Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I might be getting hijacked again


  • This topic is locked This topic is locked
10 replies to this topic

#1 Where?Wolf

Where?Wolf

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:58 PM

Posted 12 March 2010 - 10:30 PM

Whenever someone is trying to hijack me two things could happen.
One thing is the microsoft windows update could apear onscreen only to do nothing and not update a thing with 0% download
and 0% installing.
The other thing that could happen is my nvidia anti hacker firewall could say an aplication has been changed through the firewall if I choose accept I things get ugly everthing gets mucked up big time.
I could get a blue screen of doom if that happens.
This is my hijack this log.
Could somebody take a look at this log and tell me if something looks unusual.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:22:58 PM, on 3/12/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\Webroot\WebrootSecurity\WRConsumerService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Advanced System Optimizer 3\ASO3DefragSrv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
C:\PROGRA~1\SPEEDB~2\VideoAcceleratorService.exe
C:\Program Files\Webroot\WebrootSecurity\SpySweeper.exe
C:\PROGRA~1\SPEEDB~2\VideoAcceleratorEngine.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe
C:\Program Files\BitDefender\BitDefender 2010\bdagent.exe
C:\WINDOWS\CTHELPER.EXE
C:\WINDOWS\system32\CTXFIHLP.EXE
C:\WINDOWS\SYSTEM32\CTXFISPI.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Advanced System Optimizer 3\SystemProtector.exe
C:\Program Files\Webroot\WebrootSecurity\SpySweeperUI.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\program files\advanced system optimizer 3\memoryoptimizer.exe
C:\Program Files\DAP\DAP.EXE
C:\Program Files\SpeedBit Video Accelerator\VideoAccelerator.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\BitDefender\BitDefender 2010\seccenter.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: SBCONVERT - {31B27F2D-6BC6-451B-B3D2-4EAB36B2FC3B} - C:\Program Files\SpeedBit Video Downloader\Toolbar\tbcore3.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: DAPIELoader Class - {FF6C3CF0-4B15-11D1-ABED-709549C10000} - C:\PROGRA~1\DAP\DAPIEL~1.DLL
O2 - BHO: GrabberObj Class - {FF7C3CF0-4B15-11D1-ABED-709549C10000} - C:\PROGRA~1\SPEEDB~1\Toolbar\grabber.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2010\IEToolbar.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: SpeedBit Video Downloader - {0329E7D6-6F54-462D-93F6-F5C3118BADF2} - C:\Program Files\SpeedBit Video Downloader\Toolbar\tbcore3.dll
O4 - HKLM\..\Run: [RTHDCPL] "RTHDCPL.EXE"
O4 - HKLM\..\Run: [SkyTel] "SkyTel.EXE"
O4 - HKLM\..\Run: [AsusStartupHelp] "C:\Program Files\ASUS\AASP\1.00.17\AsRunHelp.exe"
O4 - HKLM\..\Run: [nTrayFw] "C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe"
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2010\bdagent.exe"
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2010\IEShow.exe"
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [NvMediaCenter] "RUNDLL32.EXE" C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Speedfan Startup] "C:\Documents and Settings\OrlandoBoom\Desktop\SpeedFan"
O4 - HKLM\..\Run: [CTHelper] "CTHELPER.EXE"
O4 - HKLM\..\Run: [CTxfiHlp] "CTXFIHLP.EXE"
O4 - HKLM\..\Run: [UpdReg] "C:\WINDOWS\UpdReg.EXE"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [SystemProtector] "C:\Program Files\Advanced System Optimizer 3\SystemProtector.exe" /autorun
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\WebrootSecurity\SpySweeperUI.exe" /startintray
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [ctfmon.exe] "C:\WINDOWS\system32\ctfmon.exe"
O4 - HKCU\..\Run: [Systweak Memory Optimizer] "c:\program files\advanced system optimizer 3\memoryoptimizer.exe" -startup
O4 - HKCU\..\Run: [DownloadAccelerator] "C:\Program Files\DAP\DAP.EXE" /STARTUP
O4 - HKCU\..\Run: [SpeedBitVideoAccelerator] "C:\Program Files\SpeedBit Video Accelerator\VideoAccelerator.exe"
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [PeerGuardian] "C:\Program Files\PeerGuardian2\pg2.exe"
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\progra~1\speedb~2\sblsp.dll
O10 - Unknown file in Winsock LSP: c:\progra~1\speedb~2\sblsp.dll
O10 - Unknown file in Winsock LSP: c:\progra~1\speedb~2\sblsp.dll
O16 - DPF: {140E4DF8-9E14-4A34-9577-C77561ED7883} (SysInfo Class) - http://content.systemrequirementslab.com.s...ri_4.1.71.0.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O23 - Service: BitDefender Arrakis Server (Arrakis3) - BitDefender S.R.L. http://www.bitdefender.com - C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe
O23 - Service: ASO3DiskOptimizer - Systweak Inc. - C:\Program Files\Advanced System Optimizer 3\ASO3DefragSrv.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender S.R.L. - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: VideoAcceleratorService - Speedbit Ltd. - C:\PROGRA~1\SPEEDB~2\VideoAcceleratorService.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. (www.webroot.com) - C:\Program Files\Webroot\WebrootSecurity\SpySweeper.exe
O23 - Service: Webroot Client Service (WRConsumerService) - Webroot Software, Inc. - C:\Program Files\Webroot\WebrootSecurity\WRConsumerService.exe

--
End of file - 10029 bytes



BC AdBot (Login to Remove)

 


#2 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,207 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:05:58 AM

Posted 14 March 2010 - 01:41 PM

Hello ,
And welcome.gif to the Bleeping Computer Malware Removal Forum
. My name is Elise and I'll be glad to help you with your computer problems.


I will be working on your malware issues, this may or may not solve other issues you may have with your machine.

Please note that whatever repairs we make, are for fixing your computer problems only and by no means should be used on another computer.
  • The cleaning process is not instant. Logs can take some time to research, so please be patient with me. I know that you need your computer working as quickly as possible, and I will work hard to help see that happen.
  • Please reply using the Add/Reply button in the lower right hand corner of your screen. Do not start a new topic.
  • The logs that you post should be pasted directly into the reply. Only attach them if requested or if they do not fit into the post.
  • Unfortunately, if I do not hear back from you within 5 days, I will be forced to close your topic. If you still need help after I have closed your topic, send me or a moderator a personal message with the address of the thread or feel free to create a new one.
You may want to keep the link to this topic in your favorites. Alternatively, you can click the button at the top bar of this topic and Track this Topic, where you can choose email notifications. The topics you are tracking are shown here.
-----------------------------------------------------------

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.

If you have already posted a log, please do so again, as your situation may have changed.
Use the 'Add Reply' and add the new log to this thread.

We need to see some information about what is happening in your machine. Please perform the following scan:
  • Please download OTL from one of the following mirrors:
  • Save it to your desktop.
  • Double click on the icon on your desktop.
  • Click the "Scan All Users" checkbox.
  • Push the button.
  • Two reports will open, copy and paste them in a reply here:
    • OTListIt.txt <-- Will be opened
    • Extra.txt <-- Will be minimized

Please download GMER from one of the following locations and save it to your desktop:
  • Main Mirror
    This version will download a randomly named file (Recommended)
  • Zipped Mirror
    This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.
  • Disconnect from the Internet and close all running programs.
  • Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.
  • Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.
  • Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.


  • GMER will open to the Rootkit/Malware tab and perform an automatic quick scan when first run. (do not use the computer while the scan is in progress)
  • If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
  • Now click the Scan button. If you see a rootkit warning window, click OK.
  • When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
  • Click the Copy button and paste the results into your next reply.
  • Exit GMER and re-enable all active protection when done.
-- If you encounter any problems, try running GMER in Safe Mode.

-------------------------------------------------------------
In the meantime please, do NOT install any new programs or update anything unless told to do so while we are fixing your problem

If you still need help, please include the following in your next reply
  • A detailed description of your problems
  • A new OTL log (don't forget extra.txt)
  • GMER log

Thanks and again sorry for the delay.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#3 Where?Wolf

Where?Wolf
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:58 PM

Posted 19 March 2010 - 03:50 PM

huh.gif I have executed the OTL system diagnostics tool. It analized my computer. Id like to be a software specialist. Any help with understanding this better would be gnarley. If not all is well I learn all about it at the college. tongue.gif wacko.gif mellow.gif If you could get back to me that would brighten up my day. thumbup.gif
OTL logfile created on: 3/19/2010 11:46:22 AM - Run 1
OTL by OldTimer - Version 3.1.37.3 Folder = C:\Documents and Settings\OrlandoBoom\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 68.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 81.00% Paging File free
Paging file location(s): c:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 298.08 Gb Total Space | 231.95 Gb Free Space | 77.81% Space Free | Partition Type: NTFS
Drive D: | 149.00 Gb Total Space | 148.90 Gb Free Space | 99.93% Space Free | Partition Type: NTFS
Unable to calculate disk information.
F: Drive not present or media not loaded
G: Drive not present or media not loaded
Drive H: | 465.75 Gb Total Space | 182.68 Gb Free Space | 39.22% Space Free | Partition Type: NTFS
I: Drive not present or media not loaded

Computer Name: R-S7LWKFLKK7U6A
Current User Name: OrlandoBoom
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/03/18 17:43:37 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\OrlandoBoom\Desktop\OTL.exe
PRC - [2010/03/14 15:17:20 | 002,815,488 | ---- | M] (SpeedBit Ltd.) -- C:\Program Files\DAP\DAP.exe
PRC - [2010/03/11 00:34:45 | 001,217,872 | -H-- | M] (Valve Corporation) -- C:\Program Files\Steam\Steam.exe
PRC - [2010/03/09 21:43:36 | 000,300,656 | -H-- | M] (Speedbit Ltd.) -- C:\Program Files\SpeedBit Video Accelerator\VideoAcceleratorService.exe
PRC - [2010/03/09 21:43:36 | 000,140,920 | -H-- | M] (Speedbit Ltd.) -- C:\Program Files\SpeedBit Video Accelerator\VideoAcceleratorEngine.exe
PRC - [2010/03/09 14:01:36 | 001,612,616 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe
PRC - [2010/03/09 14:01:35 | 001,087,864 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\BitDefender\BitDefender 2010\seccenter.exe
PRC - [2010/03/09 11:59:11 | 001,201,640 | -H-- | M] (Webroot Software, Inc. ) -- C:\Program Files\Webroot\WebrootSecurity\WRConsumerService.exe
PRC - [2010/01/20 15:59:34 | 001,120,704 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\BitDefender\BitDefender 2010\bdagent.exe
PRC - [2010/01/11 13:02:46 | 000,308,552 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
PRC - [2009/11/15 11:59:11 | 000,158,752 | -H-- | M] (Applian Technologies, Inc.) -- C:\Program Files\Freecorder\FLVSrvc.exe
PRC - [2009/11/07 15:57:54 | 000,152,808 | -H-- | M] (Systweak Inc.) -- C:\Program Files\Advanced System Optimizer 3\MemoryOptimizer.exe
PRC - [2009/11/07 15:57:46 | 010,028,264 | -H-- | M] (Systweak Inc.) -- C:\Program Files\Advanced System Optimizer 3\systemprotector.exe
PRC - [2009/11/07 15:57:40 | 000,239,336 | -H-- | M] (Systweak Inc.) -- C:\Program Files\Advanced System Optimizer 3\ASO3DefragSrv.exe
PRC - [2009/11/06 15:19:58 | 006,515,784 | -H-- | M] (Webroot Software, Inc.) -- C:\Program Files\Webroot\WebrootSecurity\SpySweeperUI.exe
PRC - [2009/11/06 12:00:22 | 004,048,240 | -H-- | M] (Webroot Software, Inc. (www.webroot.com)) -- C:\Program Files\Webroot\WebrootSecurity\SpySweeper.exe
PRC - [2009/11/06 12:00:22 | 000,165,232 | -H-- | M] (Webroot Software, Inc. (www.webroot.com)) -- C:\Program Files\Webroot\WebrootSecurity\SSU.exe
PRC - [2008/10/31 19:04:40 | 000,307,200 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe
PRC - [2008/04/14 05:42:20 | 001,033,728 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/11/03 17:20:12 | 000,866,584 | -H-- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2006/11/03 17:19:58 | 000,013,592 | -H-- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MsMpEng.exe
PRC - [2006/05/23 19:20:41 | 000,017,920 | -H-- | M] (Creative Technology Ltd) -- C:\WINDOWS\CTHELPER.EXE
PRC - [2006/02/17 10:40:36 | 000,270,336 | -H-- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe
PRC - [2006/02/17 10:39:02 | 000,139,264 | -H-- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
PRC - [2006/02/17 10:35:58 | 000,127,035 | -H-- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
PRC - [2006/02/17 10:35:42 | 000,061,503 | -H-- | M] (NVIDIA) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe


