Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Google Redirect-Trojan..possible MULDROP.Trojan or DLOADER.Trojan


  • This topic is locked This topic is locked
17 replies to this topic

#1 nappy212

nappy212

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:04:33 PM

Posted 18 January 2010 - 10:52 PM

Hello,

am new to the forum and am a little hesitant to mess with registry entries, deleting anything that might be
a valid system file, hence my request for help.

A few days ago, my McAfee seemed to catch a virus coming in on an Instructables download, but I believe I opened
the file and my system was infected....I have since run McAfee scans twice, AdAware, CC Cleaner, Spybot SD, Threatfire, rkill, MBAM, gmer.

I believe the original virus is containted but am being redirected everytime I use google to search. Clicking on the Google link redirects me to various sites. Today's site is Threadstone-affiliate.com .......I am only
using Mozilla Firefox, have not used IE in a few years.

Any help is appreciated....I am attaching the requested logs........
DDS LOG

DDS (Ver_09-12-01.01) - NTFSx86
Run by Compaq_Administrator at 21:11:16.96 on Mon 01/18/2010
Internet Explorer: 6.0.2900.2180 BrowserJavaVersion: 1.6.0_17
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1983.1249 [GMT -6:00]

AV: McAfee VirusScan Enterprise *On-access scanning disabled* (Updated) {918A2B0B-2C60-4016-A4AB-E868DEABF7F0}

============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE
C:\Program Files\McAfee\Common Framework\UdaterUI.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\McAfee\Common Framework\McTray.exe
C:\Program Files\Lexmark 3300 Series\lxccmon.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\ThreatFire\TFTray.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe
C:\Program Files\Secunia\PSI\psi.exe
C:\PROGRA~1\MICROS~4\rapimgr.exe
C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\arservice.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\McAfee\Common Framework\FrameworkService.exe
C:\Program Files\McAfee\VirusScan Enterprise\mcshield.exe
C:\Program Files\McAfee\VirusScan Enterprise\vstskmgr.exe
svchost.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\HP\KBD\KBD.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\lxcccoms.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Mozilla Firefox\firefox.exe
c:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Microsoft Office\Office\EXCEL.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Documents and Settings\Compaq_Administrator\Desktop\dds.scr

============== Pseudo HJT Report ===============

uSearch Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=64&bd=PRESARIO&pf=desktop
uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=64&bd=PRESARIO&pf=desktop
uDefault_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=64&bd=PRESARIO&pf=desktop
uSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=64&bd=PRESARIO&pf=desktop
mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=64&bd=PRESARIO&pf=desktop
mDefault_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=64&bd=PRESARIO&pf=desktop
mSearch Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=64&bd=PRESARIO&pf=desktop
mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=64&bd=PRESARIO&pf=desktop
uInternet Connection Wizard,ShellNext = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=64&bd=PRESARIO&pf=desktop
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: : {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\mcafee\virusscan enterprise\scriptcl.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\googletoolbar1.dll
BHO: hpWebHelper Class: {aaae832a-5fff-4661-9c8f-369692d1dcb9} - c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\plugin\WebHelper.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.1.1309.3572\swg.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
TB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\googletoolbar1.dll
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [H/PC Connection Agent] "c:\program files\microsoft activesync\wcescomm.exe"
mRun: [ehTray] c:\windows\ehome\ehtray.exe
mRun: [ftutil2] rundll32.exe ftutil2.dll,SetWriteCacheMode
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [AlwaysReady Power Message APP] ARPWRMSG.EXE
mRun: [Recguard] c:\windows\sminst\RECGUARD.EXE
mRun: [HPBootOp] "c:\program files\hewlett-packard\hp boot optimizer\HPBootOp.exe" /run
mRun: [ShStatEXE] "c:\program files\mcafee\virusscan enterprise\SHSTAT.EXE" /STANDALONE
mRun: [McAfeeUpdaterUI] "c:\program files\mcafee\common framework\UdaterUI.exe" /StartedFromRunKey
mRun: [Adobe Photo Downloader] "c:\program files\adobe\photoshop album starter edition\3.2\apps\apdproxy.exe"
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\bin\AppleSyncNotifier.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [LXCCCATS] rundll32 c:\windows\system32\spool\drivers\w32x86\3\LXCCtime.dll,_RunDLLEntry@16
mRun: [lxccmon.exe] "c:\program files\lexmark 3300 series\lxccmon.exe"
mRun: [FaxCenterServer] "c:\program files\lexmark fax solutions\fm3032.exe" /s
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [ThreatFire] c:\program files\threatfire\TFTray.exe
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
StartupFolder: c:\docume~1\compaq~1\startm~1\programs\startup\secuni~1.lnk - c:\program files\secunia\psi\psi.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\compaq~1.lnk - c:\program files\compaq connections\5577497\program\Compaq Connections.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office\OSA9.EXE
IE: {E2D4D26B-0180-43a4-B05F-462D6D54C789} - c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\iebutton\support.htm
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\progra~1\micros~4\INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\progra~1\micros~4\INetRepl.dll
Trusted Zone: turbotax.com
DPF: {493ACF15-5CD9-4474-82A6-91670C3DD66E} - hxxp://www.linkedin.com/cab/LinkedInContactFinderControl.cab
DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase4009.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1182960951734
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
Notify: AtiExtEvent - Ati2evxx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
LSA: Notification Packages = scecli

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\compaq~1\applic~1\mozilla\firefox\profiles\c7hygrzr.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\google updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\google\update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\unity\webplayer\loader\npUnity3D32.dll
FF - HiddenExtension: XULRunner: {2A4216FA-5514-451C-962E-CB9540E5FC81} - c:\documents and settings\compaq_administrator\local settings\application data\{2A4216FA-5514-451C-962E-CB9540E5FC81}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}

============= SERVICES / DRIVERS ===============

P2 McShield;McAfee McShield;c:\program files\mcafee\virusscan enterprise\mcshield.exe [2006-11-30 144960]
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2010-1-8 64288]
R0 TfFsMon;TfFsMon;c:\windows\system32\drivers\TfFsMon.sys [2010-1-9 51984]
R0 TfSysMon;TfSysMon;c:\windows\system32\drivers\TfSysMon.sys [2010-1-9 59664]
R1 mferkdk;VSCore mferkdk;c:\program files\mcafee\virusscan enterprise\mferkdk.sys [2006-11-30 31944]
R2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;c:\program files\adobe\photoshop elements 7.0\PhotoshopElementsFileAgent.exe [2008-9-16 169312]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2009-12-2 1181328]
R2 McAfeeFramework;McAfee Framework Service;c:\program files\mcafee\common framework\FrameworkService.exe [2007-2-12 104000]
R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]
R2 McTaskManager;McAfee Task Manager;c:\program files\mcafee\virusscan enterprise\vstskmgr.exe [2006-11-30 54872]
R3 mfeavfk;McAfee Inc.;c:\windows\system32\drivers\mfeavfk.sys [2007-2-12 72264]
R3 mfebopk;McAfee Inc.;c:\windows\system32\drivers\mfebopk.sys [2007-2-12 34152]
R3 mfehidk;McAfee Inc.;c:\windows\system32\drivers\mfehidk.sys [2007-2-12 168776]
S2 gupdate1c9c3583c05393a;Google Update Service (gupdate1c9c3583c05393a);c:\program files\google\update\GoogleUpdate.exe [2009-4-22 133104]
S2 ThreatFire;ThreatFire;c:\program files\threatfire\tfservice.exe service --> c:\program files\threatfire\TFService.exe service [?]
S3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [2009-6-17 12648]
S3 TfNetMon;TfNetMon;c:\windows\system32\drivers\TfNetMon.sys [2010-1-9 33552]

=============== Created Last 30 ================

2010-01-19 01:41:15 0 d-----w- c:\documents and settings\compaq_administrator\DoctorWeb
2010-01-18 06:18:58 16 ----a-w- c:\windows\popcinfo.dat
2010-01-16 00:09:51 73728 ----a-w- c:\windows\system32\javacpl.cpl
2010-01-16 00:09:51 411368 ----a-w- c:\windows\system32\deploytk.dll
2010-01-15 22:31:16 0 d-----w- c:\windows\system32\scripting
2010-01-15 22:31:15 0 d-----w- c:\windows\system32\en
2010-01-15 22:31:15 0 d-----w- c:\windows\system32\bits
2010-01-15 22:31:15 0 d-----w- c:\windows\l2schemas
2010-01-15 22:27:54 0 d-----w- c:\windows\network diagnostic
2010-01-15 22:27:34 33656 ----a-w- c:\windows\system32\sprecovr.exe
2010-01-15 22:17:02 7680 ----a-w- c:\windows\system32\spdwnwxp.exe
2010-01-15 22:16:28 19569 ----a-w- c:\windows\003202_.tmp
2010-01-15 22:03:24 0 d-----w- c:\windows\system32\CatRoot_bak
2010-01-15 21:43:03 0 d-----w- c:\program files\Secunia
2010-01-15 19:42:08 0 d-----w- c:\program files\Trend Micro
2010-01-10 04:18:53 0 d-----w- c:\docume~1\compaq~1\applic~1\Malwarebytes
2010-01-10 04:18:47 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-10 04:18:45 0 d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes
2010-01-10 04:18:44 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-01-10 04:18:43 0 d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-01-10 04:02:08 0 d-----w- c:\program files\Autoruns
2010-01-10 03:35:13 59664 ----a-w- c:\windows\system32\drivers\TfSysMon.sys
2010-01-10 03:35:13 51984 ----a-w- c:\windows\system32\drivers\TfFsMon.sys
2010-01-10 03:35:13 33552 ----a-w- c:\windows\system32\drivers\TfNetMon.sys
2010-01-10 03:35:10 0 d-----w- c:\program files\ThreatFire
2010-01-10 03:35:10 0 d-----w- c:\docume~1\alluse~1\applic~1\PC Tools
2010-01-10 03:33:43 8991968 ----a-w- c:\temp\tfinstall.exe
2010-01-09 01:03:15 15880 ----a-w- c:\windows\system32\lsdelete.exe
2010-01-08 23:57:37 64288 ----a-w- c:\windows\system32\drivers\Lbd.sys
2010-01-08 23:55:56 0 dc-h--w- c:\docume~1\alluse~1\applic~1\{BC9FCCF7-E686-494B-8C9B-55C9A39A7CA9}
2010-01-08 23:51:55 91338304 ----a-w- c:\temp\Ad-AwareInstallation.exe
2010-01-08 22:38:49 3357024 ----a-w- c:\temp\ccsetup227.exe
2010-01-08 19:32:49 120 ----a-w- c:\windows\Wqibeziva.dat
2010-01-08 19:32:49 0 ----a-w- c:\windows\Qdurakokoxevoko.bin

==================== Find3M ====================

2009-02-28 19:27:27 476935928 ----a-w- c:\program files\PSE7_WIN_WWE.exe
2009-01-12 23:48:30 1878848 ----a-w- c:\program files\facebook.exe
2008-10-30 19:26:05 4026608 ----a-w- c:\program files\SRS_Audio_Sandbox.exe
2008-09-09 10:00:22 46303 ----a-w- c:\program files\Photoshop Elements 7.0 Read Me.html
2008-07-10 03:59:19 7024640 ----a-w- c:\program files\winzip112.msi
2008-07-04 18:36:27 7422571 ----a-w- c:\program files\GDM6.exe
2008-07-03 16:15:01 2919360 ----a-w- c:\program files\ccsetup209.exe
2007-02-25 02:39:15 251 ----a-w- c:\program files\wt3d.ini
2006-02-03 16:37:30 18725888 ----a-w- c:\program files\TIConnectV1.6.exe
2007-06-02 05:00:37 22 --sha-w- c:\windows\sminst\HPCD.sys

============= FINISH: 21:11:31.93 ===============

Thank you, appreciate the help and look forward to hearing from you all...
From a grateful newbie.......

Nappy

Attached Files



BC AdBot (Login to Remove)

 


#2 Buckeye_Sam

Buckeye_Sam

    Malware Expert


  • Members
  • 17,382 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Pickerington, Ohio
  • Local time:05:33 PM

Posted 19 January 2010 - 08:15 AM

Hello! smile.gif
My name is Sam and I will be helping you.

In order to see what's going on with your computer I'll ask for you to post various logs from the tools that we will use to resolve your issue. Please also share with me any information about how your computer is reacting and behaving each step of the way as we work through this process.


We need to create an OTL Report
  • Please download OTL from here
  • Save it to your desktop.
  • Double click on the icon on your desktop.
  • Click the "Scan All Users" checkbox.
  • Under the Custom Scan box paste this in

    netsvcs
    %SYSTEMDRIVE%\*.exe
    /md5start
    eventlog.dll
    scecli.dll
    netlogon.dll
    cngaudit.dll
    sceclt.dll
    ntelogon.dll
    logevent.dll
    iaStor.sys
    nvstor.sys
    atapi.sys
    IdeChnDr.sys
    viasraid.sys
    AGP440.sys
    vaxscsi.sys
    nvatabus.sys
    viamraid.sys
    nvata.sys
    nvgts.sys
    iastorv.sys
    ViPrt.sys
    eNetHook.dll
    ahcix86.sys
    KR10N.sys
    /md5stop
    %systemroot%\*. /mp /s
    %systemroot%\system32\*.dll /lockedfiles
    CREATERESTOREPOINT

  • Click the "Run Scan" button.
  • The scan should take just a few minutes.
  • Please copy and paste both logs back here in your next reply.

Posted Image If I have helped you in any way, please consider a donation to help me continue the fight against malware.


Failing to respond back to the person that is giving up their own time to help you not only is insensitive and disrespectful, but it guarantees that you will never receive help from me again. Please thank your helpers and there will always be help here when you need it!


========================================================

#3 nappy212

nappy212
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:04:33 PM

Posted 19 January 2010 - 08:31 AM

Thank you Sam! appreciate the help.
Am at work, so will run and upload the scan when I get home this evening.....

Again, thanks for the help!!

#4 nappy212

nappy212
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:04:33 PM

Posted 19 January 2010 - 06:08 PM

Part 1 of 3

Sam, thanks again.
except for the redirects my pc is working as well as ever...my concern with the redirect is that it could
be hiding something worse. Don't want to impact my financial and tax data.
Let me know what else I can provide...here is the OTL Log.....thanks!

Nappy

OTL:

OTL logfile created on: 1/19/2010 4:46:41 PM - Run 1
OTL by OldTimer - Version 3.1.25.2 Folder = C:\Documents and Settings\Compaq_Administrator\Desktop
Windows XP Media Center Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 58.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 83.00% Paging File free
Paging file location(s): C:\pagefile.sys 1440 2880 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 224.54 Gb Total Space | 141.91 Gb Free Space | 63.20% Space Free | Partition Type: NTFS
Drive D: | 8.33 Gb Total Space | 0.38 Gb Free Space | 4.51% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: NAPOLITANO
Current User Name: Compaq_Administrator
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/01/19 16:44:19 | 00,547,328 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Administrator\Desktop\OTL.exe
PRC - [2010/01/15 18:09:08 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2010/01/15 18:09:08 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2010/01/08 17:56:50 | 00,788,880 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2010/01/08 17:56:49 | 01,181,328 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2010/01/08 16:37:04 | 00,307,672 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009/11/23 12:49:26 | 00,378,128 | ---- | M] (PC Tools) -- C:\Program Files\ThreatFire\TFTray.exe
PRC - [2009/08/21 02:15:32 | 00,900,816 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\psi.exe
PRC - [2009/07/13 13:03:10 | 00,292,128 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe
PRC - [2009/07/13 13:02:50 | 00,542,496 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
PRC - [2009/05/29 12:41:26 | 00,144,712 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2009/04/22 08:39:55 | 00,133,104 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\GoogleUpdate.exe
PRC - [2008/12/12 10:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2008/10/10 04:45:26 | 00,013,088 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
PRC - [2008/09/16 12:03:18 | 00,169,312 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
PRC - [2007/06/13 04:23:07 | 01,033,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/05/08 15:24:20 | 00,054,840 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
PRC - [2007/03/09 10:09:58 | 00,063,712 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
PRC - [2006/11/30 08:50:00 | 00,144,960 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan Enterprise\mcshield.exe
PRC - [2006/11/30 08:50:00 | 00,112,216 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan Enterprise\shstat.exe
PRC - [2006/11/30 08:50:00 | 00,054,872 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan Enterprise\vstskmgr.exe
PRC - [2006/11/17 13:40:56 | 00,136,768 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\Common Framework\naPrdMgr.exe
PRC - [2006/11/17 13:39:58 | 00,136,768 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\Common Framework\UdaterUI.exe
PRC - [2006/11/17 13:37:44 | 00,104,000 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\Common Framework\FrameworkService.exe
PRC - [2006/11/17 03:06:00 | 00,086,016 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\Common Framework\Mctray.exe
PRC - [2006/11/13 12:39:52 | 01,289,000 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft ActiveSync\wcescomm.exe
PRC - [2006/11/13 12:39:34 | 00,199,464 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft ActiveSync\rapimgr.exe
PRC - [2006/08/08 03:27:56 | 00,036,903 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe
PRC - [2006/06/21 05:08:48 | 00,049,152 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe
PRC - [2006/06/13 21:05:26 | 16,239,616 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.EXE
PRC - [2006/04/05 05:05:00 | 00,344,064 | ---- | M] (ATI Technologies, Inc.) -- C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
PRC - [2006/04/04 22:52:38 | 00,405,504 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe
PRC - [2005/08/03 00:19:16 | 00,058,880 | ---- | M] (Microsoft) -- C:\WINDOWS\arservice.exe
PRC - [2005/02/25 10:42:46 | 00,466,944 | ---- | M] (Lexmark International, Inc.) -- C:\WINDOWS\system32\lxcccoms.exe
PRC - [2005/02/21 05:21:18 | 00,192,512 | ---- | M] (Lexmark International, Inc.) -- C:\Program Files\Lexmark 3300 Series\lxccmon.exe
PRC - [2005/02/02 17:44:24 | 00,061,440 | ---- | M] (Hewlett-Packard Company) -- C:\hp\KBD\kbd.exe
PRC - [2004/08/09 22:00:00 | 00,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\unsecapp.exe
PRC - [1998/05/07 10:04:38 | 00,052,736 | ---- | M] (Hewlett-Packard Company) -- c:\WINDOWS\system\hpsysdrv.exe


========== Modules (SafeList) ==========

MOD - [2010/01/19 16:44:19 | 00,547,328 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Administrator\Desktop\OTL.exe
MOD - [2006/08/25 09:45:55 | 01,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
MOD - [2006/08/08 03:27:53 | 00,024,613 | ---- | M] (BackWeb) -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\IadHide5.dll


========== Win32 Services (SafeList) ==========

SRV - [2010/01/15 18:09:08 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) [Auto | Running] -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2010/01/08 17:56:49 | 01,181,328 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2009/11/23 12:49:24 | 00,070,928 | ---- | M] (PC Tools) [Auto | Stopped] -- C:\Program Files\ThreatFire\TFService.exe -- (ThreatFire)
SRV - [2009/07/13 13:02:50 | 00,542,496 | ---- | M] (Apple Inc.) [On_Demand | Running] -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service)
SRV - [2009/05/29 12:41:26 | 00,144,712 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009/04/22 08:39:55 | 00,133,104 | ---- | M] (Google Inc.) [Auto | Stopped] -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate1c9c3583c05393a) Google Update Service (gupdate1c9c3583c05393a)
SRV - [2009/03/24 11:55:12 | 00,183,280 | ---- | M] (Google) [Auto | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2009/02/28 13:46:41 | 00,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008/12/12 10:17:38 | 00,238,888 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)
SRV - [2008/10/10 04:45:26 | 00,013,088 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)
SRV - [2008/09/16 12:03:18 | 00,169,312 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor7.0)
SRV - [2006/11/30 08:50:00 | 00,144,960 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\VirusScan Enterprise\mcshield.exe -- (McShield)
SRV - [2006/11/30 08:50:00 | 00,054,872 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\VirusScan Enterprise\vstskmgr.exe -- (McTaskManager)
SRV - [2006/11/17 13:37:44 | 00,104,000 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\Common Framework\FrameworkService.exe -- (McAfeeFramework)
SRV - [2006/06/21 05:08:48 | 00,049,152 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService)
SRV - [2006/04/04 22:52:38 | 00,405,504 | ---- | M] (ATI Technologies Inc.) [Auto | Running] -- C:\WINDOWS\system32\ati2evxx.exe -- (Ati HotKey Poller)
SRV - [2005/08/03 00:19:16 | 00,058,880 | ---- | M] (Microsoft) [Auto | Running] -- C:\WINDOWS\arservice.exe -- (ARSVC)
SRV - [2005/02/25 10:42:46 | 00,466,944 | ---- | M] (Lexmark International, Inc.) [On_Demand | Running] -- C:\WINDOWS\System32\lxcccoms.exe -- (lxcc_device)
SRV - [2004/10/22 11:24:18 | 00,073,728 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)


========== Driver Services (SafeList) ==========

DRV - [2009/12/02 07:19:06 | 00,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2009/11/23 12:49:38 | 00,059,664 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\TfSysMon.sys -- (TfSysMon)
DRV - [2009/11/23 12:49:38 | 00,033,552 | ---- | M] (PC Tools) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TfNetMon.sys -- (TfNetMon)
DRV - [2009/11/23 12:49:36 | 00,051,984 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\TfFsMon.sys -- (TfFsMon)
DRV - [2009/06/17 06:20:34 | 00,012,648 | ---- | M] (Secunia) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\psi_mf.sys -- (PSI)
DRV - [2009/03/19 15:32:48 | 00,023,400 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2009/02/28 13:41:50 | 00,043,528 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - [2008/08/19 10:49:37 | 00,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2008/08/19 10:49:36 | 00,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2007/11/13 04:25:53 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2007/07/26 09:25:12 | 00,039,808 | R--- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SRS_SSCFilter_i386.sys -- (SRS_SSCFilter) SRS Labs Audio Sandbox (WDM)
DRV - [2006/11/30 08:50:00 | 00,168,776 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2006/11/30 08:50:00 | 00,072,264 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2006/11/30 08:50:00 | 00,064,360 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfeapfk.sys -- (mfeapfk)
DRV - [2006/11/30 08:50:00 | 00,052,136 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\mfetdik.sys -- (mfetdik)
DRV - [2006/11/30 08:50:00 | 00,034,152 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2006/11/30 08:50:00 | 00,031,944 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Program Files\McAfee\VirusScan Enterprise\mferkdk.sys -- (mferkdk)
DRV - [2006/11/06 17:04:56 | 00,028,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wceusbsh.sys -- (wceusbsh)
DRV - [2006/06/14 12:04:12 | 04,299,264 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2006/04/04 22:58:44 | 01,536,000 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2006/02/27 06:46:20 | 00,081,408 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2005/12/12 18:27:00 | 00,019,072 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PS2.sys -- (Ps2)
DRV - [2005/12/06 12:20:50 | 00,241,664 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSXHWBS2.sys -- (HSXHWBS2)
DRV - [2005/12/06 12:20:42 | 00,670,208 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSX_CNXT.sys -- (winachsx)
DRV - [2005/12/06 12:20:40 | 00,936,448 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSX_DP.sys -- (HSX_DP)
DRV - [2005/10/20 19:47:05 | 00,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usb8023x.sys -- (usb_rndisx)
DRV - [2005/10/05 16:57:08 | 00,012,544 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\mdmxsdk.sys -- (mdmxsdk)
DRV - [2005/01/08 01:07:18 | 00,138,752 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2004/08/09 22:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2004/08/03 15:31:34 | 00,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2004/01/28 14:03:26 | 00,021,456 | ---- | M] (Texas Instruments Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SilvrLnk.sys -- (SilverLink) Texas Instruments SilverLink (USB GraphLink)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2598745057-2332373325-1444792872-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
IE - HKU\S-1-5-21-2598745057-2332373325-1444792872-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
IE - HKU\S-1-5-21-2598745057-2332373325-1444792872-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
IE - HKU\S-1-5-21-2598745057-2332373325-1444792872-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKU\S-1-5-21-2598745057-2332373325-1444792872-1007\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKU\S-1-5-21-2598745057-2332373325-1444792872-1007\S-1-5-21-2598745057-2332373325-1444792872-1007\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2598745057-2332373325-1444792872-1007\S-1-5-21-2598745057-2332373325-1444792872-1007\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com/"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.3
FF - prefs.js..extensions.enabledItems: elemhidehelper@adblockplus.org:1.0.6
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.7
FF - prefs.js..extensions.enabledItems: {fe0258ab-4f74-43a1-8781-bcdf340f9ee9}:2.6.2
FF - prefs.js..extensions.enabledItems: {4776510a-a1f4-41f3-a3c8-35b474ecef23}:1.0.7
FF - prefs.js..extensions.enabledItems: {AE93811A-5C9A-4d34-8462-F7B864FC4696}:3.52
FF - prefs.js..extensions.enabledItems: {2A4216FA-5514-451C-962E-CB9540E5FC81}:1.9.1
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0

FF - HKLM\software\mozilla\Firefox\Extensions\\{2A4216FA-5514-451C-962E-CB9540E5FC81}: C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\{2A4216FA-5514-451C-962E-CB9540E5FC81} [2010/01/08 13:32:48 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.17\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/01/08 16:37:11 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.17\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/01/15 18:09:51 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.23\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2009/08/26 18:08:25 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.23\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins

[2008/09/11 18:36:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Mozilla\Extensions
[2010/01/18 20:54:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Mozilla\Firefox\Profiles\c7hygrzr.default\extensions
[2009/09/18 19:14:08 | 00,000,000 | ---D | M] (Stealther) -- C:\Documents and Settings\Compaq_Administrator\Application Data\Mozilla\Firefox\Profiles\c7hygrzr.default\extensions\{4776510a-a1f4-41f3-a3c8-35b474ecef23}
[2007/11/07 11:08:08 | 00,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Compaq_Administrator\Application Data\Mozilla\Firefox\Profiles\c7hygrzr.default\extensions\{A9BB3658-519E-403a-991E-41DB4983AB31}
[2009/11/11 22:31:37 | 00,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Compaq_Administrator\Application Data\Mozilla\Firefox\Profiles\c7hygrzr.default\extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}
[2010/01/15 15:03:27 | 00,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Compaq_Administrator\Application Data\Mozilla\Firefox\Profiles\c7hygrzr.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010/01/08 06:48:02 | 00,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Compaq_Administrator\Application Data\Mozilla\Firefox\Profiles\c7hygrzr.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/01/15 15:03:23 | 00,000,000 | ---D | M] (Redirect Remover) -- C:\Documents and Settings\Compaq_Administrator\Application Data\Mozilla\Firefox\Profiles\c7hygrzr.default\extensions\{fe0258ab-4f74-43a1-8781-bcdf340f9ee9}
[2009/07/09 09:40:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Mozilla\Firefox\Profiles\c7hygrzr.default\extensions\elemhidehelper@adblockplus.org
[2009/02/28 14:44:16 | 00,001,677 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Application Data\Mozilla\Firefox\Profiles\c7hygrzr.default\searchplugins\community-help-adobe-photoshop-elements.xml
[2010/01/18 20:54:18 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions

O1 HOSTS File: ([2004/08/10 05:00:00 | 00,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: () - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\scriptcl.dll (McAfee, Inc.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O2 - BHO: (hpWebHelper Class) - {AAAE832A-5FFF-4661-9C8F-369692D1DCB9} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\WebHelper.dll (Hewlett-Packard)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKU\S-1-5-21-2598745057-2332373325-1444792872-1007\..\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found.
O3 - HKU\S-1-5-21-2598745057-2332373325-1444792872-1007\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKU\S-1-5-21-2598745057-2332373325-1444792872-1007\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AlwaysReady Power Message APP] C:\WINDOWS\arpwrmsg.exe (Microsoft)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [FaxCenterServer] C:\Program Files\Lexmark Fax Solutions\fm3032.exe ()
O4 - HKLM..\Run: [ftutil2] C:\WINDOWS\System32\ftutil2.dll (Promise Technology, Inc.)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HPBootOp] C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [LXCCCATS] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCCtime.DLL ()
O4 - HKLM..\Run: [lxccmon.exe] C:\Program Files\Lexmark 3300 Series\lxccmon.exe (Lexmark International, Inc.)
O4 - HKLM..\Run: [McAfeeUpdaterUI] C:\Program Files\McAfee\Common Framework\UdaterUI.exe (McAfee, Inc.)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()
O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [ShStatEXE] C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE (McAfee, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [ThreatFire] C:\Program Files\ThreatFire\TFTray.exe (PC Tools)
O4 - HKU\S-1-5-21-2598745057-2332373325-1444792872-1007..\Run: [H/PC Connection Agent] C:\Program Files\Microsoft ActiveSync\wcescomm.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Compaq Connections.lnk = C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe (Hewlett-Packard)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\Compaq_Administrator\Start Menu\Programs\Startup\Secunia PSI.lnk = C:\Program Files\Secunia\PSI\psi.exe (Secunia)
O4 - Startup: C:\Documents and Settings\Default User\Start Menu\Programs\Startup\Pin.lnk = C:\hp\bin\cloaker.exe (Hewlett-Packard Co.)
O4 - Startup: C:\Documents and Settings\Default User\Start Menu\Programs\Startup\PinMcLnk.lnk = C:\hp\bin\cloaker.exe (Hewlett-Packard Co.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: AllowLegacyWebView = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: AllowUnhashedWebView = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2598745057-2332373325-1444792872-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm ()
O9 - Extra 'Tools' menuitem : Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\.DEFAULT\..Trusted Domains: 95 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-18\..Trusted Domains: 95 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-19\..Trusted Domains: 95 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-20\..Trusted Domains: 95 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-21-2598745057-2332373325-1444792872-1007\..Trusted Domains: turbotax.com ([]https in Trusted sites)
O15 - HKU\S-1-5-21-2598745057-2332373325-1444792872-1007\..Trusted Domains: 95 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {493ACF15-5CD9-4474-82A6-91670C3DD66E} http://www.linkedin.com/cab/LinkedInContactFinderControl.cab (LinkedIn ContactFinderControl)
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} http://cdn.scan.onecare.live.com/resource/...lscbase4009.cab (Windows Live Safety Center Base Module)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftu...b?1182960951734 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flash...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_17)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\dimsntfy: DllName - Reg Error: Value error. - Reg Error: Value error. File not found
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\Microsoft\Wallpaper2.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/08/30 22:02:02 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001/07/27 08:07:38 | 00,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2004/04/30 00:01:14 | 00,000,053 | -HS- | M] () - D:\Autorun.inf -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2005/11/14 20:13:14 | 00,000,000 | ---D | M]
NetSvcs: Iprip - C:\WINDOWS\system32\iprip.dll (Microsoft Corporation)
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

#5 nappy212

nappy212
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:04:33 PM

Posted 19 January 2010 - 06:13 PM

2 of 3 continuation OTL File:

CREATERESTOREPOINT
Error starting restore point: System Restore is disabled.
Error closing restore point: System Restore is disabled.

