---D | C] -- C:\Program Files\Audacity 1.3 Beta (Unicode)
[2009/11/07 23:57:23 | 00,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2009/11/07 23:55:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Application Data\vlc
[2009/11/07 23:54:14 | 00,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2009/11/07 23:49:43 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2009/11/07 23:11:50 | 00,000,000 | RHSD | C] -- C:\cmdcons
[2009/11/07 23:11:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\setupupd
[2009/11/07 23:07:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Macromedia
[2009/11/07 23:07:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Intuit
[2009/11/07 23:07:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Identities
[2009/11/07 23:07:29 | 00,000,000 | --SD | C] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Microsoft
[2009/11/07 23:07:29 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\Compaq_Administrator\SendTo
[2009/11/07 23:07:29 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\Compaq_Administrator\Application Data
[2009/11/07 23:07:29 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Compaq_Administrator\Start Menu
[2009/11/07 23:07:29 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Compaq_Administrator\My Documents\My Pictures
[2009/11/07 23:07:29 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Compaq_Administrator\My Documents\My Music
[2009/11/07 23:07:29 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Compaq_Administrator\My Documents
[2009/11/07 23:07:29 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Compaq_Administrator\Favorites
[2009/11/07 23:07:29 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\Compaq_Administrator\Cookies
[2009/11/07 23:07:29 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\Compaq_Administrator\Templates
[2009/11/07 23:07:29 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\Compaq_Administrator\PrintHood
[2009/11/07 23:07:29 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\Compaq_Administrator\NetHood
[2009/11/07 23:07:29 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\Compaq_Administrator\Local Settings
[2009/11/07 23:07:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\WINDOWS
[2009/11/07 23:07:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Desktop
[2009/11/07 23:07:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\Microsoft
[2009/11/07 23:07:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\ApplicationHistory
[2009/11/07 23:07:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\AOL
[2009/11/07 23:07:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150060}
[2009/11/07 23:07:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Symantec
[2009/11/07 23:07:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Real
[2009/11/06 15:59:09 | 00,000,000 | ---D | C] -- C:\$AVG
[2009/11/06 15:57:04 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\avg9
[2009/11/06 15:08:23 | 00,000,000 | ---D | C] -- C:\Program Files\WinPcap
[2009/10/23 14:20:38 | 00,000,000 | ---D | C] -- C:\HOVER
[2009/10/23 12:29:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\My Documents\CravingExplorer
[2009/10/23 12:29:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Application Data\CravingExplorer
[2006/02/19 12:28:56 | 00,012,288 | ---- | C] (Hewlett-Packard Development Company, L.P.) -- C:\WINDOWS\Fonts\RandFont.dll
[12 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2009/11/14 10:47:11 | 00,549,888 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Administrator\Desktop\OTL.exe
[2009/11/14 10:19:00 | 00,000,982 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3626489510-4091799938-2091598117-1008UA.job
[2009/11/14 10:10:00 | 00,000,270 | -H-- | M] () -- C:\WINDOWS\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
[2009/11/14 10:06:00 | 00,001,038 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3626489510-4091799938-2091598117-1007UA.job
[2009/11/14 09:27:56 | 00,058,880 | ---- | M] () -- C:\WINDOWS\System32\332.exe
[2009/11/14 09:27:55 | 00,059,392 | ---- | M] () -- C:\WINDOWS\System32\winnt.exe
[2009/11/14 07:19:00 | 00,000,930 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3626489510-4091799938-2091598117-1008Core.job
[2009/11/14 01:57:38 | 00,049,152 | RHS- | M] (QvodPlayer) -- C:\WINDOWS\System32\W1NL0g0.exe
[2009/11/13 23:14:21 | 00,007,164 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\DrWeb1.csv
[2009/11/13 23:02:01 | 00,072,704 | ---- | M] (Hewlett-Packard Company) -- C:\WINDOWS\System\hpsysdrv.exe
[2009/11/13 22:20:12 | 00,000,348 | ---- | M] () -- C:\WINDOWS\System32\uses32.dat
[2009/11/13 22:20:12 | 00,000,100 | ---- | M] () -- C:\WINDOWS\System32\flags.ini
[2009/11/13 20:00:00 | 00,000,578 | ---- | M] () -- C:\WINDOWS\tasks\Norton AntiVirus - Run Full System Scan - Compaq_Administrator.job
[2009/11/13 16:06:00 | 00,000,986 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3626489510-4091799938-2091598117-1007Core.job
[2009/11/13 11:08:34 | 00,001,577 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Internet Explorer.lnk
[2009/11/13 00:55:58 | 00,151,553 | ---- | M] (Andreas Hausladen) -- C:\WINDOWS\sv1.exe
[2009/11/13 00:54:07 | 00,000,247 | ---- | M] () -- C:\WINDOWS\System\hpsysdrv.dat
[2009/11/13 00:53:38 | 00,443,393 | ---- | M] () -- C:\WINDOWS\isvchost.exe
[2009/11/13 00:52:30 | 00,043,531 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2009/11/13 00:51:53 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/11/13 00:51:49 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/11/13 00:51:48 | 10,051,13344 | -HS- | M] () -- C:\hiberfil.sys
[2009/11/13 00:51:10 | 05,242,880 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\NTUSER.DAT
[2009/11/13 00:48:47 | 00,000,178 | -HS- | M] () -- C:\Documents and Settings\Compaq_Administrator\ntuser.ini
[2009/11/13 00:45:24 | 00,003,235 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\DrWeb.csv
[2009/11/13 00:27:42 | 00,091,136 | ---- | M] (Andreas Hausladen) -- C:\WINDOWS\System32\opeia.exe
[2009/11/12 22:59:49 | 00,050,176 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Win32kDiag.exe
[2009/11/12 22:59:44 | 00,476,160 | ---- | M] ( ) -- C:\Documents and Settings\Compaq_Administrator\Desktop\RootRepeal.exe
[2009/11/12 22:59:21 | 00,528,896 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\dds.scr
[2009/11/12 22:40:20 | 16,243,200 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.EXE
[2009/11/12 22:40:18 | 01,052,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
[2009/11/12 22:40:16 | 00,079,872 | ---- | M] (Microsoft) -- C:\WINDOWS\arpwrmsg.exe
[2009/11/12 22:32:47 | 00,039,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zclientm.exe
[2009/11/12 22:32:46 | 00,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xcopy.exe
[2009/11/12 22:32:45 | 00,034,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wupdmgr.exe
[2009/11/12 22:32:44 | 00,168,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauclt1.exe
[2009/11/12 22:32:44 | 00,113,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauclt.exe
[2009/11/12 22:32:42 | 00,118,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wscript.exe
[2009/11/12 22:32:41 | 00,034,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wpnpinst.exe
[2009/11/12 22:32:41 | 00,034,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wpabaln.exe
[2009/11/12 22:32:41 | 00,016,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wscntfy.exe
[2009/11/12 22:32:41 | 00,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\write.exe
[2009/11/12 22:32:40 | 00,217,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wordpad.exe
[2009/11/12 22:32:38 | 00,077,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmplayer.exe
[2009/11/12 22:32:35 | 00,220,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprvse.exe
[2009/11/12 22:32:33 | 00,361,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmic.exe
[2009/11/12 22:32:33 | 00,199,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiadap.exe
[2009/11/12 22:32:33 | 00,129,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiapsrv.exe
[2009/11/12 22:32:32 | 00,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winver.exe
[2009/11/12 22:32:31 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmsd.exe
[2009/11/12 22:32:30 | 00,122,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmine.exe
[2009/11/12 22:32:30 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmt.exe
[2009/11/12 22:32:29 | 00,504,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winlogon.exe
[2009/11/12 22:32:28 | 00,286,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winhlp32.exe
[2009/11/12 22:32:28 | 00,010,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winhstb.exe
[2009/11/12 22:32:26 | 00,436,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wiaacmgr.exe
[2009/11/12 22:32:25 | 00,068,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wextract.exe
[2009/11/12 22:32:24 | 00,118,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemtest.exe
[2009/11/12 22:32:23 | 00,016,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wb32.exe
[2009/11/12 22:32:22 | 00,048,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab.exe
[2009/11/12 22:32:22 | 00,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wabmig.exe
[2009/11/12 22:32:21 | 00,051,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32tm.exe
[2009/11/12 22:32:20 | 00,292,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vssvc.exe
[2009/11/12 22:32:20 | 00,036,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vssadmin.exe
[2009/11/12 22:32:18 | 00,100,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\verifier.exe
[2009/11/12 22:32:17 | 00,052,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\utilman.exe
[2009/11/12 22:32:17 | 00,027,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\userinit.exe
[2009/11/12 22:32:16 | 00,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ups.exe
[2009/11/12 22:32:16 | 00,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\upnpcont.exe
[2009/11/12 22:32:15 | 00,196,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unregmp2.exe
[2009/11/12 22:32:15 | 00,153,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uploadm.exe
[2009/11/12 22:32:15 | 00,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unsecapp.exe
[2009/11/12 22:32:14 | 00,006,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unlodctr.exe
[2009/11/12 22:32:13 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\typeperf.exe
[2009/11/12 22:32:13 | 00,028,160 | ---- | M] (Twain Working Group) -- C:\WINDOWS\System32\dllcache\twunk_32.exe
[2009/11/12 22:32:13 | 00,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsshutdn.exe
[2009/11/12 22:32:13 | 00,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe
[2009/11/12 22:32:12 | 00,047,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscupgrd.exe
[2009/11/12 22:32:12 | 00,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tskill.exe
[2009/11/12 22:32:12 | 00,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsdiscon.exe
[2009/11/12 22:32:12 | 00,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscon.exe
[2009/11/12 22:32:11 | 00,034,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tracert6.exe
[2009/11/12 22:32:11 | 00,014,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tracert.exe
[2009/11/12 22:32:10 | 00,262,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tracerpt.exe
[2009/11/12 22:32:09 | 00,349,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tourstrt.exe
[2009/11/12 22:32:08 | 00,080,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tlntsess.exe
[2009/11/12 22:32:08 | 00,075,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tlntsvr.exe
[2009/11/12 22:32:08 | 00,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tlntadmn.exe
[2009/11/12 22:32:07 | 00,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tftp.exe
[2009/11/12 22:32:06 | 00,077,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\telnet.exe
[2009/11/12 22:32:05 | 00,036,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptest.exe
[2009/11/12 22:32:05 | 00,022,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcpsvcs.exe
[2009/11/12 22:32:04 | 00,138,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\taskmgr.exe
[2009/11/12 22:32:04 | 00,017,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\taskman.exe
[2009/11/12 22:32:04 | 00,014,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcmsetup.exe
[2009/11/12 22:32:03 | 00,074,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tasklist.exe
[2009/11/12 22:32:03 | 00,074,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\taskkill.exe
[2009/11/12 22:32:02 | 00,005,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\systray.exe
[2009/11/12 22:32:01 | 00,108,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sysocmgr.exe
[2009/11/12 22:32:01 | 00,070,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sysinfo.exe
[2009/11/12 22:32:01 | 00,039,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\syskey.exe
[2009/11/12 22:32:00 | 00,053,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\syncapp.exe
[2009/11/12 22:31:59 | 00,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\stimon.exe
[2009/11/12 22:31:59 | 00,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\svchost.exe
[2009/11/12 22:31:59 | 00,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\subst.exe
[2009/11/12 22:31:55 | 00,684,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sstext3d.scr
[2009/11/12 22:31:55 | 00,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ssstars.scr
[2009/11/12 22:31:53 | 00,614,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sspipes.scr
[2009/11/12 22:31:52 | 00,049,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ssmypics.scr
[2009/11/12 22:31:52 | 00,023,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ssmarque.scr
[2009/11/12 22:31:52 | 00,021,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ssmyst.scr
[2009/11/12 22:31:51 | 00,397,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ssflwbox.scr
[2009/11/12 22:31:51 | 00,022,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ssbezier.scr
[2009/11/12 22:31:47 | 00,708,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ss3dfo.scr
[2009/11/12 22:31:46 | 00,049,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srdiag.exe
[2009/11/12 22:31:36 | 00,060,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spoolsv.exe
[2009/11/12 22:31:36 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spiisupd.exe
[2009/11/12 22:31:36 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spnpinst.exe
[2009/11/12 22:31:35 | 00,541,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spider.exe
[2009/11/12 22:31:34 | 00,059,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sol.exe
[2009/11/12 22:31:34 | 00,026,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sort.exe
[2009/11/12 22:31:34 | 00,011,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmptrap.exe
[2009/11/12 22:31:33 | 00,035,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmp.exe
[2009/11/12 22:31:32 | 00,141,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndvol32.exe
[2009/11/12 22:31:31 | 00,134,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndrec32.exe
[2009/11/12 22:31:30 | 00,092,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smlogsvc.exe
[2009/11/12 22:31:29 | 00,239,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smi2smir.exe
[2009/11/12 22:31:29 | 00,010,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smbinst.exe
[2009/11/12 22:31:27 | 00,028,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\skeys.exe
[2009/11/12 22:31:26 | 00,072,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sigverif.exe
[2009/11/12 22:31:26 | 00,045,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlzm.exe
[2009/11/12 22:31:26 | 00,022,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shutdown.exe
[2009/11/12 22:31:26 | 00,020,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.exe
[2009/11/12 22:31:25 | 00,080,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shrpubw.exe
[2009/11/12 22:31:25 | 00,045,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shmgrate.exe
[2009/11/12 22:31:24 | 00,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shadow.exe
[2009/11/12 22:31:23 | 00,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sfc.exe
[2009/11/12 22:31:22 | 00,823,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setup_wm.exe
[2009/11/12 22:31:21 | 00,075,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setup50.exe
[2009/11/12 22:31:21 | 00,033,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sethc.exe
[2009/11/12 22:31:21 | 00,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setup.exe
[2009/11/12 22:31:20 | 00,143,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sessmgr.exe
[2009/11/12 22:31:20 | 00,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\services.exe
[2009/11/12 22:31:19 | 00,079,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sdbinst.exe
[2009/11/12 22:31:19 | 00,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\secedit.exe
[2009/11/12 22:31:18 | 00,124,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sctasks.exe
[2009/11/12 22:31:18 | 00,039,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scrcons.exe
[2009/11/12 22:31:18 | 00,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scrnsave.scr
[2009/11/12 22:31:16 | 00,098,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scardsvr.exe
[2009/11/12 22:31:16 | 00,033,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sc.exe
[2009/11/12 22:31:16 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\savedump.exe
[2009/11/12 22:31:15 | 00,040,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapisvr.exe
[2009/11/12 22:31:14 | 00,045,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvsezm.exe
[2009/11/12 22:31:14 | 00,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rwinsta.exe
[2009/11/12 22:31:14 | 00,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\runonce.exe
[2009/11/12 22:31:13 | 00,079,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rtcshare.exe
[2009/11/12 22:31:13 | 00,035,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rundll32.exe
[2009/11/12 22:31:13 | 00,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\runas.exe
[2009/11/12 22:31:12 | 00,382,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rstrui.exe
[2009/11/12 22:31:12 | 00,135,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rsvp.exe
[2009/11/12 22:31:12 | 00,065,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rsopprov.exe
[2009/11/12 22:31:11 | 00,110,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rsnotify.exe
[2009/11/12 22:31:11 | 00,051,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rsmui.exe
[2009/11/12 22:31:11 | 00,027,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rsmsink.exe
[2009/11/12 22:31:10 | 00,051,712 | ---- | M] (Microsoft Corp) -- C:\WINDOWS\System32\dllcache\rsm.exe
[2009/11/12 22:31:10 | 00,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rsh.exe
[2009/11/12 22:31:09 | 00,028,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\routemon.exe
[2009/11/12 22:31:09 | 00,022,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\route.exe
[2009/11/12 22:31:08 | 00,035,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\relog.exe
[2009/11/12 22:31:08 | 00,016,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rexec.exe
[2009/11/12 22:31:08 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\replace.exe
[2009/11/12 22:31:08 | 00,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\reset.exe
[2009/11/12 22:31:07 | 00,148,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\regedit.exe
[2009/11/12 22:31:07 | 00,036,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\regini.exe
[2009/11/12 22:31:07 | 00,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe
[2009/11/12 22:31:07 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\regsvr32.exe
[2009/11/12 22:31:07 | 00,007,168 | ---- | M] (Microsoft) -- C:\WINDOWS\System32\dllcache\regwiz.exe
[2009/11/12 22:31:07 | 00,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\regedt32.exe
[2009/11/12 22:31:06 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdshost.exe
[2009/11/12 22:31:06 | 00,052,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\reg.exe
[2009/11/12 22:31:06 | 00,016,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdsaddin.exe
[2009/11/12 22:31:06 | 00,009,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\recover.exe
[2009/11/12 22:31:05 | 00,065,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpclip.exe
[2009/11/12 22:31:05 | 00,024,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rcp.exe
[2009/11/12 22:31:04 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rcimlby.exe
[2009/11/12 22:31:03 | 00,059,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rasphone.exe
[2009/11/12 22:31:03 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rasautou.exe
[2009/11/12 22:31:03 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rasdial.exe
[2009/11/12 22:31:02 | 00,024,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qwinsta.exe
[2009/11/12 22:31:02 | 00,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quser.exe
[2009/11/12 22:31:02 | 00,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe
[2009/11/12 22:31:01 | 00,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qprocess.exe
[2009/11/12 22:31:00 | 00,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qappsrv.exe
[2009/11/12 22:30:59 | 00,052,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\proquota.exe
[2009/11/12 22:30:59 | 00,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\proxycfg.exe
[2009/11/12 22:30:58 | 00,112,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\progman.exe
[2009/11/12 22:30:58 | 00,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\print.exe
[2009/11/12 22:30:57 | 00,051,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\powercfg.exe
[2009/11/12 22:30:56 | 00,283,648 | ---- | M] (Cinematronics) -- C:\WINDOWS\System32\dllcache\pinball.exe
[2009/11/12 22:30:56 | 00,035,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ping6.exe
[2009/11/12 22:30:56 | 00,020,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ping.exe
[2009/11/12 22:30:55 | 00,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\perfmon.exe
[2009/11/12 22:30:55 | 00,017,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pentnt.exe
[2009/11/12 22:30:54 | 00,060,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\packager.exe
[2009/11/12 22:30:54 | 00,024,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pathping.exe
[2009/11/12 22:30:53 | 00,043,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\osuninst.exe
[2009/11/12 22:30:52 | 00,218,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\osk.exe
[2009/11/12 22:30:52 | 00,070,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\opnfiles.exe
[2009/11/12 22:30:52 | 00,053,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oobebaln.exe
[2009/11/12 22:30:50 | 00,062,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oemig50.exe
[2009/11/12 22:30:48 | 00,073,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\odbcconf.exe
[2009/11/12 22:30:48 | 00,036,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\odbcad32.exe
[2009/11/12 22:30:43 | 00,129,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nwscript.exe
[2009/11/12 22:30:38 | 00,422,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntvdm.exe
[2009/11/12 22:30:38 | 00,034,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntsd.exe
[2009/11/12 22:30:32 | 01,202,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntbackup.exe
[2009/11/12 22:30:32 | 00,079,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nslookup.exe
[2009/11/12 22:30:32 | 00,017,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nppagent.exe
[2009/11/12 22:30:31 | 00,071,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\notepad.exe
[2009/11/12 22:30:31 | 00,037,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\notiflag.exe
[2009/11/12 22:30:29 | 00,039,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netstat.exe
[2009/11/12 22:30:28 | 00,088,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netsh.exe
[2009/11/12 22:30:27 | 00,334,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netsetup.exe
[2009/11/12 22:30:26 | 00,113,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netdde.exe
[2009/11/12 22:30:25 | 00,127,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\net1.exe
[2009/11/12 22:30:25 | 00,045,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\net.exe
[2009/11/12 22:30:24 | 00,006,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nddeapir.exe
[2009/11/12 22:30:23 | 00,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\narrator.exe
[2009/11/12 22:30:23 | 00,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nbtstat.exe
[2009/11/12 22:30:22 | 00,093,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\muisetup.exe
[2009/11/12 22:30:17 | 00,410,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstsc.exe
[2009/11/12 22:30:17 | 00,014,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstinit.exe
[2009/11/12 22:30:16 | 00,009,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msswchx.exe
[2009/11/12 22:30:13 | 00,345,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspaint.exe
[2009/11/12 22:30:12 | 00,030,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoobe.exe
[2009/11/12 22:30:09 | 00,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msiregmv.exe
[2009/11/12 22:30:08 | 00,062,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msimn.exe
[2009/11/12 22:30:08 | 00,042,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msinfo32.exe
[2009/11/12 22:30:07 | 00,081,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msiexec.exe
[2009/11/12 22:30:06 | 00,129,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshearts.exe
[2009/11/12 22:30:06 | 00,048,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshta.exe
[2009/11/12 22:30:05 | 00,023,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msg.exe
[2009/11/12 22:30:03 | 00,008,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtc.exe
[2009/11/12 22:30:01 | 00,172,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msconfig.exe
[2009/11/12 22:29:58 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrinfo.exe
[2009/11/12 22:29:57 | 00,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mqtgsvc.exe
[2009/11/12 22:29:57 | 00,007,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mqsvc.exe
[2009/11/12 22:29:56 | 00,022,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mqbkup.exe
[2009/11/12 22:29:54 | 00,125,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplay32.exe
[2009/11/12 22:29:54 | 00,024,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpnotify.exe
[2009/11/12 22:29:54 | 00,007,168 | ---- | M] () -- C:\WINDOWS\System32\dllcache\mplayer2.exe
[2009/11/12 22:29:45 | 03,557,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\moviemk.exe
[2009/11/12 22:29:44 | 00,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mofcomp.exe
[2009/11/12 22:29:44 | 00,010,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mountvol.exe
[2009/11/12 22:29:43 | 00,145,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mobsync.exe
[2009/11/12 22:29:43 | 00,036,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mnmsrvc.exe
[2009/11/12 22:29:41 | 00,817,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mmc.exe
[2009/11/12 22:29:40 | 00,242,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migwiz.exe
[2009/11/12 22:29:40 | 00,238,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migwiz_a.exe
[2009/11/12 22:29:40 | 00,010,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migregdb.exe
[2009/11/12 22:29:39 | 00,995,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migrate.exe
[2009/11/12 22:29:38 | 00,105,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migload.exe
[2009/11/12 22:29:38 | 00,036,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migisol.exe
[2009/11/12 22:29:37 | 00,066,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\medctrro.exe
[2009/11/12 22:29:35 | 00,088,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\makecab.exe
[2009/11/12 22:29:35 | 00,075,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\magnify.exe
[2009/11/12 22:29:34 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lsass.exe
[2009/11/12 22:29:34 | 00,010,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lpr.exe
[2009/11/12 22:29:33 | 00,008,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lpq.exe
[2009/11/12 22:29:32 | 00,517,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logonui.exe
[2009/11/12 22:29:32 | 00,223,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logon.scr
[2009/11/12 22:29:32 | 00,017,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logoff.exe
[2009/11/12 22:29:31 | 00,099,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logagent.exe
[2009/11/12 22:29:31 | 00,077,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\locator.exe
[2009/11/12 22:29:31 | 00,061,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logman.exe
[2009/11/12 22:29:31 | 00,007,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lodctr.exe
[2009/11/12 22:29:30 | 00,032,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lights.exe
[2009/11/12 22:29:30 | 00,027,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lnkstub.exe
[2009/11/12 22:29:29 | 00,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\label.exe
[2009/11/12 22:29:21 | 00,026,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipxroute.exe
[2009/11/12 22:29:21 | 00,020,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isignup.exe
[2009/11/12 22:29:20 | 00,055,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipv6.exe
[2009/11/12 22:29:19 | 00,046,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipsec6.exe
[2009/11/12 22:29:18 | 00,058,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipconfig.exe
[2009/11/12 22:29:17 | 00,024,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetwiz.exe
[2009/11/12 22:29:16 | 00,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetin51.exe
[2009/11/12 22:29:16 | 00,010,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmgr.exe
[2009/11/12 22:29:15 | 00,152,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imapi.exe
[2009/11/12 22:29:15 | 00,009,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iissync.exe
[2009/11/12 22:29:14 | 00,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrstas.exe
[2009/11/12 22:29:14 | 00,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisreset.exe
[2009/11/12 22:29:13 | 00,117,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iexpress.exe
[2009/11/12 22:29:12 | 00,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedw.exe
[2009/11/12 22:29:11 | 00,175,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ie4uinit.exe
[2009/11/12 22:29:11 | 00,077,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwtutor.exe
[2009/11/12 22:29:11 | 00,028,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwrmind.exe
[2009/11/12 22:29:10 | 00,090,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwconn2.exe
[2009/11/12 22:29:09 | 00,217,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwconn1.exe
[2009/11/12 22:29:07 | 00,045,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzzm.exe
[2009/11/12 22:29:07 | 00,021,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hscupd.exe
[2009/11/12 22:29:06 | 00,010,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hostname.exe
[2009/11/12 22:29:05 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hh.exe
[2009/11/12 22:29:02 | 00,746,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe
[2009/11/12 22:29:02 | 00,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helphost.exe
[2009/11/12 22:28:59 | 00,771,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpctr.exe
[2009/11/12 22:28:59 | 00,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\help.exe
[2009/11/12 22:28:58 | 00,122,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gprslt.exe
[2009/11/12 22:28:58 | 00,059,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gpupdate.exe
[2009/11/12 22:28:58 | 00,041,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\grpconv.exe
[2009/11/12 22:28:57 | 00,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\getmac.exe
[2009/11/12 22:28:55 | 00,270,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssvc.exe
[2009/11/12 22:28:55 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssend.exe
[2009/11/12 22:28:54 | 00,231,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscover.exe
[2009/11/12 22:28:53 | 00,145,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclnt.exe
[2009/11/12 22:28:52 | 00,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fsutil.exe
[2009/11/12 22:28:52 | 00,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\freecell.exe
[2009/11/12 22:28:52 | 00,045,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftp.exe
[2009/11/12 22:28:51 | 00,024,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpremadm.exe
[2009/11/12 22:28:50 | 00,192,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpcount.exe
[2009/11/12 22:28:50 | 00,111,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98swin.exe
[2009/11/12 22:28:50 | 00,028,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmcgi.exe
[2009/11/12 22:28:50 | 00,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98sadm.exe
[2009/11/12 22:28:48 | 00,009,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\forcedos.exe
[2009/11/12 22:28:47 | 00,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fltmc.exe
[2009/11/12 22:28:47 | 00,023,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fontview.exe
[2009/11/12 22:28:47 | 00,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe
[2009/11/12 22:28:47 | 00,005,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fixmapi.exe
[2009/11/12 22:28:46 | 00,029,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\findstr.exe
[2009/11/12 22:28:46 | 00,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\finger.exe
[2009/11/12 22:28:46 | 00,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\find.exe
[2009/11/12 22:28:45 | 00,048,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\extrac32.exe
[2009/11/12 22:28:45 | 00,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fc.exe
[2009/11/12 22:28:43 | 01,034,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\explorer.exe
[2009/11/12 22:28:43 | 00,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe
[2009/11/12 22:28:43 | 00,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\expand.exe
[2009/11/12 22:28:42 | 00,080,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evtrig.exe
[2009/11/12 22:28:41 | 00,094,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntwin.exe
[2009/11/12 22:28:41 | 00,052,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evcreate.exe
[2009/11/12 22:28:41 | 00,026,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntcmd.exe
[2009/11/12 22:28:41 | 00,011,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\eventvwr.exe
[2009/11/12 22:28:40 | 00,195,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\eudcedit.exe
[2009/11/12 22:28:40 | 00,041,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\esentutl.exe
[2009/11/12 22:28:38 | 00,067,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehtray.exe
[2009/11/12 22:28:37 | 03,223,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehshell.exe
[2009/11/12 22:28:37 | 00,105,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehSched.exe
[2009/11/12 22:28:36 | 00,068,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehRec.exe
[2009/11/12 22:28:36 | 00,049,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehmsas.exe
[2009/11/12 22:28:33 | 01,302,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dxdiag.exe
[2009/11/12 22:28:32 | 00,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dwwin.exe
[2009/11/12 22:28:32 | 00,020,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dvdupgrd.exe
[2009/11/12 22:28:31 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dumprep.exe
[2009/11/12 22:28:30 | 00,060,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drvqry.exe
[2009/11/12 22:28:30 | 00,048,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drwtsn32.exe
[2009/11/12 22:28:28 | 00,086,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpvsetup.exe
[2009/11/12 22:28:28 | 00,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnsvr.exe
[2009/11/12 22:28:27 | 00,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dplaysvr.exe
[2009/11/12 22:28:27 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\doskey.exe
[2009/11/12 22:28:26 | 00,018,432 | ---- | M] (Microsoft Corp.) -- C:\WINDOWS\System32\dllcache\dmremote.exe
[2009/11/12 22:28:24 | 00,227,328 | ---- | M] (Microsoft Corp., Veritas Software) -- C:\WINDOWS\System32\dllcache\dmadmin.exe
[2009/11/12 22:28:24 | 00,020,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\diskperf.exe
[2009/11/12 22:28:24 | 00,007,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dllhost.exe
[2009/11/12 22:28:24 | 00,007,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dllhst3g.exe
[2009/11/12 22:28:23 | 00,166,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\diskpart.exe
[2009/11/12 22:28:23 | 00,088,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\diantz.exe
[2009/11/12 22:28:22 | 00,541,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dialer.exe
[2009/11/12 22:28:21 | 00,107,520 | ---- | M] (Microsoft Corp. and Executive Software International, Inc.) -- C:\WINDOWS\System32\dllcache\dfrgntfs.exe
[2009/11/12 22:28:21 | 00,084,992 | ---- | M] (Microsoft Corp. and Executive Software International, Inc.) -- C:\WINDOWS\System32\dllcache\dfrgfat.exe
[2009/11/12 22:28:20 | 00,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ddeshare.exe
[2009/11/12 22:28:20 | 00,027,648 | ---- | M] (Microsoft Corp. and Executive Software International, Inc.) -- C:\WINDOWS\System32\dllcache\defrag.exe
[2009/11/12 22:28:20 | 00,007,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dcomcnfg.exe
[2009/11/12 22:28:19 | 00,045,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\davcdata.exe
[2009/11/12 22:28:12 | 00,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cscript.exe
[2009/11/12 22:28:12 | 00,017,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ctfmon.exe
[2009/11/12 22:28:11 | 00,021,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cprofile.exe
[2009/11/12 22:28:10 | 00,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\convlog.exe
[2009/11/12 22:28:10 | 00,030,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\conime.exe
[2009/11/12 22:28:10 | 00,016,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\convert.exe
[2009/11/12 22:28:10 | 00,010,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\control.exe
[2009/11/12 22:28:09 | 01,036,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\conf.exe
[2009/11/12 22:28:08 | 00,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrepl.exe
[2009/11/12 22:28:08 | 00,007,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrereg.exe
[2009/11/12 22:28:07 | 00,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\compact.exe
[2009/11/12 22:28:07 | 00,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comp.exe
[2009/11/12 22:28:06 | 00,066,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmstp.exe
[2009/11/12 22:28:06 | 00,042,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmmon32.exe
[2009/11/12 22:28:05 | 00,049,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmdl32.exe
[2009/11/12 22:28:04 | 00,391,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmd.exe
[2009/11/12 22:28:04 | 00,105,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clipbrd.exe
[2009/11/12 22:28:04 | 00,066,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cleanmgr.exe
[2009/11/12 22:28:04 | 00,035,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clipsrv.exe
[2009/11/12 22:28:03 | 00,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cipher.exe
[2009/11/12 22:28:03 | 00,010,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ckcnv.exe
[2009/11/12 22:28:03 | 00,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cisvc.exe
[2009/11/12 22:28:02 | 00,045,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrzm.exe
[2009/11/12 22:28:02 | 00,010,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cidaemon.exe
[2009/11/12 22:28:01 | 00,082,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\charmap.exe
[2009/11/12 22:28:01 | 00,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgport.exe
[2009/11/12 22:28:01 | 00,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgusr.exe
[2009/11/12 22:28:01 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chglogon.exe
[2009/11/12 22:28:01 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkdsk.exe
[2009/11/12 22:28:01 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkntfs.exe
[2009/11/12 22:28:01 | 00,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\change.exe
[2009/11/12 22:28:00 | 00,192,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cfgwiz.exe
[2009/11/12 22:27:59 | 00,016,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cb32.exe
[2009/11/12 22:27:58 | 00,117,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\calc.exe
[2009/11/12 22:27:58 | 00,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cacls.exe
[2009/11/12 22:27:57 | 00,007,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bootvrfy.exe
[2009/11/12 22:27:57 | 00,007,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bootok.exe
[2009/11/12 22:27:56 | 00,139,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bootcfg.exe
[2009/11/12 22:27:56 | 00,074,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\blastcln.exe
[2009/11/12 22:27:55 | 00,045,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgzm.exe
[2009/11/12 22:27:53 | 00,020,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.exe
[2009/11/12 22:27:53 | 00,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\auditusr.exe
[2009/11/12 22:27:53 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\attrib.exe
[2009/11/12 22:27:52 | 00,027,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\at.exe
[2009/11/12 22:27:52 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atmadm.exe
[2009/11/12 22:27:51 | 00,035,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asr_pfu.exe
[2009/11/12 22:27:51 | 00,034,816 | ---- | M] (Microsoft Corp.) -- C:\WINDOWS\System32\dllcache\asr_ldm.exe
[2009/11/12 22:27:51 | 00,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asr_fmt.exe
[2009/11/12 22:27:50 | 00,022,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\arp.exe
[2009/11/12 22:27:41 | 00,100,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ahui.exe
[2009/11/12 22:27:41 | 00,047,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\alg.exe
[2009/11/12 22:27:39 | 00,259,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agentsvr.exe
[2009/11/12 22:27:37 | 00,020,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.exe
[2009/11/12 22:27:37 | 00,006,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\actmovie.exe
[2009/11/12 22:27:35 | 00,186,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\accwiz.exe
[2009/11/12 22:26:35 | 00,080,896 | ---- | M] () -- C:\WINDOWS\System32\zmdpmg.exe
[2009/11/12 22:26:34 | 00,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\xcopy.exe
[2009/11/12 22:26:33 | 00,034,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wupdmgr.exe
[2009/11/12 22:26:32 | 00,168,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauclt1.exe
[2009/11/12 22:26:29 | 00,118,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wscript.exe
[2009/11/12 22:26:29 | 00,034,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wpnpinst.exe
[2009/11/12 22:26:29 | 00,016,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wscntfy.exe
[2009/11/12 22:26:29 | 00,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\write.exe
[2009/11/12 22:26:27 | 04,399,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wpgldfsh.scr
[2009/11/12 22:26:26 | 00,034,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wpabaln.exe
[2009/11/12 22:26:20 | 00,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\winver.exe
[2009/11/12 22:26:18 | 00,122,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\winmine.exe
[2009/11/12 22:26:18 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\winmsd.exe
[2009/11/12 22:26:17 | 00,210,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\WinFXDocObj.exe
[2009/11/12 22:26:17 | 00,010,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\winhlp32.exe
[2009/11/12 22:26:15 | 00,436,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wiaacmgr.exe
[2009/11/12 22:26:14 | 00,068,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wextract.exe
[2009/11/12 22:26:13 | 00,041,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wdfmgr.exe
[2009/11/12 22:26:12 | 00,052,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\w32tm.exe
[2009/11/12 22:26:11 | 00,292,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\vssvc.exe
[2009/11/12 22:26:10 | 00,100,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\verifier.exe
[2009/11/12 22:26:10 | 00,036,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\vssadmin.exe
[2009/11/12 22:26:09 | 00,031,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\verclsid.exe
[2009/11/12 22:26:07 | 00,073,728 | ---- | M] ( U.S. Robotics Corporation) -- C:\WINDOWS\System32\usrshuta.exe
[2009/11/12 22:26:07 | 00,052,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\utilman.exe
[2009/11/12 22:26:07 | 00,049,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\uwdf.exe
[2009/11/12 22:26:06 | 00,081,920 | ---- | M] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\usrmlnka.exe
[2009/11/12 22:26:06 | 00,065,536 | ---- | M] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\usrprbda.exe
[2009/11/12 22:26:05 | 00,027,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\userinit.exe
[2009/11/12 22:26:05 | 00,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ups.exe
[2009/11/12 22:26:04 | 00,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\upnpcont.exe
[2009/11/12 22:26:04 | 00,006,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\unlodctr.exe
[2009/11/12 22:26:03 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\typeperf.exe
[2009/11/12 22:26:03 | 00,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tsshutdn.exe
[2009/11/12 22:26:02 | 00,047,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tscupgrd.exe
[2009/11/12 22:26:02 | 00,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tskill.exe
[2009/11/12 22:26:02 | 00,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tsdiscon.exe
[2009/11/12 22:26:02 | 00,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tscon.exe
[2009/11/12 22:26:01 | 00,034,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tracert6.exe
[2009/11/12 22:26:01 | 00,014,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tracert.exe
[2009/11/12 22:26:00 | 00,349,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tourstart.exe
[2009/11/12 22:26:00 | 00,262,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tracerpt.exe
[2009/11/12 22:26:00 | 00,075,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tlntsvr.exe
[2009/11/12 22:25:59 | 00,080,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tlntsess.exe
[2009/11/12 22:25:59 | 00,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tlntadmn.exe
[2009/11/12 22:25:59 | 00,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tftp.exe
[2009/11/12 22:25:58 | 00,077,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\telnet.exe
[2009/11/12 22:25:57 | 00,022,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tcpsvcs.exe
[2009/11/12 22:25:57 | 00,014,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tcmsetup.exe
[2009/11/12 22:25:56 | 00,138,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\taskmgr.exe
[2009/11/12 22:25:56 | 00,074,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tasklist.exe
[2009/11/12 22:25:56 | 00,074,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\taskkill.exe
[2009/11/12 22:25:56 | 00,017,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\taskman.exe
[2009/11/12 22:25:55 | 00,070,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\systeminfo.exe
[2009/11/12 22:25:55 | 00,005,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\systray.exe
[2009/11/12 22:25:54 | 00,108,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\sysocmgr.exe
[2009/11/12 22:25:54 | 00,039,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\syskey.exe
[2009/11/12 22:25:53 | 00,053,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\syncapp.exe
[2009/11/12 22:25:52 | 00,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\subst.exe
[2009/11/12 22:25:51 | 00,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\stimon.exe
[2009/11/12 22:25:48 | 00,684,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\sstext3d.scr
[2009/11/12 22:25:48 | 00,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ssstars.scr
[2009/11/12 22:25:46 | 00,614,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\sspipes.scr
[2009/11/12 22:25:46 | 00,021,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ssmyst.scr
[2009/11/12 22:25:45 | 00,397,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ssflwbox.scr
[2009/11/12 22:25:45 | 00,049,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ssmypics.scr
[2009/11/12 22:25:45 | 00,023,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ssmarque.scr
[2009/11/12 22:25:45 | 00,022,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ssbezier.scr
[2009/11/12 22:25:42 | 00,708,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ss3dfo.scr
[2009/11/12 22:25:40 | 00,060,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\spoolsv.exe
[2009/11/12 22:25:40 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\spiisupd.exe
[2009/11/12 22:25:40 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\spnpinst.exe
[2009/11/12 22:25:39 | 00,541,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\spider.exe
[2009/11/12 22:25:38 | 00,059,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\sol.exe
[2009/11/12 22:25:38 | 00,026,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\sort.exe
[2009/11/12 22:25:37 | 00,141,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\sndvol32.exe
[2009/11/12 22:25:37 | 00,134,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\sndrec32.exe
[2009/11/12 22:25:37 | 00,092,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\smlogsvc.exe
[2009/11/12 22:25:36 | 00,028,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\skeys.exe
[2009/11/12 22:25:36 | 00,010,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\smbinst.exe
[2009/11/12 22:25:35 | 00,080,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\shrpubw.exe
[2009/11/12 22:25:35 | 00,072,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\sigverif.exe
[2009/11/12 22:25:35 | 00,045,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\shmgrate.exe
[2009/11/12 22:25:35 | 00,022,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\shutdown.exe
[2009/11/12 22:25:34 | 00,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\shadow.exe
[2009/11/12 22:25:33 | 00,033,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\sethc.exe
[2009/11/12 22:25:33 | 00,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\setup.exe
[2009/11/12 22:25:33 | 00,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\sfc.exe
[2009/11/12 22:25:32 | 00,143,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\sessmgr.exe
[2009/11/12 22:25:31 | 00,079,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\sdbinst.exe
[2009/11/12 22:25:31 | 00,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\secedit.exe
[2009/11/12 22:25:30 | 00,124,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\schtasks.exe
[2009/11/12 22:25:30 | 00,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\scrnsave.scr
[2009/11/12 22:25:29 | 00,098,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\scardsvr.exe
[2009/11/12 22:25:29 | 00,033,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\sc.exe
[2009/11/12 22:25:28 | 00,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rwinsta.exe
[2009/11/12 22:25:28 | 00,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\runonce.exe
[2009/11/12 22:25:28 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\savedump.exe
[2009/11/12 22:25:27 | 00,079,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rtcshare.exe
[2009/11/12 22:25:27 | 00,035,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rundll32.exe
[2009/11/12 22:25:27 | 00,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\runas.exe
[2009/11/12 22:25:26 | 00,135,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rsvp.exe
[2009/11/12 22:25:26 | 00,110,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rsnotify.exe
[2009/11/12 22:25:26 | 00,065,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rsopprov.exe
[2009/11/12 22:25:25 | 00,051,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rsmui.exe
[2009/11/12 22:25:25 | 00,051,712 | ---- | M] (Microsoft Corp) -- C:\WINDOWS\System32\rsm.exe
[2009/11/12 22:25:25 | 00,027,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rsmsink.exe
[2009/11/12 22:25:25 | 00,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rsh.exe
[2009/11/12 22:25:24 | 00,028,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\routemon.exe
[2009/11/12 22:25:24 | 00,022,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\route.exe
[2009/11/12 22:25:23 | 00,035,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\relog.exe
[2009/11/12 22:25:23 | 00,016,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rexec.exe
[2009/11/12 22:25:23 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\replace.exe
[2009/11/12 22:25:23 | 00,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\reset.exe
[2009/11/12 22:25:22 | 00,052,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\reg.exe
[2009/11/12 22:25:22 | 00,036,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\regini.exe
[2009/11/12 22:25:22 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\regsvr32.exe
[2009/11/12 22:25:22 | 00,009,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\recover.exe
[2009/11/12 22:25:22 | 00,007,168 | ---- | M] (Microsoft) -- C:\WINDOWS\System32\regwiz.exe
[2009/11/12 22:25:22 | 00,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\regedt32.exe
[2009/11/12 22:25:21 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rdshost.exe
[2009/11/12 22:25:21 | 00,065,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpclip.exe
[2009/11/12 22:25:21 | 00,024,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rcp.exe
[2009/11/12 22:25:21 | 00,016,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rdsaddin.exe
[2009/11/12 22:25:20 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rcimlby.exe
[2009/11/12 22:25:20 | 00,024,576 | ---- | M] () -- C:\WINDOWS\System32\rass32.exe
[2009/11/12 22:25:19 | 00,059,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rasphone.exe
[2009/11/12 22:25:19 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rasdial.exe
[2009/11/12 22:25:18 | 00,024,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\qwinsta.exe
[2009/11/12 22:25:18 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rasautou.exe
[2009/11/12 22:25:17 | 00,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\qprocess.exe
[2009/11/12 22:25:16 | 00,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\qappsrv.exe
[2009/11/12 22:25:14 | 00,052,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\proquota.exe
[2009/11/12 22:25:14 | 00,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\proxycfg.exe
[2009/11/12 22:25:13 | 00,112,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\progman.exe
[2009/11/12 22:25:13 | 00,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\print.exe
[2009/11/12 22:25:12 | 00,051,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\powercfg.exe
[2009/11/12 22:25:11 | 00,035,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ping6.exe
[2009/11/12 22:25:11 | 00,020,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ping.exe
[2009/11/12 22:25:10 | 00,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\perfmon.exe
[2009/11/12 22:25:09 | 00,024,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\pathping.exe
[2009/11/12 22:25:09 | 00,017,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\pentnt.exe
[2009/11/12 22:25:08 | 00,060,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\packager.exe
[2009/11/12 22:25:08 | 00,043,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\osuninst.exe
[2009/11/12 22:25:07 | 00,218,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\osk.exe
[2009/11/12 22:25:07 | 00,070,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\openfiles.exe
[2009/11/12 22:25:04 | 00,073,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\odbcconf.exe
[2009/11/12 22:25:04 | 00,036,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\odbcad32.exe
[2009/11/12 22:25:03 | 00,129,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\nwscript.exe
[2009/11/12 22:25:02 | 01,523,712 | ---- | M] () -- C:\WINDOWS\System32\nwiz.exe
[2009/11/12 22:24:59 | 00,180,224 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvunrm.exe
[2009/11/12 22:24:58 | 00,180,224 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvudisp.exe
[2009/11/12 22:24:53 | 01,343,488 | ---- | M] () -- C:\WINDOWS\System32\nvdspsch.exe
[2009/11/12 22:24:52 | 00,446,464 | ---- | M] () -- C:\WINDOWS\System32\nvappbar.exe
[2009/11/12 22:24:52 | 00,151,552 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcolor.exe
[2009/11/12 22:24:49 | 00,422,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ntvdm.exe
[2009/11/12 22:24:48 | 00,034,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ntsd.exe
[2009/11/12 22:24:44 | 01,202,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ntbackup.exe
[2009/11/12 22:24:43 | 00,079,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\nslookup.exe
[2009/11/12 22:24:43 | 00,071,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\notepad.exe
[2009/11/12 22:24:41 | 00,039,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\netstat.exe
[2009/11/12 22:24:40 | 00,334,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\netsetup.exe
[2009/11/12 22:24:40 | 00,088,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\netsh.exe
[2009/11/12 22:24:39 | 00,127,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\net1.exe
[2009/11/12 22:24:39 | 00,045,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\net.exe
[2009/11/12 22:24:38 | 00,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\nbtstat.exe
[2009/11/12 22:24:38 | 00,006,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\nddeapir.exe
[2009/11/12 22:24:36 | 03,345,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\nature.scr
[2009/11/12 22:24:36 | 00,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\narrator.exe
[2009/11/12 22:24:34 | 01,744,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mypixdx.scr
[2009/11/12 22:24:27 | 00,410,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mstsc.exe
[2009/11/12 22:24:27 | 00,014,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mstinit.exe
[2009/11/12 22:24:26 | 00,009,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msswchx.exe
[2009/11/12 22:24:23 | 00,345,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mspaint.exe
[2009/11/12 22:24:20 | 00,081,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msiexec.exe
[2009/11/12 22:24:19 | 00,129,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mshearts.exe
[2009/11/12 22:24:19 | 00,048,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mshta.exe
[2009/11/12 22:24:18 | 00,023,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msg.exe
[2009/11/12 22:24:18 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeedssync.exe
[2009/11/12 22:24:16 | 00,008,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtc.exe
[2009/11/12 22:24:13 | 00,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mqtgsvc.exe
[2009/11/12 22:24:13 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mrinfo.exe
[2009/11/12 22:24:13 | 00,007,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mqsvc.exe
[2009/11/12 22:24:11 | 00,024,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mpnotify.exe
[2009/11/12 22:24:11 | 00,022,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mqbkup.exe
[2009/11/12 22:24:10 | 00,125,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mplay32.exe
[2009/11/12 22:24:10 | 00,010,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mountvol.exe
[2009/11/12 22:24:09 | 00,145,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mobsync.exe
[2009/11/12 22:24:07 | 00,817,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mmc.exe
[2009/11/12 22:24:06 | 00,054,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\migpwd.exe
[2009/11/12 22:24:03 | 00,088,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\makecab.exe
[2009/11/12 22:24:02 | 00,075,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\magnify.exe
[2009/11/12 22:24:01 | 00,010,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\lpr.exe
[2009/11/12 22:24:01 | 00,008,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\lpq.exe
[2009/11/12 22:24:00 | 00,517,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\logonui.exe
[2009/11/12 22:24:00 | 00,223,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\logon.scr
[2009/11/12 22:24:00 | 00,017,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\logoff.exe
[2009/11/12 22:23:59 | 00,099,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\logagent.exe
[2009/11/12 22:23:59 | 00,077,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\locator.exe
[2009/11/12 22:23:59 | 00,061,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\logman.exe
[2009/11/12 22:23:59 | 00,007,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\lodctr.exe
[2009/11/12 22:23:58 | 00,032,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\lights.exe
[2009/11/12 22:23:58 | 00,027,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\lnkstub.exe
[2009/11/12 22:23:56 | 00,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\label.exe
[2009/11/12 22:23:54 | 00,430,080 | ---- | M] () -- C:\WINDOWS\System32\keystone.exe
[2009/11/12 22:23:48 | 00,131,072 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2009/11/12 22:23:48 | 00,053,248 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2009/11/12 22:23:48 | 00,053,248 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2009/11/12 22:23:46 | 00,055,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ipv6.exe
[2009/11/12 22:23:46 | 00,026,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ipxroute.exe
[2009/11/12 22:23:45 | 00,046,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ipsec6.exe
[2009/11/12 22:23:44 | 00,058,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ipconfig.exe
[2009/11/12 22:23:41 | 00,117,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iexpress.exe
[2009/11/12 22:23:41 | 00,039,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ieudinit.exe
[2009/11/12 22:23:39 | 00,175,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ie4uinit.exe
[2009/11/12 22:23:37 | 00,010,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\hostname.exe
[2009/11/12 22:23:36 | 00,064,512 | ---- | M] (Windows ® Server 2003 DDK provider) -- C:\WINDOWS\System32\HdAShCut.exe
[2009/11/12 22:23:36 | 00,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\help.exe
[2009/11/12 22:23:35 | 00,059,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\gpupdate.exe
[2009/11/12 22:23:35 | 00,041,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\grpconv.exe
[2009/11/12 22:23:34 | 00,122,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\gpresult.exe
[2009/11/12 22:23:33 | 00,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\getmac.exe
[2009/11/12 22:23:32 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\fxssend.exe
[2009/11/12 22:23:31 | 00,231,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\fxscover.exe
[2009/11/12 22:23:31 | 00,145,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsclnt.exe
[2009/11/12 22:23:31 | 00,045,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ftp.exe
[2009/11/12 22:23:30 | 00,195,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\fsquirt.exe
[2009/11/12 22:23:30 | 00,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\fsutil.exe
[2009/11/12 22:23:29 | 00,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\freecell.exe
[2009/11/12 22:23:29 | 00,023,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\fontview.exe
[2009/11/12 22:23:29 | 00,009,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\forcedos.exe
[2009/11/12 22:23:28 | 00,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\fltMc.exe
[2009/11/12 22:23:28 | 00,005,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\fixmapi.exe
[2009/11/12 22:23:27 | 00,029,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\findstr.exe
[2009/11/12 22:23:27 | 00,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\finger.exe
[2009/11/12 22:23:27 | 00,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\find.exe
[2009/11/12 22:23:24 | 00,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\fc.exe
[2009/11/12 22:23:23 | 00,048,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\extrac32.exe
[2009/11/12 22:23:22 | 00,080,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\eventtriggers.exe
[2009/11/12 22:23:22 | 00,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\expand.exe
[2009/11/12 22:23:22 | 00,011,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\eventvwr.exe
[2009/11/12 22:23:21 | 00,195,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\eudcedit.exe
[2009/11/12 22:23:21 | 00,052,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\eventcreate.exe
[2009/11/12 22:23:20 | 00,041,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\esentutl.exe
[2009/11/12 22:23:18 | 01,302,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dxdiag.exe
[2009/11/12 22:23:17 | 00,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dwwin.exe
[2009/11/12 22:23:17 | 00,057,856 | ---- | M] () -- C:\WINDOWS\System32\dvdplay.exe
[2009/11/12 22:23:17 | 00,020,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dvdupgrd.exe
[2009/11/12 22:23:16 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dumprep.exe
[2009/11/12 22:23:15 | 00,048,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drwtsn32.exe
[2009/11/12 22:23:14 | 00,086,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dpvsetup.exe
[2009/11/12 22:23:14 | 00,060,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\driverquery.exe
[2009/11/12 22:23:13 | 00,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dpnsvr.exe
[2009/11/12 22:23:12 | 00,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dplaysvr.exe
[2009/11/12 22:23:12 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\doskey.exe
[2009/11/12 22:23:11 | 00,018,432 | ---- | M] (Microsoft Corp.) -- C:\WINDOWS\System32\dmremote.exe
[2009/11/12 22:23:10 | 00,227,328 | ---- | M] (Microsoft Corp., Veritas Software) -- C:\WINDOWS\System32\dmadmin.exe
[2009/11/12 22:23:10 | 00,166,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\diskpart.exe
[2009/11/12 22:23:10 | 00,020,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\diskperf.exe
[2009/11/12 22:23:10 | 00,007,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllhost.exe
[2009/11/12 22:23:10 | 00,007,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllhst3g.exe
[2009/11/12 22:23:09 | 00,088,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\diantz.exe
[2009/11/12 22:23:08 | 00,107,520 | ---- | M] (Microsoft Corp. and Executive Software International, Inc.) -- C:\WINDOWS\System32\dfrgntfs.exe
[2009/11/12 22:23:08 | 00,084,992 | ---- | M] (Microsoft Corp. and Executive Software International, Inc.) -- C:\WINDOWS\System32\dfrgfat.exe
[2009/11/12 22:23:08 | 00,027,648 | ---- | M] (Microsoft Corp. and Executive Software International, Inc.) -- C:\WINDOWS\System32\defrag.exe
[2009/11/12 22:23:07 | 00,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ddeshare.exe
[2009/11/12 22:23:07 | 00,007,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dcomcnfg.exe
[2009/11/12 22:23:04 | 05,071,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\davinci.scr
[2009/11/12 22:23:00 | 00,017,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ctfmon.exe
[2009/11/12 22:22:59 | 00,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\cscript.exe
[2009/11/12 22:22:58 | 00,030,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\conime.exe
[2009/11/12 22:22:58 | 00,016,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\convert.exe
[2009/11/12 22:22:58 | 00,010,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\control.exe
[2009/11/12 22:22:57 | 00,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\compact.exe
[2009/11/12 22:22:57 | 00,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\comp.exe
[2009/11/12 22:22:55 | 00,066,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\cmstp.exe
[2009/11/12 22:22:55 | 00,049,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\cmdl32.exe
[2009/11/12 22:22:55 | 00,042,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\cmmon32.exe
[2009/11/12 22:22:54 | 00,391,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\cmd.exe
[2009/11/12 22:22:53 | 00,105,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\clipbrd.exe
[2009/11/12 22:22:53 | 00,024,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\cliconfg.exe
[2009/11/12 22:22:51 | 00,066,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\cleanmgr.exe
[2009/11/12 22:22:51 | 00,010,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ckcnv.exe
[2009/11/12 22:22:50 | 00,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\cipher.exe
[2009/11/12 22:22:50 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\chkntfs.exe
[2009/11/12 22:22:50 | 00,010,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\cidaemon.exe
[2009/11/12 22:22:49 | 00,082,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\charmap.exe
[2009/11/12 22:22:49 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\chkdsk.exe
[2009/11/12 22:22:46 | 00,117,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\calc.exe
[2009/11/12 22:22:46 | 00,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\cacls.exe
[2009/11/12 22:22:45 | 00,139,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\bootcfg.exe
[2009/11/12 22:22:45 | 00,007,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\bootvrfy.exe
[2009/11/12 22:22:45 | 00,007,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\bootok.exe
[2009/11/12 22:22:44 | 00,074,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\blastcln.exe
[2009/11/12 22:22:41 | 00,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\auditusr.exe
[2009/11/12 22:22:41 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\attrib.exe
[2009/11/12 22:22:41 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\atmadm.exe
[2009/11/12 22:22:40 | 00,035,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\asr_pfu.exe
[2009/11/12 22:22:40 | 00,034,816 | ---- | M] (Microsoft Corp.) -- C:\WINDOWS\System32\asr_ldm.exe
[2009/11/12 22:22:40 | 00,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\asr_fmt.exe
[2009/11/12 22:22:40 | 00,027,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\at.exe
[2009/11/12 22:22:39 | 00,022,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\arp.exe
[2009/11/12 22:22:38 | 00,100,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ahui.exe
[2009/11/12 22:22:38 | 00,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\alg.exe
[2009/11/12 22:22:36 | 00,186,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\accwiz.exe
[2009/11/12 22:22:36 | 00,006,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\actmovie.exe
[2009/11/12 22:12:14 | 00,065,536 | ---- | M] (USA) -- C:\WINDOWS\System32\fgjk4wvb.dll
[2009/11/12 22:12:09 | 00,000,868 | ---- | M] () -- C:\WINDOWS\System32\5807001.exe
[2009/11/12 22:11:42 | 00,000,000 | ---- | M] () -- C:\WINDOWS\SC.INS
[2009/11/12 22:11:42 | 00,000,000 | ---- | M] () -- C:\WINDOWS\sc.exe
[2009/11/12 22:04:34 | 22,140,680 | ---- | M] (Doctor Web, Ltd.) -- C:\Documents and Settings\Compaq_Administrator\Desktop\drweb-cureit.exe
[2009/11/12 11:23:18 | 00,421,438 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\1-5A.JPG
[2009/11/11 23:26:37 | 00,001,660 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2009/11/11 22:20:54 | 00,000,140 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\webct_upload_applet.properties
[2009/11/11 22:18:17 | 00,002,516 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Japanese Comics are Popular in Foreign Countries.rtf
[2009/11/11 13:18:00 | 02,083,177 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\newsletter-november-issue2[1].docx
[2009/11/11 11:24:34 | 00,077,867 | ---- | M] () -- C:\WINDOWS\System32\win.dll
[2009/11/11 10:22:57 | 00,419,282 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\error2.bmp
[2009/11/10 20:40:07 | 00,000,762 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Resume Adobe Downloads.lnk
[2009/11/10 19:34:10 | 00,004,629 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\essay.rtf
[2009/11/10 17:12:24 | 01,326,905 | ---- | M] () -- C:\jwpcehlp.exe
[2009/11/10 17:12:16 | 00,993,344 | ---- | M] () -- C:\jwpceman.exe
[2009/11/10 17:12:10 | 10,748,032 | ---- | M] () -- C:\jwpcemax.exe
[2009/11/10 17:11:44 | 05,111,141 | ---- | M] () -- C:\jwpcemin.exe
[2009/11/10 16:50:56 | 00,056,179 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\jpforlauren.jpg
[2009/11/10 15:49:32 | 00,000,000 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\settings.dat
[2009/11/10 10:01:19 | 00,000,152 | ---- | M] () -- C:\WINDOWS\System32\api.reg
[2009/11/08 23:02:17 | 00,000,788 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2009/11/08 20:47:18 | 00,000,699 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/11/08 17:27:03 | 00,000,221 | ---- | M] () -- C:\WINDOWS\System32\winset.ini
[2009/11/08 16:21:10 | 00,350,653 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\oldhosts
[2009/11/08 15:18:05 | 00,000,941 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Spybot - Search & Destroy.lnk
[2009/11/08 14:19:53 | 00,000,825 | ---- | M] () -- C:\WINDOWS\System32\wininit.dll
[2009/11/08 14:13:17 | 00,032,768 | ---- | M] (1.0 WinBug End) -- C:\WINDOWS\System32\QingYL.dll
[2009/11/08 14:11:29 | 00,000,655 | -HS- | M] () -- C:\Documents and Settings\Compaq_Administrator\Start Menu\Programs\Startup\scandisk.lnk
[2009/11/08 13:54:49 | 00,180,240 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/11/08 13:46:10 | 00,000,720 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Craving Explorer.lnk
[2009/11/08 01:02:26 | 00,000,231 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/11/08 00:16:25 | 05,300,944 | -H-- | M] () -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\IconCache.db
[2009/11/08 00:08:26 | 00,000,638 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\µTorrent.lnk
[2009/11/08 00:01:51 | 00,000,737 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Audacity.lnk
[2009/11/07 23:57:23 | 00,001,556 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\CCleaner.lnk
[2009/11/07 23:54:37 | 00,000,727 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\VLC media player.lnk
[2009/11/07 23:38:23 | 00,000,612 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\JWPce.lnk
[2009/11/07 23:19:59 | 00,006,144 | ---- | M] () -- C:\WINDOWS\System32\WinRAR.dll
[2009/11/07 23:12:24 | 00,382,022 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/11/07 23:12:24 | 00,053,640 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/11/07 23:12:23 | 00,441,626 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/11/07 23:12:22 | 00,000,281 | RHS- | M] () -- C:\boot.ini
[2009/11/07 23:09:20 | 00,001,819 | RHS- | M] () -- C:\WINDOWS\System32\drivers\103C_HP_CPC_RE474AA-ABA SR2023WM NA680_YC_0Pres_QCNH640_E64NAemREA4_48_INAOS_SASUSTek Computer INC._V1.05_B3.00_T060630_WXP2_L409_M959_J160_7AMD_8Athlon 64_92.2_#061225_N_Z14F12F20_G10DE0241.MRK
[2009/11/07 23:07:25 | 00,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/11/07 23:06:27 | 00,001,111 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2009/11/07 23:06:06 | 00,262,144 | ---- | M] () -- C:\Documents and Settings\All Users\NTUSER.DAT
[2009/11/07 23:05:21 | 00,000,211 | RHS- | M] () -- C:\BOOT.BAK
[2009/11/07 19:45:39 | 00,000,120 | ---- | M] () -- C:\WINDOWS\Pcuhumu.dat
[2009/11/07 16:05:34 | 00,000,000 | -HS- | M] () -- C:\284294437
[2009/11/07 15:38:13 | 00,000,000 | ---- | M] () -- C:\WINDOWS\Fdona.bin
[2009/11/06 15:22:56 | 00,000,000 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\My Documents\Section1.docx
[2009/10/31 11:51:25 | 00,001,733 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\McGraw-Hill's GED.lnk
[2009/10/23 12:59:41 | 00,000,636 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Zune.lnk
[2009/10/23 12:18:00 | 00,000,410 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\My Documents\Shortcut to My Documents.lnk
[2009/10/23 07:25:43 | 00,000,336 | ---- | M] () -- C:\WINDOWS\tasks\HPCeeSchedule.job
[12 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2009/11/13 23:14:21 | 00,007,164 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\DrWeb1.csv
[2009/11/13 00:45:24 | 00,003,235 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\DrWeb.csv
[2009/11/12 22:12:09 | 00,000,868 | ---- | C] () -- C:\WINDOWS\System32\5807001.exe
[2009/11/12 22:11:42 | 00,000,000 | ---- | C] () -- C:\WINDOWS\SC.INS
[2009/11/12 22:11:42 | 00,000,000 | ---- | C] () -- C:\WINDOWS\sc.exe
[2009/11/12 11:23:17 | 00,421,438 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\1-5A.JPG
[2009/11/11 22:20:54 | 00,000,140 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\webct_upload_applet.properties
[2009/11/11 22:18:17 | 00,002,516 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Japanese Comics are Popular in Foreign Countries.rtf
[2009/11/11 13:17:58 | 02,083,177 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\newsletter-november-issue2[1].docx
[2009/11/11 11:24:35 | 00,077,867 | ---- | C] () -- C:\WINDOWS\System32\win.dll
[2009/11/11 10:55:19 | 00,080,896 | ---- | C] () -- C:\WINDOWS\System32\zmdpmg.exe
[2009/11/11 10:30:06 | 00,443,393 | ---- | C] () -- C:\WINDOWS\isvchost.exe
[2009/11/11 10:22:56 | 00,419,282 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\error2.bmp
[2009/11/10 22:16:18 | 00,050,176 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Win32kDiag.exe
[2009/11/10 20:37:49 | 00,000,348 | ---- | C] () -- C:\WINDOWS\System32\uses32.dat
[2009/11/10 20:37:49 | 00,000,100 | ---- | C] () -- C:\WINDOWS\System32\flags.ini
[2009/11/10 20:37:39 | 00,001,660 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2009/11/10 19:34:10 | 00,004,629 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\essay.rtf
[2009/11/10 17:12:21 | 01,326,905 | ---- | C] () -- C:\jwpcehlp.exe
[2009/11/10 17:12:14 | 00,993,344 | ---- | C] () -- C:\jwpceman.exe
[2009/11/10 17:12:10 | 10,748,032 | ---- | C] () -- C:\jwpcemax.exe
[2009/11/10 17:11:34 | 05,111,141 | ---- | C] () -- C:\jwpcemin.exe
[2009/11/10 16:51:11 | 00,056,179 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\jpforlauren.jpg
[2009/11/10 15:49:32 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\settings.dat
[2009/11/10 12:34:03 | 00,528,896 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\dds.scr
[2009/11/10 10:01:19 | 00,058,880 | ---- | C] () -- C:\WINDOWS\System32\332.exe
[2009/11/10 10:01:19 | 00,000,152 | ---- | C] () -- C:\WINDOWS\System32\api.reg
[2009/11/10 10:01:18 | 00,024,576 | ---- | C] () -- C:\WINDOWS\System32\rass32.exe
[2009/11/09 21:58:43 | 00,059,392 | ---- | C] () -- C:\WINDOWS\System32\winnt.exe
[2009/11/09 12:26:18 | 00,000,762 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Resume Adobe Downloads.lnk
[2009/11/08 23:02:17 | 00,000,788 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2009/11/08 20:47:18 | 00,000,699 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/11/08 18:09:06 | 00,001,577 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Internet Explorer.lnk
[2009/11/08 15:18:05 | 00,000,941 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Spybot - Search & Destroy.lnk
[2009/11/08 14:19:53 | 00,000,825 | ---- | C] () -- C:\WINDOWS\System32\wininit.dll
[2009/11/08 13:46:10 | 00,000,720 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Craving Explorer.lnk
[2009/11/08 13:23:12 | 01,158,818 | ---- | C] () -- C:\WINDOWS\System32\korwbrkr.lex
[2009/11/08 13:23:12 | 00,001,486 | ---- | C] () -- C:\WINDOWS\System32\noise.kor
[2009/11/08 13:23:10 | 00,002,060 | ---- | C] () -- C:\WINDOWS\System32\noise.jpn
[2009/11/08 13:22:46 | 00,211,938 | ---- | C] () -- C:\WINDOWS\System32\lcphrase.tbl
[2009/11/08 13:22:46 | 00,146,126 | ---- | C] () -- C:\WINDOWS\System32\array30.tab
[2009/11/08 13:22:46 | 00,110,566 | ---- | C] () -- C:\WINDOWS\System32\arphr.tbl
[2009/11/08 13:22:46 | 00,024,114 | ---- | C] () -- C:\WINDOWS\System32\lcptr.tbl
[2009/11/08 13:22:46 | 00,018,600 | ---- | C] () -- C:\WINDOWS\System32\arrayhw.tab
[2009/11/08 13:22:46 | 00,016,312 | ---- | C] () -- C:\WINDOWS\System32\arptr.tbl
[2009/11/08 13:22:45 | 00,116,285 | ---- | C] () -- C:\WINDOWS\System32\msdayi.tbl
[2009/11/08 13:22:45 | 00,043,242 | ---- | C] () -- C:\WINDOWS\System32\phoncode.tbl
[2009/11/08 13:22:45 | 00,004,071 | ---- | C] () -- C:\WINDOWS\System32\phon.tbl
[2009/11/08 13:22:45 | 00,002,714 | ---- | C] () -- C:\WINDOWS\System32\phonptr.tbl
[2009/11/08 13:22:45 | 00,000,700 | ---- | C] () -- C:\WINDOWS\System32\dayiptr.tbl
[2009/11/08 13:22:45 | 00,000,520 | ---- | C] () -- C:\WINDOWS\System32\dayiphr.tbl
[2009/11/08 13:22:44 | 00,195,618 | ---- | C] () -- C:\WINDOWS\System32\c_10002.nls
[2009/11/08 13:22:44 | 00,082,172 | ---- | C] () -- C:\WINDOWS\System32\bopomofo.nls
[2009/11/08 13:22:44 | 00,066,728 | ---- | C] () -- C:\WINDOWS\System32\big5.nls
[2009/11/08 13:22:44 | 00,044,370 | ---- | C] () -- C:\WINDOWS\System32\acode.tbl
[2009/11/08 13:22:44 | 00,044,370 | ---- | C] () -- C:\WINDOWS\System32\a234.tbl
[2009/11/08 13:22:44 | 00,001,460 | ---- | C] () -- C:\WINDOWS\System32\a15.tbl
[2009/11/08 13:22:39 | 00,016,254 | ---- | C] () -- C:\WINDOWS\System32\PINTLPAE.HLP
[2009/11/08 13:22:39 | 00,014,821 | ---- | C] () -- C:\WINDOWS\System32\PINTLPAD.HLP
[2009/11/08 13:22:29 | 01,564,868 | ---- | C] () -- C:\WINDOWS\System32\WINSP.MB
[2009/11/08 13:22:29 | 01,223,500 | ---- | C] () -- C:\WINDOWS\System32\WINZM.MB
[2009/11/08 13:22:28 | 01,783,864 | ---- | C] () -- C:\WINDOWS\System32\WINPY.MB
[2009/11/08 13:22:26 | 00,173,602 | ---- | C] () -- C:\WINDOWS\System32\c_10008.nls
[2009/11/08 13:22:26 | 00,083,748 | ---- | C] () -- C:\WINDOWS\System32\prcp.nls
[2009/11/08 13:22:26 | 00,083,748 | ---- | C] () -- C:\WINDOWS\System32\prc.nls
[2009/11/08 13:21:41 | 00,189,986 | ---- | C] () -- C:\WINDOWS\System32\c_1361.nls
[2009/11/08 13:21:41 | 00,177,698 | ---- | C] () -- C:\WINDOWS\System32\c_10003.nls
[2009/11/08 13:21:41 | 00,047,066 | ---- | C] () -- C:\WINDOWS\System32\ksc.nls
[2009/11/08 13:19:37 | 00,177,698 | ---- | C] () -- C:\WINDOWS\System32\c_20949.nls
[2009/11/08 13:19:36 | 00,180,770 | ---- | C] () -- C:\WINDOWS\System32\c_20932.nls
[2009/11/08 13:19:36 | 00,180,258 | ---- | C] () -- C:\WINDOWS\System32\c_20000.nls
[2009/11/08 13:19:36 | 00,173,602 | ---- | C] () -- C:\WINDOWS\System32\c_20936.nls
[2009/11/08 13:19:36 | 00,162,850 | ---- | C] () -- C:\WINDOWS\System32\c_10001.nls
[2009/11/08 13:19:36 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_21027.nls
[2009/11/08 13:19:36 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_20290.nls
[2009/11/08 13:19:36 | 00,028,288 | ---- | C] () -- C:\WINDOWS\System32\xjis.nls
[2009/11/08 05:21:02 | 00,000,221 | ---- | C] () -- C:\WINDOWS\System32\winset.ini
[2009/11/08 00:08:26 | 00,000,638 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\µTorrent.lnk
[2009/11/08 00:01:51 | 00,000,737 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Audacity.lnk
[2009/11/07 23:57:23 | 00,001,556 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\CCleaner.lnk
[2009/11/07 23:54:37 | 00,000,727 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\VLC media player.lnk
[2009/11/07 23:19:59 | 00,006,144 | ---- | C] () -- C:\WINDOWS\System32\WinRAR.dll
[2009/11/07 23:09:18 | 00,001,819 | RHS- | C] () -- C:\WINDOWS\System32\drivers\103C_HP_CPC_RE474AA-ABA SR2023WM NA680_YC_0Pres_QCNH640_E64NAemREA4_48_INAOS_SASUSTek Computer INC._V1.05_B3.00_T060630_WXP2_L409_M959_J160_7AMD_8Athlon 64_92.2_#061225_N_Z14F12F20_G10DE0241.MRK
[2009/11/07 23:09:17 | 10,051,13344 | -HS- | C] () -- C:\hiberfil.sys
[2009/11/07 23:07:35 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\Compaq_Administrator\Application Data\desktop.ini
[2009/11/07 23:07:33 | 05,300,944 | -H-- | C] () -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\IconCache.db
[2009/11/07 23:07:33 | 00,043,680 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009/11/07 23:07:33 | 00,000,143 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\fusioncache.dat
[2009/11/07 23:07:29 | 00,000,178 | -HS- | C] () -- C:\Documents and Settings\Compaq_Administrator\ntuser.ini
[2009/11/07 23:07:28 | 05,242,880 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\NTUSER.DAT
[2009/11/07 16:05:34 | 00,000,000 | -HS- | C] () -- C:\284294437
[2009/11/07 15:38:13 | 00,000,120 | ---- | C] () -- C:\WINDOWS\Pcuhumu.dat
[2009/11/07 15:38:13 | 00,000,000 | ---- | C] () -- C:\WINDOWS\Fdona.bin
[2009/11/07 15:31:20 | 00,000,270 | -H-- | C] () -- C:\WINDOWS\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
[2009/11/06 15:22:56 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\My Documents\Section1.docx
[2009/10/31 11:51:25 | 00,001,733 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\McGraw-Hill's GED.lnk
[2009/10/23 12:18:00 | 00,000,410 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\My Documents\Shortcut to My Documents.lnk
[2009/10/23 07:25:42 | 00,000,336 | ---- | C] () -- C:\WINDOWS\tasks\HPCeeSchedule.job
[2008/08/17 13:47:01 | 00,000,000 | ---- | C] () -- C:\Program Files\temp01
[2007/10/01 08:20:53 | 00,000,087 | ---- | C] () -- C:\WINDOWS\encore_launcher.ini
[2007/09/16 08:05:57 | 00,020,480 | ---- | C] () -- C:\Program Files\Community Service Log.xls
[2007/06/04 07:48:50 | 00,000,000 | ---- | C] () -- C:\WINDOWS\MSDraw.ini
[2007/04/07 13:11:18 | 00,001,362 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007/02/26 17:20:56 | 00,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2007/01/13 10:02:18 | 00,019,456 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/01/02 23:20:59 | 00,002,352 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Application Data\wklnhst.dat
[2006/12/26 12:27:21 | 00,000,642 | ---- | C] () -- C:\WINDOWS\LEXSTAT.INI
[2006/12/25 21:26:44 | 00,000,029 | ---- | C] () -- C:\WINDOWS\atid.ini
[2006/09/05 20:52:08 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/09/05 20:25:43 | 00,028,848 | ---- | C] () -- C:\WINDOWS\System32\drivers\USBkey.sys
[2006/09/05 20:18:08 | 00,012,988 | ---- | C] () -- C:\WINDOWS\System32\CHODDI.SYS
[2006/09/05 20:17:58 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\hpreg.dll
[2006/09/05 20:14:46 | 00,000,174 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2006/09/05 20:04:57 | 00,000,108 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2006/09/05 20:03:40 | 00,000,698 | ---- | C] () -- C:\WINDOWS\NSSetDefaultBrowser.ini
[2006/09/05 19:58:56 | 00,000,368 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2006/09/05 19:57:51 | 00,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2006/09/05 19:54:35 | 01,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006/09/05 19:54:35 | 01,466,368 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006/09/05 19:54:35 | 01,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006/09/05 19:54:35 | 00,573,440 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006/09/05 19:54:35 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006/09/05 19:54:35 | 00,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2006/09/05 19:54:34 | 00,106,496 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2006/09/05 19:53:10 | 00,000,791 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2006/09/05 19:31:51 | 00,323,584 | ---- | C] () -- C:\WINDOWS\System32\pythoncom22.dll
[2006/09/05 19:31:51 | 00,094,208 | ---- | C] () -- C:\WINDOWS\System32\pywintypes22.dll
[2006/09/05 19:31:32 | 00,016,896 | ---- | C] () -- C:\WINDOWS\System32\bcbmm.dll
[2006/06/29 13:58:52 | 00,030,808 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont
[2006/06/29 13:53:56 | 00,026,489 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006/06/16 13:58:18 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2006/04/18 14:39:28 | 00,029,779 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006/04/18 14:39:28 | 00,026,040 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2005/08/30 23:02:00 | 00,000,477 | ---- | C] () -- C:\WINDOWS\win.ini
[2005/08/30 15:52:36 | 00,000,231 | ---- | C] () -- C:\WINDOWS\system.ini
[2005/08/30 15:52:20 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\desktop.ini
[2005/08/05 23:01:54 | 00,239,104 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/08/03 01:19:16 | 00,050,176 | ---- | C] () -- C:\WINDOWS\armcex.dll
[2004/08/09 23:00:00 | 00,061,440 | ---- | C] () -- C:\WINDOWS\System32\WmdmPv32.dll
[2004/08/09 23:00:00 | 00,061,440 | ---- | C] () -- C:\WINDOWS\System32\Nwsapv32.dll
[2004/08/09 23:00:00 | 00,061,440 | ---- | C] () -- C:\WINDOWS\System32\NWCWov32.dll
[2004/08/09 23:00:00 | 00,061,440 | ---- | C] () -- C:\WINDOWS\System32\Irmonv32.dll
[2004/08/09 23:00:00 | 00,061,440 | ---- | C] () -- C:\WINDOWS\System32\Ipripv32.dll
[2004/08/09 23:00:00 | 00,061,440 | ---- | C] () -- C:\WINDOWS\System32\Iasv32.dll
[2004/08/09 23:00:00 | 00,061,440 | ---- | C] () -- C:\WINDOWS\System32\DMServ32.dll
[2004/08/09 23:00:00 | 00,061,440 | ---- | C] () -- C:\WINDOWS\System32\BtwSrv32.dll
[2004/08/09 23:00:00 | 00,061,440 | ---- | C] () -- C:\WINDOWS\System32\6to4v32.dll
[2004/08/09 23:00:00 | 00,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[2004/08/09 23:00:00 | 00,002,304 | ---- | C] () -- C:\WINDOWS\System32\daqdrv.sys
[2004/07/26 09:51:38 | 00,000,592 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini

