Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Autorun worm or Bot????


  • This topic is locked This topic is locked
28 replies to this topic

#1 Jeff.T.G.

Jeff.T.G.

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:04:10 AM

Posted 24 February 2010 - 06:24 PM

After multiple hard disk wipes using Data Erase Pro, my laptop is still connecting to remote computers and sending out data to unkown people or places. I first noticed an issue in mid January and thought the problem had been resolved when Malwarebyted detected and removed Malware.trace and Swizzor. By the end of January, I was completely locked out and unable to logon to my computer because a message said I was no longer allowed to logon interactively by the Administrator. My computer has never been part of a network other than connecting to my blackberry. There has never been any other user other than myself on my laptop either.
I used the recovery console (which I had pre-installed and cofnigured) to explore my files and found many strange ones. Many files such as winlogon.exe.manifests, windows.shell.manifest, wuau.cpl.manifst, $winnt$.inf, and many more to numerous to name only gave me the response of "regfu" or a smiley face when I tried to use the "type" command to look at the text of the file. I began disabling services that had to do with the internet or remote connections and promptly got a BSOD when an unknown "session manager" was terminated.
After wiping and reinstalling again and trying to use various rescue disks such as Kapersky and Avira, I gave up when there was no evidence I was doing any good. Last week, I managed to finally get Comodo firewall to install and have been able to somewhat (i hope) controll my computer again. I also have installed Bitdefender (just because I had never used it before) and SuperAntiSpyware (which I don't think is working).
Now to the Blackberry. I began getting popups while using the Bolt browser. I had never had popus. They were usually from MSN messenger or something similar. I also had some of the same strange files on my SD card that began >"MZ" a bunch if symbols and then "this program cannot be run in dos". I found this same stuff all over my computer. My hunch is that it is due to a corrupted or infected dotnetfx.exe that i found on my computer. My data usage on my blackberry was through the roof at over 1GB which is way more than normal. My bluetooth was also going on when it was disabled previously. I also found that my computer was connecting through my blackberry much like a modem (wirelessly). I know this is possible through hacks, but I had never tried to do this. I found this by using tcpview and f-port.
Needless to say this all freaked me out. I have always been security minded and kept my programs up-to-date. When all of this began, I was running Clamwin antivirus, the stock windows firewall, and Malwareytes. My first indication was that Clamwin was skipping temp files, and then came Malwarebytes detecting malware.trace and swizzor.
Please offer any assistance you can.
Thank You
Jeff.t.g.

DDS (Ver_09-12-01.01) - NTFSx86
Run by jeffro at 15:00:04.87 on Wed 02/24/2010
Internet Explorer: 6.0.2900.2180
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.503.18 [GMT -7:00]

AV: Bitdefender Antivirus *On-access scanning enabled* (Updated) {6C4BB89C-B0ED-4F41-A29C-4373888923BB}
AV: COMODO Antivirus *On-access scanning enabled* (Updated) {043803A5-4F86-4ef7-AFC5-F6E02A79969B}
FW: COMODO Firewall *enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}

============== Running Processes ===============

D:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
D:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
D:\WINDOWS\system32\svchost.exe -k netsvcs
D:\Program Files\Intel\Wireless\Bin\EvtEng.exe
D:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
D:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
svchost.exe
svchost.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
D:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
D:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
D:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
D:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe
D:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
D:\WINDOWS\system32\igfxtray.exe
D:\WINDOWS\SOUNDMAN.EXE
D:\WINDOWS\AGRSMMSG.exe
D:\Program Files\ltmoh\Ltmoh.exe
D:\Program Files\EzButton\EzButton.EXE
D:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
D:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
D:\Program Files\COMODO\COMODO Internet Security\cfp.exe
D:\Program Files\Softwin\BitDefender10\bdmcon.exe
D:\Program Files\Softwin\BitDefender10\bdagent.exe
D:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
D:\Program Files\Softwin\BitDefender10\vsserv.exe
D:\WINDOWS\system32\wscntfy.exe
D:\Documents and Settings\jeffro\Desktop\dds.scr

============== Pseudo HJT Report ===============

uRun: [SUPERAntiSpyware] d:\program files\superantispyware\SUPERAntiSpyware.exe
mRun: [IgfxTray] d:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] d:\windows\system32\hkcmd.exe
mRun: [SoundMan] SOUNDMAN.EXE
mRun: [AGRSMMSG] AGRSMMSG.exe
mRun: [LtMoh] d:\program files\ltmoh\Ltmoh.exe
mRun: [EzButton] d:\program files\ezbutton\EzButton.EXE
mRun: [Apoint] d:\program files\apoint2k\Apoint.exe
mRun: [IntelWireless] d:\program files\intel\wireless\bin\ifrmewrk.exe /tf Intel PROSet/Wireless
mRun: [EOUApp] d:\program files\intel\wireless\bin\EOUWiz.exe
mRun: [COMODO Internet Security] "d:\program files\comodo\comodo internet security\cfp.exe" -h
mRun: [BDMCon] "d:\program files\softwin\bitdefender10\bdmcon.exe" /reg
mRun: [BDAgent] "d:\program files\softwin\bitdefender10\bdagent.exe"
Notify: !SASWinLogon - d:\program files\superantispyware\SASWINLO.dll
Notify: igfxcui - igfxsrvc.dll
Notify: IntelWireless - d:\program files\intel\wireless\bin\LgNotify.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - d:\program files\superantispyware\SASSEH.DLL

============= SERVICES / DRIVERS ===============

R1 cmdGuard;COMODO Internet Security Sandbox Driver;d:\windows\system32\drivers\cmdguard.sys [2010-2-20 134344]
R1 cmdHlp;COMODO Internet Security Helper Driver;d:\windows\system32\drivers\cmdhlp.sys [2010-2-20 25160]
R1 SASDIFSV;SASDIFSV;d:\program files\superantispyware\sasdifsv.sys [2010-2-17 12872]
R1 SASKUTIL;SASKUTIL;d:\program files\superantispyware\SASKUTIL.SYS [2010-2-17 66632]
R2 cmdAgent;COMODO Internet Security Helper Service;d:\program files\comodo\comodo internet security\cmdagent.exe [2010-2-20 723632]
R3 SASENUM;SASENUM;d:\program files\superantispyware\SASENUM.SYS [2010-2-17 12872]

=============== Created Last 30 ================


==================== Find3M ====================


============= FINISH: 15:01:43.81 ===============

Attached Files


Edited by Jeff.T.G., 24 February 2010 - 06:31 PM.


BC AdBot (Login to Remove)

 


#2 syler

syler

  • Malware Response Team
  • 8,150 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Warrington, UK
  • Local time:11:10 AM

Posted 26 February 2010 - 09:22 PM

Hello,

My name is Syler and I will be helping you to solve your Malware issues. If you have since resolved your issues I would appreciate if you
would let me no so I can close this topic, if you still need help please let me no what issues you are still having, in your next reply.


I do not recommend that you have more than one anti virus product installed and running on your computer at a time. The reason for this is that if both products have their automatic (Real-Time) protection switched on, then those products which do not encrypt the virus strings within them can cause other anti virus products to cause "false alarms". It can also lead to a clash as both products fight for access to files which are opened again this is the resident/automatic protection. In general terms, the two programs may conflict and cause:
1) False Alarms: When the anti virus software tells you that your PC has a virus when it actually doesn't.
2) System Performance Problems: Your system may lock up due to both products attempting to access the same file at the same time.
Therefore please go to add/remove in the control panel and remove either Bitdefender or COMODO.



We need to create an OTL Report
  1. Please download OTL from one of the following mirrors:
  2. Save it to your desktop.
  3. Double click on the icon on your desktop.
  4. Click the "Scan All Users" checkbox.
    Under the Custom Scans/Fixes box at the bottom, paste in the following bold text.
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %SYSTEMDRIVE%\*.exe
    netsvcs
    msconfig
    /md5start
    proquota.exe
    eventlog.dll
    scecli.dll
    netlogon.dll
    cngaudit.dll
    sceclt.dll
    ntelogon.dll
    logevent.dll
    iaStor.sys
    nvstor.sys
    atapi.sys
    IdeChnDr.sys
    viasraid.sys
    AGP440.sys
    vaxscsi.sys
    nvatabus.sys
    viamraid.sys
    nvata.sys
    nvgts.sys
    iastorv.sys
    ViPrt.sys
    /md5stop
    CREATERESTOREPOINT

  5. Push the button.
  6. Two reports will open, copy and paste them in a reply here:
    • OTL.txt <-- Will be opened
    • Extra.txt <-- Will be minimized


  • Download RootRepeal from the following location and save it to your desktop.
  • Extract the contents of RootRepeal.zip, to your desktop.
  • Double click on your desktop.
  • Click on the report tab, then click scan
  • Check all seven boxes:

  • Click Ok
  • Check the box for your main system drive (Usually C:), and press Ok.
  • Allow RootRepeal to run a scan of your system. This may take some time.
  • Once the scan completes, Click the Save Report button. Save the log as RootRepeal.txt and post it in your next reply.


Then please post back here with the following logs:
  • OTL.txt
  • Extra.txt
  • RootRepeal.txt

Thanks

unite.jpg


#3 Jeff.T.G.

Jeff.T.G.
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:04:10 AM

Posted 27 February 2010 - 01:22 AM

Syler,

Thank you for your response.

I removed BitDefender per your instructions and downloaded both OTL and RootRepeal. OTL froze on "msconfig" and would not complete the scan. I tried running it in safe mode and tried saving it under a random name, neither would work. RootRepeal did run and I have attached the report. I will wait for further instruction.

Thank You,

Jeff.t.g.

Attached Files


Edited by Jeff.T.G., 27 February 2010 - 01:23 AM.


#4 syler

syler

  • Malware Response Team
  • 8,150 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Warrington, UK
  • Local time:11:10 AM

Posted 27 February 2010 - 07:09 PM

I don't see anythiing wrong there, when you say OTL froze how long did you give it? and did you download the latest version from the
link I gave or did you run an older copy you already had?

unite.jpg


#5 Jeff.T.G.

Jeff.T.G.
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:04:10 AM

Posted 27 February 2010 - 07:24 PM

I downloaded OTL from the link you gave me and let it run for a good 45 minutes multiple times. I should also mention that Idisabled autorun through the registry. I found the instructions from a microsoft support article. It has been disabled for about a week. I don"t know if that would have any bearing on the current situation. When autorun is enabled, I cannot stop the remote desktop connection or file/print sharing from going active. If I try to manually close them, access is denied. I also disabled system restore last week. The other strange thing is that after wiping my hard drive and reinstalling xp, I found a version of linux , wich I beleive to be BusyBox, on my harddrive.

#6 syler

syler

  • Malware Response Team
  • 8,150 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Warrington, UK
  • Local time:11:10 AM

Posted 27 February 2010 - 07:27 PM

Autorun won't affect OTL that I am aware of, let's try this instead.

Please download ComboFix from one of these locations:

Link 1
Link 2

* IMPORTANT !!! Save ComboFix.exe to your Desktop
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
  • Double click on ComboFix.exe & follow the prompts.
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Once the Microsoft Windows Recovery Console is installed, click on Yes, to continue scanning for malware.

When finished, it will produce a log for you. Please include the C:\ComboFix.txt in your next reply.

This tool is not a toy and not for everyday use.
ComboFix SHOULD NOT be used unless requested by a forum helper


If you need help, see this link:
http://www.bleepingcomputer.com/combofix/how-to-use-combofix

unite.jpg


#7 Jeff.T.G.

Jeff.T.G.
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:04:10 AM

Posted 27 February 2010 - 09:56 PM

Syler,

Thank you for your prompt response. Attached is the combofix log as requested.

Jeff.t.g.

Attached Files



#8 syler

syler

  • Malware Response Team
  • 8,150 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Warrington, UK
  • Local time:11:10 AM

Posted 01 March 2010 - 02:04 AM

Hi,

Download and Run FlashDisinfector
  • Please download Flash_Disinfector.exe by sUBs and save it to your desktop.
  • Double-click Flash_Disinfector.exe to run it and follow any prompts that may appear.
  • The utility may ask you to insert your flash drive and/or other removable drives including your mobile phone. Please do so and allow the utility to clean up those drives as well.
  • Wait until it has finished scanning and then exit the program.
  • Reboot your computer when done.
Note: Flash_Disinfector will create a hidden file named autorun.inf in each partition and every USB drive plugged in when you ran it. Don't delete this folder. It will help protect your drives from future infection.



1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

3. Open notepad and copy/paste the text in the quotebox below into it:

CODE
SecCenter::
AV: Bitdefender Antivirus *On-access scanning disabled* (Updated) {6C4BB89C-B0ED-4F41-A29C-4373888923BB}
FCopy::
d:\windows\system32\dllcache\wuauclt.exe | d:\windows\system32\wuauclt.exe


Save this as CFScript.txt, in the same location as ComboFix.exe




Refering to the picture above, drag CFScript into ComboFix.exe

When finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply.

unite.jpg


#9 Jeff.T.G.

Jeff.T.G.
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:04:10 AM

Posted 01 March 2010 - 10:34 AM

Syler,

Thank you for your continued help. Attached is the combofix.txt as requested. I also wanted to mention that the only way I can now connect wirelessly to the internet is with Comodo firewall completely disabled. I am not sure if this is my fault due to configuration or something else.

Jeff.t.g.

Attached Files



#10 syler

syler

  • Malware Response Team
  • 8,150 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Warrington, UK
  • Local time:11:10 AM

Posted 01 March 2010 - 03:39 PM

You still have a bad file that we will need to replace using the recovery console, let's see if that makes a difference before doing anything
with comodo but keep it disabled and try running OTL again.
  • Go to Start >> Run
  • Copy and paste the following command line into the Run box, then click OK.
CMD /K COPY d:\windows\system32\dllcache\wuauclt.exe C:\wuauclt.exe
  • The command prompt should pop up and say 1 file(s) copied, if it doesn't please let me know before continuing.
Reboot your computer.

On the black screen with the startup menu select Microsoft Windows Recovery Console.

When the recovery console has started there is a menu where your asked to select which windows installation you want to login to, usually there is only one:

1. d:\WINDOWS

select the number and press Enter

If it ask you to type the administrator password, do so then press Enter.

It should then come up with d:\WINDOWS>

Now type in the following line, then press Enter.

COPY C:\wuauclt.exe d:\windows\system32\wuauclt.exe

It will then ask if you want to overwrite wuauclt.exe, press Y then Enter

If successful it should say "1 file(s) copied"

Then type EXIT and press Enter to reboot the machine.



We need to create an OTL Report
  1. Please download OTL from one of the following mirrors:
  2. Save it to your desktop.
  3. Double click on the icon on your desktop.
  4. Click the "Scan All Users" checkbox.
    Under the Custom Scans/Fixes box at the bottom, paste in the following bold text.
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %SYSTEMDRIVE%\*.exe
    netsvcs
    /md5start
    proquota.exe
    wuauclt.exe
    eventlog.dll
    scecli.dll
    netlogon.dll
    cngaudit.dll
    sceclt.dll
    ntelogon.dll
    logevent.dll
    iaStor.sys
    nvstor.sys
    atapi.sys
    IdeChnDr.sys
    viasraid.sys
    AGP440.sys
    vaxscsi.sys
    nvatabus.sys
    viamraid.sys
    nvata.sys
    nvgts.sys
    iastorv.sys
    ViPrt.sys
    /md5stop
    CREATERESTOREPOINT

  5. Push the button.
  6. Two reports will open, copy and paste them in a reply here:
    • OTL.txt <-- Will be opened
    • Extra.txt <-- Will be minimized

Edited by syler, 01 March 2010 - 03:39 PM.

unite.jpg


#11 Jeff.T.G.

Jeff.T.G.
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:04:10 AM

Posted 01 March 2010 - 04:30 PM

Syler,

Everything went as planned this time. No problems with the file copy or the OTL scan.

Thanks again,
Jeff.t.g.

OTL logfile created on: 3/1/2010 2:17:25 PM - Run 1
OTL by OldTimer - Version 3.1.32.0 Folder = D:\Documents and Settings\jeffro\Desktop
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

503.00 Mb Total Physical Memory | 266.00 Mb Available Physical Memory | 53.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 77.00% Paging File free
Paging file location(s): D:\pagefile.sys 756 1512 [binary data]

%SystemDrive% = D: | %SystemRoot% = D:\WINDOWS | %ProgramFiles% = D:\Program Files
Drive C: | 29.29 Gb Total Space | 29.22 Gb Free Space | 99.75% Space Free | Partition Type: NTFS
Drive D: | 26.59 Gb Total Space | 23.24 Gb Free Space | 87.40% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: JEFF
Current User Name: jeffro
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/03/01 14:16:24 | 000,551,424 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\jeffro\Desktop\OTL.exe
PRC - [2010/02/20 10:29:15 | 000,723,632 | ---- | M] (COMODO) -- D:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
PRC - [2010/02/18 16:40:26 | 002,012,912 | ---- | M] (SUPERAntiSpyware.com) -- D:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2005/01/02 20:21:18 | 000,417,792 | ---- | M] (Dritek System Inc.) -- D:\Program Files\EzButton\EzButton.EXE
PRC - [2004/11/01 18:03:44 | 000,155,648 | R--- | M] (Intel Corporation) -- D:\WINDOWS\system32\igfxtray.exe
PRC - [2004/10/15 11:31:32 | 000,356,352 | ---- | M] (Intel Corporation) -- D:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
PRC - [2004/10/15 11:30:52 | 000,098,304 | ---- | M] (Intel Corporation) -- D:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
PRC - [2004/10/15 11:27:56 | 000,385,024 | ---- | M] (Intel Corporation) -- D:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe
PRC - [2004/10/15 11:27:38 | 000,389,120 | ---- | M] (Intel Corporation) -- D:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe
PRC - [2004/10/15 11:24:48 | 000,360,521 | ---- | M] (Intel Corporation ) -- D:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
PRC - [2004/10/15 11:23:12 | 000,245,760 | ---- | M] (Intel) -- D:\Program Files\Intel\Wireless\Bin\1XConfig.exe
PRC - [2004/10/15 11:22:14 | 000,086,016 | ---- | M] (Intel Corporation) -- D:\Program Files\Intel\Wireless\Bin\EvtEng.exe
PRC - [2004/10/15 11:21:38 | 000,139,264 | ---- | M] (Intel Corporation) -- D:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
PRC - [2004/08/29 22:48:34 | 000,069,632 | ---- | M] (Realtek Semiconductor Corp.) -- D:\WINDOWS\SOUNDMAN.EXE
PRC - [2004/08/04 05:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\explorer.exe
PRC - [2003/04/28 00:08:22 | 000,184,320 | ---- | M] (Agere Systems) -- D:\Program Files\ltmoh\ltmoh.exe


========== Modules (SafeList) ==========

MOD - [2010/03/01 14:16:24 | 000,551,424 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\jeffro\Desktop\OTL.exe
MOD - [2010/02/20 10:29:16 | 000,171,552 | ---- | M] (COMODO) -- D:\WINDOWS\system32\guard32.dll
MOD - [2004/08/04 05:00:00 | 001,050,624 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (RoxLiveShare9)
SRV - [2010/02/20 10:29:15 | 000,723,632 | ---- | M] (COMODO) [Auto | Running] -- D:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV - [2004/10/15 11:30:52 | 000,098,304 | ---- | M] (Intel Corporation) [Auto | Running] -- D:\Program Files\Intel\Wireless\Bin\OProtSvc.exe -- (OwnershipProtocol)
SRV - [2004/10/15 11:24:48 | 000,360,521 | ---- | M] (Intel Corporation ) [Auto | Running] -- D:\Program Files\Intel\Wireless\Bin\S24EvMon.exe -- (S24EventMonitor)
SRV - [2004/10/15 11:22:14 | 000,086,016 | ---- | M] (Intel Corporation) [Auto | Running] -- D:\Program Files\Intel\Wireless\Bin\EvtEng.exe -- (EvtEng)
SRV - [2004/10/15 11:21:38 | 000,139,264 | ---- | M] (Intel Corporation) [Auto | Running] -- D:\Program Files\Intel\Wireless\Bin\RegSrvc.exe -- (RegSrvc)