========== Files/Folders - Created Within 30 Days ==========

[2010/01/19 16:44:19 | 00,547,328 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Administrator\Desktop\OTL.exe
[2010/01/18 21:17:54 | 00,472,064 | ---- | C] ( ) -- C:\Documents and Settings\Compaq_Administrator\Desktop\RootRepeal.exe
[2010/01/18 19:41:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\DoctorWeb
[2010/01/15 18:09:51 | 00,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deploytk.dll
[2010/01/15 18:09:51 | 00,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010/01/15 18:09:51 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010/01/15 18:09:51 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010/01/15 18:09:51 | 00,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010/01/15 18:07:44 | 00,800,544 | ---- | C] (Sun Microsystems, Inc.) -- C:\Documents and Settings\Compaq_Administrator\Desktop\jxpiinstall-rv.exe
[2010/01/15 17:18:08 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\Compaq_Administrator\Recent
[2010/01/15 17:13:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2010/01/15 17:11:45 | 00,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2010/01/15 16:31:16 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting
[2010/01/15 16:31:16 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\en-us
[2010/01/15 16:31:15 | 00,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2010/01/15 16:31:15 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\en
[2010/01/15 16:31:15 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2010/01/15 16:27:54 | 00,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2010/01/15 16:27:34 | 00,033,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sprecovr.exe
[2010/01/15 16:24:49 | 00,848,384 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\ir41_32.ax
[2010/01/15 16:24:49 | 00,755,200 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\ir50_32.dll
[2010/01/15 16:24:49 | 00,423,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\html.iec
[2010/01/15 16:24:49 | 00,407,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstsc.exe
[2010/01/15 16:24:49 | 00,380,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irprops.cpl
[2010/01/15 16:24:49 | 00,338,432 | ---- | C] (Intel Corporation.) -- C:\WINDOWS\System32\ir41_qcx.dll
[2010/01/15 16:24:49 | 00,200,192 | ---- | C] (Intel Corporation.) -- C:\WINDOWS\System32\ir50_qc.dll
[2010/01/15 16:24:49 | 00,199,680 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\iac25_32.ax
[2010/01/15 16:24:49 | 00,193,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fsquirt.exe
[2010/01/15 16:24:49 | 00,183,808 | ---- | C] (Intel Corporation.) -- C:\WINDOWS\System32\ir50_qcx.dll
[2010/01/15 16:24:49 | 00,154,624 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\ivfsrc.ax
[2010/01/15 16:24:49 | 00,120,320 | ---- | C] (Intel Corporation.) -- C:\WINDOWS\System32\ir41_qc.dll
[2010/01/15 16:24:49 | 00,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bthprops.cpl
[2010/01/15 16:24:49 | 00,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sdhcinst.dll
[2010/01/15 16:24:49 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bthci.dll
[2010/01/15 16:24:49 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\hccoin.dll
[2010/01/15 16:24:48 | 00,351,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsp3res.dll
[2010/01/15 16:24:48 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\verclsid.exe
[2010/01/15 16:24:46 | 00,138,752 | ---- | C] (Windows ® Server 2003 DDK provider) -- C:\WINDOWS\System32\drivers\hdaudbus.sys
[2010/01/15 16:24:44 | 00,030,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rndismpx.sys
[2010/01/15 16:24:43 | 00,562,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sprb0411.dll
[2010/01/15 16:24:43 | 00,197,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spra040c.dll
[2010/01/15 16:24:43 | 00,171,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spra0411.dll
[2010/01/15 16:24:43 | 00,161,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spra0404.dll
[2010/01/15 16:24:43 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usb8023x.sys
[2010/01/15 16:24:42 | 02,134,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpsnap.dll
[2010/01/15 16:24:42 | 00,801,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sprb0408.dll
[2010/01/15 16:24:42 | 00,793,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sprb040c.dll
[2010/01/15 16:24:42 | 00,769,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sprb040e.dll
[2010/01/15 16:24:42 | 00,769,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sprb0413.dll
[2010/01/15 16:24:42 | 00,759,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sprb0415.dll
[2010/01/15 16:24:42 | 00,742,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sprb0406.dll
[2010/01/15 16:24:42 | 00,724,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sprb041d.dll
[2010/01/15 16:24:42 | 00,724,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sprb041f.dll
[2010/01/15 16:24:42 | 00,477,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sprb0404.dll
[2010/01/15 16:24:42 | 00,434,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\obrb040e.dll
[2010/01/15 16:24:42 | 00,418,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\obrb0406.dll
[2010/01/15 16:24:42 | 00,410,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\obrb040c.dll
[2010/01/15 16:24:42 | 00,401,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\obrb0413.dll
[2010/01/15 16:24:42 | 00,391,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\obrb0415.dll
[2010/01/15 16:24:42 | 00,363,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\obrb041d.dll
[2010/01/15 16:24:42 | 00,275,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\obrb0411.dll
[2010/01/15 16:24:42 | 00,212,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\obrb0404.dll
[2010/01/15 16:24:42 | 00,197,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spra0408.dll
[2010/01/15 16:24:42 | 00,196,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spra0413.dll
[2010/01/15 16:24:42 | 00,195,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spra040e.dll
[2010/01/15 16:24:42 | 00,194,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spra0415.dll
[2010/01/15 16:24:42 | 00,192,512 | ---- | C] (Корпорация Майкрософт) -- C:\WINDOWS\System32\dllcache\spra0419.dll
[2010/01/15 16:24:42 | 00,192,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spra0406.dll
[2010/01/15 16:24:42 | 00,188,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spra0426.dll
[2010/01/15 16:24:42 | 00,188,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spra041f.dll
[2010/01/15 16:24:42 | 00,188,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spra041d.dll
[2010/01/15 16:24:42 | 00,161,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spra0804.dll
[2010/01/15 16:24:42 | 00,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpapi.dll
[2010/01/15 16:24:41 | 02,869,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sprb0401.dll
[2010/01/15 16:24:41 | 00,773,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sprb0c0a.dll
[2010/01/15 16:24:41 | 00,769,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sprb0410.dll
[2010/01/15 16:24:41 | 00,736,768 | ---- | C] (Корпорация Майкрософт) -- C:\WINDOWS\System32\dllcache\sprb0419.dll
[2010/01/15 16:24:41 | 00,470,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sprb0804.dll
[2010/01/15 16:24:41 | 00,427,008 | ---- | C] (Корпорация Майкрософт) -- C:\WINDOWS\System32\dllcache\obrb0419.dll
[2010/01/15 16:24:41 | 00,419,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\obrb0408.dll
[2010/01/15 16:24:41 | 00,390,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\obrb041f.dll
[2010/01/15 16:24:41 | 00,270,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\obrb0804.dll
[2010/01/15 16:24:41 | 00,196,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spra0c0a.dll
[2010/01/15 16:24:41 | 00,195,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spra0410.dll
[2010/01/15 16:24:41 | 00,188,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spra041a.dll
[2010/01/15 16:24:41 | 00,186,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spra0401.dll
[2010/01/15 16:24:41 | 00,186,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spra040b.dll
[2010/01/15 16:24:41 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\pidgen.dll
[2010/01/15 16:24:41 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pidgen.dll
[2010/01/15 16:24:41 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rwnh.dll
[2010/01/15 16:24:40 | 02,842,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sprb040d.dll
[2010/01/15 16:24:40 | 00,788,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sprb0407.dll
[2010/01/15 16:24:40 | 00,752,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sprb0416.dll
[2010/01/15 16:24:40 | 00,734,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sprb0405.dll
[2010/01/15 16:24:40 | 00,729,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sprb040b.dll
[2010/01/15 16:24:40 | 00,716,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sprb0414.dll
[2010/01/15 16:24:40 | 00,543,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sprb0412.dll
[2010/01/15 16:24:40 | 00,446,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\obrb0c0a.dll
[2010/01/15 16:24:40 | 00,428,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\obrb0405.dll
[2010/01/15 16:24:40 | 00,413,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\obrb0410.dll
[2010/01/15 16:24:40 | 00,405,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\obrb040b.dll
[2010/01/15 16:24:40 | 00,393,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\obrb0401.dll
[2010/01/15 16:24:40 | 00,384,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\obrb040d.dll
[2010/01/15 16:24:40 | 00,353,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\obrb0414.dll
[2010/01/15 16:24:40 | 00,306,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\obrb0412.dll
[2010/01/15 16:24:40 | 00,221,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\seo.dll
[2010/01/15 16:24:40 | 00,199,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spra0407.dll
[2010/01/15 16:24:40 | 00,192,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spra0416.dll
[2010/01/15 16:24:40 | 00,190,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spra0418.dll
[2010/01/15 16:24:40 | 00,189,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spra0414.dll
[2010/01/15 16:24:40 | 00,188,928 | ---- | C] (Společnost Microsoft) -- C:\WINDOWS\System32\dllcache\spra0405.dll
[2010/01/15 16:24:40 | 00,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spra041e.dll
[2010/01/15 16:24:40 | 00,187,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spra0425.dll
[2010/01/15 16:24:40 | 00,181,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spra040d.dll
[2010/01/15 16:24:40 | 00,167,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spra0412.dll
[2010/01/15 16:24:40 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tabletoc.dll
[2010/01/15 16:24:40 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asr_pfu.exe
[2010/01/15 16:24:40 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\asr_pfu.exe
[2010/01/15 16:24:40 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spiisupd.exe
[2010/01/15 16:24:40 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spiisupd.exe
[2010/01/15 16:24:39 | 02,897,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsp2res.dll
[2010/01/15 16:24:39 | 02,897,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpsp2res.dll
[2010/01/15 16:24:39 | 02,113,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dxdiagn.dll
[2010/01/15 16:24:39 | 02,113,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dxdiagn.dll
[2010/01/15 16:24:39 | 00,751,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sprb0816.dll
[2010/01/15 16:24:39 | 00,435,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\obrb0816.dll
[2010/01/15 16:24:39 | 00,409,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\obrb0416.dll
[2010/01/15 16:24:39 | 00,403,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\obrb0407.dll
[2010/01/15 16:24:39 | 00,325,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2fxb.dll
[2010/01/15 16:24:39 | 00,194,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spra0816.dll
[2010/01/15 16:24:39 | 00,189,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spra0427.dll
[2010/01/15 16:24:39 | 00,189,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spra0402.dll
[2010/01/15 16:24:39 | 00,189,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpadm.dll
[2010/01/15 16:24:39 | 00,096,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpcdll.dll
[2010/01/15 16:24:39 | 00,096,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpcdll.dll
[2010/01/15 16:24:39 | 00,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\p2pgasvc.dll
[2010/01/15 16:24:39 | 00,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\p2pgasvc.dll
[2010/01/15 16:24:39 | 00,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\irbus.sys
[2010/01/15 16:24:39 | 00,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irbus.sys
[2010/01/15 16:24:39 | 00,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\secedit.exe
[2010/01/15 16:24:39 | 00,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\secedit.exe
[2010/01/15 16:24:39 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdukx.dll
[2010/01/15 16:24:39 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdukx.dll
[2010/01/15 16:24:38 | 00,539,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msftedit.dll
[2010/01/15 16:24:38 | 00,539,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msftedit.dll
[2010/01/15 16:24:38 | 00,526,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\p2psvc.dll
[2010/01/15 16:24:38 | 00,148,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wscui.cpl
[2010/01/15 16:24:38 | 00,148,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wscui.cpl
[2010/01/15 16:24:38 | 00,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\firewall.cpl
[2010/01/15 16:24:38 | 00,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\firewall.cpl
[2010/01/15 16:24:38 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sdbus.sys
[2010/01/15 16:24:38 | 00,055,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\extmgr.dll
[2010/01/15 16:24:38 | 00,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pnrpnsp.dll
[2010/01/15 16:24:38 | 00,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\amdk7.sys
[2010/01/15 16:24:38 | 00,036,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\intelppm.sys
[2010/01/15 16:24:38 | 00,029,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ip6fw.sys
[2010/01/15 16:24:38 | 00,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedw.exe
[2010/01/15 16:24:38 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fltlib.dll
[2010/01/15 16:24:38 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ssl.dll
[2010/01/15 16:24:38 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wscntfy.exe
[2010/01/15 16:24:38 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wscntfy.exe
[2010/01/15 16:24:38 | 00,012,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tunmp.sys
[2010/01/15 16:24:38 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bitsprx2.dll
[2010/01/15 16:24:38 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx2.dll
[2010/01/15 16:24:38 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsmsno.dll
[2010/01/15 16:24:38 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsmsno.dll
[2010/01/15 16:24:38 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdfi1.dll
[2010/01/15 16:24:38 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdfi1.dll
[2010/01/15 16:24:38 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2res2.dll
[2010/01/15 16:24:38 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dsprpres.dll
[2010/01/15 16:24:38 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsprpres.dll
[2010/01/15 16:24:37 | 04,256,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2res.dll
[2010/01/15 16:24:37 | 01,689,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\d3d9.dll
[2010/01/15 16:24:37 | 01,689,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3d9.dll
[2010/01/15 16:24:37 | 00,502,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2fxa.dll
[2010/01/15 16:24:37 | 00,312,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\p2pgraph.dll
[2010/01/15 16:24:37 | 00,312,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\p2pgraph.dll
[2010/01/15 16:24:37 | 00,167,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2ae.dll
[2010/01/15 16:24:37 | 00,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sbeio.dll
[2010/01/15 16:24:37 | 00,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sbeio.dll
[2010/01/15 16:24:37 | 00,134,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mssap.dll
[2010/01/15 16:24:37 | 00,134,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssap.dll
[2010/01/15 16:24:37 | 00,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdadiag.dll
[2010/01/15 16:24:37 | 00,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdadiag.dll
[2010/01/15 16:24:37 | 00,088,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\p2pnetsh.dll
[2010/01/15 16:24:37 | 00,088,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\p2pnetsh.dll
[2010/01/15 16:24:37 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado27.tlb
[2010/01/15 16:24:37 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fwcfg.dll
[2010/01/15 16:24:37 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fwcfg.dll
[2010/01/15 16:24:37 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\twext.dll
[2010/01/15 16:24:37 | 00,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\netsetup.cpl
[2010/01/15 16:24:37 | 00,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netsetup.cpl
[2010/01/15 16:24:37 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\httpapi.dll
[2010/01/15 16:24:37 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpapi.dll
[2010/01/15 16:24:37 | 00,020,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ramdisk.sys
[2010/01/15 16:24:37 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\smbinst.exe
[2010/01/15 16:24:37 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smbinst.exe
[2010/01/15 16:24:37 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdinmal.dll
[2010/01/15 16:24:37 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinmal.dll
[2010/01/15 16:24:37 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmlt47.dll
[2010/01/15 16:24:37 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdmlt47.dll
[2010/01/15 16:24:36 | 00,937,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winbrand.dll
[2010/01/15 16:24:36 | 00,937,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winbrand.dll
[2010/01/15 16:24:36 | 00,382,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qmgr.dll
[2010/01/15 16:24:36 | 00,351,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winhttp.dll
[2010/01/15 16:24:36 | 00,193,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spra041b.dll
[2010/01/15 16:24:36 | 00,187,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsp1res.dll
[2010/01/15 16:24:36 | 00,187,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpsp1res.dll
[2010/01/15 16:24:36 | 00,151,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sqldb20.dll
[2010/01/15 16:24:36 | 00,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xmlprov.dll
[2010/01/15 16:24:36 | 00,128,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fltmgr.sys
[2010/01/15 16:24:36 | 00,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sqlse20.dll
[2010/01/15 16:24:36 | 00,050,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\btpanui.dll
[2010/01/15 16:24:36 | 00,050,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\btpanui.dll
[2010/01/15 16:24:36 | 00,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xmlprovi.dll
[2010/01/15 16:24:36 | 00,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xmlprovi.dll
[2010/01/15 16:24:36 | 00,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\powercfg.exe
[2010/01/15 16:24:36 | 00,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\powercfg.exe
[2010/01/15 16:24:36 | 00,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fltmc.exe
[2010/01/15 16:24:36 | 00,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fltmc.exe
[2010/01/15 16:24:36 | 00,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidir.sys
[2010/01/15 16:24:36 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winshfhc.dll
[2010/01/15 16:24:36 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winshfhc.dll
[2010/01/15 16:24:36 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmsetacl.dll
[2010/01/15 16:24:36 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmsetacl.dll
[2010/01/15 16:24:36 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spnpinst.exe
[2010/01/15 16:24:36 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spnpinst.exe
[2010/01/15 16:24:36 | 00,011,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sffdisk.sys
[2010/01/15 16:24:36 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sffp_sd.sys
[2010/01/15 16:24:36 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsmsfi.dll
[2010/01/15 16:24:36 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsmsfi.dll
[2010/01/15 16:24:36 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bitsprx3.dll
[2010/01/15 16:24:36 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx3.dll
[2010/01/15 16:24:36 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdinbe1.dll
[2010/01/15 16:24:36 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinbe1.dll
[2010/01/15 16:24:35 | 00,757,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sprb041b.dll
[2010/01/15 16:24:35 | 00,732,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sprb0424.dll
[2010/01/15 16:24:35 | 00,462,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sqlqp20.dll
[2010/01/15 16:24:35 | 00,456,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpsvc.dll
[2010/01/15 16:24:35 | 00,438,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpob2res.dll
[2010/01/15 16:24:35 | 00,438,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpob2res.dll
[2010/01/15 16:24:35 | 00,408,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\obrb0424.dll
[2010/01/15 16:24:35 | 00,405,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\obrb041b.dll
[2010/01/15 16:24:35 | 00,402,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2filt.dll
[2010/01/15 16:24:35 | 00,331,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aqueue.dll
[2010/01/15 16:24:35 | 00,192,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spra0424.dll
[2010/01/15 16:24:35 | 00,177,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msctfime.ime
[2010/01/15 16:24:35 | 00,121,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\schtasks.exe
[2010/01/15 16:24:35 | 00,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\gpresult.exe
[2010/01/15 16:24:35 | 00,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\p2p.dll
[2010/01/15 16:24:35 | 00,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\p2p.dll
[2010/01/15 16:24:35 | 00,081,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wscsvc.dll
[2010/01/15 16:24:35 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eventtriggers.exe
[2010/01/15 16:24:35 | 00,075,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\strmfilt.dll
[2010/01/15 16:24:35 | 00,075,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\strmfilt.dll
[2010/01/15 16:24:35 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\blastcln.exe
[2010/01/15 16:24:35 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\blastcln.exe
[2010/01/15 16:24:35 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\openfiles.exe
[2010/01/15 16:24:35 | 00,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spgrmr.dll
[2010/01/15 16:24:35 | 00,058,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\driverquery.exe
[2010/01/15 16:24:35 | 00,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eventcreate.exe
[2010/01/15 16:24:35 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\encapi.dll
[2010/01/15 16:24:35 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\encapi.dll
[2010/01/15 16:24:35 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hscupd.exe
[2010/01/15 16:24:35 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\auditusr.exe
[2010/01/15 16:24:35 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\auditusr.exe
[2010/01/15 16:24:35 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdno1.dll
[2010/01/15 16:24:35 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdno1.dll
[2010/01/15 16:24:35 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauserv.dll
[2010/01/15 16:24:35 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdinben.dll
[2010/01/15 16:24:35 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinben.dll
[2010/01/15 16:24:35 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmlt48.dll
[2010/01/15 16:24:35 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdmlt48.dll
[2010/01/15 16:24:35 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmaori.dll
[2010/01/15 16:24:35 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdmaori.dll
[2010/01/15 16:24:34 | 00,829,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmgr.dll
[2010/01/15 16:24:34 | 00,566,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\gpedit.dll
[2010/01/15 16:24:34 | 00,566,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gpedit.dll
[2010/01/15 16:24:34 | 00,369,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asp51.dll
[2010/01/15 16:24:34 | 00,295,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\appmgr.dll
[2010/01/15 16:24:34 | 00,295,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\appmgr.dll
[2010/01/15 16:24:34 | 00,290,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adsiis51.dll
[2010/01/15 16:24:34 | 00,275,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\certwiz.ocx
[2010/01/15 16:24:34 | 00,268,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpext.dll
[2010/01/15 16:24:34 | 00,257,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infocomm.dll
[2010/01/15 16:24:34 | 00,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\gptext.dll
[2010/01/15 16:24:34 | 00,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gptext.dll
[2010/01/15 16:24:34 | 00,167,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\appmgmts.dll
[2010/01/15 16:24:34 | 00,145,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iische51.dll
[2010/01/15 16:24:34 | 00,136,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bootcfg.exe
[2010/01/15 16:24:34 | 00,136,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bootcfg.exe
[2010/01/15 16:24:34 | 00,133,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrtl.dll
[2010/01/15 16:24:34 | 00,125,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpsv251.dll
[2010/01/15 16:24:34 | 00,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gprslt.exe
[2010/01/15 16:24:34 | 00,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fde.dll
[2010/01/15 16:24:34 | 00,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fde.dll
[2010/01/15 16:24:34 | 00,109,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adsnw.dll
[2010/01/15 16:24:34 | 00,109,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\adsnw.dll
[2010/01/15 16:24:34 | 00,108,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\appconf.dll
[2010/01/15 16:24:34 | 00,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iislog51.dll
[2010/01/15 16:24:34 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evtrig.exe
[2010/01/15 16:24:34 | 00,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cnfgprts.ocx
[2010/01/15 16:24:34 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fdeploy.dll
[2010/01/15 16:24:34 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fdeploy.dll
[2010/01/15 16:24:34 | 00,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isatq.dll
[2010/01/15 16:24:34 | 00,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisext51.dll
[2010/01/15 16:24:34 | 00,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\systeminfo.exe
[2010/01/15 16:24:34 | 00,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iismap.dll
[2010/01/15 16:24:34 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpod51.dll
[2010/01/15 16:24:34 | 00,058,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drvqry.exe
[2010/01/15 16:24:34 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cipher.exe
[2010/01/15 16:24:34 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cipher.exe
[2010/01/15 16:24:34 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\getmac.exe
[2010/01/15 16:24:34 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\getmac.exe
[2010/01/15 16:24:34 | 00,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evcreate.exe
[2010/01/15 16:24:34 | 00,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\coadmin.dll
[2010/01/15 16:24:34 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evtgprov.dll
[2010/01/15 16:24:34 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admwprox.dll
[2010/01/15 16:24:34 | 00,042,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\davcdata.exe
[2010/01/15 16:24:34 | 00,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gzip.dll
[2010/01/15 16:24:34 | 00,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrstas.exe
[2010/01/15 16:24:34 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asr_fmt.exe
[2010/01/15 16:24:34 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\asr_fmt.exe
[2010/01/15 16:24:34 | 00,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admexs.dll
[2010/01/15 16:24:34 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\custsat.dll
[2010/01/15 16:24:34 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\efsadu.dll
[2010/01/15 16:24:34 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\efsadu.dll
[2010/01/15 16:24:34 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisadmin.dll
[2010/01/15 16:24:34 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\compfilt.dll
[2010/01/15 16:24:34 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetin51.exe
[2010/01/15 16:24:34 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\exstrace.dll
[2010/01/15 16:24:34 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infoadmn.dll
[2010/01/15 16:24:34 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpmb51.dll
[2010/01/15 16:24:34 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisfecnv.dll
[2010/01/15 16:24:34 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpmib.dll
[2010/01/15 16:24:33 | 01,200,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ntbackup.exe
[2010/01/15 16:24:33 | 01,200,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntbackup.exe
[2010/01/15 16:24:33 | 00,660,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mqqm.dll
[2010/01/15 16:24:33 | 00,660,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mqqm.dll
[2010/01/15 16:24:33 | 00,517,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mqsnap.dll
[2010/01/15 16:24:33 | 00,517,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mqsnap.dll
[2010/01/15 16:24:33 | 00,471,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mqutil.dll
[2010/01/15 16:24:33 | 00,471,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mqutil.dll
[2010/01/15 16:24:33 | 00,225,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mqoa.dll
[2010/01/15 16:24:33 | 00,225,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mqoa.dll
[2010/01/15 16:24:33 | 00,186,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mqtrig.dll
[2010/01/15 16:24:33 | 00,186,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mqtrig.dll
[2010/01/15 16:24:33 | 00,177,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mqrt.dll
[2010/01/15 16:24:33 | 00,177,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mqrt.dll
[2010/01/15 16:24:33 | 00,169,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msmqocm.dll
[2010/01/15 16:24:33 | 00,163,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\nwrdr.sys
[2010/01/15 16:24:33 | 00,163,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nwrdr.sys
[2010/01/15 16:24:33 | 00,138,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mqad.dll
[2010/01/15 16:24:33 | 00,138,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mqad.dll
[2010/01/15 16:24:33 | 00,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mqrtdep.dll
[2010/01/15 16:24:33 | 00,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mqrtdep.dll
[2010/01/15 16:24:33 | 00,121,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sctasks.exe
[2010/01/15 16:24:33 | 00,117,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mqtgsvc.exe
[2010/01/15 16:24:33 | 00,117,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mqtgsvc.exe
[2010/01/15 16:24:33 | 00,107,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rsnotify.exe
[2010/01/15 16:24:33 | 00,107,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rsnotify.exe
[2010/01/15 16:24:33 | 00,095,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mqsec.dll
[2010/01/15 16:24:33 | 00,095,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mqsec.dll
[2010/01/15 16:24:33 | 00,092,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\policman.dll
[2010/01/15 16:24:33 | 00,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mqlogmgr.dll
[2010/01/15 16:24:33 | 00,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mqlogmgr.dll
[2010/01/15 16:24:33 | 00,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\metada51.dll
[2010/01/15 16:24:33 | 00,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logui.ocx
[2010/01/15 16:24:33 | 00,072,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mqac.sys
[2010/01/15 16:24:33 | 00,072,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mqac.sys
[2010/01/15 16:24:33 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\opnfiles.exe
[2010/01/15 16:24:33 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nwwks.dll
[2010/01/15 16:24:33 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nwwks.dll
[2010/01/15 16:24:33 | 00,064,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nwapi32.dll
[2010/01/15 16:24:33 | 00,064,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nwapi32.dll
[2010/01/15 16:24:33 | 00,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\logman.exe
[2010/01/15 16:24:33 | 00,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logman.exe
[2010/01/15 16:24:33 | 00,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mqupgrd.dll
[2010/01/15 16:24:33 | 00,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mqupgrd.dll
[2010/01/15 16:24:33 | 00,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mqdscli.dll
[2010/01/15 16:24:33 | 00,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mqdscli.dll
[2010/01/15 16:24:33 | 00,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\svcext51.dll
[2010/01/15 16:24:33 | 00,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sspifilt.dll
[2010/01/15 16:24:33 | 00,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ssinc51.dll
[2010/01/15 16:24:33 | 00,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nsepm.dll
[2010/01/15 16:24:33 | 00,037,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\md5filt.dll
[2010/01/15 16:24:33 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iscomlog.dll
[2010/01/15 16:24:33 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mqbkup.exe
[2010/01/15 16:24:33 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mqbkup.exe
[2010/01/15 16:24:33 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mqise.dll
[2010/01/15 16:24:33 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mqise.dll
[2010/01/15 16:24:33 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lonsint.dll
[2010/01/15 16:24:33 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\proxycfg.exe
[2010/01/15 16:24:33 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\proxycfg.exe
[2010/01/15 16:24:33 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\staxmem.dll
[2010/01/15 16:24:33 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pwsdata.dll
[2010/01/15 16:24:33 | 00,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mqsvc.exe
[2010/01/15 16:24:33 | 00,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mqsvc.exe
[2010/01/15 16:24:33 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcref.dll
[2010/01/15 16:24:32 | 00,363,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3svc.dll
[2010/01/15 16:24:32 | 00,358,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmic.exe
[2010/01/15 16:24:32 | 00,259,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tracerpt.exe
[2010/01/15 16:24:32 | 00,259,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tracerpt.exe
[2010/01/15 16:24:32 | 00,103,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uihelper.dll
[2010/01/15 16:24:32 | 00,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tlntsess.exe
[2010/01/15 16:24:32 | 00,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tlntsess.exe
[2010/01/15 16:24:32 | 00,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wam51.dll
[2010/01/15 16:24:32 | 00,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tlntsvr.exe
[2010/01/15 16:24:32 | 00,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tasklist.exe
[2010/01/15 16:24:32 | 00,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tasklist.exe
[2010/01/15 16:24:32 | 00,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\taskkill.exe
[2010/01/15 16:24:32 | 00,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\taskkill.exe
[2010/01/15 16:24:32 | 00,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sysinfo.exe
[2010/01/15 16:24:32 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tlntadmn.exe