========== Alternate Data Streams ==========

@Alternate Data Stream - 487 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:05EE1EEF
@Alternate Data Stream - 128 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:090FB735
@Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:260575F1
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8401B6D5
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F67AAFC5
@Alternate Data Stream - 108 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:43982D5E
@Alternate Data Stream - 101 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:EC0A74A1
@Alternate Data Stream - 101 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1CE87230
< End of report >

Edited by Rac9n, 14 November 2009 - 10:55 AM.

#10 Buckeye_Sam

Malware Expert

Members
17,382 posts
OFFLINE

Gender:Male
Location:Pickerington, Ohio
Local time:11:46 AM

Posted 14 November 2009 - 12:01 PM

I may ask for the extra log later, but for now just hang onto it.

Run OTL.exe

Under the Custom Scans/Fixes box at the bottom, paste in the following

:OTL
PRC - [2009/11/13 22:57:28 | 00,040,960 | ---- | M] () -- C:\WINDOWS\Temp\931576545.exe
PRC - [2009/11/13 22:57:11 | 00,040,960 | ---- | M] () -- C:\WINDOWS\Temp\30853137.exe
PRC - [2009/11/13 22:57:05 | 00,040,960 | ---- | M] () -- C:\WINDOWS\Temp\2732968759.exe
PRC - [2009/11/13 22:57:01 | 00,040,960 | ---- | M] () -- C:\WINDOWS\Temp\1832259352.exe
PRC - [2009/11/11 15:46:40 | 02,352,392 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\dc17794074\u877pxp.exe
PRC - [2009/11/08 00:08:26 | 00,313,648 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent\uTorrent.exe
PRC - [2004/08/09 23:00:00 | 00,067,584 | ---- | M] (Netopsystems AG) -- C:\WINDOWS\system32\FastNetSrv.exe
MOD - [2009/11/13 20:57:27 | 00,011,776 | ---- | M] () -- c:\WINDOWS\Temp\275713usc.dll
MOD - [2009/11/13 20:57:26 | 00,025,088 | ---- | M] () -- c:\WINDOWS\Temp\5724xxx.dll
MOD - [2009/11/13 00:56:34 | 00,023,552 | ---- | M] () -- c:\WINDOWS\Temp\eahecg930.dll
MOD - [2009/11/12 22:12:14 | 00,065,536 | ---- | M] (USA) -- C:\WINDOWS\system32\fgjk4wvb.dll
MOD - [2006/09/05 20:18:53 | 00,024,613 | ---- | M] (BackWeb) -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\IadHide5.dll
SRV - [2009/11/12 22:26:35 | 00,080,896 | ---- | M] () -- C:\WINDOWS\system32\zmdpmg.exe -- (Nationalbbs)
SRV - [2009/11/12 22:26:13 | 00,041,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdfmgr.exe -- (UMWdf)
SRV - [2009/11/11 11:24:34 | 00,077,867 | ---- | M] () -- C:\WINDOWS\system32\win.dll -- (win)
SRV - [2004/08/09 23:00:00 | 00,067,584 | ---- | M] (Netopsystems AG) -- C:\WINDOWS\system32\FastNetSrv.exe -- (fastnetsrv)
DRV - [2004/08/09 23:00:00 | 00,002,304 | ---- | M] () -- C:\WINDOWS\system32\daqdrv.sys -- (daqdrv)
O2 - BHO: (¹¤³Ì1.IE360) - {C5AA3460-D54C-4131-8E3C-5F3EC9446BD5} - C:\WINDOWS\system32\QingYL.dll (1.0 WinBug End)
O4 - HKLM..\Run: [calc] C:\WINDOWS\System32\calc.DLL File not found
O4 - HKLM..\Run: [ctfmon] C:\WINDOWS\System32\fgjk4wvb.DLL (USA)
O4 - HKLM..\Run: [rass32] C:\WINDOWS\system32\rass32.exe ()
O4 - HKU\S-1-5-21-2634742547-1843021351-2004436879-1007..\Run: [calc] C:\DOCUME~1\COMPAQ~1\ntuser.DLL File not found
O4 - HKU\S-1-5-21-2634742547-1843021351-2004436879-1007..\Run: [uTorrent] 
O4 - HKLM..\RunOnce: [ÑN@] Reg Error: Invalid data type. File not found
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFolderOptions = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFolderOptions = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1
O15 - HKLM\..Trusted Domains: trymedia.com ([]http in Trusted sites)
O15 - HKLM\..Trusted Domains: trymedia.com ([]https in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab (Shockwave Flash Object)
O20 - AppInit_DLLs: (c:\windows\system32\rdolib.dll) - C:\WINDOWS\system32\rdolib.dll (Microsoft Corporation)
O20 - AppInit_DLLs: (c:\windows\temp\eahecg930.dll) - c:\WINDOWS\Temp\eahecg930.dll ()
O20 - AppInit_DLLs: (c:\windows\temp\5724xxx.dll) - c:\WINDOWS\Temp\5724xxx.dll ()
O20 - AppInit_DLLs: (c:\windows\temp\275713usc.dll) - c:\WINDOWS\Temp\275713usc.dll ()
O20 - HKU\.DEFAULT Winlogon: Shell - (c:\windows\system32\W1NL0g0.exe) - C:\WINDOWS\system32\W1NL0g0.exe (QvodPlayer)
O20 - HKU\S-1-5-18 Winlogon: Shell - (c:\windows\system32\W1NL0g0.exe) - C:\WINDOWS\system32\W1NL0g0.exe (QvodPlayer)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\Temp\6746999953.dll ()
[12 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2009/11/14 10:10:00 | 00,000,270 | -H-- | M] () -- C:\WINDOWS\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
[2009/11/14 09:27:56 | 00,058,880 | ---- | M] () -- C:\WINDOWS\System32\332.exe
[2009/11/14 09:27:55 | 00,059,392 | ---- | M] () -- C:\WINDOWS\System32\winnt.exe
[2009/11/13 00:55:58 | 00,151,553 | ---- | M] (Andreas Hausladen) -- C:\WINDOWS\sv1.exe
[2009/11/13 00:53:38 | 00,443,393 | ---- | M] () -- C:\WINDOWS\isvchost.exe
[2009/11/13 00:27:42 | 00,091,136 | ---- | M] (Andreas Hausladen) -- C:\WINDOWS\System32\opeia.exe
[2009/11/12 22:25:20 | 00,024,576 | ---- | M] () -- C:\WINDOWS\System32\rass32.exe
[2009/11/12 22:12:14 | 00,065,536 | ---- | M] (USA) -- C:\WINDOWS\System32\fgjk4wvb.dll
[2009/11/12 22:12:09 | 00,000,868 | ---- | M] () -- C:\WINDOWS\System32\5807001.exe
[2009/11/10 17:12:24 | 01,326,905 | ---- | M] () -- C:\jwpcehlp.exe
[2009/11/10 17:12:16 | 00,993,344 | ---- | M] () -- C:\jwpceman.exe
[2009/11/10 17:12:10 | 10,748,032 | ---- | M] () -- C:\jwpcemax.exe
[2009/11/10 17:11:44 | 05,111,141 | ---- | M] () -- C:\jwpcemin.exe


:Commands
[purity]
[emptytemp]
[Reboot]

Then click the Run Fix button at the top
Let the program run unhindered, reboot when it is done
You will get a log that shows the results of the fix. Please post it.
Then also run and post a new OTL log.

#11 Rac9n

Topic Starter

Members
15 posts
OFFLINE

Local time:11:46 AM

Posted 14 November 2009 - 12:48 PM

When I first ran the fix, immediately a windows popped up saying "This system is shutting down. Please save all work in progress and log off. All unsaved changes will be lost. This shutdown was initiated by NT AUTHORITY\SYSTEM
Time before shutdown: 00:01:00" At the bottom is says something about the DCom launcher terminating unexpectedly, sorry I don't have the direct quote. I've had this same window appear before when I've ended one of the ten svchost.exe's that I have running. It counts down 60 seconds, and then shuts down. I'm not sure if that interfered with the OTL scan or not, because the window popped up immediately after clicking "Run Fix" and the scan hadn't finished in the sixty seconds before shut down. But, a fix log was open when it restarted, and here's that.

All processes killed
========== OTL ==========
No active process named 931576545.exe was found!
No active process named 30853137.exe was found!
No active process named 2732968759.exe was found!
No active process named 1832259352.exe was found!
No active process named u877pxp.exe was found!
No active process named uTorrent.exe was found!
No active process named FastNetSrv.exe was found!
Service Nationalbbs stopped successfully!
Service Nationalbbs deleted successfully!
C:\WINDOWS\system32\zmdpmg.exe moved successfully.
Service UMWdf stopped successfully!
Service UMWdf deleted successfully!
C:\WINDOWS\system32\wdfmgr.exe moved successfully.
Service win stopped successfully!
Service win deleted successfully!
C:\WINDOWS\system32\win.dll moved successfully.
Service fastnetsrv stopped successfully!
Service fastnetsrv deleted successfully!
C:\WINDOWS\system32\FastNetSrv.exe moved successfully.
Service daqdrv stopped successfully!
Service daqdrv deleted successfully!
C:\WINDOWS\system32\daqdrv.sys moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C5AA3460-D54C-4131-8E3C-5F3EC9446BD5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C5AA3460-D54C-4131-8E3C-5F3EC9446BD5}\ deleted successfully.
C:\WINDOWS\system32\QingYL.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\calc deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ctfmon deleted successfully.
C:\WINDOWS\system32\fgjk4wvb.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\rass32 deleted successfully.
C:\WINDOWS\system32\rass32.exe moved successfully.
Registry value HKEY_USERS\S-1-5-21-2634742547-1843021351-2004436879-1007\Software\Microsoft\Windows\CurrentVersion\Run\\calc deleted successfully.
Registry value HKEY_USERS\S-1-5-21-2634742547-1843021351-2004436879-1007\Software\Microsoft\Windows\CurrentVersion\Run\\uTorrent deleted successfully.
File not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce\\ÑN@ deleted successfully.
Registry value HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoFolderOptions deleted successfully.
Registry value HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableRegistryTools deleted successfully.
Registry value HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoFolderOptions not found.
Registry value HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableRegistryTools not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\trymedia.com\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\trymedia.com\ not found.
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {D27CDB6E-AE6D-11CF-96B8-444553540000}
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{D27CDB6E-AE6D-11CF-96B8-444553540000}\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{D27CDB6E-AE6D-11CF-96B8-444553540000}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D27CDB6E-AE6D-11CF-96B8-444553540000}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{D27CDB6E-AE6D-11CF-96B8-444553540000}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D27CDB6E-AE6D-11CF-96B8-444553540000}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:c:\windows\system32\rdolib.dll deleted successfully.
C:\WINDOWS\system32\rdolib.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:c:\windows\temp\eahecg930.dll deleted successfully.
c:\WINDOWS\Temp\eahecg930.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:c:\windows\temp\5724xxx.dll deleted successfully.
c:\WINDOWS\Temp\5724xxx.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:c:\windows\temp\275713usc.dll deleted successfully.
c:\WINDOWS\Temp\275713usc.dll moved successfully.
Registry value HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell:c:\windows\system32\W1NL0g0.exe deleted successfully.
C:\WINDOWS\system32\W1NL0g0.exe moved successfully.
Registry value HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell:c:\windows\system32\W1NL0g0.exe deleted successfully.
File C:\WINDOWS\system32\W1NL0g0.exe not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\CDBurn deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\ deleted successfully.
C:\WINDOWS\Temp\6746999953.dll moved successfully.
C:\WINDOWS\System32\2.tmp deleted successfully.
C:\WINDOWS\System32\3.tmp deleted successfully.
C:\WINDOWS\System32\4.tmp deleted successfully.
C:\WINDOWS\System32\5.tmp deleted successfully.
C:\WINDOWS\System32\6.tmp deleted successfully.
C:\WINDOWS\System32\7.tmp deleted successfully.
C:\WINDOWS\System32\8.tmp deleted successfully.
C:\WINDOWS\System32\9.tmp deleted successfully.
C:\WINDOWS\System32\C.tmp deleted successfully.
C:\WINDOWS\System32\CONFIG.TMP deleted successfully.
C:\WINDOWS\System32\E.tmp deleted successfully.
C:\WINDOWS\System32\E9.tmp deleted successfully.
C:\WINDOWS\System32\EB.tmp deleted successfully.
C:\WINDOWS\msdownld.tmp\msdownld.tmp folder deleted successfully.
C:\WINDOWS\msdownld.tmp folder deleted successfully.
C:\WINDOWS\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job moved successfully.
C:\WINDOWS\system32\332.exe moved successfully.
C:\WINDOWS\system32\winnt.exe moved successfully.
File C:\WINDOWS\sv1.exe not found.
C:\WINDOWS\isvchost.exe moved successfully.
C:\WINDOWS\system32\opeia.exe moved successfully.
File C:\WINDOWS\System32\rass32.exe not found.
File C:\WINDOWS\System32\fgjk4wvb.dll not found.
C:\WINDOWS\system32\5807001.exe moved successfully.
C:\jwpcehlp.exe moved successfully.
C:\jwpceman.exe moved successfully.
C:\jwpcemax.exe moved successfully.
C:\jwpcemin.exe moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: All Users

User: Compaq_Administrator
->Temp folder emptied: 127692767 bytes
->Temporary Internet Files folder emptied: 8893372 bytes
->Java cache emptied: 3724768 bytes
->FireFox cache emptied: 89254047 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: Lauren.DAMACHINE
->Temp folder emptied: 16 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Java cache emptied: 4491156 bytes

User: Lauren1
->Temp folder emptied: 31443 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Java cache emptied: 1685870 bytes
->FireFox cache emptied: 2807146 bytes
->Google Chrome cache emptied: 347429889 bytes

User: LocalService
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 6664942 bytes
->Java cache emptied: 241325 bytes

User: NetworkService
->Temp folder emptied: 154636 bytes
->Temporary Internet Files folder emptied: 1770949 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
Windows Temp folder emptied: 17166114 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 610255 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 3913680 bytes
RecycleBin emptied: 14831589 bytes

Total Files Cleaned = 602.18 mb

OTL by OldTimer - Version 3.1.5.0 log created on 11142009_123021

Files\Folders moved on Reboot...
File\Folder C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\Temporary Internet Files\Content.IE5\K1H31B47\1J36U6CAAOQZLOCATH9HWFCA6BAIN0CA6YX70MCA5VWU0PCA2OCBJWCA11QYZKCA8RBXI7CALSFRABCAH8U2T0CA5KH6KVCAXYQJDZCAY9SJ8FCAK3SS8CCA8RH2RTCAGV9C68CA7QGNBLCAP6541OCA2IJQ3YCARE8IHXCACTX4CR not found!
File\Folder C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\Temporary Internet Files\Content.IE5\K1H31B47\5ISX48CAAP3SC3CASC8I1LCAOTU5Y5CAUORSZ1CASHV0KZCA86J2E9CA5ET3YCCAVCUWALCA86LUQHCAPP005ZCAP25ANWCAEQZHSECAI7XTI6CAILS368CAKJ2INNCAG1VZZVCANEPRQPCA4BUNMJCASALBGKCAK821EDCA28YD5H not found!
File\Folder C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\Temporary Internet Files\Content.IE5\K1H31B47\681766CA7YEF1LCA9JG6QRCAISSR69CALXUN2OCA5BN2B3CADVL301CAK89UNCCA2A7IHTCAUZSWBUCAUFVYIMCAB3YZ9JCA9PFMEVCA3P9D5HCAMBVG2JCAO8ZYH9CAXYNO8ACARRB2Y1CAD21RDWCAZ3732JCA2CTSVJCAC9YW6L not found!
File\Folder C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\Temporary Internet Files\Content.IE5\K1H31B47\818G2XCA8BGEH0CA3CKDQXCAQCGUYFCAJWPAOMCA5MYDARCAOHP8O4CAHIIB4ICATAWA0TCAYN22B2CA2UQNWYCAAT2IEECANM141WCARK7HOZCAD1789HCAJBJ49QCANCYEIBCAKKUWV6CA0IKKXUCA7O9VB3CA9LNU3DCAN8PX6F not found!
File\Folder C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\Temporary Internet Files\Content.IE5\K1H31B47\9YBRF2CA5JXNB2CAK369Z6CA87W8Q7CAEX2Y85CAN2F2BDCAADHN11CA6BDR1NCA6X9JOACANT9J27CAZ8Q2BXCAENFA5XCAMENJA8CAYSZ2PYCATV1K0ICA1QUPGHCARK982ACAD3P881CA1TAEHLCAW3TZ90CAVZB605CAERT8ID not found!
File\Folder C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\Temporary Internet Files\Content.IE5\K1H31B47\9YECD3CAJVBX3OCA8ZSBJBCA7QYOBVCAMC0RRTCA8MS7IECAARQ25HCA9XTABUCA7UJ7HRCA1SUWL4CAV5KDQ3CAL0Y064CA04YCYPCAY386F7CAHS20Y8CAJVADJBCAEKO4P2CAZHV7XWCAPFGSXPCAZXD7R0CAN6CFEGCAVVE82I not found!
File\Folder C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\Temporary Internet Files\Content.IE5\K1H31B47\combofix;net=ns;u=ns-36469669_1257743035,114fb157b78605c,none,;;kw=;dcopt=ist;tile=1;ord1=183665;sz=728x90;contx=none;btg=;ord=%20643419052330741[1] not found!
File\Folder C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\Temporary Internet Files\Content.IE5\K1H31B47\CY8ATDCASFYD56CAVMRZV7CA0UEGWTCAZOBFZHCA1CIUD9CAT7MW9KCADGRS87CAH27S61CA90ZCOFCAYMB44WCAZIHNIDCAV48PGBCAZ0KEW6CAD0EAZNCA9L2IGUCASC3CO0CAFGHL3DCAFJ5LYMCAZJFY5WCABF0U6OCAW6O3M2 not found!
File\Folder C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\Temporary Internet Files\Content.IE5\K1H31B47\EoFg00OBzsPrGbvVilZcuu3EVJT3byApuqetN3JcM3Igy7UQSedxWTtg5QDj_rSx9VPoru0O0Qj2GDLYT4nkK7coHFeF096FZXJrl799TakKfkNjsSGAvywy6UKECY0vKNEfw7QR8NHISzHDqc8-i2Fl9142Bb83hB0SETNvc[1].jpg not found!
File\Folder C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\Temporary Internet Files\Content.IE5\K1H31B47\GQEYPCCA0LOVL3CA7X69HSCASC0PR0CAN58PYICA5TE83HCATZX4OLCAPX91HPCAR24RVZCA7S9FJRCAH2WT8ZCAOYRQ03CAVOKEWQCA3QQYU8CAOLN1D3CA5AS4RUCAOIK7COCAZPY4J7CA1LI9HECAC7CDCECADJGUVECA46BDK6 not found!
File\Folder C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\Temporary Internet Files\Content.IE5\K1H31B47\K3Spy0CR8nQ0rChLXQaAHLF6oBffCSRql__-mk0sDpSKSA9No1L97bI6nbIzmUUIfHPSyBSZoTuUixkyVRfPqZP2b9CMtMj_iLUVXYub7ihaRv4QZKh6_Mh7KICmC-GpcHDvdKlONG0NBdIcDAx8XBHSC-eyFT9clJyspyv4c[1].jpg not found!
File\Folder C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\Temporary Internet Files\Content.IE5\K1H31B47\MPGSTfk6tntn9lMhNzbQHLF6oBffCSRql__-mk0sBS2-APa6-Kjbwi2-bArOJrSapu-KVjAn4SHee3m5N2oEZ14ctWC8QO4CSC5CPQIJvLN4N3O3w1AMMn8JFIldFICcHlotDsiA_VCoZpGZNTbhGFjoiP6oc49clJyspyv4c[1].jpg not found!
File\Folder C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\Temporary Internet Files\Content.IE5\K1H31B47\nI5Em5ckNVHJodC3sAYQHLF6oBffCSRql__-mk0sDAKG4Il2CZzPyBhoku3Vj46J6xwhE8H6Mg0Ms6pAlkg84QxKUhOB-it8I1KG9EoZhnmeNydRXQBbGTPqxAGJJNKTW739o-bxA_7z0UWBtkrZkaGURBn8bB9clJyspyv4c[1].jpg not found!
File\Folder C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\Temporary Internet Files\Content.IE5\K1H31B47\OSIM3MCAWCCYDHCACAUAVZCADF2N9TCA748O0TCAH2I6SGCAUD0J35CAYXAFETCA86IXCTCAR9XIZFCADQWM1YCAW03QTCCA6OARV4CAMZYGIACAL84TU6CAKUFPXCCA24IQXVCACFUPYGCA4NW71DCA50A8EFCA5CD59XCAK712PG not found!
File\Folder C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\Temporary Internet Files\Content.IE5\K1H31B47\R2TW14CAJIPFDUCAFYKSVWCAX5OI62CAMZGCP3CADREH79CA8FZ8J9CAZI74CBCA8J8607CAMIQQXRCAAUA2CGCA8FDDD8CA7L2SB0CA8P6PYGCA3U0WG1CAA2D84WCAYOCR63CALBC2Q0CAVY06D4CAYFCNKUCADQJD3ZCAFDNA3I not found!
File\Folder C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\Temporary Internet Files\Content.IE5\K1H31B47\T4UVTXCAD5519KCAGH0CRSCAL6MJ3CCAM5FU9ACAF2CWGYCAMFFE0LCA5Y5PZ6CAAM0ZNXCAOMIZPVCA3QDKLJCA11RJ5YCAA6HELNCA8QD862CAMMUU86CACV18MVCABXMCNWCABB8LZDCA1LB2GBCAPKR70RCADLJGRVCAO0Y83Q not found!
File\Folder C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\Temporary Internet Files\Content.IE5\K1H31B47\X0GTJDCADMEWYPCAU1KUR1CA8DZYX7CAIV00XKCAJCEH3HCAMQJKCSCA1Z2A8NCADJ6W44CAJTDRD8CA5DK349CAC2OIPBCAL64KR9CARL6I37CA7NJJQXCANQNBKBCAWRSEKNCAOMUCHBCAOZS6SOCAFVJF2NCAXNAV3ACA37FKOQ not found!
File\Folder C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\Temporary Internet Files\Content.IE5\K1H31B47\ZFuflrAS0C4tG24_fAxYn244T9QySLBUkasGfjTik81PhqXyhCQmUFbut8NMpI_uXUwErN7XhGylod0hgRN4T6FtQgXORGd_bYrcmp_1Hq3zYXRYQxBcwNLnRG801FrufpYZgCiy2MVgLEcezfUwFjA4C-86Fnuq-F1ppXt4A[1].jpg not found!
File\Folder C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\Temporary Internet Files\Content.IE5\K1H31B47\ZYXBFSCA58VRUUCAEV87QOCAV885APCAG025RZCATE18SECAQT7OUFCAQXPEMTCA8P4GZKCA1RFSH1CAAPAT98CAOBO13WCA0KRQ6TCAVMJPRPCAD96J3BCAZFLK4HCA3NKS11CAKHQWOACA469Y36CAVONILOCAVJH1FWCA7L2AK9 not found!
File\Folder C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\Temporary Internet Files\Content.IE5\48MKB2XE\06091ICADYIBGSCAM98O9QCA9VC8UQCA5C3E12CAD1FXN5CAD05CUXCA0NNF17CA0PYHECCAULXPFLCAEFL53YCA2M5BYVCA6206LHCAILB0FUCAFURLKHCAQY1XZOCAWEBY5RCAELI0JXCAN30JEECA50RXUECAXSXCKLCA9VUFWU not found!
File\Folder C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\Temporary Internet Files\Content.IE5\48MKB2XE\0M0WRYCAM5GLXLCA7I3SBJCALH8MENCA7IV8YWCAZTJL1RCAX4LMDMCA3120OKCABGBTO5CAFRG4IQCAAVW0INCADZ5V22CA9UYINDCA6MRPUACANQVN1SCAD4B5E9CAA6F32ICALDU9PRCAKOJ7ZGCAU4VKTJCAFJ417GCAN5MN0Y not found!
File\Folder C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\Temporary Internet Files\Content.IE5\48MKB2XE\2ZCGUUCA3TZHDFCAMV8CIECAHUYYRMCAX2DJ46CAOAYV3CCAMS244RCA5SHXZZCAJ4OR69CAXH0VF8CA2ZJD4UCASZX840CA2V3LLRCAF0ADG6CATRY805CA9OADHTCA8HM029CA7RTGDDCAJRMYHVCA7TIIRMCAJMTO3BCANNVPDD not found!
File\Folder C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\Temporary Internet Files\Content.IE5\48MKB2XE\EQxjje4ILrgisrGfi8uYn244T9QySLGuYu4eQLL2-tfMXpoACO1_iWoeA57m09jv_uKF25wLUQp7boMmiy1wdU6_8iTVWhp_iLNG2P9c0E0u8_KUNr_YULXQ0c3tQdxUeszrA-0myA6ZZikMryUbCUUWNkqV1uuq-F1ppXt4A[1].jpg not found!
File\Folder C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\Temporary Internet Files\Content.IE5\48MKB2XE\GPJGJ8CA57X0JICAPUMYQZCA9LX5CMCAK6LS25CA6HV87CCA6WZLZ5CAC40O22CAOJF1YACALUFE5DCAMR0SEWCAAQW3PBCA3UQS2LCAK8LW37CADAGIO3CAQ9TLKPCAJO16B7CA0QMJZFCANFQYS3CAVFPD3LCAPZV6RHCATW7VL7 not found!
File\Folder C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\Temporary Internet Files\Content.IE5\48MKB2XE\H78L79CA4WHETECAOQE0FTCA2O3JVJCAZFKOP4CAESU9COCA37XA5MCAY8CZO7CAQT71C8CAJWEBZKCAZ8HH7YCA0VR3S7CARD9LJRCAVTT2TXCAYA2JOQCAQYWSH4CA3VRXQKCAFM9H4HCA6ZGTQOCA8AYSVUCA81LT42CADXPHK8 not found!
File\Folder C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\Temporary Internet Files\Content.IE5\48MKB2XE\ONRRGMCAXG2IENCABA2SS8CA32848OCAL4N98QCALW367PCADXKBGMCABP563BCAOP2EXBCAY2B02ACAM8GSGFCANHQ1M3CAZROVKOCAWKQRE4CAWHBU4ICA8M3ZQ4CAQLM07SCARL9RW5CA8VJ95DCA2YDGG1CA6G6RRZCAU5XM7R not found!
File\Folder C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\Temporary Internet Files\Content.IE5\48MKB2XE\QYMVWYCA43QUPSCADCJBSSCASOCMR0CA536K1HCAJ0U5X3CAF81OBWCAUJPBTXCAWOUILWCA2PPOTXCA0TB34ACAAK4LERCAJMY1RPCA62Q4D3CAVZGBQGCAJ0SGD0CA1JUSL3CAYQ3UGYCA4IQ4HFCANYVP95CA2XPYUECA1YKP0N not found!
File\Folder C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\Temporary Internet Files\Content.IE5\48MKB2XE\SDOdgt9TyNxyfrjk3WG4n244T9QySLGuYu4eQLL28b7E6C0jOPidMWL9tdH7MsHF7nqACgGpmiHsIyr8QJq2XgP87ctahhR5gvds4yEl0bRzonKwBHgbXimbVSls39ujFy9OEBW1B4q_dcMP0Y2adbUT7To_3yuq-F1ppXt4A[1].jpg not found!
File\Folder C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\Temporary Internet Files\Content.IE5\48MKB2XE\slBsZYkBRdIZ-USRBcxgHLF6oBffCSRql__-mk0sDGZx8ilh7fOHqcXpWCAfLHdbevOW1d_h90lHV1SBpttWNqz3SvPJ7QoJzAxFkoNCbG015RHyBwe4PJ9CwtxZPshicSiwij8PzP0c4qb_iB9NThIknPVsmQ9clJyspyv4c[1].jpg not found!
File\Folder C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\Temporary Internet Files\Content.IE5\48MKB2XE\VT1K6KCA2YUEKLCAY1W27UCAXRPN4NCADW00IUCAPHUS2OCAZF7SZGCA4A8EPDCARP81E2CABATVD2CAKVFN7LCA16S5XNCAM897K1CAQVFAT0CAPWGVOHCAPCQ3QWCAAQE51KCAQL2KLGCA8VWLYSCAQXAWDHCA1I2ZL6CAYFK93A not found!
File\Folder C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\Temporary Internet Files\Content.IE5\48MKB2XE\X90BMSCAJ7HL9LCA0V3N01CAFNOVQLCARLQYDPCAWPTMB8CAJKAMTTCAIROMEECAMK5V2HCAG17IINCA4C220DCAJK1FPICANFI8I7CAVFHMSOCAHEHQ07CA5MHOZPCA2NDST0CA2B3SEWCA7SEAONCAUURZW0CA0FVN04CAAGJCBR not found!
File\Folder C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\Temporary Internet Files\Content.IE5\48MKB2XE\xnm6UI6YwQxbB9Rs05ZYn244T9QySLBUkasGfjTiny6g4hXFHgkG8W7uhXuRTXnnBQBoRuEhvQ8V_OAwXkgB-lBKToTKSuuVZZXNrQJ--va4G4y8cQZ_B-286LqksJPtrr3AXj02hnJ5WNg2-GME6YXRHNvqkmuq-F1ppXt4A[1].jpg not found!
File\Folder C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\Temporary Internet Files\Content.IE5\48MKB2XE\Y0LW6NCADIUOZ2CA308YL4CA7127TQCAFX228UCAX7LBDICAU1JD5ZCAM3SHYVCAW33OOUCASK91PKCA9TRSDSCAXT7H6ICA5SX1RACA43B230CAMQEVM8CACJE24VCAJL77Y3CAU18BW2CA1XZK2GCAXM1513CAMH2R9SCA3WN56I not found!
File\Folder C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\Temporary Internet Files\Content.IE5\48MKB2XE\Y9I6X0CAX35MQLCA0PD56GCANQ6MU9CA7CDG6ECAN9XETHCATMG0QBCA4C0PWWCAAQ5ULCCA1TNGIDCAJ2E2KXCAE3KWZPCA2NNWQMCAH0X8J2CA9DH1QGCA8AZKLGCA2B111BCAQXZULECA5NS6XOCAD0QWV0CAPEQNFLCAEI46D8 not found!
File\Folder C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\Temporary Internet Files\Content.IE5\31ZJ9UZ4\0ECA2MF491CAZD5X18CA5IFTYZCAV8FNA4CA4AGL2XCAGAR979CAKHA9F8CAFY3RTNCAV1BQY1CAMQGDV4CATD6M1QCAEZBVE6CALHFVNYCA6TOYXTCAK3SAM3CA43YYMRCAWI0FBUCAKK83P1CAP11GQ7CA50EYLJCAH29N0J.jpg not found!
File\Folder C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\Temporary Internet Files\Content.IE5\31ZJ9UZ4\1OCAXDN1VXCA3ORXMFCAHZZF1BCAVX5A7MCAV4LL1OCAR9USV2CADAKBWLCACUTD0ICAO2P32LCAU3ARNPCA4C6TC2CA0SC50PCAKY7Q2OCAHZ645PCALQW0EICA8G4L6VCACVB3FDCA887QUQCAD7Y764CAWFR4S2CAURD85D.jpg not found!
File\Folder C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\Temporary Internet Files\Content.IE5\31ZJ9UZ4\1XXJEBCA5HFQSNCAOQXOG9CAIQMV90CAUK683VCAS0LEPVCAPVY90QCAZFNH91CA1JHU4BCATXJOOUCAL2QV69CA8ILWO9CA4F9O4HCAL6PMIHCAG9YV6BCA4G6IM4CA1L3ATACAQ02M7PCA98L92QCAV24XO4CAQOQZB6CAL4G8L3 not found!
File\Folder C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\Temporary Internet Files\Content.IE5\31ZJ9UZ4\2HD3A0CALWY0WWCAUZ9KVGCAF7EURJCALDFDBUCAXCZ2OJCAKQZ4NBCA52D6Z7CABLSNP2CAMKYVL0CAC1QEXYCAW0YR3ZCAY7FEI9CADJ0T22CA2Z7GG7CA57PRP2CAZCJV8LCABKNLABCAMUNWDPCAY8MZJJCA8CSLG8CAV10KWJ not found!
File\Folder C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\Temporary Internet Files\Content.IE5\31ZJ9UZ4\AH6EA7CA852LBCCAVLVLOMCA9WNPD7CAPWBKTKCAWEJZ78CA8KJVYICA450FSJCAOZADFUCAXI75IBCANM51O8CAW1XRP6CABUD5AGCAR7XO0GCAD4E5VKCA7VNSR5CAT84236CAKZ0WFCCAWNHP4OCAGWMRW0CAW7FH4HCA1IZMO4 not found!
File\Folder C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\Temporary Internet Files\Content.IE5\31ZJ9UZ4\EF6962CADF2TDECAOOAK27CAAQRDV1CADKZQ5ICADITCJ5CAYGZX7QCAMTM31QCAZRTZ2QCASGG2IFCA9KUQIBCAB73XZKCATOF1BJCAFHBVZPCAJ0ZO28CAL2PG63CA0XGGZNCAA51547CABVQXRUCANBCS8TCAMIPADCCAOAQBGQ not found!
File\Folder C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\Temporary Internet Files\Content.IE5\31ZJ9UZ4\GVCAOJQI8NCA0PRZCFCAJNW2N8CA56BU05CAKQOKLSCAJY23XBCAGDTP9BCA46MZZ6CAKBC9U0CA7BG8TCCAM8UPS4CAOJVL87CA38KYG9CAOIHLAJCAFT0Q71CAZT8JPHCAI2NN9RCABLN8C5CA6NUMMKCARBQ31MCAF65E0I.jpg not found!
File\Folder C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\Temporary Internet Files\Content.IE5\31ZJ9UZ4\HMCADRMGWKCAJJ2LBHCA5TS3NZCAOZW48YCAMFCMJOCAJVPI5NCATUYWF2CAHJRB9BCAPTDTF7CA6N1WN8CA4WYMNCCA9ZN6QTCA8Z4HQSCAUP26JGCA3V2V0XCAEDPMZQCAAC3UF1CA1TSS6NCAJF4YIECA0C3M6HCAKV3SGA.jpg not found!
File\Folder C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\Temporary Internet Files\Content.IE5\31ZJ9UZ4\IKRUHBCA8X59MYCAB8279WCAZJFEKXCAJTI8M2CA4HFG1MCA05KAHFCAOZV36SCA10XG0YCAV6DIE7CAR0QPAZCA3QDUI5CAHE3JMFCA4L48MCCAGL9BNYCA4S5BI1CAJPY3EUCA6FIKZ2CAHKASB1CAJTRPZMCAGSQ8TDCAKEL4UX not found!
File\Folder C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\Temporary Internet Files\Content.IE5\31ZJ9UZ4\KFLHQZCAIXYG7YCAXP3098CA6CA4QGCAKVWW32CAMPULO6CALGN0GSCALPHMU4CA8Y0X73CADAS80BCAERC3NQCARIA9R0CAUIVC9KCA5M6GDECAMZC046CAXPFV8ACAWOBQUACAZQPXERCARLYJD3CAYS0ZH6CA7558E1CARHKD0J not found!
File\Folder C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\Temporary Internet Files\Content.IE5\31ZJ9UZ4\N1KROCCAAUNXHLCADTJCHZCARREN5GCAXR319SCAUZ0AV6CAWDFGA1CAUVT8DCCA4XGMQFCAA7V1XCCAT0U56KCAER6MIICA3ITAK6CA9WJLX3CASKK2SWCAOPK0Y1CADFO1RWCAYOTV0PCAZA3H39CA08N7RCCAC5W2QUCASKA5W4 not found!
File\Folder C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\Temporary Internet Files\Content.IE5\31ZJ9UZ4\RI42BYCAW2E09NCA14AF6ACAZSOBPJCA80G6DNCA4Q847CCADRD33FCAKEAJLICAXFZBSPCAIH7UT3CAAPIRFXCACRJEF4CAZZ1LUXCAUL46ZKCABVBK21CAJJMUJECAZ2OU2WCAQ4P1QXCAC5GG52CACXQNMUCANCG6JOCA8XO65M not found!
File\Folder C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\Temporary Internet Files\Content.IE5\31ZJ9UZ4\SMEEUMCAN210RNCA48O6XDCAS3GZ7PCAE8DZ81CA14MITACAAG9N0CCAGVN7KZCAF2WHMMCA0GHO7ACAULRA1XCAOBPU30CAGHK8J2CAVU4C0DCA0CIQ4VCAR9HKAICAQTHWZZCA2F6FR7CAPKAPN5CAWX6P35CAN0IUGCCAJUW1RU not found!
File\Folder C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\Temporary Internet Files\Content.IE5\31ZJ9UZ4\sNURJ3_AsfSEmxV6D02QHLF6oBffCSRql__-mk0sDM_PyxbLvsFT_vQTUXi_DOA02sG3edoZtfBx9vv6N_aLa6IoOiQmNCMhGMRk5QoLvVhndCh4MRm4sHoU6SByOhymiGZ3e5lgZ7DUEzYgvtfb4Du6keunq_9clJyspyv4c[1].jpg not found!
File\Folder C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\Temporary Internet Files\Content.IE5\31ZJ9UZ4\WFCAD7Z9FSCA9ZSEZMCAQE2D9GCAVP0F0QCAJ8OHKCCAKE3CB8CA5XXI3MCA6JTJTBCAL54IYDCAMY6JZSCAMDE792CADKW5Y3CAFDS6OICA9BGI14CAZ67GMXCAALPC78CAWZ4FTUCAIRP3SECA3DPZ1BCA37BRZICANN1W3P.jpg not found!
File\Folder C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\Temporary Internet Files\Content.IE5\31ZJ9UZ4\WQU2L7CAANJ9JMCAA3ZRT8CARVU4RKCAVGSE2GCABOEHKPCAOGUOBMCAJ7M6ZFCAVC1JTFCAD8ZI78CAODENT5CAEX6TK3CAJM5TD2CA1DXG6UCA86P73VCA9TOA1WCAEGJPFGCALN0IVPCAK8NVM9CA58XKZOCAWZLEDDCAZE0EHD not found!
File\Folder C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\Temporary Internet Files\Content.IE5\31ZJ9UZ4\X9TJ98CAM7PXXQCA3PLJNRCA7IGXO5CAZNVX7ACA58GV6VCAPX85DZCA71HWO6CAQ6T84OCAEFMGCSCAPDTESNCA0ARFOFCA5K2U79CAIW1Z42CAXKLHXGCAEZ1YDDCA94YANRCADFAHBPCA40KW8UCARMS9ICCA26N1MWCA9GE0OQ not found!
File\Folder C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\Temporary Internet Files\Content.IE5\31ZJ9UZ4\XL3VOJCAAXWTA0CACUB5LHCAGLHOKCCARKLB7QCAI10WZHCAGN8J4TCAPZIYGTCAFYMGZFCARV147QCAZOC7FLCAHFUJP8CASBC626CARW6H92CAOJGNA8CAUW00Q0CADW7YMICASYQ35GCA4HRYX4CACX7FJ3CAW1888QCAXS0DDZ not found!
File\Folder C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\Temporary Internet Files\Content.IE5\31ZJ9UZ4\XN9SBECAQNMC8XCAKHEVMPCAHFPOBOCA2KZ9UQCA124F5ECAGJ6YNXCAXBOED4CAHLFBVCCAFIV2SACAB556LSCA8CGMIRCAHYV3LXCAP3L8MQCAE25DTRCA3TB8VECAFF1RY4CA0D91AUCAE199MQCABK383LCA6KDDNRCA12N50A not found!
File\Folder C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\Temporary Internet Files\Content.IE5\31ZJ9UZ4\Y1X1UJCA7ANZFJCA7O0ML4CA2DZ49WCA0EE2G9CATS14XLCAP9LS2ACAQY7JKICA29S7VYCA7NR3LTCAF3GYM2CAM9H0A1CAEOMS3YCAYVLIX1CAEO31R9CA2BR1LQCA0GX3Z0CAI5TYN9CAB8FF16CA5E8BMICA9KV4QYCASRSWLE not found!
File\Folder C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\Temporary Internet Files\Content.IE5\31ZJ9UZ4\zF3jqdcOIPYdEnIOTn1In244T9QySLGuYu4eQLL28uiu4xCfv6kKrpRjGXDzQb2XI2k4DfzP784KK45LTNUcyAtX3LKHFzlxDAE8YWjVE1b2xM-wwLnmPtLh8l2ShQRjhgFKaWKU3THoIA8ix9vBa4FWPKA8BHuq-F1ppXt4A[1].jpg not found!
File\Folder C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\Temporary Internet Files\Content.IE5\1TOP6DQ7\19QR20CAEKB2BSCACT4U7SCAH0HXWMCA34HJW8CAQZZS4YCA2P3062CABJ7FKSCASYWJTACARRIFVNCA8E86UDCA12VKLFCAQ4P6SFCASX72XWCAVUYPGVCA7HFESDCAOLEWZ4CAZ1QK1WCAFXE8MACAD1L03QCA3CB6Q0CASO4FOQ not found!
File\Folder C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\Temporary Internet Files\Content.IE5\1TOP6DQ7\2KCAS92H31CA4Z88MXCAH27IJ3CAY691DCCASWC813CA46NMORCA8X92UVCAUYRAFLCA2SDXE4CAMG4JGGCAH4SLFECAN9SFOJCA322UV9CA6SY7DUCA082V62CAYETVSDCAPMH28QCAXZUDDTCACJBWBVCAHBG4R6CA3JCMG5.jpg not found!
File\Folder C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\Temporary Internet Files\Content.IE5\1TOP6DQ7\7BELAXCAF2GJ5TCANR5339CAC246LQCA7MB1MZCA5ENVFLCA6QWC1JCAH2H0DNCAEW51BECARCXDJPCAMM5K5ECA9U29IFCAOD4GARCAGIQLFPCA3P71KHCALNCG9FCAHO0TR1CA6YVPOACAU57U7FCAUXQHDNCA7PF9W3CADX0GTF not found!
File\Folder C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\Temporary Internet Files\Content.IE5\1TOP6DQ7\BBGYNCCA1M6EJPCAC12SWVCAR0CF4MCAMN5WVDCATBA2T9CAFSLJPPCAC5YVMNCA2V3GYVCABP9PT8CA2A8RTECAR079RICAZMCYG1CAQ2K4KGCASEW1L3CAL13WKRCAA11JK0CALK1OZZCAZBBAITCASMLZQ0CAJELOQECAV7E451 not found!
File\Folder C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\Temporary Internet Files\Content.IE5\1TOP6DQ7\CYTKY4CAYE1GQICAFWWO6CCAU525K3CAF7KUIVCA97F78ICANZN3FYCA2DJJV1CAG1GS8MCA99G3NVCARITF83CAJ1M5Y2CANAHNHSCAIZUBT0CAIF51NXCA4NGXZ6CAXMJ479CANGEELUCA0WS3P4CA5GYIZ2CA1YSGNRCA6QHVYP not found!
File\Folder C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\Temporary Internet Files\Content.IE5\1TOP6DQ7\dcCW-U7CT-74Pg1duRhQHLF6oBffCSRql__-mk0sAqNE88FyaGVngqRx8PfQYdDz_UMzhQCPnUo-FLWfY2Pmd3ow3elECKmhYXrX9xO-tlkYZHjtpRI1oZrQfZL7R-PXtR331ALXMUgJlDdj25lS0OCaQ7cKeS9clJyspyv4c[1].jpg not found!
File\Folder C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\Temporary Internet Files\Content.IE5\1TOP6DQ7\DY5JLZCAQ70Y6KCAN9PJ2ACA3Q0DUPCACH7BJRCABGDQMYCAKXXN5WCABW6AJPCAQLWKTFCAJ9BUU3CAN4MBWLCA6P3RP4CAAMVNGACARBC1UZCAEXI9L2CA4UFOWDCAKD8YLVCAGY2EYUCAB72BELCAN2RW0DCA36GV8ZCAYXHDG0 not found!
File\Folder C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\Temporary Internet Files\Content.IE5\1TOP6DQ7\GJCAVT4WYSCAJOUQ4DCAFDZ0VUCA0BS41FCAMOB46NCAFJL9COCA0VQILGCATBG7IKCAW8KDXVCAJDNMRTCAXXRC04CAP6E0XPCAY4MPOPCA0UFAIVCA2PI8ECCASIPTRUCAY9FPIZCAS5RHFECATUQ6ZGCA7W6FNCCA8B8H6L.jpg not found!
File\Folder C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\Temporary Internet Files\Content.IE5\1TOP6DQ7\JMPWM0CAG21AWUCAUSA9NDCAMCJBW6CAOV681UCALUPNL0CAL5A6WSCAYIVCKWCADOI8VNCA3T7AWVCAZ3B5DECAKQ6MMRCADFP50SCAMV9ZITCAUSAUNMCAEEXKMVCACFZOJGCA0850Y8CAFXSQR3CAQNH01CCAPJ7QL8CA0BUNPS not found!
File\Folder C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\Temporary Internet Files\Content.IE5\1TOP6DQ7\MIO57PCA4CN3TLCASSX85LCAELVC7FCAQPFDHCCA9GW832CAJUOU5ECAYYNF7VCA30NKL1CAMA2K8HCA0NNY8TCAJ4XYJ5CA540W3ECAPVN4IOCA6F8VTPCA76N231CAH3EU9VCAEFLAXUCAWSRUXMCAX8Z6YUCA61HECJCAZQ58ZT not found!
File\Folder C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\Temporary Internet Files\Content.IE5\1TOP6DQ7\PD3GJKCAJ1EO3DCA0T6IKJCA1WRD6PCA16SKF1CA3H1SINCAL0223LCAN7AYJ1CAO8WWQ8CAGW4UCCCAGZF86WCA9GBYDFCAHT7381CAWZCD1GCAARED4HCAFXPZ43CARHJE4ECAO90360CAYTMDNZCA2ZKXTICADD03N0CA7XJ3CY not found!
File\Folder C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\Temporary Internet Files\Content.IE5\1TOP6DQ7\PLCACOFI6ACA3SEQCNCA26VI57CAONUTZ3CAJNDJ0JCAM3SKPLCAQDI03LCAGC8L0NCADKG0NPCA97DELCCALB5TS9CAEFSX3ECA0TB8XKCAZ9JAYBCA1MI9XGCAJY6TE7CAZZYPT8CAQ8KPSACAUA60H2CA5U4629CA0V0I0O.jpg not found!
File\Folder C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\Temporary Internet Files\Content.IE5\1TOP6DQ7\TS62G6CAHJCMCNCA7MRLSDCAK2SAKWCA0X7QGVCA2TE2CDCAJWZYAVCAM0XHNQCAX3OXHTCAOE1URNCA9XM1Z4CAS6WNE0CAZI69K3CACX11DPCA8LQO7MCAFUCOTZCAM4L13DCAR22AMJCAK7P7LICAID48WWCAIDHO67CA1NEIZI not found!
File\Folder C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\Temporary Internet Files\Content.IE5\1TOP6DQ7\U0CAY1AHTCCAK18DQXCAJ1YOD2CA479QWLCAHSMI2OCAEGKHN4CAEBFVOECAD9XJO4CAK2YGZSCA7IO04RCAGDLFABCA1UWDJJCAMENPOPCAXCLINTCAW9N73UCACHUIYSCARY51JCCAGJY1E3CAS0VAKHCABYLIMVCAZRSCHA.jpg not found!
File\Folder C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\Temporary Internet Files\Content.IE5\1TOP6DQ7\ua7MFGRR9lYihkoBZdRgHLF6oBffCSRql__-mk0sAedg7fZfZkHH27jxtDE8aY9joN9lS3ytmCctiqQ2FtT19AjtQoOJiq63m5SiN4Ps982cIyYCuGmtGuTZsiwDrk2xMTjIA-2jUrXE2ygS_nvBgZVe2rNNh39clJyspyv4c[1].jpg not found!
File\Folder C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\Temporary Internet Files\Content.IE5\1TOP6DQ7\X6STI3CA9I8H3ICAGRZWL1CASYZ0RHCA4USQCUCAQE3D65CABSBNFHCADNJHXFCAZYLPJZCAQ1ET3WCAZXZUQQCAEJ40ONCAD8UL7FCA9LPJNBCAXCS2XDCAAVS3B1CAUX37MDCANSB3UICAKV920GCA24VM71CAWEB0KZCAAXWZE9 not found!
File\Folder C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\Temporary Internet Files\Content.IE5\1TOP6DQ7\XF5J45CAQY4KEKCA6SV63MCAMHKKCCCAMRZF9PCAIMF5Q3CAZSS947CAWVOW39CAAHVACCCAUGF251CASRFC5DCA8UN2XBCA34V0OYCAW201KPCAI1OKRCCANJN27ZCAHZYHKTCA22QQ63CAOXZC71CAD63FZJCA5GY07PCAQZVNDP not found!
File\Folder C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\Temporary Internet Files\Content.IE5\1TOP6DQ7\YA1ULQCA7003GMCAPNEM6CCAXA7V0KCANFT900CA71VGEPCA1CC6OPCAX7N5VYCAG0U27HCARKANRXCA2ODJXICAEQGLU0CAL5LMOICAEPLERBCAORQU8BCAIUGZLBCAJNY90MCA7RL21VCAWI5JSQCAN8DG9MCAWYH9CYCAN0MYO6 not found!
File\Folder C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\Temporary Internet Files\Content.IE5\1TOP6DQ7\YGHCJ8CAP1C418CA7TP311CA34C8MHCACTU1D1CASJWZWECAKLP0UICA9IK9Y7CAWSDIRSCAMT2Y4KCANUDXCQCAD58AJTCAGC91KECA74Q63OCA3EB8T3CAS9E2PICASH7QI9CAE7P6L0CAUE6EUDCABUZ3M5CAJZTMRFCANBX4C0 not found!
File\Folder C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\Temporary Internet Files\Content.IE5\1TOP6DQ7\ZOLg3xV5ZVwBwuB3OJgIn244T9QySLBUkasGfjTinMAsks3A1AFaTO-iDoSqICbMQLneEsg2SibgGbFJGsvht667Xpv--dT5xon8sbNXaypUTxCyGmFtPkj0hcoj_WgCCMU-VEOR3z-i8POfPGj71rD8QJjPN9uq-F1ppXt4A[1].jpg not found!
C:\WINDOWS\temp\15914usc.dll moved successfully.
C:\WINDOWS\temp\911xxx.dll moved successfully.
C:\WINDOWS\temp\agbfha.dll moved successfully.