========== Modules (SafeList) ==========

MOD - [2010/03/19 11:12:38 | 000,012,800 | ---- | M] (Applian Technologies, Inc.) -- C:\Documents and Settings\OrlandoBoom\Local Settings\Application Data\FLVService\lib\FLVSrvLib.dll
MOD - [2010/03/18 17:43:37 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\OrlandoBoom\Desktop\OTL.exe
MOD - [2010/03/09 12:28:30 | 000,098,304 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Program Files\BitDefender\BitDefender 2010\Active Virus Control\midas32-v2_59\plugin_net.m32
MOD - [2010/03/09 12:28:29 | 000,176,128 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Program Files\BitDefender\BitDefender 2010\Active Virus Control\midas32-v2_59\plugin_extra.m32
MOD - [2010/03/09 12:28:27 | 000,266,240 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Program Files\BitDefender\BitDefender 2010\Active Virus Control\midas32-v2_59\plugin_nt.m32
MOD - [2010/03/09 12:28:26 | 000,151,552 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Program Files\BitDefender\BitDefender 2010\Active Virus Control\midas32-v2_59\plugin_base.m32
MOD - [2010/03/09 12:28:25 | 000,319,488 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Program Files\BitDefender\BitDefender 2010\Active Virus Control\midas32-v2_59\plugin_fragments.m32
MOD - [2010/03/09 12:28:24 | 000,126,976 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Program Files\BitDefender\BitDefender 2010\Active Virus Control\midas32-v2_59\plugin_registry.m32
MOD - [2010/03/09 12:28:22 | 000,217,088 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Program Files\BitDefender\BitDefender 2010\Active Virus Control\midas32-v2_59\midas32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (npggsvc)
SRV - [2010/03/15 22:21:00 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2010/03/09 21:43:36 | 000,300,656 | -H-- | M] (Speedbit Ltd.) [Auto | Running] -- C:\Program Files\SpeedBit Video Accelerator\VideoAcceleratorService.exe -- (VideoAcceleratorService)
SRV - [2010/03/09 14:01:36 | 001,612,616 | ---- | M] (BitDefender S.R.L.) [Auto | Running] -- C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe -- (VSSERV)
SRV - [2010/03/09 11:59:11 | 001,201,640 | -H-- | M] (Webroot Software, Inc. ) [Auto | Running] -- C:\Program Files\Webroot\WebrootSecurity\WRConsumerService.exe -- (WRConsumerService)
SRV - [2010/01/11 13:02:46 | 000,308,552 | ---- | M] (BitDefender S.R.L.) [Auto | Running] -- C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe -- (LIVESRV)
SRV - [2009/11/07 15:57:40 | 000,239,336 | -H-- | M] (Systweak Inc.) [Auto | Running] -- C:\Program Files\Advanced System Optimizer 3\ASO3DefragSrv.exe -- (ASO3DiskOptimizer)
SRV - [2009/11/06 12:00:22 | 004,048,240 | -H-- | M] (Webroot Software, Inc. (www.webroot.com)) [Auto | Running] -- C:\Program Files\Webroot\WebrootSecurity\SpySweeper.exe -- (WebrootSpySweeperService)
SRV - [2009/10/23 14:45:26 | 000,311,296 | ---- | M] (S.C. BitDefender S.R.L) [On_Demand | Stopped] -- C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\scan.dll -- (scan)
SRV - [2009/10/19 16:06:10 | 000,183,880 | ---- | M] (BitDefender S.R.L. http://www.bitdefender.com) [On_Demand | Stopped] -- C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe -- (Arrakis3)
SRV - [2008/10/31 19:04:40 | 000,307,200 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)
SRV - [2006/11/03 17:19:58 | 000,013,592 | -H-- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV - [2006/02/17 10:39:02 | 000,139,264 | -H-- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe -- (ForceWare Intelligent Application Manager (IAM)) ForceWare Intelligent Application Manager (IAM)
SRV - [2006/02/17 10:35:58 | 000,127,035 | -H-- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe -- (nSvcIp)
SRV - [2006/02/17 10:35:42 | 000,061,503 | -H-- | M] (NVIDIA) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe -- (nSvcLog)
SRV - [2006/02/17 10:17:08 | 000,020,543 | -H-- | M] (Apache Software Foundation) [Auto | Stopped] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe -- (ForcewareWebInterface)


========== Driver Services (SafeList) ==========

DRV - [2010/03/09 14:01:43 | 000,039,808 | ---- | M] (BitDefender S.R.L.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\trufos.sys -- (Trufos)
DRV - [2010/03/09 14:01:43 | 000,014,720 | ---- | M] (BitDefender S.R.L.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\profos.sys -- (Profos)
DRV - [2010/03/09 14:01:42 | 000,153,448 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bdfm.sys -- (bdfm)
DRV - [2010/01/21 14:15:02 | 000,058,624 | ---- | M] (BitDefender) [Kernel | On_Demand | Running] -- C:\Program Files\BitDefender\BitDefender 2010\bdselfpr.sys -- (BDSelfPr)
DRV - [2009/11/20 18:34:54 | 010,235,968 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2009/11/06 12:00:36 | 000,176,752 | -H-- | M] (Webroot Software, Inc. (www.webroot.com)) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ssidrv.sys -- (ssidrv)
DRV - [2009/11/06 12:00:36 | 000,023,152 | -H-- | M] (Webroot Software, Inc. (www.webroot.com)) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sshrmd.sys -- (sshrmd)
DRV - [2009/11/06 12:00:34 | 000,029,808 | -H-- | M] (Webroot Software, Inc. (www.webroot.com)) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ssfs0bbc.sys -- (ssfs0bbc)
DRV - [2009/10/19 16:04:00 | 000,110,984 | -H-- | M] (BitDefender LLC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bdfndisf.sys -- (Bdfndisf)
DRV - [2009/09/28 02:02:44 | 000,014,424 | -H-- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\PeerBlock\pbfilter.sys -- (pbfilter)
DRV - [2009/09/22 08:22:06 | 000,083,208 | ---- | M] (BitDefender) [Kernel | Auto | Running] -- C:\Program Files\BitDefender\BitDefender 2010\bdvedisk.sys -- (BDVEDISK)
DRV - [2009/09/01 14:24:34 | 000,118,536 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdftdif.sys -- (bdftdif)
DRV - [2009/08/17 20:19:22 | 000,006,656 | -H-- | M] () [Kernel | On_Demand | Running] -- C:\Program Files\Advanced System Optimizer 3\adasprot32.sys -- (ADASPROT)
DRV - [2009/07/24 11:26:08 | 000,285,704 | -H-- | M] (BitDefender S.R.L. Bucharest, ROMANIA) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\bdfsfltr.sys -- (bdfsfltr)
DRV - [2008/10/08 00:22:04 | 001,177,624 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ha20x2k.sys -- (ha20x2k)
DRV - [2008/10/08 00:22:02 | 000,095,768 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emupia2k.sys -- (emupia)
DRV - [2008/10/08 00:22:00 | 000,158,744 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2008/10/08 00:21:58 | 000,014,360 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctprxy2k.sys -- (ctprxy2k)
DRV - [2008/10/08 00:21:56 | 000,130,072 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2008/10/08 00:21:54 | 000,347,080 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctdvda2k.sys -- (ctdvda2k)
DRV - [2008/10/08 00:21:50 | 000,526,232 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctaud2k.sys -- (ctaud2k) Creative Audio Driver (WDM)
DRV - [2008/10/08 00:21:46 | 000,511,000 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctac32k.sys -- (ctac32k)
DRV - [2008/10/08 00:21:44 | 001,324,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\CTEXFIFX.SYS -- (CTEXFIFX.SYS)
DRV - [2008/10/08 00:21:44 | 001,324,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CTEXFIFX.sys -- (CTEXFIFX)
DRV - [2008/10/08 00:21:40 | 000,072,728 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\CTHWIUT.SYS -- (CTHWIUT.SYS)
DRV - [2008/10/08 00:21:40 | 000,072,728 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CTHWIUT.sys -- (CTHWIUT)
DRV - [2008/10/08 00:21:38 | 000,171,032 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\CT20XUT.SYS -- (CT20XUT.SYS)
DRV - [2008/10/08 00:21:38 | 000,171,032 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CT20XUT.sys -- (CT20XUT)
DRV - [2008/04/14 00:15:14 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/04/13 22:06:06 | 000,144,384 | -H-- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008/01/19 23:07:58 | 000,033,292 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2006/11/14 22:34:40 | 004,225,920 | RH-- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2006/10/18 11:12:16 | 000,012,664 | RH-- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AsIO.sys -- (AsIO)
DRV - [2006/09/24 05:28:46 | 000,005,248 | -H-- | M] (Windows ® 2000 DDK provider) [Kernel | Boot | Running] -- C:\WINDOWS\System32\speedfan.sys -- (speedfan)
DRV - [2006/04/24 09:52:28 | 000,100,736 | RH-- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvata.sys -- (nvata)
DRV - [2006/02/17 03:28:32 | 000,013,056 | RH-- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2006/02/17 03:28:30 | 000,034,176 | RH-- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2004/08/12 18:56:20 | 000,005,810 | RH-- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
DRV - [1996/04/03 11:33:26 | 000,005,248 | -H-- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\giveio.sys -- (giveio)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
IE - HKCU\..\URLSearchHook: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\tbFre1.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: FFToolbar@bitdefender.com:2.0
FF - prefs.js..extensions.enabledItems: {0329E7D6-6F54-462D-93F6-F5C3118BADF2}:2.2.1
FF - prefs.js..extensions.enabledItems: {F17C1572-C9EC-4e5c-A542-D05CBB5C5A08}:9.4.0.5
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.63