[2010/01/15 16:24:32 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tlntadmn.exe
[2010/01/15 16:24:32 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamreg51.dll
[2010/01/15 16:24:32 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tools.dll
[2010/01/15 16:24:32 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tlntsvrp.dll
[2010/01/15 16:24:32 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tlntsvrp.dll
[2010/01/15 16:24:31 | 00,596,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wsecedit.dll
[2010/01/15 16:24:31 | 00,596,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wsecedit.dll
[2010/01/15 16:24:30 | 01,852,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\acgenral.dll
[2010/01/15 16:24:30 | 00,450,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aclayers.dll
[2010/01/15 16:24:30 | 00,256,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agentsvr.exe
[2010/01/15 16:24:30 | 00,244,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\acspecfc.dll
[2010/01/15 16:24:30 | 00,214,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agentctl.dll
[2010/01/15 16:24:30 | 00,137,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aclua.dll
[2010/01/15 16:24:30 | 00,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\acxtrnal.dll
[2010/01/15 16:24:30 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agentdpv.dll
[2010/01/15 16:24:30 | 00,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agentmpx.dll
[2010/01/15 16:24:30 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agentsr.dll
[2010/01/15 16:24:30 | 00,042,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agentdp2.dll
[2010/01/15 16:24:30 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agentpsh.dll
[2010/01/15 16:24:30 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agentanm.dll
[2010/01/15 16:24:30 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0408.dll
[2010/01/15 16:24:30 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt040c.dll
[2010/01/15 16:24:30 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0407.dll
[2010/01/15 16:24:30 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0816.dll
[2010/01/15 16:24:30 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0413.dll
[2010/01/15 16:24:30 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0410.dll
[2010/01/15 16:24:30 | 00,020,540 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.dll
[2010/01/15 16:24:30 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0416.dll
[2010/01/15 16:24:30 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt040e.dll
[2010/01/15 16:24:30 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0804.dll
[2010/01/15 16:24:30 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt041f.dll
[2010/01/15 16:24:30 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt041d.dll
[2010/01/15 16:24:30 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0419.dll
[2010/01/15 16:24:30 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0415.dll
[2010/01/15 16:24:30 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0414.dll
[2010/01/15 16:24:30 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0412.dll
[2010/01/15 16:24:30 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0411.dll
[2010/01/15 16:24:30 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt040d.dll
[2010/01/15 16:24:30 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt040b.dll
[2010/01/15 16:24:30 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0409.dll
[2010/01/15 16:24:30 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0406.dll
[2010/01/15 16:24:30 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0405.dll
[2010/01/15 16:24:30 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0404.dll
[2010/01/15 16:24:30 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0401.dll
[2010/01/15 16:24:30 | 00,016,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.exe
[2010/01/15 16:24:29 | 01,032,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\conf.exe
[2010/01/15 16:24:29 | 00,618,605 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4autl.dll
[2010/01/15 16:24:29 | 00,539,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dialer.exe
[2010/01/15 16:24:29 | 00,385,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\callcont.dll
[2010/01/15 16:24:29 | 00,218,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_g18030.dll
[2010/01/15 16:24:29 | 00,195,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comadmin.dll
[2010/01/15 16:24:29 | 00,188,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cfgwiz.exe
[2010/01/15 16:24:29 | 00,184,435 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4amsft.dll
[2010/01/15 16:24:29 | 00,147,513 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4apws.dll
[2010/01/15 16:24:29 | 00,102,509 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4atxt.dll
[2010/01/15 16:24:29 | 00,086,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\directdb.dll
[2010/01/15 16:24:29 | 00,082,035 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4anscp.dll
[2010/01/15 16:24:29 | 00,049,210 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4areg.dll
[2010/01/15 16:24:29 | 00,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\confmrsl.dll
[2010/01/15 16:24:29 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dcap32.dll
[2010/01/15 16:24:29 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agtintl.dll
[2010/01/15 16:24:29 | 00,020,540 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.dll
[2010/01/15 16:24:29 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0c0a.dll
[2010/01/15 16:24:29 | 00,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agtctl15.tlb
[2010/01/15 16:24:29 | 00,016,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.exe
[2010/01/15 16:24:29 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrepl.exe
[2010/01/15 16:24:29 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\f3ahvoas.dll
[2010/01/15 16:24:29 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrereg.exe
[2010/01/15 16:24:28 | 00,876,653 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4awel.dll
[2010/01/15 16:24:28 | 00,768,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpctr.exe
[2010/01/15 16:24:28 | 00,743,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe
[2010/01/15 16:24:28 | 00,598,071 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmc.dll
[2010/01/15 16:24:28 | 00,214,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwconn1.exe
[2010/01/15 16:24:28 | 00,208,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmcsat.dll
[2010/01/15 16:24:28 | 00,188,494 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpcount.exe
[2010/01/15 16:24:28 | 00,172,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwhelp.dll
[2010/01/15 16:24:28 | 00,109,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98swin.exe
[2010/01/15 16:24:28 | 00,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwconn2.exe
[2010/01/15 16:24:28 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwconn.dll
[2010/01/15 16:24:28 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\h323cc.dll
[2010/01/15 16:24:28 | 00,049,212 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4awebs.dll
[2010/01/15 16:24:28 | 00,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwutil.dll
[2010/01/15 16:24:28 | 00,041,020 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4avnb.dll
[2010/01/15 16:24:28 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hmmapi.dll
[2010/01/15 16:24:28 | 00,032,826 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4avss.dll
[2010/01/15 16:24:28 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwdl.dll
[2010/01/15 16:24:28 | 00,024,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmcgi.exe
[2010/01/15 16:24:28 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwrmind.exe
[2010/01/15 16:24:28 | 00,020,541 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpexedll.dll
[2010/01/15 16:24:28 | 00,020,541 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmdll.dll
[2010/01/15 16:24:28 | 00,020,538 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpremadm.exe
[2010/01/15 16:24:28 | 00,014,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98sadm.exe
[2010/01/15 16:24:27 | 04,190,352 | ---- | C] (Microsoft) -- C:\WINDOWS\System32\dllcache\luna.mst
[2010/01/15 16:24:27 | 03,555,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\moviemk.exe
[2010/01/15 16:24:27 | 03,166,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msgr3en.dll
[2010/01/15 16:24:27 | 00,536,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado15.dll
[2010/01/15 16:24:27 | 00,220,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mscandui.dll
[2010/01/15 16:24:27 | 00,200,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadox.dll
[2010/01/15 16:24:27 | 00,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadomd.dll
[2010/01/15 16:24:27 | 00,169,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msconfig.exe
[2010/01/15 16:24:27 | 00,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msjro.dll
[2010/01/15 16:24:27 | 00,093,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iexplore.exe
[2010/01/15 16:24:27 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado26.tlb
[2010/01/15 16:24:27 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado25.tlb
[2010/01/15 16:24:27 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado21.tlb
[2010/01/15 16:24:27 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado20.tlb
[2010/01/15 16:24:27 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msimn.exe
[2010/01/15 16:24:27 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadrh15.dll
[2010/01/15 16:24:27 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msador15.dll
[2010/01/15 16:24:27 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msiregmv.exe
[2010/01/15 16:24:27 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mslwvtts.dll
[2010/01/15 16:24:27 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msader15.dll
[2010/01/15 16:24:27 | 00,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lpdsvc.dll
[2010/01/15 16:24:27 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetwiz.exe
[2010/01/15 16:24:27 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lprmon.dll
[2010/01/15 16:24:27 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migregdb.exe
[2010/01/15 16:24:27 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdibm02.dll
[2010/01/15 16:24:27 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41a.dll
[2010/01/15 16:24:27 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41j.dll
[2010/01/15 16:24:27 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdax2.dll
[2010/01/15 16:24:27 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd106n.dll
[2010/01/15 16:24:27 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101.dll
[2010/01/15 16:24:26 | 02,479,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoeres.dll
[2010/01/15 16:24:26 | 00,364,544 | ---- | C] (Microsoft Corporation (written by Digital Renaissance Inc.)) -- C:\WINDOWS\System32\dllcache\npdsplay.dll
[2010/01/15 16:24:26 | 00,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mst120.dll
[2010/01/15 16:24:26 | 00,229,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmas.dll
[2010/01/15 16:24:26 | 00,226,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npdrmv2.dll
[2010/01/15 16:24:26 | 00,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nac.dll
[2010/01/15 16:24:26 | 00,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmwb.dll
[2010/01/15 16:24:26 | 00,172,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmoldwb.dll
[2010/01/15 16:24:26 | 00,151,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmft.dll
[2010/01/15 16:24:26 | 00,090,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\muisetup.exe
[2010/01/15 16:24:26 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmchat.dll
[2010/01/15 16:24:26 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmcom.dll
[2010/01/15 16:24:26 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndisnpp.dll
[2010/01/15 16:24:26 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mst123.dll
[2010/01/15 16:24:26 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmasnt.dll
[2010/01/15 16:24:26 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nppagent.exe
[2010/01/15 16:24:26 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npwmsdrm.dll
[2010/01/15 16:24:25 | 02,180,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe
[2010/01/15 16:24:25 | 02,136,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe
[2010/01/15 16:24:25 | 02,057,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlpa.exe
[2010/01/15 16:24:25 | 02,015,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe
[2010/01/15 16:24:25 | 00,741,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapi.dll
[2010/01/15 16:24:25 | 00,380,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rstrui.exe
[2010/01/15 16:24:25 | 00,281,088 | ---- | C] (Cinematronics) -- C:\WINDOWS\System32\dllcache\pinball.exe
[2010/01/15 16:24:25 | 00,250,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sptip.dll
[2010/01/15 16:24:25 | 00,155,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapi.cpl
[2010/01/15 16:24:25 | 00,130,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\softkbd.dll
[2010/01/15 16:24:25 | 00,104,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oeimport.dll
[2010/01/15 16:24:25 | 00,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pchshell.dll
[2010/01/15 16:24:25 | 00,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setup50.exe
[2010/01/15 16:24:25 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rrcm.dll
[2010/01/15 16:24:25 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oemig50.exe
[2010/01/15 16:24:25 | 00,058,434 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srchctls.dll
[2010/01/15 16:24:25 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pchsvc.dll
[2010/01/15 16:24:25 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oemiglib.dll
[2010/01/15 16:24:25 | 00,026,624 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll
[2010/01/15 16:24:25 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rw001ext.dll
[2010/01/15 16:24:25 | 00,020,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.dll
[2010/01/15 16:24:25 | 00,016,437 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.exe
[2010/01/15 16:24:24 | 00,851,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vgx.dll
[2010/01/15 16:24:24 | 00,725,566 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srchui.dll
[2010/01/15 16:24:24 | 00,510,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab32.dll
[2010/01/15 16:24:24 | 00,347,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tourstrt.exe
[2010/01/15 16:24:24 | 00,249,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab32res.dll
[2010/01/15 16:24:24 | 00,150,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uploadm.exe
[2010/01/15 16:24:24 | 00,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wabimp.dll
[2010/01/15 16:24:24 | 00,046,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab.exe
[2010/01/15 16:24:24 | 00,032,827 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptest.exe
[2010/01/15 16:24:24 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wabfind.dll
[2010/01/15 16:24:24 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wabmig.exe
[2010/01/15 16:24:24 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptsat.dll
[2010/01/15 16:24:23 | 01,352,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cimwin32.dll
[2010/01/15 16:24:23 | 00,236,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smi2smir.exe
[2010/01/15 16:24:22 | 00,530,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcore.dll
[2010/01/15 16:24:22 | 00,505,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iis.dll
[2010/01/15 16:24:22 | 00,358,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpincl.dll
[2010/01/15 16:24:22 | 00,315,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdasql.dll
[2010/01/15 16:24:22 | 00,273,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemess.dll
[2010/01/15 16:24:22 | 00,259,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comsetup.dll
[2010/01/15 16:24:22 | 00,259,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpcl.dll
[2010/01/15 16:24:22 | 00,247,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\esscli.dll
[2010/01/15 16:24:22 | 00,237,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\provthrd.dll
[2010/01/15 16:24:22 | 00,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaora.dll
[2010/01/15 16:24:22 | 00,214,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcomn.dll
[2010/01/15 16:24:22 | 00,212,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntevt.dll
[2010/01/15 16:24:22 | 00,204,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaps.dll
[2010/01/15 16:24:22 | 00,197,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemupgd.dll
[2010/01/15 16:24:22 | 00,196,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiadap.exe
[2010/01/15 16:24:22 | 00,196,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcntl.dll
[2010/01/15 16:24:22 | 00,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpsmir.dll
[2010/01/15 16:24:22 | 00,185,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\framedyn.dll
[2010/01/15 16:24:22 | 00,178,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemdisp.dll
[2010/01/15 16:24:22 | 00,177,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\repdrvfs.dll
[2010/01/15 16:24:22 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipcima.dll
[2010/01/15 16:24:22 | 00,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmisvc.dll
[2010/01/15 16:24:22 | 00,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprov.dll
[2010/01/15 16:24:22 | 00,140,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmidcprv.dll
[2010/01/15 16:24:22 | 00,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsocm.dll
[2010/01/15 16:24:22 | 00,132,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipdskq.dll
[2010/01/15 16:24:22 | 00,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\viewprov.dll
[2010/01/15 16:24:22 | 00,126,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiapsrv.exe
[2010/01/15 16:24:22 | 00,123,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mofd.dll
[2010/01/15 16:24:22 | 00,121,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsoc.dll
[2010/01/15 16:24:22 | 00,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemtest.exe
[2010/01/15 16:24:22 | 00,115,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imsinsnt.dll
[2010/01/15 16:24:22 | 00,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setupqry.dll
[2010/01/15 16:24:22 | 00,095,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiutils.dll
[2010/01/15 16:24:22 | 00,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiaprpl.dll
[2010/01/15 16:24:22 | 00,086,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\stdprov.dll
[2010/01/15 16:24:22 | 00,082,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtcstp.dll
[2010/01/15 16:24:22 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaosp.dll
[2010/01/15 16:24:22 | 00,077,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netoc.dll
[2010/01/15 16:24:22 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcons.dll
[2010/01/15 16:24:22 | 00,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipjobj.dll
[2010/01/15 16:24:22 | 00,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoc.dll
[2010/01/15 16:24:22 | 00,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipiprt.dll
[2010/01/15 16:24:22 | 00,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmicookr.dll
[2010/01/15 16:24:22 | 00,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ncprov.dll
[2010/01/15 16:24:22 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemsvc.dll
[2010/01/15 16:24:22 | 00,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemperf.dll
[2010/01/15 16:24:22 | 00,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipsess.dll
[2010/01/15 16:24:22 | 00,040,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpthrd.dll
[2010/01/15 16:24:22 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scrcons.exe
[2010/01/15 16:24:22 | 00,032,828 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp40ext.dll
[2010/01/15 16:24:22 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\krnlprov.dll
[2010/01/15 16:24:22 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntrprv.dll
[2010/01/15 16:24:22 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemprox.dll
[2010/01/15 16:24:22 | 00,017,408 | ---- | C] (Microsoft Corp.) -- C:\WINDOWS\System32\dllcache\ocmsn.dll
[2010/01/15 16:24:22 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdasqlr.dll
[2010/01/15 16:24:22 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaorar.dll
[2010/01/15 16:24:22 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mofcomp.exe
[2010/01/15 16:24:22 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ocgen.dll
[2010/01/15 16:24:22 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msgrocm.dll
[2010/01/15 16:24:22 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiapres.dll
[2010/01/15 16:24:22 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdasc.dll
[2010/01/15 16:24:22 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaer.dll
[2010/01/15 16:24:22 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaenum.dll
[2010/01/15 16:24:22 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdadc.dll
[2010/01/15 16:24:21 | 01,033,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\explorer.exe
[2010/01/15 16:24:21 | 01,033,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
[2010/01/15 16:24:21 | 00,561,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobmain.dll
[2010/01/15 16:24:21 | 00,487,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oledb32.dll
[2010/01/15 16:24:21 | 00,283,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\winhlp32.exe
[2010/01/15 16:24:21 | 00,283,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winhlp32.exe
[2010/01/15 16:24:21 | 00,217,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sqlxmlx.dll
[2010/01/15 16:24:21 | 00,146,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\regedit.exe
[2010/01/15 16:24:21 | 00,122,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobcomm.dll
[2010/01/15 16:24:21 | 00,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdatl3.dll
[2010/01/15 16:24:21 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oledb32r.dll
[2010/01/15 16:24:21 | 00,050,688 | ---- | C] (Twain Working Group) -- C:\WINDOWS\twain_32.dll
[2010/01/15 16:24:21 | 00,050,688 | ---- | C] (Twain Working Group) -- C:\WINDOWS\System32\dllcache\twain_32.dll
[2010/01/15 16:24:21 | 00,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobshel.dll
[2010/01/15 16:24:21 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxactps.dll
[2010/01/15 16:24:21 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdatt.dll
[2010/01/15 16:24:21 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobdl.dll
[2010/01/15 16:24:21 | 00,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hh.exe
[2010/01/15 16:24:21 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaurl.dll
[2010/01/15 16:24:20 | 01,024,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\browseui.dll
[2010/01/15 16:24:20 | 00,580,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\autofmt.exe
[2010/01/15 16:24:20 | 00,580,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\autofmt.exe
[2010/01/15 16:24:20 | 00,549,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\appwiz.cpl
[2010/01/15 16:24:20 | 00,285,696 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\dllcache\atmfd.dll
[2010/01/15 16:24:20 | 00,285,696 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\atmfd.dll
[2010/01/15 16:24:20 | 00,263,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adsnt.dll
[2010/01/15 16:24:20 | 00,263,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\adsnt.dll
[2010/01/15 16:24:20 | 00,240,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migwiz.exe
[2010/01/15 16:24:20 | 00,225,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\catsrv.dll
[2010/01/15 16:24:20 | 00,225,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrv.dll
[2010/01/15 16:24:20 | 00,202,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\script.dll
[2010/01/15 16:24:20 | 00,201,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migism.dll
[2010/01/15 16:24:20 | 00,194,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\activeds.dll
[2010/01/15 16:24:20 | 00,194,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\activeds.dll
[2010/01/15 16:24:20 | 00,183,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\accwiz.exe
[2010/01/15 16:24:20 | 00,183,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\accwiz.exe
[2010/01/15 16:24:20 | 00,175,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adsldp.dll
[2010/01/15 16:24:20 | 00,175,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\adsldp.dll
[2010/01/15 16:24:20 | 00,168,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sysmod.dll
[2010/01/15 16:24:20 | 00,143,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adsldpc.dll
[2010/01/15 16:24:20 | 00,143,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\adsldpc.dll
[2010/01/15 16:24:20 | 00,142,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\capesnpn.dll
[2010/01/15 16:24:20 | 00,142,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\capesnpn.dll
[2010/01/15 16:24:20 | 00,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\apphelp.dll
[2010/01/15 16:24:20 | 00,123,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\guitrn.dll
[2010/01/15 16:24:20 | 00,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asctrls.ocx
[2010/01/15 16:24:20 | 00,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\asctrls.ocx
[2010/01/15 16:24:20 | 00,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aclui.dll
[2010/01/15 16:24:20 | 00,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\aclui.dll
[2010/01/15 16:24:20 | 00,103,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migload.exe
[2010/01/15 16:24:20 | 00,101,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\actxprxy.dll
[2010/01/15 16:24:20 | 00,101,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\actxprxy.dll
[2010/01/15 16:24:20 | 00,100,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\6to4svc.dll
[2010/01/15 16:24:20 | 00,099,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\advpack.dll
[2010/01/15 16:24:20 | 00,099,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\advpack.dll
[2010/01/15 16:24:20 | 00,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ahui.exe
[2010/01/15 16:24:20 | 00,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ahui.exe
[2010/01/15 16:24:20 | 00,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\catsrvps.dll
[2010/01/15 16:24:20 | 00,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvps.dll
[2010/01/15 16:24:20 | 00,084,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avifil32.dll
[2010/01/15 16:24:20 | 00,084,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avifil32.dll
[2010/01/15 16:24:20 | 00,084,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cabview.dll
[2010/01/15 16:24:20 | 00,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\browsewm.dll
[2010/01/15 16:24:20 | 00,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\browsewm.dll
[2010/01/15 16:24:20 | 00,077,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\browser.dll
[2010/01/15 16:24:20 | 00,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\access.cpl
[2010/01/15 16:24:20 | 00,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\access.cpl
[2010/01/15 16:24:20 | 00,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adsmsext.dll
[2010/01/15 16:24:20 | 00,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\adsmsext.dll
[2010/01/15 16:24:20 | 00,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asycfilt.dll
[2010/01/15 16:24:20 | 00,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\asycfilt.dll
[2010/01/15 16:24:20 | 00,063,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\browselc.dll
[2010/01/15 16:24:20 | 00,063,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\browselc.dll
[2010/01/15 16:24:20 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admparse.dll
[2010/01/15 16:24:20 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\admparse.dll
[2010/01/15 16:24:20 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cabinet.dll
[2010/01/15 16:24:20 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cabinet.dll
[2010/01/15 16:24:20 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atl.dll
[2010/01/15 16:24:20 | 00,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\authz.dll
[2010/01/15 16:24:20 | 00,052,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\basesrv.dll
[2010/01/15 16:24:20 | 00,052,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\basesrv.dll
[2010/01/15 16:24:20 | 00,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oobebaln.exe
[2010/01/15 16:24:20 | 00,050,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camocx.dll
[2010/01/15 16:24:20 | 00,050,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\camocx.dll
[2010/01/15 16:24:20 | 00,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\alg.exe
[2010/01/15 16:24:20 | 00,042,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\audiosrv.dll
[2010/01/15 16:24:20 | 00,030,208 | ---- | C] (Adobe Systems) -- C:\WINDOWS\System32\dllcache\atmlib.dll
[2010/01/15 16:24:20 | 00,030,208 | ---- | C] (Adobe Systems) -- C:\WINDOWS\System32\atmlib.dll
[2010/01/15 16:24:20 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\batmeter.dll
[2010/01/15 16:24:20 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\batmeter.dll
[2010/01/15 16:24:20 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoobe.exe
[2010/01/15 16:24:20 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\at.exe
[2010/01/15 16:24:20 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\at.exe
[2010/01/15 16:24:20 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\log.dll
[2010/01/15 16:24:20 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobweb.dll
[2010/01/15 16:24:20 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bidispl.dll
[2010/01/15 16:24:20 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bidispl.dll
[2010/01/15 16:24:20 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\alrsvc.dll
[2010/01/15 16:24:20 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\autolfn.exe
[2010/01/15 16:24:20 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\autolfn.exe
[2010/01/15 16:24:20 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\attrib.exe
[2010/01/15 16:24:20 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\attrib.exe
[2010/01/15 16:24:20 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atmadm.exe
[2010/01/15 16:24:20 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\atmadm.exe
[2010/01/15 16:24:20 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\batt.dll
[2010/01/15 16:24:20 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\batt.dll
[2010/01/15 16:24:20 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\actmovie.exe
[2010/01/15 16:24:20 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\actmovie.exe
[2010/01/15 16:24:19 | 02,067,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cdosys.dll
[2010/01/15 16:24:19 | 02,067,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cdosys.dll
[2010/01/15 16:24:19 | 00,625,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\catsrvut.dll
[2010/01/15 16:24:19 | 00,625,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvut.dll
[2010/01/15 16:24:19 | 00,498,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clbcatq.dll
[2010/01/15 16:24:19 | 00,457,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\certmgr.dll
[2010/01/15 16:24:19 | 00,457,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\certmgr.dll
[2010/01/15 16:24:19 | 00,343,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmdial32.dll
[2010/01/15 16:24:19 | 00,343,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmdial32.dll
[2010/01/15 16:24:19 | 00,229,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\compstui.dll
[2010/01/15 16:24:19 | 00,229,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\compstui.dll
[2010/01/15 16:24:19 | 00,194,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\certcli.dll
[2010/01/15 16:24:19 | 00,194,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\certcli.dll
[2010/01/15 16:24:19 | 00,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmprops.dll
[2010/01/15 16:24:19 | 00,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmprops.dll
[2010/01/15 16:24:19 | 00,151,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cdfview.dll
[2010/01/15 16:24:19 | 00,110,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clbcatex.dll
[2010/01/15 16:24:19 | 00,110,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clbcatex.dll
[2010/01/15 16:24:19 | 00,109,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cic.dll
[2010/01/15 16:24:19 | 00,109,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cic.dll
[2010/01/15 16:24:19 | 00,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clipbrd.exe
[2010/01/15 16:24:19 | 00,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clipbrd.exe
[2010/01/15 16:24:19 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cliconfg.dll
[2010/01/15 16:24:19 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ciodm.dll
[2010/01/15 16:24:19 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ciodm.dll
[2010/01/15 16:24:19 | 00,064,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cleanmgr.exe
[2010/01/15 16:24:19 | 00,064,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cleanmgr.exe
[2010/01/15 16:24:19 | 00,063,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmstp.exe
[2010/01/15 16:24:19 | 00,063,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmstp.exe
[2010/01/15 16:24:19 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\colbact.dll
[2010/01/15 16:24:19 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\colbact.dll
[2010/01/15 16:24:19 | 00,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clusapi.dll
[2010/01/15 16:24:19 | 00,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clusapi.dll
[2010/01/15 16:24:19 | 00,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cnbjmon.dll
[2010/01/15 16:24:19 | 00,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmdl32.exe
[2010/01/15 16:24:19 | 00,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmdl32.exe
[2010/01/15 16:24:19 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmutil.dll
[2010/01/15 16:24:19 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmutil.dll
[2010/01/15 16:24:19 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmmon32.exe
[2010/01/15 16:24:19 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmmon32.exe
[2010/01/15 16:24:19 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cfgbkend.dll
[2010/01/15 16:24:19 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cfgbkend.dll
[2010/01/15 16:24:19 | 00,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clipsrv.exe
[2010/01/15 16:24:19 | 00,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comaddin.dll
[2010/01/15 16:24:19 | 00,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comaddin.dll
[2010/01/15 16:24:19 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cliconfg.rll
[2010/01/15 16:24:19 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cliconfg.exe
[2010/01/15 16:24:19 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cfgmgr32.dll
[2010/01/15 16:24:19 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cfgmgr32.dll
[2010/01/15 16:24:19 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmcfg32.dll
[2010/01/15 16:24:19 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmcfg32.dll
[2010/01/15 16:24:19 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cisvc.exe
[2010/01/15 16:24:18 | 01,501,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\diskcopy.dll
[2010/01/15 16:24:18 | 01,267,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comsvcs.dll
[2010/01/15 16:24:18 | 01,267,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsvcs.dll
[2010/01/15 16:24:18 | 01,179,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\d3d8.dll
[2010/01/15 16:24:18 | 01,179,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3d8.dll
[2010/01/15 16:24:18 | 01,054,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\danim.dll
[2010/01/15 16:24:18 | 01,054,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\danim.dll
[2010/01/15 16:24:18 | 00,825,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\d3dim700.dll
[2010/01/15 16:24:18 | 00,825,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dim700.dll
[2010/01/15 16:24:18 | 00,792,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comres.dll
[2010/01/15 16:24:18 | 00,640,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dbghelp.dll
[2010/01/15 16:24:18 | 00,640,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dbghelp.dll
[2010/01/15 16:24:18 | 00,597,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\crypt32.dll
[2010/01/15 16:24:18 | 00,540,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comuid.dll
[2010/01/15 16:24:18 | 00,540,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comuid.dll
[2010/01/15 16:24:18 | 00,512,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cryptui.dll
[2010/01/15 16:24:18 | 00,370,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dhcpmon.dll
[2010/01/15 16:24:18 | 00,370,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dhcpmon.dll
[2010/01/15 16:24:18 | 00,345,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\confmsp.dll