Registry entries deleted on Reboot...

______________________________________
And the normal OTL scan log:

OTL logfile created on: 11/14/2009 12:44:45 PM - Run 2
OTL by OldTimer - Version 3.1.5.0 Folder = C:\Documents and Settings\Compaq_Administrator\Desktop
Windows XP Media Center Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

958.48 Mb Total Physical Memory | 522.44 Mb Available Physical Memory | 54.51% Memory free
2.26 Gb Paging File | 1.86 Gb Available in Paging File | 82.22% Paging File free
Paging file location(s): C:\pagefile.sys 1440 2880 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 140.48 Gb Total Space | 51.65 Gb Free Space | 36.77% Space Free | Partition Type: NTFS
Drive D: | 8.56 Gb Total Space | 0.54 Gb Free Space | 6.28% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: DKLSCOTT
Current User Name: Compaq_Administrator
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2009/11/14 12:36:54 | 00,588,289 | ---- | M] () -- C:\WINDOWS\svchust.exe
PRC - 464 -- C:\WINDOWS\svchost.exe
PRC - [2009/11/14 10:47:11 | 00,549,888 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Administrator\Desktop\OTL.exe
PRC - [2009/11/13 23:02:01 | 00,072,704 | ---- | M] (Hewlett-Packard Company) -- c:\WINDOWS\system\hpsysdrv.exe
PRC - [2009/11/13 22:58:20 | 00,057,344 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
PRC - [2009/11/13 22:58:18 | 01,093,632 | ---- | M] (Digital Interactive Systems Corporation) -- C:\Program Files\DISC\DISCover.exe
PRC - [2009/11/12 23:46:07 | 00,066,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ehome\ehmsas.exe
PRC - [2009/11/12 22:40:20 | 16,243,200 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.EXE
PRC - [2009/11/12 22:40:18 | 01,052,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2009/11/12 22:40:17 | 00,118,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ehome\mcrdsvc.exe
PRC - [2009/11/12 22:40:17 | 00,070,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ehome\ehtray.exe
PRC - [2009/11/12 22:40:03 | 01,696,768 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe
PRC - [2009/11/12 22:40:02 | 00,053,248 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
PRC - [2009/11/12 22:40:01 | 00,040,960 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe
PRC - [2009/11/12 22:39:31 | 00,069,120 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe
PRC - [2009/11/12 22:39:31 | 00,017,920 | ---- | M] (Microsoft® Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe
PRC - [2009/11/12 22:37:28 | 00,220,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvse.exe
PRC - [2009/11/02 22:23:08 | 00,908,248 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009/10/12 21:24:50 | 02,000,112 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2006/09/05 20:37:20 | 01,119,888 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
PRC - [2006/07/25 18:03:42 | 02,119,360 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_0.EXE
PRC - [2005/12/31 00:42:18 | 00,133,792 | ---- | M] (Symantec Corporation) -- c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
PRC - [2005/09/19 13:24:20 | 00,214,672 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
PRC - [2005/09/17 02:27:12 | 00,169,584 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
PRC - [2005/09/17 02:27:10 | 00,202,352 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\ccProxy.exe
PRC - [2005/09/17 02:27:06 | 00,192,112 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
PRC - [2005/09/17 02:27:02 | 00,052,848 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccApp.exe
PRC - [2004/08/09 23:00:00 | 00,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\NOTEPAD.EXE

========== Modules (SafeList) ==========

MOD - [2009/11/14 12:38:32 | 00,011,776 | ---- | M] () -- C:\WINDOWS\Temp\323814usc.dll
MOD - [2009/11/14 12:38:31 | 00,025,088 | ---- | M] () -- C:\WINDOWS\Temp\3829xxx.dll
MOD - [2009/11/14 10:47:11 | 00,549,888 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Administrator\Desktop\OTL.exe
MOD - [2006/09/05 20:18:53 | 00,024,613 | ---- | M] (BackWeb) -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\IadHide5.dll
MOD - [2005/09/23 20:38:24 | 00,123,488 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\AntiSpam\asOEHook.dll
MOD - [2005/09/17 02:33:36 | 00,377,968 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\ccL40.dll
MOD - [2004/08/10 06:00:00 | 01,050,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
MOD - [2004/08/09 23:00:00 | 00,185,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2003/03/19 05:14:52 | 00,499,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcp71.dll
MOD - [2003/02/21 13:42:22 | 00,348,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcr71.dll

========== Win32 Services (SafeList) ==========

SRV - File not found -- -- (NVSvc)
SRV - File not found -- -- (ImapiService)
SRV - File not found -- -- (Fax)
SRV - File not found -- -- (ehSched)
SRV - File not found -- -- (ehRecvr)
SRV - File not found -- -- (CiSvc)
SRV - File not found -- -- (ARSVC)
SRV - [2009/11/14 12:36:54 | 00,588,289 | ---- | M] () -- C:\WINDOWS\svchust.exe -- (Net_Login)
SRV - [2009/11/14 11:06:41 | 01,169,920 | ---- | M] () -- C:\WINDOWS\svchost.exe -- (NetLogin)
SRV - [2009/11/12 22:40:17 | 00,118,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ehome\mcrdsvc.exe -- (McrdSvc)
SRV - [2009/11/12 22:39:31 | 00,077,824 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2009/11/12 22:39:31 | 00,069,120 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService)
SRV - [2009/09/23 16:36:06 | 00,051,168 | ---- | M] (NOS Microsystems Ltd.) -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper)
SRV - [2006/09/05 20:37:20 | 01,119,888 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)
SRV - [2006/01/02 15:18:24 | 00,045,744 | ---- | M] (Symantec Corporation) -- c:\Program Files\Norton Internet Security\comHost.exe -- (comHost)
SRV - [2005/12/31 00:42:18 | 00,133,792 | ---- | M] (Symantec Corporation) -- c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe -- (navapsvc)
SRV - [2005/10/13 10:48:40 | 00,072,280 | ---- | M] (Symantec Corporation) -- c:\Program Files\Norton Internet Security\ccPwdSvc.exe -- (ccISPwdSvc)
SRV - [2005/09/24 17:10:56 | 00,749,696 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE -- (NSCService)
SRV - [2005/09/19 13:24:20 | 00,214,672 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe -- (SNDSrvc)
SRV - [2005/09/17 02:27:12 | 00,169,584 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe -- (ccSetMgr)
SRV - [2005/09/17 02:27:10 | 00,202,352 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\ccProxy.exe -- (ccProxy)
SRV - [2005/09/17 02:27:06 | 00,192,112 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe -- (ccEvtMgr)
SRV - [2005/09/15 17:21:14 | 01,160,800 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe -- (SPBBCSvc)
SRV - [2005/08/26 16:22:48 | 00,198,368 | ---- | M] (Symantec Corporation) -- c:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe -- (SAVScan)
SRV - [2004/08/09 23:00:00 | 00,061,440 | ---- | M] () -- C:\WINDOWS\system32\6to4v32.dll -- (6to4)

========== Driver Services (SafeList) ==========

DRV - [2009/10/12 21:24:56 | 00,007,408 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2009/10/12 21:24:54 | 00,009,968 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2009/10/12 21:24:52 | 00,074,480 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2006/09/05 20:37:20 | 00,010,344 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\system32\drivers\symlcbrd.sys -- (symlcbrd)
DRV - [2006/06/14 13:04:12 | 04,299,264 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2006/05/09 17:50:00 | 03,535,680 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2006/04/25 11:00:00 | 00,799,208 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20060425.007\NAVEX15.SYS -- (NAVEX15)
DRV - [2006/04/25 11:00:00 | 00,077,864 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20060425.007\NAVENG.SYS -- (NAVENG)
DRV - [2006/03/09 13:00:00 | 00,046,080 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - [2006/03/03 17:31:04 | 00,013,056 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2006/03/03 17:31:02 | 00,034,176 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2005/12/06 13:20:50 | 00,241,664 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\drivers\HSXHWBS2.sys -- (HSXHWBS2)
DRV - [2005/12/06 13:20:42 | 00,670,208 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\drivers\HSX_CNXT.sys -- (winachsx)
DRV - [2005/12/06 13:20:40 | 00,936,448 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\drivers\HSX_DP.sys -- (HSX_DP)
DRV - [2005/10/05 17:57:08 | 00,012,544 | ---- | M] (Conexant) -- C:\WINDOWS\system32\drivers\mdmxsdk.sys -- (mdmxsdk)
DRV - [2005/09/17 02:20:06 | 00,108,168 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\SYMEVENT.SYS -- (SymEvent)
DRV - [2005/09/15 17:21:14 | 00,389,728 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV - [2005/09/01 21:07:36 | 00,199,408 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\SymcData\idsdefs\20050901.036\SymIDSCo.sys -- (SYMIDSCO)
DRV - [2005/08/26 16:22:50 | 00,053,896 | ---- | M] (Symantec Corporation) -- c:\Program Files\Norton Internet Security\Norton AntiVirus\Savrtpel.sys -- (SAVRTPEL)
DRV - [2005/08/26 16:22:48 | 00,334,984 | ---- | M] (Symantec Corporation) -- c:\Program Files\Norton Internet Security\Norton AntiVirus\savrt.sys -- (SAVRT)
DRV - [2005/06/29 19:03:18 | 00,175,104 | ---- | M] (Promise Technology, Inc.) -- C:\WINDOWS\system32\DRIVERS\ftsata2.sys -- (ftsata2)
DRV - [2005/03/09 16:53:00 | 00,036,352 | ---- | M] (Advanced Micro Devices) -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2005/01/08 02:07:18 | 00,138,752 | ---- | M] (Windows ® Server 2003 DDK provider) -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus)
DRV - [2004/08/09 23:00:00 | 00,027,440 | ---- | M] () -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2004/08/09 23:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2004/08/09 23:00:00 | 00,002,304 | ---- | M] () -- C:\WINDOWS\system32\daqdrv.sys -- (daqdrv)
DRV - [2004/08/03 16:31:34 | 00,020,992 | ---- | M] (Realtek Semiconductor Corporation) -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139)
DRV - [2003/11/05 09:45:12 | 00,017,408 | ---- | M] (Promise Technology, Inc.) -- C:\WINDOWS\system32\DRIVERS\bb-run.sys -- (bb-run)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.webweb123.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.webweb123.com
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://mamma.com/"
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1
FF - prefs.js..extensions.enabledItems: 6
FF - prefs.js..extensions.enabledItems: 2
FF - prefs.js..extensions.enabledItems: 49
FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.0.8
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.5

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/11/10 20:37:38 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/11/10 20:40:08 | 00,000,000 | ---D | M]

[2009/11/10 20:37:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Mozilla\Extensions
[2009/11/10 20:37:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/11/13 22:30:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Mozilla\Firefox\Profiles\qhygmvs7.default\extensions
[2009/11/10 20:38:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Mozilla\Firefox\Profiles\qhygmvs7.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
[2009/11/10 20:39:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Mozilla\Firefox\Profiles\qhygmvs7.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2009/11/10 20:37:44 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009/11/10 20:37:38 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/11/02 22:23:26 | 00,023,512 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll
[2009/11/02 22:23:27 | 00,137,176 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll
[2009/11/02 22:23:28 | 00,064,984 | ---- | M] (mozilla.org) -- C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
[2009/11/06 09:20:16 | 00,032,448 | ---- | M] (NOS Microsystems Ltd.) -- C:\Program Files\Mozilla Firefox\plugins\np_gp.dll
[2009/11/02 20:16:17 | 00,001,394 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom.xml
[2009/11/02 20:16:17 | 00,002,193 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\answers.xml
[2009/11/02 20:16:17 | 00,001,534 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\creativecommons.xml
[2009/11/02 20:16:17 | 00,002,344 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay.xml
[2009/11/02 20:16:17 | 00,002,371 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.xml
[2009/11/02 20:16:17 | 00,001,178 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia.xml
[2009/11/02 20:16:17 | 00,000,792 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo.xml

Hosts file not found
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (CNavExtBho Class) - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll (Symantec Corporation)
O2 - BHO: (hpWebHelper Class) - {AAAE832A-5FFF-4661-9C8F-369692D1DCB9} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\WebHelper.dll (Hewlett-Packard)
O3 - HKLM\..\Toolbar: (Norton AntiVirus) - {C4069E3A-68F1-403E-B40E-20066696354B} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\ShellBrowser: (Norton AntiVirus) - {C4069E3A-68F1-403E-B40E-20066696354B} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll (Symantec Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AlwaysReady Power Message APP] C:\WINDOWS\arpwrmsg.exe (Microsoft)
O4 - HKLM..\Run: [ccApp] c:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ftutil2] C:\WINDOWS\System32\ftutil2.dll (Promise Technology, Inc.)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard Co.)
O4 - HKLM..\Run: [HPBootOp] C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [IS CfgWiz] c:\Program Files\Norton Internet Security\cfgwiz.exe (Symantec Corporation)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [msnmager] C:\WINDOWS\TEMP\bchbhe.DLL ()
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [PCDrProfiler] C:\Program Files\PC-Doctor 5 for Windows\RunProfiler.exe ()
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()
O4 - HKLM..\Run: [Reminder] C:\Windows\Creator\Remind_XP.exe (SoftThinks)
O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SSC_UserPrompt] c:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe (Symantec Corporation)
O4 - HKCU..\Run: [MSMSGS] C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Compaq Connections.lnk = C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe (Hewlett-Packard)
O4 - Startup: C:\Documents and Settings\Compaq_Administrator\Start Menu\Programs\Startup\Metacafe.lnk = C:\Program Files\Metacafe\MetacafeAgent.exe File not found
O4 - Startup: C:\Documents and Settings\Compaq_Administrator\Start Menu\Programs\Startup\wkcalrem.LNK = C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe (Microsoft® Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: disableregistrytools = 0
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\NPJPI150_06.dll (Sun Microsystems, Inc.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra Button: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm ()
O9 - Extra 'Tools' menuitem : Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm ()
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 58 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: 57 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (get_atlcom Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\WINDOWS\system32\rdolib.dll) - C:\WINDOWS\system32\rdolib.dll (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\WINDOWS\TEMP\3829xxx.dll) - C:\WINDOWS\Temp\3829xxx.dll ()
O20 - AppInit_DLLs: (C:\WINDOWS\TEMP\323814usc.dll) - C:\WINDOWS\Temp\323814usc.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/08/30 23:02:02 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001/07/27 08:07:38 | 00,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2004/04/30 00:01:14 | 00,000,053 | -HS- | M] () - D:\Autorun.inf -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found