FF - HKLM\software\mozilla\Firefox\Extensions\\FFToolbar@bitdefender.com: C:\Program Files\BitDefender\BitDefender 2010\bdaphffext\ [2010/03/09 14:48:34 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{0329E7D6-6F54-462D-93F6-F5C3118BADF2}: C:\Program Files\SpeedBit Video Downloader\SPFireFox [2010/03/14 15:10:14 | 000,000,000 | -H-D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/03/15 19:57:02 | 000,000,000 | -H-D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/03/15 19:57:02 | 000,000,000 | -H-D | M]

[2010/03/09 19:41:44 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\OrlandoBoom\Application Data\Mozilla\Extensions
[2010/03/18 21:37:49 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\OrlandoBoom\Application Data\Mozilla\Firefox\Profiles\0pv2j1l4.default\extensions
[2010/03/15 18:52:27 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus®)) -- C:\Documents and Settings\OrlandoBoom\Application Data\Mozilla\Firefox\Profiles\0pv2j1l4.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2010/03/18 21:37:49 | 000,000,000 | -H-D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009/07/02 23:34:44 | 000,083,376 | ---- | M] (NHN USA Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npijjiautoinstallpluginff.dll

O1 HOSTS File: ([2010/03/09 12:27:50 | 000,000,734 | -H-- | M]) - C:\WINDOWS\system32\drivers\etc\HOSTS
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Freecorder Toolbar) - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\tbFre1.dll (Conduit Ltd.)
O2 - BHO: (SBCONVERT Class) - {3017FB3E-9A77-4396-88C5-0EC9548FB42F} - C:\Program Files\SpeedBit Video Downloader\Toolbar\tbcore3.dll ()
O2 - BHO: (SBCONVERT Class) - {31B27F2D-6BC6-451B-B3D2-4EAB36B2FC3B} - C:\Program Files\SpeedBit Video Downloader\Toolbar\tbcore3.dll ()
O2 - BHO: (SearchPredictObj Class) - {389943B0-C3A2-4E69-82CB-8596A84CB3DC} - C:\Program Files\SearchPredict\SearchPredict.dll (Speedbit Ltd.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll (Google Inc.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O2 - BHO: (DAPIELoader Class) - {FF6C3CF0-4B15-11D1-ABED-709549C10000} - C:\Program Files\DAP\dapieloader.dll (SpeedBit Ltd.)
O2 - BHO: (GrabberObj Class) - {FF7C3CF0-4B15-11D1-ABED-709549C10000} - C:\Program Files\SpeedBit Video Downloader\Toolbar\Grabber.dll (Speedbit Ltd.)
O3 - HKLM\..\Toolbar: (SpeedBit Video Downloader) - {0329E7D6-6F54-462D-93F6-F5C3118BADF2} - C:\Program Files\SpeedBit Video Downloader\Toolbar\tbcore3.dll ()
O3 - HKLM\..\Toolbar: (Freecorder Toolbar) - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\tbFre1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (BitDefender Toolbar) - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2010\ietoolbar.dll (BitDefender S.R.L.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKCU\..\Toolbar\WebBrowser: (SpeedBit Video Downloader) - {0329E7D6-6F54-462D-93F6-F5C3118BADF2} - C:\Program Files\SpeedBit Video Downloader\Toolbar\tbcore3.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Freecorder Toolbar) - {1392B8D2-5C05-419F-A8F6-B9F15A596612} - C:\Program Files\Freecorder\tbFre1.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O4 - HKLM..\Run: [AsusStartupHelp] C:\Program Files\ASUS\AASP\1.00.17\AsRunHelp.exe ()
O4 - HKLM..\Run: [BDAgent] C:\Program Files\BitDefender\BitDefender 2010\bdagent.exe (BitDefender S.R.L.)
O4 - HKLM..\Run: [BitDefender Antiphishing Helper] C:\Program Files\BitDefender\BitDefender 2010\IEShow.exe (BitDefender S.R.L.)
O4 - HKLM..\Run: [CTHelper] C:\WINDOWS\CTHELPER.EXE (Creative Technology Ltd)
O4 - HKLM..\Run: [CTxfiHlp] C:\WINDOWS\System32\Ctxfihlp.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [Freecorder FLV Service] C:\Program Files\Freecorder\FLVSrvc.exe (Applian Technologies, Inc.)
O4 - HKLM..\Run: [nTrayFw] C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] File not found
O4 - HKLM..\Run: [SkyTel] C:\WINDOWS\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [Speedfan] File not found
O4 - HKLM..\Run: [SpySweeper] C:\Program Files\Webroot\WebrootSecurity\SpySweeperUI.exe (Webroot Software, Inc.)
O4 - HKLM..\Run: [SystemProtector] C:\Program Files\Advanced System Optimizer 3\systemprotector.exe (Systweak Inc.)
O4 - HKLM..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE (Creative Technology Ltd.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [DownloadAccelerator] C:\Program Files\DAP\DAP.EXE (SpeedBit Ltd.)
O4 - HKCU..\Run: [Steam] C:\Program Files\Steam\Steam.exe (Valve Corporation)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\Run: [Systweak Memory Optimizer] c:\program files\advanced system optimizer 3\memoryoptimizer.exe (Systweak Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm ()
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm ()
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm ()
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll (Google Inc.)
O9 - Extra Button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\paltalk.exe (AVM Software Inc.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Program Files\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.)
O16 - DPF: {140E4DF8-9E14-4A34-9577-C77561ED7883} http://content.systemrequirementslab.com.s...ri_4.1.71.0.cab (SysInfo Class)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.94.156.1 68.94.157.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\OrlandoBoom\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\OrlandoBoom\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (OWS\S) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/03/09 11:26:41 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2008/12/20 17:20:36 | 000,000,000 | ---D | M] - H:\autorun -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (sasnative32) - C:\WINDOWS\System32\sasnative32.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/03/18 22:22:19 | 000,014,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2010/03/18 17:47:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\OrlandoBoom\Application Data\Hardcore
[2010/03/18 17:44:37 | 000,555,520 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\OrlandoBoom\Desktop\OTL.exe
[2010/03/18 16:26:08 | 000,000,000 | -H-D | C] -- C:\WINDOWS\Prefetch
[2010/03/18 16:19:31 | 001,306,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6.dll
[2010/03/18 16:19:31 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6r.dll
[2010/03/18 16:19:28 | 000,380,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irprops.cpl
[2010/03/18 16:19:28 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ieencode.dll
[2010/03/18 16:14:45 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2010/03/16 18:49:21 | 000,000,000 | -H-D | C] -- C:\Program Files\Funcom
[2010/03/16 17:33:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\OrlandoBoom\Desktop\Funcom Games
[2010/03/16 16:01:25 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winzm.ime
[2010/03/16 16:01:25 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winsp.ime
[2010/03/16 16:01:25 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winpy.ime
[2010/03/16 16:01:25 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winime.ime
[2010/03/16 16:01:24 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winar30.ime
[2010/03/16 16:01:24 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wingb.ime
[2010/03/16 16:01:24 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.sys
[2010/03/16 16:01:23 | 000,041,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.dll
[2010/03/16 16:01:23 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamps51.dll
[2010/03/16 16:01:22 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ext.dll
[2010/03/16 16:01:22 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3svapi.dll
[2010/03/16 16:01:21 | 000,426,041 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicepad.dll
[2010/03/16 16:01:21 | 000,086,073 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicesub.dll
[2010/03/16 16:01:21 | 000,048,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32.dll
[2010/03/16 16:01:21 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ctrs51.dll
[2010/03/16 16:01:19 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniime.dll
[2010/03/16 16:01:19 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unicdime.ime
[2010/03/16 16:01:18 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe
[2010/03/16 16:01:17 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintsetp.exe
[2010/03/16 16:01:17 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlphr.exe
[2010/03/16 16:01:17 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmigrate.dll
[2010/03/16 16:01:16 | 000,571,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlgnt.ime
[2010/03/16 16:01:16 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\thawbrkr.dll
[2010/03/16 16:01:16 | 000,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdipx.sys
[2010/03/16 16:01:16 | 000,019,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdspx.sys
[2010/03/16 16:01:15 | 000,013,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdasync.sys
[2010/03/16 16:01:14 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\status.dll
[2010/03/16 16:01:13 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusbusd.dll
[2010/03/16 16:01:12 | 000,143,422 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\softkey.dll
[2010/03/16 16:01:11 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpstup.dll
[2010/03/16 16:01:11 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll
[2010/03/16 16:01:10 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsm.dll
[2010/03/16 16:01:10 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll
[2010/03/16 16:01:10 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpapi.dll
[2010/03/16 16:01:10 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smimsgif.dll
[2010/03/16 16:01:10 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsy.dll
[2010/03/16 16:01:09 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm9aw.dll
[2010/03/16 16:01:09 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb6w.dll
[2010/03/16 16:01:09 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma3w.dll
[2010/03/16 16:01:09 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm87w.dll
[2010/03/16 16:01:09 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm81w.dll
[2010/03/16 16:01:09 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8cw.dll
[2010/03/16 16:01:09 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm93w.dll
[2010/03/16 16:01:09 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm92w.dll
[2010/03/16 16:01:09 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm90w.dll
[2010/03/16 16:01:09 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8dw.dll
[2010/03/16 16:01:09 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8aw.dll
[2010/03/16 16:01:09 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm89w.dll
[2010/03/16 16:01:09 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm59w.dll
[2010/03/16 16:01:08 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\simptcp.dll
[2010/03/16 16:01:06 | 000,205,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seo.dll
[2010/03/16 16:01:06 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seos.dll
[2010/03/16 16:01:05 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_scripto.dll
[2010/03/16 16:01:05 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_rwnh.dll
[2010/03/16 16:01:04 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2010/03/16 16:01:04 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2010/03/16 16:01:03 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\romanime.ime
[2010/03/16 16:01:03 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe
[2010/03/16 16:01:02 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe
[2010/03/16 16:01:01 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quick.ime
[2010/03/16 16:01:01 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quser.exe
[2010/03/16 16:01:01 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe
[2010/03/16 16:00:59 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxviceo.dll
[2010/03/16 16:00:59 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlphr.exe
[2010/03/16 16:00:59 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmigrate.dll
[2010/03/16 16:00:59 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxmcro.dll
[2010/03/16 16:00:59 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxgl.dll
[2010/03/16 16:00:58 | 000,482,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlgnt.ime
[2010/03/16 16:00:58 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phon.ime
[2010/03/16 16:00:58 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlcsd.dll
[2010/03/16 16:00:57 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pagecnt.dll
[2010/03/16 16:00:57 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\permchk.dll