[2010/01/15 16:24:18 | 00,345,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\confmsp.dll
[2010/01/15 16:24:18 | 00,326,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cscui.dll
[2010/01/15 16:24:18 | 00,282,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\devmgr.dll
[2010/01/15 16:24:18 | 00,282,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\devmgr.dll
[2010/01/15 16:24:18 | 00,273,920 | ---- | C] (Microsoft Corp.) -- C:\WINDOWS\System32\dmdlgs.dll
[2010/01/15 16:24:18 | 00,273,920 | ---- | C] (Microsoft Corp.) -- C:\WINDOWS\System32\dllcache\dmdlgs.dll
[2010/01/15 16:24:18 | 00,266,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ddraw.dll
[2010/01/15 16:24:18 | 00,266,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ddraw.dll
[2010/01/15 16:24:18 | 00,224,768 | ---- | C] (Microsoft Corp., Veritas Software) -- C:\WINDOWS\System32\dllcache\dmadmin.exe
[2010/01/15 16:24:18 | 00,200,704 | ---- | C] (Microsoft Corp.) -- C:\WINDOWS\System32\dmdskmgr.dll
[2010/01/15 16:24:18 | 00,200,704 | ---- | C] (Microsoft Corp.) -- C:\WINDOWS\System32\dllcache\dmdskmgr.dll
[2010/01/15 16:24:18 | 00,181,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dinput8.dll
[2010/01/15 16:24:18 | 00,181,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dinput8.dll
[2010/01/15 16:24:18 | 00,181,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dmime.dll
[2010/01/15 16:24:18 | 00,181,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmime.dll
[2010/01/15 16:24:18 | 00,163,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\diskpart.exe
[2010/01/15 16:24:18 | 00,163,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\diskpart.exe
[2010/01/15 16:24:18 | 00,163,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\credui.dll
[2010/01/15 16:24:18 | 00,163,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\credui.dll
[2010/01/15 16:24:18 | 00,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dinput.dll
[2010/01/15 16:24:18 | 00,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dinput.dll
[2010/01/15 16:24:18 | 00,153,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\daxctle.ocx
[2010/01/15 16:24:18 | 00,153,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\daxctle.ocx
[2010/01/15 16:24:18 | 00,152,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\datime.dll
[2010/01/15 16:24:18 | 00,152,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\datime.dll
[2010/01/15 16:24:18 | 00,147,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comsnap.dll
[2010/01/15 16:24:18 | 00,147,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsnap.dll
[2010/01/15 16:24:18 | 00,123,904 | ---- | C] (Microsoft Corp. and Executive Software International, Inc.) -- C:\WINDOWS\System32\dllcache\dfrgui.dll
[2010/01/15 16:24:18 | 00,123,904 | ---- | C] (Microsoft Corp. and Executive Software International, Inc.) -- C:\WINDOWS\System32\dfrgui.dll
[2010/01/15 16:24:18 | 00,111,104 | ---- | C] (Microsoft) -- C:\WINDOWS\System32\dllcache\dgnet.dll
[2010/01/15 16:24:18 | 00,111,104 | ---- | C] (Microsoft) -- C:\WINDOWS\System32\dgnet.dll
[2010/01/15 16:24:18 | 00,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dbnetlib.dll
[2010/01/15 16:24:18 | 00,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dbnetlib.dll
[2010/01/15 16:24:18 | 00,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dmstyle.dll
[2010/01/15 16:24:18 | 00,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmstyle.dll
[2010/01/15 16:24:18 | 00,104,960 | ---- | C] (Microsoft Corp. and Executive Software International, Inc.) -- C:\WINDOWS\System32\dllcache\dfrgntfs.exe
[2010/01/15 16:24:18 | 00,104,960 | ---- | C] (Microsoft Corp. and Executive Software International, Inc.) -- C:\WINDOWS\System32\dfrgntfs.exe
[2010/01/15 16:24:18 | 00,101,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cscdll.dll
[2010/01/15 16:24:18 | 00,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cscript.exe
[2010/01/15 16:24:18 | 00,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cscript.exe
[2010/01/15 16:24:18 | 00,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrepl.dll
[2010/01/15 16:24:18 | 00,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comrepl.dll
[2010/01/15 16:24:18 | 00,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\diantz.exe
[2010/01/15 16:24:18 | 00,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\diantz.exe
[2010/01/15 16:24:18 | 00,082,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dmscript.dll
[2010/01/15 16:24:18 | 00,082,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmscript.dll
[2010/01/15 16:24:18 | 00,082,432 | ---- | C] (Microsoft Corp. and Executive Software International, Inc.) -- C:\WINDOWS\System32\dllcache\dfrgfat.exe
[2010/01/15 16:24:18 | 00,082,432 | ---- | C] (Microsoft Corp. and Executive Software International, Inc.) -- C:\WINDOWS\System32\dfrgfat.exe
[2010/01/15 16:24:18 | 00,074,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cryptdlg.dll
[2010/01/15 16:24:18 | 00,074,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cryptdlg.dll
[2010/01/15 16:24:18 | 00,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\digest.dll
[2010/01/15 16:24:18 | 00,063,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cryptnet.dll
[2010/01/15 16:24:18 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dmcompos.dll
[2010/01/15 16:24:18 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmcompos.dll
[2010/01/15 16:24:18 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cryptsvc.dll
[2010/01/15 16:24:18 | 00,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dataclen.dll
[2010/01/15 16:24:18 | 00,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dataclen.dll
[2010/01/15 16:24:18 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cryptext.dll
[2010/01/15 16:24:18 | 00,045,083 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dispex.dll
[2010/01/15 16:24:18 | 00,045,083 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dispex.dll
[2010/01/15 16:24:18 | 00,038,912 | ---- | C] (Microsoft Corp. and Executive Software International, Inc.) -- C:\WINDOWS\System32\dllcache\dfrgsnap.dll
[2010/01/15 16:24:18 | 00,038,912 | ---- | C] (Microsoft Corp. and Executive Software International, Inc.) -- C:\WINDOWS\System32\dfrgsnap.dll
[2010/01/15 16:24:18 | 00,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dmloader.dll
[2010/01/15 16:24:18 | 00,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmloader.dll
[2010/01/15 16:24:18 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\corpol.dll
[2010/01/15 16:24:18 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\corpol.dll
[2010/01/15 16:24:18 | 00,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cryptdll.dll
[2010/01/15 16:24:18 | 00,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cryptdll.dll
[2010/01/15 16:24:18 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ddeshare.exe
[2010/01/15 16:24:18 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ddeshare.exe
[2010/01/15 16:24:18 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dmband.dll
[2010/01/15 16:24:18 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmband.dll
[2010/01/15 16:24:18 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dfsshlex.dll
[2010/01/15 16:24:18 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dbnmpntw.dll
[2010/01/15 16:24:18 | 00,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\conime.exe
[2010/01/15 16:24:18 | 00,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\conime.exe
[2010/01/15 16:24:18 | 00,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ddrawex.dll
[2010/01/15 16:24:18 | 00,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ddrawex.dll
[2010/01/15 16:24:18 | 00,025,088 | ---- | C] (Microsoft Corp. and Executive Software International, Inc.) -- C:\WINDOWS\System32\dllcache\defrag.exe
[2010/01/15 16:24:18 | 00,025,088 | ---- | C] (Microsoft Corp. and Executive Software International, Inc.) -- C:\WINDOWS\System32\defrag.exe
[2010/01/15 16:24:18 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dbmsrpcn.dll
[2010/01/15 16:24:18 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\davclnt.dll
[2010/01/15 16:24:18 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\davclnt.dll
[2010/01/15 16:24:18 | 00,023,552 | ---- | C] (Microsoft Corp.) -- C:\WINDOWS\System32\dllcache\dmserver.dll
[2010/01/15 16:24:18 | 00,015,872 | ---- | C] (Microsoft Corp.) -- C:\WINDOWS\System32\dmremote.exe
[2010/01/15 16:24:18 | 00,015,872 | ---- | C] (Microsoft Corp.) -- C:\WINDOWS\System32\dllcache\dmremote.exe
[2010/01/15 16:24:18 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ctfmon.exe
[2010/01/15 16:24:18 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dciman32.dll
[2010/01/15 16:24:18 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dciman32.dll
[2010/01/15 16:24:18 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\d3d8thk.dll
[2010/01/15 16:24:18 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3d8thk.dll
[2010/01/15 16:24:18 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\csrss.exe
[2010/01/15 16:24:18 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dllhost.exe
[2010/01/15 16:24:18 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dcomcnfg.exe
[2010/01/15 16:24:18 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dcomcnfg.exe
[2010/01/15 16:24:17 | 01,298,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dxdiag.exe
[2010/01/15 16:24:17 | 01,298,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dxdiag.exe
[2010/01/15 16:24:17 | 01,294,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dsound3d.dll
[2010/01/15 16:24:17 | 01,294,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsound3d.dll
[2010/01/15 16:24:17 | 01,227,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dx8vb.dll
[2010/01/15 16:24:17 | 01,227,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dx8vb.dll
[2010/01/15 16:24:17 | 00,619,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dx7vb.dll
[2010/01/15 16:24:17 | 00,619,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dx7vb.dll
[2010/01/15 16:24:17 | 00,375,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpnet.dll
[2010/01/15 16:24:17 | 00,375,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnet.dll
[2010/01/15 16:24:17 | 00,367,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dsound.dll
[2010/01/15 16:24:17 | 00,367,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsound.dll
[2010/01/15 16:24:17 | 00,357,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dxtmsft.dll
[2010/01/15 16:24:17 | 00,357,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dxtmsft.dll
[2010/01/15 16:24:17 | 00,304,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\duser.dll
[2010/01/15 16:24:17 | 00,304,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\duser.dll
[2010/01/15 16:24:17 | 00,239,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsquery.dll
[2010/01/15 16:24:17 | 00,229,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dplayx.dll
[2010/01/15 16:24:17 | 00,229,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dplayx.dll
[2010/01/15 16:24:17 | 00,212,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpvoice.dll
[2010/01/15 16:24:17 | 00,212,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpvoice.dll
[2010/01/15 16:24:17 | 00,205,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dxtrans.dll
[2010/01/15 16:24:17 | 00,205,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dxtrans.dll
[2010/01/15 16:24:17 | 00,181,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dsdmo.dll
[2010/01/15 16:24:17 | 00,181,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsdmo.dll
[2010/01/15 16:24:17 | 00,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dwwin.exe
[2010/01/15 16:24:17 | 00,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dwwin.exe
[2010/01/15 16:24:17 | 00,148,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dnsapi.dll
[2010/01/15 16:24:17 | 00,144,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dskquoui.dll
[2010/01/15 16:24:17 | 00,142,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dsprop.dll
[2010/01/15 16:24:17 | 00,142,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsprop.dll
[2010/01/15 16:24:17 | 00,137,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dssenh.dll
[2010/01/15 16:24:17 | 00,137,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dssenh.dll
[2010/01/15 16:24:17 | 00,116,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpvvox.dll
[2010/01/15 16:24:17 | 00,116,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpvvox.dll
[2010/01/15 16:24:17 | 00,113,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsuiext.dll
[2010/01/15 16:24:17 | 00,104,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dmusic.dll
[2010/01/15 16:24:17 | 00,104,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmusic.dll
[2010/01/15 16:24:17 | 00,103,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dmsynth.dll
[2010/01/15 16:24:17 | 00,103,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmsynth.dll
[2010/01/15 16:24:17 | 00,092,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dskquota.dll
[2010/01/15 16:24:17 | 00,092,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dskquota.dll
[2010/01/15 16:24:17 | 00,083,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpvsetup.exe
[2010/01/15 16:24:17 | 00,083,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpvsetup.exe
[2010/01/15 16:24:17 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dsdmoprp.dll
[2010/01/15 16:24:17 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsdmoprp.dll
[2010/01/15 16:24:17 | 00,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpnhupnp.dll
[2010/01/15 16:24:17 | 00,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnhupnp.dll
[2010/01/15 16:24:17 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpwsockx.dll
[2010/01/15 16:24:17 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpwsockx.dll
[2010/01/15 16:24:17 | 00,052,224 | ---- | C] (Microsoft Corp.) -- C:\WINDOWS\System32\dmutil.dll
[2010/01/15 16:24:17 | 00,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dssec.dll
[2010/01/15 16:24:17 | 00,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\docprop2.dll
[2010/01/15 16:24:17 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dnsrslvr.dll
[2010/01/15 16:24:17 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpnhpast.dll
[2010/01/15 16:24:17 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnhpast.dll
[2010/01/15 16:24:17 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dplaysvr.exe
[2010/01/15 16:24:17 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dplaysvr.exe
[2010/01/15 16:24:17 | 00,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpmodemx.dll
[2010/01/15 16:24:17 | 00,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpmodemx.dll
[2010/01/15 16:24:17 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpvacm.dll
[2010/01/15 16:24:17 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpvacm.dll
[2010/01/15 16:24:17 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dswave.dll
[2010/01/15 16:24:17 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dswave.dll
[2010/01/15 16:24:17 | 00,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpnsvr.exe
[2010/01/15 16:24:17 | 00,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnsvr.exe
[2010/01/15 16:24:17 | 00,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dvdupgrd.exe
[2010/01/15 16:24:17 | 00,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dvdupgrd.exe
[2010/01/15 16:24:17 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ds32gt.dll
[2010/01/15 16:24:17 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ds32gt.dll
[2010/01/15 16:24:17 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drprov.dll
[2010/01/15 16:24:17 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drprov.dll
[2010/01/15 16:24:17 | 00,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dumprep.exe
[2010/01/15 16:24:17 | 00,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpnlobby.dll
[2010/01/15 16:24:17 | 00,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnlobby.dll
[2010/01/15 16:24:17 | 00,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpnaddr.dll
[2010/01/15 16:24:17 | 00,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnaddr.dll
[2010/01/15 16:24:16 | 01,082,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\esent.dll
[2010/01/15 16:24:16 | 01,082,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\esent.dll
[2010/01/15 16:24:16 | 00,614,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\h323msp.dll
[2010/01/15 16:24:16 | 00,614,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\h323msp.dll
[2010/01/15 16:24:16 | 00,562,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsst.dll
[2010/01/15 16:24:16 | 00,562,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsst.dll
[2010/01/15 16:24:16 | 00,546,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\hhctrl.ocx
[2010/01/15 16:24:16 | 00,546,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hhctrl.ocx
[2010/01/15 16:24:16 | 00,452,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsapi.dll
[2010/01/15 16:24:16 | 00,452,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsapi.dll
[2010/01/15 16:24:16 | 00,400,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsxp32.dll
[2010/01/15 16:24:16 | 00,400,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsxp32.dll
[2010/01/15 16:24:16 | 00,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxstiff.dll
[2010/01/15 16:24:16 | 00,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxstiff.dll
[2010/01/15 16:24:16 | 00,382,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fontext.dll
[2010/01/15 16:24:16 | 00,380,957 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\expsrv.dll
[2010/01/15 16:24:16 | 00,380,957 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\expsrv.dll
[2010/01/15 16:24:16 | 00,347,136 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\hypertrm.dll
[2010/01/15 16:24:16 | 00,344,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\hnetcfg.dll
[2010/01/15 16:24:16 | 00,344,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hnetcfg.dll
[2010/01/15 16:24:16 | 00,337,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\filemgmt.dll
[2010/01/15 16:24:16 | 00,337,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\filemgmt.dll
[2010/01/15 16:24:16 | 00,330,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\hnetwiz.dll
[2010/01/15 16:24:16 | 00,330,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hnetwiz.dll
[2010/01/15 16:24:16 | 00,285,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxscomex.dll
[2010/01/15 16:24:16 | 00,285,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscomex.dll
[2010/01/15 16:24:16 | 00,282,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gdi32.dll
[2010/01/15 16:24:16 | 00,267,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssvc.exe
[2010/01/15 16:24:16 | 00,265,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\h323.tsp
[2010/01/15 16:24:16 | 00,265,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\h323.tsp
[2010/01/15 16:24:16 | 00,254,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icm32.dll
[2010/01/15 16:24:16 | 00,254,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icm32.dll
[2010/01/15 16:24:16 | 00,246,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxst30.dll
[2010/01/15 16:24:16 | 00,246,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxst30.dll
[2010/01/15 16:24:16 | 00,243,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\es.dll
[2010/01/15 16:24:16 | 00,229,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxscover.exe
[2010/01/15 16:24:16 | 00,229,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscover.exe
[2010/01/15 16:24:16 | 00,193,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eudcedit.exe
[2010/01/15 16:24:16 | 00,193,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\eudcedit.exe
[2010/01/15 16:24:16 | 00,192,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxswzrd.dll
[2010/01/15 16:24:16 | 00,192,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxswzrd.dll
[2010/01/15 16:24:16 | 00,183,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\els.dll
[2010/01/15 16:24:16 | 00,183,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\els.dll
[2010/01/15 16:24:16 | 00,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\hdwwiz.cpl
[2010/01/15 16:24:16 | 00,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hdwwiz.cpl
[2010/01/15 16:24:16 | 00,154,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsui.dll
[2010/01/15 16:24:16 | 00,154,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsui.dll
[2010/01/15 16:24:16 | 00,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\hotplug.dll
[2010/01/15 16:24:16 | 00,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hotplug.dll
[2010/01/15 16:24:16 | 00,143,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsclnt.exe
[2010/01/15 16:24:16 | 00,143,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclnt.exe
[2010/01/15 16:24:16 | 00,122,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\glu32.dll
[2010/01/15 16:24:16 | 00,122,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\glu32.dll
[2010/01/15 16:24:16 | 00,121,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\exts.dll
[2010/01/15 16:24:16 | 00,121,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\exts.dll
[2010/01/15 16:24:16 | 00,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\iasrad.dll
[2010/01/15 16:24:16 | 00,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iasrad.dll
[2010/01/15 16:24:16 | 00,101,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\evntagnt.dll
[2010/01/15 16:24:16 | 00,101,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntagnt.dll
[2010/01/15 16:24:16 | 00,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\evntwin.exe
[2010/01/15 16:24:16 | 00,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntwin.exe
[2010/01/15 16:24:16 | 00,087,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fldrclnr.dll
[2010/01/15 16:24:16 | 00,087,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fldrclnr.dll
[2010/01/15 16:24:16 | 00,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fontsub.dll
[2010/01/15 16:24:16 | 00,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fontsub.dll
[2010/01/15 16:24:16 | 00,080,384 | ---- | C] (Radius Inc.) -- C:\WINDOWS\System32\iccvid.dll
[2010/01/15 16:24:16 | 00,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\faultrep.dll
[2010/01/15 16:24:16 | 00,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\faultrep.dll
[2010/01/15 16:24:16 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwdial.dll
[2010/01/15 16:24:16 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwdial.dll
[2010/01/15 16:24:16 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\hlink.dll
[2010/01/15 16:24:16 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hlink.dll
[2010/01/15 16:24:16 | 00,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxscom.dll
[2010/01/15 16:24:16 | 00,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscom.dll
[2010/01/15 16:24:16 | 00,055,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eventlog.dll
[2010/01/15 16:24:16 | 00,055,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\eventlog.dll
[2010/01/15 16:24:16 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsevent.dll
[2010/01/15 16:24:16 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsevent.dll
[2010/01/15 16:24:16 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\extrac32.exe
[2010/01/15 16:24:16 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\extrac32.exe
[2010/01/15 16:24:16 | 00,041,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\htui.dll
[2010/01/15 16:24:16 | 00,041,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\htui.dll
[2010/01/15 16:24:16 | 00,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\hhsetup.dll
[2010/01/15 16:24:16 | 00,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hhsetup.dll
[2010/01/15 16:24:16 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\hostmib.dll
[2010/01/15 16:24:16 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hostmib.dll
[2010/01/15 16:24:16 | 00,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\grpconv.exe
[2010/01/15 16:24:16 | 00,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\grpconv.exe
[2010/01/15 16:24:16 | 00,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\hidphone.tsp
[2010/01/15 16:24:16 | 00,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidphone.tsp
[2010/01/15 16:24:16 | 00,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsdrv.dll
[2010/01/15 16:24:16 | 00,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsdrv.dll
[2010/01/15 16:24:16 | 00,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\findstr.exe
[2010/01/15 16:24:16 | 00,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\findstr.exe
[2010/01/15 16:24:16 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\evntcmd.exe
[2010/01/15 16:24:16 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntcmd.exe
[2010/01/15 16:24:16 | 00,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsmon.dll
[2010/01/15 16:24:16 | 00,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsmon.dll
[2010/01/15 16:24:16 | 00,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsext32.dll
[2010/01/15 16:24:16 | 00,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsext32.dll
[2010/01/15 16:24:16 | 00,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ersvc.dll
[2010/01/15 16:24:16 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\feclient.dll
[2010/01/15 16:24:16 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\feclient.dll
[2010/01/15 16:24:16 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\hid.dll
[2010/01/15 16:24:16 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fontview.exe
[2010/01/15 16:24:16 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fontview.exe
[2010/01/15 16:24:16 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\help.exe
[2010/01/15 16:24:16 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\help.exe
[2010/01/15 16:24:16 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icaapi.dll
[2010/01/15 16:24:16 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icaapi.dll
[2010/01/15 16:24:16 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\gpkrsrc.dll
[2010/01/15 16:24:16 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gpkrsrc.dll
[2010/01/15 16:24:16 | 00,009,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\framebuf.dll
[2010/01/15 16:24:16 | 00,009,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\framebuf.dll
[2010/01/15 16:24:16 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsperf.dll
[2010/01/15 16:24:16 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsperf.dll
[2010/01/15 16:24:16 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\forcedos.exe
[2010/01/15 16:24:16 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\forcedos.exe
[2010/01/15 16:24:16 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsres.dll
[2010/01/15 16:24:16 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsres.dll
[2010/01/15 16:24:16 | 00,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icmp.dll
[2010/01/15 16:24:16 | 00,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icmp.dll
[2010/01/15 16:24:15 | 00,683,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcomm.dll
[2010/01/15 16:24:15 | 00,384,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipsmsnap.dll
[2010/01/15 16:24:15 | 00,384,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipsmsnap.dll
[2010/01/15 16:24:15 | 00,358,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcpl.cpl
[2010/01/15 16:24:15 | 00,358,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcpl.cpl
[2010/01/15 16:24:15 | 00,349,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipsecsnp.dll
[2010/01/15 16:24:15 | 00,349,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipsecsnp.dll
[2010/01/15 16:24:15 | 00,331,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipnathlp.dll
[2010/01/15 16:24:15 | 00,330,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ippromon.dll
[2010/01/15 16:24:15 | 00,330,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ippromon.dll
[2010/01/15 16:24:15 | 00,323,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\iedkcs32.dll
[2010/01/15 16:24:15 | 00,323,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedkcs32.dll
[2010/01/15 16:24:15 | 00,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcfg.dll
[2010/01/15 16:24:15 | 00,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcfg.dll
[2010/01/15 16:24:15 | 00,251,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\iepeers.dll
[2010/01/15 16:24:15 | 00,251,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iepeers.dll
[2010/01/15 16:24:15 | 00,216,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ieaksie.dll
[2010/01/15 16:24:15 | 00,216,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieaksie.dll
[2010/01/15 16:24:15 | 00,182,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipsecsvc.dll
[2010/01/15 16:24:15 | 00,169,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\iprtrmgr.dll
[2010/01/15 16:24:15 | 00,169,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iprtrmgr.dll
[2010/01/15 16:24:15 | 00,163,840 | ---- | C] (America Online) -- C:\WINDOWS\System32\jgdw400.dll
[2010/01/15 16:24:15 | 00,163,840 | ---- | C] (America Online) -- C:\WINDOWS\System32\dllcache\jgdw400.dll
[2010/01/15 16:24:15 | 00,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\itircl.dll
[2010/01/15 16:24:15 | 00,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\itircl.dll
[2010/01/15 16:24:15 | 00,154,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipmontr.dll
[2010/01/15 16:24:15 | 00,154,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipmontr.dll
[2010/01/15 16:24:15 | 00,150,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imapi.exe
[2010/01/15 16:24:15 | 00,147,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\initpki.dll
[2010/01/15 16:24:15 | 00,147,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\initpki.dll
[2010/01/15 16:24:15 | 00,139,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ieakeng.dll
[2010/01/15 16:24:15 | 00,139,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieakeng.dll
[2010/01/15 16:24:15 | 00,137,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\itss.dll
[2010/01/15 16:24:15 | 00,135,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ifmon.dll
[2010/01/15 16:24:15 | 00,135,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ifmon.dll
[2010/01/15 16:24:15 | 00,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\intl.cpl
[2010/01/15 16:24:15 | 00,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\intl.cpl
[2010/01/15 16:24:15 | 00,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\input.dll
[2010/01/15 16:24:15 | 00,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\input.dll
[2010/01/15 16:24:15 | 00,120,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\idq.dll
[2010/01/15 16:24:15 | 00,120,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\idq.dll
[2010/01/15 16:24:15 | 00,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\iexpress.exe
[2010/01/15 16:24:15 | 00,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iexpress.exe
[2010/01/15 16:24:15 | 00,110,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imm32.dll
[2010/01/15 16:24:15 | 00,096,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inseng.dll
[2010/01/15 16:24:15 | 00,096,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inseng.dll
[2010/01/15 16:24:15 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\iphlpapi.dll
[2010/01/15 16:24:15 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iphlpapi.dll
[2010/01/15 16:24:15 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\isign32.dll
[2010/01/15 16:24:15 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isign32.dll
[2010/01/15 16:24:15 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ils.dll
[2010/01/15 16:24:15 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ils.dll
[2010/01/15 16:24:15 | 00,075,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetpp.dll
[2010/01/15 16:24:15 | 00,075,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetpp.dll
[2010/01/15 16:24:15 | 00,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\joy.cpl
[2010/01/15 16:24:15 | 00,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\joy.cpl
[2010/01/15 16:24:15 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwphbk.dll
[2010/01/15 16:24:15 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwphbk.dll
[2010/01/15 16:24:15 | 00,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\iesetup.dll
[2010/01/15 16:24:15 | 00,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iesetup.dll
[2010/01/15 16:24:15 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipv6mon.dll
[2010/01/15 16:24:15 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipv6mon.dll
[2010/01/15 16:24:15 | 00,055,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipconfig.exe
[2010/01/15 16:24:15 | 00,055,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipconfig.exe
[2010/01/15 16:24:15 | 00,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ixsso.dll
[2010/01/15 16:24:15 | 00,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ixsso.dll
[2010/01/15 16:24:15 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipv6.exe
[2010/01/15 16:24:15 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipv6.exe
[2010/01/15 16:24:15 | 00,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\iernonce.dll
[2010/01/15 16:24:15 | 00,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iernonce.dll
[2010/01/15 16:24:15 | 00,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetres.dll
[2010/01/15 16:24:15 | 00,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetres.dll
[2010/01/15 16:24:15 | 00,036,921 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\imeshare.dll
[2010/01/15 16:24:15 | 00,036,921 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imeshare.dll
[2010/01/15 16:24:15 | 00,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\imgutil.dll
[2010/01/15 16:24:15 | 00,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imgutil.dll
[2010/01/15 16:24:15 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\iprip.dll
[2010/01/15 16:24:15 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iprip.dll
[2010/01/15 16:24:15 | 00,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ie4uinit.exe
[2010/01/15 16:24:15 | 00,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ie4uinit.exe
[2010/01/15 16:24:15 | 00,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetmib1.dll
[2010/01/15 16:24:15 | 00,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmib1.dll
[2010/01/15 16:24:15 | 00,032,768 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\isrdbg32.dll
[2010/01/15 16:24:15 | 00,032,768 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\isrdbg32.dll
[2010/01/15 16:24:15 | 00,027,648 | ---- | C] (Johnson-Grace Company) -- C:\WINDOWS\System32\jgpl400.dll
[2010/01/15 16:24:15 | 00,027,648 | ---- | C] (Johnson-Grace Company) -- C:\WINDOWS\System32\dllcache\jgpl400.dll
[2010/01/15 16:24:15 | 00,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipxroute.exe
[2010/01/15 16:24:15 | 00,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipxroute.exe
[2010/01/15 16:24:15 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipxwan.dll
[2010/01/15 16:24:15 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipxwan.dll
[2010/01/15 16:24:15 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipconf.tsp
[2010/01/15 16:24:15 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipconf.tsp
[2010/01/15 16:24:15 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetppui.dll
[2010/01/15 16:24:15 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetppui.dll
[2010/01/15 16:24:15 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\igmpagnt.dll
[2010/01/15 16:24:15 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\igmpagnt.dll
[2010/01/15 16:24:14 | 01,192,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcndmgr.dll
[2010/01/15 16:24:14 | 01,192,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mmcndmgr.dll
[2010/01/15 16:24:14 | 01,028,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc42.dll
[2010/01/15 16:24:14 | 01,028,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc42.dll
[2010/01/15 16:24:14 | 00,927,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc40u.dll
[2010/01/15 16:24:14 | 00,927,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc40u.dll
[2010/01/15 16:24:14 | 00,815,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmc.exe
[2010/01/15 16:24:14 | 00,815,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mmc.exe
[2010/01/15 16:24:14 | 00,618,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mmsys.cpl
[2010/01/15 16:24:14 | 00,586,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mlang.dll
[2010/01/15 16:24:14 | 00,586,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mlang.dll
[2010/01/15 16:24:14 | 00,514,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logonui.exe
[2010/01/15 16:24:14 | 00,450,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\jscript.dll
[2010/01/15 16:24:14 | 00,450,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jscript.dll
[2010/01/15 16:24:14 | 00,423,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\licdll.dll
[2010/01/15 16:24:14 | 00,423,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\licdll.dll
[2010/01/15 16:24:14 | 00,399,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lmrt.dll
[2010/01/15 16:24:14 | 00,295,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kerberos.dll
[2010/01/15 16:24:14 | 00,290,816 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\WINDOWS\System32\l3codeca.acm