========== Driver Services (SafeList) ==========

DRV - [2010/02/20 10:29:16 | 000,134,344 | ---- | M] (COMODO) [File_System | System | Running] -- D:\WINDOWS\system32\drivers\cmdguard.sys -- (cmdGuard)
DRV - [2010/02/20 10:29:16 | 000,087,104 | ---- | M] (COMODO) [Kernel | Boot | Running] -- D:\WINDOWS\System32\DRIVERS\inspect.sys -- (Inspect)
DRV - [2010/02/20 10:29:16 | 000,025,160 | ---- | M] (COMODO) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\cmdhlp.sys -- (cmdHlp)
DRV - [2010/02/19 20:07:04 | 000,017,119 | ---- | M] (Meetinghouse Data Communications) [Kernel | Auto | Running] -- D:\WINDOWS\system32\drivers\AegisP.sys -- (AegisP) AEGIS Protocol (IEEE 802.1x)
DRV - [2010/02/17 10:25:50 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- D:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2010/02/17 10:15:58 | 000,066,632 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- D:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/02/17 10:15:58 | 000,012,872 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Running] -- D:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2009/01/09 16:18:02 | 000,027,136 | R--- | M] (Research in Motion Ltd) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\RimSerial.sys -- (RimVSerPort)
DRV - [2008/05/20 19:33:50 | 000,022,784 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\RimUsb.sys -- (RimUsb)
DRV - [2004/12/14 03:00:58 | 000,016,896 | ---- | M] (Dritek System Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\DKbFltr.SYS -- (DKbFltr)
DRV - [2004/12/09 19:40:32 | 000,036,864 | R--- | M] (ENE Technology Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\ESD7SK.sys -- (ESDCR)
DRV - [2004/12/09 19:40:24 | 000,057,984 | R--- | M] (ENE Technology Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\EMS7SK.sys -- (EMSCR)
DRV - [2004/12/02 01:36:08 | 000,070,912 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\Rtlnicxp.sys -- (RTL8023xp)
DRV - [2004/11/01 18:27:20 | 000,773,565 | R--- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\ialmnt5.sys -- (ialm)
DRV - [2004/10/29 18:48:10 | 003,222,784 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\w29n51.sys -- (w29n51) Intel®
DRV - [2004/10/15 11:20:04 | 000,011,354 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- D:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2004/08/30 02:36:24 | 000,637,713 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2004/08/12 08:44:04 | 000,234,496 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\iwca.sys -- (IWCA)
DRV - [2004/08/04 05:00:00 | 000,027,440 | ---- | M] () [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2004/08/04 05:00:00 | 000,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2004/08/04 05:00:00 | 000,005,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\rootmdm.sys -- (ROOTMODEM)
DRV - [2004/07/21 23:50:16 | 001,268,234 | R--- | M] (Agere Systems) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2004/02/23 20:08:52 | 000,400,384 | ---- | M] (Sensaura) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\ALCXSENS.SYS -- (ALCXSENS)
DRV - [2003/10/10 18:26:50 | 000,096,079 | R--- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm


IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-746137067-839522115-1589649091-1004\S-1-5-21-746137067-839522115-1589649091-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



O1 HOSTS File: ([2010/03/01 08:15:56 | 000,000,027 | ---- | M]) - D:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O4 - HKLM..\Run: [AGRSMMSG] D:\WINDOWS\AGRSMMSG.exe (Agere Systems)
O4 - HKLM..\Run: [Apoint] D:\Program Files\Apoint2K\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [COMODO Internet Security] D:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4 - HKLM..\Run: [EOUApp] D:\Program Files\Intel\Wireless\Bin\EOUWiz.exe (Intel Corporation)
O4 - HKLM..\Run: [EzButton] D:\Program Files\EzButton\EzButton.EXE (Dritek System Inc.)
O4 - HKLM..\Run: [HotKeysCmds] D:\WINDOWS\system32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [IgfxTray] D:\WINDOWS\system32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [IntelWireless] D:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation)
O4 - HKLM..\Run: [LtMoh] D:\Program Files\ltmoh\ltmoh.exe (Agere Systems)
O4 - HKLM..\Run: [SoundMan] D:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKU\S-1-5-21-746137067-839522115-1589649091-1004..\Run: [SUPERAntiSpyware] D:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-746137067-839522115-1589649091-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-746137067-839522115-1589649091-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-746137067-839522115-1589649091-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-746137067-839522115-1589649091-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-746137067-839522115-1589649091-1004_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O20 - AppInit_DLLs: (D:\WINDOWS\system32\guard32.dll) - D:\WINDOWS\system32\guard32.dll (COMODO)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - D:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - D:\Program Files\SUPERAntiSpyware\SASWINLO.dll - D:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - D:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O20 - Winlogon\Notify\IntelWireless: DllName - D:\Program Files\Intel\Wireless\Bin\LgNotify.dll - D:\Program Files\Intel\Wireless\Bin\LgNotify.dll (Intel Corporation)
O24 - Desktop WallPaper: D:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: D:\WINDOWS\Web\Wallpaper\Bliss.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - D:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/02/19 19:17:59 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010/03/01 07:56:33 | 000,000,000 | R--D | M] - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010/03/01 07:56:34 | 000,000,000 | R--D | M] - D:\autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - D:\WINDOWS\system32\ias [2010/02/19 19:17:19 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Wmi - D:\WINDOWS\system32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (17454841580224512)