[2010/03/16 16:00:56 | 000,036,927 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs411.dll
[2010/03/16 16:00:56 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs404.dll
[2010/03/16 16:00:56 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs804.dll
[2010/03/16 16:00:56 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs412.dll
[2010/03/16 16:00:54 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll
[2010/03/16 16:00:53 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nextlink.dll
[2010/03/16 16:00:51 | 000,229,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\multibox.dll
[2010/03/16 16:00:48 | 001,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.lex
[2010/03/16 16:00:48 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.dll
[2010/03/16 16:00:43 | 000,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.sys
[2010/03/16 16:00:43 | 000,092,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.dll
[2010/03/16 16:00:43 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mdsync.dll
[2010/03/16 16:00:42 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll
[2010/03/16 16:00:41 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logscrpt.dll
[2010/03/16 16:00:39 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\korwbrkr.dll
[2010/03/16 16:00:39 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdvntc.dll
[2010/03/16 16:00:39 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdusa.dll
[2010/03/16 16:00:39 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdurdu.dll
[2010/03/16 16:00:38 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth3.dll
[2010/03/16 16:00:38 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth2.dll
[2010/03/16 16:00:38 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth1.dll
[2010/03/16 16:00:38 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth0.dll
[2010/03/16 16:00:38 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr2.dll
[2010/03/16 16:00:38 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr1.dll
[2010/03/16 16:00:37 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecat.dll
[2010/03/16 16:00:37 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecnt.dll
[2010/03/16 16:00:37 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnec95.dll
[2010/03/16 16:00:37 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintel.dll
[2010/03/16 16:00:37 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintam.dll
[2010/03/16 16:00:36 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinpun.dll
[2010/03/16 16:00:36 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinmar.dll
[2010/03/16 16:00:36 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinkan.dll
[2010/03/16 16:00:36 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinhin.dll
[2010/03/16 16:00:36 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinguj.dll
[2010/03/16 16:00:35 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdindev.dll
[2010/03/16 16:00:35 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdheb.dll
[2010/03/16 16:00:35 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdfa.dll
[2010/03/16 16:00:35 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgeo.dll
[2010/03/16 16:00:34 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv2.dll
[2010/03/16 16:00:34 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv1.dll
[2010/03/16 16:00:34 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda3.dll
[2010/03/16 16:00:34 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarmw.dll
[2010/03/16 16:00:34 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarme.dll
[2010/03/16 16:00:33 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jupiw.dll
[2010/03/16 16:00:33 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iwrps.dll
[2010/03/16 16:00:33 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101a.dll
[2010/03/16 16:00:33 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda2.dll
[2010/03/16 16:00:33 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda1.dll
[2010/03/16 16:00:32 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isapips.dll
[2010/03/16 16:00:30 | 000,315,455 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskf.dll
[2010/03/16 16:00:30 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infoctrs.dll
[2010/03/16 16:00:29 | 000,471,102 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskdic.dll
[2010/03/16 16:00:29 | 000,274,489 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputyc.dll
[2010/03/16 16:00:29 | 000,262,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputy.exe
[2010/03/16 16:00:29 | 000,102,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imlang.dll
[2010/03/16 16:00:29 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imkrinst.exe
[2010/03/16 16:00:28 | 000,307,257 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.exe
[2010/03/16 16:00:28 | 000,233,527 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjprw.exe
[2010/03/16 16:00:28 | 000,208,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpmig.exe
[2010/03/16 16:00:28 | 000,155,705 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdsvr.exe
[2010/03/16 16:00:28 | 000,045,109 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpuex.exe
[2010/03/16 16:00:27 | 000,811,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81k.dll
[2010/03/16 16:00:27 | 000,716,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcus.dll
[2010/03/16 16:00:27 | 000,368,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcic.dll
[2010/03/16 16:00:27 | 000,340,023 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81.ime
[2010/03/16 16:00:27 | 000,081,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.dll
[2010/03/16 16:00:27 | 000,057,398 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdadm.exe
[2010/03/16 16:00:26 | 000,311,359 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsv.exe
[2010/03/16 16:00:26 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrcic.dll
[2010/03/16 16:00:26 | 000,102,463 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsm.dll
[2010/03/16 16:00:26 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekr61.ime
[2010/03/16 16:00:26 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmbx.dll
[2010/03/16 16:00:26 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmig.exe
[2010/03/16 16:00:25 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisclex4.dll
[2010/03/16 16:00:25 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iiscrmap.dll
[2010/03/16 16:00:25 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iissync.exe
[2010/03/16 16:00:25 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iismui.dll
[2010/03/16 16:00:21 | 010,129,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxkor.dll
[2010/03/16 16:00:15 | 010,096,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxcht.dll
[2010/03/16 16:00:13 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hanjadic.dll
[2010/03/16 16:00:11 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsroute.dll
[2010/03/16 16:00:11 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssend.exe
[2010/03/16 16:00:10 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclntr.dll
[2010/03/16 16:00:10 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscfgwz.dll
[2010/03/16 16:00:10 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpctrs2.dll
[2010/03/16 16:00:09 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftlx041e.dll
[2010/03/16 16:00:08 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll
[2010/03/16 16:00:08 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe
[2010/03/16 16:00:07 | 000,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll
[2010/03/16 16:00:07 | 000,045,056 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll
[2010/03/16 16:00:07 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\et4000.sys
[2010/03/16 16:00:06 | 000,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll
[2010/03/16 16:00:01 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dayi.ime
[2010/03/16 16:00:00 | 000,057,399 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cplexe.exe
[2010/03/16 16:00:00 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cprofile.exe
[2010/03/16 15:59:59 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\convlog.exe
[2010/03/16 15:59:59 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\controt.dll
[2010/03/16 15:59:59 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\counters.dll
[2010/03/16 15:59:57 | 000,480,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintsetp.exe
[2010/03/16 15:59:57 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintime.dll
[2010/03/16 15:59:57 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintlgnt.ime
[2010/03/16 15:59:56 | 000,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtbrkr.dll
[2010/03/16 15:59:56 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtmbx.dll
[2010/03/16 15:59:56 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtskdic.dll
[2010/03/16 15:59:55 | 001,677,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chsbrkr.dll
[2010/03/16 15:59:55 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chajei.ime
[2010/03/16 15:59:55 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgport.exe
[2010/03/16 15:59:55 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgusr.exe
[2010/03/16 15:59:55 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chglogon.exe
[2010/03/16 15:59:55 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\change.exe
[2010/03/16 15:59:54 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2010/03/16 15:59:53 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\browscap.dll
[2010/03/16 15:59:53 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_iscii.dll
[2010/03/16 15:59:53 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_is2022.dll
[2010/03/16 15:59:51 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\authfilt.dll
[2010/03/16 15:59:46 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asptxn.dll
[2010/03/16 15:59:45 | 000,312,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqueue.dll
[2010/03/16 15:59:45 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll
[2010/03/16 15:59:45 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aspperf.dll
[2010/03/16 15:59:42 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adrot.dll
[2010/03/16 15:59:42 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admxprox.dll
[2010/03/16 15:59:42 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll
[2010/03/16 15:59:39 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamregps.dll
[2010/03/16 15:59:37 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpadm.dll
[2010/03/16 15:59:33 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisui.dll
[2010/03/16 15:59:33 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetsloc.dll
[2010/03/16 15:59:33 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmgr.exe
[2010/03/16 15:59:32 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisreset.exe
[2010/03/16 15:59:32 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrstap.dll
[2010/03/16 15:59:31 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpsapi2.dll
[2010/03/16 15:59:28 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\certmap.ocx
[2010/03/16 15:58:18 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrslv.dll
[2010/03/16 15:58:18 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrcdlg.dll
[2010/03/16 15:58:18 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\racpldlg.dll
[2010/03/16 15:58:18 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrdm.dll
[2010/03/16 15:58:16 | 000,032,768 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\isrdbg32.dll
[2010/03/16 15:58:15 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetres.dll
[2010/03/16 15:58:14 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwdial.dll
[2010/03/16 15:58:14 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwphbk.dll
[2010/03/16 15:58:13 | 000,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcfg.dll
[2010/03/16 15:58:13 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\isign32.dll
[2010/03/16 15:58:12 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwtutor.exe
[2010/03/16 15:58:12 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwres.dll
[2010/03/16 15:58:12 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trialoc.dll
[2010/03/16 15:58:12 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isignup.exe
[2010/03/16 15:58:08 | 001,669,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setup_wm.exe
[2010/03/16 15:58:08 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dlimport.exe
[2010/03/16 15:58:07 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmplayer.exe
[2010/03/16 15:58:07 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qmgrprxy.dll