#6 nappy212

nappy212
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:04:33 PM

Posted 19 January 2010 - 06:15 PM

3 of 3 ---- one additional Extras.txt file follows

Continuation of OTL file:

[2010/01/15 16:24:14 | 00,262,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mpg4ds32.ax
[2010/01/15 16:24:14 | 00,262,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpg4ds32.ax
[2010/01/15 16:24:14 | 00,221,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\localsec.dll
[2010/01/15 16:24:14 | 00,221,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\localsec.dll
[2010/01/15 16:24:14 | 00,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msadds32.ax
[2010/01/15 16:24:14 | 00,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadds32.ax
[2010/01/15 16:24:14 | 00,220,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\logon.scr
[2010/01/15 16:24:14 | 00,220,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logon.scr
[2010/01/15 16:24:14 | 00,216,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\moricons.dll
[2010/01/15 16:24:14 | 00,216,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\moricons.dll
[2010/01/15 16:24:14 | 00,207,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mobsync.dll
[2010/01/15 16:24:14 | 00,153,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\modemui.dll
[2010/01/15 16:24:14 | 00,153,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\modemui.dll
[2010/01/15 16:24:14 | 00,150,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\keymgr.dll
[2010/01/15 16:24:14 | 00,150,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\keymgr.dll
[2010/01/15 16:24:14 | 00,143,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mobsync.exe
[2010/01/15 16:24:14 | 00,143,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mobsync.exe
[2010/01/15 16:24:14 | 00,130,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksproxy.ax
[2010/01/15 16:24:14 | 00,130,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksproxy.ax
[2010/01/15 16:24:14 | 00,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mplay32.exe
[2010/01/15 16:24:14 | 00,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplay32.exe
[2010/01/15 16:24:14 | 00,118,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mdminst.dll
[2010/01/15 16:24:14 | 00,118,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mdminst.dll
[2010/01/15 16:24:14 | 00,097,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\loadperf.dll
[2010/01/15 16:24:14 | 00,097,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\loadperf.dll
[2010/01/15 16:24:14 | 00,087,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mprapi.dll
[2010/01/15 16:24:14 | 00,087,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mprapi.dll
[2010/01/15 16:24:14 | 00,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msapsspc.dll
[2010/01/15 16:24:14 | 00,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\makecab.exe
[2010/01/15 16:24:14 | 00,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\makecab.exe
[2010/01/15 16:24:14 | 00,084,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mciavi32.dll
[2010/01/15 16:24:14 | 00,084,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mciavi32.dll
[2010/01/15 16:24:14 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\magnify.exe
[2010/01/15 16:24:14 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\magnify.exe
[2010/01/15 16:24:14 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msacm32.dll
[2010/01/15 16:24:14 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msacm32.dll
[2010/01/15 16:24:14 | 00,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcbase.dll
[2010/01/15 16:24:14 | 00,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mmcbase.dll
[2010/01/15 16:24:14 | 00,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\miglibnt.dll
[2010/01/15 16:24:14 | 00,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\miglibnt.dll
[2010/01/15 16:24:14 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpr.dll
[2010/01/15 16:24:14 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\licwmi.dll
[2010/01/15 16:24:14 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\licwmi.dll
[2010/01/15 16:24:14 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msasn1.dll
[2010/01/15 16:24:14 | 00,050,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mmcshext.dll
[2010/01/15 16:24:14 | 00,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mprdim.dll
[2010/01/15 16:24:14 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mf3216.dll
[2010/01/15 16:24:14 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mf3216.dll
[2010/01/15 16:24:14 | 00,034,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mnmdd.dll
[2010/01/15 16:24:14 | 00,034,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mnmdd.dll
[2010/01/15 16:24:14 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\lmmib2.dll
[2010/01/15 16:24:14 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lmmib2.dll
[2010/01/15 16:24:14 | 00,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kmddsp.tsp
[2010/01/15 16:24:14 | 00,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kmddsp.tsp
[2010/01/15 16:24:14 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mnmsrvc.exe
[2010/01/15 16:24:14 | 00,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mciwave.dll
[2010/01/15 16:24:14 | 00,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mciwave.dll
[2010/01/15 16:24:14 | 00,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mciseq.dll
[2010/01/15 16:24:14 | 00,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mciseq.dll
[2010/01/15 16:24:14 | 00,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mfcsubs.dll
[2010/01/15 16:24:14 | 00,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfcsubs.dll
[2010/01/15 16:24:14 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lpk.dll
[2010/01/15 16:24:14 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\licmgr10.dll
[2010/01/15 16:24:14 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\licmgr10.dll
[2010/01/15 16:24:14 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\linkinfo.dll
[2010/01/15 16:24:14 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\linkinfo.dll
[2010/01/15 16:24:14 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mimefilt.dll
[2010/01/15 16:24:14 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mimefilt.dll
[2010/01/15 16:24:14 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\midimap.dll
[2010/01/15 16:24:14 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmfutil.dll
[2010/01/15 16:24:14 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mmfutil.dll
[2010/01/15 16:24:14 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\jsproxy.dll
[2010/01/15 16:24:14 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsproxy.dll
[2010/01/15 16:24:14 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\more.com
[2010/01/15 16:24:14 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mcastmib.dll
[2010/01/15 16:24:14 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mcastmib.dll
[2010/01/15 16:24:14 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lsass.exe
[2010/01/15 16:24:14 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\localui.dll
[2010/01/15 16:24:14 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\localui.dll
[2010/01/15 16:24:14 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\lprhelp.dll
[2010/01/15 16:24:14 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lprhelp.dll
[2010/01/15 16:24:14 | 00,007,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kd1394.dll
[2010/01/15 16:24:14 | 00,007,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kd1394.dll
[2010/01/15 16:24:14 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdnec.dll
[2010/01/15 16:24:14 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnec.dll
[2010/01/15 16:24:14 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksuser.dll
[2010/01/15 16:24:14 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksuser.dll
[2010/01/15 16:24:14 | 00,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msafd.dll
[2010/01/15 16:24:14 | 00,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msafd.dll
[2010/01/15 16:24:13 | 03,066,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll
[2010/01/15 16:24:13 | 01,351,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mshtml.tlb
[2010/01/15 16:24:13 | 01,351,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.tlb
[2010/01/15 16:24:13 | 00,994,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msgina.dll
[2010/01/15 16:24:13 | 00,994,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msgina.dll
[2010/01/15 16:24:13 | 00,956,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtctm.dll
[2010/01/15 16:24:13 | 00,956,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtctm.dll
[2010/01/15 16:24:13 | 00,426,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcprx.dll
[2010/01/15 16:24:13 | 00,426,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtcprx.dll
[2010/01/15 16:24:13 | 00,294,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msctf.dll
[2010/01/15 16:24:13 | 00,161,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcuiu.dll
[2010/01/15 16:24:13 | 00,161,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtcuiu.dll
[2010/01/15 16:24:13 | 00,151,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdart.dll
[2010/01/15 16:24:13 | 00,151,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdart.dll
[2010/01/15 16:24:13 | 00,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mscms.dll
[2010/01/15 16:24:13 | 00,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mscms.dll
[2010/01/15 16:24:13 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msconf.dll
[2010/01/15 16:24:13 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msconf.dll
[2010/01/15 16:24:13 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msctfp.dll
[2010/01/15 16:24:13 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msctfp.dll
[2010/01/15 16:24:13 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtclog.dll
[2010/01/15 16:24:13 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtclog.dll
[2010/01/15 16:24:13 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mscpxl32.dll
[2010/01/15 16:24:13 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mscpxl32.dll
[2010/01/15 16:24:13 | 00,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshta.exe
[2010/01/15 16:24:13 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdatsrc.tlb
[2010/01/15 16:24:13 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdatsrc.tlb
[2010/01/15 16:24:13 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mscpx32r.dll
[2010/01/15 16:24:13 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mscpx32r.dll
[2010/01/15 16:24:13 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtc.exe
[2010/01/15 16:24:12 | 02,854,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msi.dll
[2010/01/15 16:24:12 | 02,854,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msi.dll
[2010/01/15 16:24:12 | 01,392,671 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvbvm60.dll
[2010/01/15 16:24:12 | 01,104,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml3.dll
[2010/01/15 16:24:12 | 00,884,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msimsg.dll
[2010/01/15 16:24:12 | 00,884,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msimsg.dll
[2010/01/15 16:24:12 | 00,701,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml2.dll
[2010/01/15 16:24:12 | 00,701,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml2.dll
[2010/01/15 16:24:12 | 00,532,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstime.dll
[2010/01/15 16:24:12 | 00,532,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstime.dll
[2010/01/15 16:24:12 | 00,506,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml.dll
[2010/01/15 16:24:12 | 00,506,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml.dll
[2010/01/15 16:24:12 | 00,449,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtmled.dll
[2010/01/15 16:24:12 | 00,413,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcp60.dll
[2010/01/15 16:24:12 | 00,413,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msvcp60.dll
[2010/01/15 16:24:12 | 00,343,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msvcrt.dll
[2010/01/15 16:24:12 | 00,343,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mspaint.exe
[2010/01/15 16:24:12 | 00,343,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspaint.exe
[2010/01/15 16:24:12 | 00,290,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msnsspc.dll
[2010/01/15 16:24:12 | 00,274,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstask.dll
[2010/01/15 16:24:12 | 00,271,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msihnd.dll
[2010/01/15 16:24:12 | 00,271,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msihnd.dll
[2010/01/15 16:24:12 | 00,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoeacct.dll
[2010/01/15 16:24:12 | 00,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoeacct.dll
[2010/01/15 16:24:12 | 00,248,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msieftp.dll
[2010/01/15 16:24:12 | 00,245,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mswsock.dll
[2010/01/15 16:24:12 | 00,204,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mswebdvd.dll
[2010/01/15 16:24:12 | 00,204,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mswebdvd.dll
[2010/01/15 16:24:12 | 00,195,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msutb.dll
[2010/01/15 16:24:12 | 00,195,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msutb.dll
[2010/01/15 16:24:12 | 00,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msimtf.dll
[2010/01/15 16:24:12 | 00,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msimtf.dll
[2010/01/15 16:24:12 | 00,151,583 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msjint40.dll
[2010/01/15 16:24:12 | 00,151,583 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msjint40.dll
[2010/01/15 16:24:12 | 00,146,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msrating.dll
[2010/01/15 16:24:12 | 00,146,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msrating.dll
[2010/01/15 16:24:12 | 00,143,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msorcl32.dll
[2010/01/15 16:24:12 | 00,143,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msorcl32.dll
[2010/01/15 16:24:12 | 00,120,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvfw32.dll
[2010/01/15 16:24:12 | 00,120,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msvfw32.dll
[2010/01/15 16:24:12 | 00,115,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstlsapi.dll
[2010/01/15 16:24:12 | 00,115,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstlsapi.dll
[2010/01/15 16:24:12 | 00,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoert2.dll
[2010/01/15 16:24:12 | 00,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoert2.dll
[2010/01/15 16:24:12 | 00,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msscript.ocx
[2010/01/15 16:24:12 | 00,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msscript.ocx
[2010/01/15 16:24:12 | 00,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msiexec.exe
[2010/01/15 16:24:12 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msw3prt.dll
[2010/01/15 16:24:12 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msw3prt.dll
[2010/01/15 16:24:12 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msscds32.ax
[2010/01/15 16:24:12 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msscds32.ax
[2010/01/15 16:24:12 | 00,066,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxclu.dll
[2010/01/15 16:24:12 | 00,066,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxclu.dll
[2010/01/15 16:24:12 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcrt40.dll
[2010/01/15 16:24:12 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msvcrt40.dll
[2010/01/15 16:24:12 | 00,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mshtmler.dll
[2010/01/15 16:24:12 | 00,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtmler.dll
[2010/01/15 16:24:12 | 00,054,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcirt.dll
[2010/01/15 16:24:12 | 00,054,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msvcirt.dll
[2010/01/15 16:24:12 | 00,051,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msident.dll
[2010/01/15 16:24:12 | 00,051,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msident.dll
[2010/01/15 16:24:12 | 00,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msprivs.dll
[2010/01/15 16:24:12 | 00,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msprivs.dll
[2010/01/15 16:24:12 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mspatcha.dll
[2010/01/15 16:24:12 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspatcha.dll
[2010/01/15 16:24:12 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxlegih.dll
[2010/01/15 16:24:12 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxlegih.dll
[2010/01/15 16:24:12 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mslbui.dll
[2010/01/15 16:24:12 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxdm.dll
[2010/01/15 16:24:12 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxdm.dll
[2010/01/15 16:24:12 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msorc32r.dll
[2010/01/15 16:24:12 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msorc32r.dll
[2010/01/15 16:24:12 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msisip.dll
[2010/01/15 16:24:12 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msisip.dll
[2010/01/15 16:24:12 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstinit.exe
[2010/01/15 16:24:12 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstinit.exe
[2010/01/15 16:24:12 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msrle32.dll
[2010/01/15 16:24:12 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msidle.dll
[2010/01/15 16:24:12 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msidle.dll
[2010/01/15 16:24:12 | 00,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msimg32.dll
[2010/01/15 16:24:12 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxex.dll
[2010/01/15 16:24:12 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxex.dll
[2010/01/15 16:24:11 | 01,705,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netshell.dll
[2010/01/15 16:24:11 | 00,875,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netplwiz.dll
[2010/01/15 16:24:11 | 00,622,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\netcfgx.dll
[2010/01/15 16:24:11 | 00,622,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netcfgx.dll
[2010/01/15 16:24:11 | 00,407,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\netlogon.dll
[2010/01/15 16:24:11 | 00,407,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netlogon.dll
[2010/01/15 16:24:11 | 00,332,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netapi32.dll
[2010/01/15 16:24:11 | 00,329,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\netsetup.exe
[2010/01/15 16:24:11 | 00,329,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netsetup.exe
[2010/01/15 16:24:11 | 00,245,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\netui1.dll
[2010/01/15 16:24:11 | 00,245,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netui1.dll
[2010/01/15 16:24:11 | 00,197,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netman.dll
[2010/01/15 16:24:11 | 00,139,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\netid.dll
[2010/01/15 16:24:11 | 00,139,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netid.dll
[2010/01/15 16:24:11 | 00,124,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\net1.exe
[2010/01/15 16:24:11 | 00,124,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\net1.exe
[2010/01/15 16:24:11 | 00,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netdde.exe
[2010/01/15 16:24:11 | 00,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxoci.dll
[2010/01/15 16:24:11 | 00,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxoci.dll
[2010/01/15 16:24:11 | 00,090,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mydocs.dll
[2010/01/15 16:24:11 | 00,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\netsh.exe
[2010/01/15 16:24:11 | 00,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netsh.exe
[2010/01/15 16:24:11 | 00,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\netui0.dll
[2010/01/15 16:24:11 | 00,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netui0.dll
[2010/01/15 16:24:11 | 00,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ndptsp.tsp
[2010/01/15 16:24:11 | 00,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndptsp.tsp
[2010/01/15 16:24:11 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\narrator.exe
[2010/01/15 16:24:11 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\narrator.exe
[2010/01/15 16:24:11 | 00,042,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\net.exe
[2010/01/15 16:24:11 | 00,042,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\net.exe
[2010/01/15 16:24:11 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\netstat.exe
[2010/01/15 16:24:11 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netstat.exe
[2010/01/15 16:24:11 | 00,036,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ncobjapi.dll
[2010/01/15 16:24:11 | 00,036,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ncobjapi.dll
[2010/01/15 16:24:11 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nddenb32.dll
[2010/01/15 16:24:11 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nddenb32.dll
[2010/01/15 16:24:11 | 00,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nddeapi.dll
[2010/01/15 16:24:11 | 00,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nddeapi.dll
[2010/01/15 16:24:11 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\netrap.dll
[2010/01/15 16:24:11 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netrap.dll
[2010/01/15 16:24:11 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nddeapir.exe
[2010/01/15 16:24:11 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nddeapir.exe
[2010/01/15 16:24:10 | 01,285,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ole32.dll
[2010/01/15 16:24:10 | 00,713,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\opengl32.dll
[2010/01/15 16:24:10 | 00,713,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\opengl32.dll
[2010/01/15 16:24:10 | 00,488,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ntmsmgr.dll
[2010/01/15 16:24:10 | 00,488,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntmsmgr.dll
[2010/01/15 16:24:10 | 00,435,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntmssvc.dll
[2010/01/15 16:24:10 | 00,285,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\objsel.dll
[2010/01/15 16:24:10 | 00,285,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\objsel.dll
[2010/01/15 16:24:10 | 00,283,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\pdh.dll
[2010/01/15 16:24:10 | 00,278,559 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\odbcjt32.dll
[2010/01/15 16:24:10 | 00,278,559 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\odbcjt32.dll
[2010/01/15 16:24:10 | 00,266,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\oakley.dll
[2010/01/15 16:24:10 | 00,266,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oakley.dll
[2010/01/15 16:24:10 | 00,257,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nusrmgr.cpl
[2010/01/15 16:24:10 | 00,257,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nusrmgr.cpl
[2010/01/15 16:24:10 | 00,249,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\odbc32.dll
[2010/01/15 16:24:10 | 00,249,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\odbc32.dll
[2010/01/15 16:24:10 | 00,247,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\newdev.dll
[2010/01/15 16:24:10 | 00,247,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\newdev.dll
[2010/01/15 16:24:10 | 00,215,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\osk.exe
[2010/01/15 16:24:10 | 00,215,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\osk.exe
[2010/01/15 16:24:10 | 00,179,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ntmsdba.dll
[2010/01/15 16:24:10 | 00,179,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntmsdba.dll
[2010/01/15 16:24:10 | 00,176,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\photowiz.dll
[2010/01/15 16:24:10 | 00,147,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\odbctrac.dll
[2010/01/15 16:24:10 | 00,147,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\odbctrac.dll
[2010/01/15 16:24:10 | 00,143,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntshrui.dll
[2010/01/15 16:24:10 | 00,135,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\odbcconf.dll
[2010/01/15 16:24:10 | 00,135,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\odbcconf.dll
[2010/01/15 16:24:10 | 00,122,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\oledlg.dll
[2010/01/15 16:24:10 | 00,122,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oledlg.dll
[2010/01/15 16:24:10 | 00,120,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\offfilt.dll
[2010/01/15 16:24:10 | 00,120,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\offfilt.dll
[2010/01/15 16:24:10 | 00,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntmarta.dll
[2010/01/15 16:24:10 | 00,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\powercfg.cpl
[2010/01/15 16:24:10 | 00,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\powercfg.cpl
[2010/01/15 16:24:10 | 00,109,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\progman.exe
[2010/01/15 16:24:10 | 00,109,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\progman.exe
[2010/01/15 16:24:10 | 00,107,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\oleprn.dll
[2010/01/15 16:24:10 | 00,107,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oleprn.dll
[2010/01/15 16:24:10 | 00,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\odbccp32.dll
[2010/01/15 16:24:10 | 00,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\odbccp32.dll
[2010/01/15 16:24:10 | 00,105,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\polstore.dll
[2010/01/15 16:24:10 | 00,105,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\polstore.dll
[2010/01/15 16:24:10 | 00,103,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nlhtml.dll
[2010/01/15 16:24:10 | 00,103,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nlhtml.dll
[2010/01/15 16:24:10 | 00,096,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\psbase.dll
[2010/01/15 16:24:10 | 00,096,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\psbase.dll
[2010/01/15 16:24:10 | 00,096,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\occache.dll
[2010/01/15 16:24:10 | 00,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\odbcint.dll
[2010/01/15 16:24:10 | 00,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\odbcint.dll
[2010/01/15 16:24:10 | 00,083,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\olepro32.dll
[2010/01/15 16:24:10 | 00,081,920 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\proctexe.ocx
[2010/01/15 16:24:10 | 00,081,920 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\proctexe.ocx
[2010/01/15 16:24:10 | 00,074,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\olecli32.dll
[2010/01/15 16:24:10 | 00,074,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\olecli32.dll
[2010/01/15 16:24:10 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\odbcconf.exe
[2010/01/15 16:24:10 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\odbcconf.exe
[2010/01/15 16:24:10 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\notepad.exe
[2010/01/15 16:24:10 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\osuninst.dll
[2010/01/15 16:24:10 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\osuninst.dll
[2010/01/15 16:24:10 | 00,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntdsapi.dll
[2010/01/15 16:24:10 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\odbccu32.dll
[2010/01/15 16:24:10 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\odbccu32.dll
[2010/01/15 16:24:10 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\odbccr32.dll
[2010/01/15 16:24:10 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\odbccr32.dll
[2010/01/15 16:24:10 | 00,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\pautoenr.dll
[2010/01/15 16:24:10 | 00,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pautoenr.dll
[2010/01/15 16:24:10 | 00,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ocmanage.dll
[2010/01/15 16:24:10 | 00,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ocmanage.dll
[2010/01/15 16:24:10 | 00,058,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\packager.exe
[2010/01/15 16:24:10 | 00,058,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\packager.exe
[2010/01/15 16:24:10 | 00,054,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\npptools.dll
[2010/01/15 16:24:10 | 00,054,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npptools.dll
[2010/01/15 16:24:10 | 00,053,279 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\odbcji32.dll
[2010/01/15 16:24:10 | 00,053,279 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\odbcji32.dll
[2010/01/15 16:24:10 | 00,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\proquota.exe
[2010/01/15 16:24:10 | 00,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\proquota.exe
[2010/01/15 16:24:10 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\pstorec.dll
[2010/01/15 16:24:10 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pstorec.dll
[2010/01/15 16:24:10 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ntlanman.dll
[2010/01/15 16:24:10 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntlanman.dll
[2010/01/15 16:24:10 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ntmsapi.dll
[2010/01/15 16:24:10 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntmsapi.dll
[2010/01/15 16:24:10 | 00,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\pngfilt.dll
[2010/01/15 16:24:10 | 00,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pngfilt.dll
[2010/01/15 16:24:10 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\pid.dll
[2010/01/15 16:24:10 | 00,034,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\perfproc.dll
[2010/01/15 16:24:10 | 00,034,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\perfproc.dll
[2010/01/15 16:24:10 | 00,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\pstorsvc.dll
[2010/01/15 16:24:10 | 00,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pstorsvc.dll
[2010/01/15 16:24:10 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\odbccp32.cpl
[2010/01/15 16:24:10 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\odbccp32.cpl
[2010/01/15 16:24:10 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\odbcad32.exe
[2010/01/15 16:24:10 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\odbcad32.exe
[2010/01/15 16:24:10 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmmkcert.dll
[2010/01/15 16:24:10 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmmkcert.dll
[2010/01/15 16:24:10 | 00,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\profmap.dll
[2010/01/15 16:24:10 | 00,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\profmap.dll
[2010/01/15 16:24:10 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\perfdisk.dll
[2010/01/15 16:24:10 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\perfdisk.dll
[2010/01/15 16:24:10 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\perfos.dll
[2010/01/15 16:24:10 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\perfos.dll
[2010/01/15 16:24:10 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\odbcbcp.dll
[2010/01/15 16:24:10 | 00,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\psapi.dll
[2010/01/15 16:24:10 | 00,020,511 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\odtext32.dll
[2010/01/15 16:24:10 | 00,020,511 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\odtext32.dll
[2010/01/15 16:24:10 | 00,020,511 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\oddbse32.dll
[2010/01/15 16:24:10 | 00,020,511 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oddbse32.dll
[2010/01/15 16:24:10 | 00,020,510 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\odpdx32.dll
[2010/01/15 16:24:10 | 00,020,510 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\odpdx32.dll
[2010/01/15 16:24:10 | 00,020,510 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\odfox32.dll
[2010/01/15 16:24:10 | 00,020,510 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\odfox32.dll
[2010/01/15 16:24:10 | 00,020,510 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\odexl32.dll
[2010/01/15 16:24:10 | 00,020,510 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\odexl32.dll
[2010/01/15 16:24:10 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qprocess.exe
[2010/01/15 16:24:10 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qprocess.exe
[2010/01/15 16:24:10 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qmgrprxy.dll
[2010/01/15 16:24:10 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qmgrprxy.dll
[2010/01/15 16:24:10 | 00,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ping.exe
[2010/01/15 16:24:10 | 00,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ping.exe
[2010/01/15 16:24:10 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\powrprof.dll
[2010/01/15 16:24:10 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\powrprof.dll
[2010/01/15 16:24:10 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\perfnet.dll
[2010/01/15 16:24:10 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\perfnet.dll
[2010/01/15 16:24:10 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\odbc32gt.dll
[2010/01/15 16:24:10 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\odbc32gt.dll
[2010/01/15 16:24:10 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\perfmon.exe
[2010/01/15 16:24:10 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\perfmon.exe
[2010/01/15 16:24:10 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\pjlmon.dll
[2010/01/15 16:24:10 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ntvdmd.dll
[2010/01/15 16:24:10 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntvdmd.dll
[2010/01/15 16:24:10 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\odbcp32r.dll
[2010/01/15 16:24:10 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\odbcp32r.dll
[2010/01/15 16:24:09 | 01,435,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\query.dll
[2010/01/15 16:24:09 | 01,435,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.dll
[2010/01/15 16:24:09 | 00,584,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcrt4.dll
[2010/01/15 16:24:09 | 00,433,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\riched20.dll
[2010/01/15 16:24:09 | 00,433,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\riched20.dll
[2010/01/15 16:24:09 | 00,397,824 | ---- | C] (Microsoft) -- C:\WINDOWS\System32\regwizc.dll
[2010/01/15 16:24:09 | 00,397,824 | ---- | C] (Microsoft) -- C:\WINDOWS\System32\dllcache\regwizc.dll
[2010/01/15 16:24:09 | 00,206,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rasppp.dll
[2010/01/15 16:24:09 | 00,206,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rasppp.dll
[2010/01/15 16:24:09 | 00,181,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rasmans.dll
[2010/01/15 16:24:09 | 00,152,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rsaenh.dll
[2010/01/15 16:24:09 | 00,152,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rsaenh.dll
[2010/01/15 16:24:09 | 00,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdchost.dll
[2010/01/15 16:24:09 | 00,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdchost.dll
[2010/01/15 16:24:09 | 00,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rastls.dll
[2010/01/15 16:24:09 | 00,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rastls.dll
[2010/01/15 16:24:09 | 00,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rcbdyctl.dll
[2010/01/15 16:24:09 | 00,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rcbdyctl.dll
[2010/01/15 16:24:09 | 00,092,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpdd.dll
[2010/01/15 16:24:09 | 00,090,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rsvpsp.dll
[2010/01/15 16:24:09 | 00,087,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpwsx.dll
[2010/01/15 16:24:09 | 00,087,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwsx.dll
[2010/01/15 16:24:09 | 00,077,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rtcshare.exe
[2010/01/15 16:24:09 | 00,077,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rtcshare.exe
[2010/01/15 16:24:09 | 00,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\remotesp.tsp
[2010/01/15 16:24:09 | 00,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\remotesp.tsp
[2010/01/15 16:24:09 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\raschap.dll
[2010/01/15 16:24:09 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\raschap.dll
[2010/01/15 16:24:09 | 00,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdshost.exe
[2010/01/15 16:24:09 | 00,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdshost.exe
[2010/01/15 16:24:09 | 00,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpclip.exe
[2010/01/15 16:24:09 | 00,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpclip.exe
[2010/01/15 16:24:09 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\remotepg.dll
[2010/01/15 16:24:09 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\regsvc.dll
[2010/01/15 16:24:09 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\resutils.dll
[2010/01/15 16:24:09 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\resutils.dll
[2010/01/15 16:24:09 | 00,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rasphone.exe
[2010/01/15 16:24:09 | 00,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rasphone.exe
[2010/01/15 16:24:09 | 00,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\reg.exe
[2010/01/15 16:24:09 | 00,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\reg.exe
[2010/01/15 16:24:09 | 00,049,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\regapi.dll
[2010/01/15 16:24:09 | 00,049,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\regapi.dll
[2010/01/15 16:24:09 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rtutils.dll
[2010/01/15 16:24:09 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rtutils.dll
[2010/01/15 16:24:09 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\racpldlg.dll
[2010/01/15 16:24:09 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\racpldlg.dll
[2010/01/15 16:24:09 | 00,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rcimlby.exe
[2010/01/15 16:24:09 | 00,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rcimlby.exe
[2010/01/15 16:24:09 | 00,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rundll32.exe
[2010/01/15 16:24:09 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rtipxmib.dll
[2010/01/15 16:24:09 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rtipxmib.dll
[2010/01/15 16:24:09 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rcp.exe
[2010/01/15 16:24:09 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rcp.exe
[2010/01/15 16:24:09 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpsnd.dll
[2010/01/15 16:24:09 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpsnd.dll
[2010/01/15 16:24:09 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rsmps.dll
[2010/01/15 16:24:09 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rsmps.dll
[2010/01/15 16:24:09 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rassapi.dll
[2010/01/15 16:24:09 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rassapi.dll
[2010/01/15 16:24:09 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rsh.exe
[2010/01/15 16:24:09 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rsh.exe
[2010/01/15 16:24:09 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\runonce.exe
[2010/01/15 16:24:09 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\runonce.exe
[2010/01/15 16:24:09 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rexec.exe
[2010/01/15 16:24:09 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rexec.exe
[2010/01/15 16:24:09 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdsaddin.exe
[2010/01/15 16:24:09 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdsaddin.exe
[2010/01/15 16:24:09 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\regsvr32.exe
[2010/01/15 16:24:09 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\regsvr32.exe
[2010/01/15 16:24:09 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rasadhlp.dll
[2010/01/15 16:24:09 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rasadhlp.dll
[2010/01/15 16:24:08 | 08,460,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shell32.dll
[2010/01/15 16:24:08 | 01,580,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sfcfiles.dll
[2010/01/15 16:24:08 | 01,580,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sfcfiles.dll
[2010/01/15 16:24:08 | 01,499,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shdocvw.dll
[2010/01/15 16:24:08 | 00,549,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\shdoclc.dll
[2010/01/15 16:24:08 | 00,549,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shdoclc.dll
[2010/01/15 16:24:08 | 00,474,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shlwapi.dll
[2010/01/15 16:24:08 | 00,438,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shimgvw.dll
[2010/01/15 16:24:08 | 00,313,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\scesrv.dll
[2010/01/15 16:24:08 | 00,313,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scesrv.dll
[2010/01/15 16:24:08 | 00,190,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\schedsvc.dll
[2010/01/15 16:24:08 | 00,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\scecli.dll
[2010/01/15 16:24:08 | 00,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scecli.dll
[2010/01/15 16:24:08 | 00,171,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sccsccp.dll
[2010/01/15 16:24:08 | 00,171,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sccsccp.dll
[2010/01/15 16:24:08 | 00,159,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\scrobj.dll
[2010/01/15 16:24:08 | 00,159,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scrobj.dll
[2010/01/15 16:24:08 | 00,151,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shmedia.dll
[2010/01/15 16:24:08 | 00,151,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scrrun.dll
[2010/01/15 16:24:08 | 00,140,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sfc_os.dll
[2010/01/15 16:24:08 | 00,140,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sfc_os.dll
[2010/01/15 16:24:08 | 00,134,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shsvcs.dll
[2010/01/15 16:24:08 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\shrpubw.exe
[2010/01/15 16:24:08 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shrpubw.exe
[2010/01/15 16:24:08 | 00,077,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sdbinst.exe
[2010/01/15 16:24:08 | 00,077,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sdbinst.exe
[2010/01/15 16:24:08 | 00,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sigverif.exe
[2010/01/15 16:24:08 | 00,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sigverif.exe
[2010/01/15 16:24:08 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\scarddlg.dll
[2010/01/15 16:24:08 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scarddlg.dll
[2010/01/15 16:24:08 | 00,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\shgina.dll
[2010/01/15 16:24:08 | 00,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shgina.dll
[2010/01/15 16:24:08 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\shimeng.dll
[2010/01/15 16:24:08 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shimeng.dll
[2010/01/15 16:24:08 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\servdeps.dll
[2010/01/15 16:24:08 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\servdeps.dll
[2010/01/15 16:24:08 | 00,055,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\secur32.dll
[2010/01/15 16:24:08 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sendmail.dll
[2010/01/15 16:24:08 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrslv.dll
[2010/01/15 16:24:08 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\safrslv.dll
[2010/01/15 16:24:08 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrcdlg.dll
[2010/01/15 16:24:08 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\safrcdlg.dll
[2010/01/15 16:24:08 | 00,042,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\shmgrate.exe
[2010/01/15 16:24:08 | 00,042,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shmgrate.exe
[2010/01/15 16:24:08 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sens.dll
[2010/01/15 16:24:08 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sethc.exe
[2010/01/15 16:24:08 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sethc.exe
[2010/01/15 16:24:08 | 00,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrdm.dll
[2010/01/15 16:24:08 | 00,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\safrdm.dll
[2010/01/15 16:24:08 | 00,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sendcmsg.dll
[2010/01/15 16:24:08 | 00,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sendcmsg.dll
[2010/01/15 16:24:08 | 00,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shscrap.dll
[2010/01/15 16:24:08 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\skeys.exe
[2010/01/15 16:24:08 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\skeys.exe
[2010/01/15 16:24:08 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\shfolder.dll
[2010/01/15 16:24:08 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shfolder.dll
[2010/01/15 16:24:08 | 00,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\setup.exe
[2010/01/15 16:24:08 | 00,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setup.exe
[2010/01/15 16:24:08 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sclgntfy.dll
[2010/01/15 16:24:08 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\shutdown.exe
[2010/01/15 16:24:08 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shutdown.exe
[2010/01/15 16:24:08 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\seclogon.dll
[2010/01/15 16:24:08 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\simpdata.tlb
[2010/01/15 16:24:08 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\simpdata.tlb
[2010/01/15 16:24:08 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sigtab.dll
[2010/01/15 16:24:08 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sigtab.dll
[2010/01/15 16:24:08 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\scrnsave.scr
[2010/01/15 16:24:08 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scrnsave.scr
[2010/01/15 16:24:08 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sensapi.dll
[2010/01/15 16:24:08 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sensapi.dll
[2010/01/15 16:24:08 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\security.dll
[2010/01/15 16:24:08 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\security.dll
[2010/01/15 16:24:08 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sfc.dll
[2010/01/15 16:24:08 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sfc.dll
[2010/01/15 16:24:07 | 00,713,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sxs.dll
[2010/01/15 16:24:07 | 00,713,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sxs.dll
[2010/01/15 16:24:07 | 00,704,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ss3dfo.scr
[2010/01/15 16:24:07 | 00,704,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ss3dfo.scr
[2010/01/15 16:24:07 | 00,679,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sstext3d.scr
[2010/01/15 16:24:07 | 00,679,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sstext3d.scr
[2010/01/15 16:24:07 | 00,610,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sspipes.scr
[2010/01/15 16:24:07 | 00,610,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sspipes.scr
[2010/01/15 16:24:07 | 00,538,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spider.exe
[2010/01/15 16:24:07 | 00,538,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spider.exe
[2010/01/15 16:24:07 | 00,442,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sqlsrv32.dll
[2010/01/15 16:24:07 | 00,393,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ssflwbox.scr
[2010/01/15 16:24:07 | 00,393,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ssflwbox.scr
[2010/01/15 16:24:07 | 00,363,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\smlogcfg.dll
[2010/01/15 16:24:07 | 00,363,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smlogcfg.dll
[2010/01/15 16:24:07 | 00,246,814 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\strmdll.dll
[2010/01/15 16:24:07 | 00,246,814 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\strmdll.dll
[2010/01/15 16:24:07 | 00,239,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srrstr.dll
[2010/01/15 16:24:07 | 00,239,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srrstr.dll
[2010/01/15 16:24:07 | 00,218,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sysmon.ocx
[2010/01/15 16:24:07 | 00,218,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sysmon.ocx
[2010/01/15 16:24:07 | 00,191,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\syncui.dll
[2010/01/15 16:24:07 | 00,182,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\snmpsnap.dll
[2010/01/15 16:24:07 | 00,182,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpsnap.dll
[2010/01/15 16:24:07 | 00,180,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sqlunirl.dll
[2010/01/15 16:24:07 | 00,180,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sqlunirl.dll
[2010/01/15 16:24:07 | 00,170,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srsvc.dll
[2010/01/15 16:24:07 | 00,136,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sti_ci.dll
[2010/01/15 16:24:07 | 00,136,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sti_ci.dll
[2010/01/15 16:24:07 | 00,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndrec32.exe
[2010/01/15 16:24:07 | 00,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndrec32.exe
[2010/01/15 16:24:07 | 00,121,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\stobject.dll
[2010/01/15 16:24:07 | 00,118,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\t2embed.dll
[2010/01/15 16:24:07 | 00,118,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\t2embed.dll
[2010/01/15 16:24:07 | 00,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sysocmgr.exe
[2010/01/15 16:24:07 | 00,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sysocmgr.exe
[2010/01/15 16:24:07 | 00,098,304 | ---- | C] (Schlumberger Technology Corporation) -- C:\WINDOWS\System32\slbiop.dll
[2010/01/15 16:24:07 | 00,098,304 | ---- | C] (Schlumberger Technology Corporation) -- C:\WINDOWS\System32\dllcache\slbiop.dll
[2010/01/15 16:24:07 | 00,090,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sqlsrv32.rll
[2010/01/15 16:24:07 | 00,089,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smlogsvc.exe
[2010/01/15 16:24:07 | 00,086,016 | ---- | C] (Sipro Lab Telecom Inc.) -- C:\WINDOWS\System32\sl_anet.acm
[2010/01/15 16:24:07 | 00,074,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\storprop.dll
[2010/01/15 16:24:07 | 00,074,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spoolss.dll
[2010/01/15 16:24:07 | 00,074,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spoolss.dll
[2010/01/15 16:24:07 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ssdpsrv.dll
[2010/01/15 16:24:07 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sti.dll
[2010/01/15 16:24:07 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sti.dll
[2010/01/15 16:24:07 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srclient.dll
[2010/01/15 16:24:07 | 00,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\synceng.dll
[2010/01/15 16:24:07 | 00,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\synceng.dll
[2010/01/15 16:24:07 | 00,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spoolsv.exe
[2010/01/15 16:24:07 | 00,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\stclient.dll
[2010/01/15 16:24:07 | 00,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\stclient.dll
[2010/01/15 16:24:07 | 00,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ssmypics.scr
[2010/01/15 16:24:07 | 00,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ssmypics.scr
[2010/01/15 16:24:07 | 00,034,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ssdpapi.dll
[2010/01/15 16:24:07 | 00,034,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ssdpapi.dll
[2010/01/15 16:24:07 | 00,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\snmp.exe
[2010/01/15 16:24:07 | 00,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmp.exe
[2010/01/15 16:24:07 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\slayerxp.dll
[2010/01/15 16:24:07 | 00,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sort.exe
[2010/01/15 16:24:07 | 00,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sort.exe
[2010/01/15 16:24:07 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ssmarque.scr
[2010/01/15 16:24:07 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ssmarque.scr
[2010/01/15 16:24:07 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ssbezier.scr
[2010/01/15 16:24:07 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ssbezier.scr
[2010/01/15 16:24:07 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ssmyst.scr
[2010/01/15 16:24:07 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ssmyst.scr
[2010/01/15 16:24:07 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\snmpapi.dll
[2010/01/15 16:24:07 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpapi.dll
[2010/01/15 16:24:07 | 00,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\stdole2.tlb
[2010/01/15 16:24:07 | 00,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\stdole2.tlb
[2010/01/15 16:24:07 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\stimon.exe
[2010/01/15 16:24:07 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\stimon.exe
[2010/01/15 16:24:07 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\svchost.exe
[2010/01/15 16:24:07 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ssstars.scr
[2010/01/15 16:24:07 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ssstars.scr
[2010/01/15 16:24:07 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmptrap.exe
[2010/01/15 16:24:07 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\snmpmib.dll
[2010/01/15 16:24:07 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpmib.dll
[2010/01/15 16:24:06 | 00,858,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tapi3.dll
[2010/01/15 16:24:06 | 00,858,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tapi3.dll
[2010/01/15 16:24:06 | 00,723,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\userenv.dll
[2010/01/15 16:24:06 | 00,618,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\urlmon.dll
[2010/01/15 16:24:06 | 00,577,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\user32.dll
[2010/01/15 16:24:06 | 00,385,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\themeui.dll
[2010/01/15 16:24:06 | 00,358,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\termmgr.dll
[2010/01/15 16:24:06 | 00,358,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\termmgr.dll