========== Files/Folders - Created Within 30 Days ==========

[2010/03/01 14:16:20 | 000,551,424 | ---- | C] (OldTimer Tools) -- D:\Documents and Settings\jeffro\Desktop\OTL.exe
[2010/03/01 08:18:09 | 000,000,000 | ---D | C] -- D:\WINDOWS\temp
[2010/03/01 08:08:35 | 000,031,232 | ---- | C] (NirSoft) -- D:\WINDOWS\NIRCMD.exe
[2010/03/01 07:56:34 | 000,000,000 | R--D | C] -- D:\autorun.inf
[2010/02/27 19:39:11 | 000,212,480 | ---- | C] (SteelWerX) -- D:\WINDOWS\SWXCACLS.exe
[2010/02/27 19:39:11 | 000,161,792 | ---- | C] (SteelWerX) -- D:\WINDOWS\SWREG.exe
[2010/02/27 19:39:11 | 000,136,704 | ---- | C] (SteelWerX) -- D:\WINDOWS\SWSC.exe
[2010/02/27 19:39:03 | 000,000,000 | ---D | C] -- D:\WINDOWS\ERDNT
[2010/02/27 19:38:47 | 000,000,000 | ---D | C] -- D:\Qoobox
[2010/02/26 23:04:57 | 000,472,064 | ---- | C] ( ) -- D:\Documents and Settings\jeffro\Desktop\RootRepeal.exe
[2010/02/26 22:15:43 | 000,549,888 | ---- | C] (OldTimer Tools) -- D:\Documents and Settings\jeffro\Desktop\rename.exe
[2010/02/26 22:10:00 | 000,000,000 | RH-D | C] -- D:\Documents and Settings\jeffro\Recent
[2010/02/24 14:13:30 | 000,000,000 | ---D | C] -- D:\Documents and Settings\jeffro\Desktop\Tools
[2010/02/24 14:12:42 | 000,000,000 | ---D | C] -- D:\Documents and Settings\jeffro\Desktop\blackberry
[2010/02/21 20:24:02 | 000,000,000 | ---D | C] -- D:\Program Files\TrendMicro
[2010/02/21 19:17:08 | 000,000,000 | ---D | C] -- D:\Documents and Settings\jeffro\Local Settings\Application Data\COMODO
[2010/02/21 11:31:52 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Application Data\Kaspersky Lab
[2010/02/20 19:52:11 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2010/02/20 19:51:53 | 000,000,000 | ---D | C] -- D:\Documents and Settings\jeffro\Application Data\SUPERAntiSpyware.com
[2010/02/20 19:51:53 | 000,000,000 | ---D | C] -- D:\Program Files\SUPERAntiSpyware
[2010/02/20 19:51:27 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\Wise Installation Wizard
[2010/02/20 19:43:11 | 000,050,688 | ---- | C] (Atribune.org) -- D:\Documents and Settings\jeffro\Desktop\ATF-Cleaner.exe
[2010/02/20 16:33:21 | 000,000,000 | ---D | C] -- D:\Documents and Settings\jeffro\Local Settings\Application Data\lyricidal
[2010/02/20 16:17:07 | 000,000,000 | ---D | C] -- D:\Documents and Settings\jeffro\Application Data\WinRAR
[2010/02/20 15:46:17 | 000,000,000 | ---D | C] -- D:\Documents and Settings\jeffro\Application Data\Research In Motion
[2010/02/20 15:46:09 | 000,026,496 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\usbstor.sys
[2010/02/20 15:45:59 | 000,031,616 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\usbccgp.sys
[2010/02/20 15:43:52 | 000,000,000 | ---D | C] -- D:\Program Files\BBSAK
[2010/02/20 15:34:17 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Application Data\Research In Motion
[2010/02/20 15:33:56 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\Research In Motion
[2010/02/20 15:33:55 | 000,000,000 | ---D | C] -- D:\Program Files\Research In Motion
[2010/02/20 15:23:27 | 000,000,000 | R-SD | C] -- D:\WINDOWS\assembly
[2010/02/20 15:22:44 | 000,000,000 | ---D | C] -- D:\WINDOWS\Microsoft.NET
[2010/02/20 15:13:41 | 000,000,000 | ---D | C] -- D:\Program Files\WinRAR
[2010/02/20 13:55:52 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Application Data\InstallShield
[2010/02/20 13:55:44 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Application Data\Sonic
[2010/02/20 13:50:35 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Application Data\Roxio
[2010/02/20 13:50:26 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\Roxio Shared
[2010/02/20 13:44:13 | 000,000,000 | ---D | C] -- D:\WINDOWS\RegisteredPackages
[2010/02/20 13:42:35 | 000,027,136 | R--- | C] (Research in Motion Ltd) -- D:\WINDOWS\System32\drivers\RimSerial.sys
[2010/02/20 13:36:10 | 000,000,000 | ---D | C] -- D:\Documents and Settings\jeffro\Application Data\Macromedia
[2010/02/20 13:35:54 | 000,000,000 | -HSD | C] -- D:\WINDOWS\ftpcache
[2010/02/20 13:10:38 | 000,000,000 | ---D | C] -- D:\Program Files\MSXML 6.0
[2010/02/20 13:09:50 | 000,013,536 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\spmsg.dll
[2010/02/20 13:09:31 | 000,000,000 | -H-D | C] -- D:\WINDOWS\$MSI31Uninstall_KB893803v2$
[2010/02/20 12:23:42 | 022,103,392 | ---- | C] (Microsoft Corporation) -- D:\Documents and Settings\jeffro\Desktop\new.exe
[2010/02/20 10:43:14 | 000,343,040 | ---- | C] (lyricidal) -- D:\Documents and Settings\jeffro\Desktop\Shrink-A-OS.exe
[2010/02/20 10:29:22 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Application Data\Comodo
[2010/02/20 10:29:19 | 000,171,552 | ---- | C] (COMODO) -- D:\WINDOWS\System32\guard32.dll
[2010/02/20 10:29:19 | 000,134,344 | ---- | C] (COMODO) -- D:\WINDOWS\System32\drivers\cmdguard.sys
[2010/02/20 10:29:19 | 000,087,104 | ---- | C] (COMODO) -- D:\WINDOWS\System32\drivers\inspect.sys
[2010/02/20 10:29:19 | 000,025,160 | ---- | C] (COMODO) -- D:\WINDOWS\System32\drivers\cmdhlp.sys
[2010/02/20 10:29:16 | 000,000,000 | ---D | C] -- D:\Program Files\COMODO
[2010/02/20 10:14:03 | 000,000,000 | ---D | C] -- D:\Program Files\CCleaner
[2010/02/20 09:00:33 | 000,000,000 | ---D | C] -- D:\WINDOWS\setup.pss
[2010/02/20 08:50:50 | 000,163,840 | R--- | C] (Intel Corporation) -- D:\WINDOWS\System32\igfxres.dll
[2010/02/19 20:07:27 | 000,000,000 | ---D | C] -- D:\Documents and Settings\jeffro\Application Data\Intel
[2010/02/19 20:07:04 | 000,017,119 | ---- | C] (Meetinghouse Data Communications) -- D:\WINDOWS\System32\drivers\AegisP.sys
[2010/02/19 20:06:47 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Application Data\Intel
[2010/02/19 20:05:56 | 001,654,784 | ---- | C] (Intel Corporation) -- D:\WINDOWS\System32\W29MLRES.DLL
[2010/02/19 20:04:16 | 000,096,079 | R--- | C] (Alps Electric Co., Ltd.) -- D:\WINDOWS\System32\drivers\Apfiltr.sys
[2010/02/19 20:04:16 | 000,087,821 | R--- | C] (Alps Electric Co., Ltd.) -- D:\WINDOWS\System32\Vxdif.dll
[2010/02/19 20:04:16 | 000,000,000 | ---D | C] -- D:\Program Files\Apoint2K
[2010/02/19 20:03:27 | 000,000,000 | ---D | C] -- D:\Program Files\EzButton
[2010/02/19 20:02:20 | 000,057,984 | R--- | C] (ENE Technology Inc.) -- D:\WINDOWS\System32\drivers\EMS7SK.sys
[2010/02/19 20:02:18 | 000,036,864 | R--- | C] (ENE Technology Inc.) -- D:\WINDOWS\System32\drivers\ESD7SK.sys
[2010/02/19 20:01:06 | 000,064,512 | ---- | C] (Agere Systems) -- D:\WINDOWS\System32\agrsmdel.exe
[2010/02/19 20:01:06 | 000,000,000 | ---D | C] -- D:\Program Files\ltmoh
[2010/02/19 20:01:02 | 001,268,234 | R--- | C] (Agere Systems) -- D:\WINDOWS\System32\drivers\AGRSM.sys
[2010/02/19 20:01:02 | 000,088,361 | R--- | C] (Agere Systems) -- D:\WINDOWS\AGRSMMSG.exe
[2010/02/19 20:01:02 | 000,064,512 | R--- | C] (Agere Systems) -- D:\WINDOWS\agrsmdel.exe
[2010/02/19 19:59:25 | 000,070,912 | ---- | C] (Realtek Semiconductor Corporation ) -- D:\WINDOWS\System32\drivers\Rtlnicxp.sys
[2010/02/19 19:59:24 | 000,000,000 | ---D | C] -- D:\WINDOWS\OPTIONS
[2010/02/19 19:53:20 | 000,006,400 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\splitter.sys
[2010/02/19 19:53:18 | 000,082,944 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wdmaud.sys
[2010/02/19 19:53:16 | 000,052,864 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\dmusic.sys
[2010/02/19 19:53:11 | 000,054,272 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\swmidi.sys
[2010/02/19 19:53:08 | 000,142,464 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\aec.sys
[2010/02/19 19:53:06 | 000,171,776 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kmixer.sys
[2010/02/19 19:53:05 | 000,002,944 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\drmkaud.sys
[2010/02/19 19:53:03 | 000,060,800 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\sysaudio.sys
[2010/02/19 19:53:01 | 000,007,552 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\mskssrv.sys
[2010/02/19 19:52:59 | 000,004,992 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\mspqm.sys
[2010/02/19 19:52:56 | 000,005,376 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\mspclock.sys
[2010/02/19 19:52:44 | 000,145,792 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\drivers\portcls.sys
[2010/02/19 19:52:44 | 000,145,792 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\portcls.sys
[2010/02/19 19:52:44 | 000,130,048 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\ksproxy.ax
[2010/02/19 19:52:44 | 000,130,048 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\ksproxy.ax
[2010/02/19 19:52:44 | 000,060,288 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\drivers\drmk.sys
[2010/02/19 19:52:44 | 000,060,288 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\drmk.sys
[2010/02/19 19:52:44 | 000,004,096 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\ksuser.dll
[2010/02/19 19:52:44 | 000,004,096 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\ksuser.dll
[2010/02/19 19:52:41 | 000,000,000 | ---D | C] -- D:\Program Files\Realtek Sound Manager
[2010/02/19 19:52:36 | 000,000,000 | ---D | C] -- D:\Program Files\AvRack
[2010/02/19 19:52:34 | 000,765,952 | ---- | C] (Sensaura Ltd) -- D:\WINDOWS\System\crlds3d.dll
[2010/02/19 19:52:33 | 000,065,536 | ---- | C] (Sensaura Ltd) -- D:\WINDOWS\System32\Audio3D.dll
[2010/02/19 19:52:33 | 000,065,536 | ---- | C] (Sensaura Ltd) -- D:\WINDOWS\System32\dllcache\a3d.dll
[2010/02/19 19:52:33 | 000,065,536 | ---- | C] (Sensaura Ltd) -- D:\WINDOWS\System32\a3d.dll
[2010/02/19 19:52:32 | 000,400,384 | ---- | C] (Sensaura) -- D:\WINDOWS\System32\drivers\ALCXSENS.SYS
[2010/02/19 19:52:31 | 000,637,713 | ---- | C] (Realtek Semiconductor Corp.) -- D:\WINDOWS\System32\drivers\ALCXWDM.SYS
[2010/02/19 19:52:31 | 000,069,632 | ---- | C] (Realtek Semiconductor Corp.) -- D:\WINDOWS\SOUNDMAN.EXE
[2010/02/19 19:52:25 | 009,120,768 | ---- | C] (Realtek Semiconductor Corp.) -- D:\WINDOWS\System32\RTLCPL.EXE
[2010/02/19 19:52:14 | 015,646,720 | ---- | C] (Realtek Semiconductor Corp.) -- D:\WINDOWS\System32\ALSNDMGR.CPL
[2010/02/19 19:52:14 | 000,208,896 | ---- | C] (Realtek Semiconductor Corp.) -- D:\WINDOWS\alcupd.exe
[2010/02/19 19:52:14 | 000,139,264 | ---- | C] (Realtek Semiconductor Corp.) -- D:\WINDOWS\alcrmv.exe
[2010/02/19 19:50:10 | 000,512,000 | R--- | C] (Intel Corporation) -- D:\WINDOWS\System32\ialmgdev.dll
[2010/02/19 19:50:10 | 000,061,440 | R--- | C] (Intel Corporation) -- D:\WINDOWS\System32\iAlmCoIn_v3943.dll
[2010/02/19 19:50:08 | 002,289,664 | R--- | C] (Intel Corporation) -- D:\WINDOWS\System32\ialmgicd.dll
[2010/02/19 19:50:08 | 000,172,032 | R--- | C] (Intel Corporation) -- D:\WINDOWS\System32\igfxrell.lrc
[2010/02/19 19:50:08 | 000,167,936 | R--- | C] (Intel Corporation) -- D:\WINDOWS\System32\igfxrhun.lrc
[2010/02/19 19:50:08 | 000,163,840 | R--- | C] (Intel Corporation) -- D:\WINDOWS\System32\igfxrtrk.lrc
[2010/02/19 19:50:08 | 000,106,496 | R--- | C] (Intel Corporation) -- D:\WINDOWS\System32\igfxext.exe
[2010/02/19 19:50:08 | 000,049,152 | R--- | C] (Intel Corporation) -- D:\WINDOWS\System32\ialmrem.dll
[2010/02/19 19:50:08 | 000,036,864 | R--- | C] (Intel Corporation) -- D:\WINDOWS\System32\igfxexps.dll
[2010/02/19 19:50:07 | 000,167,936 | R--- | C] (Intel Corporation) -- D:\WINDOWS\System32\igfxrrus.lrc
[2010/02/19 19:50:07 | 000,167,936 | R--- | C] (Intel Corporation) -- D:\WINDOWS\System32\igfxrptg.lrc
[2010/02/19 19:50:07 | 000,167,936 | R--- | C] (Intel Corporation) -- D:\WINDOWS\System32\igfxrptb.lrc
[2010/02/19 19:50:07 | 000,167,936 | R--- | C] (Intel Corporation) -- D:\WINDOWS\System32\igfxrplk.lrc
[2010/02/19 19:50:07 | 000,167,936 | R--- | C] (Intel Corporation) -- D:\WINDOWS\System32\igfxrnld.lrc
[2010/02/19 19:50:07 | 000,167,936 | R--- | C] (Intel Corporation) -- D:\WINDOWS\System32\igfxrcsy.lrc
[2010/02/19 19:50:07 | 000,163,840 | R--- | C] (Intel Corporation) -- D:\WINDOWS\System32\igfxrtha.lrc
[2010/02/19 19:50:07 | 000,163,840 | R--- | C] (Intel Corporation) -- D:\WINDOWS\System32\igfxrsve.lrc
[2010/02/19 19:50:07 | 000,163,840 | R--- | C] (Intel Corporation) -- D:\WINDOWS\System32\igfxrnor.lrc
[2010/02/19 19:50:07 | 000,163,840 | R--- | C] (Intel Corporation) -- D:\WINDOWS\System32\igfxrkor.lrc
[2010/02/19 19:50:06 | 000,172,032 | R--- | C] (Intel Corporation) -- D:\WINDOWS\System32\igfxresp.lrc
[2010/02/19 19:50:06 | 000,167,936 | R--- | C] (Intel Corporation) -- D:\WINDOWS\System32\igfxrita.lrc
[2010/02/19 19:50:06 | 000,167,936 | R--- | C] (Intel Corporation) -- D:\WINDOWS\System32\igfxrfrc.lrc
[2010/02/19 19:50:06 | 000,167,936 | R--- | C] (Intel Corporation) -- D:\WINDOWS\System32\igfxrfra.lrc
[2010/02/19 19:50:06 | 000,167,936 | R--- | C] (Intel Corporation) -- D:\WINDOWS\System32\igfxrdeu.lrc
[2010/02/19 19:50:06 | 000,163,840 | R--- | C] (Intel Corporation) -- D:\WINDOWS\System32\igfxrjpn.lrc
[2010/02/19 19:50:06 | 000,163,840 | R--- | C] (Intel Corporation) -- D:\WINDOWS\System32\igfxrheb.lrc
[2010/02/19 19:50:06 | 000,163,840 | R--- | C] (Intel Corporation) -- D:\WINDOWS\System32\igfxrfin.lrc
[2010/02/19 19:50:06 | 000,163,840 | R--- | C] (Intel Corporation) -- D:\WINDOWS\System32\igfxreng.lrc
[2010/02/19 19:50:05 | 000,163,840 | R--- | C] (Intel Corporation) -- D:\WINDOWS\System32\igfxrdan.lrc
[2010/02/19 19:50:05 | 000,163,840 | R--- | C] (Intel Corporation) -- D:\WINDOWS\System32\igfxrcht.lrc
[2010/02/19 19:50:05 | 000,163,840 | R--- | C] (Intel Corporation) -- D:\WINDOWS\System32\igfxrchs.lrc
[2010/02/19 19:50:05 | 000,163,840 | R--- | C] (Intel Corporation) -- D:\WINDOWS\System32\igfxrarb.lrc
[2010/02/19 19:50:05 | 000,163,840 | R--- | C] (Intel Corporation) -- D:\WINDOWS\System32\igfxrara.lrc
[2010/02/19 19:50:03 | 001,245,184 | R--- | C] (Intel Corporation) -- D:\WINDOWS\System32\igfxress.dll
[2010/02/19 19:50:03 | 000,126,976 | R--- | C] (Intel Corporation) -- D:\WINDOWS\System32\hkcmd.exe
[2010/02/19 19:50:02 | 000,163,840 | R--- | C] (Intel Corporation) -- D:\WINDOWS\System32\igfxrenu.lrc
[2010/02/19 19:50:02 | 000,155,648 | R--- | C] (Intel Corporation) -- D:\WINDOWS\System32\igfxtray.exe
[2010/02/19 19:50:02 | 000,131,072 | R--- | C] (Intel Corporation) -- D:\WINDOWS\System32\igfxhk.dll
[2010/02/19 19:50:02 | 000,114,688 | R--- | C] (Intel Corporation) -- D:\WINDOWS\System32\igfxzoom.exe
[2010/02/19 19:50:02 | 000,086,016 | R--- | C] (Intel Corporation) -- D:\WINDOWS\System32\igfxdo.dll
[2010/02/19 19:50:01 | 000,503,808 | R--- | C] (Intel Corporation) -- D:\WINDOWS\System32\igfxcfg.exe
[2010/02/19 19:50:01 | 000,225,280 | R--- | C] (Intel Corporation) -- D:\WINDOWS\System32\igfxeud.dll
[2010/02/19 19:50:01 | 000,151,552 | R--- | C] (Intel Corporation) -- D:\WINDOWS\System32\igfxdiag.exe
[2010/02/19 19:50:01 | 000,139,264 | R--- | C] (Intel Corporation) -- D:\WINDOWS\System32\igfxdev.dll
[2010/02/19 19:50:01 | 000,094,208 | R--- | C] (Intel Corporation) -- D:\WINDOWS\System32\igfxcpl.cpl
[2010/02/19 19:50:01 | 000,045,056 | R--- | C] (Intel Corporation) -- D:\WINDOWS\System32\igfxdgps.dll
[2010/02/19 19:50:00 | 000,348,160 | R--- | C] (Intel Corporation) -- D:\WINDOWS\System32\igfxsrvc.dll
[2010/02/19 19:50:00 | 000,225,280 | R--- | C] (Intel Corporation) -- D:\WINDOWS\System32\igfxpph.dll
[2010/02/19 19:50:00 | 000,118,784 | R--- | C] (Intel Corporation) -- D:\WINDOWS\System32\hccutils.dll
[2010/02/19 19:50:00 | 000,069,632 | R--- | C] (Intel Corporation) -- D:\WINDOWS\System32\oemdspif.dll
[2010/02/19 19:49:59 | 000,819,259 | R--- | C] (Intel Corporation) -- D:\WINDOWS\System32\ialmdd5.dll
[2010/02/19 19:49:59 | 000,773,565 | R--- | C] (Intel Corporation) -- D:\WINDOWS\System32\drivers\ialmnt5.sys
[2010/02/19 19:49:59 | 000,164,475 | R--- | C] (Intel Corporation) -- D:\WINDOWS\System32\ialmdev5.dll
[2010/02/19 19:49:59 | 000,100,924 | R--- | C] (Intel Corporation) -- D:\WINDOWS\System32\ialmdnt5.dll
[2010/02/19 19:49:59 | 000,037,951 | R--- | C] (Intel Corporation) -- D:\WINDOWS\System32\ialmrnt5.dll
[2010/02/19 19:31:35 | 000,000,000 | ---D | C] -- D:\Program Files\Intel
[2010/02/19 19:30:52 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\ReinstallBackups
[2010/02/19 19:30:48 | 000,000,000 | -H-D | C] -- D:\Program Files\InstallShield Installation Information
[2010/02/19 19:30:38 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\InstallShield
[2010/02/19 19:24:06 | 000,000,000 | ---D | C] -- D:\Documents and Settings\jeffro\Application Data\Identities
[2010/02/19 19:24:04 | 000,000,000 | -H-D | C] -- D:\Program Files\Uninstall Information
[2010/02/19 19:24:00 | 000,000,000 | R--D | C] -- D:\Documents and Settings\jeffro\My Documents\My Pictures
[2010/02/19 19:24:00 | 000,000,000 | R--D | C] -- D:\Documents and Settings\jeffro\My Documents\My Music
[2010/02/19 19:23:56 | 000,000,000 | --SD | C] -- D:\Documents and Settings\jeffro\Application Data\Microsoft
[2010/02/19 19:23:56 | 000,000,000 | --SD | C] -- D:\Documents and Settings\jeffro\Cookies
[2010/02/19 19:23:56 | 000,000,000 | RH-D | C] -- D:\Documents and Settings\jeffro\Application Data
[2010/02/19 19:23:56 | 000,000,000 | R--D | C] -- D:\Documents and Settings\jeffro\My Documents
[2010/02/19 19:23:56 | 000,000,000 | R--D | C] -- D:\Documents and Settings\jeffro\Favorites
[2010/02/19 19:23:56 | 000,000,000 | -H-D | C] -- D:\Documents and Settings\jeffro\NetHood
[2010/02/19 19:23:56 | 000,000,000 | -H-D | C] -- D:\Documents and Settings\jeffro\Local Settings
[2010/02/19 19:23:56 | 000,000,000 | ---D | C] -- D:\Documents and Settings\jeffro\Local Settings\Application Data\Microsoft
[2010/02/19 19:23:56 | 000,000,000 | ---D | C] -- D:\Documents and Settings\jeffro\Desktop
[2010/02/19 19:23:55 | 000,000,000 | RH-D | C] -- D:\Documents and Settings\jeffro\SendTo
[2010/02/19 19:23:55 | 000,000,000 | R--D | C] -- D:\Documents and Settings\jeffro\Start Menu
[2010/02/19 19:23:55 | 000,000,000 | -H-D | C] -- D:\Documents and Settings\jeffro\Templates
[2010/02/19 19:23:55 | 000,000,000 | -H-D | C] -- D:\Documents and Settings\jeffro\PrintHood
[2010/02/19 19:22:52 | 000,000,000 | ---D | C] -- D:\WINDOWS\SoftwareDistribution
[2010/02/19 19:22:50 | 000,000,000 | --SD | C] -- D:\WINDOWS\System32\Microsoft
[2010/02/19 19:22:50 | 000,000,000 | ---D | C] -- D:\WINDOWS\Prefetch
[2010/02/19 19:22:49 | 000,000,000 | ---D | M] -- D:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2010/02/19 19:22:31 | 000,000,000 | ---D | M] -- D:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2010/02/19 19:20:47 | 000,156,672 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\winzm.ime
[2010/02/19 19:20:47 | 000,156,672 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\winsp.ime
[2010/02/19 19:20:47 | 000,156,672 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\winpy.ime
[2010/02/19 19:20:46 | 000,069,120 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wingb.ime
[2010/02/19 19:20:46 | 000,065,536 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\winime.ime
[2010/02/19 19:20:45 | 000,079,360 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\winar30.ime
[2010/02/19 19:20:45 | 000,031,232 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\weitekp9.sys
[2010/02/19 19:20:44 | 000,041,600 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\weitekp9.dll
[2010/02/19 19:20:43 | 000,048,256 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\w32.dll
[2010/02/19 19:20:42 | 000,426,041 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\voicepad.dll
[2010/02/19 19:20:42 | 000,086,073 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\voicesub.dll
[2010/02/19 19:20:39 | 000,076,288 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\uniime.dll
[2010/02/19 19:20:39 | 000,065,024 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\unicdime.ime
[2010/02/19 19:20:39 | 000,014,336 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\tsprof.exe
[2010/02/19 19:20:37 | 000,455,168 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\tintsetp.exe
[2010/02/19 19:20:37 | 000,044,032 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\tintlphr.exe
[2010/02/19 19:20:37 | 000,010,240 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\tmigrate.dll
[2010/02/19 19:20:36 | 000,571,392 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\tintlgnt.ime
[2010/02/19 19:20:36 | 000,185,344 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\thawbrkr.dll
[2010/02/19 19:20:35 | 000,021,896 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\tdipx.sys
[2010/02/19 19:20:35 | 000,019,464 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\tdspx.sys
[2010/02/19 19:20:35 | 000,013,192 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\tdasync.sys
[2010/02/19 19:20:33 | 000,101,376 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\srusbusd.dll
[2010/02/19 19:20:31 | 000,143,422 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\softkey.dll
[2010/02/19 19:20:30 | 000,188,416 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\snmpsmir.dll
[2010/02/19 19:20:30 | 000,040,448 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\snmpthrd.dll
[2010/02/19 19:20:30 | 000,010,240 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\snmpstup.dll
[2010/02/19 19:20:30 | 000,008,704 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\snmptrap.exe
[2010/02/19 19:20:30 | 000,007,168 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll
[2010/02/19 19:20:30 | 000,006,144 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\snmpmib.dll
[2010/02/19 19:20:29 | 000,456,704 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\smtpsvc.dll
[2010/02/19 19:20:29 | 000,358,400 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\snmpincl.dll
[2010/02/19 19:20:29 | 000,259,072 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\snmpcl.dll
[2010/02/19 19:20:29 | 000,032,768 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\snmp.exe
[2010/02/19 19:20:28 | 000,236,544 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\smi2smir.exe
[2010/02/19 19:20:28 | 000,031,744 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\smb6w.dll
[2010/02/19 19:20:28 | 000,015,872 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\smierrsm.dll
[2010/02/19 19:20:28 | 000,012,288 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll
[2010/02/19 19:20:28 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\smimsgif.dll
[2010/02/19 19:20:28 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\smierrsy.dll
[2010/02/19 19:20:27 | 000,038,912 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\sm9aw.dll
[2010/02/19 19:20:27 | 000,031,744 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\sma3w.dll
[2010/02/19 19:20:27 | 000,030,208 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\sm87w.dll
[2010/02/19 19:20:27 | 000,029,184 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\sm8cw.dll
[2010/02/19 19:20:27 | 000,026,624 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\sm93w.dll
[2010/02/19 19:20:27 | 000,026,624 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\sm92w.dll
[2010/02/19 19:20:27 | 000,026,112 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\sm90w.dll
[2010/02/19 19:20:27 | 000,026,112 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\sm8dw.dll
[2010/02/19 19:20:27 | 000,026,112 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\sm8aw.dll
[2010/02/19 19:20:27 | 000,026,112 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\sm89w.dll
[2010/02/19 19:20:26 | 000,030,208 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\sm81w.dll
[2010/02/19 19:20:26 | 000,025,088 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\sm59w.dll
[2010/02/19 19:20:26 | 000,018,944 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\simptcp.dll
[2010/02/19 19:20:22 | 000,057,856 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\EXCH_scripto.dll
[2010/02/19 19:20:22 | 000,026,112 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\EXCH_seos.dll
[2010/02/19 19:20:20 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- D:\WINDOWS\System32\dllcache\rwia330.dll
[2010/02/19 19:20:20 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- D:\WINDOWS\System32\dllcache\rwia001.dll
[2010/02/19 19:20:20 | 000,026,624 | ---- | C] (Ricoh Co., Ltd.) -- D:\WINDOWS\System32\dllcache\rw330ext.dll
[2010/02/19 19:20:20 | 000,024,576 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\rw001ext.dll
[2010/02/19 19:20:19 | 000,026,112 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\romanime.ime
[2010/02/19 19:20:18 | 000,023,040 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\EXCH_regtrace.exe
[2010/02/19 19:20:18 | 000,014,848 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\register.exe
[2010/02/19 19:20:16 | 000,077,824 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\quick.ime
[2010/02/19 19:20:16 | 000,020,736 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\ramdisk.sys
[2010/02/19 19:20:16 | 000,016,384 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\quser.exe
[2010/02/19 19:20:15 | 000,009,728 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\query.exe
[2010/02/19 19:20:13 | 000,131,584 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\pmxviceo.dll
[2010/02/19 19:20:13 | 000,070,144 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\pintlphr.exe
[2010/02/19 19:20:13 | 000,067,584 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\pmigrate.dll
[2010/02/19 19:20:13 | 000,011,264 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\pmxmcro.dll
[2010/02/19 19:20:13 | 000,006,144 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\pmxgl.dll
[2010/02/19 19:20:12 | 000,482,304 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\pintlgnt.ime
[2010/02/19 19:20:12 | 000,079,360 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\phon.ime
[2010/02/19 19:20:12 | 000,053,760 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\pintlcsd.dll
[2010/02/19 19:20:11 | 000,036,927 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\padrs411.dll
[2010/02/19 19:20:11 | 000,015,872 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\padrs404.dll
[2010/02/19 19:20:11 | 000,015,360 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\padrs804.dll
[2010/02/19 19:20:11 | 000,014,336 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\padrs412.dll
[2010/02/19 19:20:08 | 000,038,912 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll
[2010/02/19 19:20:04 | 000,229,439 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\multibox.dll
[2010/02/19 19:20:03 | 000,111,104 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\mtstocom.exe
[2010/02/19 19:19:59 | 000,040,960 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msiregmv.exe
[2010/02/19 19:19:58 | 001,875,968 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msir3jp.lex
[2010/02/19 19:19:58 | 000,098,304 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msir3jp.dll
[2010/02/19 19:19:51 | 000,007,680 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\migregdb.exe
[2010/02/19 19:19:50 | 000,092,416 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\mga.sys
[2010/02/19 19:19:50 | 000,092,032 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\mga.dll
[2010/02/19 19:19:49 | 000,065,536 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll
[2010/02/19 19:19:48 | 000,022,528 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\lpdsvc.dll
[2010/02/19 19:19:48 | 000,018,944 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\lprmon.dll
[2010/02/19 19:19:47 | 000,033,792 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\lmmib2.dll
[2010/02/19 19:19:45 | 000,070,656 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\korwbrkr.dll
[2010/02/19 19:19:45 | 000,006,144 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdth3.dll
[2010/02/19 19:19:45 | 000,006,144 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdth2.dll