[2010/03/16 15:58:02 | 000,364,544 | ---- | C] (Microsoft Corporation (written by Digital Renaissance Inc.)) -- C:\WINDOWS\System32\dllcache\npdsplay.dll
[2010/03/16 15:58:02 | 000,239,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srrstr.dll
[2010/03/16 15:58:02 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npdrmv2.dll
[2010/03/16 15:58:02 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npwmsdrm.dll
[2010/03/16 15:58:02 | 000,004,639 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplayer2.exe
[2010/03/16 15:58:01 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ils.dll
[2010/03/16 15:58:01 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msconf.dll
[2010/03/16 15:58:01 | 000,034,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mnmdd.dll
[2010/03/16 15:58:01 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmmkcert.dll
[2010/03/16 15:57:59 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoert2.dll
[2010/03/16 15:57:58 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoeacct.dll
[2010/03/16 15:57:57 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstinit.exe
[2010/03/16 15:57:11 | 000,347,136 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\hypertrm.dll
[2010/03/16 15:57:11 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\accwiz.exe
[2010/03/16 15:57:11 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndrec32.exe
[2010/03/16 15:57:11 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\access.cpl
[2010/03/16 15:57:10 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcuiu.dll
[2010/03/16 15:57:10 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxoci.dll
[2010/03/16 15:57:10 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdshost.exe
[2010/03/16 15:57:10 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qprocess.exe
[2010/03/16 15:57:09 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtctm.dll
[2010/03/16 15:57:09 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtclog.dll
[2010/03/16 15:57:09 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xolehlp.dll
[2010/03/16 15:57:08 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comrepl.dll
[2010/03/16 15:57:08 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\colbact.dll
[2010/03/16 15:57:08 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\stclient.dll
[2010/03/16 15:57:08 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxlegih.dll
[2010/03/16 15:57:08 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxdm.dll
[2010/03/16 15:57:08 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comaddin.dll
[2010/03/16 15:57:08 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dcomcnfg.exe
[2010/03/16 15:57:08 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxex.dll
[2010/03/16 15:57:07 | 000,539,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comuid.dll
[2010/03/16 15:57:07 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrv.dll
[2010/03/16 15:57:07 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsnap.dll
[2010/03/16 15:57:07 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clbcatex.dll
[2010/03/16 15:57:07 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvps.dll
[2010/03/16 15:57:04 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\servdeps.dll
[2010/03/16 15:57:04 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmfutil.dll
[2010/03/16 15:57:03 | 000,343,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mspaint.exe
[2010/03/16 15:57:03 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmprops.dll
[2010/03/16 15:57:03 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mplay32.exe
[2010/03/16 15:57:03 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplay32.exe
[2010/03/16 15:57:03 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clipbrd.exe
[2010/03/16 15:57:02 | 000,538,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spider.exe
[2010/03/16 15:57:02 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscfgwmi.dll
[2010/03/16 15:57:01 | 000,598,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstscax.dll
[2010/03/16 15:57:01 | 000,388,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstsc.exe
[2010/03/16 15:57:01 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdchost.dll
[2010/03/16 15:57:01 | 000,087,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpwsx.dll
[2010/03/16 15:57:01 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdsaddin.exe
[2010/03/16 15:57:00 | 000,625,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvut.dll
[2010/03/16 15:57:00 | 000,427,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcprx.dll
[2010/03/16 15:57:00 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpclip.exe
[2010/03/16 15:57:00 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cfgbkend.dll
[2010/03/16 15:57:00 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpsnd.dll
[2010/03/16 15:57:00 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icaapi.dll
[2010/03/16 15:56:59 | 001,267,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsvcs.dll
[2010/03/16 15:56:56 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\licwmi.dll
[2010/03/16 15:54:47 | 000,000,000 | -H-D | C] -- C:\Program Files\Defraggler
[2010/03/16 12:31:21 | 000,060,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbaudio.sys
[2010/03/16 12:29:32 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
[2010/03/16 12:22:43 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\winspool.drv
[2010/03/16 12:22:43 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\spxcoins.dll
[2010/03/16 12:22:43 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxcoins.dll
[2010/03/16 12:22:43 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irclass.dll
[2010/03/16 12:22:43 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irclass.dll
[2010/03/16 12:22:41 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\storprop.dll
[2010/03/15 22:21:51 | 000,102,400 | ---- | C] (Creative Technology Ltd) -- C:\WINDOWS\System32\cttele32.dll
[2010/03/15 22:21:38 | 000,000,000 | ---D | C] -- C:\Program Files\OpenAL
[2010/03/15 22:21:00 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Creative Labs Shared
[2010/03/15 22:17:02 | 020,888,640 | ---- | C] (Creative Technology Ltd) -- C:\WINDOWS\System32\AppSetup.exe
[2010/03/15 21:43:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\OrlandoBoom\My Documents\Rightious works of art
[2010/03/15 21:06:11 | 000,710,064 | ---- | C] (NHN USA) -- C:\WINDOWS\System32\ijjiSetup.exe
[2010/03/15 21:06:11 | 000,217,088 | ---- | C] (<YNK Interactive>) -- C:\WINDOWS\System32\uc_rohan_launching.dll
[2010/03/15 21:06:11 | 000,087,472 | ---- | C] (<NHN USA Inc>.) -- C:\WINDOWS\System32\ijjiChannelingPlugin.dll
[2010/03/15 21:06:11 | 000,064,000 | ---- | C] (<NHN USA Inc>.) -- C:\WINDOWS\System32\uc_sfighters_launching.dll
[2010/03/15 21:06:11 | 000,061,440 | ---- | C] (<NHN USA Inc>.) -- C:\WINDOWS\System32\uc_atlantica_launching.dll
[2010/03/15 21:06:11 | 000,058,800 | ---- | C] (NHN USA Inc.) -- C:\WINDOWS\System32\ijjiProcessRestarter.exe
[2010/03/15 21:06:11 | 000,058,800 | ---- | C] (NHN USA Corp.) -- C:\WINDOWS\System32\ijjiPlugin2.dll
[2010/03/15 21:06:11 | 000,053,248 | ---- | C] (<NHN USA Inc>.) -- C:\WINDOWS\System32\uc_luminary_launching.dll
[2010/03/15 21:06:10 | 000,000,000 | -H-D | C] -- C:\Program Files\ijji
[2010/03/15 20:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2010/03/15 20:34:22 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010/03/15 19:58:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\OrlandoBoom\Application Data\Apple Computer
[2010/03/15 19:57:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2010/03/15 19:56:27 | 000,000,000 | -H-D | C] -- C:\Program Files\QuickTime
[2010/03/15 19:56:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
[2010/03/15 19:56:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\OrlandoBoom\Local Settings\Application Data\Apple
[2010/03/15 19:56:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
[2010/03/15 19:55:25 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2010/03/15 19:54:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\OrlandoBoom\Local Settings\Application Data\Apple Computer
[2010/03/15 19:27:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\OrlandoBoom\My Documents\Video Games
[2010/03/15 19:23:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\OrlandoBoom\Local Settings\Application Data\Adobe
[2010/03/15 19:04:39 | 000,000,000 | -H-D | C] -- C:\Program Files\Conduit
[2010/03/15 19:04:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\OrlandoBoom\Local Settings\Application Data\Conduit
[2010/03/15 19:04:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\OrlandoBoom\Local Settings\Application Data\Freecorder
[2010/03/15 19:04:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\OrlandoBoom\My Documents\Freecorder 4
[2010/03/15 19:04:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\OrlandoBoom\Local Settings\Application Data\FLVService
[2010/03/15 19:04:17 | 000,000,000 | -H-D | C] -- C:\WINDOWS\Freecorder
[2010/03/15 19:04:17 | 000,000,000 | -H-D | C] -- C:\Program Files\Freecorder
[2010/03/15 19:04:08 | 000,000,000 | -H-D | C] -- C:\Program Files\THQ
[2010/03/15 19:02:48 | 083,565,711 | ---- | C] (THQ ) -- C:\Documents and Settings\OrlandoBoom\My Documents\mxvsatv_demo.exe
[2010/03/15 18:58:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2010/03/15 18:57:59 | 000,000,000 | -H-D | C] -- C:\Program Files\Adobe
[2010/03/15 18:57:59 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2010/03/14 21:29:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\OrlandoBoom\My Documents\Bioshock
[2010/03/14 20:45:20 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\OrlandoBoom\Application Data\SecuROM
[2010/03/14 20:45:18 | 000,107,888 | ---- | C] (Sony DADC Austria AG.) -- C:\WINDOWS\System32\CmdLineExt.dll
[2010/03/14 20:38:05 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\OrlandoBoom\Application Data\Bioshock
[2010/03/14 20:23:53 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_34.dll
[2010/03/14 20:23:53 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_34.dll
[2010/03/14 20:23:53 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_8.dll
[2010/03/14 20:23:53 | 000,018,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_2.dll
[2010/03/14 20:23:52 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_34.dll
[2010/03/14 20:23:51 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_7.dll
[2010/03/14 20:23:50 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_33.dll
[2010/03/14 20:23:50 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_33.dll
[2010/03/14 20:23:49 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_33.dll
[2010/03/14 20:23:48 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_6.dll
[2010/03/14 20:23:47 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_32.dll
[2010/03/14 20:23:47 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_5.dll
[2010/03/14 20:23:36 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_28.dll
[2010/03/14 20:23:35 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_27.dll
[2010/03/14 20:23:35 | 000,061,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput9_1_0.dll
[2010/03/14 20:23:34 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_26.dll
[2010/03/14 20:23:33 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_25.dll
[2010/03/14 20:23:32 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_24.dll
[2010/03/14 19:51:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\OrlandoBoom\My Documents\RohanScreenShot
[2010/03/14 16:24:24 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2010/03/14 16:01:54 | 000,181,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MpSigStub.exe
[2010/03/14 15:57:06 | 000,000,000 | -H-D | C] -- C:\Program Files\Windows Defender
[2010/03/14 15:10:12 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\OrlandoBoom\Application Data\Toolbar4
[2010/03/14 15:10:11 | 000,000,000 | -H-D | C] -- C:\Program Files\SearchPredict
[2010/03/13 21:48:10 | 000,000,000 | -H-D | C] -- C:\Program Files\Audacity
[2010/03/13 17:02:46 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\OrlandoBoom\Application Data\Ventrilo
[2010/03/13 17:02:01 | 000,000,000 | -H-D | C] -- C:\Program Files\Ventrilo
[2010/03/13 16:09:51 | 000,000,000 | -H-D | C] -- C:\Program Files\Image-Line
[2010/03/13 12:09:06 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\OrlandoBoom\Application Data\Paltalk
[2010/03/13 12:09:02 | 000,000,000 | -H-D | C] -- C:\WINDOWS\PaltalkScene
[2010/03/13 12:09:02 | 000,000,000 | -H-D | C] -- C:\Program Files\Paltalk Messenger
[2010/03/13 09:38:06 | 000,225,280 | ---- | C] (Propellerhead Software AB) -- C:\WINDOWS\System32\rewire.dll
[2010/03/13 09:38:03 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\OrlandoBoom\My Documents\Image-Line
[2010/03/13 09:37:49 | 001,554,944 | ---- | C] (HMS http://hp.vector.co.jp/authors/VA012897/) -- C:\WINDOWS\System32\vorbis.acm