[2010/01/15 16:24:06 | 00,347,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tourstart.exe
[2010/01/15 16:24:06 | 00,295,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\termsrv.dll
[2010/01/15 16:24:06 | 00,249,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tapisrv.dll
[2010/01/15 16:24:06 | 00,239,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\upnpui.dll
[2010/01/15 16:24:06 | 00,206,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\unimdm.tsp
[2010/01/15 16:24:06 | 00,206,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unimdm.tsp
[2010/01/15 16:24:06 | 00,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\upnphost.dll
[2010/01/15 16:24:06 | 00,181,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tapi32.dll
[2010/01/15 16:24:06 | 00,181,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tapi32.dll
[2010/01/15 16:24:06 | 00,135,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\taskmgr.exe
[2010/01/15 16:24:06 | 00,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\upnp.dll
[2010/01/15 16:24:06 | 00,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\upnp.dll
[2010/01/15 16:24:06 | 00,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umpnpmgr.dll
[2010/01/15 16:24:06 | 00,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\txflog.dll
[2010/01/15 16:24:06 | 00,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\txflog.dll
[2010/01/15 16:24:06 | 00,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\timedate.cpl
[2010/01/15 16:24:06 | 00,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\timedate.cpl
[2010/01/15 16:24:06 | 00,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscfgwmi.dll
[2010/01/15 16:24:06 | 00,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscfgwmi.dll
[2010/01/15 16:24:06 | 00,090,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trkwks.dll
[2010/01/15 16:24:06 | 00,075,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\telnet.exe
[2010/01/15 16:24:06 | 00,075,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\telnet.exe
[2010/01/15 16:24:06 | 00,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\usbui.dll
[2010/01/15 16:24:06 | 00,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\unimdmat.dll
[2010/01/15 16:24:06 | 00,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unimdmat.dll
[2010/01/15 16:24:06 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdc.ocx
[2010/01/15 16:24:06 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tcpmon.dll
[2010/01/15 16:24:06 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcpmon.dll
[2010/01/15 16:24:06 | 00,037,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\url.dll
[2010/01/15 16:24:06 | 00,037,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\url.dll
[2010/01/15 16:24:06 | 00,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\umandlg.dll
[2010/01/15 16:24:06 | 00,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umandlg.dll
[2010/01/15 16:24:06 | 00,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\udhisapi.dll
[2010/01/15 16:24:06 | 00,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\udhisapi.dll
[2010/01/15 16:24:06 | 00,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ups.exe
[2010/01/15 16:24:06 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\usbmon.dll
[2010/01/15 16:24:06 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbmon.dll
[2010/01/15 16:24:06 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\upnpcont.exe
[2010/01/15 16:24:06 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\upnpcont.exe
[2010/01/15 16:24:06 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tcpmib.dll
[2010/01/15 16:24:06 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcpmib.dll
[2010/01/15 16:24:06 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\uniplat.dll
[2010/01/15 16:24:06 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniplat.dll
[2010/01/15 16:24:06 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tracert.exe
[2010/01/15 16:24:06 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tracert.exe
[2010/01/15 16:24:06 | 00,012,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsddd.dll
[2010/01/15 16:24:06 | 00,012,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsddd.dll
[2010/01/15 16:24:06 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tree.com
[2010/01/15 16:24:05 | 00,764,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winntbbu.dll
[2010/01/15 16:24:05 | 00,764,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winntbbu.dll
[2010/01/15 16:24:05 | 00,666,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wininet.dll
[2010/01/15 16:24:05 | 00,589,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wiashext.dll
[2010/01/15 16:24:05 | 00,502,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winlogon.exe
[2010/01/15 16:24:05 | 00,463,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wiadefui.dll
[2010/01/15 16:24:05 | 00,463,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wiadefui.dll
[2010/01/15 16:24:05 | 00,433,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wiaacmgr.exe
[2010/01/15 16:24:05 | 00,433,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wiaacmgr.exe
[2010/01/15 16:24:05 | 00,430,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vssapi.dll
[2010/01/15 16:24:05 | 00,417,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vbscript.dll
[2010/01/15 16:24:05 | 00,417,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vbscript.dll
[2010/01/15 16:24:05 | 00,406,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usp10.dll
[2010/01/15 16:24:05 | 00,333,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wiaservc.dll
[2010/01/15 16:24:05 | 00,303,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmstream.dll
[2010/01/15 16:24:05 | 00,303,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmstream.dll
[2010/01/15 16:24:05 | 00,292,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winsrv.dll
[2010/01/15 16:24:05 | 00,292,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winsrv.dll
[2010/01/15 16:24:05 | 00,289,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vssvc.exe
[2010/01/15 16:24:05 | 00,278,559 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmv8ds32.ax
[2010/01/15 16:24:05 | 00,278,559 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmv8ds32.ax
[2010/01/15 16:24:05 | 00,276,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\webcheck.dll
[2010/01/15 16:24:05 | 00,264,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wow32.dll
[2010/01/15 16:24:05 | 00,264,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wow32.dll
[2010/01/15 16:24:05 | 00,258,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmvds32.ax
[2010/01/15 16:24:05 | 00,258,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmvds32.ax
[2010/01/15 16:24:05 | 00,218,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uxtheme.dll
[2010/01/15 16:24:05 | 00,208,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wavemsp.dll
[2010/01/15 16:24:05 | 00,208,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wavemsp.dll
[2010/01/15 16:24:05 | 00,176,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wintrust.dll
[2010/01/15 16:24:05 | 00,176,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmm.dll
[2010/01/15 16:24:05 | 00,174,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32time.dll
[2010/01/15 16:24:05 | 00,172,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wldap32.dll
[2010/01/15 16:24:05 | 00,135,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\webvw.dll
[2010/01/15 16:24:05 | 00,135,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\webvw.dll
[2010/01/15 16:24:05 | 00,124,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wiadss.dll
[2010/01/15 16:24:05 | 00,124,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wiadss.dll
[2010/01/15 16:24:05 | 00,115,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmsdmoe.dll
[2010/01/15 16:24:05 | 00,115,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmsdmoe.dll
[2010/01/15 16:24:05 | 00,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wscript.exe
[2010/01/15 16:24:05 | 00,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wiavideo.dll
[2010/01/15 16:24:05 | 00,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wiavideo.dll
[2010/01/15 16:24:05 | 00,099,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winscard.dll
[2010/01/15 16:24:05 | 00,099,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winscard.dll
[2010/01/15 16:24:05 | 00,092,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wlnotify.dll
[2010/01/15 16:24:05 | 00,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ws2_32.dll
[2010/01/15 16:24:05 | 00,075,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wiascr.dll
[2010/01/15 16:24:05 | 00,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\webclnt.dll
[2010/01/15 16:24:05 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wshext.dll
[2010/01/15 16:24:05 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wextract.exe
[2010/01/15 16:24:05 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wextract.exe
[2010/01/15 16:24:05 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winsta.dll
[2010/01/15 16:24:05 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winsta.dll
[2010/01/15 16:24:05 | 00,051,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vdmredir.dll
[2010/01/15 16:24:05 | 00,051,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vdmredir.dll
[2010/01/15 16:24:05 | 00,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\utilman.exe
[2010/01/15 16:24:05 | 00,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\utilman.exe
[2010/01/15 16:24:05 | 00,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wdigest.dll
[2010/01/15 16:24:05 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winipsec.dll
[2010/01/15 16:24:05 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winipsec.dll
[2010/01/15 16:24:05 | 00,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wpnpinst.exe
[2010/01/15 16:24:05 | 00,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wpnpinst.exe
[2010/01/15 16:24:05 | 00,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wpabaln.exe
[2010/01/15 16:24:05 | 00,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wpabaln.exe
[2010/01/15 16:24:05 | 00,030,749 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vbajet32.dll
[2010/01/15 16:24:05 | 00,030,749 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vbajet32.dll
[2010/01/15 16:24:05 | 00,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vbisurf.ax
[2010/01/15 16:24:05 | 00,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vbisurf.ax
[2010/01/15 16:24:05 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wshcon.dll
[2010/01/15 16:24:05 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wshcon.dll
[2010/01/15 16:24:05 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vdmdbg.dll
[2010/01/15 16:24:05 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vdmdbg.dll
[2010/01/15 16:24:05 | 00,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wdmaud.drv
[2010/01/15 16:24:05 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmpui.dll
[2010/01/15 16:24:05 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpui.dll
[2010/01/15 16:24:05 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmpcore.dll
[2010/01/15 16:24:05 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpcore.dll
[2010/01/15 16:24:05 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmpcd.dll
[2010/01/15 16:24:05 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpcd.dll
[2010/01/15 16:24:05 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmp.ocx
[2010/01/15 16:24:05 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmp.ocx
[2010/01/15 16:24:05 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ws2help.dll
[2010/01/15 16:24:05 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\version.dll
[2010/01/15 16:24:05 | 00,017,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\watchdog.sys
[2010/01/15 16:24:05 | 00,017,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\watchdog.sys
[2010/01/15 16:24:05 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winrnr.dll
[2010/01/15 16:24:05 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\verifier.dll
[2010/01/15 16:24:05 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\verifier.dll
[2010/01/15 16:24:05 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmi.dll
[2010/01/15 16:24:05 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmi.dll
[2010/01/15 16:24:05 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winver.exe
[2010/01/15 16:24:05 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winver.exe
[2010/01/15 16:24:04 | 00,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comctl32.dll
[2010/01/15 16:24:04 | 00,602,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\autoconv.exe
[2010/01/15 16:24:04 | 00,602,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\autoconv.exe
[2010/01/15 16:24:04 | 00,588,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\autochk.exe
[2010/01/15 16:24:04 | 00,388,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmd.exe
[2010/01/15 16:24:04 | 00,388,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmd.exe
[2010/01/15 16:24:04 | 00,383,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wzcdlg.dll
[2010/01/15 16:24:04 | 00,383,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wzcdlg.dll
[2010/01/15 16:24:04 | 00,337,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zipfldr.dll
[2010/01/15 16:24:04 | 00,331,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadce.dll
[2010/01/15 16:24:04 | 00,276,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comdlg32.dll
[2010/01/15 16:24:04 | 00,200,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaprst.dll
[2010/01/15 16:24:04 | 00,155,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadds.dll
[2010/01/15 16:24:04 | 00,143,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadco.dll
[2010/01/15 16:24:04 | 00,135,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\desk.cpl
[2010/01/15 16:24:04 | 00,135,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\desk.cpl
[2010/01/15 16:24:04 | 00,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdarem.dll
[2010/01/15 16:24:04 | 00,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wshom.ocx
[2010/01/15 16:24:04 | 00,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wshom.ocx
[2010/01/15 16:24:04 | 00,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactsrv.dll
[2010/01/15 16:24:04 | 00,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xactsrv.dll
[2010/01/15 16:24:04 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcf.dll
[2010/01/15 16:24:04 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcs.dll
[2010/01/15 16:24:04 | 00,052,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wzcsapi.dll
[2010/01/15 16:24:04 | 00,050,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wstdecod.dll
[2010/01/15 16:24:04 | 00,050,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wstdecod.dll
[2010/01/15 16:24:04 | 00,042,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wsnmp32.dll
[2010/01/15 16:24:04 | 00,042,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wsnmp32.dll
[2010/01/15 16:24:04 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdfmap.dll
[2010/01/15 16:24:04 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\csrsrv.dll
[2010/01/15 16:24:04 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\csrsrv.dll
[2010/01/15 16:24:04 | 00,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xcopy.exe
[2010/01/15 16:24:04 | 00,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xcopy.exe
[2010/01/15 16:24:04 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msaddsr.dll
[2010/01/15 16:24:04 | 00,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wsock32.dll
[2010/01/15 16:24:04 | 00,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wsock32.dll
[2010/01/15 16:24:04 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcer.dll
[2010/01/15 16:24:04 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wshtcpip.dll
[2010/01/15 16:24:04 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wshtcpip.dll
[2010/01/15 16:24:04 | 00,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wtsapi32.dll
[2010/01/15 16:24:04 | 00,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wtsapi32.dll
[2010/01/15 16:24:04 | 00,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cacls.exe
[2010/01/15 16:24:04 | 00,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cacls.exe
[2010/01/15 16:24:04 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaremr.dll
[2010/01/15 16:24:04 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaprsr.dll
[2010/01/15 16:24:04 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcor.dll
[2010/01/15 16:24:04 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcfr.dll
[2010/01/15 16:24:04 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wship6.dll
[2010/01/15 16:24:04 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wship6.dll
[2010/01/15 16:24:04 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xolehlp.dll
[2010/01/15 16:24:04 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xolehlp.dll
[2010/01/15 16:24:04 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wshrm.dll
[2010/01/15 16:24:04 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wshrm.dll
[2010/01/15 16:24:03 | 00,984,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kernel32.dll
[2010/01/15 16:24:03 | 00,721,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\lsasrv.dll
[2010/01/15 16:24:03 | 00,721,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lsasrv.dll
[2010/01/15 16:24:03 | 00,657,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rasdlg.dll
[2010/01/15 16:24:03 | 00,657,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rasdlg.dll
[2010/01/15 16:24:03 | 00,560,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\printui.dll
[2010/01/15 16:24:03 | 00,550,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oleaut32.dll
[2010/01/15 16:24:03 | 00,419,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ntvdm.exe
[2010/01/15 16:24:03 | 00,419,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntvdm.exe
[2010/01/15 16:24:03 | 00,415,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\samsrv.dll
[2010/01/15 16:24:03 | 00,415,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\samsrv.dll
[2010/01/15 16:24:03 | 00,341,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\localspl.dll
[2010/01/15 16:24:03 | 00,341,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\localspl.dll
[2010/01/15 16:24:03 | 00,236,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rasapi32.dll
[2010/01/15 16:24:03 | 00,236,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rasapi32.dll
[2010/01/15 16:24:03 | 00,144,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imagehlp.dll
[2010/01/15 16:24:03 | 00,142,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nwprovau.dll
[2010/01/15 16:24:03 | 00,142,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nwprovau.dll
[2010/01/15 16:24:03 | 00,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msv1_0.dll
[2010/01/15 16:24:03 | 00,111,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dhcpcsvc.dll
[2010/01/15 16:24:03 | 00,095,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scardsvr.exe
[2010/01/15 16:24:03 | 00,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ntprint.dll
[2010/01/15 16:24:03 | 00,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntprint.dll
[2010/01/15 16:24:03 | 00,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rasauto.dll
[2010/01/15 16:24:03 | 00,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nslookup.exe
[2010/01/15 16:24:03 | 00,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nslookup.exe
[2010/01/15 16:24:03 | 00,075,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\locator.exe
[2010/01/15 16:24:03 | 00,064,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\samlib.dll
[2010/01/15 16:24:03 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rasman.dll
[2010/01/15 16:24:03 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rasman.dll
[2010/01/15 16:24:03 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rastapi.dll
[2010/01/15 16:24:03 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rastapi.dll
[2010/01/15 16:24:03 | 00,042,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ftp.exe
[2010/01/15 16:24:03 | 00,042,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftp.exe
[2010/01/15 16:24:03 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rshx32.dll
[2010/01/15 16:24:03 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\perfctrs.dll
[2010/01/15 16:24:03 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\perfctrs.dll
[2010/01/15 16:24:03 | 00,037,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\olecnv32.dll
[2010/01/15 16:24:03 | 00,037,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\olecnv32.dll
[2010/01/15 16:24:03 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msgsvc.dll
[2010/01/15 16:24:03 | 00,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\format.com
[2010/01/15 16:24:03 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mgmtapi.dll
[2010/01/15 16:24:03 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mgmtapi.dll
[2010/01/15 16:24:03 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lmhsvc.dll
[2010/01/15 16:24:03 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\savedump.exe
[2010/01/15 16:24:03 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\savedump.exe
[2010/01/15 16:24:03 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ntlsapi.dll
[2010/01/15 16:24:03 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntlsapi.dll
[2010/01/15 16:24:02 | 01,845,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\win32k.sys
[2010/01/15 16:24:02 | 01,845,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\win32k.sys
[2010/01/15 16:24:02 | 00,984,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\syssetup.dll
[2010/01/15 16:24:02 | 00,984,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\syssetup.dll
[2010/01/15 16:24:02 | 00,983,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setupapi.dll
[2010/01/15 16:24:02 | 00,799,744 | ---- | C] (Microsoft Corp., Veritas Software) -- C:\WINDOWS\System32\dllcache\dmboot.sys
[2010/01/15 16:24:02 | 00,316,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\untfs.dll
[2010/01/15 16:24:02 | 00,316,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\untfs.dll
[2010/01/15 16:24:02 | 00,298,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sysdm.cpl
[2010/01/15 16:24:02 | 00,275,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ulib.dll
[2010/01/15 16:24:02 | 00,275,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ulib.dll
[2010/01/15 16:24:02 | 00,153,344 | ---- | C] (Microsoft Corp., Veritas Software) -- C:\WINDOWS\System32\dllcache\dmio.sys
[2010/01/15 16:24:02 | 00,146,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winspool.drv
[2010/01/15 16:24:02 | 00,146,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\winspool.drv
[2010/01/15 16:24:02 | 00,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\schannel.dll
[2010/01/15 16:24:02 | 00,143,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fastfat.sys
[2010/01/15 16:24:02 | 00,142,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aec.sys
[2010/01/15 16:24:02 | 00,140,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sessmgr.exe
[2010/01/15 16:24:02 | 00,138,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\afd.sys
[2010/01/15 16:24:02 | 00,132,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wkssvc.dll
[2010/01/15 16:24:02 | 00,101,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\win32spl.dll
[2010/01/15 16:24:02 | 00,101,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\win32spl.dll
[2010/01/15 16:24:02 | 00,096,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srvsvc.dll
[2010/01/15 16:24:02 | 00,095,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atapi.sys
[2010/01/15 16:24:02 | 00,071,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bridge.sys
[2010/01/15 16:24:02 | 00,071,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\dxg.sys
[2010/01/15 16:24:02 | 00,063,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cdfs.sys
[2010/01/15 16:24:02 | 00,060,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmk.sys
[2010/01/15 16:24:02 | 00,060,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmk.sys
[2010/01/15 16:24:02 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atmarpc.sys
[2010/01/15 16:24:02 | 00,055,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\atmlane.sys
[2010/01/15 16:24:02 | 00,055,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atmlane.sys
[2010/01/15 16:24:02 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\1394bus.sys
[2010/01/15 16:24:02 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\1394bus.sys
[2010/01/15 16:24:02 | 00,052,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmusic.sys
[2010/01/15 16:24:02 | 00,052,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\i8042prt.sys
[2010/01/15 16:24:02 | 00,050,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smss.exe
[2010/01/15 16:24:02 | 00,049,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\classpnp.sys
[2010/01/15 16:24:02 | 00,049,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\classpnp.sys
[2010/01/15 16:24:02 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tcpmonui.dll
[2010/01/15 16:24:02 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcpmonui.dll
[2010/01/15 16:24:02 | 00,036,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\amdk6.sys
[2010/01/15 16:24:02 | 00,036,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\amdk6.sys
[2010/01/15 16:24:02 | 00,036,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\crusoe.sys
[2010/01/15 16:24:02 | 00,036,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\disk.sys
[2010/01/15 16:24:02 | 00,036,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\hidclass.sys
[2010/01/15 16:24:02 | 00,036,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidclass.sys
[2010/01/15 16:24:02 | 00,034,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fips.sys
[2010/01/15 16:24:02 | 00,024,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\hidparse.sys
[2010/01/15 16:24:02 | 00,024,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidparse.sys
[2010/01/15 16:24:02 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\userinit.exe
[2010/01/15 16:24:02 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asyncmac.sys
[2010/01/15 16:24:02 | 00,014,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\diskdump.sys
[2010/01/15 16:24:02 | 00,014,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\diskdump.sys
[2010/01/15 16:24:02 | 00,009,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidusb.sys
[2010/01/15 16:24:02 | 00,002,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmkaud.sys
[2010/01/15 16:24:01 | 00,574,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntfs.sys
[2010/01/15 16:24:01 | 00,453,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys
[2010/01/15 16:24:01 | 00,202,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rmcast.sys
[2010/01/15 16:24:01 | 00,202,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rmcast.sys
[2010/01/15 16:24:01 | 00,182,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndis.sys
[2010/01/15 16:24:01 | 00,179,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxdav.sys
[2010/01/15 16:24:01 | 00,174,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdbss.sys
[2010/01/15 16:24:01 | 00,172,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kmixer.sys
[2010/01/15 16:24:01 | 00,162,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netbt.sys
[2010/01/15 16:24:01 | 00,140,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\ks.sys
[2010/01/15 16:24:01 | 00,140,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ks.sys
[2010/01/15 16:24:01 | 00,139,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwd.sys
[2010/01/15 16:24:01 | 00,136,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\portcls.sys
[2010/01/15 16:24:01 | 00,136,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\portcls.sys
[2010/01/15 16:24:01 | 00,134,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipnat.sys
[2010/01/15 16:24:01 | 00,119,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pcmcia.sys
[2010/01/15 16:24:01 | 00,107,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mup.sys
[2010/01/15 16:24:01 | 00,096,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\scsiport.sys
[2010/01/15 16:24:01 | 00,096,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scsiport.sys
[2010/01/15 16:24:01 | 00,092,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksecdd.sys
[2010/01/15 16:24:01 | 00,091,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndiswan.sys
[2010/01/15 16:24:01 | 00,088,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\nwlnkipx.sys
[2010/01/15 16:24:01 | 00,088,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nwlnkipx.sys
[2010/01/15 16:24:01 | 00,074,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipsec.sys
[2010/01/15 16:24:01 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\psched.sys
[2010/01/15 16:24:01 | 00,068,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pci.sys
[2010/01/15 16:24:01 | 00,063,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mf.sys
[2010/01/15 16:24:01 | 00,063,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mf.sys
[2010/01/15 16:24:01 | 00,051,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rasl2tp.sys
[2010/01/15 16:24:01 | 00,048,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\raspptp.sys
[2010/01/15 16:24:01 | 00,043,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sbp2port.sys
[2010/01/15 16:24:01 | 00,042,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\p3.sys
[2010/01/15 16:24:01 | 00,042,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mountmgr.sys
[2010/01/15 16:24:01 | 00,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\raspppoe.sys
[2010/01/15 16:24:01 | 00,040,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\nmnt.sys
[2010/01/15 16:24:01 | 00,040,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmnt.sys
[2010/01/15 16:24:01 | 00,038,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndproxy.sys
[2010/01/15 16:24:01 | 00,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isapnp.sys
[2010/01/15 16:24:01 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\processr.sys
[2010/01/15 16:24:01 | 00,035,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msgpc.sys
[2010/01/15 16:24:01 | 00,034,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netbios.sys
[2010/01/15 16:24:01 | 00,030,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npfs.sys
[2010/01/15 16:24:01 | 00,030,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rndismp.sys
[2010/01/15 16:24:01 | 00,030,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rndismp.sys
[2010/01/15 16:24:01 | 00,025,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sonydcam.sys
[2010/01/15 16:24:01 | 00,025,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sonydcam.sys
[2010/01/15 16:24:01 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\pciidex.sys
[2010/01/15 16:24:01 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pciidex.sys
[2010/01/15 16:24:01 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdclass.sys
[2010/01/15 16:24:01 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipinip.sys
[2010/01/15 16:24:01 | 00,019,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfs.sys
[2010/01/15 16:24:01 | 00,018,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\partmgr.sys
[2010/01/15 16:24:01 | 00,015,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\serenum.sys
[2010/01/15 16:24:01 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irenum.sys
[2010/01/15 16:24:01 | 00,009,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndistapi.sys
[2010/01/15 16:24:01 | 00,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mskssrv.sys
[2010/01/15 16:24:01 | 00,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\intelide.sys
[2010/01/15 16:24:01 | 00,005,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspclock.sys
[2010/01/15 16:24:01 | 00,004,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspqm.sys
[2010/01/15 16:24:00 | 02,136,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ntoskrnl.exe
[2010/01/15 16:24:00 | 02,015,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ntkrnlpa.exe
[2010/01/15 16:24:00 | 00,364,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\update.sys
[2010/01/15 16:24:00 | 00,360,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcpip.sys
[2010/01/15 16:24:00 | 00,332,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srv.sys
[2010/01/15 16:24:00 | 00,225,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tcpip6.sys
[2010/01/15 16:24:00 | 00,225,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcpip6.sys
[2010/01/15 16:24:00 | 00,142,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbport.sys
[2010/01/15 16:24:00 | 00,134,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\hal.dll
[2010/01/15 16:24:00 | 00,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wdmaud.sys
[2010/01/15 16:24:00 | 00,079,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\videoprt.sys
[2010/01/15 16:24:00 | 00,079,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\videoprt.sys
[2010/01/15 16:24:00 | 00,073,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sr.sys
[2010/01/15 16:24:00 | 00,066,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\udfs.sys
[2010/01/15 16:24:00 | 00,060,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sysaudio.sys
[2010/01/15 16:24:00 | 00,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swmidi.sys
[2010/01/15 16:24:00 | 00,052,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\volsnap.sys
[2010/01/15 16:24:00 | 00,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\stream.sys
[2010/01/15 16:24:00 | 00,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\stream.sys
[2010/01/15 16:24:00 | 00,034,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wanarp.sys
[2010/01/15 16:24:00 | 00,031,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbccgp.sys
[2010/01/15 16:24:00 | 00,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbprint.sys
[2010/01/15 16:24:00 | 00,023,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbcamd2.sys
[2010/01/15 16:24:00 | 00,023,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbcamd2.sys
[2010/01/15 16:24:00 | 00,023,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbcamd.sys
[2010/01/15 16:24:00 | 00,023,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbcamd.sys
[2010/01/15 16:24:00 | 00,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdtcp.sys
[2010/01/15 16:24:00 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vga.sys
[2010/01/15 16:24:00 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbuhci.sys
[2010/01/15 16:24:00 | 00,018,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tdi.sys
[2010/01/15 16:24:00 | 00,018,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdi.sys
[2010/01/15 16:24:00 | 00,017,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbohci.sys
[2010/01/15 16:24:00 | 00,016,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbintel.sys
[2010/01/15 16:24:00 | 00,016,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbintel.sys
[2010/01/15 16:24:00 | 00,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbscan.sys
[2010/01/15 16:24:00 | 00,014,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tape.sys
[2010/01/15 16:24:00 | 00,014,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tape.sys
[2010/01/15 16:24:00 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usb8023.sys
[2010/01/15 16:24:00 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usb8023.sys
[2010/01/15 16:24:00 | 00,012,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdpipe.sys
[2010/01/15 16:24:00 | 00,006,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\splitter.sys
[2010/01/15 16:24:00 | 00,005,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\viaide.sys
[2010/01/15 16:17:02 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spdwnwxp.exe
[2010/01/15 16:03:24 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot_bak
[2010/01/15 15:43:03 | 00,000,000 | ---D | C] -- C:\Program Files\Secunia
[2010/01/15 15:41:57 | 00,716,320 | ---- | C] (Secunia) -- C:\Documents and Settings\Compaq_Administrator\Desktop\PSISetup.exe
[2010/01/15 13:57:19 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\My Documents\! AAA ALL User Guides
[2010/01/15 13:44:17 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\My Documents\PC FIXES-Malware_Virus Removals
[2010/01/15 13:42:08 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010/01/15 13:40:55 | 00,000,000 | ---D | C] -- C:\Program Files\HijackThis
[2010/01/09 22:18:53 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Malwarebytes
[2010/01/09 22:18:47 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/01/09 22:18:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/01/09 22:18:44 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/01/09 22:18:43 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/01/09 22:16:21 | 05,061,512 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Compaq_Administrator\Desktop\mbam-setup.exe
[2010/01/09 22:02:08 | 00,000,000 | ---D | C] -- C:\Program Files\Autoruns
[2010/01/09 21:35:13 | 00,059,664 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\TfSysMon.sys
[2010/01/09 21:35:13 | 00,051,984 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\TfFsMon.sys
[2010/01/09 21:35:13 | 00,033,552 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\TfNetMon.sys
[2010/01/09 21:35:10 | 00,000,000 | ---D | C] -- C:\Program Files\ThreatFire
[2010/01/09 21:35:10 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PC Tools
[2010/01/08 17:57:37 | 00,064,288 | ---- | C] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys
[2010/01/08 17:55:56 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\{BC9FCCF7-E686-494B-8C9B-55C9A39A7CA9}
[2010/01/08 17:55:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
[2010/01/08 13:32:48 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\{2A4216FA-5514-451C-962E-CB9540E5FC81}
[2009/04/23 07:12:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google
[2009/04/22 08:40:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2009/02/28 13:16:00 | 47,693,5928 | ---- | C] (Adobe Systems Incorporated) -- C:\Program Files\PSE7_WIN_WWE.exe
[2008/10/30 13:26:05 | 04,026,608 | ---- | C] (SRS Labs, Inc. ) -- C:\Program Files\SRS_Audio_Sandbox.exe
[2008/07/04 12:36:25 | 07,422,571 | ---- | C] (Lowrance Electronics, Inc. ) -- C:\Program Files\GDM6.exe
[2008/07/03 10:15:19 | 02,919,360 | ---- | C] (Piriform Ltd) -- C:\Program Files\ccsetup209.exe
[2007/09/08 13:23:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple
[2006/08/08 02:33:01 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2006/08/08 02:33:00 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2006/08/08 02:33:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2006/02/19 11:28:56 | 00,012,288 | ---- | C] (Hewlett-Packard Development Company, L.P.) -- C:\WINDOWS\Fonts\RandFont.dll
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/01/19 16:44:19 | 00,547,328 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Administrator\Desktop\OTL.exe
[2010/01/19 16:43:18 | 00,000,246 | ---- | M] () -- C:\WINDOWS\System\hpsysdrv.dat
[2010/01/19 16:41:02 | 00,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2010/01/19 16:41:01 | 00,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 4).job
[2010/01/19 16:41:01 | 00,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 3).job
[2010/01/19 16:41:01 | 00,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 2).job
[2010/01/19 16:41:00 | 00,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 1).job
[2010/01/19 16:39:23 | 00,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2010/01/19 16:39:00 | 00,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/01/19 16:38:49 | 00,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/01/19 16:38:49 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/01/19 16:38:46 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/01/19 16:38:44 | 20,797,07136 | -HS- | M] () -- C:\hiberfil.sys
[2010/01/18 22:10:42 | 05,505,024 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\NTUSER.DAT
[2010/01/18 22:10:42 | 00,000,278 | -HS- | M] () -- C:\Documents and Settings\Compaq_Administrator\ntuser.ini
[2010/01/18 21:18:25 | 00,000,000 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\settings.dat
[2010/01/18 21:17:55 | 00,472,064 | ---- | M] ( ) -- C:\Documents and Settings\Compaq_Administrator\Desktop\RootRepeal.exe
[2010/01/18 20:39:07 | 00,000,160 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\DrWeb.csv
[2010/01/18 19:39:56 | 27,792,200 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\drweb-cureit.exe
[2010/01/18 19:33:38 | 00,524,288 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\dds.scr
[2010/01/18 00:19:32 | 02,112,748 | -H-- | M] () -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\IconCache.db
[2010/01/18 00:18:58 | 00,000,016 | ---- | M] () -- C:\WINDOWS\popcinfo.dat
[2010/01/17 23:21:16 | 00,182,272 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/01/17 22:40:35 | 00,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/01/15 18:09:06 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010/01/15 18:09:06 | 00,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010/01/15 18:09:05 | 00,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010/01/15 18:09:05 | 00,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010/01/15 18:09:04 | 00,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deploytk.dll
[2010/01/15 18:07:44 | 00,800,544 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\Compaq_Administrator\Desktop\jxpiinstall-rv.exe
[2010/01/15 17:31:13 | 00,217,656 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/01/15 17:12:52 | 00,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2010/01/15 17:12:52 | 00,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2010/01/15 17:02:45 | 00,250,032 | ---- | M] () -- C:\ntldr
[2010/01/15 15:43:18 | 00,000,728 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Start Menu\Programs\Startup\Secunia PSI.lnk
[2010/01/15 15:41:57 | 00,716,320 | ---- | M] (Secunia) -- C:\Documents and Settings\Compaq_Administrator\Desktop\PSISetup.exe
[2010/01/15 15:25:13 | 00,000,120 | ---- | M] () -- C:\WINDOWS\Wqibeziva.dat
[2010/01/15 15:23:04 | 00,000,808 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\catchme.zip
[2010/01/15 15:08:59 | 00,147,456 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\catchme.exe
[2010/01/15 13:42:09 | 00,001,742 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\HijackThis.lnk
[2010/01/15 13:40:03 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/01/15 13:13:54 | 00,000,000 | ---- | M] () -- C:\WINDOWS\Qdurakokoxevoko.bin
[2010/01/10 13:22:52 | 00,022,528 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\My Documents\Start on AIRPORT BLVD going toward AIRPORT CIR.doc
[2010/01/10 00:04:01 | 00,092,160 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\My Documents\Google Redirect fix.doc
[2010/01/09 22:18:50 | 00,000,704 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/01/09 22:16:21 | 05,061,512 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Compaq_Administrator\Desktop\mbam-setup.exe
[2010/01/09 22:10:05 | 00,263,168 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\rkill.com
[2010/01/09 21:35:16 | 00,000,629 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\ThreatFire.lnk
[2010/01/09 19:00:16 | 00,024,064 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\My Documents\Pressure Cooker Test Drive.doc
[2010/01/08 17:55:54 | 00,000,875 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk
[2010/01/08 17:41:50 | 00,001,923 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk
[2010/01/08 16:39:20 | 00,001,556 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\CCleaner.lnk
[2010/01/07 16:07:14 | 00,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/01/07 16:07:04 | 00,019,160 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/01/04 19:36:28 | 00,023,552 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\My Documents\Weekly scripture for readers 97.doc
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/01/18 21:18:25 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\settings.dat
[2010/01/18 20:39:07 | 00,000,160 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\DrWeb.csv
[2010/01/18 19:38:07 | 27,792,200 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\drweb-cureit.exe
[2010/01/18 19:33:34 | 00,524,288 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\dds.scr
[2010/01/18 00:18:58 | 00,000,016 | ---- | C] () -- C:\WINDOWS\popcinfo.dat
[2010/01/15 16:24:40 | 00,130,715 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mediactr.cat
[2010/01/15 16:24:39 | 00,141,702 | ---- | C] () -- C:\WINDOWS\System32\dllcache\netfx.cat
[2010/01/15 16:24:39 | 00,110,116 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tabletpc.cat
[2010/01/15 16:24:38 | 00,024,209 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn7.cat
[2010/01/15 16:24:38 | 00,011,651 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn9.cat
[2010/01/15 16:24:37 | 00,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[2010/01/15 16:24:37 | 00,081,920 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ieencode.dll
[2010/01/15 16:24:35 | 00,764,868 | ---- | C] () -- C:\WINDOWS\System32\dllcache\apph_sp.sdb
[2010/01/15 16:24:33 | 00,505,647 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nt5inf.cat
[2010/01/15 16:24:30 | 00,079,996 | ---- | C] () -- C:\WINDOWS\System32\dllcache\apps.chm
[2010/01/15 16:24:29 | 00,217,118 | ---- | C] () -- C:\WINDOWS\System32\dllcache\apphelp.sdb
[2010/01/15 16:24:29 | 00,031,281 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fp4.cat
[2010/01/15 16:24:28 | 00,094,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fpencode.dll
[2010/01/15 16:24:27 | 00,376,320 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msinfo.dll
[2010/01/15 16:24:27 | 00,198,736 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msimain.sdb
[2010/01/15 16:24:27 | 00,013,753 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ims.cat
[2010/01/15 16:24:27 | 00,009,581 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msmsgs.cat
[2010/01/15 16:24:27 | 00,004,639 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.exe
[2010/01/15 16:24:26 | 02,008,817 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nt5.cat
[2010/01/15 16:24:26 | 00,007,245 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mstsweb.cat
[2010/01/15 16:24:25 | 00,034,816 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sniffpol.dll
[2010/01/15 16:24:24 | 00,279,040 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tshoot.dll
[2010/01/15 16:24:24 | 00,033,280 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sstub.dll
[2010/01/15 16:24:21 | 00,460,728 | ---- | C] () -- C:\WINDOWS\System32\dllcache\micross.ttf
[2010/01/15 16:24:21 | 00,383,140 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tahoma.ttf
[2010/01/15 16:24:21 | 00,355,436 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tahomabd.ttf
[2010/01/15 16:24:20 | 00,070,656 | ---- | C] () -- C:\WINDOWS\System32\dllcache\amstream.dll
[2010/01/15 16:24:19 | 00,252,928 | ---- | C] () -- C:\WINDOWS\System32\dllcache\compatui.dll
[2010/01/15 16:24:18 | 00,059,904 | ---- | C] () -- C:\WINDOWS\System32\dllcache\devenum.dll
[2010/01/15 16:24:18 | 00,001,788 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2010/01/15 16:24:17 | 00,498,742 | ---- | C] () -- C:\WINDOWS\System32\dllcache\dxmasf.dll
[2010/01/15 16:24:14 | 00,035,328 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mciqtz32.dll
[2010/01/15 16:24:13 | 00,844,314 | ---- | C] () -- C:\WINDOWS\System32\msdxm.ocx
[2010/01/15 16:24:13 | 00,844,314 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdxm.ocx
[2010/01/15 16:24:13 | 00,014,336 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdmo.dll
[2010/01/15 16:24:13 | 00,004,126 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdxmlc.dll
[2010/01/15 16:24:10 | 01,287,680 | ---- | C] () -- C:\WINDOWS\System32\dllcache\quartz.dll
[2010/01/15 16:24:10 | 00,733,696 | ---- | C] () -- C:\WINDOWS\System32\dllcache\qedwipes.dll
[2010/01/15 16:24:10 | 00,562,176 | ---- | C] () -- C:\WINDOWS\System32\dllcache\qedit.dll
[2010/01/15 16:24:10 | 00,385,024 | ---- | C] () -- C:\WINDOWS\System32\dllcache\qdvd.dll
[2010/01/15 16:24:10 | 00,279,040 | ---- | C] () -- C:\WINDOWS\System32\dllcache\qdv.dll
[2010/01/15 16:24:10 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\dllcache\qcap.dll
[2010/01/15 16:24:10 | 00,004,310 | ---- | C] () -- C:\WINDOWS\System32\odbcconf.rsp
[2010/01/15 16:24:10 | 00,004,310 | ---- | C] () -- C:\WINDOWS\System32\dllcache\odbcconf.rsp
[2010/01/15 16:24:04 | 00,009,424 | ---- | C] () -- C:\WINDOWS\System32\dllcache\drvmain.sdb
[2010/01/15 16:24:03 | 00,249,270 | ---- | C] () -- C:\WINDOWS\System32\locale.nls
[2010/01/15 16:24:03 | 00,249,270 | ---- | C] () -- C:\WINDOWS\System32\dllcache\locale.nls
[2010/01/15 16:24:02 | 00,022,040 | ---- | C] () -- C:\WINDOWS\System32\sorttbls.nls
[2010/01/15 16:24:02 | 00,022,040 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sorttbls.nls
[2010/01/15 16:24:00 | 00,250,032 | ---- | C] () -- C:\ntldr
[2010/01/15 15:43:18 | 00,000,728 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Start Menu\Programs\Startup\Secunia PSI.lnk
[2010/01/15 15:23:04 | 00,000,808 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\catchme.zip
[2010/01/15 15:08:53 | 00,147,456 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\catchme.exe
[2010/01/15 13:42:09 | 00,001,742 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\HijackThis.lnk
[2010/01/10 13:22:52 | 00,022,528 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\My Documents\Start on AIRPORT BLVD going toward AIRPORT CIR.doc
[2010/01/10 00:04:01 | 00,092,160 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\My Documents\Google Redirect fix.doc
[2010/01/09 22:18:50 | 00,000,704 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/01/09 22:10:05 | 00,263,168 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\rkill.com
[2010/01/09 21:35:16 | 00,000,629 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\ThreatFire.lnk
[2010/01/09 19:00:15 | 00,024,064 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\My Documents\Pressure Cooker Test Drive.doc
[2010/01/08 19:03:15 | 00,015,880 | ---- | C] () -- C:\WINDOWS\System32\lsdelete.exe
[2010/01/08 17:58:27 | 00,000,472 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2010/01/08 17:58:26 | 00,000,472 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 4).job
[2010/01/08 17:58:26 | 00,000,472 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 3).job
[2010/01/08 17:58:26 | 00,000,472 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 2).job
[2010/01/08 17:58:25 | 00,000,472 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 1).job
[2010/01/08 17:55:54 | 00,000,875 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk
[2010/01/08 17:41:50 | 00,001,923 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk
[2010/01/08 13:32:49 | 00,000,120 | ---- | C] () -- C:\WINDOWS\Wqibeziva.dat
[2010/01/08 13:32:49 | 00,000,000 | ---- | C] () -- C:\WINDOWS\Qdurakokoxevoko.bin
[2010/01/04 19:36:28 | 00,023,552 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\My Documents\Weekly scripture for readers 97.doc
[2009/02/28 13:38:51 | 00,046,303 | ---- | C] () -- C:\Program Files\Photoshop Elements 7.0 Read Me.html
[2009/01/12 17:47:00 | 01,878,848 | ---- | C] () -- C:\Program Files\facebook.exe
[2009/01/08 17:53:21 | 00,032,768 | ---- | C] () -- C:\WINDOWS\System32\LXPRMON.DLL
[2009/01/08 17:53:21 | 00,020,480 | ---- | C] () -- C:\WINDOWS\System32\LXPMONUI.DLL
[2009/01/08 17:50:37 | 00,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxccvs.dll
[2008/10/30 13:26:58 | 00,047,360 | R--- | C] () -- C:\WINDOWS\System32\drivers\Surroundhp_kern_i386.sys
[2008/10/30 13:26:58 | 00,047,104 | R--- | C] () -- C:\WINDOWS\System32\drivers\tshd4_kern_i386.sys
[2008/10/30 13:26:58 | 00,042,112 | R--- | C] () -- C:\WINDOWS\System32\drivers\csiidecoder_kern_i386.sys
[2008/10/30 13:26:58 | 00,039,808 | R--- | C] () -- C:\WINDOWS\System32\drivers\SRS_SSCFilter_i386.sys
[2008/07/09 21:59:13 | 07,024,640 | ---- | C] () -- C:\Program Files\winzip112.msi
[2008/05/11 22:51:14 | 00,002,528 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Application Data\$_hpcst$.hpc
[2008/04/26 13:44:02 | 00,087,552 | ---- | C] () -- C:\WINDOWS\System32\cpwmon2k.dll
[2007/12/13 21:50:27 | 00,002,970 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007/06/27 09:45:59 | 18,725,888 | ---- | C] () -- C:\Program Files\TIConnectV1.6.exe
[2007/03/18 19:42:09 | 00,002,337 | ---- | C] () -- C:\WINDOWS\Contour.INI
[2007/02/24 20:39:15 | 00,000,251 | ---- | C] () -- C:\Program Files\wt3d.ini
[2007/02/24 19:11:00 | 00,000,037 | ---- | C] () -- C:\WINDOWS\wwwbatch.ini
[2007/02/18 14:35:37 | 00,182,272 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/02/12 00:33:30 | 00,000,280 | ---- | C] () -- C:\WINDOWS\System32\epoPGPsdk.dll.sig
[2007/02/11 23:56:25 | 00,000,143 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\fusioncache.dat
[2007/02/11 23:53:05 | 00,000,737 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/08/08 04:03:01 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/08/08 03:34:55 | 00,028,848 | ---- | C] () -- C:\WINDOWS\System32\drivers\USBkey.sys
[2006/08/08 03:27:05 | 00,012,988 | ---- | C] () -- C:\WINDOWS\System32\CHODDI.SYS
[2006/08/08 03:26:54 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\hpreg.dll
[2006/08/08 03:23:36 | 00,000,031 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2006/08/08 03:12:47 | 00,000,108 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2006/08/08 03:11:23 | 00,000,698 | ---- | C] () -- C:\WINDOWS\NSSetDefaultBrowser.ini
[2006/08/08 03:06:16 | 00,000,368 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2006/08/08 03:05:15 | 00,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2006/08/08 02:59:50 | 00,000,791 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2006/08/08 02:36:38 | 00,323,584 | ---- | C] () -- C:\WINDOWS\System32\pythoncom22.dll
[2006/08/08 02:36:38 | 00,094,208 | ---- | C] () -- C:\WINDOWS\System32\pywintypes22.dll
[2006/08/08 02:36:17 | 00,016,896 | ---- | C] () -- C:\WINDOWS\System32\bcbmm.dll
[2006/06/16 12:58:18 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2005/08/05 22:01:54 | 00,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/08/03 00:19:16 | 00,050,176 | ---- | C] () -- C:\WINDOWS\armcex.dll
[2004/07/26 08:51:38 | 00,000,592 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[1997/07/11 00:00:00 | 00,022,016 | ---- | C] () -- C:\WINDOWS\System32\ODBCSTF.DLL
[1997/07/11 00:00:00 | 00,022,016 | ---- | C] () -- C:\WINDOWS\System32\DOCOBJ.DLL
[1997/07/11 00:00:00 | 00,012,288 | ---- | C] () -- C:\WINDOWS\System32\HLINKPRX.DLL