========== Files/Folders - Created Within 30 Days ==========

[2009/11/14 12:30:21 | 00,000,000 | ---D | C] -- C:\_OTL
[2009/11/14 10:47:11 | 00,549,888 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Administrator\Desktop\OTL.exe
[2009/11/12 22:15:56 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\DoctorWeb
[2009/11/12 22:11:42 | 00,000,000 | ---D | C] -- C:\Program Files\Protection System
[2009/11/12 22:04:08 | 22,140,680 | ---- | C] (Doctor Web, Ltd.) -- C:\Documents and Settings\Compaq_Administrator\Desktop\drweb-cureit.exe
[2009/11/12 11:06:31 | 00,000,000 | ---D | C] -- C:\Qoobox
[2009/11/11 15:42:11 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\Compaq_Administrator\Recent
[2009/11/10 20:37:37 | 00,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2009/11/10 12:36:11 | 00,476,160 | ---- | C] ( ) -- C:\Documents and Settings\Compaq_Administrator\Desktop\RootRepeal.exe
[2009/11/09 12:25:58 | 00,000,000 | ---D | C] -- C:\Program Files\NOS
[2009/11/09 12:25:58 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NOS
[2009/11/09 10:14:00 | 00,000,000 | ---D | C] -- C:\Program Files\Prio
[2009/11/08 23:02:20 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2009/11/08 23:02:15 | 00,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2009/11/08 23:02:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Application Data\SUPERAntiSpyware.com
[2009/11/08 23:01:41 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2009/11/08 22:29:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SecTaskMan
[2009/11/08 22:29:42 | 00,000,000 | ---D | C] -- C:\Program Files\Security Task Manager
[2009/11/08 20:47:21 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Malwarebytes
[2009/11/08 20:47:15 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/11/08 20:47:14 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/11/08 20:47:14 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/11/08 20:47:13 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes Anti-Malware
[2009/11/08 15:18:01 | 00,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2009/11/08 15:18:01 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2009/11/08 13:23:13 | 01,677,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\chsbrkr.dll
[2009/11/08 13:23:12 | 00,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\chtbrkr.dll
[2009/11/08 13:23:10 | 00,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\korwbrkr.dll
[2009/11/08 13:23:09 | 01,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msir3jp.lex
[2009/11/08 13:23:08 | 00,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msir3jp.dll
[2009/11/08 13:22:27 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\WINGB.IME
[2009/11/08 13:22:26 | 00,218,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\c_g18030.dll
[2009/11/08 13:22:21 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbd101a.dll
[2009/11/08 13:21:20 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlk41j.dll
[2009/11/08 13:21:19 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlk41a.dll
[2009/11/08 13:21:18 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdnecAT.dll
[2009/11/08 13:21:17 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdnec95.dll
[2009/11/08 13:21:16 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdnecNT.dll
[2009/11/08 13:21:10 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\f3ahvoas.dll
[2009/11/08 13:21:08 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdibm02.dll
[2009/11/08 13:21:07 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbd106n.dll
[2009/11/08 13:21:06 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdax2.dll
[2009/11/08 13:21:05 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbd101.dll
[2009/11/08 13:19:37 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\c_is2022.dll
[2009/11/08 13:19:32 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\CINTLGNT.IME
[2009/11/08 13:19:11 | 00,571,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\TINTLGNT.IME
[2009/11/08 13:19:10 | 00,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winar30.ime
[2009/11/08 13:19:09 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\quick.ime
[2009/11/08 13:19:08 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\miniime.tpl
[2009/11/08 13:19:07 | 00,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\unicdime.ime
[2009/11/08 13:19:06 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winime.ime
[2009/11/08 13:19:05 | 00,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\uniime.dll
[2009/11/08 13:19:03 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\romanime.ime
[2009/11/08 13:19:02 | 00,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dayi.ime
[2009/11/08 13:19:01 | 00,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\phon.ime
[2009/11/08 13:19:00 | 00,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\chajei.ime
[2009/11/08 13:18:39 | 00,482,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\PINTLGNT.IME
[2009/11/08 13:18:38 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\WINZM.IME
[2009/11/08 13:18:36 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\WINSP.IME
[2009/11/08 13:18:35 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\WINPY.IME
[2009/11/08 13:18:34 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\imekr61.ime
[2009/11/08 13:18:21 | 00,811,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\imjp81k.dll
[2009/11/08 13:18:20 | 00,340,023 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\imjp81.ime
[2009/11/08 13:17:03 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkor.dll
[2009/11/08 13:17:01 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdjpn.dll
[2009/11/08 13:16:58 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbd106.dll
[2009/11/08 13:16:56 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbd103.dll
[2009/11/08 13:16:54 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbd101c.dll
[2009/11/08 13:16:47 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbd101b.dll
[2009/11/08 01:01:46 | 00,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbprint.sys
[2009/11/08 00:22:20 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\Compaq_Administrator\PrivacIE
[2009/11/08 00:22:01 | 00,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2009/11/08 00:17:57 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\Compaq_Administrator\IETldCache
[2009/11/08 00:14:35 | 00,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2009/11/08 00:14:35 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US
[2009/11/08 00:08:26 | 00,000,000 | ---D | C] -- C:\Program Files\uTorrent
[2009/11/08 00:01:56 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Audacity
[2009/11/08 00:01:44 | 00,000,000 | ---D | C] -- C:\Program Files\Audacity 1.3 Beta (Unicode)
[2009/11/07 23:57:23 | 00,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2009/11/07 23:55:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Application Data\vlc
[2009/11/07 23:54:14 | 00,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2009/11/07 23:49:43 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2009/11/07 23:11:50 | 00,000,000 | RHSD | C] -- C:\cmdcons
[2009/11/07 23:11:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\setupupd
[2009/11/07 23:07:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Macromedia
[2009/11/07 23:07:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Intuit
[2009/11/07 23:07:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Identities
[2009/11/07 23:07:29 | 00,000,000 | --SD | C] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Microsoft
[2009/11/07 23:07:29 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\Compaq_Administrator\SendTo
[2009/11/07 23:07:29 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\Compaq_Administrator\Application Data
[2009/11/07 23:07:29 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Compaq_Administrator\Start Menu
[2009/11/07 23:07:29 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Compaq_Administrator\My Documents\My Pictures
[2009/11/07 23:07:29 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Compaq_Administrator\My Documents\My Music
[2009/11/07 23:07:29 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Compaq_Administrator\My Documents
[2009/11/07 23:07:29 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Compaq_Administrator\Favorites
[2009/11/07 23:07:29 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\Compaq_Administrator\Cookies
[2009/11/07 23:07:29 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\Compaq_Administrator\Templates
[2009/11/07 23:07:29 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\Compaq_Administrator\PrintHood
[2009/11/07 23:07:29 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\Compaq_Administrator\NetHood
[2009/11/07 23:07:29 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\Compaq_Administrator\Local Settings
[2009/11/07 23:07:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\WINDOWS
[2009/11/07 23:07:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Desktop
[2009/11/07 23:07:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\Microsoft
[2009/11/07 23:07:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\ApplicationHistory
[2009/11/07 23:07:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\AOL
[2009/11/07 23:07:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150060}
[2009/11/07 23:07:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Symantec
[2009/11/07 23:07:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Real
[2009/11/06 15:59:09 | 00,000,000 | ---D | C] -- C:\$AVG
[2009/11/06 15:57:04 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\avg9
[2009/11/06 15:08:23 | 00,000,000 | ---D | C] -- C:\Program Files\WinPcap
[2009/10/23 14:20:38 | 00,000,000 | ---D | C] -- C:\HOVER
[2009/10/23 12:29:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\My Documents\CravingExplorer
[2009/10/23 12:29:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Application Data\CravingExplorer
[2006/02/19 12:28:56 | 00,012,288 | ---- | C] (Hewlett-Packard Development Company, L.P.) -- C:\WINDOWS\Fonts\RandFont.dll
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2009/11/14 12:38:32 | 00,058,880 | ---- | M] () -- C:\WINDOWS\System32\332.exe
[2009/11/14 12:38:31 | 00,059,392 | ---- | M] () -- C:\WINDOWS\System32\winnt.exe
[2009/11/14 12:37:13 | 00,000,247 | ---- | M] () -- C:\WINDOWS\System\hpsysdrv.dat
[2009/11/14 12:36:54 | 00,588,289 | ---- | M] () -- C:\WINDOWS\svchust.exe
[2009/11/14 12:35:50 | 00,443,393 | ---- | M] () -- C:\WINDOWS\isvchost.exe
[2009/11/14 12:35:29 | 00,043,531 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2009/11/14 12:34:25 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/11/14 12:34:13 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/11/14 12:34:12 | 10,051,13344 | -HS- | M] () -- C:\hiberfil.sys
[2009/11/14 12:31:26 | 05,242,880 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\NTUSER.DAT
[2009/11/14 12:31:26 | 00,000,178 | -HS- | M] () -- C:\Documents and Settings\Compaq_Administrator\ntuser.ini
[2009/11/14 12:19:00 | 00,000,982 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3626489510-4091799938-2091598117-1008UA.job
[2009/11/14 12:06:00 | 00,001,038 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3626489510-4091799938-2091598117-1007UA.job
[2009/11/14 11:06:41 | 01,169,920 | ---- | M] () -- C:\WINDOWS\svchost.exe
[2009/11/14 10:47:11 | 00,549,888 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Administrator\Desktop\OTL.exe
[2009/11/14 07:19:00 | 00,000,930 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3626489510-4091799938-2091598117-1008Core.job
[2009/11/13 23:14:21 | 00,007,164 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\DrWeb1.csv
[2009/11/13 23:02:01 | 00,072,704 | ---- | M] (Hewlett-Packard Company) -- C:\WINDOWS\System\hpsysdrv.exe
[2009/11/13 22:20:12 | 00,000,348 | ---- | M] () -- C:\WINDOWS\System32\uses32.dat
[2009/11/13 22:20:12 | 00,000,100 | ---- | M] () -- C:\WINDOWS\System32\flags.ini
[2009/11/13 20:00:00 | 00,000,578 | ---- | M] () -- C:\WINDOWS\tasks\Norton AntiVirus - Run Full System Scan - Compaq_Administrator.job
[2009/11/13 16:06:00 | 00,000,986 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3626489510-4091799938-2091598117-1007Core.job
[2009/11/13 11:08:34 | 00,001,577 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Internet Explorer.lnk
[2009/11/13 00:45:24 | 00,003,235 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\DrWeb.csv
[2009/11/12 22:59:49 | 00,050,176 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Win32kDiag.exe
[2009/11/12 22:59:44 | 00,476,160 | ---- | M] ( ) -- C:\Documents and Settings\Compaq_Administrator\Desktop\RootRepeal.exe
[2009/11/12 22:59:21 | 00,528,896 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\dds.scr
[2009/11/12 22:40:20 | 16,243,200 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.EXE
[2009/11/12 22:40:18 | 01,052,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
[2009/11/12 22:40:16 | 00,079,872 | ---- | M] (Microsoft) -- C:\WINDOWS\arpwrmsg.exe
[2009/11/12 22:32:47 | 00,039,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zclientm.exe
[2009/11/12 22:32:46 | 00,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xcopy.exe
[2009/11/12 22:32:45 | 00,034,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wupdmgr.exe
[2009/11/12 22:32:44 | 00,168,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauclt1.exe
[2009/11/12 22:32:44 | 00,113,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauclt.exe
[2009/11/12 22:32:42 | 00,118,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wscript.exe
[2009/11/12 22:32:41 | 00,034,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wpnpinst.exe
[2009/11/12 22:32:41 | 00,034,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wpabaln.exe
[2009/11/12 22:32:41 | 00,016,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wscntfy.exe
[2009/11/12 22:32:41 | 00,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\write.exe
[2009/11/12 22:32:40 | 00,217,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wordpad.exe
[2009/11/12 22:32:38 | 00,077,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmplayer.exe
[2009/11/12 22:32:35 | 00,220,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprvse.exe
[2009/11/12 22:32:33 | 00,361,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmic.exe
[2009/11/12 22:32:33 | 00,199,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiadap.exe
[2009/11/12 22:32:33 | 00,129,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiapsrv.exe
[2009/11/12 22:32:32 | 00,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winver.exe
[2009/11/12 22:32:31 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmsd.exe
[2009/11/12 22:32:30 | 00,122,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmine.exe
[2009/11/12 22:32:30 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmt.exe
[2009/11/12 22:32:29 | 00,504,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winlogon.exe
[2009/11/12 22:32:28 | 00,286,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winhlp32.exe
[2009/11/12 22:32:28 | 00,010,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winhstb.exe
[2009/11/12 22:32:26 | 00,436,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wiaacmgr.exe
[2009/11/12 22:32:25 | 00,068,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wextract.exe
[2009/11/12 22:32:24 | 00,118,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemtest.exe
[2009/11/12 22:32:23 | 00,016,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wb32.exe
[2009/11/12 22:32:22 | 00,048,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab.exe
[2009/11/12 22:32:22 | 00,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wabmig.exe
[2009/11/12 22:32:21 | 00,051,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32tm.exe
[2009/11/12 22:32:20 | 00,292,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vssvc.exe
[2009/11/12 22:32:20 | 00,036,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vssadmin.exe
[2009/11/12 22:32:18 | 00,100,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\verifier.exe
[2009/11/12 22:32:17 | 00,052,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\utilman.exe
[2009/11/12 22:32:17 | 00,027,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\userinit.exe
[2009/11/12 22:32:16 | 00,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ups.exe
[2009/11/12 22:32:16 | 00,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\upnpcont.exe
[2009/11/12 22:32:15 | 00,196,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unregmp2.exe
[2009/11/12 22:32:15 | 00,153,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uploadm.exe
[2009/11/12 22:32:15 | 00,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unsecapp.exe
[2009/11/12 22:32:14 | 00,006,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unlodctr.exe
[2009/11/12 22:32:13 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\typeperf.exe
[2009/11/12 22:32:13 | 00,028,160 | ---- | M] (Twain Working Group) -- C:\WINDOWS\System32\dllcache\twunk_32.exe
[2009/11/12 22:32:13 | 00,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsshutdn.exe
[2009/11/12 22:32:13 | 00,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe
[2009/11/12 22:32:12 | 00,047,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscupgrd.exe
[2009/11/12 22:32:12 | 00,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tskill.exe
[2009/11/12 22:32:12 | 00,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsdiscon.exe
[2009/11/12 22:32:12 | 00,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscon.exe
[2009/11/12 22:32:11 | 00,034,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tracert6.exe
[2009/11/12 22:32:11 | 00,014,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tracert.exe
[2009/11/12 22:32:10 | 00,262,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tracerpt.exe
[2009/11/12 22:32:09 | 00,349,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tourstrt.exe
[2009/11/12 22:32:08 | 00,080,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tlntsess.exe
[2009/11/12 22:32:08 | 00,075,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tlntsvr.exe
[2009/11/12 22:32:08 | 00,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tlntadmn.exe
[2009/11/12 22:32:07 | 00,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tftp.exe
[2009/11/12 22:32:06 | 00,077,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\telnet.exe
[2009/11/12 22:32:05 | 00,036,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptest.exe
[2009/11/12 22:32:05 | 00,022,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcpsvcs.exe
[2009/11/12 22:32:04 | 00,138,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\taskmgr.exe
[2009/11/12 22:32:04 | 00,017,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\taskman.exe
[2009/11/12 22:32:04 | 00,014,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcmsetup.exe
[2009/11/12 22:32:03 | 00,074,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tasklist.exe
[2009/11/12 22:32:03 | 00,074,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\taskkill.exe
[2009/11/12 22:32:02 | 00,005,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\systray.exe
[2009/11/12 22:32:01 | 00,108,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sysocmgr.exe
[2009/11/12 22:32:01 | 00,070,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sysinfo.exe
[2009/11/12 22:32:01 | 00,039,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\syskey.exe
[2009/11/12 22:32:00 | 00,053,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\syncapp.exe
[2009/11/12 22:31:59 | 00,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\stimon.exe
[2009/11/12 22:31:59 | 00,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\svchost.exe
[2009/11/12 22:31:59 | 00,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\subst.exe
[2009/11/12 22:31:55 | 00,684,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sstext3d.scr
[2009/11/12 22:31:55 | 00,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ssstars.scr
[2009/11/12 22:31:53 | 00,614,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sspipes.scr
[2009/11/12 22:31:52 | 00,049,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ssmypics.scr
[2009/11/12 22:31:52 | 00,023,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ssmarque.scr
[2009/11/12 22:31:52 | 00,021,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ssmyst.scr
[2009/11/12 22:31:51 | 00,397,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ssflwbox.scr
[2009/11/12 22:31:51 | 00,022,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ssbezier.scr
[2009/11/12 22:31:47 | 00,708,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ss3dfo.scr
[2009/11/12 22:31:46 | 00,049,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srdiag.exe
[2009/11/12 22:31:36 | 00,060,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spoolsv.exe
[2009/11/12 22:31:36 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spiisupd.exe
[2009/11/12 22:31:36 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spnpinst.exe
[2009/11/12 22:31:35 | 00,541,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spider.exe
[2009/11/12 22:31:34 | 00,059,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sol.exe
[2009/11/12 22:31:34 | 00,026,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sort.exe
[2009/11/12 22:31:34 | 00,011,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmptrap.exe
[2009/11/12 22:31:33 | 00,035,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmp.exe
[2009/11/12 22:31:32 | 00,141,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndvol32.exe
[2009/11/12 22:31:31 | 00,134,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndrec32.exe
[2009/11/12 22:31:30 | 00,092,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smlogsvc.exe
[2009/11/12 22:31:29 | 00,239,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smi2smir.exe
[2009/11/12 22:31:29 | 00,010,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smbinst.exe
[2009/11/12 22:31:27 | 00,028,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\skeys.exe
[2009/11/12 22:31:26 | 00,072,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sigverif.exe
[2009/11/12 22:31:26 | 00,045,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlzm.exe
[2009/11/12 22:31:26 | 00,022,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shutdown.exe
[2009/11/12 22:31:26 | 00,020,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.exe
[2009/11/12 22:31:25 | 00,080,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shrpubw.exe
[2009/11/12 22:31:25 | 00,045,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shmgrate.exe
[2009/11/12 22:31:24 | 00,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shadow.exe
[2009/11/12 22:31:23 | 00,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sfc.exe
[2009/11/12 22:31:22 | 00,823,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setup_wm.exe
[2009/11/12 22:31:21 | 00,075,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setup50.exe
[2009/11/12 22:31:21 | 00,033,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sethc.exe
[2009/11/12 22:31:21 | 00,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setup.exe
[2009/11/12 22:31:20 | 00,143,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sessmgr.exe
[2009/11/12 22:31:20 | 00,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\services.exe
[2009/11/12 22:31:19 | 00,079,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sdbinst.exe
[2009/11/12 22:31:19 | 00,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\secedit.exe
[2009/11/12 22:31:18 | 00,124,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sctasks.exe
[2009/11/12 22:31:18 | 00,039,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scrcons.exe
[2009/11/12 22:31:18 | 00,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scrnsave.scr
[2009/11/12 22:31:16 | 00,098,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scardsvr.exe
[2009/11/12 22:31:16 | 00,033,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sc.exe
[2009/11/12 22:31:16 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\savedump.exe
[2009/11/12 22:31:15 | 00,040,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapisvr.exe
[2009/11/12 22:31:14 | 00,045,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvsezm.exe
[2009/11/12 22:31:14 | 00,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rwinsta.exe
[2009/11/12 22:31:14 | 00,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\runonce.exe
[2009/11/12 22:31:13 | 00,079,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rtcshare.exe
[2009/11/12 22:31:13 | 00,035,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rundll32.exe
[2009/11/12 22:31:13 | 00,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\runas.exe
[2009/11/12 22:31:12 | 00,382,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rstrui.exe
[2009/11/12 22:31:12 | 00,135,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rsvp.exe
[2009/11/12 22:31:12 | 00,065,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rsopprov.exe
[2009/11/12 22:31:11 | 00,110,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rsnotify.exe
[2009/11/12 22:31:11 | 00,051,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rsmui.exe
[2009/11/12 22:31:11 | 00,027,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rsmsink.exe
[2009/11/12 22:31:10 | 00,051,712 | ---- | M] (Microsoft Corp) -- C:\WINDOWS\System32\dllcache\rsm.exe
[2009/11/12 22:31:10 | 00,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rsh.exe
[2009/11/12 22:31:09 | 00,028,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\routemon.exe
[2009/11/12 22:31:09 | 00,022,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\route.exe
[2009/11/12 22:31:08 | 00,035,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\relog.exe
[2009/11/12 22:31:08 | 00,016,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rexec.exe
[2009/11/12 22:31:08 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\replace.exe
[2009/11/12 22:31:08 | 00,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\reset.exe
[2009/11/12 22:31:07 | 00,148,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\regedit.exe
[2009/11/12 22:31:07 | 00,036,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\regini.exe
[2009/11/12 22:31:07 | 00,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe
[2009/11/12 22:31:07 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\regsvr32.exe
[2009/11/12 22:31:07 | 00,007,168 | ---- | M] (Microsoft) -- C:\WINDOWS\System32\dllcache\regwiz.exe
[2009/11/12 22:31:07 | 00,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\regedt32.exe
[2009/11/12 22:31:06 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdshost.exe
[2009/11/12 22:31:06 | 00,052,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\reg.exe
[2009/11/12 22:31:06 | 00,016,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdsaddin.exe
[2009/11/12 22:31:06 | 00,009,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\recover.exe
[2009/11/12 22:31:05 | 00,065,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpclip.exe
[2009/11/12 22:31:05 | 00,024,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rcp.exe
[2009/11/12 22:31:04 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rcimlby.exe
[2009/11/12 22:31:03 | 00,059,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rasphone.exe
[2009/11/12 22:31:03 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rasautou.exe
[2009/11/12 22:31:03 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rasdial.exe
[2009/11/12 22:31:02 | 00,024,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qwinsta.exe
[2009/11/12 22:31:02 | 00,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quser.exe
[2009/11/12 22:31:02 | 00,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe
[2009/11/12 22:31:01 | 00,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qprocess.exe
[2009/11/12 22:31:00 | 00,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qappsrv.exe
[2009/11/12 22:30:59 | 00,052,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\proquota.exe
[2009/11/12 22:30:59 | 00,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\proxycfg.exe
[2009/11/12 22:30:58 | 00,112,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\progman.exe
[2009/11/12 22:30:58 | 00,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\print.exe
[2009/11/12 22:30:57 | 00,051,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\powercfg.exe
[2009/11/12 22:30:56 | 00,283,648 | ---- | M] (Cinematronics) -- C:\WINDOWS\System32\dllcache\pinball.exe
[2009/11/12 22:30:56 | 00,035,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ping6.exe
[2009/11/12 22:30:56 | 00,020,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ping.exe
[2009/11/12 22:30:55 | 00,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\perfmon.exe
[2009/11/12 22:30:55 | 00,017,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pentnt.exe
[2009/11/12 22:30:54 | 00,060,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\packager.exe
[2009/11/12 22:30:54 | 00,024,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pathping.exe
[2009/11/12 22:30:53 | 00,043,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\osuninst.exe
[2009/11/12 22:30:52 | 00,218,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\osk.exe
[2009/11/12 22:30:52 | 00,070,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\opnfiles.exe
[2009/11/12 22:30:52 | 00,053,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oobebaln.exe
[2009/11/12 22:30:50 | 00,062,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oemig50.exe
[2009/11/12 22:30:48 | 00,073,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\odbcconf.exe
[2009/11/12 22:30:48 | 00,036,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\odbcad32.exe
[2009/11/12 22:30:43 | 00,129,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nwscript.exe
[2009/11/12 22:30:38 | 00,422,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntvdm.exe
[2009/11/12 22:30:38 | 00,034,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntsd.exe
[2009/11/12 22:30:32 | 01,202,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntbackup.exe
[2009/11/12 22:30:32 | 00,079,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nslookup.exe
[2009/11/12 22:30:32 | 00,017,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nppagent.exe
[2009/11/12 22:30:31 | 00,071,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\notepad.exe
[2009/11/12 22:30:31 | 00,037,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\notiflag.exe
[2009/11/12 22:30:29 | 00,039,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netstat.exe
[2009/11/12 22:30:28 | 00,088,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netsh.exe
[2009/11/12 22:30:27 | 00,334,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netsetup.exe
[2009/11/12 22:30:26 | 00,113,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netdde.exe
[2009/11/12 22:30:25 | 00,127,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\net1.exe
[2009/11/12 22:30:25 | 00,045,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\net.exe
[2009/11/12 22:30:24 | 00,006,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nddeapir.exe
[2009/11/12 22:30:23 | 00,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\narrator.exe
[2009/11/12 22:30:23 | 00,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nbtstat.exe
[2009/11/12 22:30:22 | 00,093,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\muisetup.exe
[2009/11/12 22:30:17 | 00,410,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstsc.exe
[2009/11/12 22:30:17 | 00,014,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstinit.exe
[2009/11/12 22:30:16 | 00,009,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msswchx.exe
[2009/11/12 22:30:13 | 00,345,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspaint.exe
[2009/11/12 22:30:12 | 00,030,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoobe.exe
[2009/11/12 22:30:09 | 00,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msiregmv.exe
[2009/11/12 22:30:08 | 00,062,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msimn.exe
[2009/11/12 22:30:08 | 00,042,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msinfo32.exe
[2009/11/12 22:30:07 | 00,081,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msiexec.exe
[2009/11/12 22:30:06 | 00,129,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshearts.exe
[2009/11/12 22:30:06 | 00,048,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshta.exe
[2009/11/12 22:30:05 | 00,023,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msg.exe
[2009/11/12 22:30:03 | 00,008,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtc.exe
[2009/11/12 22:30:01 | 00,172,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msconfig.exe
[2009/11/12 22:29:58 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrinfo.exe
[2009/11/12 22:29:57 | 00,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mqtgsvc.exe
[2009/11/12 22:29:57 | 00,007,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mqsvc.exe
[2009/11/12 22:29:56 | 00,022,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mqbkup.exe
[2009/11/12 22:29:54 | 00,125,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplay32.exe
[2009/11/12 22:29:54 | 00,024,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpnotify.exe
[2009/11/12 22:29:54 | 00,007,168 | ---- | M] () -- C:\WINDOWS\System32\dllcache\mplayer2.exe
[2009/11/12 22:29:45 | 03,557,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\moviemk.exe
[2009/11/12 22:29:44 | 00,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mofcomp.exe
[2009/11/12 22:29:44 | 00,010,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mountvol.exe
[2009/11/12 22:29:43 | 00,145,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mobsync.exe
[2009/11/12 22:29:43 | 00,036,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mnmsrvc.exe
[2009/11/12 22:29:41 | 00,817,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mmc.exe
[2009/11/12 22:29:40 | 00,242,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migwiz.exe
[2009/11/12 22:29:40 | 00,238,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migwiz_a.exe
[2009/11/12 22:29:40 | 00,010,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migregdb.exe
[2009/11/12 22:29:39 | 00,995,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migrate.exe
[2009/11/12 22:29:38 | 00,105,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migload.exe
[2009/11/12 22:29:38 | 00,036,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migisol.exe
[2009/11/12 22:29:37 | 00,066,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\medctrro.exe
[2009/11/12 22:29:35 | 00,088,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\makecab.exe
[2009/11/12 22:29:35 | 00,075,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\magnify.exe
[2009/11/12 22:29:34 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lsass.exe
[2009/11/12 22:29:34 | 00,010,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lpr.exe
[2009/11/12 22:29:33 | 00,008,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lpq.exe
[2009/11/12 22:29:32 | 00,517,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logonui.exe
[2009/11/12 22:29:32 | 00,223,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logon.scr
[2009/11/12 22:29:32 | 00,017,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logoff.exe
[2009/11/12 22:29:31 | 00,099,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logagent.exe
[2009/11/12 22:29:31 | 00,077,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\locator.exe
[2009/11/12 22:29:31 | 00,061,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logman.exe
[2009/11/12 22:29:31 | 00,007,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lodctr.exe
[2009/11/12 22:29:30 | 00,032,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lights.exe
[2009/11/12 22:29:30 | 00,027,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lnkstub.exe
[2009/11/12 22:29:29 | 00,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\label.exe
[2009/11/12 22:29:21 | 00,026,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipxroute.exe
[2009/11/12 22:29:21 | 00,020,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isignup.exe
[2009/11/12 22:29:20 | 00,055,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipv6.exe
[2009/11/12 22:29:19 | 00,046,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipsec6.exe
[2009/11/12 22:29:18 | 00,058,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipconfig.exe
[2009/11/12 22:29:17 | 00,024,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetwiz.exe
[2009/11/12 22:29:16 | 00,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetin51.exe
[2009/11/12 22:29:16 | 00,010,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmgr.exe
[2009/11/12 22:29:15 | 00,152,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imapi.exe
[2009/11/12 22:29:15 | 00,009,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iissync.exe
[2009/11/12 22:29:14 | 00,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrstas.exe
[2009/11/12 22:29:14 | 00,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisreset.exe
[2009/11/12 22:29:13 | 00,117,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iexpress.exe
[2009/11/12 22:29:12 | 00,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedw.exe
[2009/11/12 22:29:11 | 00,175,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ie4uinit.exe
[2009/11/12 22:29:11 | 00,077,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwtutor.exe
[2009/11/12 22:29:11 | 00,028,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwrmind.exe
[2009/11/12 22:29:10 | 00,090,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwconn2.exe
[2009/11/12 22:29:09 | 00,217,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwconn1.exe
[2009/11/12 22:29:07 | 00,045,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzzm.exe
[2009/11/12 22:29:07 | 00,021,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hscupd.exe
[2009/11/12 22:29:06 | 00,010,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hostname.exe
[2009/11/12 22:29:05 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hh.exe
[2009/11/12 22:29:02 | 00,746,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe
[2009/11/12 22:29:02 | 00,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helphost.exe
[2009/11/12 22:28:59 | 00,771,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpctr.exe
[2009/11/12 22:28:59 | 00,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\help.exe
[2009/11/12 22:28:58 | 00,122,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gprslt.exe
[2009/11/12 22:28:58 | 00,059,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gpupdate.exe
[2009/11/12 22:28:58 | 00,041,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\grpconv.exe
[2009/11/12 22:28:57 | 00,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\getmac.exe
[2009/11/12 22:28:55 | 00,270,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssvc.exe
[2009/11/12 22:28:55 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssend.exe
[2009/11/12 22:28:54 | 00,231,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscover.exe
[2009/11/12 22:28:53 | 00,145,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclnt.exe
[2009/11/12 22:28:52 | 00,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fsutil.exe
[2009/11/12 22:28:52 | 00,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\freecell.exe
[2009/11/12 22:28:52 | 00,045,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftp.exe
[2009/11/12 22:28:51 | 00,024,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpremadm.exe
[2009/11/12 22:28:50 | 00,192,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpcount.exe
[2009/11/12 22:28:50 | 00,111,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98swin.exe
[2009/11/12 22:28:50 | 00,028,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmcgi.exe
[2009/11/12 22:28:50 | 00,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98sadm.exe
[2009/11/12 22:28:48 | 00,009,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\forcedos.exe
[2009/11/12 22:28:47 | 00,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fltmc.exe
[2009/11/12 22:28:47 | 00,023,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fontview.exe
[2009/11/12 22:28:47 | 00,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe
[2009/11/12 22:28:47 | 00,005,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fixmapi.exe
[2009/11/12 22:28:46 | 00,029,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\findstr.exe
[2009/11/12 22:28:46 | 00,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\finger.exe
[2009/11/12 22:28:46 | 00,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\find.exe
[2009/11/12 22:28:45 | 00,048,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\extrac32.exe
[2009/11/12 22:28:45 | 00,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fc.exe
[2009/11/12 22:28:43 | 01,034,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\explorer.exe
[2009/11/12 22:28:43 | 00,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe
[2009/11/12 22:28:43 | 00,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\expand.exe
[2009/11/12 22:28:42 | 00,080,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evtrig.exe
[2009/11/12 22:28:41 | 00,094,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntwin.exe
[2009/11/12 22:28:41 | 00,052,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evcreate.exe
[2009/11/12 22:28:41 | 00,026,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntcmd.exe
[2009/11/12 22:28:41 | 00,011,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\eventvwr.exe
[2009/11/12 22:28:40 | 00,195,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\eudcedit.exe
[2009/11/12 22:28:40 | 00,041,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\esentutl.exe
[2009/11/12 22:28:38 | 00,067,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehtray.exe
[2009/11/12 22:28:37 | 03,223,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehshell.exe
[2009/11/12 22:28:37 | 00,105,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehSched.exe
[2009/11/12 22:28:36 | 00,068,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehRec.exe
[2009/11/12 22:28:36 | 00,049,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehmsas.exe
[2009/11/12 22:28:33 | 01,302,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dxdiag.exe
[2009/11/12 22:28:32 | 00,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dwwin.exe
[2009/11/12 22:28:32 | 00,020,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dvdupgrd.exe
[2009/11/12 22:28:31 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dumprep.exe
[2009/11/12 22:28:30 | 00,060,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drvqry.exe
[2009/11/12 22:28:30 | 00,048,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drwtsn32.exe
[2009/11/12 22:28:28 | 00,086,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpvsetup.exe
[2009/11/12 22:28:28 | 00,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnsvr.exe
[2009/11/12 22:28:27 | 00,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dplaysvr.exe
[2009/11/12 22:28:27 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\doskey.exe
[2009/11/12 22:28:26 | 00,018,432 | ---- | M] (Microsoft Corp.) -- C:\WINDOWS\System32\dllcache\dmremote.exe
[2009/11/12 22:28:24 | 00,227,328 | ---- | M] (Microsoft Corp., Veritas Software) -- C:\WINDOWS\System32\dllcache\dmadmin.exe
[2009/11/12 22:28:24 | 00,020,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\diskperf.exe
[2009/11/12 22:28:24 | 00,007,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dllhost.exe
[2009/11/12 22:28:24 | 00,007,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dllhst3g.exe
[2009/11/12 22:28:23 | 00,166,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\diskpart.exe
[2009/11/12 22:28:23 | 00,088,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\diantz.exe
[2009/11/12 22:28:22 | 00,541,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dialer.exe
[2009/11/12 22:28:21 | 00,107,520 | ---- | M] (Microsoft Corp. and Executive Software International, Inc.) -- C:\WINDOWS\System32\dllcache\dfrgntfs.exe
[2009/11/12 22:28:21 | 00,084,992 | ---- | M] (Microsoft Corp. and Executive Software International, Inc.) -- C:\WINDOWS\System32\dllcache\dfrgfat.exe
[2009/11/12 22:28:20 | 00,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ddeshare.exe
[2009/11/12 22:28:20 | 00,027,648 | ---- | M] (Microsoft Corp. and Executive Software International, Inc.) -- C:\WINDOWS\System32\dllcache\defrag.exe
[2009/11/12 22:28:20 | 00,007,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dcomcnfg.exe
[2009/11/12 22:28:19 | 00,045,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\davcdata.exe
[2009/11/12 22:28:12 | 00,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cscript.exe
[2009/11/12 22:28:12 | 00,017,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ctfmon.exe
[2009/11/12 22:28:11 | 00,021,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cprofile.exe
[2009/11/12 22:28:10 | 00,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\convlog.exe
[2009/11/12 22:28:10 | 00,030,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\conime.exe
[2009/11/12 22:28:10 | 00,016,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\convert.exe
[2009/11/12 22:28:10 | 00,010,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\control.exe
[2009/11/12 22:28:09 | 01,036,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\conf.exe
[2009/11/12 22:28:08 | 00,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrepl.exe
[2009/11/12 22:28:08 | 00,007,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrereg.exe
[2009/11/12 22:28:07 | 00,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\compact.exe
[2009/11/12 22:28:07 | 00,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comp.exe
[2009/11/12 22:28:06 | 00,066,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmstp.exe
[2009/11/12 22:28:06 | 00,042,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmmon32.exe
[2009/11/12 22:28:05 | 00,049,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmdl32.exe
[2009/11/12 22:28:04 | 00,391,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmd.exe
[2009/11/12 22:28:04 | 00,105,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clipbrd.exe
[2009/11/12 22:28:04 | 00,066,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cleanmgr.exe
[2009/11/12 22:28:04 | 00,035,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clipsrv.exe
[2009/11/12 22:28:03 | 00,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cipher.exe
[2009/11/12 22:28:03 | 00,010,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ckcnv.exe
[2009/11/12 22:28:03 | 00,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cisvc.exe
[2009/11/12 22:28:02 | 00,045,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrzm.exe
[2009/11/12 22:28:02 | 00,010,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cidaemon.exe
[2009/11/12 22:28:01 | 00,082,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\charmap.exe
[2009/11/12 22:28:01 | 00,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgport.exe
[2009/11/12 22:28:01 | 00,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgusr.exe
[2009/11/12 22:28:01 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chglogon.exe
[2009/11/12 22:28:01 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkdsk.exe
[2009/11/12 22:28:01 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkntfs.exe
[2009/11/12 22:28:01 | 00,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\change.exe
[2009/11/12 22:28:00 | 00,192,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cfgwiz.exe
[2009/11/12 22:27:59 | 00,016,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cb32.exe
[2009/11/12 22:27:58 | 00,117,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\calc.exe