[2010/03/13 09:37:39 | 000,000,000 | -H-D | C] -- C:\Program Files\VstPlugins
[2010/03/13 09:37:36 | 000,000,000 | -H-D | C] -- C:\Program Files\Outsim
[2010/03/13 09:17:41 | 000,000,000 | -H-D | C] -- C:\Program Files\PeerBlock
[2010/03/12 20:22:26 | 000,000,000 | -H-D | C] -- C:\Program Files\GFI
[2010/03/12 20:08:56 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\OrlandoBoom\Recent
[2010/03/12 20:08:09 | 000,000,000 | -H-D | C] -- C:\WINDOWS\Downloaded Installations
[2010/03/12 19:57:50 | 000,000,000 | -H-D | C] -- C:\Program Files\CCleaner
[2010/03/12 16:57:59 | 000,000,000 | -H-D | C] -- C:\Program Files\Trend Micro
[2010/03/12 14:50:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Systweak
[2010/03/12 14:30:22 | 000,004,682 | ---- | C] (INCA Internet Co., Ltd.) -- C:\WINDOWS\System32\npptNT2.sys
[2010/03/12 14:27:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\INCA Shared
[2010/03/12 14:25:46 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\OrlandoBoom\Application Data\ijjigame
[2010/03/12 14:07:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ijjigame
[2010/03/11 00:41:54 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\OrlandoBoom\Application Data\BitTorrent
[2010/03/11 00:41:52 | 000,000,000 | -H-D | C] -- C:\Program Files\BitTorrent
[2010/03/11 00:34:21 | 000,000,000 | -H-D | C] -- C:\Program Files\Steam
[2010/03/11 00:22:31 | 000,000,000 | -H-D | C] -- C:\Program Files\SystemRequirementsLab
[2010/03/10 23:58:48 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\OrlandoBoom\Application Data\Xfire
[2010/03/10 23:58:41 | 000,000,000 | -H-D | C] -- C:\Program Files\Xfire
[2010/03/10 23:57:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\RohanScreenShot
[2010/03/10 23:50:04 | 000,000,000 | -H-D | C] -- C:\ROHAN_Blood_Feud
[2010/03/10 22:26:50 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\OrlandoBoom\Application Data\Media Player Classic
[2010/03/10 18:25:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\OrlandoBoom\Local Settings\Application Data\Yahoo!
[2010/03/10 18:24:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\OrlandoBoom\My Documents\Downloads
[2010/03/10 12:40:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\OrlandoBoom\Local Settings\Application Data\Oblivion
[2010/03/10 12:40:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\OrlandoBoom\My Documents\My Games
[2010/03/10 11:08:31 | 000,000,000 | -H-D | C] -- C:\Program Files\PunkBuster
[2010/03/09 23:08:49 | 000,000,000 | -H-D | C] -- C:\WINDOWS\RegisteredPackages
[2010/03/09 23:08:15 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\msdv.sys
[2010/03/09 23:08:15 | 000,050,688 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wstdecod.dll
[2010/03/09 23:08:15 | 000,043,008 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksxbar.ax
[2010/03/09 23:08:15 | 000,030,208 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vbisurf.ax
[2010/03/09 23:08:15 | 000,018,432 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bdaplgin.ax
[2010/03/09 23:08:15 | 000,016,384 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipsink.ax
[2010/03/09 23:08:15 | 000,015,232 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mpe.sys
[2010/03/09 23:08:15 | 000,011,776 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bdasup.sys
[2010/03/09 23:08:14 | 000,141,056 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\ks.sys
[2010/03/09 23:08:14 | 000,129,536 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksproxy.ax
[2010/03/09 23:08:14 | 000,091,136 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kswdmcap.ax
[2010/03/09 23:08:14 | 000,061,952 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kstvtune.ax
[2010/03/09 23:08:14 | 000,049,408 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\stream.sys
[2010/03/09 23:08:14 | 000,012,288 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksolay.ax
[2010/03/09 23:08:14 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksuser.dll
[2010/03/09 23:08:13 | 000,211,456 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qasf.dll
[2010/03/09 23:08:13 | 000,203,776 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mswebdvd.dll
[2010/03/09 23:08:13 | 000,047,616 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dxof.dll
[2010/03/09 23:08:13 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\d3dxof.dll
[2010/03/09 23:08:13 | 000,020,480 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\encapi.dll
[2010/03/09 23:08:13 | 000,010,496 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\dxapi.sys
[2010/03/09 23:08:13 | 000,010,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dxapi.sys
[2010/03/09 23:08:12 | 000,590,336 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dramp.dll
[2010/03/09 23:08:12 | 000,590,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\d3dramp.dll
[2010/03/09 23:08:12 | 000,436,224 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dim.dll
[2010/03/09 23:08:12 | 000,436,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\d3dim.dll
[2010/03/09 23:08:12 | 000,350,208 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3drm.dll
[2010/03/09 23:08:12 | 000,350,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\d3drm.dll
[2010/03/09 23:08:12 | 000,181,248 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dmime.dll
[2010/03/09 23:08:12 | 000,105,984 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dmstyle.dll
[2010/03/09 23:08:12 | 000,104,448 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dmusic.dll
[2010/03/09 23:08:12 | 000,103,424 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dmsynth.dll
[2010/03/09 23:08:12 | 000,082,432 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dmscript.dll
[2010/03/09 23:08:12 | 000,061,440 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dmcompos.dll
[2010/03/09 23:08:12 | 000,035,840 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dmloader.dll
[2010/03/09 23:08:12 | 000,034,816 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dpmesh.dll
[2010/03/09 23:08:12 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\d3dpmesh.dll
[2010/03/09 23:08:12 | 000,028,672 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dmband.dll
[2010/03/09 23:08:12 | 000,019,456 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dswave.dll
[2010/03/09 23:08:11 | 001,179,648 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3d8.dll
[2010/03/09 23:08:11 | 000,181,760 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dinput8.dll
[2010/03/09 23:08:10 | 001,298,432 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dxdiag.exe
[2010/03/09 23:08:10 | 000,181,248 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dsdmo.dll
[2010/03/09 23:08:10 | 000,071,680 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dsdmoprp.dll
[2010/03/09 23:08:09 | 000,467,968 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\diactfrm.dll
[2010/03/09 23:08:09 | 000,467,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\diactfrm.dll
[2010/03/09 23:08:09 | 000,375,296 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpnet.dll
[2010/03/09 23:08:09 | 000,212,480 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpvoice.dll
[2010/03/09 23:08:09 | 000,116,736 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpvvox.dll
[2010/03/09 23:08:09 | 000,083,456 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpvsetup.exe
[2010/03/09 23:08:09 | 000,044,032 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dimap.dll
[2010/03/09 23:08:09 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dimap.dll
[2010/03/09 23:08:09 | 000,021,504 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpvacm.dll
[2010/03/09 23:08:09 | 000,017,920 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpnsvr.exe
[2010/03/09 23:08:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpnlobby.dll
[2010/03/09 23:08:08 | 001,293,824 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dsound3d.dll
[2010/03/09 23:08:08 | 001,227,264 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dx8vb.dll
[2010/03/09 23:08:08 | 000,619,008 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dx7vb.dll
[2010/03/09 23:08:08 | 000,367,616 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dsound.dll
[2010/03/09 23:08:08 | 000,223,232 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\gcdef.dll
[2010/03/09 23:08:08 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gcdef.dll
[2010/03/09 23:08:08 | 000,068,608 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\joy.cpl
[2010/03/09 23:08:08 | 000,060,928 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpnhupnp.dll
[2010/03/09 23:08:08 | 000,057,344 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpwsockx.dll
[2010/03/09 23:08:08 | 000,035,328 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\pid.dll
[2010/03/09 23:08:08 | 000,035,328 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpnhpast.dll
[2010/03/09 23:08:08 | 000,008,192 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3d8thk.dll
[2010/03/09 23:08:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpnaddr.dll
[2010/03/09 23:08:07 | 000,824,320 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dim700.dll
[2010/03/09 23:08:07 | 000,279,552 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ddraw.dll
[2010/03/09 23:08:07 | 000,229,888 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dplayx.dll
[2010/03/09 23:08:07 | 000,158,720 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dinput.dll
[2010/03/09 23:08:07 | 000,029,696 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dplaysvr.exe
[2010/03/09 23:08:07 | 000,027,136 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ddrawex.dll
[2010/03/09 23:08:07 | 000,023,552 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpmodemx.dll
[2010/03/09 22:47:16 | 000,000,000 | -H-D | C] -- C:\Program Files\id Software
[2010/03/09 22:45:05 | 000,000,000 | -HSD | C] -- C:\WINDOWS\ftpcache
[2010/03/09 22:14:45 | 000,647,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\Mscomct2.ocx
[2010/03/09 22:14:44 | 000,041,984 | -H-- | C] (Creative Technology Ltd ) -- C:\WINDOWS\Ctregrun.exe
[2010/03/09 22:14:28 | 000,090,112 | -H-- | C] (Creative Technology Ltd.) -- C:\WINDOWS\Updreg.EXE
[2010/03/09 22:14:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Creative
[2010/03/09 22:13:44 | 000,444,952 | ---- | C] (Creative Labs) -- C:\WINDOWS\System32\wrap_oal.dll
[2010/03/09 22:13:44 | 000,109,080 | ---- | C] (Portions © Creative Labs Inc. and NVIDIA Corp.) -- C:\WINDOWS\System32\OpenAL32.dll
[2010/03/09 22:13:38 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\OrlandoBoom\Application Data\Creative
[2010/03/09 22:13:20 | 000,011,776 | -H-- | C] (Creative Technology Limited) -- C:\WINDOWS\INRES.DLL
[2010/03/09 22:13:20 | 000,010,240 | -H-- | C] (Creative Technology Ltd) -- C:\WINDOWS\CTDCRES.DLL
[2010/03/09 22:13:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Data
[2010/03/09 22:12:10 | 000,000,000 | -H-D | C] -- C:\Program Files\Creative
[2010/03/09 21:43:34 | 000,000,000 | -H-D | C] -- C:\Program Files\SpeedBit Video Accelerator
[2010/03/09 21:40:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/03/09 21:40:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\OrlandoBoom\My Documents\My DAP Downloads
[2010/03/09 21:40:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SpeedBit
[2010/03/09 21:40:24 | 000,172,032 | ---- | C] (Jin Hui E-mail: jinhui@jcomsoft.com Web: http://www.jcomsoft.com) -- C:\WINDOWS\System32\AniGIF.ocx
[2010/03/09 21:40:20 | 000,000,000 | -H-D | C] -- C:\Program Files\DAP
[2010/03/09 21:39:46 | 000,000,000 | -H-D | C] -- C:\Program Files\SpeedBit Video Downloader
[2010/03/09 21:23:14 | 000,000,000 | -H-D | C] -- C:\WINDOWS\pss
[2010/03/09 21:03:49 | 000,000,000 | -H-D | C] -- C:\Program Files\PowerISO
[2010/03/09 19:42:26 | 000,000,000 | -H-D | C] -- C:\Program Files\Advanced System Optimizer 3
[2010/03/09 19:41:33 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\OrlandoBoom\Application Data\CometNetwork
[2010/03/09 19:41:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\OrlandoBoom\Local Settings\Application Data\CometNetwork
[2010/03/09 19:41:24 | 000,000,000 | -H-D | C] -- C:\Program Files\CometBird
[2010/03/09 19:41:20 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\OrlandoBoom\Local Settings\Application Data\Mozilla
[2010/03/09 19:41:20 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\OrlandoBoom\Application Data\Mozilla
[2010/03/09 19:41:11 | 000,000,000 | -H-D | C] -- C:\Program Files\Mozilla Firefox
[2010/03/09 18:10:59 | 000,839,680 | ---- | C] (http://www.mp3dev.org/) -- C:\WINDOWS\System32\lameACM.acm
[2010/03/09 18:10:59 | 000,217,088 | ---- | C] (www.helixcommunity.org) -- C:\WINDOWS\System32\yv12vfw.dll
[2010/03/09 18:10:59 | 000,151,552 | ---- | C] (fccHandler) -- C:\WINDOWS\System32\ac3acm.acm