[2010/02/19 19:19:45 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdvntc.dll
[2010/02/19 19:19:45 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdusa.dll
[2010/02/19 19:19:45 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdurdu.dll
[2010/02/19 19:19:45 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdth1.dll
[2010/02/19 19:19:44 | 000,009,216 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdnecat.dll
[2010/02/19 19:19:44 | 000,007,680 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdnecnt.dll
[2010/02/19 19:19:44 | 000,007,168 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdnec95.dll
[2010/02/19 19:19:44 | 000,006,656 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdlk41a.dll
[2010/02/19 19:19:44 | 000,006,144 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdlk41j.dll
[2010/02/19 19:19:44 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdth0.dll
[2010/02/19 19:19:44 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdsyr2.dll
[2010/02/19 19:19:44 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdsyr1.dll
[2010/02/19 19:19:44 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdintel.dll
[2010/02/19 19:19:44 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdintam.dll
[2010/02/19 19:19:43 | 000,007,168 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdibm02.dll
[2010/02/19 19:19:43 | 000,006,144 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdinpun.dll
[2010/02/19 19:19:43 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdinmar.dll
[2010/02/19 19:19:43 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdinkan.dll
[2010/02/19 19:19:43 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdinhin.dll
[2010/02/19 19:19:43 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdinguj.dll
[2010/02/19 19:19:43 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdindev.dll
[2010/02/19 19:19:43 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdheb.dll
[2010/02/19 19:19:43 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdfa.dll
[2010/02/19 19:19:43 | 000,005,120 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdgeo.dll
[2010/02/19 19:19:42 | 000,006,144 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdax2.dll
[2010/02/19 19:19:42 | 000,006,144 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbd106n.dll
[2010/02/19 19:19:42 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbddiv2.dll
[2010/02/19 19:19:42 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbddiv1.dll
[2010/02/19 19:19:42 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbda3.dll
[2010/02/19 19:19:42 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbda2.dll
[2010/02/19 19:19:42 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbda1.dll
[2010/02/19 19:19:42 | 000,005,120 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdarmw.dll
[2010/02/19 19:19:42 | 000,005,120 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdarme.dll
[2010/02/19 19:19:41 | 000,018,432 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\jupiw.dll
[2010/02/19 19:19:41 | 000,006,144 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbd101a.dll
[2010/02/19 19:19:41 | 000,006,144 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbd101.dll
[2010/02/19 19:19:40 | 000,035,328 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\iprip.dll
[2010/02/19 19:19:39 | 000,471,102 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imskdic.dll
[2010/02/19 19:19:39 | 000,315,452 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imskf.dll
[2010/02/19 19:19:38 | 000,274,489 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imjputyc.dll
[2010/02/19 19:19:38 | 000,262,200 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imjputy.exe
[2010/02/19 19:19:38 | 000,233,527 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imjprw.exe
[2010/02/19 19:19:38 | 000,102,456 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imlang.dll
[2010/02/19 19:19:38 | 000,059,904 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imkrinst.exe
[2010/02/19 19:19:38 | 000,045,109 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imjpuex.exe
[2010/02/19 19:19:37 | 000,716,856 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imjpcus.dll
[2010/02/19 19:19:37 | 000,307,257 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imjpdct.exe
[2010/02/19 19:19:37 | 000,208,952 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imjpmig.exe
[2010/02/19 19:19:37 | 000,155,705 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imjpdsvr.exe
[2010/02/19 19:19:37 | 000,081,976 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imjpdct.dll
[2010/02/19 19:19:37 | 000,057,398 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imjpdadm.exe
[2010/02/19 19:19:36 | 000,811,064 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imjp81k.dll
[2010/02/19 19:19:36 | 000,368,696 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imjpcic.dll
[2010/02/19 19:19:36 | 000,340,023 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imjp81.ime
[2010/02/19 19:19:35 | 000,311,359 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imepadsv.exe
[2010/02/19 19:19:35 | 000,106,496 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imekrcic.dll
[2010/02/19 19:19:35 | 000,102,463 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imepadsm.dll
[2010/02/19 19:19:35 | 000,094,720 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imekr61.ime
[2010/02/19 19:19:35 | 000,086,016 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imekrmbx.dll
[2010/02/19 19:19:35 | 000,044,032 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imekrmig.exe
[2010/02/19 19:19:28 | 010,129,408 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\hwxkor.dll
[2010/02/19 19:19:17 | 010,096,640 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\hwxcht.dll
[2010/02/19 19:19:16 | 000,039,936 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\hostmib.dll
[2010/02/19 19:19:15 | 000,036,864 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\hanjadic.dll
[2010/02/19 19:19:13 | 000,562,176 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fxsst.dll
[2010/02/19 19:19:13 | 000,400,384 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fxsxp32.dll
[2010/02/19 19:19:13 | 000,397,312 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fxstiff.dll
[2010/02/19 19:19:13 | 000,267,776 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fxssvc.exe
[2010/02/19 19:19:13 | 000,246,272 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fxst30.dll
[2010/02/19 19:19:13 | 000,192,512 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fxswzrd.dll
[2010/02/19 19:19:13 | 000,154,112 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fxsui.dll
[2010/02/19 19:19:12 | 000,285,184 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fxscomex.dll
[2010/02/19 19:19:12 | 000,229,376 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fxscover.exe
[2010/02/19 19:19:12 | 000,055,296 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fxsevent.dll
[2010/02/19 19:19:12 | 000,031,744 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fxsroute.dll
[2010/02/19 19:19:12 | 000,027,136 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fxsdrv.dll
[2010/02/19 19:19:12 | 000,023,552 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fxsmon.dll
[2010/02/19 19:19:12 | 000,023,552 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fxsext32.dll
[2010/02/19 19:19:12 | 000,011,264 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fxssend.exe
[2010/02/19 19:19:12 | 000,008,704 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fxsperf.dll
[2010/02/19 19:19:12 | 000,006,656 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fxsres.dll
[2010/02/19 19:19:11 | 000,452,096 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fxsapi.dll
[2010/02/19 19:19:11 | 000,143,360 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fxsclnt.exe
[2010/02/19 19:19:11 | 000,132,608 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fxsclntr.dll
[2010/02/19 19:19:11 | 000,111,104 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fxscfgwz.dll
[2010/02/19 19:19:11 | 000,072,192 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fxscom.dll
[2010/02/19 19:19:11 | 000,006,144 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\ftlx041e.dll
[2010/02/19 19:19:10 | 000,618,605 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fp4autl.dll
[2010/02/19 19:19:10 | 000,024,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fpadmcgi.exe
[2010/02/19 19:19:10 | 000,020,541 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fpadmdll.dll
[2010/02/19 19:19:09 | 000,043,520 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll
[2010/02/19 19:19:09 | 000,014,848 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\flattemp.exe
[2010/02/19 19:19:08 | 000,101,888 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\evntagnt.dll
[2010/02/19 19:19:08 | 000,092,160 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\evntwin.exe
[2010/02/19 19:19:08 | 000,045,056 | ---- | C] (SEIKO EPSON CORP.) -- D:\WINDOWS\System32\dllcache\esunid.dll
[2010/02/19 19:19:08 | 000,025,856 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\et4000.sys
[2010/02/19 19:19:08 | 000,024,064 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\evntcmd.exe
[2010/02/19 19:19:08 | 000,007,168 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\f3ahvoas.dll
[2010/02/19 19:19:07 | 000,057,856 | ---- | C] (SEIKO EPSON CORP.) -- D:\WINDOWS\System32\dllcache\esuimgd.dll
[2010/02/19 19:19:07 | 000,031,744 | ---- | C] (SEIKO EPSON CORP.) -- D:\WINDOWS\System32\dllcache\esucmd.dll
[2010/02/19 19:19:06 | 000,514,587 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\edb500.dll
[2010/02/19 19:19:01 | 000,078,848 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\dayi.ime
[2010/02/19 19:18:59 | 000,018,944 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\cprofile.exe
[2010/02/19 19:18:58 | 000,057,399 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\cplexe.exe
[2010/02/19 19:18:56 | 000,480,256 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\cintsetp.exe
[2010/02/19 19:18:56 | 000,021,504 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\cintlgnt.ime
[2010/02/19 19:18:55 | 000,198,656 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\cintime.dll
[2010/02/19 19:18:55 | 000,097,792 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\chtmbx.dll
[2010/02/19 19:18:55 | 000,056,320 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\chtskdic.dll
[2010/02/19 19:18:54 | 001,677,824 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\chsbrkr.dll
[2010/02/19 19:18:54 | 000,838,144 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\chtbrkr.dll
[2010/02/19 19:18:53 | 000,078,336 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\chajei.ime
[2010/02/19 19:18:53 | 000,015,872 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\chgport.exe
[2010/02/19 19:18:53 | 000,014,336 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\chgusr.exe
[2010/02/19 19:18:53 | 000,013,312 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\chglogon.exe
[2010/02/19 19:18:53 | 000,009,728 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\change.exe
[2010/02/19 19:18:51 | 000,218,112 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\c_g18030.dll
[2010/02/19 19:18:51 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- D:\WINDOWS\System32\dllcache\cap7146.sys
[2010/02/19 19:18:51 | 000,010,752 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\c_iscii.dll
[2010/02/19 19:18:51 | 000,006,656 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\c_is2022.dll
[2010/02/19 19:18:41 | 000,331,264 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\aqueue.dll
[2010/02/19 19:18:41 | 000,045,056 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll
[2010/02/19 19:18:40 | 000,019,456 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\agt0804.dll
[2010/02/19 19:18:40 | 000,019,456 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\agt0412.dll
[2010/02/19 19:18:40 | 000,019,456 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\agt0411.dll
[2010/02/19 19:18:40 | 000,019,456 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\agt040d.dll
[2010/02/19 19:18:40 | 000,019,456 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\agt0404.dll
[2010/02/19 19:18:40 | 000,019,456 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\agt0401.dll
[2010/02/19 19:18:39 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll
[2010/02/19 19:18:33 | 000,032,827 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\tcptest.exe
[2010/02/19 19:18:33 | 000,016,437 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\shtml.exe
[2010/02/19 19:18:33 | 000,016,384 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\tcptsat.dll
[2010/02/19 19:18:32 | 000,020,536 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\shtml.dll
[2010/02/19 19:18:27 | 000,598,071 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fpmmc.dll
[2010/02/19 19:18:27 | 000,208,896 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fpmmcsat.dll
[2010/02/19 19:18:27 | 000,020,538 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fpremadm.exe
[2010/02/19 19:18:26 | 000,876,653 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fp4awel.dll
[2010/02/19 19:18:26 | 000,188,494 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fpcount.exe
[2010/02/19 19:18:26 | 000,109,328 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fp98swin.exe
[2010/02/19 19:18:26 | 000,049,212 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fp4awebs.dll
[2010/02/19 19:18:26 | 000,032,826 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fp4avss.dll
[2010/02/19 19:18:26 | 000,020,541 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fpexedll.dll
[2010/02/19 19:18:26 | 000,014,608 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fp98sadm.exe
[2010/02/19 19:18:25 | 000,184,435 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fp4amsft.dll
[2010/02/19 19:18:25 | 000,147,513 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fp4apws.dll
[2010/02/19 19:18:25 | 000,102,509 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fp4atxt.dll
[2010/02/19 19:18:25 | 000,082,035 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fp4anscp.dll
[2010/02/19 19:18:25 | 000,049,210 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fp4areg.dll
[2010/02/19 19:18:25 | 000,041,020 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fp4avnb.dll
[2010/02/19 19:18:24 | 000,188,480 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\cfgwiz.exe
[2010/02/19 19:18:24 | 000,020,540 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\author.dll
[2010/02/19 19:18:24 | 000,016,439 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\author.exe
[2010/02/19 19:18:23 | 000,016,439 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\admin.exe
[2010/02/19 19:18:22 | 000,020,540 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\admin.dll
[2010/02/19 19:18:12 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\xircom
[2010/02/19 19:18:12 | 000,000,000 | ---D | C] -- D:\Program Files\xerox
[2010/02/19 19:18:12 | 000,000,000 | ---D | C] -- D:\Program Files\microsoft frontpage
[2010/02/19 19:17:50 | 000,000,000 | --SD | M] -- D:\Documents and Settings\NetworkService\Application Data\Microsoft
[2010/02/19 19:17:50 | 000,000,000 | --SD | M] -- D:\Documents and Settings\LocalService\Application Data\Microsoft
[2010/02/19 19:16:47 | 000,000,000 | -HSD | C] -- D:\Documents and Settings\All Users\DRM
[2010/02/19 19:16:34 | 000,000,000 | --SD | C] -- D:\WINDOWS\Downloaded Program Files
[2010/02/19 19:16:34 | 000,000,000 | R--D | C] -- D:\WINDOWS\Offline Web Pages
[2010/02/19 19:16:20 | 000,000,000 | -H-D | C] -- D:\Program Files\WindowsUpdate
[2010/02/19 19:15:54 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\DirectX
[2010/02/19 19:15:34 | 000,028,160 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msoobe.exe
[2010/02/19 19:15:33 | 000,099,840 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\helphost.exe
[2010/02/19 19:15:33 | 000,035,328 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\notiflag.exe
[2010/02/19 19:15:33 | 000,021,504 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\brpinfo.dll
[2010/02/19 19:15:33 | 000,011,264 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\atrace.dll
[2010/02/19 19:15:33 | 000,011,264 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\atrace.dll
[2010/02/19 19:15:32 | 000,006,656 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\hcappres.dll
[2010/02/19 19:15:24 | 000,047,104 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\srdiag.exe
[2010/02/19 19:15:23 | 000,012,288 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wb32.exe
[2010/02/19 19:15:23 | 000,012,288 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\nmevtmsg.dll
[2010/02/19 19:15:23 | 000,012,288 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\nmevtmsg.dll
[2010/02/19 19:15:22 | 000,064,512 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\acctres.dll
[2010/02/19 19:15:22 | 000,064,512 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\acctres.dll
[2010/02/19 19:15:22 | 000,039,936 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msinfo32.exe
[2010/02/19 19:15:22 | 000,012,288 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\cb32.exe
[2010/02/19 19:15:21 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\Services
[2010/02/19 19:15:19 | 000,016,384 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\icfgnt5.dll
[2010/02/19 19:15:19 | 000,016,384 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\icfgnt5.dll
[2010/02/19 19:15:19 | 000,000,000 | --SD | C] -- D:\WINDOWS\Tasks
[2010/02/19 19:15:18 | 000,235,520 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\mssoap1.dll
[2010/02/19 19:15:18 | 000,073,728 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\icwtutor.exe
[2010/02/19 19:15:18 | 000,061,440 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\icwres.dll
[2010/02/19 19:15:18 | 000,040,960 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\trialoc.dll
[2010/02/19 19:15:18 | 000,025,088 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wisc10.dll
[2010/02/19 19:15:18 | 000,023,552 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\mssoapr.dll
[2010/02/19 19:15:18 | 000,016,384 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\isignup.exe
[2010/02/19 19:15:18 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\MSSoap
[2010/02/19 19:15:17 | 000,093,184 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\ieinfo5.ocx
[2010/02/19 19:15:14 | 003,166,208 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msgr3en.dll
[2010/02/19 19:15:14 | 000,725,566 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\srchui.dll
[2010/02/19 19:15:14 | 000,058,434 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\srchctls.dll
[2010/02/19 19:15:13 | 000,848,384 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\vgx.dll
[2010/02/19 19:15:13 | 000,000,000 | ---D | C] -- D:\WINDOWS\srchasst
[2010/02/19 19:15:12 | 000,774,144 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\setup_wm.exe
[2010/02/19 19:15:12 | 000,098,304 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wmpband.dll
[2010/02/19 19:15:12 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\Macromed
[2010/02/19 19:15:11 | 000,786,432 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\migrate.exe
[2010/02/19 19:15:11 | 000,368,640 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\mpvis.dll
[2010/02/19 19:15:11 | 000,221,184 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wmpns.dll
[2010/02/19 19:15:11 | 000,073,728 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wmplayer.exe
[2010/02/19 19:15:11 | 000,028,672 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\custsat.dll
[2010/02/19 19:15:10 | 000,364,544 | ---- | C] (Microsoft Corporation (written by Digital Renaissance Inc.)) -- D:\WINDOWS\System32\dllcache\npdsplay.dll
[2010/02/19 19:15:10 | 000,226,816 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\npdrmv2.dll
[2010/02/19 19:15:10 | 000,010,240 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\npwmsdrm.dll
[2010/02/19 19:15:09 | 001,134,592 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wuaueng.dll
[2010/02/19 19:15:09 | 000,183,296 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\wuaueng1.dll
[2010/02/19 19:15:09 | 000,183,296 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wuaueng1.dll
[2010/02/19 19:15:09 | 000,165,888 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\wuauclt1.exe
[2010/02/19 19:15:09 | 000,165,888 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wuauclt1.exe
[2010/02/19 19:15:09 | 000,162,304 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wuaucpl.cpl
[2010/02/19 19:15:09 | 000,120,320 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wuweb.dll
[2010/02/19 19:15:09 | 000,112,640 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\wucltui.dll
[2010/02/19 19:15:09 | 000,112,640 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wucltui.dll
[2010/02/19 19:15:09 | 000,111,104 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wuauclt.exe
[2010/02/19 19:15:09 | 000,036,864 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\wups.dll
[2010/02/19 19:15:09 | 000,036,864 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wups.dll
[2010/02/19 19:15:09 | 000,006,656 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wuauserv.dll
[2010/02/19 19:15:08 | 000,430,592 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\wuapi.dll
[2010/02/19 19:15:08 | 000,430,592 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wuapi.dll
[2010/02/19 19:15:08 | 000,382,464 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\qmgr.dll
[2010/02/19 19:15:08 | 000,018,944 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\qmgrprxy.dll
[2010/02/19 19:15:08 | 000,018,944 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\qmgrprxy.dll
[2010/02/19 19:15:08 | 000,008,192 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\bitsprx2.dll
[2010/02/19 19:15:08 | 000,008,192 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\bitsprx2.dll
[2010/02/19 19:15:08 | 000,007,168 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\bitsprx3.dll
[2010/02/19 19:15:08 | 000,007,168 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\bitsprx3.dll
[2010/02/19 19:15:06 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wmm2res2.dll
[2010/02/19 19:15:06 | 000,004,096 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wmm2eres.dll
[2010/02/19 19:15:05 | 004,256,768 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wmm2res.dll
[2010/02/19 19:15:05 | 000,502,272 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wmm2fxa.dll
[2010/02/19 19:15:05 | 000,402,432 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wmm2filt.dll
[2010/02/19 19:15:05 | 000,325,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wmm2fxb.dll
[2010/02/19 19:15:05 | 000,007,680 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wmm2ext.dll
[2010/02/19 19:15:04 | 000,167,936 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wmm2ae.dll
[2010/02/19 19:15:03 | 003,555,328 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\moviemk.exe
[2010/02/19 19:15:03 | 000,000,000 | ---D | C] -- D:\Program Files\Movie Maker
[2010/02/19 19:15:02 | 000,561,664 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msobmain.dll
[2010/02/19 19:15:02 | 000,122,368 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msobcomm.dll
[2010/02/19 19:15:02 | 000,030,720 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msobshel.dll
[2010/02/19 19:15:02 | 000,018,944 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msobweb.dll
[2010/02/19 19:15:02 | 000,016,384 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msobdl.dll
[2010/02/19 19:15:01 | 000,051,200 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\oobebaln.exe
[2010/02/19 19:15:00 | 000,150,528 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\uploadm.exe
[2010/02/19 19:14:59 | 000,102,400 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\pchshell.dll
[2010/02/19 19:14:59 | 000,045,568 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\safrslv.dll
[2010/02/19 19:14:59 | 000,045,568 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\safrslv.dll
[2010/02/19 19:14:59 | 000,043,520 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\safrcdlg.dll
[2010/02/19 19:14:59 | 000,043,520 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\safrcdlg.dll
[2010/02/19 19:14:59 | 000,043,520 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\racpldlg.dll
[2010/02/19 19:14:59 | 000,043,520 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\racpldlg.dll
[2010/02/19 19:14:59 | 000,038,912 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\pchsvc.dll
[2010/02/19 19:14:59 | 000,029,696 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\safrdm.dll
[2010/02/19 19:14:59 | 000,029,696 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\safrdm.dll
[2010/02/19 19:14:57 | 000,158,208 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msconfig.exe
[2010/02/19 19:14:56 | 000,768,512 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\helpctr.exe
[2010/02/19 19:14:56 | 000,743,936 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\helpsvc.exe
[2010/02/19 19:14:56 | 000,018,944 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\hscupd.exe
[2010/02/19 19:14:55 | 000,380,416 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\rstrui.exe
[2010/02/19 19:14:55 | 000,239,104 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\srrstr.dll
[2010/02/19 19:14:55 | 000,239,104 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\srrstr.dll
[2010/02/19 19:14:55 | 000,170,496 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\srsvc.dll
[2010/02/19 19:14:55 | 000,124,800 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fltmgr.sys
[2010/02/19 19:14:55 | 000,022,528 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\fltMc.exe
[2010/02/19 19:14:55 | 000,022,528 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fltmc.exe
[2010/02/19 19:14:55 | 000,016,896 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fltlib.dll
[2010/02/19 19:14:55 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\Restore
[2010/02/19 19:14:54 | 000,081,920 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\ils.dll
[2010/02/19 19:14:54 | 000,081,920 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\ils.dll
[2010/02/19 19:14:54 | 000,073,472 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\sr.sys
[2010/02/19 19:14:54 | 000,067,584 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\srclient.dll
[2010/02/19 19:14:54 | 000,034,560 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\mnmdd.dll
[2010/02/19 19:14:54 | 000,034,560 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\mnmdd.dll
[2010/02/19 19:14:54 | 000,032,768 | ---- | C] (Intel Corporation) -- D:\WINDOWS\System32\isrdbg32.dll
[2010/02/19 19:14:54 | 000,032,768 | ---- | C] (Intel Corporation) -- D:\WINDOWS\System32\dllcache\isrdbg32.dll
[2010/02/19 19:14:53 | 000,385,024 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\callcont.dll
[2010/02/19 19:14:53 | 000,229,376 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\nmas.dll
[2010/02/19 19:14:53 | 000,069,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\msconf.dll
[2010/02/19 19:14:53 | 000,069,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msconf.dll
[2010/02/19 19:14:53 | 000,040,960 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\dcap32.dll