[2009/11/12 22:27:58 | 00,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cacls.exe
[2009/11/12 22:27:57 | 00,007,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bootvrfy.exe
[2009/11/12 22:27:57 | 00,007,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bootok.exe
[2009/11/12 22:27:56 | 00,139,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bootcfg.exe
[2009/11/12 22:27:56 | 00,074,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\blastcln.exe
[2009/11/12 22:27:55 | 00,045,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgzm.exe
[2009/11/12 22:27:53 | 00,020,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.exe
[2009/11/12 22:27:53 | 00,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\auditusr.exe
[2009/11/12 22:27:53 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\attrib.exe
[2009/11/12 22:27:52 | 00,027,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\at.exe
[2009/11/12 22:27:52 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atmadm.exe
[2009/11/12 22:27:51 | 00,035,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asr_pfu.exe
[2009/11/12 22:27:51 | 00,034,816 | ---- | M] (Microsoft Corp.) -- C:\WINDOWS\System32\dllcache\asr_ldm.exe
[2009/11/12 22:27:51 | 00,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asr_fmt.exe
[2009/11/12 22:27:50 | 00,022,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\arp.exe
[2009/11/12 22:27:41 | 00,100,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ahui.exe
[2009/11/12 22:27:41 | 00,047,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\alg.exe
[2009/11/12 22:27:39 | 00,259,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agentsvr.exe
[2009/11/12 22:27:37 | 00,020,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.exe
[2009/11/12 22:27:37 | 00,006,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\actmovie.exe
[2009/11/12 22:27:35 | 00,186,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\accwiz.exe
[2009/11/12 22:26:34 | 00,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\xcopy.exe
[2009/11/12 22:26:33 | 00,034,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wupdmgr.exe
[2009/11/12 22:26:32 | 00,168,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauclt1.exe
[2009/11/12 22:26:29 | 00,118,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wscript.exe
[2009/11/12 22:26:29 | 00,034,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wpnpinst.exe
[2009/11/12 22:26:29 | 00,016,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wscntfy.exe
[2009/11/12 22:26:29 | 00,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\write.exe
[2009/11/12 22:26:27 | 04,399,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wpgldfsh.scr
[2009/11/12 22:26:26 | 00,034,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wpabaln.exe
[2009/11/12 22:26:20 | 00,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\winver.exe
[2009/11/12 22:26:18 | 00,122,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\winmine.exe
[2009/11/12 22:26:18 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\winmsd.exe
[2009/11/12 22:26:17 | 00,210,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\WinFXDocObj.exe
[2009/11/12 22:26:17 | 00,010,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\winhlp32.exe
[2009/11/12 22:26:15 | 00,436,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wiaacmgr.exe
[2009/11/12 22:26:14 | 00,068,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wextract.exe
[2009/11/12 22:26:12 | 00,052,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\w32tm.exe
[2009/11/12 22:26:11 | 00,292,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\vssvc.exe
[2009/11/12 22:26:10 | 00,100,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\verifier.exe
[2009/11/12 22:26:10 | 00,036,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\vssadmin.exe
[2009/11/12 22:26:09 | 00,031,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\verclsid.exe
[2009/11/12 22:26:07 | 00,073,728 | ---- | M] ( U.S. Robotics Corporation) -- C:\WINDOWS\System32\usrshuta.exe
[2009/11/12 22:26:07 | 00,052,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\utilman.exe
[2009/11/12 22:26:07 | 00,049,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\uwdf.exe
[2009/11/12 22:26:06 | 00,081,920 | ---- | M] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\usrmlnka.exe
[2009/11/12 22:26:06 | 00,065,536 | ---- | M] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\usrprbda.exe
[2009/11/12 22:26:05 | 00,027,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\userinit.exe
[2009/11/12 22:26:05 | 00,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ups.exe
[2009/11/12 22:26:04 | 00,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\upnpcont.exe
[2009/11/12 22:26:04 | 00,006,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\unlodctr.exe
[2009/11/12 22:26:03 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\typeperf.exe
[2009/11/12 22:26:03 | 00,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tsshutdn.exe
[2009/11/12 22:26:02 | 00,047,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tscupgrd.exe
[2009/11/12 22:26:02 | 00,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tskill.exe
[2009/11/12 22:26:02 | 00,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tsdiscon.exe
[2009/11/12 22:26:02 | 00,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tscon.exe
[2009/11/12 22:26:01 | 00,034,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tracert6.exe
[2009/11/12 22:26:01 | 00,014,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tracert.exe
[2009/11/12 22:26:00 | 00,349,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tourstart.exe
[2009/11/12 22:26:00 | 00,262,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tracerpt.exe
[2009/11/12 22:26:00 | 00,075,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tlntsvr.exe
[2009/11/12 22:25:59 | 00,080,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tlntsess.exe
[2009/11/12 22:25:59 | 00,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tlntadmn.exe
[2009/11/12 22:25:59 | 00,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tftp.exe
[2009/11/12 22:25:58 | 00,077,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\telnet.exe
[2009/11/12 22:25:57 | 00,022,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tcpsvcs.exe
[2009/11/12 22:25:57 | 00,014,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tcmsetup.exe
[2009/11/12 22:25:56 | 00,138,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\taskmgr.exe
[2009/11/12 22:25:56 | 00,074,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tasklist.exe
[2009/11/12 22:25:56 | 00,074,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\taskkill.exe
[2009/11/12 22:25:56 | 00,017,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\taskman.exe
[2009/11/12 22:25:55 | 00,070,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\systeminfo.exe
[2009/11/12 22:25:55 | 00,005,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\systray.exe
[2009/11/12 22:25:54 | 00,108,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\sysocmgr.exe
[2009/11/12 22:25:54 | 00,039,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\syskey.exe
[2009/11/12 22:25:53 | 00,053,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\syncapp.exe
[2009/11/12 22:25:52 | 00,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\subst.exe
[2009/11/12 22:25:51 | 00,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\stimon.exe
[2009/11/12 22:25:48 | 00,684,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\sstext3d.scr
[2009/11/12 22:25:48 | 00,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ssstars.scr
[2009/11/12 22:25:46 | 00,614,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\sspipes.scr
[2009/11/12 22:25:46 | 00,021,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ssmyst.scr
[2009/11/12 22:25:45 | 00,397,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ssflwbox.scr
[2009/11/12 22:25:45 | 00,049,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ssmypics.scr
[2009/11/12 22:25:45 | 00,023,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ssmarque.scr
[2009/11/12 22:25:45 | 00,022,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ssbezier.scr
[2009/11/12 22:25:42 | 00,708,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ss3dfo.scr
[2009/11/12 22:25:40 | 00,060,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\spoolsv.exe
[2009/11/12 22:25:40 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\spiisupd.exe
[2009/11/12 22:25:40 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\spnpinst.exe
[2009/11/12 22:25:39 | 00,541,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\spider.exe
[2009/11/12 22:25:38 | 00,059,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\sol.exe
[2009/11/12 22:25:38 | 00,026,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\sort.exe
[2009/11/12 22:25:37 | 00,141,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\sndvol32.exe
[2009/11/12 22:25:37 | 00,134,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\sndrec32.exe
[2009/11/12 22:25:37 | 00,092,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\smlogsvc.exe
[2009/11/12 22:25:36 | 00,028,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\skeys.exe
[2009/11/12 22:25:36 | 00,010,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\smbinst.exe
[2009/11/12 22:25:35 | 00,080,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\shrpubw.exe
[2009/11/12 22:25:35 | 00,072,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\sigverif.exe
[2009/11/12 22:25:35 | 00,045,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\shmgrate.exe
[2009/11/12 22:25:35 | 00,022,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\shutdown.exe
[2009/11/12 22:25:34 | 00,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\shadow.exe
[2009/11/12 22:25:33 | 00,033,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\sethc.exe
[2009/11/12 22:25:33 | 00,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\setup.exe
[2009/11/12 22:25:33 | 00,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\sfc.exe
[2009/11/12 22:25:32 | 00,143,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\sessmgr.exe
[2009/11/12 22:25:31 | 00,079,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\sdbinst.exe
[2009/11/12 22:25:31 | 00,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\secedit.exe
[2009/11/12 22:25:30 | 00,124,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\schtasks.exe
[2009/11/12 22:25:30 | 00,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\scrnsave.scr
[2009/11/12 22:25:29 | 00,098,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\scardsvr.exe
[2009/11/12 22:25:29 | 00,033,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\sc.exe
[2009/11/12 22:25:28 | 00,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rwinsta.exe
[2009/11/12 22:25:28 | 00,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\runonce.exe
[2009/11/12 22:25:28 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\savedump.exe
[2009/11/12 22:25:27 | 00,079,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rtcshare.exe
[2009/11/12 22:25:27 | 00,035,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rundll32.exe
[2009/11/12 22:25:27 | 00,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\runas.exe
[2009/11/12 22:25:26 | 00,135,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rsvp.exe
[2009/11/12 22:25:26 | 00,110,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rsnotify.exe
[2009/11/12 22:25:26 | 00,065,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rsopprov.exe
[2009/11/12 22:25:25 | 00,051,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rsmui.exe
[2009/11/12 22:25:25 | 00,051,712 | ---- | M] (Microsoft Corp) -- C:\WINDOWS\System32\rsm.exe
[2009/11/12 22:25:25 | 00,027,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rsmsink.exe
[2009/11/12 22:25:25 | 00,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rsh.exe
[2009/11/12 22:25:24 | 00,028,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\routemon.exe
[2009/11/12 22:25:24 | 00,022,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\route.exe
[2009/11/12 22:25:23 | 00,035,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\relog.exe
[2009/11/12 22:25:23 | 00,016,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rexec.exe
[2009/11/12 22:25:23 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\replace.exe
[2009/11/12 22:25:23 | 00,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\reset.exe
[2009/11/12 22:25:22 | 00,052,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\reg.exe
[2009/11/12 22:25:22 | 00,036,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\regini.exe
[2009/11/12 22:25:22 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\regsvr32.exe
[2009/11/12 22:25:22 | 00,009,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\recover.exe
[2009/11/12 22:25:22 | 00,007,168 | ---- | M] (Microsoft) -- C:\WINDOWS\System32\regwiz.exe
[2009/11/12 22:25:22 | 00,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\regedt32.exe
[2009/11/12 22:25:21 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rdshost.exe
[2009/11/12 22:25:21 | 00,065,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpclip.exe
[2009/11/12 22:25:21 | 00,024,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rcp.exe
[2009/11/12 22:25:21 | 00,016,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rdsaddin.exe
[2009/11/12 22:25:20 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rcimlby.exe
[2009/11/12 22:25:19 | 00,059,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rasphone.exe
[2009/11/12 22:25:19 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rasdial.exe
[2009/11/12 22:25:18 | 00,024,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\qwinsta.exe
[2009/11/12 22:25:18 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rasautou.exe
[2009/11/12 22:25:17 | 00,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\qprocess.exe
[2009/11/12 22:25:16 | 00,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\qappsrv.exe
[2009/11/12 22:25:14 | 00,052,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\proquota.exe
[2009/11/12 22:25:14 | 00,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\proxycfg.exe
[2009/11/12 22:25:13 | 00,112,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\progman.exe
[2009/11/12 22:25:13 | 00,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\print.exe
[2009/11/12 22:25:12 | 00,051,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\powercfg.exe
[2009/11/12 22:25:11 | 00,035,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ping6.exe
[2009/11/12 22:25:11 | 00,020,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ping.exe
[2009/11/12 22:25:10 | 00,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\perfmon.exe
[2009/11/12 22:25:09 | 00,024,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\pathping.exe
[2009/11/12 22:25:09 | 00,017,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\pentnt.exe
[2009/11/12 22:25:08 | 00,060,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\packager.exe
[2009/11/12 22:25:08 | 00,043,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\osuninst.exe
[2009/11/12 22:25:07 | 00,218,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\osk.exe
[2009/11/12 22:25:07 | 00,070,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\openfiles.exe
[2009/11/12 22:25:04 | 00,073,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\odbcconf.exe
[2009/11/12 22:25:04 | 00,036,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\odbcad32.exe
[2009/11/12 22:25:03 | 00,129,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\nwscript.exe
[2009/11/12 22:25:02 | 01,523,712 | ---- | M] () -- C:\WINDOWS\System32\nwiz.exe
[2009/11/12 22:24:59 | 00,180,224 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvunrm.exe
[2009/11/12 22:24:58 | 00,180,224 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvudisp.exe
[2009/11/12 22:24:53 | 01,343,488 | ---- | M] () -- C:\WINDOWS\System32\nvdspsch.exe
[2009/11/12 22:24:52 | 00,446,464 | ---- | M] () -- C:\WINDOWS\System32\nvappbar.exe
[2009/11/12 22:24:52 | 00,151,552 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcolor.exe
[2009/11/12 22:24:49 | 00,422,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ntvdm.exe
[2009/11/12 22:24:48 | 00,034,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ntsd.exe
[2009/11/12 22:24:44 | 01,202,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ntbackup.exe
[2009/11/12 22:24:43 | 00,079,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\nslookup.exe
[2009/11/12 22:24:43 | 00,071,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\notepad.exe
[2009/11/12 22:24:41 | 00,039,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\netstat.exe
[2009/11/12 22:24:40 | 00,334,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\netsetup.exe
[2009/11/12 22:24:40 | 00,088,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\netsh.exe
[2009/11/12 22:24:39 | 00,127,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\net1.exe
[2009/11/12 22:24:39 | 00,045,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\net.exe
[2009/11/12 22:24:38 | 00,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\nbtstat.exe
[2009/11/12 22:24:38 | 00,006,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\nddeapir.exe
[2009/11/12 22:24:36 | 03,345,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\nature.scr
[2009/11/12 22:24:36 | 00,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\narrator.exe
[2009/11/12 22:24:34 | 01,744,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mypixdx.scr
[2009/11/12 22:24:27 | 00,410,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mstsc.exe
[2009/11/12 22:24:27 | 00,014,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mstinit.exe
[2009/11/12 22:24:26 | 00,009,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msswchx.exe
[2009/11/12 22:24:23 | 00,345,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mspaint.exe
[2009/11/12 22:24:20 | 00,081,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msiexec.exe
[2009/11/12 22:24:19 | 00,129,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mshearts.exe
[2009/11/12 22:24:19 | 00,048,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mshta.exe
[2009/11/12 22:24:18 | 00,023,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msg.exe
[2009/11/12 22:24:18 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeedssync.exe
[2009/11/12 22:24:16 | 00,008,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtc.exe
[2009/11/12 22:24:13 | 00,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mqtgsvc.exe
[2009/11/12 22:24:13 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mrinfo.exe
[2009/11/12 22:24:13 | 00,007,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mqsvc.exe
[2009/11/12 22:24:11 | 00,024,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mpnotify.exe
[2009/11/12 22:24:11 | 00,022,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mqbkup.exe
[2009/11/12 22:24:10 | 00,125,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mplay32.exe
[2009/11/12 22:24:10 | 00,010,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mountvol.exe
[2009/11/12 22:24:09 | 00,145,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mobsync.exe
[2009/11/12 22:24:07 | 00,817,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mmc.exe
[2009/11/12 22:24:06 | 00,054,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\migpwd.exe
[2009/11/12 22:24:03 | 00,088,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\makecab.exe
[2009/11/12 22:24:02 | 00,075,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\magnify.exe
[2009/11/12 22:24:01 | 00,010,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\lpr.exe
[2009/11/12 22:24:01 | 00,008,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\lpq.exe
[2009/11/12 22:24:00 | 00,517,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\logonui.exe
[2009/11/12 22:24:00 | 00,223,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\logon.scr
[2009/11/12 22:24:00 | 00,017,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\logoff.exe
[2009/11/12 22:23:59 | 00,099,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\logagent.exe
[2009/11/12 22:23:59 | 00,077,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\locator.exe
[2009/11/12 22:23:59 | 00,061,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\logman.exe
[2009/11/12 22:23:59 | 00,007,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\lodctr.exe
[2009/11/12 22:23:58 | 00,032,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\lights.exe
[2009/11/12 22:23:58 | 00,027,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\lnkstub.exe
[2009/11/12 22:23:56 | 00,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\label.exe
[2009/11/12 22:23:54 | 00,430,080 | ---- | M] () -- C:\WINDOWS\System32\keystone.exe
[2009/11/12 22:23:48 | 00,131,072 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2009/11/12 22:23:48 | 00,053,248 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2009/11/12 22:23:48 | 00,053,248 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2009/11/12 22:23:46 | 00,055,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ipv6.exe
[2009/11/12 22:23:46 | 00,026,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ipxroute.exe
[2009/11/12 22:23:45 | 00,046,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ipsec6.exe
[2009/11/12 22:23:44 | 00,058,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ipconfig.exe
[2009/11/12 22:23:41 | 00,117,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iexpress.exe
[2009/11/12 22:23:41 | 00,039,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ieudinit.exe
[2009/11/12 22:23:39 | 00,175,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ie4uinit.exe
[2009/11/12 22:23:37 | 00,010,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\hostname.exe
[2009/11/12 22:23:36 | 00,064,512 | ---- | M] (Windows ® Server 2003 DDK provider) -- C:\WINDOWS\System32\HdAShCut.exe
[2009/11/12 22:23:36 | 00,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\help.exe
[2009/11/12 22:23:35 | 00,059,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\gpupdate.exe
[2009/11/12 22:23:35 | 00,041,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\grpconv.exe
[2009/11/12 22:23:34 | 00,122,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\gpresult.exe
[2009/11/12 22:23:33 | 00,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\getmac.exe
[2009/11/12 22:23:32 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\fxssend.exe
[2009/11/12 22:23:31 | 00,231,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\fxscover.exe
[2009/11/12 22:23:31 | 00,145,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsclnt.exe
[2009/11/12 22:23:31 | 00,045,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ftp.exe
[2009/11/12 22:23:30 | 00,195,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\fsquirt.exe
[2009/11/12 22:23:30 | 00,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\fsutil.exe
[2009/11/12 22:23:29 | 00,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\freecell.exe
[2009/11/12 22:23:29 | 00,023,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\fontview.exe
[2009/11/12 22:23:29 | 00,009,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\forcedos.exe
[2009/11/12 22:23:28 | 00,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\fltMc.exe
[2009/11/12 22:23:28 | 00,005,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\fixmapi.exe
[2009/11/12 22:23:27 | 00,029,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\findstr.exe
[2009/11/12 22:23:27 | 00,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\finger.exe
[2009/11/12 22:23:27 | 00,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\find.exe
[2009/11/12 22:23:24 | 00,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\fc.exe
[2009/11/12 22:23:23 | 00,048,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\extrac32.exe
[2009/11/12 22:23:22 | 00,080,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\eventtriggers.exe
[2009/11/12 22:23:22 | 00,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\expand.exe
[2009/11/12 22:23:22 | 00,011,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\eventvwr.exe
[2009/11/12 22:23:21 | 00,195,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\eudcedit.exe
[2009/11/12 22:23:21 | 00,052,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\eventcreate.exe
[2009/11/12 22:23:20 | 00,041,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\esentutl.exe
[2009/11/12 22:23:18 | 01,302,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dxdiag.exe
[2009/11/12 22:23:17 | 00,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dwwin.exe
[2009/11/12 22:23:17 | 00,057,856 | ---- | M] () -- C:\WINDOWS\System32\dvdplay.exe
[2009/11/12 22:23:17 | 00,020,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dvdupgrd.exe
[2009/11/12 22:23:16 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dumprep.exe
[2009/11/12 22:23:15 | 00,048,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drwtsn32.exe
[2009/11/12 22:23:14 | 00,086,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dpvsetup.exe
[2009/11/12 22:23:14 | 00,060,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\driverquery.exe
[2009/11/12 22:23:13 | 00,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dpnsvr.exe
[2009/11/12 22:23:12 | 00,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dplaysvr.exe
[2009/11/12 22:23:12 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\doskey.exe
[2009/11/12 22:23:11 | 00,018,432 | ---- | M] (Microsoft Corp.) -- C:\WINDOWS\System32\dmremote.exe
[2009/11/12 22:23:10 | 00,227,328 | ---- | M] (Microsoft Corp., Veritas Software) -- C:\WINDOWS\System32\dmadmin.exe
[2009/11/12 22:23:10 | 00,166,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\diskpart.exe
[2009/11/12 22:23:10 | 00,020,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\diskperf.exe
[2009/11/12 22:23:10 | 00,007,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllhost.exe
[2009/11/12 22:23:10 | 00,007,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllhst3g.exe
[2009/11/12 22:23:09 | 00,088,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\diantz.exe
[2009/11/12 22:23:08 | 00,107,520 | ---- | M] (Microsoft Corp. and Executive Software International, Inc.) -- C:\WINDOWS\System32\dfrgntfs.exe
[2009/11/12 22:23:08 | 00,084,992 | ---- | M] (Microsoft Corp. and Executive Software International, Inc.) -- C:\WINDOWS\System32\dfrgfat.exe
[2009/11/12 22:23:08 | 00,027,648 | ---- | M] (Microsoft Corp. and Executive Software International, Inc.) -- C:\WINDOWS\System32\defrag.exe
[2009/11/12 22:23:07 | 00,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ddeshare.exe
[2009/11/12 22:23:07 | 00,007,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dcomcnfg.exe
[2009/11/12 22:23:04 | 05,071,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\davinci.scr
[2009/11/12 22:23:00 | 00,017,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ctfmon.exe
[2009/11/12 22:22:59 | 00,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\cscript.exe
[2009/11/12 22:22:58 | 00,030,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\conime.exe
[2009/11/12 22:22:58 | 00,016,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\convert.exe
[2009/11/12 22:22:58 | 00,010,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\control.exe
[2009/11/12 22:22:57 | 00,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\compact.exe
[2009/11/12 22:22:57 | 00,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\comp.exe
[2009/11/12 22:22:55 | 00,066,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\cmstp.exe
[2009/11/12 22:22:55 | 00,049,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\cmdl32.exe
[2009/11/12 22:22:55 | 00,042,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\cmmon32.exe
[2009/11/12 22:22:54 | 00,391,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\cmd.exe
[2009/11/12 22:22:53 | 00,105,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\clipbrd.exe
[2009/11/12 22:22:53 | 00,024,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\cliconfg.exe
[2009/11/12 22:22:51 | 00,066,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\cleanmgr.exe
[2009/11/12 22:22:51 | 00,010,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ckcnv.exe
[2009/11/12 22:22:50 | 00,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\cipher.exe
[2009/11/12 22:22:50 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\chkntfs.exe
[2009/11/12 22:22:50 | 00,010,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\cidaemon.exe
[2009/11/12 22:22:49 | 00,082,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\charmap.exe
[2009/11/12 22:22:49 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\chkdsk.exe
[2009/11/12 22:22:46 | 00,117,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\calc.exe
[2009/11/12 22:22:46 | 00,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\cacls.exe
[2009/11/12 22:22:45 | 00,139,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\bootcfg.exe
[2009/11/12 22:22:45 | 00,007,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\bootvrfy.exe
[2009/11/12 22:22:45 | 00,007,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\bootok.exe
[2009/11/12 22:22:44 | 00,074,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\blastcln.exe
[2009/11/12 22:22:41 | 00,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\auditusr.exe
[2009/11/12 22:22:41 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\attrib.exe
[2009/11/12 22:22:41 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\atmadm.exe
[2009/11/12 22:22:40 | 00,035,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\asr_pfu.exe
[2009/11/12 22:22:40 | 00,034,816 | ---- | M] (Microsoft Corp.) -- C:\WINDOWS\System32\asr_ldm.exe
[2009/11/12 22:22:40 | 00,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\asr_fmt.exe
[2009/11/12 22:22:40 | 00,027,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\at.exe
[2009/11/12 22:22:39 | 00,022,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\arp.exe
[2009/11/12 22:22:38 | 00,100,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ahui.exe
[2009/11/12 22:22:38 | 00,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\alg.exe
[2009/11/12 22:22:36 | 00,186,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\accwiz.exe
[2009/11/12 22:22:36 | 00,006,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\actmovie.exe
[2009/11/12 22:11:42 | 00,000,000 | ---- | M] () -- C:\WINDOWS\SC.INS
[2009/11/12 22:11:42 | 00,000,000 | ---- | M] () -- C:\WINDOWS\sc.exe
[2009/11/12 22:04:34 | 22,140,680 | ---- | M] (Doctor Web, Ltd.) -- C:\Documents and Settings\Compaq_Administrator\Desktop\drweb-cureit.exe
[2009/11/12 11:23:18 | 00,421,438 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\1-5A.JPG
[2009/11/11 23:26:37 | 00,001,660 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2009/11/11 22:20:54 | 00,000,140 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\webct_upload_applet.properties
[2009/11/11 22:18:17 | 00,002,516 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Japanese Comics are Popular in Foreign Countries.rtf
[2009/11/11 13:18:00 | 02,083,177 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\newsletter-november-issue2[1].docx
[2009/11/11 10:22:57 | 00,419,282 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\error2.bmp
[2009/11/10 20:40:07 | 00,000,762 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Resume Adobe Downloads.lnk
[2009/11/10 19:34:10 | 00,004,629 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\essay.rtf
[2009/11/10 16:50:56 | 00,056,179 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\jpforlauren.jpg
[2009/11/10 15:49:32 | 00,000,000 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\settings.dat
[2009/11/10 10:01:19 | 00,000,152 | ---- | M] () -- C:\WINDOWS\System32\api.reg
[2009/11/08 23:02:17 | 00,000,788 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2009/11/08 20:47:18 | 00,000,699 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/11/08 17:27:03 | 00,000,221 | ---- | M] () -- C:\WINDOWS\System32\winset.ini
[2009/11/08 16:21:10 | 00,350,653 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\oldhosts
[2009/11/08 15:18:05 | 00,000,941 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Spybot - Search & Destroy.lnk
[2009/11/08 14:19:53 | 00,000,825 | ---- | M] () -- C:\WINDOWS\System32\wininit.dll
[2009/11/08 14:11:29 | 00,000,655 | -HS- | M] () -- C:\Documents and Settings\Compaq_Administrator\Start Menu\Programs\Startup\scandisk.lnk
[2009/11/08 13:54:49 | 00,180,240 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/11/08 13:46:10 | 00,000,720 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Craving Explorer.lnk
[2009/11/08 01:02:26 | 00,000,231 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/11/08 00:16:25 | 05,300,944 | -H-- | M] () -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\IconCache.db
[2009/11/08 00:08:26 | 00,000,638 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\µTorrent.lnk
[2009/11/08 00:01:51 | 00,000,737 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Audacity.lnk
[2009/11/07 23:57:23 | 00,001,556 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\CCleaner.lnk
[2009/11/07 23:54:37 | 00,000,727 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\VLC media player.lnk
[2009/11/07 23:38:23 | 00,000,612 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\JWPce.lnk
[2009/11/07 23:19:59 | 00,006,144 | ---- | M] () -- C:\WINDOWS\System32\WinRAR.dll
[2009/11/07 23:12:24 | 00,382,022 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/11/07 23:12:24 | 00,053,640 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/11/07 23:12:23 | 00,441,626 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/11/07 23:12:22 | 00,000,281 | RHS- | M] () -- C:\boot.ini
[2009/11/07 23:09:20 | 00,001,819 | RHS- | M] () -- C:\WINDOWS\System32\drivers\103C_HP_CPC_RE474AA-ABA SR2023WM NA680_YC_0Pres_QCNH640_E64NAemREA4_48_INAOS_SASUSTek Computer INC._V1.05_B3.00_T060630_WXP2_L409_M959_J160_7AMD_8Athlon 64_92.2_#061225_N_Z14F12F20_G10DE0241.MRK
[2009/11/07 23:07:25 | 00,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/11/07 23:06:27 | 00,001,111 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2009/11/07 23:06:06 | 00,262,144 | ---- | M] () -- C:\Documents and Settings\All Users\NTUSER.DAT
[2009/11/07 23:05:21 | 00,000,211 | RHS- | M] () -- C:\BOOT.BAK
[2009/11/07 19:45:39 | 00,000,120 | ---- | M] () -- C:\WINDOWS\Pcuhumu.dat
[2009/11/07 16:05:34 | 00,000,000 | -HS- | M] () -- C:\284294437
[2009/11/07 15:38:13 | 00,000,000 | ---- | M] () -- C:\WINDOWS\Fdona.bin
[2009/11/06 15:22:56 | 00,000,000 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\My Documents\Section1.docx
[2009/10/31 11:51:25 | 00,001,733 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\McGraw-Hill's GED.lnk
[2009/10/23 12:59:41 | 00,000,636 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Zune.lnk
[2009/10/23 12:18:00 | 00,000,410 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\My Documents\Shortcut to My Documents.lnk
[2009/10/23 07:25:43 | 00,000,336 | ---- | M] () -- C:\WINDOWS\tasks\HPCeeSchedule.job
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2009/11/14 12:38:34 | 00,058,880 | ---- | C] () -- C:\WINDOWS\System32\332.exe
[2009/11/14 12:38:31 | 00,059,392 | ---- | C] () -- C:\WINDOWS\System32\winnt.exe
[2009/11/14 12:35:40 | 00,443,393 | ---- | C] () -- C:\WINDOWS\isvchost.exe
[2009/11/14 11:07:30 | 00,588,289 | ---- | C] () -- C:\WINDOWS\svchust.exe
[2009/11/14 11:06:31 | 01,169,920 | ---- | C] () -- C:\WINDOWS\svchost.exe
[2009/11/13 23:14:21 | 00,007,164 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\DrWeb1.csv
[2009/11/13 00:45:24 | 00,003,235 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\DrWeb.csv
[2009/11/12 22:11:42 | 00,000,000 | ---- | C] () -- C:\WINDOWS\SC.INS
[2009/11/12 22:11:42 | 00,000,000 | ---- | C] () -- C:\WINDOWS\sc.exe
[2009/11/12 11:23:17 | 00,421,438 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\1-5A.JPG
[2009/11/11 22:20:54 | 00,000,140 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\webct_upload_applet.properties
[2009/11/11 22:18:17 | 00,002,516 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Japanese Comics are Popular in Foreign Countries.rtf
[2009/11/11 13:17:58 | 02,083,177 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\newsletter-november-issue2[1].docx
[2009/11/11 10:22:56 | 00,419,282 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\error2.bmp
[2009/11/10 22:16:18 | 00,050,176 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Win32kDiag.exe
[2009/11/10 20:37:49 | 00,000,348 | ---- | C] () -- C:\WINDOWS\System32\uses32.dat
[2009/11/10 20:37:49 | 00,000,100 | ---- | C] () -- C:\WINDOWS\System32\flags.ini
[2009/11/10 20:37:39 | 00,001,660 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2009/11/10 19:34:10 | 00,004,629 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\essay.rtf
[2009/11/10 16:51:11 | 00,056,179 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\jpforlauren.jpg
[2009/11/10 15:49:32 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\settings.dat
[2009/11/10 12:34:03 | 00,528,896 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\dds.scr
[2009/11/10 10:01:19 | 00,000,152 | ---- | C] () -- C:\WINDOWS\System32\api.reg
[2009/11/09 12:26:18 | 00,000,762 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Resume Adobe Downloads.lnk
[2009/11/08 23:02:17 | 00,000,788 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2009/11/08 20:47:18 | 00,000,699 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/11/08 18:09:06 | 00,001,577 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Internet Explorer.lnk
[2009/11/08 15:18:05 | 00,000,941 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Spybot - Search & Destroy.lnk
[2009/11/08 14:19:53 | 00,000,825 | ---- | C] () -- C:\WINDOWS\System32\wininit.dll
[2009/11/08 13:46:10 | 00,000,720 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Craving Explorer.lnk
[2009/11/08 13:23:12 | 01,158,818 | ---- | C] () -- C:\WINDOWS\System32\korwbrkr.lex
[2009/11/08 13:23:12 | 00,001,486 | ---- | C] () -- C:\WINDOWS\System32\noise.kor
[2009/11/08 13:23:10 | 00,002,060 | ---- | C] () -- C:\WINDOWS\System32\noise.jpn
[2009/11/08 13:22:46 | 00,211,938 | ---- | C] () -- C:\WINDOWS\System32\lcphrase.tbl
[2009/11/08 13:22:46 | 00,146,126 | ---- | C] () -- C:\WINDOWS\System32\array30.tab
[2009/11/08 13:22:46 | 00,110,566 | ---- | C] () -- C:\WINDOWS\System32\arphr.tbl
[2009/11/08 13:22:46 | 00,024,114 | ---- | C] () -- C:\WINDOWS\System32\lcptr.tbl
[2009/11/08 13:22:46 | 00,018,600 | ---- | C] () -- C:\WINDOWS\System32\arrayhw.tab
[2009/11/08 13:22:46 | 00,016,312 | ---- | C] () -- C:\WINDOWS\System32\arptr.tbl
[2009/11/08 13:22:45 | 00,116,285 | ---- | C] () -- C:\WINDOWS\System32\msdayi.tbl
[2009/11/08 13:22:45 | 00,043,242 | ---- | C] () -- C:\WINDOWS\System32\phoncode.tbl
[2009/11/08 13:22:45 | 00,004,071 | ---- | C] () -- C:\WINDOWS\System32\phon.tbl
[2009/11/08 13:22:45 | 00,002,714 | ---- | C] () -- C:\WINDOWS\System32\phonptr.tbl
[2009/11/08 13:22:45 | 00,000,700 | ---- | C] () -- C:\WINDOWS\System32\dayiptr.tbl
[2009/11/08 13:22:45 | 00,000,520 | ---- | C] () -- C:\WINDOWS\System32\dayiphr.tbl
[2009/11/08 13:22:44 | 00,195,618 | ---- | C] () -- C:\WINDOWS\System32\c_10002.nls
[2009/11/08 13:22:44 | 00,082,172 | ---- | C] () -- C:\WINDOWS\System32\bopomofo.nls
[2009/11/08 13:22:44 | 00,066,728 | ---- | C] () -- C:\WINDOWS\System32\big5.nls
[2009/11/08 13:22:44 | 00,044,370 | ---- | C] () -- C:\WINDOWS\System32\acode.tbl
[2009/11/08 13:22:44 | 00,044,370 | ---- | C] () -- C:\WINDOWS\System32\a234.tbl
[2009/11/08 13:22:44 | 00,001,460 | ---- | C] () -- C:\WINDOWS\System32\a15.tbl
[2009/11/08 13:22:39 | 00,016,254 | ---- | C] () -- C:\WINDOWS\System32\PINTLPAE.HLP
[2009/11/08 13:22:39 | 00,014,821 | ---- | C] () -- C:\WINDOWS\System32\PINTLPAD.HLP
[2009/11/08 13:22:29 | 01,564,868 | ---- | C] () -- C:\WINDOWS\System32\WINSP.MB
[2009/11/08 13:22:29 | 01,223,500 | ---- | C] () -- C:\WINDOWS\System32\WINZM.MB
[2009/11/08 13:22:28 | 01,783,864 | ---- | C] () -- C:\WINDOWS\System32\WINPY.MB
[2009/11/08 13:22:26 | 00,173,602 | ---- | C] () -- C:\WINDOWS\System32\c_10008.nls
[2009/11/08 13:22:26 | 00,083,748 | ---- | C] () -- C:\WINDOWS\System32\prcp.nls
[2009/11/08 13:22:26 | 00,083,748 | ---- | C] () -- C:\WINDOWS\System32\prc.nls
[2009/11/08 13:21:41 | 00,189,986 | ---- | C] () -- C:\WINDOWS\System32\c_1361.nls
[2009/11/08 13:21:41 | 00,177,698 | ---- | C] () -- C:\WINDOWS\System32\c_10003.nls
[2009/11/08 13:21:41 | 00,047,066 | ---- | C] () -- C:\WINDOWS\System32\ksc.nls
[2009/11/08 13:19:37 | 00,177,698 | ---- | C] () -- C:\WINDOWS\System32\c_20949.nls
[2009/11/08 13:19:36 | 00,180,770 | ---- | C] () -- C:\WINDOWS\System32\c_20932.nls
[2009/11/08 13:19:36 | 00,180,258 | ---- | C] () -- C:\WINDOWS\System32\c_20000.nls
[2009/11/08 13:19:36 | 00,173,602 | ---- | C] () -- C:\WINDOWS\System32\c_20936.nls
[2009/11/08 13:19:36 | 00,162,850 | ---- | C] () -- C:\WINDOWS\System32\c_10001.nls
[2009/11/08 13:19:36 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_21027.nls
[2009/11/08 13:19:36 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_20290.nls
[2009/11/08 13:19:36 | 00,028,288 | ---- | C] () -- C:\WINDOWS\System32\xjis.nls
[2009/11/08 05:21:02 | 00,000,221 | ---- | C] () -- C:\WINDOWS\System32\winset.ini
[2009/11/08 00:08:26 | 00,000,638 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\µTorrent.lnk
[2009/11/08 00:01:51 | 00,000,737 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Audacity.lnk
[2009/11/07 23:57:23 | 00,001,556 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\CCleaner.lnk
[2009/11/07 23:54:37 | 00,000,727 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\VLC media player.lnk
[2009/11/07 23:19:59 | 00,006,144 | ---- | C] () -- C:\WINDOWS\System32\WinRAR.dll
[2009/11/07 23:09:18 | 00,001,819 | RHS- | C] () -- C:\WINDOWS\System32\drivers\103C_HP_CPC_RE474AA-ABA SR2023WM NA680_YC_0Pres_QCNH640_E64NAemREA4_48_INAOS_SASUSTek Computer INC._V1.05_B3.00_T060630_WXP2_L409_M959_J160_7AMD_8Athlon 64_92.2_#061225_N_Z14F12F20_G10DE0241.MRK
[2009/11/07 23:09:17 | 10,051,13344 | -HS- | C] () -- C:\hiberfil.sys
[2009/11/07 23:07:35 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\Compaq_Administrator\Application Data\desktop.ini
[2009/11/07 23:07:33 | 05,300,944 | -H-- | C] () -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\IconCache.db
[2009/11/07 23:07:33 | 00,043,680 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009/11/07 23:07:33 | 00,000,143 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\fusioncache.dat
[2009/11/07 23:07:29 | 00,000,178 | -HS- | C] () -- C:\Documents and Settings\Compaq_Administrator\ntuser.ini
[2009/11/07 23:07:28 | 05,242,880 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\NTUSER.DAT
[2009/11/07 16:05:34 | 00,000,000 | -HS- | C] () -- C:\284294437
[2009/11/07 15:38:13 | 00,000,120 | ---- | C] () -- C:\WINDOWS\Pcuhumu.dat
[2009/11/07 15:38:13 | 00,000,000 | ---- | C] () -- C:\WINDOWS\Fdona.bin
[2009/11/06 15:22:56 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\My Documents\Section1.docx
[2009/10/31 11:51:25 | 00,001,733 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\McGraw-Hill's GED.lnk
[2009/10/23 12:18:00 | 00,000,410 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\My Documents\Shortcut to My Documents.lnk
[2009/10/23 07:25:42 | 00,000,336 | ---- | C] () -- C:\WINDOWS\tasks\HPCeeSchedule.job
[2008/08/17 13:47:01 | 00,000,000 | ---- | C] () -- C:\Program Files\temp01
[2007/10/01 08:20:53 | 00,000,087 | ---- | C] () -- C:\WINDOWS\encore_launcher.ini
[2007/09/16 08:05:57 | 00,020,480 | ---- | C] () -- C:\Program Files\Community Service Log.xls
[2007/06/04 07:48:50 | 00,000,000 | ---- | C] () -- C:\WINDOWS\MSDraw.ini
[2007/04/07 13:11:18 | 00,001,362 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007/02/26 17:20:56 | 00,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2007/01/13 10:02:18 | 00,019,456 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/01/02 23:20:59 | 00,002,352 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Application Data\wklnhst.dat
[2006/12/26 12:27:21 | 00,000,642 | ---- | C] () -- C:\WINDOWS\LEXSTAT.INI
[2006/12/25 21:26:44 | 00,000,029 | ---- | C] () -- C:\WINDOWS\atid.ini
[2006/09/05 20:52:08 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/09/05 20:25:43 | 00,028,848 | ---- | C] () -- C:\WINDOWS\System32\drivers\USBkey.sys
[2006/09/05 20:18:08 | 00,012,988 | ---- | C] () -- C:\WINDOWS\System32\CHODDI.SYS
[2006/09/05 20:17:58 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\hpreg.dll
[2006/09/05 20:14:46 | 00,000,174 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2006/09/05 20:04:57 | 00,000,108 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2006/09/05 20:03:40 | 00,000,698 | ---- | C] () -- C:\WINDOWS\NSSetDefaultBrowser.ini
[2006/09/05 19:58:56 | 00,000,368 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2006/09/05 19:57:51 | 00,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2006/09/05 19:54:35 | 01,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006/09/05 19:54:35 | 01,466,368 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006/09/05 19:54:35 | 01,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006/09/05 19:54:35 | 00,573,440 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006/09/05 19:54:35 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006/09/05 19:54:35 | 00,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2006/09/05 19:54:34 | 00,106,496 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2006/09/05 19:53:10 | 00,000,791 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2006/09/05 19:31:51 | 00,323,584 | ---- | C] () -- C:\WINDOWS\System32\pythoncom22.dll
[2006/09/05 19:31:51 | 00,094,208 | ---- | C] () -- C:\WINDOWS\System32\pywintypes22.dll
[2006/09/05 19:31:32 | 00,016,896 | ---- | C] () -- C:\WINDOWS\System32\bcbmm.dll
[2006/06/29 13:58:52 | 00,030,808 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont
[2006/06/29 13:53:56 | 00,026,489 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006/06/16 13:58:18 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2006/04/18 14:39:28 | 00,029,779 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006/04/18 14:39:28 | 00,026,040 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2005/08/30 23:02:00 | 00,000,477 | ---- | C] () -- C:\WINDOWS\win.ini
[2005/08/30 15:52:36 | 00,000,231 | ---- | C] () -- C:\WINDOWS\system.ini
[2005/08/30 15:52:20 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\desktop.ini
[2005/08/05 23:01:54 | 00,239,104 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/08/03 01:19:16 | 00,050,176 | ---- | C] () -- C:\WINDOWS\armcex.dll
[2004/08/09 23:00:00 | 00,061,440 | ---- | C] () -- C:\WINDOWS\System32\WmdmPv32.dll
[2004/08/09 23:00:00 | 00,061,440 | ---- | C] () -- C:\WINDOWS\System32\Nwsapv32.dll
[2004/08/09 23:00:00 | 00,061,440 | ---- | C] () -- C:\WINDOWS\System32\NWCWov32.dll
[2004/08/09 23:00:00 | 00,061,440 | ---- | C] () -- C:\WINDOWS\System32\Irmonv32.dll
[2004/08/09 23:00:00 | 00,061,440 | ---- | C] () -- C:\WINDOWS\System32\Ipripv32.dll
[2004/08/09 23:00:00 | 00,061,440 | ---- | C] () -- C:\WINDOWS\System32\Iasv32.dll
[2004/08/09 23:00:00 | 00,061,440 | ---- | C] () -- C:\WINDOWS\System32\DMServ32.dll
[2004/08/09 23:00:00 | 00,061,440 | ---- | C] () -- C:\WINDOWS\System32\BtwSrv32.dll
[2004/08/09 23:00:00 | 00,061,440 | ---- | C] () -- C:\WINDOWS\System32\6to4v32.dll
[2004/08/09 23:00:00 | 00,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[2004/08/09 23:00:00 | 00,002,304 | ---- | C] () -- C:\WINDOWS\System32\daqdrv.sys
[2004/07/26 09:51:38 | 00,000,592 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini

========== Alternate Data Streams ==========

@Alternate Data Stream - 487 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:05EE1EEF
@Alternate Data Stream - 128 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:090FB735
@Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:260575F1
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8401B6D5
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F67AAFC5
@Alternate Data Stream - 108 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:43982D5E
@Alternate Data Stream - 101 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:EC0A74A1
@Alternate Data Stream - 101 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1CE87230
< End of report >

#12 Buckeye_Sam

Malware Expert

Members
17,382 posts
OFFLINE

Gender:Male
Location:Pickerington, Ohio
Local time:11:46 AM

Posted 14 November 2009 - 01:09 PM

Let's hit it again.

Run OTL.exe

Under the Custom Scans/Fixes box at the bottom, paste in the following

:OTL
MOD - [2009/11/14 12:38:32 | 00,011,776 | ---- | M] () -- C:\WINDOWS\Temp\323814usc.dll
MOD - [2009/11/14 12:38:31 | 00,025,088 | ---- | M] () -- C:\WINDOWS\Temp\3829xxx.dll
SRV - [2009/11/14 12:36:54 | 00,588,289 | ---- | M] () -- C:\WINDOWS\svchust.exe -- (Net_Login)
SRV - [2009/11/14 11:06:41 | 01,169,920 | ---- | M] () -- C:\WINDOWS\svchost.exe -- (NetLogin)
O20 - AppInit_DLLs: (C:\WINDOWS\system32\rdolib.dll) - C:\WINDOWS\system32\rdolib.dll (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\WINDOWS\TEMP\3829xxx.dll) - C:\WINDOWS\Temp\3829xxx.dll ()
O20 - AppInit_DLLs: (C:\WINDOWS\TEMP\323814usc.dll) - C:\WINDOWS\Temp\323814usc.dll ()
[2009/11/12 22:11:42 | 00,000,000 | ---D | C] -- C:\Program Files\Protection System
[2009/11/14 12:38:32 | 00,058,880 | ---- | M] () -- C:\WINDOWS\System32\332.exe
[2009/11/14 12:38:31 | 00,059,392 | ---- | M] () -- C:\WINDOWS\System32\winnt.exe
[2009/11/14 12:37:13 | 00,000,247 | ---- | M] () -- C:\WINDOWS\System\hpsysdrv.dat
[2009/11/14 12:36:54 | 00,588,289 | ---- | M] () -- C:\WINDOWS\svchust.exe
[2009/11/14 12:35:50 | 00,443,393 | ---- | M] () -- C:\WINDOWS\isvchost.exe
[2009/11/14 12:35:29 | 00,043,531 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml

:Commands
[emptytemp]
[Reboot]

Then click the Run Fix button at the top
Let the program run unhindered, reboot when it is done
You will get a log that shows the results of the fix. Please post it.
Then also run and post a new OTL log.

======================

Let's try Combofix again now.

Download Combofix from any of the links below. You must rename it before saving it. Save it to your desktop.

Link 1
Link 2
Link 3

Posted Image

--------------------------------------------------------------------

Double click on Combo-Fix.exe & follow the prompts.

When finished, it will produce a report for you.
Please post the C:\ComboFix.txt so we can continue cleaning the system.

#13 Rac9n

Topic Starter

Members
15 posts
OFFLINE

Local time:11:46 AM

Posted 16 November 2009 - 09:00 AM

Well. Whatever that did, it wasn't good.
Immediately after running the fix, I got the same "System Shutting Down" window, but this time the scan finished and it restarted before the 60 seconds was up. It came back up after the restart, and I had two brand new error messages! I've attached the screenshot. Also, everything was in Windows Classic again. And, I had no start bar. And, no internet.

Anyway, I ran a new OTL scan after it restarted, and I've also attached the log from that scan. I couldn't run combofix because I couldn't get to the internet, but I'll stick it on a thumb drive and run it at home if I still need to. I'd like to get internet back at the house, though.

I apologize for the late reply, but I haven't been able to get to a computer that worked until now!

And again, thanks for the help~

OTL logfile created on: 11/14/2009 1:24:43 PM - Run 3
OTL by OldTimer - Version 3.1.5.0 Folder = C:\Documents and Settings\Compaq_Administrator\Desktop
Windows XP Media Center Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

958.48 Mb Total Physical Memory | 687.55 Mb Available Physical Memory | 71.73% Memory free
2.26 Gb Paging File | 2.07 Gb Available in Paging File | 91.47% Paging File free
Paging file location(s): C:\pagefile.sys 1440 2880 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 140.48 Gb Total Space | 51.67 Gb Free Space | 36.79% Space Free | Partition Type: NTFS
Drive D: | 8.56 Gb Total Space | 0.54 Gb Free Space | 6.28% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: DKLSCOTT
Current User Name: Compaq_Administrator
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2009/11/14 10:47:11 | 00,549,888 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Administrator\Desktop\OTL.exe
PRC - [2009/11/13 23:02:01 | 00,072,704 | ---- | M] (Hewlett-Packard Company) -- c:\WINDOWS\system\hpsysdrv.exe
PRC - [2009/11/13 22:58:20 | 00,057,344 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
PRC - [2009/11/13 22:58:18 | 01,093,632 | ---- | M] (Digital Interactive Systems Corporation) -- C:\Program Files\DISC\DISCover.exe
PRC - [2009/11/12 22:40:20 | 16,243,200 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.EXE
PRC - [2009/11/12 22:40:18 | 01,052,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2009/11/12 22:40:17 | 00,070,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ehome\ehtray.exe
PRC - [2009/11/12 22:40:03 | 01,696,768 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe
PRC - [2009/11/12 22:40:02 | 00,053,248 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
PRC - [2009/11/12 22:40:01 | 00,040,960 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe
PRC - [2009/11/12 22:39:31 | 00,069,120 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe
PRC - [2009/11/12 22:39:31 | 00,017,920 | ---- | M] (Microsoft® Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe
PRC - [2009/10/12 21:24:50 | 02,000,112 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2005/09/17 02:27:02 | 00,052,848 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccApp.exe
PRC - [2004/11/02 17:59:52 | 00,218,240 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe

========== Modules (SafeList) ==========

MOD - [2009/11/14 10:47:11 | 00,549,888 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Administrator\Desktop\OTL.exe
MOD - [2006/09/05 20:18:53 | 00,024,613 | ---- | M] (BackWeb) -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\IadHide5.dll
MOD - [2004/08/10 06:00:00 | 01,050,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
MOD - [2004/08/09 23:00:00 | 00,185,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll

========== Win32 Services (SafeList) ==========

SRV - File not found -- -- (NVSvc)
SRV - File not found -- -- (ImapiService)
SRV - File not found -- -- (Fax)
SRV - File not found -- -- (ehSched)
SRV - File not found -- -- (ehRecvr)
SRV - File not found -- -- (CiSvc)
SRV - File not found -- -- (ARSVC)
SRV - [2009/11/12 22:40:17 | 00,118,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ehome\mcrdsvc.exe -- (McrdSvc)
SRV - [2009/11/12 22:39:31 | 00,077,824 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2009/11/12 22:39:31 | 00,069,120 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService)
SRV - [2009/09/23 16:36:06 | 00,051,168 | ---- | M] (NOS Microsystems Ltd.) -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper)
SRV - [2006/09/05 20:37:20 | 01,119,888 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)
SRV - [2006/01/02 15:18:24 | 00,045,744 | ---- | M] (Symantec Corporation) -- c:\Program Files\Norton Internet Security\comHost.exe -- (comHost)
SRV - [2005/12/31 00:42:18 | 00,133,792 | ---- | M] (Symantec Corporation) -- c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe -- (navapsvc)
SRV - [2005/10/13 10:48:40 | 00,072,280 | ---- | M] (Symantec Corporation) -- c:\Program Files\Norton Internet Security\ccPwdSvc.exe -- (ccISPwdSvc)
SRV - [2005/09/24 17:10:56 | 00,749,696 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE -- (NSCService)
SRV - [2005/09/19 13:24:20 | 00,214,672 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe -- (SNDSrvc)
SRV - [2005/09/17 02:27:12 | 00,169,584 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe -- (ccSetMgr)
SRV - [2005/09/17 02:27:10 | 00,202,352 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\ccProxy.exe -- (ccProxy)
SRV - [2005/09/17 02:27:06 | 00,192,112 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe -- (ccEvtMgr)
SRV - [2005/09/15 17:21:14 | 01,160,800 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe -- (SPBBCSvc)
SRV - [2005/08/26 16:22:48 | 00,198,368 | ---- | M] (Symantec Corporation) -- c:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe -- (SAVScan)
SRV - [2004/08/09 23:00:00 | 00,061,440 | ---- | M] () -- C:\WINDOWS\system32\6to4v32.dll -- (6to4)

========== Driver Services (SafeList) ==========

DRV - [2009/10/12 21:24:56 | 00,007,408 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2009/10/12 21:24:54 | 00,009,968 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2009/10/12 21:24:52 | 00,074,480 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2006/09/05 20:37:20 | 00,010,344 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\system32\drivers\symlcbrd.sys -- (symlcbrd)
DRV - [2006/06/14 13:04:12 | 04,299,264 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2006/05/09 17:50:00 | 03,535,680 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2006/04/25 11:00:00 | 00,799,208 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20060425.007\NAVEX15.SYS -- (NAVEX15)
DRV - [2006/04/25 11:00:00 | 00,077,864 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20060425.007\NAVENG.SYS -- (NAVENG)
DRV - [2006/03/09 13:00:00 | 00,046,080 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - [2006/03/03 17:31:04 | 00,013,056 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2006/03/03 17:31:02 | 00,034,176 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2005/12/06 13:20:50 | 00,241,664 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\drivers\HSXHWBS2.sys -- (HSXHWBS2)
DRV - [2005/12/06 13:20:42 | 00,670,208 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\drivers\HSX_CNXT.sys -- (winachsx)
DRV - [2005/12/06 13:20:40 | 00,936,448 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\drivers\HSX_DP.sys -- (HSX_DP)
DRV - [2005/10/05 17:57:08 | 00,012,544 | ---- | M] (Conexant) -- C:\WINDOWS\system32\drivers\mdmxsdk.sys -- (mdmxsdk)
DRV - [2005/09/17 02:20:06 | 00,108,168 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\SYMEVENT.SYS -- (SymEvent)
DRV - [2005/09/15 17:21:14 | 00,389,728 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV - [2005/09/01 21:07:36 | 00,199,408 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\SymcData\idsdefs\20050901.036\SymIDSCo.sys -- (SYMIDSCO)
DRV - [2005/08/26 16:22:50 | 00,053,896 | ---- | M] (Symantec Corporation) -- c:\Program Files\Norton Internet Security\Norton AntiVirus\Savrtpel.sys -- (SAVRTPEL)
DRV - [2005/08/26 16:22:48 | 00,334,984 | ---- | M] (Symantec Corporation) -- c:\Program Files\Norton Internet Security\Norton AntiVirus\savrt.sys -- (SAVRT)
DRV - [2005/06/29 19:03:18 | 00,175,104 | ---- | M] (Promise Technology, Inc.) -- C:\WINDOWS\system32\DRIVERS\ftsata2.sys -- (ftsata2)
DRV - [2005/03/09 16:53:00 | 00,036,352 | ---- | M] (Advanced Micro Devices) -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2005/01/08 02:07:18 | 00,138,752 | ---- | M] (Windows ® Server 2003 DDK provider) -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus)
DRV - [2004/08/09 23:00:00 | 00,027,440 | ---- | M] () -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2004/08/09 23:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2004/08/09 23:00:00 | 00,002,304 | ---- | M] () -- C:\WINDOWS\system32\daqdrv.sys -- (daqdrv)
DRV - [2004/08/03 16:31:34 | 00,020,992 | ---- | M] (Realtek Semiconductor Corporation) -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139)
DRV - [2003/11/05 09:45:12 | 00,017,408 | ---- | M] (Promise Technology, Inc.) -- C:\WINDOWS\system32\DRIVERS\bb-run.sys -- (bb-run)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.webweb123.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.webweb123.com
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://mamma.com/"
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1
FF - prefs.js..extensions.enabledItems: 6
FF - prefs.js..extensions.enabledItems: 2
FF - prefs.js..extensions.enabledItems: 49
FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.0.8
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.5

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/11/10 20:37:38 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/11/10 20:40:08 | 00,000,000 | ---D | M]

[2009/11/10 20:37:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Mozilla\Extensions
[2009/11/10 20:37:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/11/13 22:30:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Mozilla\Firefox\Profiles\qhygmvs7.default\extensions
[2009/11/10 20:38:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Mozilla\Firefox\Profiles\qhygmvs7.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
[2009/11/10 20:39:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Mozilla\Firefox\Profiles\qhygmvs7.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2009/11/10 20:37:44 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009/11/10 20:37:38 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/11/02 22:23:26 | 00,023,512 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll
[2009/11/02 22:23:27 | 00,137,176 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll
[2009/11/02 22:23:28 | 00,064,984 | ---- | M] (mozilla.org) -- C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
[2009/11/06 09:20:16 | 00,032,448 | ---- | M] (NOS Microsystems Ltd.) -- C:\Program Files\Mozilla Firefox\plugins\np_gp.dll
[2009/11/02 20:16:17 | 00,001,394 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom.xml
[2009/11/02 20:16:17 | 00,002,193 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\answers.xml
[2009/11/02 20:16:17 | 00,001,534 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\creativecommons.xml
[2009/11/02 20:16:17 | 00,002,344 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay.xml
[2009/11/02 20:16:17 | 00,002,371 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.xml
[2009/11/02 20:16:17 | 00,001,178 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia.xml
[2009/11/02 20:16:17 | 00,000,792 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo.xml

Hosts file not found
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (CNavExtBho Class) - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll (Symantec Corporation)
O2 - BHO: (hpWebHelper Class) - {AAAE832A-5FFF-4661-9C8F-369692D1DCB9} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\WebHelper.dll (Hewlett-Packard)
O3 - HKLM\..\Toolbar: (Norton AntiVirus) - {C4069E3A-68F1-403E-B40E-20066696354B} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\ShellBrowser: (Norton AntiVirus) - {C4069E3A-68F1-403E-B40E-20066696354B} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll (Symantec Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AlwaysReady Power Message APP] C:\WINDOWS\arpwrmsg.exe (Microsoft)
O4 - HKLM..\Run: [ccApp] c:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ftutil2] C:\WINDOWS\System32\ftutil2.dll (Promise Technology, Inc.)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard Co.)
O4 - HKLM..\Run: [HPBootOp] C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [IS CfgWiz] c:\Program Files\Norton Internet Security\cfgwiz.exe (Symantec Corporation)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [msnmager] C:\WINDOWS\TEMP\bchbhe.DLL File not found
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [PCDrProfiler] C:\Program Files\PC-Doctor 5 for Windows\RunProfiler.exe ()
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()
O4 - HKLM..\Run: [Reminder] C:\Windows\Creator\Remind_XP.exe (SoftThinks)
O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SSC_UserPrompt] c:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe (Symantec Corporation)
O4 - HKCU..\Run: [MSMSGS] C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Compaq Connections.lnk = C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe (Hewlett-Packard)
O4 - Startup: C:\Documents and Settings\Compaq_Administrator\Start Menu\Programs\Startup\Metacafe.lnk = C:\Program Files\Metacafe\MetacafeAgent.exe File not found
O4 - Startup: C:\Documents and Settings\Compaq_Administrator\Start Menu\Programs\Startup\wkcalrem.LNK = C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe (Microsoft® Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: disableregistrytools = 0
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\NPJPI150_06.dll (Sun Microsystems, Inc.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra Button: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm ()
O9 - Extra 'Tools' menuitem : Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm ()
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 58 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: 57 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (get_atlcom Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\WINDOWS\system32\rdolib.dll) - C:\WINDOWS\system32\rdolib.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/08/30 23:02:02 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001/07/27 08:07:38 | 00,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2004/04/30 00:01:14 | 00,000,053 | -HS- | M] () - D:\Autorun.inf -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found