[2010/03/09 18:10:55 | 000,000,000 | -H-D | C] -- C:\Program Files\K-Lite Codec Pack
[2010/03/09 18:03:00 | 000,000,000 | R--D | C] -- C:\Documents and Settings\OrlandoBoom\My Documents\My Videos
[2010/03/09 17:58:48 | 000,000,000 | -H-D | C] -- C:\Program Files\Windows Media Connect 2
[2010/03/09 17:57:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\UMDF
[2010/03/09 17:57:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles
[2010/03/09 17:57:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2010/03/09 16:48:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\OrlandoBoom\Local Settings\Application Data\PCHealth
[2010/03/09 16:10:29 | 000,000,000 | -H-D | C] -- C:\Program Files\MSXML 4.0
[2010/03/09 16:10:00 | 000,000,000 | -H-D | C] -- C:\d484f66cec0578593704c1d2a1
[2010/03/09 15:44:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2010/03/09 15:44:11 | 000,000,000 | -H-D | C] -- C:\Program Files\MSBuild
[2010/03/09 15:44:07 | 000,000,000 | -H-D | C] -- C:\Program Files\Reference Assemblies
[2010/03/09 15:43:44 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\prntvpt.dll
[2010/03/09 15:43:43 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpssvcs.dll
[2010/03/09 15:43:18 | 000,000,000 | R-SD | C] -- C:\WINDOWS\assembly
[2010/03/09 15:43:00 | 000,000,000 | -H-D | C] -- C:\WINDOWS\Microsoft.NET
[2010/03/09 15:41:58 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\OrlandoBoom\IECompatCache
[2010/03/09 15:41:36 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\OrlandoBoom\PrivacIE
[2010/03/09 15:24:57 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\OrlandoBoom\IETldCache
[2010/03/09 15:21:22 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8updates
[2010/03/09 15:21:02 | 000,000,000 | -H-D | C] -- C:\WINDOWS\WBEM
[2010/03/09 15:20:38 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2010/03/09 15:19:00 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\OrlandoBoom\Local Settings\Application Data\Temp
[2010/03/09 15:19:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google
[2010/03/09 15:14:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2010/03/09 14:57:44 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\OrlandoBoom\Application Data\Macromedia
[2010/03/09 14:57:44 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\OrlandoBoom\Application Data\Adobe
[2010/03/09 14:57:40 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\OrlandoBoom\Local Settings\Application Data\Google
[2010/03/09 14:57:40 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\OrlandoBoom\Application Data\Google
[2010/03/09 14:55:57 | 000,000,000 | -H-D | C] -- C:\Program Files\Google
[2010/03/09 14:55:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Google
[2010/03/09 14:55:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NOS
[2010/03/09 14:43:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\AGEIA
[2010/03/09 14:43:16 | 000,000,000 | -H-D | C] -- C:\Program Files\AGEIA Technologies
[2010/03/09 14:43:10 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2010/03/09 14:43:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NVIDIA Corporation
[2010/03/09 14:42:30 | 013,602,816 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvoglnt.dll
[2010/03/09 14:42:30 | 000,069,632 | ---- | C] (Khronos Group) -- C:\WINDOWS\System32\OpenCL.dll
[2010/03/09 14:42:29 | 004,038,656 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcuda.dll
[2010/03/09 14:42:29 | 002,259,560 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcuvid.dll
[2010/03/09 14:42:29 | 001,989,224 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcuvenc.dll
[2010/03/09 14:42:27 | 011,374,592 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcompiler.dll
[2010/03/09 14:42:27 | 001,056,768 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvapi.dll
[2010/03/09 14:42:27 | 000,182,888 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcodins.dll
[2010/03/09 14:42:27 | 000,182,888 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcod.dll
[2010/03/09 14:42:24 | 000,000,000 | -H-D | C] -- C:\NVIDIA
[2010/03/09 14:26:56 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010/03/09 12:21:54 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\Lang
[2010/03/09 12:14:25 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\OrlandoBoom\UserData
[2010/03/09 12:07:58 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\PreInstall
[2010/03/09 12:07:57 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$
[2010/03/09 12:05:18 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2010/03/09 12:02:57 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\OrlandoBoom\Application Data\Systweak
[2010/03/09 12:02:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\OrlandoBoom\Local Settings\Application Data\AskToolbar
[2010/03/09 11:59:06 | 000,000,000 | -H-D | C] -- C:\Program Files\Ask.com
[2010/03/09 11:58:57 | 000,000,000 | -H-D | C] -- C:\Program Files\MSSOAP
[2010/03/09 11:58:47 | 001,563,008 | -H-- | C] (Webroot Software, Inc.) -- C:\WINDOWS\WRSetup.dll
[2010/03/09 11:58:47 | 000,000,000 | -H-D | C] -- C:\Program Files\Webroot
[2010/03/09 11:58:47 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\OrlandoBoom\Application Data\Webroot
[2010/03/09 11:58:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Webroot
[2010/03/09 11:57:22 | 000,000,000 | -H-D | C] -- C:\Program Files\BitDefender
[2010/03/09 11:57:22 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\OrlandoBoom\Application Data\BitDefender
[2010/03/09 11:57:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\BitDefender
[2010/03/09 11:56:50 | 000,000,000 | -H-D | C] -- C:\Program Files\Common Files\BitDefender
[2010/03/09 11:53:10 | 000,000,000 | -H-D | C] -- C:\Program Files\NVIDIA Corporation
[2010/03/09 11:51:59 | 000,000,000 | -H-D | C] -- C:\Program Files\ASUS
[2010/03/09 11:50:53 | 000,466,944 | -H-- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\CapabilityTable.exe
[2010/03/09 11:50:46 | 000,208,896 | -H-- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvuide.exe
[2010/03/09 11:50:45 | 000,289,792 | RH-- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\idecoiins.dll
[2010/03/09 11:50:45 | 000,289,792 | RH-- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\idecoi.dll
[2010/03/09 11:50:45 | 000,100,736 | RH-- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\drivers\nvata.sys
[2010/03/09 11:50:45 | 000,035,840 | RH-- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NVCOI.DLL
[2010/03/09 11:50:04 | 000,204,288 | RH-- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\fdco1ins.dll
[2010/03/09 11:50:04 | 000,204,288 | RH-- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\fdco1.dll
[2010/03/09 11:50:04 | 000,159,232 | RH-- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\fdco_l1036.dll
[2010/03/09 11:50:04 | 000,159,232 | RH-- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\fdco_l1034.dll
[2010/03/09 11:50:04 | 000,159,232 | RH-- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\fdco_l1031.dll
[2010/03/09 11:50:04 | 000,158,720 | RH-- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\fdco_l1046.dll
[2010/03/09 11:50:04 | 000,158,720 | RH-- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\fdco_l1040.dll
[2010/03/09 11:50:04 | 000,156,672 | RH-- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\fdco_l1042.dll
[2010/03/09 11:50:04 | 000,156,672 | RH-- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\fdco_l1041.dll
[2010/03/09 11:50:04 | 000,155,648 | RH-- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\fdco_l1028.dll
[2010/03/09 11:50:04 | 000,155,136 | RH-- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\fdco_l2052.dll
[2010/03/09 11:50:04 | 000,034,176 | RH-- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\drivers\NVENETFD.sys
[2010/03/09 11:50:03 | 000,208,896 | -H-- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvunrm.exe
[2010/03/09 11:50:03 | 000,101,632 | -H-- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\drivers\nvtcp.sys
[2010/03/09 11:50:03 | 000,000,000 | -H-D | C] -- C:\WINDOWS\NV1920464.TMP
[2010/03/09 11:50:02 | 000,305,152 | RH-- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\drivers\nvnrm.sys
[2010/03/09 11:50:02 | 000,222,592 | RH-- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\drivers\nvsnpu.sys
[2010/03/09 11:50:02 | 000,035,840 | RH-- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvconrm.dll
[2010/03/09 11:50:02 | 000,013,056 | RH-- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\drivers\nvnetbus.sys
[2010/03/09 11:50:02 | 000,009,728 | RH-- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\bdco1ins.dll
[2010/03/09 11:50:02 | 000,009,728 | RH-- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\bdco1.dll
[2010/03/09 11:50:01 | 000,208,896 | RH-- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvusmb.exe
[2010/03/09 11:49:42 | 000,592,488 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NVUNINST.EXE
[2010/03/09 11:49:25 | 000,495,616 | RH-- | C] (ASUS) -- C:\WINDOWS\System32\AsusSetup.exe
[2010/03/09 11:48:49 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\RTCOM
[2010/03/09 11:48:43 | 002,879,488 | RH-- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SkyTel.exe
[2010/03/09 11:48:43 | 000,086,016 | RH-- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SoundMan.exe
[2010/03/09 11:48:42 | 001,183,744 | RH-- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RtlUpd.exe
[2010/03/09 11:48:40 | 004,225,920 | RH-- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\RtkHDAud.Sys
[2010/03/09 11:48:40 | 000,282,624 | RH-- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\RTSndMgr.Cpl
[2010/03/09 11:48:38 | 009,709,568 | RH-- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTLCPL.exe
[2010/03/09 11:48:32 | 002,157,568 | RH-- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\MicCal.exe
[2010/03/09 11:48:29 | 000,069,632 | RH-- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\Alcmtr.exe
[2010/03/09 11:48:28 | 002,808,832 | RH-- | C] (RealTek Semicoductor Corp.) -- C:\WINDOWS\alcwzrd.exe
[2010/03/09 11:48:28 | 000,299,008 | RH-- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\ALSndMgr.Cpl
[2010/03/09 11:48:28 | 000,000,000 | -H-D | C] -- C:\Program Files\Realtek
[2010/03/09 11:48:27 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2010/03/09 11:47:34 | 000,499,712 | RH-- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RtlExUpd.dll
[2010/03/09 11:47:30 | 000,000,000 | -H-D | C] -- C:\Program Files\Common Files\InstallShield
[2010/03/09 11:45:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2010/03/09 11:45:27 | 000,000,000 | -H-D | C] -- C:\WINDOWS\SoftwareDistribution
[2010/03/09 11:44:18 | 000,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft
[2010/03/09 11:43:14 | 000,079,872 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml6r.dll
[2010/03/09 11:43:12 | 001,329,152 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\WMSPDMOE.dll
[2010/03/09 11:43:12 | 000,604,160 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmspdmod.dll
[2010/03/09 11:43:12 | 000,242,688 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmpasf.dll
[2010/03/09 11:43:12 | 000,227,328 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmerror.dll
[2010/03/09 11:43:12 | 000,157,184 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmidx.dll
[2010/03/09 11:43:12 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmvdmoe2.dll
[2010/03/09 11:43:12 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmsdmoe2.dll
[2010/03/09 11:43:12 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MP4SDMOD.dll
[2010/03/09 11:43:12 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MP43DMOD.dll
[2010/03/09 11:43:10 | 002,134,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpsnap.dll
[2010/03/09 11:43:10 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\irbus.sys
[2010/03/09 11:43:10 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsdupd.exe
[2010/03/09 11:43:09 | 002,113,536 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dxdiagn.dll
[2010/03/09 11:43:09 | 001,888,992 | -H-- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ati3duag.dll
[2010/03/09 11:43:09 | 001,689,088 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3d9.dll
[2010/03/09 11:43:09 | 000,870,784 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ati3d1ag.dll
[2010/03/09 11:43:09 | 000,650,752 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3ui.dll
[2010/03/09 11:43:09 | 000,516,768 | -H-- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ativvaxx.dll
[2010/03/09 11:43:09 | 000,377,984 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2dvaa.dll
[2010/03/09 11:43:09 | 000,233,472 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\azroles.dll
[2010/03/09 11:43:09 | 000,229,376 | -H-- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2cqag.dll