[2010/02/19 19:14:53 | 000,032,768 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\mnmsrvc.exe
[2010/02/19 19:14:53 | 000,028,672 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\nmmkcert.dll
[2010/02/19 19:14:53 | 000,028,672 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\nmmkcert.dll
[2010/02/19 19:14:53 | 000,028,672 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\nmasnt.dll
[2010/02/19 19:14:52 | 000,274,432 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\mst120.dll
[2010/02/19 19:14:52 | 000,221,184 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\nac.dll
[2010/02/19 19:14:52 | 000,077,824 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\nmcom.dll
[2010/02/19 19:14:52 | 000,061,440 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\rrcm.dll
[2010/02/19 19:14:52 | 000,057,344 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\mst123.dll
[2010/02/19 19:14:52 | 000,057,344 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\h323cc.dll
[2010/02/19 19:14:52 | 000,045,056 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\confmrsl.dll
[2010/02/19 19:14:51 | 001,032,192 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\conf.exe
[2010/02/19 19:14:51 | 000,188,416 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\nmwb.dll
[2010/02/19 19:14:51 | 000,172,032 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\nmoldwb.dll
[2010/02/19 19:14:51 | 000,151,552 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\nmft.dll
[2010/02/19 19:14:51 | 000,081,920 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\nmchat.dll
[2010/02/19 19:14:51 | 000,000,000 | ---D | C] -- D:\Program Files\NetMeeting
[2010/02/19 19:14:50 | 000,504,832 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wab32.dll
[2010/02/19 19:14:50 | 000,252,928 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\msoeacct.dll
[2010/02/19 19:14:50 | 000,252,928 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msoeacct.dll
[2010/02/19 19:14:50 | 000,249,856 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wab32res.dll
[2010/02/19 19:14:50 | 000,105,984 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\msoert2.dll
[2010/02/19 19:14:50 | 000,105,984 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msoert2.dll
[2010/02/19 19:14:50 | 000,084,992 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wabimp.dll
[2010/02/19 19:14:50 | 000,046,080 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wab.exe
[2010/02/19 19:14:50 | 000,032,768 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wabfind.dll
[2010/02/19 19:14:50 | 000,030,208 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wabmig.exe
[2010/02/19 19:14:49 | 000,678,400 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\inetcomm.dll
[2010/02/19 19:14:49 | 000,104,448 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\oeimport.dll
[2010/02/19 19:14:49 | 000,081,408 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\directdb.dll
[2010/02/19 19:14:49 | 000,060,416 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msimn.exe
[2010/02/19 19:14:49 | 000,048,128 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\inetres.dll
[2010/02/19 19:14:49 | 000,048,128 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\inetres.dll
[2010/02/19 19:14:48 | 002,479,616 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msoeres.dll
[2010/02/19 19:14:47 | 000,274,944 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\mstask.dll
[2010/02/19 19:14:47 | 000,190,976 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\schedsvc.dll
[2010/02/19 19:14:47 | 000,073,216 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\setup50.exe
[2010/02/19 19:14:47 | 000,060,416 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\oemig50.exe
[2010/02/19 19:14:47 | 000,035,328 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\oemiglib.dll
[2010/02/19 19:14:47 | 000,012,288 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\mstinit.exe
[2010/02/19 19:14:47 | 000,012,288 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\mstinit.exe
[2010/02/19 19:14:47 | 000,000,000 | ---D | C] -- D:\Program Files\Outlook Express
[2010/02/19 19:14:46 | 000,274,432 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\inetcfg.dll
[2010/02/19 19:14:46 | 000,274,432 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\inetcfg.dll
[2010/02/19 19:14:46 | 000,081,920 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\isign32.dll
[2010/02/19 19:14:46 | 000,081,920 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\isign32.dll
[2010/02/19 19:14:46 | 000,073,728 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\icwdial.dll
[2010/02/19 19:14:46 | 000,073,728 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\icwdial.dll
[2010/02/19 19:14:46 | 000,065,536 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\icwphbk.dll
[2010/02/19 19:14:46 | 000,065,536 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\icwphbk.dll
[2010/02/19 19:14:45 | 000,214,528 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\icwconn1.exe
[2010/02/19 19:14:45 | 000,172,032 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\icwhelp.dll
[2010/02/19 19:14:45 | 000,086,016 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\icwconn2.exe
[2010/02/19 19:14:45 | 000,061,440 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\icwconn.dll
[2010/02/19 19:14:45 | 000,049,152 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\icwutil.dll
[2010/02/19 19:14:45 | 000,032,768 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\icwdl.dll
[2010/02/19 19:14:45 | 000,024,576 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\icwrmind.exe
[2010/02/19 19:14:45 | 000,020,480 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\inetwiz.exe
[2010/02/19 19:14:44 | 000,561,179 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\dao360.dll
[2010/02/19 19:14:44 | 000,217,088 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\sqlxmlx.dll
[2010/02/19 19:14:44 | 000,065,536 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\oledb32r.dll
[2010/02/19 19:14:43 | 000,487,424 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\oledb32.dll
[2010/02/19 19:14:43 | 000,315,392 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msdasql.dll
[2010/02/19 19:14:43 | 000,233,472 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msdaora.dll
[2010/02/19 19:14:43 | 000,204,800 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msdaps.dll
[2010/02/19 19:14:43 | 000,094,208 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msdatl3.dll
[2010/02/19 19:14:43 | 000,077,824 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msdaosp.dll
[2010/02/19 19:14:43 | 000,024,576 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msxactps.dll
[2010/02/19 19:14:43 | 000,020,480 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msdatt.dll
[2010/02/19 19:14:43 | 000,016,384 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msdasqlr.dll
[2010/02/19 19:14:43 | 000,016,384 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msdaorar.dll
[2010/02/19 19:14:43 | 000,004,096 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msdaurl.dll
[2010/02/19 19:14:43 | 000,004,096 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msdasc.dll
[2010/02/19 19:14:43 | 000,004,096 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msdaer.dll
[2010/02/19 19:14:43 | 000,004,096 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msdaenum.dll
[2010/02/19 19:14:43 | 000,004,096 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msdadc.dll
[2010/02/19 19:14:42 | 000,536,576 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msado15.dll
[2010/02/19 19:14:42 | 000,200,704 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msadox.dll
[2010/02/19 19:14:42 | 000,180,224 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msadomd.dll
[2010/02/19 19:14:42 | 000,102,400 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msjro.dll
[2010/02/19 19:14:42 | 000,081,920 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msado27.tlb
[2010/02/19 19:14:42 | 000,081,920 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msado26.tlb
[2010/02/19 19:14:42 | 000,081,920 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msado25.tlb
[2010/02/19 19:14:42 | 000,061,440 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msado21.tlb
[2010/02/19 19:14:42 | 000,061,440 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msado20.tlb
[2010/02/19 19:14:42 | 000,057,344 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msadrh15.dll
[2010/02/19 19:14:42 | 000,057,344 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msador15.dll
[2010/02/19 19:14:42 | 000,024,576 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msader15.dll
[2010/02/19 19:14:41 | 000,331,776 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msadce.dll
[2010/02/19 19:14:41 | 000,200,704 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msdaprst.dll
[2010/02/19 19:14:41 | 000,155,648 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msadds.dll
[2010/02/19 19:14:41 | 000,143,360 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msadco.dll
[2010/02/19 19:14:41 | 000,118,784 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msdarem.dll
[2010/02/19 19:14:41 | 000,061,440 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msadcf.dll
[2010/02/19 19:14:41 | 000,053,248 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msadcs.dll
[2010/02/19 19:14:41 | 000,036,864 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msdfmap.dll
[2010/02/19 19:14:41 | 000,024,576 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msaddsr.dll
[2010/02/19 19:14:41 | 000,020,480 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msadcer.dll
[2010/02/19 19:14:41 | 000,016,384 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msdaremr.dll
[2010/02/19 19:14:41 | 000,016,384 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msdaprsr.dll
[2010/02/19 19:14:41 | 000,016,384 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msadcor.dll
[2010/02/19 19:14:41 | 000,016,384 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msadcfr.dll
[2010/02/19 19:14:40 | 000,093,184 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\iexplore.exe
[2010/02/19 19:14:40 | 000,038,912 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\hmmapi.dll
[2010/02/19 19:14:40 | 000,018,432 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\iedw.exe
[2010/02/19 19:14:40 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\System
[2010/02/19 19:14:37 | 000,000,000 | R--D | C] -- D:\Documents and Settings\All Users\Documents\My Pictures
[2010/02/19 19:14:37 | 000,000,000 | ---D | C] -- D:\Program Files\Internet Explorer
[2010/02/19 19:14:22 | 000,000,000 | ---D | C] -- D:\Program Files\ComPlus Applications
[2010/02/19 19:14:11 | 000,000,000 | ---D | C] -- D:\WINDOWS\Registration
[2010/02/19 19:13:37 | 000,000,000 | R--D | C] -- D:\Documents and Settings\All Users\Documents\My Music
[2010/02/19 19:13:37 | 000,000,000 | ---D | C] -- D:\Program Files\Windows Media Player
[2010/02/19 19:13:37 | 000,000,000 | ---D | C] -- D:\Program Files\Online Services
[2010/02/19 19:13:31 | 000,000,000 | ---D | C] -- D:\Program Files\Messenger
[2010/02/19 19:13:30 | 001,817,687 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\bckgres.dll
[2010/02/19 19:13:30 | 000,082,501 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\bckg.dll
[2010/02/19 19:13:30 | 000,042,577 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\bckgzm.exe
[2010/02/19 19:13:29 | 002,178,131 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\shvlres.dll
[2010/02/19 19:13:29 | 000,780,885 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\chkrres.dll
[2010/02/19 19:13:29 | 000,753,236 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\rvseres.dll
[2010/02/19 19:13:29 | 000,066,113 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\shvl.dll
[2010/02/19 19:13:29 | 000,048,706 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\rvse.dll
[2010/02/19 19:13:29 | 000,042,575 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\chkrzm.exe
[2010/02/19 19:13:29 | 000,042,574 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\rvsezm.exe
[2010/02/19 19:13:29 | 000,042,573 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\shvlzm.exe
[2010/02/19 19:13:29 | 000,042,573 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\hrtzzm.exe
[2010/02/19 19:13:29 | 000,040,515 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\chkr.dll
[2010/02/19 19:13:28 | 001,175,635 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\hrtzres.dll
[2010/02/19 19:13:28 | 001,039,955 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\cmnresm.dll
[2010/02/19 19:13:28 | 000,057,409 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\hrtz.dll
[2010/02/19 19:13:28 | 000,041,029 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\zcorem.dll
[2010/02/19 19:13:28 | 000,032,339 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\uniansi.dll
[2010/02/19 19:13:28 | 000,013,894 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\zonelibm.dll
[2010/02/19 19:13:28 | 000,004,677 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\zeeverm.dll
[2010/02/19 19:13:27 | 000,217,160 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\cmnclim.dll
[2010/02/19 19:13:27 | 000,113,222 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\zoneclim.dll
[2010/02/19 19:13:27 | 000,036,937 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\zclientm.exe
[2010/02/19 19:13:27 | 000,029,760 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\znetm.dll
[2010/02/19 19:13:27 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\write.exe
[2010/02/19 19:13:27 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\write.exe
[2010/02/19 19:13:27 | 000,000,000 | ---D | C] -- D:\Program Files\MSN Gaming Zone
[2010/02/19 19:13:18 | 000,227,840 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\avtapi.dll
[2010/02/19 19:13:18 | 000,227,840 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\avtapi.dll
[2010/02/19 19:13:18 | 000,138,752 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\sndvol32.exe
[2010/02/19 19:13:18 | 000,138,752 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\sndvol32.exe
[2010/02/19 19:13:18 | 000,073,216 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\avwav.dll
[2010/02/19 19:13:18 | 000,073,216 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\avwav.dll
[2010/02/19 19:13:18 | 000,044,544 | ---- | C] (Hilgraeve, Inc.) -- D:\WINDOWS\System32\hticons.dll
[2010/02/19 19:13:18 | 000,016,384 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\avmeter.dll
[2010/02/19 19:13:18 | 000,016,384 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\avmeter.dll
[2010/02/19 19:13:18 | 000,013,312 | ---- | C] (Hilgraeve, Inc.) -- D:\WINDOWS\System32\dllcache\htrn_jis.dll
[2010/02/19 19:13:17 | 000,035,328 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\winchat.exe
[2010/02/19 19:13:17 | 000,035,328 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\winchat.exe
[2010/02/19 19:13:11 | 000,605,696 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\getuname.dll
[2010/02/19 19:13:11 | 000,605,696 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\getuname.dll
[2010/02/19 19:13:11 | 000,080,384 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\charmap.exe
[2010/02/19 19:13:11 | 000,080,384 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\charmap.exe
[2010/02/19 19:13:10 | 000,126,976 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\mshearts.exe
[2010/02/19 19:13:10 | 000,126,976 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\mshearts.exe
[2010/02/19 19:13:10 | 000,119,808 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\winmine.exe
[2010/02/19 19:13:10 | 000,119,808 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\winmine.exe
[2010/02/19 19:13:10 | 000,114,688 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\calc.exe
[2010/02/19 19:13:10 | 000,114,688 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\calc.exe
[2010/02/19 19:13:10 | 000,056,832 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\sol.exe
[2010/02/19 19:13:10 | 000,056,832 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\sol.exe
[2010/02/19 19:13:09 | 000,055,296 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\freecell.exe
[2010/02/19 19:13:09 | 000,055,296 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\freecell.exe
[2010/02/19 19:13:09 | 000,033,792 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\regini.exe
[2010/02/19 19:13:09 | 000,033,792 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\regini.exe
[2010/02/19 19:13:09 | 000,016,896 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\tsshutdn.exe
[2010/02/19 19:13:09 | 000,016,896 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\tsshutdn.exe
[2010/02/19 19:13:09 | 000,016,384 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\tskill.exe
[2010/02/19 19:13:09 | 000,016,384 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\tskill.exe
[2010/02/19 19:13:09 | 000,015,872 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\rwinsta.exe
[2010/02/19 19:13:09 | 000,015,872 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\rwinsta.exe
[2010/02/19 19:13:09 | 000,014,848 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\tsdiscon.exe
[2010/02/19 19:13:09 | 000,014,848 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\tsdiscon.exe
[2010/02/19 19:13:09 | 000,014,848 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\tscon.exe
[2010/02/19 19:13:09 | 000,014,848 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\tscon.exe
[2010/02/19 19:13:09 | 000,014,848 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\shadow.exe
[2010/02/19 19:13:09 | 000,014,848 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\shadow.exe
[2010/02/19 19:13:09 | 000,009,728 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\reset.exe
[2010/02/19 19:13:09 | 000,009,728 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\reset.exe
[2010/02/19 19:13:08 | 000,022,016 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\qwinsta.exe
[2010/02/19 19:13:08 | 000,022,016 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\qwinsta.exe
[2010/02/19 19:13:08 | 000,020,992 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\msg.exe
[2010/02/19 19:13:08 | 000,020,992 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msg.exe
[2010/02/19 19:13:08 | 000,016,896 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\qappsrv.exe
[2010/02/19 19:13:08 | 000,016,896 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\qappsrv.exe
[2010/02/19 19:13:08 | 000,015,872 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\cdmodem.dll
[2010/02/19 19:13:08 | 000,015,872 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\cdmodem.dll
[2010/02/19 19:13:08 | 000,015,360 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\logoff.exe
[2010/02/19 19:13:08 | 000,015,360 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\logoff.exe
[2010/02/19 19:13:08 | 000,004,096 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\rdpcfgex.dll
[2010/02/19 19:13:08 | 000,004,096 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\rdpcfgex.dll
[2010/02/19 19:13:07 | 000,082,432 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\comrepl.dll
[2010/02/19 19:13:07 | 000,082,432 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\comrepl.dll
[2010/02/19 19:13:07 | 000,025,600 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\comaddin.dll
[2010/02/19 19:13:07 | 000,025,600 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\comaddin.dll
[2010/02/19 19:13:07 | 000,025,088 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\mtxlegih.dll
[2010/02/19 19:13:07 | 000,025,088 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\mtxlegih.dll
[2010/02/19 19:13:07 | 000,020,480 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\mtxdm.dll
[2010/02/19 19:13:07 | 000,020,480 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\mtxdm.dll
[2010/02/19 19:13:07 | 000,019,456 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\mtsadmin.tlb
[2010/02/19 19:13:07 | 000,005,120 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\dcomcnfg.exe
[2010/02/19 19:13:07 | 000,005,120 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dcomcnfg.exe
[2010/02/19 19:13:07 | 000,005,120 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\comrereg.exe
[2010/02/19 19:13:07 | 000,004,096 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\mtxex.dll
[2010/02/19 19:13:07 | 000,004,096 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\mtxex.dll
[2010/02/19 19:13:06 | 000,147,456 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\comsnap.dll
[2010/02/19 19:13:06 | 000,147,456 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\comsnap.dll
[2010/02/19 19:13:06 | 000,054,272 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\stclient.dll
[2010/02/19 19:13:06 | 000,054,272 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\stclient.dll
[2010/02/19 19:13:06 | 000,045,568 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wmi2xml.dll
[2010/02/19 19:13:03 | 000,116,224 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\updprov.dll
[2010/02/19 19:13:03 | 000,075,264 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wmipicmp.dll
[2010/02/19 19:13:03 | 000,061,440 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wmimsg.dll
[2010/02/19 19:13:03 | 000,059,904 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wbemdisp.tlb
[2010/02/19 19:13:03 | 000,052,224 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wmitimep.dll
[2010/02/19 19:13:03 | 000,031,232 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wbemads.tlb
[2010/02/19 19:13:03 | 000,016,384 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\winmgmtr.dll
[2010/02/19 19:13:03 | 000,013,312 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\winmgmt.exe
[2010/02/19 19:13:03 | 000,012,288 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wbemads.dll
[2010/02/19 19:13:02 | 000,273,920 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msiprov.dll
[2010/02/19 19:13:02 | 000,120,320 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\dsprov.dll
[2010/02/19 19:13:02 | 000,061,952 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\tmplprov.dll
[2010/02/19 19:13:02 | 000,059,904 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\trnsprov.dll
[2010/02/19 19:13:02 | 000,053,248 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fwdprov.dll
[2010/02/19 19:13:02 | 000,040,960 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\smtpcons.dll
[2010/02/19 19:13:02 | 000,016,896 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\unsecapp.exe
[2010/02/19 19:12:47 | 000,000,000 | ---D | C] -- D:\Program Files\MSN
[2010/02/19 19:12:46 | 000,281,088 | ---- | C] (Cinematronics) -- D:\WINDOWS\System32\dllcache\pinball.exe
[2010/02/19 19:12:46 | 000,183,808 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\accwiz.exe
[2010/02/19 19:12:46 | 000,183,808 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\accwiz.exe
[2010/02/19 19:12:46 | 000,131,584 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\sndrec32.exe
[2010/02/19 19:12:46 | 000,131,584 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\sndrec32.exe
[2010/02/19 19:12:46 | 000,123,392 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\mplay32.exe
[2010/02/19 19:12:46 | 000,123,392 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\mplay32.exe
[2010/02/19 19:12:46 | 000,068,608 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\access.cpl
[2010/02/19 19:12:46 | 000,068,608 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\access.cpl
[2010/02/19 19:12:45 | 000,539,136 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\dialer.exe
[2010/02/19 19:12:45 | 000,345,088 | ---- | C] (Hilgraeve, Inc.) -- D:\WINDOWS\System32\hypertrm.dll
[2010/02/19 19:12:45 | 000,343,040 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\mspaint.exe
[2010/02/19 19:12:45 | 000,343,040 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\mspaint.exe
[2010/02/19 19:12:45 | 000,102,912 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\clipbrd.exe
[2010/02/19 19:12:45 | 000,102,912 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\clipbrd.exe
[2010/02/19 19:12:45 | 000,000,000 | ---D | C] -- D:\Program Files\Windows NT
[2010/02/19 19:12:44 | 000,538,624 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\spider.exe
[2010/02/19 19:12:44 | 000,538,624 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\spider.exe
[2010/02/19 19:12:44 | 000,139,400 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\rdpwd.sys
[2010/02/19 19:12:44 | 000,093,696 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\tscfgwmi.dll
[2010/02/19 19:12:44 | 000,093,696 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\tscfgwmi.dll
[2010/02/19 19:12:44 | 000,021,896 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\tdtcp.sys
[2010/02/19 19:12:44 | 000,012,040 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\tdpipe.sys
[2010/02/19 19:12:43 | 000,655,360 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\mstscax.dll
[2010/02/19 19:12:43 | 000,407,552 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\mstsc.exe
[2010/02/19 19:12:43 | 000,407,552 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\mstsc.exe
[2010/02/19 19:12:43 | 000,147,968 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\rdchost.dll
[2010/02/19 19:12:43 | 000,147,968 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\rdchost.dll
[2010/02/19 19:12:43 | 000,140,800 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\sessmgr.exe
[2010/02/19 19:12:43 | 000,067,072 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\rdshost.exe
[2010/02/19 19:12:43 | 000,067,072 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\rdshost.exe
[2010/02/19 19:12:43 | 000,060,416 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\remotepg.dll
[2010/02/19 19:12:43 | 000,044,544 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\tscupgrd.exe
[2010/02/19 19:12:43 | 000,044,544 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\tscupgrd.exe
[2010/02/19 19:12:43 | 000,013,824 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\rdsaddin.exe
[2010/02/19 19:12:43 | 000,013,824 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\rdsaddin.exe
[2010/02/19 19:12:42 | 000,295,424 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\termsrv.dll
[2010/02/19 19:12:42 | 000,161,280 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\msdtcuiu.dll
[2010/02/19 19:12:42 | 000,161,280 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msdtcuiu.dll
[2010/02/19 19:12:42 | 000,090,112 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\mtxoci.dll
[2010/02/19 19:12:42 | 000,090,112 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\mtxoci.dll
[2010/02/19 19:12:42 | 000,087,176 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\rdpwsx.dll
[2010/02/19 19:12:42 | 000,087,176 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\rdpwsx.dll
[2010/02/19 19:12:42 | 000,062,464 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\rdpclip.exe
[2010/02/19 19:12:42 | 000,062,464 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\rdpclip.exe
[2010/02/19 19:12:42 | 000,038,912 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\cfgbkend.dll
[2010/02/19 19:12:42 | 000,038,912 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\cfgbkend.dll
[2010/02/19 19:12:42 | 000,020,480 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\qprocess.exe