========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >


< MD5 for: AGP440.SYS >
[2004/08/10 05:00:00 | 16,971,599 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2004/08/09 15:00:00 | 16,971,599 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:AGP440.sys
[2010/01/15 16:22:07 | 23,852,652 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\sp3.cab:AGP440.sys
[2008/04/13 12:36:38 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\agp440.sys

< MD5 for: ATAPI.SYS >
[2004/08/10 05:00:00 | 16,971,599 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2004/08/09 15:00:00 | 16,971,599 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:atapi.sys
[2010/01/15 16:22:07 | 23,852,652 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\sp3.cab:atapi.sys
[2008/04/13 12:40:30 | 00,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\atapi.sys
[2004/08/04 06:59:44 | 00,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2004/08/04 06:59:44 | 00,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys

< MD5 for: EVENTLOG.DLL >
[2008/04/13 18:11:53 | 00,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\eventlog.dll
[2004/08/09 22:00:00 | 00,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2004/08/09 22:00:00 | 00,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\system32\eventlog.dll

< MD5 for: IASTOR.SYS >
[2005/06/17 07:33:40 | 00,872,064 | ---- | M] (Intel Corporation) MD5=9A65E42664D1534B68512CAAD0EFE963 -- C:\hp\drivers\Intel_5_1_0_1022_PV\iastor.sys

< MD5 for: NETLOGON.DLL >
[2008/04/13 18:12:01 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\netlogon.dll
[2004/08/09 22:00:00 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2004/08/09 22:00:00 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: SCECLI.DLL >
[2004/08/09 22:00:00 | 00,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\system32\dllcache\scecli.dll
[2004/08/09 22:00:00 | 00,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\system32\scecli.dll
[2008/04/13 18:12:05 | 00,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\scecli.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2005/07/26 05:39:44 | 01,267,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\comsvcs.dll
[2008/02/16 03:32:04 | 00,357,888 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\dxtmsft.dll
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

========== Alternate Data Streams ==========

@Alternate Data Stream - 133 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:017D5143
@Alternate Data Stream - 116 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C46995DA
< End of report >


#7 nappy212

nappy212
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:04:33 PM

Posted 19 January 2010 - 06:17 PM

Extras.Txt file from OTL Scan.....thanks!!

OTL Extras logfile created on: 1/19/2010 4:46:41 PM - Run 1
OTL by OldTimer - Version 3.1.25.2 Folder = C:\Documents and Settings\Compaq_Administrator\Desktop
Windows XP Media Center Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 58.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 83.00% Paging File free
Paging file location(s): C:\pagefile.sys 1440 2880 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 224.54 Gb Total Space | 141.91 Gb Free Space | 63.20% Space Free | Partition Type: NTFS
Drive D: | 8.33 Gb Total Space | 0.38 Gb Free Space | 4.51% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: NAPOLITANO
Current User Name: Compaq_Administrator
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"135:TCP" = 135:TCP:*:Enabled:TCP Port 135
"5000:TCP" = 5000:TCP:*:Enabled:TCP Port 5000
"5001:TCP" = 5001:TCP:*:Enabled:TCP Port 5001
"5002:TCP" = 5002:TCP:*:Enabled:TCP Port 5002
"5003:TCP" = 5003:TCP:*:Enabled:TCP Port 5003
"5004:TCP" = 5004:TCP:*:Enabled:TCP Port 5004
"5005:TCP" = 5005:TCP:*:Enabled:TCP Port 5005
"5006:TCP" = 5006:TCP:*:Enabled:TCP Port 5006
"5007:TCP" = 5007:TCP:*:Enabled:TCP Port 5007
"5008:TCP" = 5008:TCP:*:Enabled:TCP Port 5008
"5009:TCP" = 5009:TCP:*:Enabled:TCP Port 5009
"5010:TCP" = 5010:TCP:*:Enabled:TCP Port 5010
"5011:TCP" = 5011:TCP:*:Enabled:TCP Port 5011
"5012:TCP" = 5012:TCP:*:Enabled:TCP Port 5012
"5013:TCP" = 5013:TCP:*:Enabled:TCP Port 5013
"5014:TCP" = 5014:TCP:*:Enabled:TCP Port 5014
"5015:TCP" = 5015:TCP:*:Enabled:TCP Port 5015
"5016:TCP" = 5016:TCP:*:Enabled:TCP Port 5016
"5017:TCP" = 5017:TCP:*:Enabled:TCP Port 5017
"5018:TCP" = 5018:TCP:*:Enabled:TCP Port 5018
"5019:TCP" = 5019:TCP:*:Enabled:TCP Port 5019
"5020:TCP" = 5020:TCP:*:Enabled:TCP Port 5020
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe" = C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe:*:Enabled:Compaq Connections -- (Hewlett-Packard)
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe" = C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe" = C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe" = C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe" = C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe:*:Enabled:Compaq Connections -- (Hewlett-Packard)
"C:\Program Files\EarthLink TotalAccess\TaskPanl.exe" = C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink -- File not found
"C:\Program Files\McAfee\Common Framework\FrameworkService.exe" = C:\Program Files\McAfee\Common Framework\FrameworkService.exe:*:Enabled:McAfee Framework Service -- (McAfee, Inc.)
"C:\Program Files\TurboTax\Deluxe 2006\32bit\ttax.exe" = C:\Program Files\TurboTax\Deluxe 2006\32bit\ttax.exe:LocalSubNet:Enabled:TurboTax -- (Intuit, Inc.)
"C:\Program Files\TurboTax\Deluxe 2006\32bit\updatemgr.exe" = C:\Program Files\TurboTax\Deluxe 2006\32bit\updatemgr.exe:LocalSubNet:Enabled:TurboTax Update Manager -- (Intuit, Inc.)
"C:\Program Files\AT&T_Homezone\mediascout.exe" = C:\Program Files\AT&T_Homezone\mediascout.exe:*:Enabled:2Wire MediaScout -- (2Wire)
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe" = C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe" = C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe" = C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application -- (Microsoft Corporation)
"C:\Program Files\TurboTax\Deluxe 2007\32bit\ttax.exe" = C:\Program Files\TurboTax\Deluxe 2007\32bit\ttax.exe:LocalSubNet:Enabled:TurboTax -- (Intuit, Inc.)
"C:\Program Files\TurboTax\Deluxe 2007\32bit\updatemgr.exe" = C:\Program Files\TurboTax\Deluxe 2007\32bit\updatemgr.exe:LocalSubNet:Enabled:TurboTax Update Manager -- (Intuit, Inc.)
"C:\WINDOWS\system32\lxcccoms.exe" = C:\WINDOWS\system32\lxcccoms.exe:*:Enabled:3300 Series Server -- (Lexmark International, Inc.)
"C:\WINDOWS\system32\spool\drivers\w32x86\3\lxccPSWX.EXE" = C:\WINDOWS\system32\spool\drivers\w32x86\3\lxccPSWX.EXE:*:Enabled:3300 Series Printer Status -- ()
"C:\Program Files\Adobe\Photoshop Elements 7.0\AdobePhotoshopElementsMediaServer.exe" = C:\Program Files\Adobe\Photoshop Elements 7.0\AdobePhotoshopElementsMediaServer.exe:*:Disabled:Adobe Photoshop Elements Media Server -- (Adobe Systems Incorporated)
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour -- (Apple Inc.)
"C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe" = C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe:LocalSubNet:Disabled:Intuit Update Shared Downloads Server -- (Intuit Inc.)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Program Files\DISC\DISCover.exe" = C:\Program Files\DISC\DISCover.exe:*:Enabled:DISCover Drop & Play System -- File not found
"C:\Program Files\DISC\DiscStreamHub.exe" = C:\Program Files\DISC\DiscStreamHub.exe:*:Enabled:DISCover Stream Hub -- File not found
"C:\Program Files\DISC\myFTP.exe" = C:\Program Files\DISC\myFTP.exe:*:Enabled:DISCover FTP -- File not found


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00030409-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Small Business
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{075473F5-846A-448B-BCB3-104AA1760205}" = Sonic RecordNow Data
"{0A65A3BD-54B5-4d0d-B084-7688507813F5}" = SlideShow
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{1341D838-719C-4A05-B50F-49420CA1B4BB}" = HP Boot Optimizer
"{1515871A-9CBD-4ED6-9E63-21BFFDC714C0}" = Lowrance GPS Data Manger V.6
"{15C0AF59-4877-49B6-B8C6-A61CE54515F5}" = cp_OnlineProjectsConfig
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
"{21657574-BD54-48A2-9450-EB03B2C7FC29}" = Sonic MyDVD Plus
"{23012310-3E05-46A5-88A9-C6CBCABCAC79}" = Customer Experience Enhancement
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2376813B-2E5A-4641-B7B3-A0D5ADB55229}" = HPPhotoSmartExpress
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java™ 6 Update 17
"{29521505-F489-4822-ADFA-32C6DEE4F114}" = TurboTax 2008 WinPerUserEducation
"{2F58D60D-2BFD-4467-9B4D-64E7355C329D}" = Sonic_PrimoSDK
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager
"{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
"{33BF0960-DBA3-4187-B6CC-C969FCFA2D25}" = SkinsHP1
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35C03C04-3F1F-42C2-A989-A757EE691F65}" = McAfee VirusScan Enterprise
"{36D620AD-EEBA-4973-BA86-0C9AE6396620}" = OptionalContentQFolder
"{41E776A5-9B12-416D-9A12-B4F7B044EBED}" = CP_Package_Basic1
"{45B8A76B-57EC-4242-B019-066400CD8428}" = BufferChm
"{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP DVD Play 2.1
"{53EE9E42-CECB-4C92-BF76-9CA65DAF8F1C}" = FullDPAppQFolder
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Sonic Express Labeler
"{6696D9A4-28A8-4F5A-8E9A-2E8974C8C39C}" = RandMap
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{7570F1CA-016D-46AC-B586-CD74645EFB52}" = TurboTax 2008 WinPerFedFormset
"{7C950A9E-B452-4DA1-BF55-C610D70E89E1}" = TurboTax 2008 wwiiper
"{7DD9A065-2C86-4A9F-A5FF-796EC1B99DCA}" = AnswerWorks 4.0 Runtime - English
"{82081779-4175-4666-A457-AB711CD37EF0}" = cp_LightScribeConfig
"{829DAAD6-BB11-4BB7-921B-07FFB703F944}" = CP_Package_Variety3
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110265407}" = Bejeweled 2 Deluxe
"{82E55892-6FFD-403F-AA97-D726846768AA}" = CP_AtenaShokunin1Config
"{866A0078-DEA7-4348-9C9A-999AF2991EAA}" = SlideShowMusic
"{88214092-836F-4E22-A5AC-569AC9EE6A0F}" = TurboTax 2008 WinPerReleaseEngine
"{8A534F71-3202-4464-A422-B767295E67B9}" = CP_Package_Variety2
"{8BBF6DFD-0AD9-43A7-9FBD-BF065E3866AF}" = URGE
"{8CE4E6E9-9D55-43FB-9DDB-688C976BFC05}" = Unload
"{93E5A317-24EC-4744-812C-16FECFE86E6A}" = CP_Package_Variety1
"{95120000-0038-0409-0000-0000000FF1CE}" = Time Zone Data Update Tool for Microsoft Office Outlook
"{99052DB7-9592-4522-A558-5417BBAD48EE}" = Microsoft ActiveSync
"{99ECF41F-5CCA-42BD-B8B8-A8333E2E2944}" = iTunes
"{9E5A03E3-6246-4920-9630-0527D5DA9B07}" = AnswerWorks 5.0 English Runtime
"{9F7AF7CD-E3D0-4C68-A3BA-C76C359B3AA8}" = LightScribe 1.4.105.1
"{A29800BA-0BF1-4E63-9F31-DF05A87F4104}" = InstantShareDevices
"{A3321F20-6151-A92D-1CA6-22A5B841316D}" = OneGlobalConnect
"{A654A805-41D9-40C7-AA46-4AF04F044D61}" = Adobe® Photoshop® Album Starter Edition 3.2
"{A8B94669-8654-4126-BD28-D0D2412CDED6}" = TI Connect 1.6
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Sonic RecordNow Audio
"{AC76BA86-7AD7-1033-7B44-A81300000003}" = Adobe Reader 8.1.3
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint Plus
"{AFBBF30D-ADA9-4313-464E-14458B6BE034}" = PhotoshopdotcomInspirationBrowser
"{AFF1EA96-9C23-4249-B7D4-CD4B54D4582F}" = TurboTax ItsDeductible 2006
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Sonic RecordNow Copy
"{B1DB1AD8-C07E-4052-81A1-D2930232BA70}" = TurboTax 2008 wrapper
"{B2157760-AA3C-4E2E-BFE6-D20BC52495D9}" = cp_PosterPrintConfig
"{B23726CF-68BF-41A6-A4EB-72F12F87FE05}" = TurboTax 2008 WinPerTaxSupport
"{B508B3F1-A24A-32C0-B310-85786919EF28}" = Microsoft .NET Framework 2.0 Service Pack 1
"{B6286A44-7505-471A-A72B-04EC2DB2F442}" = CueTour
"{B69CFE29-FD03-4E0A-87A7-6ED97F98E5B3}" = CP_Panorama1Config
"{C084BC61-E537-11DE-8616-005056806466}" = Google Earth
"{C1C6767D-B395-43CB-BF99-051B58B86DA6}" = PhotoGallery
"{C337BDAF-CB4E-47E2-BE1A-CB31BB7DD0E3}" = Apple Mobile Device Support
"{C3FAA091-B278-44A7-BF48-190811C5F9F7}" = cp_UpdateProjectsConfig
"{C78EAC6F-7A73-452E-8134-DBB2165C5A68}" = QuickTime
"{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}" = HP Update
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CB6075D9-F912-40AE-BEA6-E590DA24F16B}" = Adobe Photoshop Elements 7.0
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240B8}" = WinZip 12.1
"{D7DBA21A-CDE5-42EC-BB1C-AE4B3E616B9A}_is1" = HP Support Overview
"{DAAD5187-62C5-4AD6-A526-803C18C4944D}" = HP Web Helper
"{DB518BA6-CB74-4EB6-9ABD-880B6D6E1F38}" = HpSdpAppCoreApp
"{DBEA1034-5882-4A88-8033-81C4EF0CFA29}" = Google Toolbar for Internet Explorer
"{DDBB28C8-B2AA-45A1-8DCE-059A798509FB}" = MobileMe Control Panel
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E6D9BC25-0DBC-4368-8E4A-7DEE80661CD9}" = TurboTax 2008 WinPerProgramHelp
"{EA2BEBD6-87B9-41E5-95AC-7E4C165A9475}" = WexTech AnswerWorks
"{ECE3188A-3B11-4332-B1B9-43FAA9A02626}" = TheSkyX First Light Edition
"{ED2C557E-9C18-41FF-B58E-A05EEF0B3B5F}" = CP_CalendarTemplates1
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{FB15E224-67C3-491F-9F5C-F257BC418412}" = Destinations
"12133444-BF36-4d4e-B7FB-A3424C645DE4" = GemMaster Mystic
"3554AA4B-9B0B-451a-A269-2B5F53982209_is1" = ThreatFire
"Ad-Aware" = Ad-Aware
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop Elements 7" = Adobe Photoshop Elements 7.0
"Adobe Shockwave Player" = Adobe Shockwave Player
"Adobe® Photoshop® Album Starter Edition 3.2" = Adobe® Photoshop® Album Starter Edition 3.2
"ATI Display Driver" = ATI Display Driver
"AwayMode160" = Microsoft Away Mode
"B3EE3001-DC24-4cd1-8743-5692C716659F" = Otto
"CCleaner" = CCleaner
"Chart Navigator" = Chart Navigator
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200C14F1" = Data Fax SoftModem with SmartCP
"CutePDF Writer Installation" = CutePDF Writer 2.7
"Dragons_is1" = Dragons 7.0 Trial Version
"FLV Player" = FLV Player 2.0 (build 25)
"FLV Player2.0 " = FLV Player
"Google Updater" = Google Updater
"HijackThis" = HijackThis 2.0.2
"HP Imaging Device Functions" = HP Imaging Device Functions 7.0
"HP Photo & Imaging" = HP Photosmart Premier Software 6.5
"HPOOVClient-5577497 Uninstaller" = Compaq Connections (remove only)
"Install WeatherBug" = Remove WeatherBug Installer
"InstallShield_{23012310-3E05-46A5-88A9-C6CBCABCAC79}" = Customer Experience Enhancement
"Lexmark 3300 Series" = Lexmark 3300 Series
"Lexmark Fax Solutions" = Lexmark Fax Solutions
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MediaScout for AT&T Homezone" = MediaScout for AT&T Homezone
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Money2006b" = Microsoft Money 2006
"Mozilla Firefox (3.0.17)" = Mozilla Firefox (3.0.17)
"Mozilla Thunderbird (2.0.0.23)" = Mozilla Thunderbird (2.0.0.23)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Office8.0" = Microsoft Office 97, Professional Edition
"onedata.oneglobalconnect.2e5c80d0-7e55-102b-83e0-d58416df1ff9.D45FE6DB8CAC475DE9B799058C6F9A7FFEDDFAC3.1" = OneGlobalConnect
"PC-Doctor 5 for Windows" = PC-Doctor 5 for Windows
"Photo Gadget Viewer_is1" = Photo Gadget Viewer
"PhotoshopdotcomInspirationBrowser.4C35C4D325D350FE0114230CBADCA2DDD0AC8D25.1" = Adobe Photoshop.com Inspiration Browser
"Python 2.2.3" = Python 2.2.3
"pywin32-py2.2" = Python 2.2 pywin32 extensions (build 203)
"RealPlayer 6.0" = RealPlayer
"Rhapsody" = Rhapsody
"SCII_is1" = SeaClear II
"Secunia PSI" = Secunia PSI
"Spybot - Search & Destroy_is1" = Spybot - Search & Destroy 1.4
"ST6UNST #1" = SeaTrackEdit
"ST6UNST #2" = SeaTrace
"Stellarium_is1" = Stellarium 0.10.2
"TurboTax 2008" = TurboTax 2008
"TurboTax Deluxe 2007" = TurboTax Deluxe 2007
"TurboTax Deluxe Deduction Maximizer 2006" = TurboTax Deluxe Deduction Maximizer 2006
"UnityWebPlayer" = Unity Web Player
"Visual Passage Planner_is1" = Visual Passage Planner 2
"WildTangent compaq Master Uninstall" = My HP Games
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows Mobile Device Handbook" = Windows Mobile® Device Handbook
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Yahoo! Companion" = Yahoo! Toolbar for Internet Explorer
"Yahoo! Toolbar" = Yahoo! Toolbar

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 12/11/2009 9:20:55 AM | Computer Name = NAPOLITANO | Source = McLogEvent | ID = 5022
Description = MCSCAN32 Engine Initialisation failed. Engine returned error : 8

Error - 12/11/2009 9:20:57 AM | Computer Name = NAPOLITANO | Source = McLogEvent | ID = 5022
Description = MCSCAN32 Engine Initialisation failed. Engine returned error : 8

Error - 1/8/2010 7:25:17 PM | Computer Name = NAPOLITANO | Source = Application Error | ID = 1004
Description = Faulting application lsass.exe, version 5.1.2600.2180, faulting module
lsasrv.dll, version 5.1.2600.2976, fault address 0x00012584.

Error - 1/8/2010 7:25:38 PM | Computer Name = NAPOLITANO | Source = Application Error | ID = 1004
Description = Faulting application dllhost.exe, version 5.1.2600.2180, faulting
module unknown, version 0.0.0.0, fault address 0x00000000.

Error - 1/8/2010 7:25:51 PM | Computer Name = NAPOLITANO | Source = Application Error | ID = 1004
Description = Faulting application svchost.exe, version 0.0.0.0, faulting module
unknown, version 0.0.0.0, fault address 0x00000000.

Error - 1/8/2010 7:33:58 PM | Computer Name = NAPOLITANO | Source = Application Hang | ID = 1002
Description = Hanging application SpybotSD.exe, version 1.4.0.3, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 1/8/2010 7:47:04 PM | Computer Name = NAPOLITANO | Source = Application Hang | ID = 1002
Description = Hanging application SpybotSD.exe, version 1.4.0.3, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 1/8/2010 7:56:17 PM | Computer Name = NAPOLITANO | Source = Lavasoft Ad-Aware Service | ID = 0
Description =

Error - 1/8/2010 8:39:24 PM | Computer Name = NAPOLITANO | Source = McLogEvent | ID = 5051
Description = A thread in process C:\Program Files\McAfee\VirusScan Enterprise\mcshield.exe
took longer than 100000 ms to complete a request. The process will be terminated.
Thread
id : 2896 (0xb50) Thread address : 0x7C90EB94 Thread message : Build VSCORE.13.3.1.100
/ 5400.1158 Object being scanned = \Device\HarddiskVolume1\Program Files\PSE7_WIN_WWE.exe

by C:\WINDOWS\Explorer.EXE 4(0)(0) 4(0)(0) 7200(0)(0) 7595(0)(0) 7005(0)(0) 7004(0)(0)

5006(0)(0) 5004(0)(0)

Error - 1/8/2010 8:39:25 PM | Computer Name = NAPOLITANO | Source = McLogEvent | ID = 1008
Description = The McShield service terminated unexpectedly. Please review event 5019
or 5051 for details. The McShield service will be restarted in 5 seconds;

[ System Events ]
Error - 1/15/2010 10:37:13 PM | Computer Name = NAPOLITANO | Source = Service Control Manager | ID = 7000
Description = The Upload Manager service failed to start due to the following error:
%%1079

Error - 1/15/2010 10:37:18 PM | Computer Name = NAPOLITANO | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
ftsata2

Error - 1/18/2010 12:41:14 AM | Computer Name = NAPOLITANO | Source = Service Control Manager | ID = 7000
Description = The Upload Manager service failed to start due to the following error:
%%1079

Error - 1/18/2010 12:41:25 AM | Computer Name = NAPOLITANO | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
ftsata2

Error - 1/18/2010 7:36:56 PM | Computer Name = NAPOLITANO | Source = Service Control Manager | ID = 7000
Description = The Upload Manager service failed to start due to the following error:
%%1079

Error - 1/18/2010 7:37:04 PM | Computer Name = NAPOLITANO | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
ftsata2

Error - 1/18/2010 10:43:05 PM | Computer Name = NAPOLITANO | Source = Service Control Manager | ID = 7000
Description = The Upload Manager service failed to start due to the following error:
%%1079

Error - 1/18/2010 10:43:18 PM | Computer Name = NAPOLITANO | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
ftsata2

Error - 1/19/2010 6:39:22 PM | Computer Name = NAPOLITANO | Source = Service Control Manager | ID = 7000
Description = The Upload Manager service failed to start due to the following error:
%%1079

Error - 1/19/2010 6:39:33 PM | Computer Name = NAPOLITANO | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
ftsata2


< End of report >


#8 Buckeye_Sam

Buckeye_Sam

    Malware Expert


  • Members
  • 17,382 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Pickerington, Ohio
  • Local time:05:33 PM

Posted 19 January 2010 - 06:51 PM


Please download JavaRa to your desktop and unzip it to its own folder
  • Run JavaRa.exe, pick the language of your choice and click Select. Then click Remove Older Versions.
  • Accept any prompts.
  • Open JavaRa.exe again and select Search For Updates.
  • Select Update Using Sun Java's Website then click Search and click on the Open Webpage button. Download and install the latest Java Runtime Environment (JRE) version for your computer.



=================



Download Kenco.exe to your desktop
  • Close all windows and run the program
  • It wont take long to run. Post the log it gives you ( it will also be saved in the same place as Kenco.exe


================


Please download ComboFix from one of these locations:

Link 1
Link 2
Link 3

Important!
You should NOT use Combofix unless you have been instructed to do so by a Malware Removal Expert.
It is intended by its creator to be used under the guidance and supervision of an Malware Removal Expert, not for private use.
Using this tool incorrectly could lead to disastrous problems with your operating system such as preventing it from ever starting again.



Make sure that you save ComboFix.exe to your Desktop
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools

  • Double click on ComboFix.exe & follow the prompts.

  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.

  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.





Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:




Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please copy and paste the contents of C:\ComboFix.txt in your next reply.


Posted Image If I have helped you in any way, please consider a donation to help me continue the fight against malware.


Failing to respond back to the person that is giving up their own time to help you not only is insensitive and disrespectful, but it guarantees that you will never receive help from me again. Please thank your helpers and there will always be help here when you need it!


========================================================

#9 nappy212

nappy212
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:04:33 PM

Posted 19 January 2010 - 11:13 PM

Thank you Sam, just got home and ran the Kenco scan, here are the results.....
I will follow up with the ComboFix log in a separate reply. I have to get some sleep, work comes awfully early
tomorrow morning....thanks again!!

Kenco by jpshortstuff (31.12.09.1)
Log created at 22:04 on 19/01/2010 (Compaq_Administrator)

========== Task Unlocker ==========

========== KencoScan ==========

========== C:\WINDOWS\Tasks ==========
Ad-Aware Update (Daily 1).job -> [23:58 08/01/2010] 472 bytes
Ad-Aware Update (Daily 2).job -> [23:58 08/01/2010] 472 bytes
Ad-Aware Update (Daily 3).job -> [23:58 08/01/2010] 472 bytes
Ad-Aware Update (Daily 4).job -> [23:58 08/01/2010] 472 bytes
Ad-Aware Update (Weekly).job -> [23:58 08/01/2010] 472 bytes
AppleSoftwareUpdate.job -> [04:48 31/07/2007] 284 bytes
Google Software Updater.job -> [17:55 24/03/2009] 868 bytes
GoogleUpdateTaskMachineCore.job -> [04:29 01/07/2009] 882 bytes
GoogleUpdateTaskMachineUA.job -> [04:29 01/07/2009] 886 bytes

-=E.O.F=-

#10 nappy212

nappy212
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:04:33 PM

Posted 19 January 2010 - 11:51 PM

Sam,
this is the combofix log file...please let me know the next steps...again, thanks!!
Nappy

ComboFix 10-01-19.03 - Compaq_Administrator 01/19/2010 22:34:51.1.2 - x86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1983.1288 [GMT -6:00]
Running from: c:\documents and settings\Compaq_Administrator\Desktop\ComboFix.exe
AV: McAfee VirusScan Enterprise *On-access scanning enabled* (Updated) {918A2B0B-2C60-4016-A4AB-E868DEABF7F0}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\docume~1\COMPAQ~1\LOCALS~1\Temp\IadHide5.dll
c:\documents and settings\Compaq_Administrator\Local Settings\Application Data\{2A4216FA-5514-451C-962E-CB9540E5FC81}
c:\documents and settings\Compaq_Administrator\Local Settings\Application Data\{2A4216FA-5514-451C-962E-CB9540E5FC81}\chrome.manifest
c:\documents and settings\Compaq_Administrator\Local Settings\Application Data\{2A4216FA-5514-451C-962E-CB9540E5FC81}\chrome\content\_cfg.js
c:\documents and settings\Compaq_Administrator\Local Settings\Application Data\{2A4216FA-5514-451C-962E-CB9540E5FC81}\chrome\content\overlay.xul
c:\documents and settings\Compaq_Administrator\Local Settings\Application Data\{2A4216FA-5514-451C-962E-CB9540E5FC81}\install.rdf
c:\documents and settings\Compaq_Administrator\Local Settings\Temp\IadHide5.dll
c:\documents and settings\Compaq_Administrator\My Documents\registry backup 080803.reg
c:\windows\kb913800.exe
c:\windows\unins000.dat
c:\windows\unins000.exe
D:\Autorun.inf

.
((((((((((((((((((((((((( Files Created from 2009-12-20 to 2010-01-20 )))))))))))))))))))))))))))))))
.