========== Files/Folders - Created Within 30 Days ==========

[2009/11/14 12:30:21 | 00,000,000 | ---D | C] -- C:\_OTL
[2009/11/14 10:47:11 | 00,549,888 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Administrator\Desktop\OTL.exe
[2009/11/12 22:15:56 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\DoctorWeb
[2009/11/12 22:11:42 | 00,000,000 | ---D | C] -- C:\Program Files\Protection System
[2009/11/12 22:04:08 | 22,140,680 | ---- | C] (Doctor Web, Ltd.) -- C:\Documents and Settings\Compaq_Administrator\Desktop\drweb-cureit.exe
[2009/11/12 11:06:31 | 00,000,000 | ---D | C] -- C:\Qoobox
[2009/11/11 15:42:11 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\Compaq_Administrator\Recent
[2009/11/10 20:37:37 | 00,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2009/11/10 12:36:11 | 00,476,160 | ---- | C] ( ) -- C:\Documents and Settings\Compaq_Administrator\Desktop\RootRepeal.exe
[2009/11/09 12:25:58 | 00,000,000 | ---D | C] -- C:\Program Files\NOS
[2009/11/09 12:25:58 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NOS
[2009/11/09 10:14:00 | 00,000,000 | ---D | C] -- C:\Program Files\Prio
[2009/11/08 23:02:20 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2009/11/08 23:02:15 | 00,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2009/11/08 23:02:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Application Data\SUPERAntiSpyware.com
[2009/11/08 23:01:41 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2009/11/08 22:29:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SecTaskMan
[2009/11/08 22:29:42 | 00,000,000 | ---D | C] -- C:\Program Files\Security Task Manager
[2009/11/08 20:47:21 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Malwarebytes
[2009/11/08 20:47:15 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/11/08 20:47:14 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/11/08 20:47:14 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/11/08 20:47:13 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes Anti-Malware
[2009/11/08 15:18:01 | 00,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2009/11/08 15:18:01 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2009/11/08 13:23:13 | 01,677,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\chsbrkr.dll
[2009/11/08 13:23:12 | 00,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\chtbrkr.dll
[2009/11/08 13:23:10 | 00,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\korwbrkr.dll
[2009/11/08 13:23:09 | 01,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msir3jp.lex
[2009/11/08 13:23:08 | 00,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msir3jp.dll
[2009/11/08 13:22:27 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\WINGB.IME
[2009/11/08 13:22:26 | 00,218,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\c_g18030.dll
[2009/11/08 13:22:21 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbd101a.dll
[2009/11/08 13:21:20 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlk41j.dll
[2009/11/08 13:21:19 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlk41a.dll
[2009/11/08 13:21:18 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdnecAT.dll
[2009/11/08 13:21:17 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdnec95.dll
[2009/11/08 13:21:16 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdnecNT.dll
[2009/11/08 13:21:10 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\f3ahvoas.dll
[2009/11/08 13:21:08 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdibm02.dll
[2009/11/08 13:21:07 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbd106n.dll
[2009/11/08 13:21:06 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdax2.dll
[2009/11/08 13:21:05 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbd101.dll
[2009/11/08 13:19:37 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\c_is2022.dll
[2009/11/08 13:19:32 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\CINTLGNT.IME
[2009/11/08 13:19:11 | 00,571,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\TINTLGNT.IME
[2009/11/08 13:19:10 | 00,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winar30.ime
[2009/11/08 13:19:09 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\quick.ime
[2009/11/08 13:19:08 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\miniime.tpl
[2009/11/08 13:19:07 | 00,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\unicdime.ime
[2009/11/08 13:19:06 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winime.ime
[2009/11/08 13:19:05 | 00,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\uniime.dll
[2009/11/08 13:19:03 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\romanime.ime
[2009/11/08 13:19:02 | 00,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dayi.ime
[2009/11/08 13:19:01 | 00,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\phon.ime
[2009/11/08 13:19:00 | 00,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\chajei.ime
[2009/11/08 13:18:39 | 00,482,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\PINTLGNT.IME
[2009/11/08 13:18:38 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\WINZM.IME
[2009/11/08 13:18:36 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\WINSP.IME
[2009/11/08 13:18:35 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\WINPY.IME
[2009/11/08 13:18:34 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\imekr61.ime
[2009/11/08 13:18:21 | 00,811,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\imjp81k.dll
[2009/11/08 13:18:20 | 00,340,023 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\imjp81.ime
[2009/11/08 13:17:03 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkor.dll
[2009/11/08 13:17:01 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdjpn.dll
[2009/11/08 13:16:58 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbd106.dll
[2009/11/08 13:16:56 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbd103.dll
[2009/11/08 13:16:54 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbd101c.dll
[2009/11/08 13:16:47 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbd101b.dll
[2009/11/08 01:01:46 | 00,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbprint.sys
[2009/11/08 00:22:20 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\Compaq_Administrator\PrivacIE
[2009/11/08 00:22:01 | 00,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2009/11/08 00:17:57 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\Compaq_Administrator\IETldCache
[2009/11/08 00:14:35 | 00,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2009/11/08 00:14:35 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US
[2009/11/08 00:08:26 | 00,000,000 | ---D | C] -- C:\Program Files\uTorrent
[2009/11/08 00:01:56 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Audacity
[2009/11/08 00:01:44 | 00,000,000 | ---D | C] -- C:\Program Files\Audacity 1.3 Beta (Unicode)
[2009/11/07 23:57:23 | 00,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2009/11/07 23:55:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Application Data\vlc
[2009/11/07 23:54:14 | 00,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2009/11/07 23:49:43 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2009/11/07 23:11:50 | 00,000,000 | RHSD | C] -- C:\cmdcons
[2009/11/07 23:11:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\setupupd
[2009/11/07 23:07:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Macromedia
[2009/11/07 23:07:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Intuit
[2009/11/07 23:07:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Identities
[2009/11/07 23:07:29 | 00,000,000 | --SD | C] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Microsoft
[2009/11/07 23:07:29 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\Compaq_Administrator\SendTo
[2009/11/07 23:07:29 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\Compaq_Administrator\Application Data
[2009/11/07 23:07:29 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Compaq_Administrator\Start Menu
[2009/11/07 23:07:29 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Compaq_Administrator\My Documents\My Pictures
[2009/11/07 23:07:29 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Compaq_Administrator\My Documents\My Music
[2009/11/07 23:07:29 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Compaq_Administrator\My Documents
[2009/11/07 23:07:29 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Compaq_Administrator\Favorites
[2009/11/07 23:07:29 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\Compaq_Administrator\Cookies
[2009/11/07 23:07:29 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\Compaq_Administrator\Templates
[2009/11/07 23:07:29 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\Compaq_Administrator\PrintHood
[2009/11/07 23:07:29 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\Compaq_Administrator\NetHood
[2009/11/07 23:07:29 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\Compaq_Administrator\Local Settings
[2009/11/07 23:07:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\WINDOWS
[2009/11/07 23:07:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Desktop
[2009/11/07 23:07:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\Microsoft
[2009/11/07 23:07:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\ApplicationHistory
[2009/11/07 23:07:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\AOL
[2009/11/07 23:07:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150060}
[2009/11/07 23:07:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Symantec
[2009/11/07 23:07:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Real
[2009/11/06 15:59:09 | 00,000,000 | ---D | C] -- C:\$AVG
[2009/11/06 15:57:04 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\avg9
[2009/11/06 15:08:23 | 00,000,000 | ---D | C] -- C:\Program Files\WinPcap
[2009/10/23 14:20:38 | 00,000,000 | ---D | C] -- C:\HOVER
[2009/10/23 12:29:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\My Documents\CravingExplorer
[2009/10/23 12:29:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Application Data\CravingExplorer
[2006/02/19 12:28:56 | 00,012,288 | ---- | C] (Hewlett-Packard Development Company, L.P.) -- C:\WINDOWS\Fonts\RandFont.dll

========== Files - Modified Within 30 Days ==========

[2009/11/14 13:24:07 | 00,000,085 | ---- | M] () -- C:\WINDOWS\System\hpsysdrv.DAT
[2009/11/14 13:22:49 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2009/11/14 13:18:22 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/11/14 13:18:21 | 10,051,13344 | -HS- | M] () -- C:\hiberfil.sys
[2009/11/14 13:17:41 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/11/14 13:17:39 | 05,242,880 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\NTUSER.DAT
[2009/11/14 13:17:39 | 00,000,178 | -HS- | M] () -- C:\Documents and Settings\Compaq_Administrator\ntuser.ini
[2009/11/14 13:06:00 | 00,001,038 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3626489510-4091799938-2091598117-1007UA.job
[2009/11/14 12:19:00 | 00,000,982 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3626489510-4091799938-2091598117-1008UA.job
[2009/11/14 10:47:11 | 00,549,888 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Administrator\Desktop\OTL.exe
[2009/11/14 07:19:00 | 00,000,930 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3626489510-4091799938-2091598117-1008Core.job
[2009/11/13 23:14:21 | 00,007,164 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\DrWeb1.csv
[2009/11/13 23:02:01 | 00,072,704 | ---- | M] (Hewlett-Packard Company) -- C:\WINDOWS\System\hpsysdrv.exe
[2009/11/13 22:20:12 | 00,000,348 | ---- | M] () -- C:\WINDOWS\System32\uses32.dat
[2009/11/13 22:20:12 | 00,000,100 | ---- | M] () -- C:\WINDOWS\System32\flags.ini
[2009/11/13 20:00:00 | 00,000,578 | ---- | M] () -- C:\WINDOWS\tasks\Norton AntiVirus - Run Full System Scan - Compaq_Administrator.job
[2009/11/13 16:06:00 | 00,000,986 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3626489510-4091799938-2091598117-1007Core.job
[2009/11/13 11:08:34 | 00,001,577 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Internet Explorer.lnk
[2009/11/13 00:45:24 | 00,003,235 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\DrWeb.csv
[2009/11/12 22:59:49 | 00,050,176 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Win32kDiag.exe
[2009/11/12 22:59:44 | 00,476,160 | ---- | M] ( ) -- C:\Documents and Settings\Compaq_Administrator\Desktop\RootRepeal.exe
[2009/11/12 22:59:21 | 00,528,896 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\dds.scr
[2009/11/12 22:40:20 | 16,243,200 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.EXE
[2009/11/12 22:40:18 | 01,052,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
[2009/11/12 22:40:16 | 00,079,872 | ---- | M] (Microsoft) -- C:\WINDOWS\arpwrmsg.exe
[2009/11/12 22:32:47 | 00,039,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zclientm.exe
[2009/11/12 22:32:46 | 00,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xcopy.exe
[2009/11/12 22:32:45 | 00,034,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wupdmgr.exe
[2009/11/12 22:32:44 | 00,168,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauclt1.exe
[2009/11/12 22:32:44 | 00,113,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauclt.exe
[2009/11/12 22:32:42 | 00,118,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wscript.exe
[2009/11/12 22:32:41 | 00,034,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wpnpinst.exe
[2009/11/12 22:32:41 | 00,034,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wpabaln.exe
[2009/11/12 22:32:41 | 00,016,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wscntfy.exe
[2009/11/12 22:32:41 | 00,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\write.exe
[2009/11/12 22:32:40 | 00,217,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wordpad.exe
[2009/11/12 22:32:38 | 00,077,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmplayer.exe
[2009/11/12 22:32:35 | 00,220,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprvse.exe
[2009/11/12 22:32:33 | 00,361,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmic.exe
[2009/11/12 22:32:33 | 00,199,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiadap.exe
[2009/11/12 22:32:33 | 00,129,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiapsrv.exe
[2009/11/12 22:32:32 | 00,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winver.exe
[2009/11/12 22:32:31 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmsd.exe
[2009/11/12 22:32:30 | 00,122,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmine.exe
[2009/11/12 22:32:30 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmt.exe
[2009/11/12 22:32:29 | 00,504,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winlogon.exe
[2009/11/12 22:32:28 | 00,286,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winhlp32.exe
[2009/11/12 22:32:28 | 00,010,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winhstb.exe
[2009/11/12 22:32:26 | 00,436,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wiaacmgr.exe
[2009/11/12 22:32:25 | 00,068,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wextract.exe
[2009/11/12 22:32:24 | 00,118,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemtest.exe
[2009/11/12 22:32:23 | 00,016,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wb32.exe
[2009/11/12 22:32:22 | 00,048,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab.exe
[2009/11/12 22:32:22 | 00,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wabmig.exe
[2009/11/12 22:32:21 | 00,051,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32tm.exe
[2009/11/12 22:32:20 | 00,292,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vssvc.exe
[2009/11/12 22:32:20 | 00,036,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vssadmin.exe
[2009/11/12 22:32:18 | 00,100,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\verifier.exe
[2009/11/12 22:32:17 | 00,052,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\utilman.exe
[2009/11/12 22:32:17 | 00,027,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\userinit.exe
[2009/11/12 22:32:16 | 00,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ups.exe
[2009/11/12 22:32:16 | 00,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\upnpcont.exe
[2009/11/12 22:32:15 | 00,196,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unregmp2.exe
[2009/11/12 22:32:15 | 00,153,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uploadm.exe
[2009/11/12 22:32:15 | 00,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unsecapp.exe
[2009/11/12 22:32:14 | 00,006,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unlodctr.exe
[2009/11/12 22:32:13 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\typeperf.exe
[2009/11/12 22:32:13 | 00,028,160 | ---- | M] (Twain Working Group) -- C:\WINDOWS\System32\dllcache\twunk_32.exe
[2009/11/12 22:32:13 | 00,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsshutdn.exe
[2009/11/12 22:32:13 | 00,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe
[2009/11/12 22:32:12 | 00,047,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscupgrd.exe
[2009/11/12 22:32:12 | 00,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tskill.exe
[2009/11/12 22:32:12 | 00,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsdiscon.exe
[2009/11/12 22:32:12 | 00,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscon.exe
[2009/11/12 22:32:11 | 00,034,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tracert6.exe
[2009/11/12 22:32:11 | 00,014,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tracert.exe
[2009/11/12 22:32:10 | 00,262,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tracerpt.exe
[2009/11/12 22:32:09 | 00,349,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tourstrt.exe
[2009/11/12 22:32:08 | 00,080,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tlntsess.exe
[2009/11/12 22:32:08 | 00,075,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tlntsvr.exe
[2009/11/12 22:32:08 | 00,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tlntadmn.exe
[2009/11/12 22:32:07 | 00,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tftp.exe
[2009/11/12 22:32:06 | 00,077,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\telnet.exe
[2009/11/12 22:32:05 | 00,036,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptest.exe
[2009/11/12 22:32:05 | 00,022,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcpsvcs.exe
[2009/11/12 22:32:04 | 00,138,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\taskmgr.exe
[2009/11/12 22:32:04 | 00,017,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\taskman.exe
[2009/11/12 22:32:04 | 00,014,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcmsetup.exe
[2009/11/12 22:32:03 | 00,074,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tasklist.exe
[2009/11/12 22:32:03 | 00,074,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\taskkill.exe
[2009/11/12 22:32:02 | 00,005,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\systray.exe
[2009/11/12 22:32:01 | 00,108,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sysocmgr.exe
[2009/11/12 22:32:01 | 00,070,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sysinfo.exe
[2009/11/12 22:32:01 | 00,039,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\syskey.exe
[2009/11/12 22:32:00 | 00,053,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\syncapp.exe
[2009/11/12 22:31:59 | 00,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\stimon.exe
[2009/11/12 22:31:59 | 00,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\svchost.exe
[2009/11/12 22:31:59 | 00,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\subst.exe
[2009/11/12 22:31:55 | 00,684,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sstext3d.scr
[2009/11/12 22:31:55 | 00,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ssstars.scr
[2009/11/12 22:31:53 | 00,614,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sspipes.scr
[2009/11/12 22:31:52 | 00,049,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ssmypics.scr
[2009/11/12 22:31:52 | 00,023,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ssmarque.scr
[2009/11/12 22:31:52 | 00,021,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ssmyst.scr
[2009/11/12 22:31:51 | 00,397,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ssflwbox.scr
[2009/11/12 22:31:51 | 00,022,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ssbezier.scr
[2009/11/12 22:31:47 | 00,708,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ss3dfo.scr
[2009/11/12 22:31:46 | 00,049,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srdiag.exe
[2009/11/12 22:31:36 | 00,060,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spoolsv.exe
[2009/11/12 22:31:36 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spiisupd.exe
[2009/11/12 22:31:36 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spnpinst.exe
[2009/11/12 22:31:35 | 00,541,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spider.exe
[2009/11/12 22:31:34 | 00,059,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sol.exe
[2009/11/12 22:31:34 | 00,026,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sort.exe
[2009/11/12 22:31:34 | 00,011,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmptrap.exe
[2009/11/12 22:31:33 | 00,035,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmp.exe
[2009/11/12 22:31:32 | 00,141,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndvol32.exe
[2009/11/12 22:31:31 | 00,134,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndrec32.exe
[2009/11/12 22:31:30 | 00,092,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smlogsvc.exe
[2009/11/12 22:31:29 | 00,239,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smi2smir.exe
[2009/11/12 22:31:29 | 00,010,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smbinst.exe
[2009/11/12 22:31:27 | 00,028,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\skeys.exe
[2009/11/12 22:31:26 | 00,072,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sigverif.exe
[2009/11/12 22:31:26 | 00,045,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlzm.exe
[2009/11/12 22:31:26 | 00,022,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shutdown.exe
[2009/11/12 22:31:26 | 00,020,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.exe
[2009/11/12 22:31:25 | 00,080,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shrpubw.exe
[2009/11/12 22:31:25 | 00,045,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shmgrate.exe
[2009/11/12 22:31:24 | 00,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shadow.exe
[2009/11/12 22:31:23 | 00,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sfc.exe
[2009/11/12 22:31:22 | 00,823,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setup_wm.exe
[2009/11/12 22:31:21 | 00,075,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setup50.exe
[2009/11/12 22:31:21 | 00,033,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sethc.exe
[2009/11/12 22:31:21 | 00,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setup.exe
[2009/11/12 22:31:20 | 00,143,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sessmgr.exe
[2009/11/12 22:31:20 | 00,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\services.exe
[2009/11/12 22:31:19 | 00,079,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sdbinst.exe
[2009/11/12 22:31:19 | 00,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\secedit.exe
[2009/11/12 22:31:18 | 00,124,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sctasks.exe
[2009/11/12 22:31:18 | 00,039,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scrcons.exe
[2009/11/12 22:31:18 | 00,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scrnsave.scr
[2009/11/12 22:31:16 | 00,098,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scardsvr.exe
[2009/11/12 22:31:16 | 00,033,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sc.exe
[2009/11/12 22:31:16 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\savedump.exe
[2009/11/12 22:31:15 | 00,040,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapisvr.exe
[2009/11/12 22:31:14 | 00,045,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvsezm.exe
[2009/11/12 22:31:14 | 00,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rwinsta.exe
[2009/11/12 22:31:14 | 00,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\runonce.exe
[2009/11/12 22:31:13 | 00,079,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rtcshare.exe
[2009/11/12 22:31:13 | 00,035,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rundll32.exe
[2009/11/12 22:31:13 | 00,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\runas.exe
[2009/11/12 22:31:12 | 00,382,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rstrui.exe
[2009/11/12 22:31:12 | 00,135,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rsvp.exe
[2009/11/12 22:31:12 | 00,065,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rsopprov.exe
[2009/11/12 22:31:11 | 00,110,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rsnotify.exe
[2009/11/12 22:31:11 | 00,051,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rsmui.exe
[2009/11/12 22:31:11 | 00,027,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rsmsink.exe
[2009/11/12 22:31:10 | 00,051,712 | ---- | M] (Microsoft Corp) -- C:\WINDOWS\System32\dllcache\rsm.exe
[2009/11/12 22:31:10 | 00,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rsh.exe
[2009/11/12 22:31:09 | 00,028,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\routemon.exe
[2009/11/12 22:31:09 | 00,022,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\route.exe
[2009/11/12 22:31:08 | 00,035,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\relog.exe
[2009/11/12 22:31:08 | 00,016,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rexec.exe
[2009/11/12 22:31:08 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\replace.exe
[2009/11/12 22:31:08 | 00,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\reset.exe
[2009/11/12 22:31:07 | 00,148,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\regedit.exe
[2009/11/12 22:31:07 | 00,036,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\regini.exe
[2009/11/12 22:31:07 | 00,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe
[2009/11/12 22:31:07 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\regsvr32.exe
[2009/11/12 22:31:07 | 00,007,168 | ---- | M] (Microsoft) -- C:\WINDOWS\System32\dllcache\regwiz.exe
[2009/11/12 22:31:07 | 00,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\regedt32.exe
[2009/11/12 22:31:06 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdshost.exe
[2009/11/12 22:31:06 | 00,052,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\reg.exe
[2009/11/12 22:31:06 | 00,016,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdsaddin.exe
[2009/11/12 22:31:06 | 00,009,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\recover.exe
[2009/11/12 22:31:05 | 00,065,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpclip.exe
[2009/11/12 22:31:05 | 00,024,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rcp.exe
[2009/11/12 22:31:04 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rcimlby.exe
[2009/11/12 22:31:03 | 00,059,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rasphone.exe
[2009/11/12 22:31:03 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rasautou.exe
[2009/11/12 22:31:03 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rasdial.exe
[2009/11/12 22:31:02 | 00,024,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qwinsta.exe
[2009/11/12 22:31:02 | 00,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quser.exe
[2009/11/12 22:31:02 | 00,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe
[2009/11/12 22:31:01 | 00,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qprocess.exe
[2009/11/12 22:31:00 | 00,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qappsrv.exe
[2009/11/12 22:30:59 | 00,052,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\proquota.exe
[2009/11/12 22:30:59 | 00,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\proxycfg.exe
[2009/11/12 22:30:58 | 00,112,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\progman.exe
[2009/11/12 22:30:58 | 00,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\print.exe
[2009/11/12 22:30:57 | 00,051,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\powercfg.exe
[2009/11/12 22:30:56 | 00,283,648 | ---- | M] (Cinematronics) -- C:\WINDOWS\System32\dllcache\pinball.exe
[2009/11/12 22:30:56 | 00,035,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ping6.exe
[2009/11/12 22:30:56 | 00,020,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ping.exe
[2009/11/12 22:30:55 | 00,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\perfmon.exe
[2009/11/12 22:30:55 | 00,017,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pentnt.exe
[2009/11/12 22:30:54 | 00,060,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\packager.exe
[2009/11/12 22:30:54 | 00,024,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pathping.exe
[2009/11/12 22:30:53 | 00,043,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\osuninst.exe
[2009/11/12 22:30:52 | 00,218,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\osk.exe
[2009/11/12 22:30:52 | 00,070,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\opnfiles.exe
[2009/11/12 22:30:52 | 00,053,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oobebaln.exe
[2009/11/12 22:30:50 | 00,062,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oemig50.exe
[2009/11/12 22:30:48 | 00,073,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\odbcconf.exe
[2009/11/12 22:30:48 | 00,036,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\odbcad32.exe
[2009/11/12 22:30:43 | 00,129,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nwscript.exe
[2009/11/12 22:30:38 | 00,422,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntvdm.exe
[2009/11/12 22:30:38 | 00,034,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntsd.exe
[2009/11/12 22:30:32 | 01,202,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntbackup.exe
[2009/11/12 22:30:32 | 00,079,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nslookup.exe
[2009/11/12 22:30:32 | 00,017,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nppagent.exe
[2009/11/12 22:30:31 | 00,071,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\notepad.exe
[2009/11/12 22:30:31 | 00,037,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\notiflag.exe
[2009/11/12 22:30:29 | 00,039,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netstat.exe
[2009/11/12 22:30:28 | 00,088,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netsh.exe
[2009/11/12 22:30:27 | 00,334,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netsetup.exe
[2009/11/12 22:30:26 | 00,113,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netdde.exe
[2009/11/12 22:30:25 | 00,127,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\net1.exe
[2009/11/12 22:30:25 | 00,045,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\net.exe
[2009/11/12 22:30:24 | 00,006,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nddeapir.exe
[2009/11/12 22:30:23 | 00,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\narrator.exe
[2009/11/12 22:30:23 | 00,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nbtstat.exe
[2009/11/12 22:30:22 | 00,093,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\muisetup.exe
[2009/11/12 22:30:17 | 00,410,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstsc.exe
[2009/11/12 22:30:17 | 00,014,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstinit.exe
[2009/11/12 22:30:16 | 00,009,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msswchx.exe
[2009/11/12 22:30:13 | 00,345,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspaint.exe
[2009/11/12 22:30:12 | 00,030,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoobe.exe
[2009/11/12 22:30:09 | 00,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msiregmv.exe
[2009/11/12 22:30:08 | 00,062,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msimn.exe
[2009/11/12 22:30:08 | 00,042,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msinfo32.exe
[2009/11/12 22:30:07 | 00,081,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msiexec.exe
[2009/11/12 22:30:06 | 00,129,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshearts.exe
[2009/11/12 22:30:06 | 00,048,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshta.exe
[2009/11/12 22:30:05 | 00,023,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msg.exe
[2009/11/12 22:30:03 | 00,008,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtc.exe
[2009/11/12 22:30:01 | 00,172,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msconfig.exe
[2009/11/12 22:29:58 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrinfo.exe
[2009/11/12 22:29:57 | 00,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mqtgsvc.exe
[2009/11/12 22:29:57 | 00,007,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mqsvc.exe
[2009/11/12 22:29:56 | 00,022,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mqbkup.exe
[2009/11/12 22:29:54 | 00,125,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplay32.exe
[2009/11/12 22:29:54 | 00,024,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpnotify.exe
[2009/11/12 22:29:54 | 00,007,168 | ---- | M] () -- C:\WINDOWS\System32\dllcache\mplayer2.exe
[2009/11/12 22:29:45 | 03,557,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\moviemk.exe
[2009/11/12 22:29:44 | 00,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mofcomp.exe
[2009/11/12 22:29:44 | 00,010,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mountvol.exe
[2009/11/12 22:29:43 | 00,145,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mobsync.exe
[2009/11/12 22:29:43 | 00,036,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mnmsrvc.exe
[2009/11/12 22:29:41 | 00,817,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mmc.exe
[2009/11/12 22:29:40 | 00,242,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migwiz.exe
[2009/11/12 22:29:40 | 00,238,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migwiz_a.exe
[2009/11/12 22:29:40 | 00,010,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migregdb.exe
[2009/11/12 22:29:39 | 00,995,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migrate.exe
[2009/11/12 22:29:38 | 00,105,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migload.exe
[2009/11/12 22:29:38 | 00,036,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migisol.exe
[2009/11/12 22:29:37 | 00,066,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\medctrro.exe
[2009/11/12 22:29:35 | 00,088,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\makecab.exe
[2009/11/12 22:29:35 | 00,075,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\magnify.exe
[2009/11/12 22:29:34 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lsass.exe
[2009/11/12 22:29:34 | 00,010,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lpr.exe
[2009/11/12 22:29:33 | 00,008,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lpq.exe
[2009/11/12 22:29:32 | 00,517,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logonui.exe
[2009/11/12 22:29:32 | 00,223,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logon.scr
[2009/11/12 22:29:32 | 00,017,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logoff.exe
[2009/11/12 22:29:31 | 00,099,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logagent.exe
[2009/11/12 22:29:31 | 00,077,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\locator.exe
[2009/11/12 22:29:31 | 00,061,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logman.exe
[2009/11/12 22:29:31 | 00,007,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lodctr.exe
[2009/11/12 22:29:30 | 00,032,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lights.exe
[2009/11/12 22:29:30 | 00,027,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lnkstub.exe
[2009/11/12 22:29:29 | 00,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\label.exe
[2009/11/12 22:29:21 | 00,026,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipxroute.exe
[2009/11/12 22:29:21 | 00,020,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isignup.exe
[2009/11/12 22:29:20 | 00,055,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipv6.exe
[2009/11/12 22:29:19 | 00,046,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipsec6.exe
[2009/11/12 22:29:18 | 00,058,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipconfig.exe
[2009/11/12 22:29:17 | 00,024,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetwiz.exe
[2009/11/12 22:29:16 | 00,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetin51.exe
[2009/11/12 22:29:16 | 00,010,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmgr.exe
[2009/11/12 22:29:15 | 00,152,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imapi.exe
[2009/11/12 22:29:15 | 00,009,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iissync.exe
[2009/11/12 22:29:14 | 00,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrstas.exe
[2009/11/12 22:29:14 | 00,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisreset.exe
[2009/11/12 22:29:13 | 00,117,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iexpress.exe
[2009/11/12 22:29:12 | 00,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedw.exe
[2009/11/12 22:29:11 | 00,175,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ie4uinit.exe
[2009/11/12 22:29:11 | 00,077,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwtutor.exe
[2009/11/12 22:29:11 | 00,028,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwrmind.exe
[2009/11/12 22:29:10 | 00,090,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwconn2.exe
[2009/11/12 22:29:09 | 00,217,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwconn1.exe
[2009/11/12 22:29:07 | 00,045,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzzm.exe
[2009/11/12 22:29:07 | 00,021,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hscupd.exe
[2009/11/12 22:29:06 | 00,010,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hostname.exe
[2009/11/12 22:29:05 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hh.exe
[2009/11/12 22:29:02 | 00,746,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe
[2009/11/12 22:29:02 | 00,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helphost.exe
[2009/11/12 22:28:59 | 00,771,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpctr.exe
[2009/11/12 22:28:59 | 00,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\help.exe
[2009/11/12 22:28:58 | 00,122,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gprslt.exe
[2009/11/12 22:28:58 | 00,059,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gpupdate.exe
[2009/11/12 22:28:58 | 00,041,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\grpconv.exe
[2009/11/12 22:28:57 | 00,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\getmac.exe
[2009/11/12 22:28:55 | 00,270,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssvc.exe
[2009/11/12 22:28:55 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssend.exe
[2009/11/12 22:28:54 | 00,231,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscover.exe
[2009/11/12 22:28:53 | 00,145,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclnt.exe
[2009/11/12 22:28:52 | 00,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fsutil.exe
[2009/11/12 22:28:52 | 00,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\freecell.exe
[2009/11/12 22:28:52 | 00,045,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftp.exe
[2009/11/12 22:28:51 | 00,024,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpremadm.exe
[2009/11/12 22:28:50 | 00,192,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpcount.exe
[2009/11/12 22:28:50 | 00,111,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98swin.exe
[2009/11/12 22:28:50 | 00,028,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmcgi.exe
[2009/11/12 22:28:50 | 00,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98sadm.exe
[2009/11/12 22:28:48 | 00,009,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\forcedos.exe
[2009/11/12 22:28:47 | 00,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fltmc.exe
[2009/11/12 22:28:47 | 00,023,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fontview.exe
[2009/11/12 22:28:47 | 00,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe
[2009/11/12 22:28:47 | 00,005,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fixmapi.exe
[2009/11/12 22:28:46 | 00,029,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\findstr.exe
[2009/11/12 22:28:46 | 00,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\finger.exe
[2009/11/12 22:28:46 | 00,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\find.exe
[2009/11/12 22:28:45 | 00,048,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\extrac32.exe
[2009/11/12 22:28:45 | 00,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fc.exe
[2009/11/12 22:28:43 | 01,034,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\explorer.exe
[2009/11/12 22:28:43 | 00,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe
[2009/11/12 22:28:43 | 00,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\expand.exe
[2009/11/12 22:28:42 | 00,080,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evtrig.exe
[2009/11/12 22:28:41 | 00,094,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntwin.exe
[2009/11/12 22:28:41 | 00,052,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evcreate.exe
[2009/11/12 22:28:41 | 00,026,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntcmd.exe
[2009/11/12 22:28:41 | 00,011,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\eventvwr.exe
[2009/11/12 22:28:40 | 00,195,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\eudcedit.exe
[2009/11/12 22:28:40 | 00,041,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\esentutl.exe
[2009/11/12 22:28:38 | 00,067,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehtray.exe
[2009/11/12 22:28:37 | 03,223,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehshell.exe
[2009/11/12 22:28:37 | 00,105,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehSched.exe
[2009/11/12 22:28:36 | 00,068,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehRec.exe
[2009/11/12 22:28:36 | 00,049,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehmsas.exe
[2009/11/12 22:28:33 | 01,302,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dxdiag.exe
[2009/11/12 22:28:32 | 00,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dwwin.exe
[2009/11/12 22:28:32 | 00,020,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dvdupgrd.exe
[2009/11/12 22:28:31 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dumprep.exe
[2009/11/12 22:28:30 | 00,060,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drvqry.exe
[2009/11/12 22:28:30 | 00,048,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drwtsn32.exe
[2009/11/12 22:28:28 | 00,086,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpvsetup.exe
[2009/11/12 22:28:28 | 00,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnsvr.exe
[2009/11/12 22:28:27 | 00,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dplaysvr.exe
[2009/11/12 22:28:27 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\doskey.exe
[2009/11/12 22:28:26 | 00,018,432 | ---- | M] (Microsoft Corp.) -- C:\WINDOWS\System32\dllcache\dmremote.exe
[2009/11/12 22:28:24 | 00,227,328 | ---- | M] (Microsoft Corp., Veritas Software) -- C:\WINDOWS\System32\dllcache\dmadmin.exe
[2009/11/12 22:28:24 | 00,020,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\diskperf.exe
[2009/11/12 22:28:24 | 00,007,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dllhost.exe
[2009/11/12 22:28:24 | 00,007,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dllhst3g.exe
[2009/11/12 22:28:23 | 00,166,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\diskpart.exe
[2009/11/12 22:28:23 | 00,088,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\diantz.exe
[2009/11/12 22:28:22 | 00,541,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dialer.exe
[2009/11/12 22:28:21 | 00,107,520 | ---- | M] (Microsoft Corp. and Executive Software International, Inc.) -- C:\WINDOWS\System32\dllcache\dfrgntfs.exe
[2009/11/12 22:28:21 | 00,084,992 | ---- | M] (Microsoft Corp. and Executive Software International, Inc.) -- C:\WINDOWS\System32\dllcache\dfrgfat.exe
[2009/11/12 22:28:20 | 00,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ddeshare.exe
[2009/11/12 22:28:20 | 00,027,648 | ---- | M] (Microsoft Corp. and Executive Software International, Inc.) -- C:\WINDOWS\System32\dllcache\defrag.exe
[2009/11/12 22:28:20 | 00,007,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dcomcnfg.exe
[2009/11/12 22:28:19 | 00,045,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\davcdata.exe
[2009/11/12 22:28:12 | 00,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cscript.exe
[2009/11/12 22:28:12 | 00,017,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ctfmon.exe
[2009/11/12 22:28:11 | 00,021,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cprofile.exe
[2009/11/12 22:28:10 | 00,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\convlog.exe
[2009/11/12 22:28:10 | 00,030,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\conime.exe
[2009/11/12 22:28:10 | 00,016,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\convert.exe
[2009/11/12 22:28:10 | 00,010,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\control.exe
[2009/11/12 22:28:09 | 01,036,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\conf.exe
[2009/11/12 22:28:08 | 00,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrepl.exe
[2009/11/12 22:28:08 | 00,007,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrereg.exe
[2009/11/12 22:28:07 | 00,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\compact.exe
[2009/11/12 22:28:07 | 00,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comp.exe
[2009/11/12 22:28:06 | 00,066,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmstp.exe
[2009/11/12 22:28:06 | 00,042,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmmon32.exe
[2009/11/12 22:28:05 | 00,049,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmdl32.exe
[2009/11/12 22:28:04 | 00,391,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmd.exe
[2009/11/12 22:28:04 | 00,105,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clipbrd.exe
[2009/11/12 22:28:04 | 00,066,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cleanmgr.exe
[2009/11/12 22:28:04 | 00,035,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clipsrv.exe
[2009/11/12 22:28:03 | 00,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cipher.exe
[2009/11/12 22:28:03 | 00,010,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ckcnv.exe
[2009/11/12 22:28:03 | 00,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cisvc.exe
[2009/11/12 22:28:02 | 00,045,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrzm.exe
[2009/11/12 22:28:02 | 00,010,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cidaemon.exe
[2009/11/12 22:28:01 | 00,082,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\charmap.exe
[2009/11/12 22:28:01 | 00,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgport.exe
[2009/11/12 22:28:01 | 00,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgusr.exe
[2009/11/12 22:28:01 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chglogon.exe
[2009/11/12 22:28:01 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkdsk.exe
[2009/11/12 22:28:01 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkntfs.exe
[2009/11/12 22:28:01 | 00,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\change.exe
[2009/11/12 22:28:00 | 00,192,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cfgwiz.exe
[2009/11/12 22:27:59 | 00,016,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cb32.exe
[2009/11/12 22:27:58 | 00,117,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\calc.exe
[2009/11/12 22:27:58 | 00,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cacls.exe
[2009/11/12 22:27:57 | 00,007,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bootvrfy.exe
[2009/11/12 22:27:57 | 00,007,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bootok.exe
[2009/11/12 22:27:56 | 00,139,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bootcfg.exe
[2009/11/12 22:27:56 | 00,074,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\blastcln.exe
[2009/11/12 22:27:55 | 00,045,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgzm.exe
[2009/11/12 22:27:53 | 00,020,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.exe
[2009/11/12 22:27:53 | 00,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\auditusr.exe
[2009/11/12 22:27:53 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\attrib.exe
[2009/11/12 22:27:52 | 00,027,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\at.exe
[2009/11/12 22:27:52 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atmadm.exe
[2009/11/12 22:27:51 | 00,035,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asr_pfu.exe
[2009/11/12 22:27:51 | 00,034,816 | ---- | M] (Microsoft Corp.) -- C:\WINDOWS\System32\dllcache\asr_ldm.exe
[2009/11/12 22:27:51 | 00,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asr_fmt.exe
[2009/11/12 22:27:50 | 00,022,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\arp.exe
[2009/11/12 22:27:41 | 00,100,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ahui.exe
[2009/11/12 22:27:41 | 00,047,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\alg.exe
[2009/11/12 22:27:39 | 00,259,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agentsvr.exe
[2009/11/12 22:27:37 | 00,020,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.exe
[2009/11/12 22:27:37 | 00,006,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\actmovie.exe
[2009/11/12 22:27:35 | 00,186,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\accwiz.exe
[2009/11/12 22:26:34 | 00,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\xcopy.exe
[2009/11/12 22:26:33 | 00,034,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wupdmgr.exe
[2009/11/12 22:26:32 | 00,168,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauclt1.exe
[2009/11/12 22:26:29 | 00,118,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wscript.exe
[2009/11/12 22:26:29 | 00,034,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wpnpinst.exe
[2009/11/12 22:26:29 | 00,016,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wscntfy.exe
[2009/11/12 22:26:29 | 00,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\write.exe
[2009/11/12 22:26:27 | 04,399,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wpgldfsh.scr
[2009/11/12 22:26:26 | 00,034,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wpabaln.exe
[2009/11/12 22:26:20 | 00,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\winver.exe
[2009/11/12 22:26:18 | 00,122,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\winmine.exe
[2009/11/12 22:26:18 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\winmsd.exe
[2009/11/12 22:26:17 | 00,210,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\WinFXDocObj.exe
[2009/11/12 22:26:17 | 00,010,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\winhlp32.exe
[2009/11/12 22:26:15 | 00,436,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wiaacmgr.exe
[2009/11/12 22:26:14 | 00,068,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wextract.exe
[2009/11/12 22:26:12 | 00,052,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\w32tm.exe
[2009/11/12 22:26:11 | 00,292,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\vssvc.exe
[2009/11/12 22:26:10 | 00,100,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\verifier.exe
[2009/11/12 22:26:10 | 00,036,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\vssadmin.exe
[2009/11/12 22:26:09 | 00,031,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\verclsid.exe
[2009/11/12 22:26:07 | 00,073,728 | ---- | M] ( U.S. Robotics Corporation) -- C:\WINDOWS\System32\usrshuta.exe
[2009/11/12 22:26:07 | 00,052,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\utilman.exe
[2009/11/12 22:26:07 | 00,049,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\uwdf.exe
[2009/11/12 22:26:06 | 00,081,920 | ---- | M] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\usrmlnka.exe
[2009/11/12 22:26:06 | 00,065,536 | ---- | M] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\usrprbda.exe
[2009/11/12 22:26:05 | 00,027,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\userinit.exe
[2009/11/12 22:26:05 | 00,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ups.exe
[2009/11/12 22:26:04 | 00,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\upnpcont.exe
[2009/11/12 22:26:04 | 00,006,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\unlodctr.exe
[2009/11/12 22:26:03 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\typeperf.exe
[2009/11/12 22:26:03 | 00,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tsshutdn.exe
[2009/11/12 22:26:02 | 00,047,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tscupgrd.exe
[2009/11/12 22:26:02 | 00,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tskill.exe
[2009/11/12 22:26:02 | 00,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tsdiscon.exe
[2009/11/12 22:26:02 | 00,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tscon.exe
[2009/11/12 22:26:01 | 00,034,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tracert6.exe
[2009/11/12 22:26:01 | 00,014,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tracert.exe
[2009/11/12 22:26:00 | 00,349,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tourstart.exe
[2009/11/12 22:26:00 | 00,262,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tracerpt.exe
[2009/11/12 22:26:00 | 00,075,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tlntsvr.exe
[2009/11/12 22:25:59 | 00,080,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tlntsess.exe
[2009/11/12 22:25:59 | 00,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tlntadmn.exe
[2009/11/12 22:25:59 | 00,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tftp.exe
[2009/11/12 22:25:58 | 00,077,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\telnet.exe
[2009/11/12 22:25:57 | 00,022,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tcpsvcs.exe
[2009/11/12 22:25:57 | 00,014,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tcmsetup.exe
[2009/11/12 22:25:56 | 00,138,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\taskmgr.exe
[2009/11/12 22:25:56 | 00,074,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tasklist.exe
[2009/11/12 22:25:56 | 00,074,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\taskkill.exe
[2009/11/12 22:25:56 | 00,017,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\taskman.exe
[2009/11/12 22:25:55 | 00,070,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\systeminfo.exe
[2009/11/12 22:25:55 | 00,005,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\systray.exe
[2009/11/12 22:25:54 | 00,108,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\sysocmgr.exe
[2009/11/12 22:25:54 | 00,039,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\syskey.exe
[2009/11/12 22:25:53 | 00,053,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\syncapp.exe
[2009/11/12 22:25:52 | 00,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\subst.exe
[2009/11/12 22:25:51 | 00,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\stimon.exe
[2009/11/12 22:25:48 | 00,684,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\sstext3d.scr
[2009/11/12 22:25:48 | 00,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ssstars.scr
[2009/11/12 22:25:46 | 00,614,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\sspipes.scr
[2009/11/12 22:25:46 | 00,021,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ssmyst.scr
[2009/11/12 22:25:45 | 00,397,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ssflwbox.scr
[2009/11/12 22:25:45 | 00,049,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ssmypics.scr
[2009/11/12 22:25:45 | 00,023,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ssmarque.scr
[2009/11/12 22:25:45 | 00,022,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ssbezier.scr
[2009/11/12 22:25:42 | 00,708,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ss3dfo.scr
[2009/11/12 22:25:40 | 00,060,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\spoolsv.exe
[2009/11/12 22:25:40 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\spiisupd.exe
[2009/11/12 22:25:40 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\spnpinst.exe
[2009/11/12 22:25:39 | 00,541,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\spider.exe
[2009/11/12 22:25:38 | 00,059,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\sol.exe
[2009/11/12 22:25:38 | 00,026,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\sort.exe
[2009/11/12 22:25:37 | 00,141,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\sndvol32.exe
[2009/11/12 22:25:37 | 00,134,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\sndrec32.exe
[2009/11/12 22:25:37 | 00,092,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\smlogsvc.exe
[2009/11/12 22:25:36 | 00,028,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\skeys.exe
[2009/11/12 22:25:36 | 00,010,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\smbinst.exe
[2009/11/12 22:25:35 | 00,080,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\shrpubw.exe
[2009/11/12 22:25:35 | 00,072,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\sigverif.exe
[2009/11/12 22:25:35 | 00,045,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\shmgrate.exe
[2009/11/12 22:25:35 | 00,022,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\shutdown.exe
[2009/11/12 22:25:34 | 00,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\shadow.exe
[2009/11/12 22:25:33 | 00,033,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\sethc.exe
[2009/11/12 22:25:33 | 00,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\setup.exe
[2009/11/12 22:25:33 | 00,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\sfc.exe
[2009/11/12 22:25:32 | 00,143,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\sessmgr.exe
[2009/11/12 22:25:31 | 00,079,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\sdbinst.exe
[2009/11/12 22:25:31 | 00,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\secedit.exe
[2009/11/12 22:25:30 | 00,124,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\schtasks.exe
[2009/11/12 22:25:30 | 00,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\scrnsave.scr
[2009/11/12 22:25:29 | 00,098,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\scardsvr.exe
[2009/11/12 22:25:29 | 00,033,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\sc.exe
[2009/11/12 22:25:28 | 00,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rwinsta.exe
[2009/11/12 22:25:28 | 00,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\runonce.exe
[2009/11/12 22:25:28 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\savedump.exe
[2009/11/12 22:25:27 | 00,079,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rtcshare.exe
[2009/11/12 22:25:27 | 00,035,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rundll32.exe
[2009/11/12 22:25:27 | 00,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\runas.exe
[2009/11/12 22:25:26 | 00,135,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rsvp.exe
[2009/11/12 22:25:26 | 00,110,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rsnotify.exe
[2009/11/12 22:25:26 | 00,065,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rsopprov.exe
[2009/11/12 22:25:25 | 00,051,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rsmui.exe
[2009/11/12 22:25:25 | 00,051,712 | ---- | M] (Microsoft Corp) -- C:\WINDOWS\System32\rsm.exe
[2009/11/12 22:25:25 | 00,027,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rsmsink.exe
[2009/11/12 22:25:25 | 00,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rsh.exe
[2009/11/12 22:25:24 | 00,028,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\routemon.exe
[2009/11/12 22:25:24 | 00,022,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\route.exe
[2009/11/12 22:25:23 | 00,035,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\relog.exe
[2009/11/12 22:25:23 | 00,016,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rexec.exe
[2009/11/12 22:25:23 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\replace.exe
[2009/11/12 22:25:23 | 00,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\reset.exe
[2009/11/12 22:25:22 | 00,052,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\reg.exe
[2009/11/12 22:25:22 | 00,036,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\regini.exe
[2009/11/12 22:25:22 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\regsvr32.exe
[2009/11/12 22:25:22 | 00,009,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\recover.exe
[2009/11/12 22:25:22 | 00,007,168 | ---- | M] (Microsoft) -- C:\WINDOWS\System32\regwiz.exe
[2009/11/12 22:25:22 | 00,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\regedt32.exe
[2009/11/12 22:25:21 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rdshost.exe
[2009/11/12 22:25:21 | 00,065,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpclip.exe
[2009/11/12 22:25:21 | 00,024,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rcp.exe
[2009/11/12 22:25:21 | 00,016,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rdsaddin.exe
[2009/11/12 22:25:20 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rcimlby.exe
[2009/11/12 22:25:19 | 00,059,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rasphone.exe
[2009/11/12 22:25:19 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rasdial.exe
[2009/11/12 22:25:18 | 00,024,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\qwinsta.exe
[2009/11/12 22:25:18 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rasautou.exe
[2009/11/12 22:25:17 | 00,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\qprocess.exe
[2009/11/12 22:25:16 | 00,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\qappsrv.exe
[2009/11/12 22:25:14 | 00,052,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\proquota.exe
[2009/11/12 22:25:14 | 00,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\proxycfg.exe
[2009/11/12 22:25:13 | 00,112,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\progman.exe
[2009/11/12 22:25:13 | 00,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\print.exe
[2009/11/12 22:25:12 | 00,051,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\powercfg.exe
[2009/11/12 22:25:11 | 00,035,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ping6.exe
[2009/11/12 22:25:11 | 00,020,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ping.exe
[2009/11/12 22:25:10 | 00,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\perfmon.exe
[2009/11/12 22:25:09 | 00,024,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\pathping.exe
[2009/11/12 22:25:09 | 00,017,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\pentnt.exe
[2009/11/12 22:25:08 | 00,060,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\packager.exe
[2009/11/12 22:25:08 | 00,043,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\osuninst.exe
[2009/11/12 22:25:07 | 00,218,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\osk.exe
[2009/11/12 22:25:07 | 00,070,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\openfiles.exe
[2009/11/12 22:25:04 | 00,073,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\odbcconf.exe
[2009/11/12 22:25:04 | 00,036,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\odbcad32.exe
[2009/11/12 22:25:03 | 00,129,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\nwscript.exe
[2009/11/12 22:25:02 | 01,523,712 | ---- | M] () -- C:\WINDOWS\System32\nwiz.exe
[2009/11/12 22:24:59 | 00,180,224 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvunrm.exe
[2009/11/12 22:24:58 | 00,180,224 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvudisp.exe
[2009/11/12 22:24:53 | 01,343,488 | ---- | M] () -- C:\WINDOWS\System32\nvdspsch.exe
[2009/11/12 22:24:52 | 00,446,464 | ---- | M] () -- C:\WINDOWS\System32\nvappbar.exe
[2009/11/12 22:24:52 | 00,151,552 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcolor.exe
[2009/11/12 22:24:49 | 00,422,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ntvdm.exe
[2009/11/12 22:24:48 | 00,034,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ntsd.exe
[2009/11/12 22:24:44 | 01,202,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ntbackup.exe
[2009/11/12 22:24:43 | 00,079,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\nslookup.exe
[2009/11/12 22:24:43 | 00,071,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\notepad.exe
[2009/11/12 22:24:41 | 00,039,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\netstat.exe
[2009/11/12 22:24:40 | 00,334,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\netsetup.exe
[2009/11/12 22:24:40 | 00,088,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\netsh.exe
[2009/11/12 22:24:39 | 00,127,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\net1.exe
[2009/11/12 22:24:39 | 00,045,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\net.exe
[2009/11/12 22:24:38 | 00,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\nbtstat.exe
[2009/11/12 22:24:38 | 00,006,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\nddeapir.exe
[2009/11/12 22:24:36 | 03,345,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\nature.scr
[2009/11/12 22:24:36 | 00,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\narrator.exe
[2009/11/12 22:24:34 | 01,744,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mypixdx.scr
[2009/11/12 22:24:27 | 00,410,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mstsc.exe
[2009/11/12 22:24:27 | 00,014,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mstinit.exe
[2009/11/12 22:24:26 | 00,009,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msswchx.exe
[2009/11/12 22:24:23 | 00,345,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mspaint.exe
[2009/11/12 22:24:20 | 00,081,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msiexec.exe
[2009/11/12 22:24:19 | 00,129,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mshearts.exe
[2009/11/12 22:24:19 | 00,048,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mshta.exe
[2009/11/12 22:24:18 | 00,023,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msg.exe
[2009/11/12 22:24:18 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeedssync.exe
[2009/11/12 22:24:16 | 00,008,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtc.exe
[2009/11/12 22:24:13 | 00,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mqtgsvc.exe
[2009/11/12 22:24:13 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mrinfo.exe
[2009/11/12 22:24:13 | 00,007,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mqsvc.exe
[2009/11/12 22:24:11 | 00,024,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mpnotify.exe
[2009/11/12 22:24:11 | 00,022,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mqbkup.exe
[2009/11/12 22:24:10 | 00,125,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mplay32.exe
[2009/11/12 22:24:10 | 00,010,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mountvol.exe
[2009/11/12 22:24:09 | 00,145,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mobsync.exe
[2009/11/12 22:24:07 | 00,817,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mmc.exe
[2009/11/12 22:24:06 | 00,054,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\migpwd.exe
[2009/11/12 22:24:03 | 00,088,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\makecab.exe
[2009/11/12 22:24:02 | 00,075,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\magnify.exe
[2009/11/12 22:24:01 | 00,010,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\lpr.exe
[2009/11/12 22:24:01 | 00,008,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\lpq.exe
[2009/11/12 22:24:00 | 00,517,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\logonui.exe
[2009/11/12 22:24:00 | 00,223,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\logon.scr
[2009/11/12 22:24:00 | 00,017,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\logoff.exe
[2009/11/12 22:23:59 | 00,099,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\logagent.exe
[2009/11/12 22:23:59 | 00,077,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\locator.exe
[2009/11/12 22:23:59 | 00,061,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\logman.exe
[2009/11/12 22:23:59 | 00,007,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\lodctr.exe
[2009/11/12 22:23:58 | 00,032,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\lights.exe
[2009/11/12 22:23:58 | 00,027,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\lnkstub.exe
[2009/11/12 22:23:56 | 00,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\label.exe
[2009/11/12 22:23:54 | 00,430,080 | ---- | M] () -- C:\WINDOWS\System32\keystone.exe
[2009/11/12 22:23:48 | 00,131,072 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2009/11/12 22:23:48 | 00,053,248 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2009/11/12 22:23:48 | 00,053,248 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2009/11/12 22:23:46 | 00,055,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ipv6.exe
[2009/11/12 22:23:46 | 00,026,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ipxroute.exe
[2009/11/12 22:23:45 | 00,046,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ipsec6.exe
[2009/11/12 22:23:44 | 00,058,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ipconfig.exe
[2009/11/12 22:23:41 | 00,117,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iexpress.exe
[2009/11/12 22:23:41 | 00,039,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ieudinit.exe
[2009/11/12 22:23:39 | 00,175,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ie4uinit.exe
[2009/11/12 22:23:37 | 00,010,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\hostname.exe
[2009/11/12 22:23:36 | 00,064,512 | ---- | M] (Windows ® Server 2003 DDK provider) -- C:\WINDOWS\System32\HdAShCut.exe
[2009/11/12 22:23:36 | 00,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\help.exe
[2009/11/12 22:23:35 | 00,059,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\gpupdate.exe
[2009/11/12 22:23:35 | 00,041,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\grpconv.exe
[2009/11/12 22:23:34 | 00,122,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\gpresult.exe
[2009/11/12 22:23:33 | 00,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\getmac.exe
[2009/11/12 22:23:32 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\fxssend.exe
[2009/11/12 22:23:31 | 00,231,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\fxscover.exe
[2009/11/12 22:23:31 | 00,145,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsclnt.exe
[2009/11/12 22:23:31 | 00,045,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ftp.exe
[2009/11/12 22:23:30 | 00,195,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\fsquirt.exe
[2009/11/12 22:23:30 | 00,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\fsutil.exe
[2009/11/12 22:23:29 | 00,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\freecell.exe
[2009/11/12 22:23:29 | 00,023,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\fontview.exe
[2009/11/12 22:23:29 | 00,009,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\forcedos.exe
[2009/11/12 22:23:28 | 00,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\fltMc.exe
[2009/11/12 22:23:28 | 00,005,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\fixmapi.exe
[2009/11/12 22:23:27 | 00,029,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\findstr.exe
[2009/11/12 22:23:27 | 00,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\finger.exe
[2009/11/12 22:23:27 | 00,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\find.exe
[2009/11/12 22:23:24 | 00,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\fc.exe
[2009/11/12 22:23:23 | 00,048,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\extrac32.exe
[2009/11/12 22:23:22 | 00,080,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\eventtriggers.exe
[2009/11/12 22:23:22 | 00,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\expand.exe
[2009/11/12 22:23:22 | 00,011,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\eventvwr.exe
[2009/11/12 22:23:21 | 00,195,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\eudcedit.exe
[2009/11/12 22:23:21 | 00,052,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\eventcreate.exe
[2009/11/12 22:23:20 | 00,041,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\esentutl.exe
[2009/11/12 22:23:18 | 01,302,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dxdiag.exe
[2009/11/12 22:23:17 | 00,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dwwin.exe
[2009/11/12 22:23:17 | 00,057,856 | ---- | M] () -- C:\WINDOWS\System32\dvdplay.exe
[2009/11/12 22:23:17 | 00,020,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dvdupgrd.exe
[2009/11/12 22:23:16 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dumprep.exe
[2009/11/12 22:23:15 | 00,048,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drwtsn32.exe
[2009/11/12 22:23:14 | 00,086,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dpvsetup.exe
[2009/11/12 22:23:14 | 00,060,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\driverquery.exe
[2009/11/12 22:23:13 | 00,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dpnsvr.exe
[2009/11/12 22:23:12 | 00,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dplaysvr.exe
[2009/11/12 22:23:12 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\doskey.exe
[2009/11/12 22:23:11 | 00,018,432 | ---- | M] (Microsoft Corp.) -- C:\WINDOWS\System32\dmremote.exe
[2009/11/12 22:23:10 | 00,227,328 | ---- | M] (Microsoft Corp., Veritas Software) -- C:\WINDOWS\System32\dmadmin.exe
[2009/11/12 22:23:10 | 00,166,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\diskpart.exe
[2009/11/12 22:23:10 | 00,020,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\diskperf.exe
[2009/11/12 22:23:10 | 00,007,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllhost.exe
[2009/11/12 22:23:10 | 00,007,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllhst3g.exe
[2009/11/12 22:23:09 | 00,088,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\diantz.exe
[2009/11/12 22:23:08 | 00,107,520 | ---- | M] (Microsoft Corp. and Executive Software International, Inc.) -- C:\WINDOWS\System32\dfrgntfs.exe
[2009/11/12 22:23:08 | 00,084,992 | ---- | M] (Microsoft Corp. and Executive Software International, Inc.) -- C:\WINDOWS\System32\dfrgfat.exe
[2009/11/12 22:23:08 | 00,027,648 | ---- | M] (Microsoft Corp. and Executive Software International, Inc.) -- C:\WINDOWS\System32\defrag.exe
[2009/11/12 22:23:07 | 00,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ddeshare.exe
[2009/11/12 22:23:07 | 00,007,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dcomcnfg.exe
[2009/11/12 22:23:04 | 05,071,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\davinci.scr
[2009/11/12 22:23:00 | 00,017,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ctfmon.exe
[2009/11/12 22:22:59 | 00,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\cscript.exe
[2009/11/12 22:22:58 | 00,030,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\conime.exe
[2009/11/12 22:22:58 | 00,016,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\convert.exe
[2009/11/12 22:22:58 | 00,010,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\control.exe
[2009/11/12 22:22:57 | 00,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\compact.exe
[2009/11/12 22:22:57 | 00,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\comp.exe
[2009/11/12 22:22:55 | 00,066,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\cmstp.exe
[2009/11/12 22:22:55 | 00,049,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\cmdl32.exe
[2009/11/12 22:22:55 | 00,042,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\cmmon32.exe
[2009/11/12 22:22:54 | 00,391,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\cmd.exe
[2009/11/12 22:22:53 | 00,105,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\clipbrd.exe
[2009/11/12 22:22:53 | 00,024,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\cliconfg.exe
[2009/11/12 22:22:51 | 00,066,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\cleanmgr.exe
[2009/11/12 22:22:51 | 00,010,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ckcnv.exe
[2009/11/12 22:22:50 | 00,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\cipher.exe
[2009/11/12 22:22:50 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\chkntfs.exe
[2009/11/12 22:22:50 | 00,010,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\cidaemon.exe
[2009/11/12 22:22:49 | 00,082,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\charmap.exe
[2009/11/12 22:22:49 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\chkdsk.exe
[2009/11/12 22:22:46 | 00,117,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\calc.exe
[2009/11/12 22:22:46 | 00,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\cacls.exe
[2009/11/12 22:22:45 | 00,139,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\bootcfg.exe
[2009/11/12 22:22:45 | 00,007,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\bootvrfy.exe
[2009/11/12 22:22:45 | 00,007,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\bootok.exe
[2009/11/12 22:22:44 | 00,074,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\blastcln.exe
[2009/11/12 22:22:41 | 00,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\auditusr.exe
[2009/11/12 22:22:41 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\attrib.exe
[2009/11/12 22:22:41 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\atmadm.exe
[2009/11/12 22:22:40 | 00,035,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\asr_pfu.exe
[2009/11/12 22:22:40 | 00,034,816 | ---- | M] (Microsoft Corp.) -- C:\WINDOWS\System32\asr_ldm.exe
[2009/11/12 22:22:40 | 00,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\asr_fmt.exe
[2009/11/12 22:22:40 | 00,027,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\at.exe
[2009/11/12 22:22:39 | 00,022,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\arp.exe
[2009/11/12 22:22:38 | 00,100,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ahui.exe
[2009/11/12 22:22:38 | 00,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\alg.exe
[2009/11/12 22:22:36 | 00,186,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\accwiz.exe
[2009/11/12 22:22:36 | 00,006,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\actmovie.exe
[2009/11/12 22:11:42 | 00,000,000 | ---- | M] () -- C:\WINDOWS\SC.INS
[2009/11/12 22:11:42 | 00,000,000 | ---- | M] () -- C:\WINDOWS\sc.exe
[2009/11/12 22:04:34 | 22,140,680 | ---- | M] (Doctor Web, Ltd.) -- C:\Documents and Settings\Compaq_Administrator\Desktop\drweb-cureit.exe
[2009/11/12 11:23:18 | 00,421,438 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\1-5A.JPG
[2009/11/11 23:26:37 | 00,001,660 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2009/11/11 22:20:54 | 00,000,140 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\webct_upload_applet.properties
[2009/11/11 22:18:17 | 00,002,516 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Japanese Comics are Popular in Foreign Countries.rtf
[2009/11/11 13:18:00 | 02,083,177 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\newsletter-november-issue2[1].docx
[2009/11/11 10:22:57 | 00,419,282 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\error2.bmp
[2009/11/10 20:40:07 | 00,000,762 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Resume Adobe Downloads.lnk
[2009/11/10 19:34:10 | 00,004,629 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\essay.rtf
[2009/11/10 16:50:56 | 00,056,179 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\jpforlauren.jpg
[2009/11/10 15:49:32 | 00,000,000 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\settings.dat
[2009/11/10 10:01:19 | 00,000,152 | ---- | M] () -- C:\WINDOWS\System32\api.reg
[2009/11/08 23:02:17 | 00,000,788 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2009/11/08 20:47:18 | 00,000,699 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/11/08 17:27:03 | 00,000,221 | ---- | M] () -- C:\WINDOWS\System32\winset.ini
[2009/11/08 16:21:10 | 00,350,653 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\oldhosts
[2009/11/08 15:18:05 | 00,000,941 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Spybot - Search & Destroy.lnk
[2009/11/08 14:19:53 | 00,000,825 | ---- | M] () -- C:\WINDOWS\System32\wininit.dll
[2009/11/08 14:11:29 | 00,000,655 | -HS- | M] () -- C:\Documents and Settings\Compaq_Administrator\Start Menu\Programs\Startup\scandisk.lnk
[2009/11/08 13:54:49 | 00,180,240 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/11/08 13:46:10 | 00,000,720 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Craving Explorer.lnk
[2009/11/08 01:02:26 | 00,000,231 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/11/08 00:16:25 | 05,300,944 | -H-- | M] () -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\IconCache.db
[2009/11/08 00:08:26 | 00,000,638 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\µTorrent.lnk
[2009/11/08 00:01:51 | 00,000,737 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Audacity.lnk
[2009/11/07 23:57:23 | 00,001,556 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\CCleaner.lnk
[2009/11/07 23:54:37 | 00,000,727 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\VLC media player.lnk
[2009/11/07 23:38:23 | 00,000,612 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\JWPce.lnk
[2009/11/07 23:19:59 | 00,006,144 | ---- | M] () -- C:\WINDOWS\System32\WinRAR.dll
[2009/11/07 23:12:24 | 00,382,022 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/11/07 23:12:24 | 00,053,640 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/11/07 23:12:23 | 00,441,626 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/11/07 23:12:22 | 00,000,281 | RHS- | M] () -- C:\boot.ini
[2009/11/07 23:09:20 | 00,001,819 | RHS- | M] () -- C:\WINDOWS\System32\drivers\103C_HP_CPC_RE474AA-ABA SR2023WM NA680_YC_0Pres_QCNH640_E64NAemREA4_48_INAOS_SASUSTek Computer INC._V1.05_B3.00_T060630_WXP2_L409_M959_J160_7AMD_8Athlon 64_92.2_#061225_N_Z14F12F20_G10DE0241.MRK
[2009/11/07 23:07:25 | 00,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/11/07 23:06:27 | 00,001,111 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2009/11/07 23:06:06 | 00,262,144 | ---- | M] () -- C:\Documents and Settings\All Users\NTUSER.DAT
[2009/11/07 23:05:21 | 00,000,211 | RHS- | M] () -- C:\BOOT.BAK
[2009/11/07 19:45:39 | 00,000,120 | ---- | M] () -- C:\WINDOWS\Pcuhumu.dat
[2009/11/07 16:05:34 | 00,000,000 | -HS- | M] () -- C:\284294437
[2009/11/07 15:38:13 | 00,000,000 | ---- | M] () -- C:\WINDOWS\Fdona.bin
[2009/11/06 15:22:56 | 00,000,000 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\My Documents\Section1.docx
[2009/10/31 11:51:25 | 00,001,733 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\McGraw-Hill's GED.lnk
[2009/10/23 12:59:41 | 00,000,636 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Zune.lnk
[2009/10/23 12:18:00 | 00,000,410 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\My Documents\Shortcut to My Documents.lnk
[2009/10/23 07:25:43 | 00,000,336 | ---- | M] () -- C:\WINDOWS\tasks\HPCeeSchedule.job