[2010/02/19 19:12:42 | 000,020,480 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\qprocess.exe
[2010/02/19 19:12:42 | 000,019,968 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\rdpsnd.dll
[2010/02/19 19:12:42 | 000,019,968 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\rdpsnd.dll
[2010/02/19 19:12:42 | 000,011,264 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\icaapi.dll
[2010/02/19 19:12:42 | 000,011,264 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\icaapi.dll
[2010/02/19 19:12:42 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\MsDtc
[2010/02/19 19:12:41 | 000,949,248 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\msdtctm.dll
[2010/02/19 19:12:41 | 000,949,248 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msdtctm.dll
[2010/02/19 19:12:41 | 000,425,472 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\msdtcprx.dll
[2010/02/19 19:12:41 | 000,425,472 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msdtcprx.dll
[2010/02/19 19:12:41 | 000,058,880 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\msdtclog.dll
[2010/02/19 19:12:41 | 000,058,880 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msdtclog.dll
[2010/02/19 19:12:41 | 000,011,776 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\xolehlp.dll
[2010/02/19 19:12:41 | 000,011,776 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\xolehlp.dll
[2010/02/19 19:12:41 | 000,006,144 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msdtc.exe
[2010/02/19 19:12:40 | 000,195,584 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\comadmin.dll
[2010/02/19 19:12:40 | 000,110,080 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\clbcatex.dll
[2010/02/19 19:12:40 | 000,110,080 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\clbcatex.dll
[2010/02/19 19:12:40 | 000,085,504 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\catsrvps.dll
[2010/02/19 19:12:40 | 000,085,504 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\catsrvps.dll
[2010/02/19 19:12:40 | 000,062,464 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\colbact.dll
[2010/02/19 19:12:40 | 000,062,464 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\colbact.dll
[2010/02/19 19:12:40 | 000,009,728 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\comrepl.exe
[2010/02/19 19:12:40 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\Com
[2010/02/19 19:12:39 | 001,251,840 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\comsvcs.dll
[2010/02/19 19:12:39 | 001,251,840 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\comsvcs.dll
[2010/02/19 19:12:39 | 000,628,224 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\catsrvut.dll
[2010/02/19 19:12:39 | 000,628,224 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\catsrvut.dll
[2010/02/19 19:12:39 | 000,229,888 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\catsrv.dll
[2010/02/19 19:12:39 | 000,229,888 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\catsrv.dll
[2010/02/19 19:12:38 | 000,540,160 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\comuid.dll
[2010/02/19 19:12:38 | 000,540,160 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\comuid.dll
[2010/02/19 19:12:38 | 000,501,248 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\clbcatq.dll
[2010/02/19 19:12:37 | 000,144,896 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wmisvc.dll
[2010/02/19 19:12:37 | 000,144,896 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wmiprov.dll
[2010/02/19 19:12:37 | 000,095,232 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wmiutils.dll
[2010/02/19 19:12:37 | 000,041,472 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wmipsess.dll
[2010/02/19 19:12:36 | 000,273,920 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wbemess.dll
[2010/02/19 19:12:36 | 000,197,120 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wbemupgd.dll
[2010/02/19 19:12:36 | 000,196,608 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wmiadap.exe
[2010/02/19 19:12:36 | 000,178,176 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wbemdisp.dll
[2010/02/19 19:12:36 | 000,156,672 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wmipcima.dll
[2010/02/19 19:12:36 | 000,140,800 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wmidcprv.dll
[2010/02/19 19:12:36 | 000,132,096 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wmipdskq.dll
[2010/02/19 19:12:36 | 000,126,464 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wmiapsrv.exe
[2010/02/19 19:12:36 | 000,116,224 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wbemtest.exe
[2010/02/19 19:12:36 | 000,089,088 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wmiaprpl.dll
[2010/02/19 19:12:36 | 000,062,976 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wmipjobj.dll
[2010/02/19 19:12:36 | 000,062,464 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wmipiprt.dll
[2010/02/19 19:12:36 | 000,060,928 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wmicookr.dll
[2010/02/19 19:12:36 | 000,043,520 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wbemsvc.dll
[2010/02/19 19:12:36 | 000,018,944 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wbemprox.dll
[2010/02/19 19:12:36 | 000,006,656 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wmiapres.dll
[2010/02/19 19:12:35 | 000,530,944 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wbemcore.dll
[2010/02/19 19:12:35 | 000,237,056 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\provthrd.dll
[2010/02/19 19:12:35 | 000,214,528 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wbemcomn.dll
[2010/02/19 19:12:35 | 000,196,608 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wbemcntl.dll
[2010/02/19 19:12:35 | 000,177,152 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\repdrvfs.dll
[2010/02/19 19:12:35 | 000,131,584 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\viewprov.dll
[2010/02/19 19:12:35 | 000,086,528 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\stdprov.dll
[2010/02/19 19:12:35 | 000,071,680 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wbemcons.dll
[2010/02/19 19:12:35 | 000,036,864 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\scrcons.exe
[2010/02/19 19:12:34 | 000,247,808 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\esscli.dll
[2010/02/19 19:12:34 | 000,212,992 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\ntevt.dll
[2010/02/19 19:12:34 | 000,185,856 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\framedyn.dll
[2010/02/19 19:12:34 | 000,123,904 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\mofd.dll
[2010/02/19 19:12:34 | 000,047,104 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\ncprov.dll
[2010/02/19 19:12:34 | 000,024,576 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\krnlprov.dll
[2010/02/19 19:12:34 | 000,016,384 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\mofcomp.exe
[2010/02/19 19:12:33 | 001,352,192 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\cimwin32.dll
[2010/02/19 19:12:33 | 000,058,880 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\licwmi.dll
[2010/02/19 19:12:33 | 000,058,880 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\licwmi.dll
[2010/02/19 19:12:33 | 000,056,320 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\servdeps.dll
[2010/02/19 19:12:33 | 000,056,320 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\servdeps.dll
[2010/02/19 19:12:33 | 000,017,408 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\mmfutil.dll
[2010/02/19 19:12:33 | 000,017,408 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\mmfutil.dll
[2010/02/19 19:12:32 | 000,185,344 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\cmprops.dll
[2010/02/19 19:12:32 | 000,185,344 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\cmprops.dll
[2010/02/19 12:04:44 | 000,014,080 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\drivers\battc.sys
[2010/02/19 12:04:39 | 000,006,400 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\drivers\enum1394.sys
[2010/02/19 12:04:20 | 000,074,240 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\usbui.dll
[2010/02/19 12:04:20 | 000,074,240 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\usbui.dll
[2010/02/19 12:03:09 | 000,000,000 | -HSD | C] -- D:\WINDOWS\Installer
[2010/02/19 12:03:08 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\ODBC
[2010/02/19 12:03:06 | 000,077,824 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\spcommon.dll
[2010/02/19 12:03:06 | 000,061,440 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\spcplui.dll
[2010/02/19 12:03:05 | 000,774,144 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\spttseng.dll
[2010/02/19 12:03:04 | 000,741,376 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\sapi.dll
[2010/02/19 12:03:04 | 000,155,648 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\sapi.cpl
[2010/02/19 12:03:04 | 000,036,864 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\sapisvr.exe
[2010/02/19 12:03:04 | 000,000,000 | R--D | C] -- D:\Program Files
[2010/02/19 12:03:04 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\SpeechEngines
[2010/02/19 12:03:04 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\Microsoft Shared
[2010/02/19 12:03:04 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files
[2010/02/19 12:03:02 | 000,019,456 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\agt041f.dll
[2010/02/19 12:03:01 | 000,006,144 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdtuq.dll
[2010/02/19 12:03:01 | 000,006,144 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdtuf.dll
[2010/02/19 12:03:01 | 000,006,144 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdtuq.dll
[2010/02/19 12:03:01 | 000,006,144 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdtuf.dll
[2010/02/19 12:03:01 | 000,005,632 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdazel.dll
[2010/02/19 12:03:01 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdazel.dll
[2010/02/19 12:03:00 | 000,019,456 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\agt0419.dll
[2010/02/19 12:02:59 | 000,005,632 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdycc.dll
[2010/02/19 12:02:59 | 000,005,632 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbduzb.dll
[2010/02/19 12:02:59 | 000,005,632 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdur.dll
[2010/02/19 12:02:59 | 000,005,632 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdtat.dll
[2010/02/19 12:02:59 | 000,005,632 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdru1.dll
[2010/02/19 12:02:59 | 000,005,632 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdru.dll
[2010/02/19 12:02:59 | 000,005,632 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdmon.dll
[2010/02/19 12:02:59 | 000,005,632 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdkyr.dll
[2010/02/19 12:02:59 | 000,005,632 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdkaz.dll
[2010/02/19 12:02:59 | 000,005,632 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdbu.dll
[2010/02/19 12:02:59 | 000,005,632 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdblr.dll
[2010/02/19 12:02:59 | 000,005,632 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdaze.dll
[2010/02/19 12:02:59 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdycc.dll
[2010/02/19 12:02:59 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbduzb.dll
[2010/02/19 12:02:59 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdur.dll
[2010/02/19 12:02:59 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdtat.dll
[2010/02/19 12:02:59 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdru1.dll
[2010/02/19 12:02:59 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdru.dll
[2010/02/19 12:02:59 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdmon.dll
[2010/02/19 12:02:59 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdkyr.dll
[2010/02/19 12:02:59 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdkaz.dll
[2010/02/19 12:02:59 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdbu.dll
[2010/02/19 12:02:59 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdblr.dll
[2010/02/19 12:02:59 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdaze.dll
[2010/02/19 12:02:58 | 000,022,016 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\agt0408.dll
[2010/02/19 12:02:57 | 000,008,192 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdhept.dll
[2010/02/19 12:02:57 | 000,008,192 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdhept.dll
[2010/02/19 12:02:57 | 000,006,656 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdhela3.dll
[2010/02/19 12:02:57 | 000,006,656 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdhela3.dll
[2010/02/19 12:02:57 | 000,006,144 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdhela2.dll
[2010/02/19 12:02:57 | 000,006,144 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdgkl.dll
[2010/02/19 12:02:57 | 000,006,144 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdhela2.dll
[2010/02/19 12:02:57 | 000,006,144 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdgkl.dll
[2010/02/19 12:02:57 | 000,005,632 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdhe319.dll
[2010/02/19 12:02:57 | 000,005,632 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdhe220.dll
[2010/02/19 12:02:57 | 000,005,632 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdhe.dll
[2010/02/19 12:02:57 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdhe319.dll
[2010/02/19 12:02:57 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdhe220.dll
[2010/02/19 12:02:57 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdhe.dll
[2010/02/19 12:02:55 | 000,019,968 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\agt040e.dll
[2010/02/19 12:02:55 | 000,019,456 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\agt0415.dll
[2010/02/19 12:02:55 | 000,019,456 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\agt0405.dll
[2010/02/19 12:02:55 | 000,006,144 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdlv1.dll
[2010/02/19 12:02:55 | 000,006,144 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdlv.dll
[2010/02/19 12:02:55 | 000,006,144 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdest.dll
[2010/02/19 12:02:55 | 000,006,144 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdlv1.dll
[2010/02/19 12:02:55 | 000,006,144 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdlv.dll
[2010/02/19 12:02:55 | 000,006,144 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdest.dll
[2010/02/19 12:02:55 | 000,005,632 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdlt1.dll
[2010/02/19 12:02:55 | 000,005,632 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdlt.dll
[2010/02/19 12:02:55 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdlt1.dll
[2010/02/19 12:02:55 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdlt.dll
[2010/02/19 12:02:53 | 000,007,168 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdcz.dll
[2010/02/19 12:02:53 | 000,007,168 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdcz.dll
[2010/02/19 12:02:53 | 000,006,656 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdycl.dll
[2010/02/19 12:02:53 | 000,006,656 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdsl1.dll
[2010/02/19 12:02:53 | 000,006,656 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdsl.dll
[2010/02/19 12:02:53 | 000,006,656 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdpl.dll
[2010/02/19 12:02:53 | 000,006,656 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdhu.dll
[2010/02/19 12:02:53 | 000,006,656 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdcz2.dll
[2010/02/19 12:02:53 | 000,006,656 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdcz1.dll
[2010/02/19 12:02:53 | 000,006,656 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdcr.dll
[2010/02/19 12:02:53 | 000,006,656 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\KBDAL.DLL
[2010/02/19 12:02:53 | 000,006,656 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdycl.dll
[2010/02/19 12:02:53 | 000,006,656 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdsl1.dll
[2010/02/19 12:02:53 | 000,006,656 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdsl.dll
[2010/02/19 12:02:53 | 000,006,656 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdpl.dll
[2010/02/19 12:02:53 | 000,006,656 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdhu.dll
[2010/02/19 12:02:53 | 000,006,656 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdcz2.dll
[2010/02/19 12:02:53 | 000,006,656 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdcz1.dll
[2010/02/19 12:02:53 | 000,006,656 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdcr.dll
[2010/02/19 12:02:53 | 000,006,656 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdal.dll
[2010/02/19 12:02:53 | 000,005,632 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdro.dll
[2010/02/19 12:02:53 | 000,005,632 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdpl1.dll
[2010/02/19 12:02:53 | 000,005,632 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdhu1.dll
[2010/02/19 12:02:53 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdro.dll
[2010/02/19 12:02:53 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdpl1.dll
[2010/02/19 12:02:53 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdhu1.dll
[2010/02/19 12:02:50 | 000,176,157 | ---- | C] (Digi International, Inc.) -- D:\WINDOWS\System32\dllcache\dgrpsetu.dll
[2010/02/19 12:02:50 | 000,176,157 | ---- | C] (Digi International, Inc.) -- D:\WINDOWS\System32\dgrpsetu.dll
[2010/02/19 12:02:50 | 000,103,424 | ---- | C] (Equinox Systems Inc.) -- D:\WINDOWS\System32\EqnClass.Dll
[2010/02/19 12:02:50 | 000,103,424 | ---- | C] (Equinox Systems Inc.) -- D:\WINDOWS\System32\dllcache\eqnclass.dll
[2010/02/19 12:02:50 | 000,085,020 | ---- | C] (Digi International) -- D:\WINDOWS\System32\dllcache\dgsetup.dll
[2010/02/19 12:02:50 | 000,085,020 | ---- | C] (Digi International) -- D:\WINDOWS\System32\dgsetup.dll
[2010/02/19 12:02:50 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- D:\WINDOWS\System32\spxcoins.dll
[2010/02/19 12:02:50 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- D:\WINDOWS\System32\dllcache\spxcoins.dll
[2010/02/19 12:02:50 | 000,013,600 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System\WFWNET.DRV
[2010/02/19 12:02:50 | 000,013,312 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\irclass.dll
[2010/02/19 12:02:50 | 000,013,312 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\irclass.dll
[2010/02/19 12:02:50 | 000,009,008 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System\VER.DLL
[2010/02/19 12:02:50 | 000,002,176 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System\VGA.DRV
[2010/02/19 12:02:49 | 000,126,912 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System\MSVIDEO.DLL
[2010/02/19 12:02:49 | 000,082,944 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System\OLECLI.DLL
[2010/02/19 12:02:49 | 000,073,376 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System\MCIAVI.DRV
[2010/02/19 12:02:49 | 000,028,160 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System\MCIWAVE.DRV
[2010/02/19 12:02:49 | 000,025,264 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System\MCISEQ.DRV
[2010/02/19 12:02:49 | 000,024,064 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System\OLESVR.DLL
[2010/02/19 12:02:49 | 000,019,200 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System\TAPI.DLL
[2010/02/19 12:02:49 | 000,005,120 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System\SHELL.DLL
[2010/02/19 12:02:49 | 000,004,048 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System\TIMER.DRV
[2010/02/19 12:02:49 | 000,003,360 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System\SYSTEM.DRV
[2010/02/19 12:02:49 | 000,002,032 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System\MOUSE.DRV
[2010/02/19 12:02:49 | 000,001,744 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System\SOUND.DRV
[2010/02/19 12:02:49 | 000,001,152 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System\MMTASK.TSK
[2010/02/19 12:02:48 | 000,109,456 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System\AVIFILE.DLL
[2010/02/19 12:02:48 | 000,069,584 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System\AVICAP.DLL
[2010/02/19 12:02:48 | 000,032,816 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System\COMMDLG.DLL
[2010/02/19 12:02:48 | 000,015,360 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\TASKMAN.EXE
[2010/02/19 12:02:48 | 000,015,360 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\taskman.exe
[2010/02/19 12:02:48 | 000,009,936 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System\LZEXPAND.DLL
[2010/02/19 12:02:48 | 000,002,000 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System\KEYBOARD.DRV
[2010/02/19 12:02:47 | 000,146,432 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System\WINSPOOL.DRV
[2010/02/19 12:02:47 | 000,068,768 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System\MMSYSTEM.DLL
[2010/02/19 12:02:47 | 000,011,264 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\irenum.sys
[2010/02/19 12:02:47 | 000,008,704 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\batt.dll
[2010/02/19 12:02:47 | 000,008,704 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\batt.dll
[2010/02/19 12:02:44 | 000,074,752 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\storprop.dll
[2010/02/19 12:02:33 | 000,000,000 | R--D | C] -- D:\Documents and Settings\All Users\Start Menu
[2010/02/19 12:02:33 | 000,000,000 | R--D | C] -- D:\Documents and Settings\All Users\Documents
[2010/02/19 12:02:33 | 000,000,000 | -H-D | C] -- D:\Documents and Settings\All Users\Templates
[2010/02/19 12:02:33 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Favorites
[2010/02/19 12:02:33 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Desktop
[2010/02/19 12:02:19 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\CatRoot2
[2010/02/19 12:02:19 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\CatRoot
[2010/02/19 12:02:13 | 000,000,000 | --SD | C] -- D:\Documents and Settings\All Users\Application Data\Microsoft
[2010/02/19 12:02:13 | 000,000,000 | RH-D | C] -- D:\Documents and Settings\All Users\Application Data
[2010/02/19 12:01:23 | 000,000,000 | -HSD | C] -- D:\System Volume Information
[2010/02/19 12:01:23 | 000,000,000 | ---D | C] -- D:\Documents and Settings
[2010/02/19 11:50:57 | 000,000,000 | R-SD | C] -- D:\WINDOWS\Fonts
[2010/02/19 11:50:57 | 000,000,000 | RHSD | C] -- D:\WINDOWS\System32\dllcache
[2010/02/19 11:50:57 | 000,000,000 | R--D | C] -- D:\WINDOWS\Web
[2010/02/19 11:50:57 | 000,000,000 | -H-D | C] -- D:\WINDOWS\inf
[2010/02/19 11:50:57 | 000,000,000 | ---D | C] -- D:\WINDOWS\WinSxS
[2010/02/19 11:50:57 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\wins
[2010/02/19 11:50:57 | 000,000,000 | ---D | C] -- D:\WINDOWS
[2010/02/19 11:50:57 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\wbem
[2010/02/19 11:50:57 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\usmt
[2010/02/19 11:50:57 | 000,000,000 | ---D | C] -- D:\WINDOWS\twain_32
[2010/02/19 11:50:57 | 000,000,000 | ---D | C] -- D:\WINDOWS\system32
[2010/02/19 11:50:57 | 000,000,000 | ---D | C] -- D:\WINDOWS\system
[2010/02/19 11:50:57 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\spool
[2010/02/19 11:50:57 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\ShellExt
[2010/02/19 11:50:57 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\Setup
[2010/02/19 11:50:57 | 000,000,000 | ---D | C] -- D:\WINDOWS\security
[2010/02/19 11:50:57 | 000,000,000 | ---D | C] -- D:\WINDOWS\Resources
[2010/02/19 11:50:57 | 000,000,000 | ---D | C] -- D:\WINDOWS\repair
[2010/02/19 11:50:57 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\ras
[2010/02/19 11:50:57 | 000,000,000 | ---D | C] -- D:\WINDOWS\Provisioning
[2010/02/19 11:50:57 | 000,000,000 | ---D | C] -- D:\WINDOWS\PeerNet
[2010/02/19 11:50:57 | 000,000,000 | ---D | C] -- D:\WINDOWS\pchealth
[2010/02/19 11:50:57 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\oobe
[2010/02/19 11:50:57 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\npp
[2010/02/19 11:50:57 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\mui
[2010/02/19 11:50:57 | 000,000,000 | ---D | C] -- D:\WINDOWS\mui
[2010/02/19 11:50:57 | 000,000,000 | ---D | C] -- D:\WINDOWS\msapps
[2010/02/19 11:50:57 | 000,000,000 | ---D | C] -- D:\WINDOWS\msagent
[2010/02/19 11:50:57 | 000,000,000 | ---D | C] -- D:\WINDOWS\Media
[2010/02/19 11:50:57 | 000,000,000 | ---D | C] -- D:\WINDOWS\java
[2010/02/19 11:50:57 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\inetsrv
[2010/02/19 11:50:57 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\IME
[2010/02/19 11:50:57 | 000,000,000 | ---D | C] -- D:\WINDOWS\ime
[2010/02/19 11:50:57 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\icsxml
[2010/02/19 11:50:57 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\ias
[2010/02/19 11:50:57 | 000,000,000 | ---D | C] -- D:\WINDOWS\Help
[2010/02/19 11:50:57 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\export
[2010/02/19 11:50:57 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\drivers\etc
[2010/02/19 11:50:57 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\drivers
[2010/02/19 11:50:57 | 000,000,000 | ---D | C] -- D:\WINDOWS\Driver Cache
[2010/02/19 11:50:57 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\drivers\disdn
[2010/02/19 11:50:57 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\dhcp
[2010/02/19 11:50:57 | 000,000,000 | ---D | C] -- D:\WINDOWS\Debug
[2010/02/19 11:50:57 | 000,000,000 | ---D | C] -- D:\WINDOWS\Cursors
[2010/02/19 11:50:57 | 000,000,000 | ---D | C] -- D:\WINDOWS\Connection Wizard
[2010/02/19 11:50:57 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\config
[2010/02/19 11:50:57 | 000,000,000 | ---D | C] -- D:\WINDOWS\Config
[2010/02/19 11:50:57 | 000,000,000 | ---D | C] -- D:\WINDOWS\AppPatch
[2010/02/19 11:50:57 | 000,000,000 | ---D | C] -- D:\WINDOWS\addins
[2010/02/19 11:50:57 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\3com_dmi
[2010/02/19 11:50:57 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\3076
[2010/02/19 11:50:57 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\2052
[2010/02/19 11:50:57 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\1054
[2010/02/19 11:50:57 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\1042
[2010/02/19 11:50:57 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\1041
[2010/02/19 11:50:57 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\1037
[2010/02/19 11:50:57 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\1033
[2010/02/19 11:50:57 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\1031
[2010/02/19 11:50:57 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\1028
[2010/02/19 11:50:57 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\1025
[3 D:\WINDOWS\*.tmp files -> D:\WINDOWS\*.tmp -> ]
[1 D:\WINDOWS\System32\*.tmp files -> D:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/03/01 14:16:24 | 000,551,424 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\jeffro\Desktop\OTL.exe
[2010/03/01 14:12:10 | 000,000,006 | -H-- | M] () -- D:\WINDOWS\tasks\SA.DAT
[2010/03/01 14:12:06 | 000,002,048 | --S- | M] () -- D:\WINDOWS\bootstat.dat
[2010/03/01 14:09:00 | 001,835,008 | -H-- | M] () -- D:\Documents and Settings\jeffro\NTUSER.DAT
[2010/03/01 14:09:00 | 000,000,178 | -HS- | M] () -- D:\Documents and Settings\jeffro\ntuser.ini
[2010/03/01 14:08:53 | 002,689,144 | -H-- | M] () -- D:\Documents and Settings\jeffro\Local Settings\Application Data\IconCache.db