2010-01-15 22:31 . 2010-01-15 22:31 -------- d-----w- c:\windows\system32\scripting
2010-01-15 22:31 . 2010-01-15 22:51 -------- d-----w- c:\windows\system32\bits
2010-01-15 22:31 . 2010-01-15 22:31 -------- d-----w- c:\windows\system32\en
2010-01-15 22:31 . 2010-01-15 22:31 -------- d-----w- c:\windows\l2schemas
2010-01-15 22:27 . 2007-08-11 02:46 33656 ----a-w- c:\windows\system32\sprecovr.exe
2010-01-15 22:17 . 2008-04-14 00:12 7680 ----a-w- c:\windows\system32\spdwnwxp.exe
2010-01-15 22:03 . 2010-01-15 22:18 -------- d-----w- c:\windows\system32\CatRoot_bak
2010-01-15 21:43 . 2010-01-15 21:43 -------- d-----w- c:\program files\Secunia
2010-01-15 19:42 . 2010-01-15 19:42 -------- d-----w- c:\program files\Trend Micro
2010-01-10 04:18 . 2010-01-10 05:26 -------- d-----w- c:\documents and settings\Compaq_Administrator\Application Data\Malwarebytes
2010-01-10 04:18 . 2010-01-10 04:18 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-01-10 04:18 . 2010-01-20 04:24 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-01-10 04:02 . 2010-01-10 04:02 -------- d-----w- c:\program files\Autoruns
2010-01-10 03:35 . 2010-01-20 04:24 -------- d-----w- c:\program files\ThreatFire
2010-01-10 03:35 . 2010-01-10 03:35 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Tools
2010-01-10 03:33 . 2010-01-10 03:33 8991968 ----a-w- c:\temp\tfinstall.exe
2010-01-09 01:03 . 2009-12-02 13:19 15880 ----a-w- c:\windows\system32\lsdelete.exe
2010-01-08 23:57 . 2009-12-02 13:19 64288 ----a-w- c:\windows\system32\drivers\Lbd.sys
2010-01-08 23:57 . 2010-01-08 23:57 862040 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\threatwork.exe
2010-01-08 23:57 . 2010-01-08 23:57 206944 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\lavamessage.dll
2010-01-08 23:57 . 2010-01-08 23:57 537576 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\aawapi.dll
2010-01-08 23:57 . 2010-01-08 23:57 390288 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\lavalicense.dll
2010-01-08 23:57 . 2010-01-08 23:57 370744 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\UpdateManager.dll
2010-01-08 23:57 . 2010-01-08 23:57 194104 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Savapibridge.dll
2010-01-08 23:56 . 2010-01-08 23:56 6296864 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Resources.dll
2010-01-08 23:56 . 2010-01-08 23:56 933120 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\CEAPI.dll
2010-01-08 23:56 . 2010-01-08 23:56 816272 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Ad-AwareCommand.exe
2010-01-08 23:56 . 2010-01-08 23:56 822904 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Ad-AwareAdmin.exe
2010-01-08 23:56 . 2010-01-08 23:56 1643272 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Ad-Aware.exe
2010-01-08 23:56 . 2010-01-08 23:56 788880 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\AAWTray.exe
2010-01-08 23:56 . 2010-01-08 23:56 1181328 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\AAWService.exe
2010-01-08 23:55 . 2010-01-08 23:55 -------- dc-h--w- c:\documents and settings\All Users\Application Data\{BC9FCCF7-E686-494B-8C9B-55C9A39A7CA9}
2010-01-08 23:55 . 2009-12-07 14:10 2953352 -c--a-w- c:\documents and settings\All Users\Application Data\{BC9FCCF7-E686-494B-8C9B-55C9A39A7CA9}\Ad-AwareInstallation.exe
2010-01-08 23:55 . 2010-01-08 23:55 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft
2010-01-08 23:51 . 2010-01-08 23:54 91338304 ----a-w- c:\temp\Ad-AwareInstallation.exe
2010-01-08 22:38 . 2010-01-08 22:38 3357024 ----a-w- c:\temp\ccsetup227.exe
2010-01-08 19:32 . 2010-01-15 21:25 120 ----a-w- c:\windows\Wqibeziva.dat
2010-01-08 19:32 . 2010-01-15 19:13 0 ----a-w- c:\windows\Qdurakokoxevoko.bin

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-20 03:54 . 2006-08-08 08:45 -------- d-----w- c:\program files\Java
2010-01-19 22:39 . 2008-07-17 22:27 -------- d-----w- c:\documents and settings\All Users\Application Data\Google Updater
2010-01-18 06:18 . 2010-01-18 06:18 16 ----a-w- c:\windows\popcinfo.dat
2010-01-18 05:25 . 2009-11-19 03:57 -------- d-----w- c:\program files\MSN Games
2010-01-18 05:22 . 2009-11-19 03:57 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2010-01-18 04:42 . 2009-06-12 22:23 -------- d-----w- c:\program files\Mozilla Thunderbird
2010-01-16 00:09 . 2010-01-16 00:09 411368 ----a-w- c:\windows\system32\deploytk.dll
2010-01-16 00:08 . 2010-01-16 00:08 152576 ----a-w- c:\documents and settings\Compaq_Administrator\Application Data\Sun\Java\jre1.6.0_17\lzma.dll
2010-01-16 00:08 . 2010-01-16 00:08 79488 ----a-w- c:\documents and settings\Compaq_Administrator\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll
2010-01-15 23:16 . 2007-03-08 02:31 -------- d-----w- c:\program files\CCleaner
2010-01-15 23:02 . 2005-08-31 04:01 92947 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-01-15 23:02 . 2010-01-15 23:02 208896 ----a-w- c:\windows\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\WebHelper.dll
2010-01-15 23:02 . 2010-01-15 23:02 45056 ----a-w- c:\windows\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\uninstallUI\eHelpSetup.exe
2010-01-15 23:02 . 2010-01-15 23:02 44032 ----a-w- c:\windows\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\Scripts\devcon.exe
2010-01-15 23:02 . 2010-01-15 23:02 61440 ----a-w- c:\windows\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\modemutil.dll
2010-01-15 23:02 . 2010-01-15 23:02 40960 ----a-w- c:\windows\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\ScDmi.dll
2010-01-15 23:02 . 2010-01-15 23:02 341048 ----a-w- c:\windows\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\HPBasicDetection3.dll
2010-01-15 23:02 . 2010-01-15 23:02 32768 ----a-w- c:\windows\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\uploadHSC.dll
2010-01-15 23:02 . 2010-01-15 23:02 32768 ----a-w- c:\windows\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\Scom.dll
2010-01-15 23:02 . 2010-01-15 23:02 163840 ----a-w- c:\windows\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\modemcheck.dll
2010-01-15 20:57 . 2009-01-08 23:51 -------- d-----w- c:\program files\Lx_cats
2010-01-09 00:43 . 2007-02-12 06:29 -------- d-----w- c:\program files\McAfee
2010-01-08 23:55 . 2007-02-17 22:40 -------- d-----w- c:\program files\Lavasoft
2010-01-08 23:50 . 2007-02-17 22:39 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-01-08 23:41 . 2007-11-20 20:18 -------- d-----w- c:\program files\Google
2009-12-12 00:45 . 2009-11-19 03:57 -------- d-----w- c:\program files\Oberon Media
2009-02-28 19:27 . 2009-02-28 19:16 476935928 ----a-w- c:\program files\PSE7_WIN_WWE.exe
2009-01-12 23:48 . 2009-01-12 23:47 1878848 ----a-w- c:\program files\facebook.exe
2008-10-30 19:26 . 2008-10-30 19:26 4026608 ----a-w- c:\program files\SRS_Audio_Sandbox.exe
2008-09-09 10:00 . 2009-02-28 19:38 46303 ----a-w- c:\program files\Photoshop Elements 7.0 Read Me.html
2008-07-10 03:59 . 2008-07-10 03:59 7024640 ----a-w- c:\program files\winzip112.msi
2008-07-04 18:36 . 2008-07-04 18:36 7422571 ----a-w- c:\program files\GDM6.exe
2008-07-03 16:15 . 2008-07-03 16:15 2919360 ----a-w- c:\program files\ccsetup209.exe
2007-02-25 02:39 . 2007-02-25 02:39 251 ----a-w- c:\program files\wt3d.ini
2006-02-03 16:37 . 2007-06-27 15:45 18725888 ----a-w- c:\program files\TIConnectV1.6.exe
2007-06-02 05:00 . 2007-06-02 05:00 22 --sha-w- c:\windows\SMINST\HPCD.sys
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2004-10-13 1694208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-09-30 67584]
"ftutil2"="ftutil2.dll" [2004-06-07 106496]
"RTHDCPL"="RTHDCPL.EXE" [2006-06-14 16239616]
"AlwaysReady Power Message APP"="ARPWRMSG.EXE" [2005-08-03 77312]
"Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2005-07-23 237568]
"HPBootOp"="c:\program files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" [2006-02-16 249856]
"ShStatEXE"="c:\program files\McAfee\VirusScan Enterprise\SHSTAT.EXE" [2006-11-30 112216]
"McAfeeUpdaterUI"="c:\program files\McAfee\Common Framework\UdaterUI.exe" [2006-11-17 136768]
"Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" [2007-03-09 63712]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-05-14 177472]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
"LXCCCATS"="c:\windows\System32\spool\DRIVERS\W32X86\3\LXCCtime.dll" [2005-01-10 69632]
"lxccmon.exe"="c:\program files\Lexmark 3300 Series\lxccmon.exe" [2005-02-21 192512]
"FaxCenterServer"="c:\program files\Lexmark Fax Solutions\fm3032.exe" [2005-01-20 299008]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-05-26 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-07-13 292128]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2010-01-16 149280]

c:\documents and settings\Compaq_Administrator\Start Menu\Programs\Startup\
Secunia PSI.lnk - c:\program files\Secunia\PSI\psi.exe [2009-8-21 900816]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Compaq Connections.lnk - c:\program files\Compaq Connections\5577497\Program\Compaq Connections.exe [2006-8-8 36903]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE [1999-2-17 65588]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Compaq Connections\\5577497\\Program\\Compaq Connections.exe"=
"c:\\Program Files\\McAfee\\Common Framework\\FrameworkService.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\AT&T_Homezone\\mediascout.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\WINDOWS\\system32\\lxcccoms.exe"=
"c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxccPSWX.EXE"=
"c:\\Program Files\\Adobe\\Photoshop Elements 7.0\\AdobePhotoshopElementsMediaServer.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"135:TCP"= 135:TCP:TCP Port 135
"5000:TCP"= 5000:TCP:TCP Port 5000
"5001:TCP"= 5001:TCP:TCP Port 5001
"5002:TCP"= 5002:TCP:TCP Port 5002
"5003:TCP"= 5003:TCP:TCP Port 5003
"5004:TCP"= 5004:TCP:TCP Port 5004
"5005:TCP"= 5005:TCP:TCP Port 5005
"5006:TCP"= 5006:TCP:TCP Port 5006
"5007:TCP"= 5007:TCP:TCP Port 5007
"5008:TCP"= 5008:TCP:TCP Port 5008
"5009:TCP"= 5009:TCP:TCP Port 5009
"5010:TCP"= 5010:TCP:TCP Port 5010
"5011:TCP"= 5011:TCP:TCP Port 5011
"5012:TCP"= 5012:TCP:TCP Port 5012
"5013:TCP"= 5013:TCP:TCP Port 5013
"5014:TCP"= 5014:TCP:TCP Port 5014
"5015:TCP"= 5015:TCP:TCP Port 5015
"5016:TCP"= 5016:TCP:TCP Port 5016
"5017:TCP"= 5017:TCP:TCP Port 5017
"5018:TCP"= 5018:TCP:TCP Port 5018
"5019:TCP"= 5019:TCP:TCP Port 5019
"5020:TCP"= 5020:TCP:TCP Port 5020

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [1/8/2010 5:57 PM 64288]
R2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;c:\program files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [9/16/2008 12:03 PM 169312]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [12/2/2009 7:19 AM 1181328]
S2 gupdate1c9c3583c05393a;Google Update Service (gupdate1c9c3583c05393a);c:\program files\Google\Update\GoogleUpdate.exe [4/22/2009 8:40 AM 133104]
S3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [6/17/2009 6:20 AM 12648]
.
Contents of the 'Scheduled Tasks' folder

2010-01-20 c:\windows\Tasks\Ad-Aware Update (Daily 1).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-12-02 23:56]

2010-01-20 c:\windows\Tasks\Ad-Aware Update (Daily 2).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-12-02 23:56]

2010-01-20 c:\windows\Tasks\Ad-Aware Update (Daily 3).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-12-02 23:56]

2010-01-20 c:\windows\Tasks\Ad-Aware Update (Daily 4).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-12-02 23:56]

2010-01-20 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-12-02 23:56]

2010-01-15 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 17:34]

2010-01-20 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-11-20 17:55]

2010-01-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-04-22 14:39]

2010-01-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-04-22 14:39]
.
.
------- Supplementary Scan -------
.
uDefault_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=64&bd=PRESARIO&pf=desktop
mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=64&bd=PRESARIO&pf=desktop
uInternet Connection Wizard,ShellNext = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=64&bd=PRESARIO&pf=desktop
uInternet Settings,ProxyOverride = *.local
Trusted Zone: turbotax.com
FF - ProfilePath - c:\documents and settings\Compaq_Administrator\Application Data\Mozilla\Firefox\Profiles\c7hygrzr.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Unity\WebPlayer\loader\npUnity3D32.dll
.
- - - - ORPHANS REMOVED - - - -

Notify-dimsntfy - (no file)
AddRemove-{D7DBA21A-CDE5-42EC-BB1C-AE4B3E616B9A}_is1 - c:\windows\unins000.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-19 22:43
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
LXCCCATS = rundll32 c:\windows\System32\spool\DRIVERS\W32X86\3\LXCCtime.dll,_RunDLLEntry@16???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(648)
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'explorer.exe'(3700)
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\windows\arservice.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\eHome\ehRecvr.exe
c:\windows\eHome\ehSched.exe
c:\windows\RTHDCPL.EXE
c:\windows\ARPWRMSG.EXE
c:\program files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
c:\program files\McAfee\Common Framework\McTray.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\McAfee\Common Framework\FrameworkService.exe
c:\program files\McAfee\VirusScan Enterprise\mcshield.exe
c:\program files\McAfee\VirusScan Enterprise\vstskmgr.exe
c:\program files\Microsoft ActiveSync\wcescomm.exe
c:\program files\McAfee\Common Framework\naPrdMgr.exe
c:\progra~1\MICROS~4\rapimgr.exe
c:\windows\ehome\mcrdsvc.exe
c:\windows\system32\dllhost.exe
c:\windows\system32\wbem\unsecapp.exe
c:\windows\eHome\ehmsas.exe
c:\program files\iPod\bin\iPodService.exe
c:\windows\system32\lxcccoms.exe
c:\program files\Lavasoft\Ad-Aware\AAWTray.exe
c:\hp\KBD\KBD.EXE
c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe
.
**************************************************************************
.
Completion time: 2010-01-19 22:48:59 - machine was rebooted
ComboFix-quarantined-files.txt 2010-01-20 04:48

Pre-Run: 152,339,128,320 bytes free
Post-Run: 152,621,092,864 bytes free

- - End Of File - - 101B0ABFCD1911D7DD34C558952BAC65


#11 nappy212

nappy212
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:04:33 PM

Posted 20 January 2010 - 12:00 AM

Sam,

I just checked after the scan and the google redirects are gone
and the browser is bringing me to the appropriate site.
Thanks a bunch.....I would appreciate any advice you can give me to clean up my machine
further and your suggestions for making it safer.....thanks a bunch!!!

Nappy

#12 Buckeye_Sam

Buckeye_Sam

    Malware Expert


  • Members
  • 17,382 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Pickerington, Ohio
  • Local time:05:33 PM

Posted 20 January 2010 - 08:23 AM


Please visit the online Virustotal Virus Scanner
  • Click on Browse button.
  • Navigate to the following file and upload it.


    c:\program files\facebook.exe


  • The scanner will check the file with various AV companies.
  • Copy and paste the results box into a reply to this thread.


Posted Image If I have helped you in any way, please consider a donation to help me continue the fight against malware.


Failing to respond back to the person that is giving up their own time to help you not only is insensitive and disrespectful, but it guarantees that you will never receive help from me again. Please thank your helpers and there will always be help here when you need it!


========================================================

#13 nappy212

nappy212
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:04:33 PM

Posted 20 January 2010 - 12:18 PM

Thank you Sam,
am at work, will get home about 5:30 your time and will execute the scan.

Thanks again!

Nappy

#14 nappy212

nappy212
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:04:33 PM

Posted 20 January 2010 - 06:14 PM

Sam,
this is the report: I will include both current report and last report.

Current report:

File has already been analysed:
MD5: 3aa21801751f9061a6b330ed5953150d
First received: 2007.12.31 15:00:30 UTC
Date: 2010.01.09 05:14:39 UTC [>11D]
Results: 1/41
Permalink: analisis/d46ac713cf17d38cbbd6d587011f729f8b4944cbeaf36dc9d3432a33f467e060-1263014079

Previous Analysis:

File facebook.exe received on 2010.01.09 05:14:39 (UTC)
Current status: finished
Result: 1/41 (2.44%)
Compact Compact
Print results Print results
Antivirus Version Last Update Result
a-squared 4.5.0.48 2010.01.08 -
AhnLab-V3 5.0.0.2 2010.01.09 -
AntiVir 7.9.1.130 2010.01.08 -
Antiy-AVL 2.0.3.7 2010.01.08 -
Authentium 5.2.0.5 2010.01.09 -
Avast 4.8.1351.0 2010.01.08 -
AVG 8.5.0.430 2010.01.04 -
BitDefender 7.2 2010.01.09 -
CAT-QuickHeal 10.00 2010.01.09 -
ClamAV 0.94.1 2010.01.09 -
Comodo 3514 2010.01.08 -
DrWeb 5.0.1.12222 2010.01.09 -
eSafe 7.0.17.0 2010.01.07 Win32.Banker
eTrust-Vet 35.2.7226 2010.01.08 -
F-Prot 4.5.1.85 2010.01.08 -
F-Secure 9.0.15370.0 2010.01.09 -
Fortinet 4.0.14.0 2010.01.09 -
GData 19 2010.01.09 -
Ikarus T3.1.1.80.0 2010.01.08 -
Jiangmin 13.0.900 2010.01.08 -
K7AntiVirus 7.10.942 2010.01.08 -
Kaspersky 7.0.0.125 2010.01.09 -
McAfee 5855 2010.01.08 -
McAfee+Artemis 5855 2010.01.08 -
McAfee-GW-Edition 6.8.5 2010.01.09 -
Microsoft 1.5302 2010.01.08 -
NOD32 4755 2010.01.08 -
Norman 6.04.03 2010.01.08 -
nProtect 2009.1.8.0 2010.01.08 -
Panda 10.0.2.2 2010.01.08 -
PCTools 7.0.3.5 2010.01.09 -
Prevx 3.0 2010.01.09 -
Rising 22.29.05.01 2010.01.09 -
Sophos 4.49.0 2010.01.09 -
Sunbelt 3.2.1858.2 2010.01.09 -
Symantec 20091.2.0.41 2010.01.09 -
TheHacker 6.5.0.3.143 2010.01.09 -
TrendMicro 9.120.0.1004 2010.01.09 -
VBA32 3.12.12.1 2010.01.09 -
ViRobot 2010.1.8.2128 2010.01.08 -
VirusBuster 5.0.21.0 2010.01.08 -
Additional information
File size: 1878848 bytes
MD5 : 3aa21801751f9061a6b330ed5953150d
SHA1 : 0f44c32fe20d20cf5621d20c0f1ae3fc34dcb85d
SHA256: d46ac713cf17d38cbbd6d587011f729f8b4944cbeaf36dc9d3432a33f467e060
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x30CC
timedatestamp.....: 0x4698E7ED (Sat Jul 14 17:12:45 2007)
machinetype.......: 0x14C (Intel I386)

( 5 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x5790 0x5800 6.45 68cc22b2bd0cc8df409e41deae019104
.rdata 0x7000 0x117A 0x1200 5.17 a35acf337f1c9239e9badd837634516a
.data 0x9000 0x1AFD8 0x400 5.00 4fc7f48111c4a34a185e413598c63a11
.ndata 0x24000 0x8000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
.rsrc 0x2C000 0x5C8 0x600 3.03 a3294c6faf13e7f8f548558663bc1e96

( 8 imports )

> advapi32.dll: RegQueryValueExA, RegSetValueExA, RegEnumKeyA, RegEnumValueA, RegOpenKeyExA, RegDeleteKeyA, RegDeleteValueA, RegCloseKey, RegCreateKeyExA
> comctl32.dll: ImageList_AddMasked, ImageList_Destroy, -, ImageList_Create
> gdi32.dll: SetBkColor, GetDeviceCaps, DeleteObject, CreateBrushIndirect, CreateFontIndirectA, SetBkMode, SetTextColor, SelectObject
> kernel32.dll: CompareFileTime, SearchPathA, GetShortPathNameA, GetFullPathNameA, MoveFileA, SetCurrentDirectoryA, GetFileAttributesA, GetLastError, CreateDirectoryA, SetFileAttributesA, Sleep, GetFileSize, GetModuleFileNameA, GetTickCount, GetCurrentProcess, CopyFileA, ExitProcess, SetFileTime, GetTempPathA, GetCommandLineA, SetErrorMode, LoadLibraryA, lstrcpynA, GetDiskFreeSpaceA, GlobalUnlock, GlobalLock, CreateThread, CreateProcessA, RemoveDirectoryA, CreateFileA, GetTempFileNameA, lstrlenA, lstrcatA, GetSystemDirectoryA, CloseHandle, lstrcmpiA, lstrcmpA, ExpandEnvironmentStringsA, GlobalFree, GlobalAlloc, WaitForSingleObject, GetExitCodeProcess, GetModuleHandleA, LoadLibraryExA, GetProcAddress, FreeLibrary, MultiByteToWideChar, WritePrivateProfileStringA, GetPrivateProfileStringA, WriteFile, ReadFile, MulDiv, SetFilePointer, FindClose, FindNextFileA, FindFirstFileA, DeleteFileA, GetWindowsDirectoryA
> ole32.dll: CoTaskMemFree, OleInitialize, OleUninitialize, CoCreateInstance
> shell32.dll: SHGetPathFromIDListA, SHBrowseForFolderA, SHGetFileInfoA, ShellExecuteA, SHFileOperationA, SHGetSpecialFolderLocation
> user32.dll: EndDialog, ScreenToClient, GetWindowRect, EnableMenuItem, GetSystemMenu, SetClassLongA, IsWindowEnabled, SetWindowPos, GetSysColor, GetWindowLongA, SetCursor, LoadCursorA, CheckDlgButton, GetMessagePos, LoadBitmapA, CallWindowProcA, IsWindowVisible, CloseClipboard, SetClipboardData, EmptyClipboard, RegisterClassA, TrackPopupMenu, AppendMenuA, CreatePopupMenu, GetSystemMetrics, SetDlgItemTextA, GetDlgItemTextA, MessageBoxIndirectA, CharPrevA, DispatchMessageA, PeekMessageA, CreateDialogParamA, DestroyWindow, SetTimer, SetWindowTextA, PostQuitMessage, SetForegroundWindow, wsprintfA, SendMessageTimeoutA, FindWindowExA, SystemParametersInfoA, CreateWindowExA, GetClassInfoA, DialogBoxParamA, CharNextA, OpenClipboard, ExitWindowsEx, IsWindow, GetDlgItem, SetWindowLongA, LoadImageA, GetDC, EnableWindow, InvalidateRect, SendMessageA, DefWindowProcA, BeginPaint, GetClientRect, FillRect, DrawTextA, EndPaint, ShowWindow
> version.dll: GetFileVersionInfoSizeA, GetFileVersionInfoA, VerQueryValueA

( 0 exports )
TrID : File type identification
Win32 Executable MS Visual C++ (generic) (65.2%)
Win32 Executable Generic (14.7%)
Win32 Dynamic Link Library (generic) (13.1%)
Generic Win/DOS Executable (3.4%)
DOS Executable Generic (3.4%)
ThreatExpert: http://www.threatexpert.com/report.aspx?md...6b330ed5953150d
ssdeep: 24576:jHgslUFa8alANW/2HFUpeSje3Lev0k4um1/2mqyI+oHP3yShCsL7FqvIdDcKRhh7:aCv2lUp4be3mRJGRL5hcKvhvOBp28bm
PEiD : -
packers (Kaspersky): Py2Exe
packers (F-Prot): NSIS
CWSandbox: http://research.sunbelt-software.com/partn...6b330ed5953150d
RDS : NSRL Reference Data Set


#15 nappy212

nappy212
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:04:33 PM

Posted 20 January 2010 - 06:23 PM

Sam,
this is the Virus Total file re-analyzed today 1/20/2010:

Re-analyzed File 1/20/2010

File facebook.exe received on 2010.01.20 23:10:01 (UTC)
Current status: finished
Result: 1/41 (2.44%)

Antivirus Version Last Update Result
a-squared 4.5.0.50 2010.01.21 -
AhnLab-V3 5.0.0.2 2010.01.20 -
AntiVir 7.9.1.146 2010.01.20 -
Antiy-AVL 2.0.3.7 2010.01.20 -
Authentium 5.2.0.5 2010.01.20 -
Avast 4.8.1351.0 2010.01.20 -
AVG 9.0.0.730 2010.01.19 -
BitDefender 7.2 2010.01.21 -
CAT-QuickHeal 10.00 2010.01.20 -
ClamAV 0.94.1 2010.01.20 -
Comodo 3651 2010.01.21 -
DrWeb 5.0.1.12222 2010.01.20 -
eSafe 7.0.17.0 2010.01.20 Win32.Banker
eTrust-Vet 35.2.7249 2010.01.20 -
F-Prot 4.5.1.85 2010.01.20 -
F-Secure 9.0.15370.0 2010.01.21 -
Fortinet 4.0.14.0 2010.01.20 -
GData 19 2010.01.21 -
Ikarus T3.1.1.80.0 2010.01.20 -
Jiangmin 13.0.900 2010.01.20 -
K7AntiVirus 7.10.951 2010.01.20 -
Kaspersky 7.0.0.125 2010.01.21 -
McAfee 5867 2010.01.20 -
McAfee+Artemis 5867 2010.01.20 -
McAfee-GW-Edition 6.8.5 2010.01.20 -
Microsoft 1.5302 2010.01.20 -
NOD32 4791 2010.01.20 -
Norman 6.04.03 2010.01.20 -
nProtect 2009.1.8.0 2010.01.20 -
Panda 10.0.2.2 2010.01.20 -
PCTools 7.0.3.5 2010.01.19 -
Prevx 3.0 2010.01.21 -
Rising 22.31.02.04 2010.01.20 -
Sophos 4.50.0 2010.01.20 -
Sunbelt 3.2.1858.2 2010.01.20 -
Symantec 20091.2.0.41 2010.01.20 -
TheHacker 6.5.0.7.157 2010.01.20 -
TrendMicro 9.120.0.1004 2010.01.20 -
VBA32 3.12.12.1 2010.01.20 -
ViRobot 2010.1.20.2146 2010.01.20 -
VirusBuster 5.0.21.0 2010.01.20 -
Additional information
File size: 1878848 bytes
MD5...: 3aa21801751f9061a6b330ed5953150d
SHA1..: 0f44c32fe20d20cf5621d20c0f1ae3fc34dcb85d
SHA256: d46ac713cf17d38cbbd6d587011f729f8b4944cbeaf36dc9d3432a33f467e060
ssdeep: 24576:jHgslUFa8alANW/2HFUpeSje3Lev0k4um1/2mqyI+oHP3yShCsL7FqvIdD
cKRhh7:aCv2lUp4be3mRJGRL5hcKvhvOBp28bm
PEiD..: -
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x30cc
timedatestamp.....: 0x4698e7ed (Sat Jul 14 15:12:45 2007)
machinetype.......: 0x14c (I386)

( 5 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x5790 0x5800 6.45 68cc22b2bd0cc8df409e41deae019104
.rdata 0x7000 0x117a 0x1200 5.17 a35acf337f1c9239e9badd837634516a
.data 0x9000 0x1afd8 0x400 5.00 4fc7f48111c4a34a185e413598c63a11
.ndata 0x24000 0x8000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
.rsrc 0x2c000 0x5c8 0x600 3.03 a3294c6faf13e7f8f548558663bc1e96

( 8 imports )
> KERNEL32.dll: CompareFileTime, SearchPathA, GetShortPathNameA, GetFullPathNameA, MoveFileA, SetCurrentDirectoryA, GetFileAttributesA, GetLastError, CreateDirectoryA, SetFileAttributesA, Sleep, GetFileSize, GetModuleFileNameA, GetTickCount, GetCurrentProcess, CopyFileA, ExitProcess, SetFileTime, GetTempPathA, GetCommandLineA, SetErrorMode, LoadLibraryA, lstrcpynA, GetDiskFreeSpaceA, GlobalUnlock, GlobalLock, CreateThread, CreateProcessA, RemoveDirectoryA, CreateFileA, GetTempFileNameA, lstrlenA, lstrcatA, GetSystemDirectoryA, CloseHandle, lstrcmpiA, lstrcmpA, ExpandEnvironmentStringsA, GlobalFree, GlobalAlloc, WaitForSingleObject, GetExitCodeProcess, GetModuleHandleA, LoadLibraryExA, GetProcAddress, FreeLibrary, MultiByteToWideChar, WritePrivateProfileStringA, GetPrivateProfileStringA, WriteFile, ReadFile, MulDiv, SetFilePointer, FindClose, FindNextFileA, FindFirstFileA, DeleteFileA, GetWindowsDirectoryA
> USER32.dll: EndDialog, ScreenToClient, GetWindowRect, EnableMenuItem, GetSystemMenu, SetClassLongA, IsWindowEnabled, SetWindowPos, GetSysColor, GetWindowLongA, SetCursor, LoadCursorA, CheckDlgButton, GetMessagePos, LoadBitmapA, CallWindowProcA, IsWindowVisible, CloseClipboard, SetClipboardData, EmptyClipboard, RegisterClassA, TrackPopupMenu, AppendMenuA, CreatePopupMenu, GetSystemMetrics, SetDlgItemTextA, GetDlgItemTextA, MessageBoxIndirectA, CharPrevA, DispatchMessageA, PeekMessageA, CreateDialogParamA, DestroyWindow, SetTimer, SetWindowTextA, PostQuitMessage, SetForegroundWindow, wsprintfA, SendMessageTimeoutA, FindWindowExA, SystemParametersInfoA, CreateWindowExA, GetClassInfoA, DialogBoxParamA, CharNextA, OpenClipboard, ExitWindowsEx, IsWindow, GetDlgItem, SetWindowLongA, LoadImageA, GetDC, EnableWindow, InvalidateRect, SendMessageA, DefWindowProcA, BeginPaint, GetClientRect, FillRect, DrawTextA, EndPaint, ShowWindow
> GDI32.dll: SetBkColor, GetDeviceCaps, DeleteObject, CreateBrushIndirect, CreateFontIndirectA, SetBkMode, SetTextColor, SelectObject
> SHELL32.dll: SHGetPathFromIDListA, SHBrowseForFolderA, SHGetFileInfoA, ShellExecuteA, SHFileOperationA, SHGetSpecialFolderLocation
> ADVAPI32.dll: RegQueryValueExA, RegSetValueExA, RegEnumKeyA, RegEnumValueA, RegOpenKeyExA, RegDeleteKeyA, RegDeleteValueA, RegCloseKey, RegCreateKeyExA
> COMCTL32.dll: ImageList_AddMasked, ImageList_Destroy, -, ImageList_Create
> ole32.dll: CoTaskMemFree, OleInitialize, OleUninitialize, CoCreateInstance
> VERSION.dll: GetFileVersionInfoSizeA, GetFileVersionInfoA, VerQueryValueA

( 0 exports )
RDS...: NSRL Reference Data Set
-
pdfid.: -
trid..: Win32 Executable MS Visual C++ (generic) (65.2%)
Win32 Executable Generic (14.7%)
Win32 Dynamic Link Library (generic) (13.1%)
Generic Win/DOS Executable (3.4%)
DOS Executable Generic (3.4%)
sigcheck:
publisher....: n/a
copyright....: n/a
product......: n/a
description..: n/a
original name: n/a
internal name: n/a
file version.: n/a
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned
packers (Kaspersky): Py2Exe
packers (F-Prot): NSIS





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users