========== Files Created - No Company Name ==========

[2009/11/14 13:24:07 | 00,000,085 | ---- | C] () -- C:\WINDOWS\System\hpsysdrv.DAT
[2009/11/14 13:22:49 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\NvApps.xml
[2009/11/13 23:14:21 | 00,007,164 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\DrWeb1.csv
[2009/11/13 00:45:24 | 00,003,235 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\DrWeb.csv
[2009/11/12 22:11:42 | 00,000,000 | ---- | C] () -- C:\WINDOWS\SC.INS
[2009/11/12 22:11:42 | 00,000,000 | ---- | C] () -- C:\WINDOWS\sc.exe
[2009/11/12 11:23:17 | 00,421,438 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\1-5A.JPG
[2009/11/11 22:20:54 | 00,000,140 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\webct_upload_applet.properties
[2009/11/11 22:18:17 | 00,002,516 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Japanese Comics are Popular in Foreign Countries.rtf
[2009/11/11 13:17:58 | 02,083,177 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\newsletter-november-issue2[1].docx
[2009/11/11 10:22:56 | 00,419,282 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\error2.bmp
[2009/11/10 22:16:18 | 00,050,176 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Win32kDiag.exe
[2009/11/10 20:37:49 | 00,000,348 | ---- | C] () -- C:\WINDOWS\System32\uses32.dat
[2009/11/10 20:37:49 | 00,000,100 | ---- | C] () -- C:\WINDOWS\System32\flags.ini
[2009/11/10 20:37:39 | 00,001,660 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2009/11/10 19:34:10 | 00,004,629 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\essay.rtf
[2009/11/10 16:51:11 | 00,056,179 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\jpforlauren.jpg
[2009/11/10 15:49:32 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\settings.dat
[2009/11/10 12:34:03 | 00,528,896 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\dds.scr
[2009/11/10 10:01:19 | 00,000,152 | ---- | C] () -- C:\WINDOWS\System32\api.reg
[2009/11/09 12:26:18 | 00,000,762 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Resume Adobe Downloads.lnk
[2009/11/08 23:02:17 | 00,000,788 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2009/11/08 20:47:18 | 00,000,699 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/11/08 18:09:06 | 00,001,577 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Internet Explorer.lnk
[2009/11/08 15:18:05 | 00,000,941 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Spybot - Search & Destroy.lnk
[2009/11/08 14:19:53 | 00,000,825 | ---- | C] () -- C:\WINDOWS\System32\wininit.dll
[2009/11/08 13:46:10 | 00,000,720 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Craving Explorer.lnk
[2009/11/08 13:23:12 | 01,158,818 | ---- | C] () -- C:\WINDOWS\System32\korwbrkr.lex
[2009/11/08 13:23:12 | 00,001,486 | ---- | C] () -- C:\WINDOWS\System32\noise.kor
[2009/11/08 13:23:10 | 00,002,060 | ---- | C] () -- C:\WINDOWS\System32\noise.jpn
[2009/11/08 13:22:46 | 00,211,938 | ---- | C] () -- C:\WINDOWS\System32\lcphrase.tbl
[2009/11/08 13:22:46 | 00,146,126 | ---- | C] () -- C:\WINDOWS\System32\array30.tab
[2009/11/08 13:22:46 | 00,110,566 | ---- | C] () -- C:\WINDOWS\System32\arphr.tbl
[2009/11/08 13:22:46 | 00,024,114 | ---- | C] () -- C:\WINDOWS\System32\lcptr.tbl
[2009/11/08 13:22:46 | 00,018,600 | ---- | C] () -- C:\WINDOWS\System32\arrayhw.tab
[2009/11/08 13:22:46 | 00,016,312 | ---- | C] () -- C:\WINDOWS\System32\arptr.tbl
[2009/11/08 13:22:45 | 00,116,285 | ---- | C] () -- C:\WINDOWS\System32\msdayi.tbl
[2009/11/08 13:22:45 | 00,043,242 | ---- | C] () -- C:\WINDOWS\System32\phoncode.tbl
[2009/11/08 13:22:45 | 00,004,071 | ---- | C] () -- C:\WINDOWS\System32\phon.tbl
[2009/11/08 13:22:45 | 00,002,714 | ---- | C] () -- C:\WINDOWS\System32\phonptr.tbl
[2009/11/08 13:22:45 | 00,000,700 | ---- | C] () -- C:\WINDOWS\System32\dayiptr.tbl
[2009/11/08 13:22:45 | 00,000,520 | ---- | C] () -- C:\WINDOWS\System32\dayiphr.tbl
[2009/11/08 13:22:44 | 00,195,618 | ---- | C] () -- C:\WINDOWS\System32\c_10002.nls
[2009/11/08 13:22:44 | 00,082,172 | ---- | C] () -- C:\WINDOWS\System32\bopomofo.nls
[2009/11/08 13:22:44 | 00,066,728 | ---- | C] () -- C:\WINDOWS\System32\big5.nls
[2009/11/08 13:22:44 | 00,044,370 | ---- | C] () -- C:\WINDOWS\System32\acode.tbl
[2009/11/08 13:22:44 | 00,044,370 | ---- | C] () -- C:\WINDOWS\System32\a234.tbl
[2009/11/08 13:22:44 | 00,001,460 | ---- | C] () -- C:\WINDOWS\System32\a15.tbl
[2009/11/08 13:22:39 | 00,016,254 | ---- | C] () -- C:\WINDOWS\System32\PINTLPAE.HLP
[2009/11/08 13:22:39 | 00,014,821 | ---- | C] () -- C:\WINDOWS\System32\PINTLPAD.HLP
[2009/11/08 13:22:29 | 01,564,868 | ---- | C] () -- C:\WINDOWS\System32\WINSP.MB
[2009/11/08 13:22:29 | 01,223,500 | ---- | C] () -- C:\WINDOWS\System32\WINZM.MB
[2009/11/08 13:22:28 | 01,783,864 | ---- | C] () -- C:\WINDOWS\System32\WINPY.MB
[2009/11/08 13:22:26 | 00,173,602 | ---- | C] () -- C:\WINDOWS\System32\c_10008.nls
[2009/11/08 13:22:26 | 00,083,748 | ---- | C] () -- C:\WINDOWS\System32\prcp.nls
[2009/11/08 13:22:26 | 00,083,748 | ---- | C] () -- C:\WINDOWS\System32\prc.nls
[2009/11/08 13:21:41 | 00,189,986 | ---- | C] () -- C:\WINDOWS\System32\c_1361.nls
[2009/11/08 13:21:41 | 00,177,698 | ---- | C] () -- C:\WINDOWS\System32\c_10003.nls
[2009/11/08 13:21:41 | 00,047,066 | ---- | C] () -- C:\WINDOWS\System32\ksc.nls
[2009/11/08 13:19:37 | 00,177,698 | ---- | C] () -- C:\WINDOWS\System32\c_20949.nls
[2009/11/08 13:19:36 | 00,180,770 | ---- | C] () -- C:\WINDOWS\System32\c_20932.nls
[2009/11/08 13:19:36 | 00,180,258 | ---- | C] () -- C:\WINDOWS\System32\c_20000.nls
[2009/11/08 13:19:36 | 00,173,602 | ---- | C] () -- C:\WINDOWS\System32\c_20936.nls
[2009/11/08 13:19:36 | 00,162,850 | ---- | C] () -- C:\WINDOWS\System32\c_10001.nls
[2009/11/08 13:19:36 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_21027.nls
[2009/11/08 13:19:36 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_20290.nls
[2009/11/08 13:19:36 | 00,028,288 | ---- | C] () -- C:\WINDOWS\System32\xjis.nls
[2009/11/08 05:21:02 | 00,000,221 | ---- | C] () -- C:\WINDOWS\System32\winset.ini
[2009/11/08 00:08:26 | 00,000,638 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\µTorrent.lnk
[2009/11/08 00:01:51 | 00,000,737 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Audacity.lnk
[2009/11/07 23:57:23 | 00,001,556 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\CCleaner.lnk
[2009/11/07 23:54:37 | 00,000,727 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\VLC media player.lnk
[2009/11/07 23:19:59 | 00,006,144 | ---- | C] () -- C:\WINDOWS\System32\WinRAR.dll
[2009/11/07 23:09:18 | 00,001,819 | RHS- | C] () -- C:\WINDOWS\System32\drivers\103C_HP_CPC_RE474AA-ABA SR2023WM NA680_YC_0Pres_QCNH640_E64NAemREA4_48_INAOS_SASUSTek Computer INC._V1.05_B3.00_T060630_WXP2_L409_M959_J160_7AMD_8Athlon 64_92.2_#061225_N_Z14F12F20_G10DE0241.MRK
[2009/11/07 23:09:17 | 10,051,13344 | -HS- | C] () -- C:\hiberfil.sys
[2009/11/07 23:07:35 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\Compaq_Administrator\Application Data\desktop.ini
[2009/11/07 23:07:33 | 05,300,944 | -H-- | C] () -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\IconCache.db
[2009/11/07 23:07:33 | 00,043,680 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009/11/07 23:07:33 | 00,000,143 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\fusioncache.dat
[2009/11/07 23:07:29 | 00,000,178 | -HS- | C] () -- C:\Documents and Settings\Compaq_Administrator\ntuser.ini
[2009/11/07 23:07:28 | 05,242,880 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\NTUSER.DAT
[2009/11/07 16:05:34 | 00,000,000 | -HS- | C] () -- C:\284294437
[2009/11/07 15:38:13 | 00,000,120 | ---- | C] () -- C:\WINDOWS\Pcuhumu.dat
[2009/11/07 15:38:13 | 00,000,000 | ---- | C] () -- C:\WINDOWS\Fdona.bin
[2009/11/06 15:22:56 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\My Documents\Section1.docx
[2009/10/31 11:51:25 | 00,001,733 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\McGraw-Hill's GED.lnk
[2009/10/23 12:18:00 | 00,000,410 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\My Documents\Shortcut to My Documents.lnk
[2009/10/23 07:25:42 | 00,000,336 | ---- | C] () -- C:\WINDOWS\tasks\HPCeeSchedule.job
[2008/08/17 13:47:01 | 00,000,000 | ---- | C] () -- C:\Program Files\temp01
[2007/10/01 08:20:53 | 00,000,087 | ---- | C] () -- C:\WINDOWS\encore_launcher.ini
[2007/09/16 08:05:57 | 00,020,480 | ---- | C] () -- C:\Program Files\Community Service Log.xls
[2007/06/04 07:48:50 | 00,000,000 | ---- | C] () -- C:\WINDOWS\MSDraw.ini
[2007/04/07 13:11:18 | 00,001,362 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007/02/26 17:20:56 | 00,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2007/01/13 10:02:18 | 00,019,456 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/01/02 23:20:59 | 00,002,352 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Application Data\wklnhst.dat
[2006/12/26 12:27:21 | 00,000,642 | ---- | C] () -- C:\WINDOWS\LEXSTAT.INI
[2006/12/25 21:26:44 | 00,000,029 | ---- | C] () -- C:\WINDOWS\atid.ini
[2006/09/05 20:52:08 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/09/05 20:25:43 | 00,028,848 | ---- | C] () -- C:\WINDOWS\System32\drivers\USBkey.sys
[2006/09/05 20:18:08 | 00,012,988 | ---- | C] () -- C:\WINDOWS\System32\CHODDI.SYS
[2006/09/05 20:17:58 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\hpreg.dll
[2006/09/05 20:14:46 | 00,000,174 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2006/09/05 20:04:57 | 00,000,108 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2006/09/05 20:03:40 | 00,000,698 | ---- | C] () -- C:\WINDOWS\NSSetDefaultBrowser.ini
[2006/09/05 19:58:56 | 00,000,368 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2006/09/05 19:57:51 | 00,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2006/09/05 19:54:35 | 01,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006/09/05 19:54:35 | 01,466,368 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006/09/05 19:54:35 | 01,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006/09/05 19:54:35 | 00,573,440 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006/09/05 19:54:35 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006/09/05 19:54:35 | 00,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2006/09/05 19:54:34 | 00,106,496 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2006/09/05 19:53:10 | 00,000,791 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2006/09/05 19:31:51 | 00,323,584 | ---- | C] () -- C:\WINDOWS\System32\pythoncom22.dll
[2006/09/05 19:31:51 | 00,094,208 | ---- | C] () -- C:\WINDOWS\System32\pywintypes22.dll
[2006/09/05 19:31:32 | 00,016,896 | ---- | C] () -- C:\WINDOWS\System32\bcbmm.dll
[2006/06/29 13:58:52 | 00,030,808 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont
[2006/06/29 13:53:56 | 00,026,489 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006/06/16 13:58:18 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2006/04/18 14:39:28 | 00,029,779 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006/04/18 14:39:28 | 00,026,040 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2005/08/30 23:02:00 | 00,000,477 | ---- | C] () -- C:\WINDOWS\win.ini
[2005/08/30 15:52:36 | 00,000,231 | ---- | C] () -- C:\WINDOWS\system.ini
[2005/08/30 15:52:20 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\desktop.ini
[2005/08/05 23:01:54 | 00,239,104 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/08/03 01:19:16 | 00,050,176 | ---- | C] () -- C:\WINDOWS\armcex.dll
[2004/08/09 23:00:00 | 00,061,440 | ---- | C] () -- C:\WINDOWS\System32\WmdmPv32.dll
[2004/08/09 23:00:00 | 00,061,440 | ---- | C] () -- C:\WINDOWS\System32\Nwsapv32.dll
[2004/08/09 23:00:00 | 00,061,440 | ---- | C] () -- C:\WINDOWS\System32\NWCWov32.dll
[2004/08/09 23:00:00 | 00,061,440 | ---- | C] () -- C:\WINDOWS\System32\Irmonv32.dll
[2004/08/09 23:00:00 | 00,061,440 | ---- | C] () -- C:\WINDOWS\System32\Ipripv32.dll
[2004/08/09 23:00:00 | 00,061,440 | ---- | C] () -- C:\WINDOWS\System32\Iasv32.dll
[2004/08/09 23:00:00 | 00,061,440 | ---- | C] () -- C:\WINDOWS\System32\DMServ32.dll
[2004/08/09 23:00:00 | 00,061,440 | ---- | C] () -- C:\WINDOWS\System32\BtwSrv32.dll
[2004/08/09 23:00:00 | 00,061,440 | ---- | C] () -- C:\WINDOWS\System32\6to4v32.dll
[2004/08/09 23:00:00 | 00,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[2004/08/09 23:00:00 | 00,002,304 | ---- | C] () -- C:\WINDOWS\System32\daqdrv.sys
[2004/07/26 09:51:38 | 00,000,592 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini

========== Alternate Data Streams ==========

@Alternate Data Stream - 487 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:05EE1EEF
@Alternate Data Stream - 128 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:090FB735
@Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:260575F1
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8401B6D5
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F67AAFC5
@Alternate Data Stream - 108 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:43982D5E
@Alternate Data Stream - 101 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:EC0A74A1
@Alternate Data Stream - 101 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1CE87230
< End of report >

Attached Files

11142009_131720.log 6.08KB 1 downloads
2newERRORwindows.JPG 31.94KB 5 downloads
OTLnew.Txt 267.21KB 1 downloads

Edited by Buckeye_Sam, 17 November 2009 - 08:32 AM.

#14 Buckeye_Sam

Malware Expert

Members
17,382 posts
OFFLINE

Gender:Male
Location:Pickerington, Ohio
Local time:11:46 AM

Posted 17 November 2009 - 08:39 AM

Hit CTRL ALT DEL to bring up task manager.
Select the Applications tab and then click on New task...
Type in explorer and hit enter.

That should bring back your desktop and task bar.

Download this tool from another computer and move it over to the infected computer and run it.
http://majorgeeks.com/WinSock_XP_Fix_d4372.html

It should restore your internet connection.

Once you've done that, give Combofix a try again.

#15 Rac9n

Topic Starter

Members
15 posts
OFFLINE

Local time:11:46 AM

Posted 17 November 2009 - 12:11 PM

Uwah, I hope I can catch you before I go home again. Explorer.exe is actually RUNNING, just, the start bar isn't fully there. It's a thin beige strip along the bottom of the screen, and when you hover over it, it thickens slightly, but there's no start button. But, explorer IS running, and I do have the desktop and the icons and all of that.

Also, I recently had an internet issue that involved running the Winsock XP fix, and it only resolved the problem for about two minutes, before I'd lose internet and have to run it again. It kindof decayed, like, every time I ran it it'd work for a shorter period of time until I finally figured out what was causing the problem in the first place: something like having way too many netmax halfopen on utorrent or whatever that was about. Is there any guarantee this won't have the same result~?

Thanks—

Edited by Rac9n, 17 November 2009 - 12:11 PM.