[2010/03/01 12:32:35 | 000,002,201 | ---- | M] () -- D:\Documents and Settings\jeffro\Desktop\BBSAK.lnk
[2010/03/01 08:16:20 | 000,000,227 | ---- | M] () -- D:\WINDOWS\system.ini
[2010/03/01 08:15:56 | 000,000,027 | ---- | M] () -- D:\WINDOWS\System32\drivers\etc\hosts
[2010/03/01 07:47:25 | 000,132,597 | ---- | M] () -- D:\Documents and Settings\jeffro\Desktop\Flash_Disinfector.exe
[2010/02/27 19:37:03 | 003,874,477 | R--- | M] () -- D:\Documents and Settings\jeffro\Desktop\ComboFix.exe
[2010/02/26 23:06:26 | 000,000,000 | ---- | M] () -- D:\Documents and Settings\jeffro\Desktop\settings.dat
[2010/02/26 22:15:53 | 000,549,888 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\jeffro\Desktop\rename.exe
[2010/02/26 21:35:18 | 000,053,240 | ---- | M] () -- D:\Documents and Settings\jeffro\My Documents\gfgf
[2010/02/26 20:59:09 | 000,464,491 | ---- | M] () -- D:\Documents and Settings\jeffro\Desktop\RootRepeal.zip
[2010/02/25 20:51:42 | 000,000,256 | ---- | M] () -- D:\WINDOWS\System32\pool.bin
[2010/02/25 20:48:49 | 000,002,443 | ---- | M] () -- D:\Documents and Settings\jeffro\Desktop\HiJackThis.lnk
[2010/02/25 20:10:06 | 000,000,253 | ---- | M] () -- D:\WINDOWS\cfplogvw.INI
[2010/02/25 19:31:32 | 000,013,646 | ---- | M] () -- D:\WINDOWS\System32\wpa.dbl
[2010/02/24 14:24:50 | 000,524,288 | ---- | M] () -- D:\Documents and Settings\jeffro\Desktop\dds.scr
[2010/02/20 19:52:00 | 000,000,780 | ---- | M] () -- D:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010/02/20 19:43:11 | 000,050,688 | ---- | M] (Atribune.org) -- D:\Documents and Settings\jeffro\Desktop\ATF-Cleaner.exe
[2010/02/20 19:22:06 | 000,749,312 | ---- | M] () -- D:\WINDOWS\System32\drivers\sfi.dat
[2010/02/20 19:00:01 | 000,293,376 | ---- | M] () -- D:\Documents and Settings\jeffro\Desktop\78137rp5.exe
[2010/02/20 18:40:13 | 000,000,000 | ---- | M] () -- D:\Documents and Settings\jeffro\defogger_reenable
[2010/02/20 18:39:48 | 000,050,477 | ---- | M] () -- D:\Documents and Settings\jeffro\Desktop\Defogger.exe
[2010/02/20 17:15:26 | 000,292,201 | ---- | M] () -- D:\Documents and Settings\jeffro\My Documents\Backup-(2010-02-20).ipd
[2010/02/20 15:52:56 | 000,090,296 | ---- | M] () -- D:\WINDOWS\System32\FNTCACHE.DAT
[2010/02/20 15:44:24 | 000,012,328 | ---- | M] () -- D:\Documents and Settings\jeffro\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/02/20 15:34:21 | 000,001,729 | ---- | M] () -- D:\Documents and Settings\jeffro\Desktop\Desktop Manager.lnk
[2010/02/20 15:29:06 | 000,412,116 | ---- | M] () -- D:\WINDOWS\System32\PerfStringBackup.INI
[2010/02/20 15:29:06 | 000,398,128 | ---- | M] () -- D:\WINDOWS\System32\perfh009.dat
[2010/02/20 15:29:06 | 000,060,182 | ---- | M] () -- D:\WINDOWS\System32\perfc009.dat
[2010/02/20 15:15:05 | 000,013,646 | ---- | M] () -- D:\WINDOWS\System32\wpa.bak
[2010/02/20 13:44:47 | 000,316,640 | ---- | M] () -- D:\WINDOWS\WMSysPr9.prx
[2010/02/20 12:24:43 | 022,103,392 | ---- | M] (Microsoft Corporation) -- D:\Documents and Settings\jeffro\Desktop\new.exe
[2010/02/20 10:43:17 | 000,343,040 | ---- | M] (lyricidal) -- D:\Documents and Settings\jeffro\Desktop\Shrink-A-OS.exe
[2010/02/20 10:30:20 | 000,000,808 | ---- | M] () -- D:\Documents and Settings\All Users\Desktop\COMODO Internet Security.lnk
[2010/02/20 10:29:16 | 000,171,552 | ---- | M] (COMODO) -- D:\WINDOWS\System32\guard32.dll
[2010/02/20 10:29:16 | 000,134,344 | ---- | M] (COMODO) -- D:\WINDOWS\System32\drivers\cmdguard.sys
[2010/02/20 10:29:16 | 000,087,104 | ---- | M] (COMODO) -- D:\WINDOWS\System32\drivers\inspect.sys
[2010/02/20 10:29:16 | 000,025,160 | ---- | M] (COMODO) -- D:\WINDOWS\System32\drivers\cmdhlp.sys
[2010/02/20 10:14:04 | 000,001,548 | ---- | M] () -- D:\Documents and Settings\jeffro\Desktop\CCleaner.lnk
[2010/02/19 20:07:04 | 000,017,119 | ---- | M] (Meetinghouse Data Communications) -- D:\WINDOWS\System32\drivers\AegisP.sys
[2010/02/19 20:03:31 | 000,000,077 | ---- | M] () -- D:\WINDOWS\EzButton.UNI
[2010/02/19 19:22:34 | 000,008,192 | ---- | M] () -- D:\WINDOWS\REGLOCS.OLD
[2010/02/19 19:21:04 | 000,000,261 | ---- | M] () -- D:\WINDOWS\System32\$winnt$.inf
[2010/02/19 19:17:59 | 000,002,577 | ---- | M] () -- D:\WINDOWS\System32\CONFIG.NT
[2010/02/19 19:17:59 | 000,000,477 | ---- | M] () -- D:\WINDOWS\win.ini
[2010/02/19 19:17:59 | 000,000,000 | ---- | M] () -- D:\WINDOWS\control.ini
[2010/02/19 19:17:49 | 000,023,392 | ---- | M] () -- D:\WINDOWS\System32\nscompat.tlb
[2010/02/19 19:17:49 | 000,016,832 | ---- | M] () -- D:\WINDOWS\System32\amcompat.tlb
[2010/02/19 19:17:35 | 000,004,161 | ---- | M] () -- D:\WINDOWS\ODBCINST.INI
[2010/02/19 19:16:34 | 000,000,488 | RH-- | M] () -- D:\WINDOWS\System32\WindowsLogon.manifest
[2010/02/19 19:16:34 | 000,000,488 | RH-- | M] () -- D:\WINDOWS\System32\logonui.exe.manifest
[2010/02/19 19:16:26 | 000,000,749 | RH-- | M] () -- D:\WINDOWS\System32\wuaucpl.cpl.manifest
[2010/02/19 19:16:26 | 000,000,749 | RH-- | M] () -- D:\WINDOWS\WindowsShell.Manifest
[2010/02/19 19:16:26 | 000,000,749 | RH-- | M] () -- D:\WINDOWS\System32\sapi.cpl.manifest
[2010/02/19 19:16:26 | 000,000,749 | RH-- | M] () -- D:\WINDOWS\System32\nwc.cpl.manifest
[2010/02/19 19:16:26 | 000,000,749 | RH-- | M] () -- D:\WINDOWS\System32\ncpa.cpl.manifest
[2010/02/19 19:16:26 | 000,000,749 | RH-- | M] () -- D:\WINDOWS\System32\cdplayer.exe.manifest
[2010/02/19 19:14:35 | 000,021,640 | ---- | M] () -- D:\WINDOWS\System32\emptyregdb.dat
[2010/02/19 19:14:18 | 000,000,037 | ---- | M] () -- D:\WINDOWS\vbaddin.ini
[2010/02/19 19:14:18 | 000,000,036 | ---- | M] () -- D:\WINDOWS\vb.ini
[3 D:\WINDOWS\*.tmp files -> D:\WINDOWS\*.tmp -> ]
[1 D:\WINDOWS\System32\*.tmp files -> D:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/03/01 14:08:40 | 000,111,104 | ---- | C] () -- D:\WINDOWS\System32\wuauclt.exe
[2010/03/01 07:47:25 | 000,132,597 | ---- | C] () -- D:\Documents and Settings\jeffro\Desktop\Flash_Disinfector.exe
[2010/02/27 19:39:11 | 000,261,632 | ---- | C] () -- D:\WINDOWS\PEV.exe
[2010/02/27 19:39:11 | 000,098,816 | ---- | C] () -- D:\WINDOWS\sed.exe
[2010/02/27 19:39:11 | 000,080,412 | ---- | C] () -- D:\WINDOWS\grep.exe
[2010/02/27 19:39:11 | 000,077,312 | ---- | C] () -- D:\WINDOWS\MBR.exe
[2010/02/27 19:39:11 | 000,068,096 | ---- | C] () -- D:\WINDOWS\zip.exe
[2010/02/27 19:37:03 | 003,874,477 | R--- | C] () -- D:\Documents and Settings\jeffro\Desktop\ComboFix.exe
[2010/02/26 23:06:26 | 000,000,000 | ---- | C] () -- D:\Documents and Settings\jeffro\Desktop\settings.dat
[2010/02/26 21:35:18 | 000,053,240 | ---- | C] () -- D:\Documents and Settings\jeffro\My Documents\gfgf
[2010/02/26 20:59:05 | 000,464,491 | ---- | C] () -- D:\Documents and Settings\jeffro\Desktop\RootRepeal.zip
[2010/02/25 20:03:28 | 000,000,253 | ---- | C] () -- D:\WINDOWS\cfplogvw.INI
[2010/02/24 14:24:50 | 000,524,288 | ---- | C] () -- D:\Documents and Settings\jeffro\Desktop\dds.scr
[2010/02/21 20:24:02 | 000,002,443 | ---- | C] () -- D:\Documents and Settings\jeffro\Desktop\HiJackThis.lnk
[2010/02/20 19:52:00 | 000,000,780 | ---- | C] () -- D:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010/02/20 19:00:01 | 000,293,376 | ---- | C] () -- D:\Documents and Settings\jeffro\Desktop\78137rp5.exe
[2010/02/20 18:40:13 | 000,000,000 | ---- | C] () -- D:\Documents and Settings\jeffro\defogger_reenable
[2010/02/20 18:39:48 | 000,050,477 | ---- | C] () -- D:\Documents and Settings\jeffro\Desktop\Defogger.exe
[2010/02/20 17:15:26 | 000,292,201 | ---- | C] () -- D:\Documents and Settings\jeffro\My Documents\Backup-(2010-02-20).ipd
[2010/02/20 15:46:29 | 000,000,256 | ---- | C] () -- D:\WINDOWS\System32\pool.bin
[2010/02/20 15:43:52 | 000,002,201 | ---- | C] () -- D:\Documents and Settings\jeffro\Desktop\BBSAK.lnk
[2010/02/20 15:34:21 | 000,001,729 | ---- | C] () -- D:\Documents and Settings\jeffro\Desktop\Desktop Manager.lnk
[2010/02/20 15:15:06 | 000,013,646 | ---- | C] () -- D:\WINDOWS\System32\wpa.bak
[2010/02/20 10:31:03 | 000,749,312 | ---- | C] () -- D:\WINDOWS\System32\drivers\sfi.dat
[2010/02/20 10:30:20 | 000,000,808 | ---- | C] () -- D:\Documents and Settings\All Users\Desktop\COMODO Internet Security.lnk
[2010/02/20 10:14:04 | 000,001,548 | ---- | C] () -- D:\Documents and Settings\jeffro\Desktop\CCleaner.lnk
[2010/02/19 20:05:56 | 000,000,013 | R--- | C] () -- D:\WINDOWS\System32\drivers\verfile.tic
[2010/02/19 20:03:31 | 000,000,077 | ---- | C] () -- D:\WINDOWS\EzButton.UNI
[2010/02/19 20:02:19 | 000,356,352 | R--- | C] () -- D:\WINDOWS\EMCRI.dll
[2010/02/19 19:52:36 | 000,000,164 | ---- | C] () -- D:\WINDOWS\avrack.ini
[2010/02/19 19:52:31 | 000,155,648 | ---- | C] () -- D:\WINDOWS\System32\RTLCPAPI.dll
[2010/02/19 19:52:25 | 000,141,016 | ---- | C] () -- D:\WINDOWS\System32\ALSNDMGR.WAV
[2010/02/19 19:52:14 | 000,001,048 | ---- | C] () -- D:\WINDOWS\System32\drivers\alcxinit.dat
[2010/02/19 19:52:14 | 000,000,192 | ---- | C] () -- D:\WINDOWS\System32\drivers\alcxhweq.dat
[2010/02/19 19:50:05 | 000,068,110 | R--- | C] () -- D:\WINDOWS\System32\igfxhhun.lhp
[2010/02/19 19:50:05 | 000,064,509 | R--- | C] () -- D:\WINDOWS\System32\igfxhtrk.lhp
[2010/02/19 19:50:05 | 000,063,265 | R--- | C] () -- D:\WINDOWS\System32\igfxhsve.lhp
[2010/02/19 19:50:05 | 000,062,804 | R--- | C] () -- D:\WINDOWS\System32\igfxhtha.lhp
[2010/02/19 19:50:05 | 000,062,453 | R--- | C] () -- D:\WINDOWS\System32\igfxhptg.lhp
[2010/02/19 19:50:05 | 000,061,826 | R--- | C] () -- D:\WINDOWS\System32\igfxhell.lhp
[2010/02/19 19:50:05 | 000,061,410 | R--- | C] () -- D:\WINDOWS\System32\igfxhrus.lhp
[2010/02/19 19:50:05 | 000,060,612 | R--- | C] () -- D:\WINDOWS\System32\igfxhcsy.lhp
[2010/02/19 19:50:04 | 000,066,112 | R--- | C] () -- D:\WINDOWS\System32\igfxhkor.lhp
[2010/02/19 19:50:04 | 000,063,210 | R--- | C] () -- D:\WINDOWS\System32\igfxhplk.lhp
[2010/02/19 19:50:04 | 000,062,769 | R--- | C] () -- D:\WINDOWS\System32\igfxhfrc.lhp
[2010/02/19 19:50:04 | 000,062,767 | R--- | C] () -- D:\WINDOWS\System32\igfxhfin.lhp
[2010/02/19 19:50:04 | 000,062,629 | R--- | C] () -- D:\WINDOWS\System32\igfxhjpn.lhp
[2010/02/19 19:50:04 | 000,062,451 | R--- | C] () -- D:\WINDOWS\System32\igfxhfra.lhp
[2010/02/19 19:50:04 | 000,062,336 | R--- | C] () -- D:\WINDOWS\System32\igfxhdeu.lhp
[2010/02/19 19:50:04 | 000,061,845 | R--- | C] () -- D:\WINDOWS\System32\igfxhptb.lhp
[2010/02/19 19:50:04 | 000,060,769 | R--- | C] () -- D:\WINDOWS\System32\igfxhesp.lhp
[2010/02/19 19:50:04 | 000,060,247 | R--- | C] () -- D:\WINDOWS\System32\igfxhdan.lhp
[2010/02/19 19:50:04 | 000,060,178 | R--- | C] () -- D:\WINDOWS\System32\igfxhnor.lhp
[2010/02/19 19:50:04 | 000,060,138 | R--- | C] () -- D:\WINDOWS\System32\igfxhnld.lhp
[2010/02/19 19:50:04 | 000,059,747 | R--- | C] () -- D:\WINDOWS\System32\igfxhita.lhp
[2010/02/19 19:50:04 | 000,059,471 | R--- | C] () -- D:\WINDOWS\System32\igfxhheb.lhp
[2010/02/19 19:50:04 | 000,059,390 | R--- | C] () -- D:\WINDOWS\System32\igfxhcht.lhp
[2010/02/19 19:50:04 | 000,059,200 | R--- | C] () -- D:\WINDOWS\System32\igfxharb.lhp
[2010/02/19 19:50:04 | 000,059,200 | R--- | C] () -- D:\WINDOWS\System32\igfxhara.lhp
[2010/02/19 19:50:04 | 000,058,563 | R--- | C] () -- D:\WINDOWS\System32\igfxhchs.lhp
[2010/02/19 19:50:04 | 000,058,384 | R--- | C] () -- D:\WINDOWS\System32\igfxheng.lhp
[2010/02/19 19:50:02 | 000,057,806 | R--- | C] () -- D:\WINDOWS\System32\igfxhenu.lhp
[2010/02/19 19:23:57 | 000,000,178 | -HS- | C] () -- D:\Documents and Settings\jeffro\ntuser.ini
[2010/02/19 19:23:55 | 001,835,008 | -H-- | C] () -- D:\Documents and Settings\jeffro\NTUSER.DAT
[2010/02/19 19:22:34 | 000,008,192 | ---- | C] () -- D:\WINDOWS\REGLOCS.OLD
[2010/02/19 19:21:04 | 000,002,048 | --S- | C] () -- D:\WINDOWS\bootstat.dat
[2010/02/19 19:20:55 | 000,028,288 | ---- | C] () -- D:\WINDOWS\System32\dllcache\xjis.nls
[2010/02/19 19:20:14 | 000,083,748 | ---- | C] () -- D:\WINDOWS\System32\dllcache\prcp.nls
[2010/02/19 19:20:14 | 000,083,748 | ---- | C] () -- D:\WINDOWS\System32\dllcache\prc.nls
[2010/02/19 19:20:12 | 000,175,104 | ---- | C] () -- D:\WINDOWS\System32\dllcache\pintlcsa.dll
[2010/02/19 19:19:46 | 001,158,818 | ---- | C] () -- D:\WINDOWS\System32\dllcache\korwbrkr.lex
[2010/02/19 19:19:46 | 000,047,066 | ---- | C] () -- D:\WINDOWS\System32\dllcache\ksc.nls
[2010/02/19 19:19:38 | 000,059,392 | ---- | C] () -- D:\WINDOWS\System32\dllcache\imscinst.exe
[2010/02/19 19:19:37 | 000,196,665 | ---- | C] () -- D:\WINDOWS\System32\dllcache\imjpinst.exe
[2010/02/19 19:19:35 | 000,134,339 | ---- | C] () -- D:\WINDOWS\System32\dllcache\imekr.lex
[2010/02/19 19:19:22 | 013,463,552 | ---- | C] () -- D:\WINDOWS\System32\dllcache\hwxjpn.dll
[2010/02/19 19:19:15 | 000,108,827 | ---- | C] () -- D:\WINDOWS\System32\dllcache\hanja.lex
[2010/02/19 19:19:10 | 000,094,208 | ---- | C] () -- D:\WINDOWS\System32\dllcache\fpencode.dll
[2010/02/19 19:18:55 | 000,173,568 | ---- | C] () -- D:\WINDOWS\System32\dllcache\chtskf.dll
[2010/02/19 19:18:50 | 000,066,594 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_864.nls
[2010/02/19 19:18:50 | 000,066,594 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_862.nls
[2010/02/19 19:18:50 | 000,066,594 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_858.nls
[2010/02/19 19:18:50 | 000,066,594 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_720.nls
[2010/02/19 19:18:50 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_870.nls
[2010/02/19 19:18:50 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_708.nls
[2010/02/19 19:18:49 | 000,180,770 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20932.nls
[2010/02/19 19:18:49 | 000,177,698 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20949.nls
[2010/02/19 19:18:49 | 000,173,602 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20936.nls
[2010/02/19 19:18:49 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_28596.nls
[2010/02/19 19:18:49 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_21027.nls
[2010/02/19 19:18:49 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_21025.nls
[2010/02/19 19:18:49 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20924.nls
[2010/02/19 19:18:49 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20880.nls
[2010/02/19 19:18:49 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20871.nls
[2010/02/19 19:18:48 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20838.nls
[2010/02/19 19:18:48 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20833.nls
[2010/02/19 19:18:48 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20424.nls
[2010/02/19 19:18:48 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20423.nls
[2010/02/19 19:18:48 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20420.nls
[2010/02/19 19:18:48 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20297.nls
[2010/02/19 19:18:48 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20290.nls
[2010/02/19 19:18:48 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20285.nls
[2010/02/19 19:18:48 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20284.nls
[2010/02/19 19:18:48 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20280.nls
[2010/02/19 19:18:48 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20278.nls
[2010/02/19 19:18:48 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20277.nls
[2010/02/19 19:18:48 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20273.nls
[2010/02/19 19:18:48 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20269.nls
[2010/02/19 19:18:47 | 000,187,938 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20005.nls
[2010/02/19 19:18:47 | 000,186,402 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20001.nls
[2010/02/19 19:18:47 | 000,185,378 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20003.nls
[2010/02/19 19:18:47 | 000,180,258 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20004.nls
[2010/02/19 19:18:47 | 000,173,602 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20002.nls
[2010/02/19 19:18:47 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20108.nls
[2010/02/19 19:18:47 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20107.nls
[2010/02/19 19:18:47 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20106.nls
[2010/02/19 19:18:47 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20105.nls
[2010/02/19 19:18:46 | 000,189,986 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_1361.nls
[2010/02/19 19:18:46 | 000,180,258 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20000.nls
[2010/02/19 19:18:46 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_1149.nls
[2010/02/19 19:18:46 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_1148.nls
[2010/02/19 19:18:46 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_1147.nls
[2010/02/19 19:18:46 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_1146.nls
[2010/02/19 19:18:46 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_1145.nls
[2010/02/19 19:18:46 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_1144.nls
[2010/02/19 19:18:46 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_1143.nls
[2010/02/19 19:18:46 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_1142.nls
[2010/02/19 19:18:45 | 000,195,618 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_10002.nls
[2010/02/19 19:18:45 | 000,177,698 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_10003.nls
[2010/02/19 19:18:45 | 000,173,602 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_10008.nls
[2010/02/19 19:18:45 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_1141.nls
[2010/02/19 19:18:45 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_1140.nls
[2010/02/19 19:18:45 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_1047.nls
[2010/02/19 19:18:45 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_10021.nls
[2010/02/19 19:18:45 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_10005.nls
[2010/02/19 19:18:45 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_10004.nls
[2010/02/19 19:18:44 | 000,162,850 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_10001.nls
[2010/02/19 19:18:44 | 000,082,172 | ---- | C] () -- D:\WINDOWS\System32\dllcache\bopomofo.nls
[2010/02/19 19:18:44 | 000,066,728 | ---- | C] () -- D:\WINDOWS\System32\dllcache\big5.nls
[2010/02/19 19:17:59 | 000,002,577 | ---- | C] () -- D:\WINDOWS\System32\CONFIG.NT
[2010/02/19 19:17:49 | 000,023,392 | ---- | C] () -- D:\WINDOWS\System32\nscompat.tlb
[2010/02/19 19:17:49 | 000,016,832 | ---- | C] () -- D:\WINDOWS\System32\amcompat.tlb
[2010/02/19 19:17:47 | 000,316,640 | ---- | C] () -- D:\WINDOWS\WMSysPr9.prx
[2010/02/19 19:16:34 | 000,000,488 | RH-- | C] () -- D:\WINDOWS\System32\WindowsLogon.manifest
[2010/02/19 19:16:34 | 000,000,488 | RH-- | C] () -- D:\WINDOWS\System32\logonui.exe.manifest
[2010/02/19 19:16:26 | 000,000,749 | RH-- | C] () -- D:\WINDOWS\System32\wuaucpl.cpl.manifest
[2010/02/19 19:16:26 | 000,000,749 | RH-- | C] () -- D:\WINDOWS\WindowsShell.Manifest
[2010/02/19 19:16:26 | 000,000,749 | RH-- | C] () -- D:\WINDOWS\System32\sapi.cpl.manifest
[2010/02/19 19:16:26 | 000,000,749 | RH-- | C] () -- D:\WINDOWS\System32\nwc.cpl.manifest
[2010/02/19 19:16:26 | 000,000,749 | RH-- | C] () -- D:\WINDOWS\System32\ncpa.cpl.manifest
[2010/02/19 19:16:26 | 000,000,749 | RH-- | C] () -- D:\WINDOWS\System32\cdplayer.exe.manifest
[2010/02/19 19:16:01 | 004,399,505 | ---- | C] () -- D:\WINDOWS\System32\dllcache\nls302en.lex
[2010/02/19 19:15:30 | 000,048,680 | -HS- | C] () -- D:\WINDOWS\winnt256.bmp
[2010/02/19 19:15:30 | 000,048,680 | -HS- | C] () -- D:\WINDOWS\winnt.bmp
[2010/02/19 19:15:24 | 000,000,984 | ---- | C] () -- D:\WINDOWS\System32\dllcache\srframe.mmf
[2010/02/19 19:15:10 | 000,004,639 | ---- | C] () -- D:\WINDOWS\System32\dllcache\mplayer2.exe
[2010/02/19 19:14:57 | 000,376,320 | ---- | C] () -- D:\WINDOWS\System32\dllcache\msinfo.dll
[2010/02/19 19:14:35 | 000,021,640 | ---- | C] () -- D:\WINDOWS\System32\emptyregdb.dat
[2010/02/19 19:13:13 | 000,065,832 | ---- | C] () -- D:\WINDOWS\Santa Fe Stucco.bmp
[2010/02/19 19:13:13 | 000,026,680 | ---- | C] () -- D:\WINDOWS\River Sumida.bmp
[2010/02/19 19:13:13 | 000,017,362 | ---- | C] () -- D:\WINDOWS\Rhododendron.bmp
[2010/02/19 19:13:13 | 000,009,522 | ---- | C] () -- D:\WINDOWS\Zapotec.bmp
[2010/02/19 19:13:12 | 000,093,702 | ---- | C] () -- D:\WINDOWS\System32\subrange.uce
[2010/02/19 19:13:12 | 000,065,978 | ---- | C] () -- D:\WINDOWS\Soap Bubbles.bmp
[2010/02/19 19:13:12 | 000,065,954 | ---- | C] () -- D:\WINDOWS\Prairie Wind.bmp
[2010/02/19 19:13:12 | 000,026,582 | ---- | C] () -- D:\WINDOWS\Greenstone.bmp
[2010/02/19 19:13:12 | 000,017,336 | ---- | C] () -- D:\WINDOWS\Gone Fishing.bmp
[2010/02/19 19:13:12 | 000,017,062 | ---- | C] () -- D:\WINDOWS\Coffee Bean.bmp
[2010/02/19 19:13:12 | 000,016,730 | ---- | C] () -- D:\WINDOWS\FeatherTexture.bmp
[2010/02/19 19:13:12 | 000,001,272 | ---- | C] () -- D:\WINDOWS\Blue Lace 16.bmp
[2010/02/19 19:13:11 | 000,060,458 | ---- | C] () -- D:\WINDOWS\System32\ideograf.uce
[2010/02/19 19:13:11 | 000,024,006 | ---- | C] () -- D:\WINDOWS\System32\gb2312.uce
[2010/02/19 19:13:11 | 000,022,984 | ---- | C] () -- D:\WINDOWS\System32\bopomofo.uce
[2010/02/19 19:13:11 | 000,016,740 | ---- | C] () -- D:\WINDOWS\System32\shiftjis.uce
[2010/02/19 19:13:11 | 000,012,876 | ---- | C] () -- D:\WINDOWS\System32\korean.uce
[2010/02/19 19:13:11 | 000,008,484 | ---- | C] () -- D:\WINDOWS\System32\kanji_2.uce
[2010/02/19 19:13:11 | 000,006,948 | ---- | C] () -- D:\WINDOWS\System32\kanji_1.uce
[2010/02/19 19:13:09 | 000,003,286 | ---- | C] () -- D:\WINDOWS\System32\tslabels.h
[2010/02/19 19:13:09 | 000,001,161 | ---- | C] () -- D:\WINDOWS\System32\usrlogon.cmd
[2010/02/19 19:13:08 | 000,000,768 | ---- | C] () -- D:\WINDOWS\System32\msdtcprf.h
[2010/02/19 19:13:02 | 000,063,488 | ---- | C] () -- D:\WINDOWS\System32\wmimgmt.msc
[2010/02/19 12:03:05 | 001,685,606 | ---- | C] () -- D:\WINDOWS\System32\dllcache\sam.spd
[2010/02/19 12:03:05 | 000,605,050 | ---- | C] () -- D:\WINDOWS\System32\dllcache\r1033tts.lxa
[2010/02/19 12:03:05 | 000,000,888 | ---- | C] () -- D:\WINDOWS\System32\dllcache\sam.sdf
[2010/02/19 12:03:04 | 000,643,717 | ---- | C] () -- D:\WINDOWS\System32\dllcache\ltts1033.lxa
[2010/02/19 12:03:02 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_28603.nls
[2010/02/19 12:03:02 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\c_28603.nls
[2010/02/19 12:03:01 | 000,066,594 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_857.nls
[2010/02/19 12:03:01 | 000,066,594 | ---- | C] () -- D:\WINDOWS\System32\c_857.nls
[2010/02/19 12:03:01 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_28599.nls
[2010/02/19 12:03:01 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\c_28599.nls
[2010/02/19 12:03:01 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_10081.nls
[2010/02/19 12:03:01 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\c_10081.nls
[2010/02/19 12:02:58 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_28595.nls
[2010/02/19 12:02:58 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\C_28595.NLS
[2010/02/19 12:02:58 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_10017.nls
[2010/02/19 12:02:58 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\c_10017.nls
[2010/02/19 12:02:58 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_10007.nls
[2010/02/19 12:02:58 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\c_10007.nls
[2010/02/19 12:02:56 | 000,066,594 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_869.nls
[2010/02/19 12:02:56 | 000,066,594 | ---- | C] () -- D:\WINDOWS\System32\c_869.nls
[2010/02/19 12:02:56 | 000,066,594 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_737.nls
[2010/02/19 12:02:56 | 000,066,594 | ---- | C] () -- D:\WINDOWS\System32\c_737.nls
[2010/02/19 12:02:56 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_875.nls
[2010/02/19 12:02:56 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\c_875.nls
[2010/02/19 12:02:56 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_28597.nls
[2010/02/19 12:02:56 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\C_28597.NLS
[2010/02/19 12:02:56 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_10006.nls
[2010/02/19 12:02:56 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\c_10006.nls
[2010/02/19 12:02:55 | 000,066,594 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_866.nls
[2010/02/19 12:02:55 | 000,066,594 | ---- | C] () -- D:\WINDOWS\System32\c_866.nls
[2010/02/19 12:02:55 | 000,066,594 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_855.nls
[2010/02/19 12:02:55 | 000,066,594 | ---- | C] () -- D:\WINDOWS\System32\c_855.nls
[2010/02/19 12:02:55 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_28594.nls
[2010/02/19 12:02:55 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\C_28594.NLS
[2010/02/19 12:02:53 | 000,066,594 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_852.nls
[2010/02/19 12:02:53 | 000,066,594 | ---- | C] () -- D:\WINDOWS\System32\c_852.nls
[2010/02/19 12:02:53 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_10082.nls
[2010/02/19 12:02:53 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\c_10082.nls
[2010/02/19 12:02:53 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_10029.nls
[2010/02/19 12:02:53 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\c_10029.nls
[2010/02/19 12:02:53 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_10010.nls
[2010/02/19 12:02:53 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\c_10010.nls
[2010/02/19 12:02:51 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20127.nls
[2010/02/19 12:02:51 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\c_20127.nls
[2010/02/19 12:02:48 | 000,001,688 | ---- | C] () -- D:\WINDOWS\System32\AUTOEXEC.NT
[2010/02/19 12:02:33 | 000,168,806 | ---- | C] () -- D:\WINDOWS\System32\dllcache\startoc.cat
[2010/02/19 12:02:33 | 000,024,209 | ---- | C] () -- D:\WINDOWS\System32\dllcache\msn7.cat
[2010/02/19 12:02:33 | 000,011,651 | ---- | C] () -- D:\WINDOWS\System32\dllcache\msn9.cat
[2010/02/19 12:02:33 | 000,008,574 | ---- | C] () -- D:\WINDOWS\System32\dllcache\IASNT4.CAT
[2010/02/19 12:02:33 | 000,007,382 | ---- | C] () -- D:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2010/02/19 12:02:33 | 000,007,245 | ---- | C] () -- D:\WINDOWS\System32\dllcache\MSTSWEB.CAT
[2010/02/19 12:02:32 | 002,012,670 | ---- | C] () -- D:\WINDOWS\System32\dllcache\NT5.CAT
[2010/02/19 12:02:32 | 001,042,903 | ---- | C] () -- D:\WINDOWS\System32\dllcache\SP2.CAT
[2010/02/19 12:02:32 | 000,797,189 | ---- | C] () -- D:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2010/02/19 12:02:32 | 000,399,645 | ---- | C] () -- D:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2010/02/19 12:02:32 | 000,382,952 | ---- | C] () -- D:\WINDOWS\System32\dllcache\NT5INF.CAT
[2010/02/19 12:02:32 | 000,037,484 | ---- | C] () -- D:\WINDOWS\System32\dllcache\MW770.CAT
[2010/02/19 12:02:32 | 000,031,281 | ---- | C] () -- D:\WINDOWS\System32\dllcache\FP4.CAT
[2010/02/19 12:02:32 | 000,013,753 | ---- | C] () -- D:\WINDOWS\System32\dllcache\IMS.CAT
[2010/02/19 12:02:32 | 000,013,472 | ---- | C] () -- D:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2010/02/19 12:02:32 | 000,009,581 | ---- | C] () -- D:\WINDOWS\System32\dllcache\MSMSGS.CAT
[2010/02/19 12:02:32 | 000,007,334 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmerrenu.cat
[2010/02/19 12:01:22 | 000,090,296 | ---- | C] () -- D:\WINDOWS\System32\FNTCACHE.DAT
[2010/02/19 11:57:54 | 000,000,261 | ---- | C] () -- D:\WINDOWS\System32\$winnt$.inf
[2004/08/12 08:44:10 | 000,016,384 | ---- | C] () -- D:\WINDOWS\System32\iwca.dll
[2004/08/04 05:00:00 | 000,081,920 | ---- | C] () -- D:\WINDOWS\System32\ieencode.dll
[2004/08/04 05:00:00 | 000,027,440 | ---- | C] () -- D:\WINDOWS\System32\drivers\secdrv.sys

========== Custom Scans ==========


< %systemroot%\system32\*.dll /lockedfiles >
[1 D:\WINDOWS\system32\*.tmp files -> D:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %SYSTEMDRIVE%\*.exe >


< MD5 for: AGP440.SYS >
[2004/08/04 05:00:00 | 018,738,937 | ---- | M] () .cab file -- D:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys

< MD5 for: ATAPI.SYS >
[2004/08/04 05:00:00 | 018,738,937 | ---- | M] () .cab file -- D:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2004/08/03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- D:\WINDOWS\ERDNT\cache\atapi.sys
[2004/08/03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- D:\WINDOWS\system32\dllcache\atapi.sys
[2004/08/03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- D:\WINDOWS\system32\drivers\atapi.sys
[2004/08/03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- D:\WINDOWS\system32\ReinstallBackups\0008\DriverFiles\i386\atapi.sys

< MD5 for: EVENTLOG.DLL >
[2004/08/04 05:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- D:\WINDOWS\ERDNT\cache\eventlog.dll
[2004/08/04 05:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- D:\WINDOWS\system32\dllcache\eventlog.dll
[2004/08/04 05:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- D:\WINDOWS\system32\eventlog.dll

< MD5 for: NETLOGON.DLL >
[2004/08/04 05:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- D:\WINDOWS\ERDNT\cache\netlogon.dll
[2004/08/04 05:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- D:\WINDOWS\system32\dllcache\netlogon.dll
[2004/08/04 05:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- D:\WINDOWS\system32\netlogon.dll

< MD5 for: PROQUOTA.EXE >
[2004/08/04 05:00:00 | 000,050,176 | ---- | M] (Microsoft Corporation) MD5=4D9D45A4370E0C2AD00C362B7118E2A4 -- D:\WINDOWS\system32\dllcache\proquota.exe
[2004/08/04 05:00:00 | 000,050,176 | ---- | M] (Microsoft Corporation) MD5=4D9D45A4370E0C2AD00C362B7118E2A4 -- D:\WINDOWS\system32\proquota.exe

< MD5 for: SCECLI.DLL >
[2004/08/04 05:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- D:\WINDOWS\ERDNT\cache\scecli.dll
[2004/08/04 05:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- D:\WINDOWS\system32\dllcache\scecli.dll
[2004/08/04 05:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- D:\WINDOWS\system32\scecli.dll

< MD5 for: WUAUCLT.EXE >
[2004/08/04 05:00:00 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=4126D27CECE4471E00E425411F7306B5 -- D:\WINDOWS\system32\dllcache\wuauclt.exe
[2004/08/04 05:00:00 | 000,111,104 | ---- | M] () Unable to obtain MD5 -- D:\WINDOWS\system32\wuauclt.exe
< End of report >


OTL Extras logfile created on: 3/1/2010 2:17:25 PM - Run 1
OTL by OldTimer - Version 3.1.32.0 Folder = D:\Documents and Settings\jeffro\Desktop
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

503.00 Mb Total Physical Memory | 266.00 Mb Available Physical Memory | 53.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 77.00% Paging File free
Paging file location(s): D:\pagefile.sys 756 1512 [binary data]

%SystemDrive% = D: | %SystemRoot% = D:\WINDOWS | %ProgramFiles% = D:\Program Files
Drive C: | 29.29 Gb Total Space | 29.22 Gb Free Space | 99.75% Space Free | Partition Type: NTFS
Drive D: | 26.59 Gb Total Space | 23.24 Gb Free Space | 87.40% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: JEFF
Current User Name: jeffro
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A}" = HiJackThis
"{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}" = mLogView
"{205A5182-EFC8-4C25-B61D-C164F8FF4048}" = BlackBerry Desktop Software 5.0.1
"{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe
"{28DA872A-0848-48CF-B749-19A198157A2A}" = mDriver
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3E9D596A-61D4-4239-BD19-2DB984D2A16F}" = mIWA
"{6DE14BE4-6F04-4935-8ABD-A0A19FE2E55A}" = mCore
"{6FFFE74E-3FBD-4E2E-97F9-5E9A2A077626}" = mIWCA
"{78CF14B6-D4C1-4262-B00E-717032851A4C}" = BlackBerry Device Software v5.0.0 for the BlackBerry 8330 smartphone
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Graphics Media Accelerator Driver for Mobile
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr
"{8C6BB412-D3A8-4AAE-A01B-35B681789D68}" = mHelp
"{90B0D222-8C21-4B35-9262-53B042F18AF9}" = mPfWiz
"{94658027-9F16-4509-BBD7-A59FE57C3023}" = mZConfig
"{94FB906A-CF42-4128-A509-D353026A607E}" = REALTEK Gigabit and Fast Ethernet NIC Driver
"{9CC89556-3578-48DD-8408-04E66EBEF401}" = mXML
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver
"{B502B428-3386-40A9-98DB-079AAB72E64F}" = mEoU.msi
"{B508B3F1-A24A-32C0-B310-85786919EF28}" = Microsoft .NET Framework 2.0 Service Pack 1
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{E8289E29-F9E1-4F3F-B50E-461529A6DCA7}" = BBSAK
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse
"{F6090A17-0967-4A8A-B3C3-422A1B514D49}" = mDrWiFi
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe
"Agere Systems Soft Modem" = Agere Systems AC'97 Modem
"BlackBerry_{205A5182-EFC8-4C25-B61D-C164F8FF4048}" = BlackBerry Desktop Software 5.0.1
"CCleaner" = CCleaner
"COMODO Internet Security" = COMODO Internet Security
"EzButton" = Easy Button
"ProInst" = Intel® PROSet/Wireless Software
"Windows Media Format Runtime" = Windows Media Format Runtime
"WinRAR archiver" = WinRAR archiver

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 2/27/2010 12:11:31 AM | Computer Name = JEFF | Source = Application Hang | ID = 1002
Description = Hanging application OTL.exe, version 3.1.30.3, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 2/27/2010 12:11:34 AM | Computer Name = JEFF | Source = Application Hang | ID = 1002
Description = Hanging application OTL.exe, version 3.1.30.3, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 2/27/2010 12:31:49 AM | Computer Name = JEFF | Source = Application Hang | ID = 1002
Description = Hanging application OTL.exe, version 3.1.30.3, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 2/27/2010 12:40:09 AM | Computer Name = JEFF | Source = Application Hang | ID = 1002
Description = Hanging application OTL.exe, version 3.1.30.3, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 2/27/2010 12:40:40 AM | Computer Name = JEFF | Source = Application Hang | ID = 1002
Description = Hanging application OTL.exe, version 3.1.30.3, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 2/27/2010 12:40:42 AM | Computer Name = JEFF | Source = Application Hang | ID = 1002
Description = Hanging application OTL.exe, version 3.1.30.3, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 2/27/2010 1:01:51 AM | Computer Name = JEFF | Source = Application Hang | ID = 1002
Description = Hanging application OTL.exe, version 3.1.30.3, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 2/27/2010 1:19:57 AM | Computer Name = JEFF | Source = Application Hang | ID = 1002
Description = Hanging application rename.exe, version 3.1.30.3, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 2/27/2010 2:04:37 AM | Computer Name = JEFF | Source = Application Hang | ID = 1002
Description = Hanging application rename.exe, version 3.1.30.3, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 3/1/2010 3:31:10 PM | Computer Name = JEFF | Source = .NET Runtime 2.0 Error Reporting | ID = 5000
Description = EventType clr20r3, P1 bbsak.exe, P2 1.7.0.0, P3 4ae48a0d, P4 microsoft.visualbasic,
P5 8.0.0.0, P6 471ee7ea, P7 5e, P8 29b, P9 34ssps20bdj3nj0wmit5kamzhvglfzcc, P10
NIL.

[ System Events ]
Error - 3/1/2010 12:47:29 AM | Computer Name = JEFF | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 3/1/2010 12:48:12 AM | Computer Name = JEFF | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
cmdGuard Fips intelppm SASDIFSV SASKUTIL

Error - 3/1/2010 12:51:17 AM | Computer Name = JEFF | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 3/1/2010 10:22:42 AM | Computer Name = JEFF | Source = Service Control Manager | ID = 7023
Description = The Automatic Updates service terminated with the following error:
%%126

Error - 3/1/2010 10:44:53 AM | Computer Name = JEFF | Source = Dhcp | ID = 1001
Description = Your computer was not assigned an address from the network (by the
DHCP Server) for the Network Card with network address 0012F0A42982. The following
error occurred: %%1223. Your computer will continue to try and obtain an address
on its own from the network address (DHCP) server.

Error - 3/1/2010 11:15:48 AM | Computer Name = JEFF | Source = Service Control Manager | ID = 7023
Description = The Automatic Updates service terminated with the following error:
%%126

Error - 3/1/2010 3:29:13 PM | Computer Name = JEFF | Source = Service Control Manager | ID = 7023
Description = The Automatic Updates service terminated with the following error:
%%126

Error - 3/1/2010 3:47:57 PM | Computer Name = JEFF | Source = Service Control Manager | ID = 7023
Description = The Automatic Updates service terminated with the following error:
%%126

Error - 3/1/2010 4:54:47 PM | Computer Name = JEFF | Source = Service Control Manager | ID = 7023
Description = The Automatic Updates service terminated with the following error:
%%126

Error - 3/1/2010 5:12:15 PM | Computer Name = JEFF | Source = Service Control Manager | ID = 7023
Description = The Automatic Updates service terminated with the following error:
%%126


< End of report >


#12 syler

syler

  • Malware Response Team
  • 8,150 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Warrington, UK
  • Local time:11:10 AM

Posted 01 March 2010 - 05:27 PM

  1. Please download GMER from one of the following locations, and save it to your desktop:
    • Main Mirror
      This version will download a randomly named file (Recommended)
    • Zip Mirror
      This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.
  2. Disconnect from the Internet and close all running programs, as this process may crash your computer.
  3. Temporarily disable any real-time active protection so your security program drivers will not conflict with gmer's driver.
  4. Double click on Gmer to run it.
  5. Allow the gmer.sys driver to load if asked.
  6. You may see a rootkit warning window, If you do, click No.
  7. Untick the following boxes on the right side of the Gmer screen.
    Show All
  8. Click on and wait for the scan to finish.
  9. If you see a rootkit warning window, click OK.
  10. Push and save the logfile to your desktop.
  11. Copy and Paste the contents of that file in your next post.




Please click this link-->Virustotal
When the Virustotal page has finished loading, click the Browse button and navigate to the following file and click Submit.

D:\WINDOWS\system32\wuauclt.exe

Please post back with the link to the scan results, in your next post.
If Virustotal is busy, try the same at Jotti: http://virusscan.jotti.org/

unite.jpg


#13 Jeff.T.G.

Jeff.T.G.
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:04:10 AM

Posted 01 March 2010 - 06:47 PM

Syler,

Both linked sites said that the file was empty-o bytes.

I had to attach the Gmer log because it was too long.

Thanks again,

Jeff.t.g.

Attached Files



#14 syler

syler

  • Malware Response Team
  • 8,150 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Warrington, UK
  • Local time:11:10 AM

Posted 03 March 2010 - 09:27 AM

It appears the file still need replacing, if everything went correctly with the recovery console then this should not be the
case. when you choose the installation to log onto in the recovery console did you definitely choose the installation on
your D drive?

unite.jpg


#15 Jeff.T.G.

Jeff.T.G.
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:04:10 AM

Posted 03 March 2010 - 09:49 AM

Syler,

I am fairly certain I did choose the D:\ drive. I did notice that there is a new file wuauclt.exe at the root of C. I also wanted to let you know that system restore started itself again as did the virtual serial port for my blackberry. I disabled them both and will await our instruction on whether I should renenable them. I will also follow the previous instructions again and post back in a few minutes.

Jeff.t.g.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users