[2010/03/09 11:43:09 | 000,201,728 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2dvag.dll
[2010/03/09 11:43:09 | 000,193,024 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fsquirt.exe
[2010/03/09 11:43:09 | 000,184,832 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapp3hst.dll
[2010/03/09 11:43:09 | 000,180,224 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapphost.dll
[2010/03/09 11:43:09 | 000,136,192 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\aaclient.dll
[2010/03/09 11:43:09 | 000,126,976 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappcfg.dll
[2010/03/09 11:43:09 | 000,110,592 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bthprops.cpl
[2010/03/09 11:43:09 | 000,094,208 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappgnui.dll
[2010/03/09 11:43:09 | 000,080,896 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\firewall.cpl
[2010/03/09 11:43:09 | 000,071,680 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\blastcln.exe
[2010/03/09 11:43:09 | 000,060,416 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fwcfg.dll
[2010/03/09 11:43:09 | 000,059,392 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapqec.dll
[2010/03/09 11:43:09 | 000,057,856 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3cfg.dll
[2010/03/09 11:43:09 | 000,056,320 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3msm.dll
[2010/03/09 11:43:09 | 000,050,688 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\btpanui.dll
[2010/03/09 11:43:09 | 000,048,640 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dhcpqec.dll
[2010/03/09 11:43:09 | 000,040,960 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappprxy.dll
[2010/03/09 11:43:09 | 000,039,936 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3gpclnt.dll
[2010/03/09 11:43:09 | 000,039,936 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dimsroam.dll
[2010/03/09 11:43:09 | 000,032,768 | -H-- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativtmxx.dll
[2010/03/09 11:43:09 | 000,032,285 | -H-- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\hsfcisp2.dll
[2010/03/09 11:43:09 | 000,030,720 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapolqec.dll
[2010/03/09 11:43:09 | 000,026,112 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3api.dll
[2010/03/09 11:43:09 | 000,023,040 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fltmc.exe
[2010/03/09 11:43:09 | 000,023,040 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativmvxx.ax
[2010/03/09 11:43:09 | 000,020,992 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bthci.dll
[2010/03/09 11:43:09 | 000,014,336 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\auditusr.exe
[2010/03/09 11:43:09 | 000,013,312 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmsetacl.dll
[2010/03/09 11:43:09 | 000,009,728 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativdaxx.ax
[2010/03/09 11:43:09 | 000,009,216 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3dlg.dll
[2010/03/09 11:43:09 | 000,008,192 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx2.dll
[2010/03/09 11:43:09 | 000,007,168 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx4.dll
[2010/03/09 11:43:09 | 000,007,168 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx3.dll
[2010/03/09 11:43:08 | 006,282,752 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nv4_disp.dll
[2010/03/09 11:43:08 | 001,737,856 | -H-- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\mtxparhd.dll
[2010/03/09 11:43:08 | 000,848,384 | -H-- | C] (Intel Corporation) -- C:\WINDOWS\System32\ir41_32.ax
[2010/03/09 11:43:08 | 000,755,200 | -H-- | C] (Intel Corporation) -- C:\WINDOWS\System32\ir50_32.dll
[2010/03/09 11:43:08 | 000,412,160 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\photometadatahandler.dll
[2010/03/09 11:43:08 | 000,397,312 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcex.dll
[2010/03/09 11:43:08 | 000,397,056 | -H-- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\s3gnb.dll
[2010/03/09 11:43:08 | 000,385,024 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\html.iec
[2010/03/09 11:43:08 | 000,338,432 | -H-- | C] (Intel Corporation.) -- C:\WINDOWS\System32\ir41_qcx.dll
[2010/03/09 11:43:08 | 000,313,856 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\p2pgraph.dll
[2010/03/09 11:43:08 | 000,290,304 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rhttpaa.dll
[2010/03/09 11:43:08 | 000,200,192 | -H-- | C] (Intel Corporation.) -- C:\WINDOWS\System32\ir50_qc.dll
[2010/03/09 11:43:08 | 000,199,680 | -H-- | C] (Intel Corporation) -- C:\WINDOWS\System32\iac25_32.ax
[2010/03/09 11:43:08 | 000,193,024 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napmontr.dll
[2010/03/09 11:43:08 | 000,184,320 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\microsoft.managementconsole.dll
[2010/03/09 11:43:08 | 000,183,808 | -H-- | C] (Intel Corporation.) -- C:\WINDOWS\System32\ir50_qcx.dll
[2010/03/09 11:43:08 | 000,176,640 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napstat.exe
[2010/03/09 11:43:08 | 000,155,136 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mssha.dll
[2010/03/09 11:43:08 | 000,154,624 | -H-- | C] (Intel Corporation) -- C:\WINDOWS\System32\ivfsrc.ax
[2010/03/09 11:43:08 | 000,153,600 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\p2p.dll
[2010/03/09 11:43:08 | 000,150,528 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qagent.dll
[2010/03/09 11:43:08 | 000,144,384 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\onex.dll
[2010/03/09 11:43:08 | 000,120,320 | -H-- | C] (Intel Corporation.) -- C:\WINDOWS\System32\ir41_qc.dll
[2010/03/09 11:43:08 | 000,118,784 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdadiag.dll
[2010/03/09 11:43:08 | 000,115,712 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\p2pnetsh.dll
[2010/03/09 11:43:08 | 000,106,496 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcfxcommon.dll
[2010/03/09 11:43:08 | 000,105,472 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\p2pgasvc.dll
[2010/03/09 11:43:08 | 000,086,016 | -H-- | C] (Conexant) -- C:\WINDOWS\System32\mdmxsdk.dll
[2010/03/09 11:43:08 | 000,076,800 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qutil.dll
[2010/03/09 11:43:08 | 000,076,800 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msshavmsg.dll
[2010/03/09 11:43:08 | 000,062,464 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qcliprov.dll
[2010/03/09 11:43:08 | 000,061,952 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rasqec.dll
[2010/03/09 11:43:08 | 000,049,152 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\powercfg.exe
[2010/03/09 11:43:08 | 000,037,376 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\l2gpstore.dll
[2010/03/09 11:43:08 | 000,033,792 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcperf.exe
[2010/03/09 11:43:08 | 000,030,208 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napipsec.dll
[2010/03/09 11:43:08 | 000,025,600 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\netsetup.cpl
[2010/03/09 11:43:08 | 000,025,088 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\httpapi.dll
[2010/03/09 11:43:08 | 000,007,680 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsmsno.dll
[2010/03/09 11:43:08 | 000,007,680 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsmsfi.dll
[2010/03/09 11:43:08 | 000,007,168 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdukx.dll
[2010/03/09 11:43:08 | 000,007,168 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdno1.dll
[2010/03/09 11:43:08 | 000,007,168 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdfi1.dll
[2010/03/09 11:43:08 | 000,006,656 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdinmal.dll
[2010/03/09 11:43:08 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpash.dll
[2010/03/09 11:43:08 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdnepr.dll
[2010/03/09 11:43:08 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmlt48.dll
[2010/03/09 11:43:08 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmlt47.dll
[2010/03/09 11:43:08 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdiultn.dll
[2010/03/09 11:43:08 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdinben.dll
[2010/03/09 11:43:08 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdinbe1.dll
[2010/03/09 11:43:08 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbhc.dll
[2010/03/09 11:43:08 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmaori.dll
[2010/03/09 11:43:07 | 000,712,704 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\windowscodecs.dll
[2010/03/09 11:43:07 | 000,689,152 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsp3res.dll
[2010/03/09 11:43:07 | 000,575,704 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll
[2010/03/09 11:43:07 | 000,438,784 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpob2res.dll
[2010/03/09 11:43:07 | 000,346,112 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\windowscodecsext.dll
[2010/03/09 11:43:07 | 000,327,896 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll
[2010/03/09 11:43:07 | 000,286,792 | -H-- | C] (Smart Link) -- C:\WINDOWS\System32\slextspk.dll
[2010/03/09 11:43:07 | 000,276,992 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmphoto.dll
[2010/03/09 11:43:07 | 000,188,508 | -H-- | C] (Smart Link) -- C:\WINDOWS\System32\slgen.dll
[2010/03/09 11:43:07 | 000,183,296 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng1.dll
[2010/03/09 11:43:07 | 000,165,888 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauclt1.exe
[2010/03/09 11:43:07 | 000,148,480 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wscui.cpl
[2010/03/09 11:43:07 | 000,075,776 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\strmfilt.dll
[2010/03/09 11:43:07 | 000,073,832 | -H-- | C] (Smart Link) -- C:\WINDOWS\System32\slcoinst.dll
[2010/03/09 11:43:07 | 000,073,796 | -H-- | C] (Smart Link) -- C:\WINDOWS\System32\slserv.exe
[2010/03/09 11:43:07 | 000,069,120 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wlanapi.dll
[2010/03/09 11:43:07 | 000,053,248 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsgqec.dll
[2010/03/09 11:43:07 | 000,050,176 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xmlprovi.dll
[2010/03/09 11:43:07 | 000,035,552 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wups.dll
[2010/03/09 11:43:07 | 000,032,866 | -H-- | C] (Smart Link) -- C:\WINDOWS\System32\slrundll.exe
[2010/03/09 11:43:07 | 000,032,866 | -H-- | C] (Smart Link) -- C:\WINDOWS\slrundll.exe
[2010/03/09 11:43:07 | 000,032,768 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\setupn.exe
[2010/03/09 11:43:07 | 000,029,184 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sdhcinst.dll
[2010/03/09 11:43:07 | 000,028,672 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vidcap.ax
[2010/03/09 11:43:07 | 000,028,672 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\verclsid.exe
[2010/03/09 11:43:07 | 000,017,408 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winshfhc.dll
[2010/03/09 11:43:07 | 000,008,192 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\smbinst.exe
[2010/03/09 11:43:07 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\scripting
[2010/03/09 11:43:07 | 000,000,000 | -H-D | C] -- C:\WINDOWS\provisioning
[2010/03/09 11:43:07 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\en-us
[2010/03/09 11:43:06 | 000,000,000 | -H-D | C] -- C:\WINDOWS\peernet
[2010/03/09 11:43:06 | 000,000,000 | -H-D | C] -- C:\WINDOWS\l2schemas
[2010/03/09 11:43:06 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\en
[2010/03/09 11:43:06 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\bits
[2010/03/09 11:42:22 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ServicePackFiles
[2010/03/09 11:42:02 | 010,235,968 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\drivers\nv4_mini.sys
[2010/03/09 11:42:02 | 002,897,920 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsp2res.dll
[2010/03/09 11:42:02 | 001,309,184 | -H-- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlstrm.sys
[2010/03/09 11:42:02 | 000,701,440 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtag.sys
[2010/03/09 11:42:02 | 000,452,736 | -H-- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\drivers\mtxparhm.sys
[2010/03/09 11:42:02 | 000,404,990 | -H-- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slntamr.sys
[2010/03/09 11:42:02 | 000,327,040 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtaa.sys
[2010/03/09 11:42:02 | 000,180,360 | -H-- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\ntmtlfax.sys
[2010/03/09 11:42:02 | 000,166,912 | -H-- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\drivers\s3gnbm.sys
[2010/03/09 11:42:02 | 000,144,384 | -H-- | C] (Windows ® Server 2003 DDK provider) -- C:\WINDOWS\System32\drivers\hdaudbus.sys
[2010/03/09 11:42:02 | 000,129,535 | -H-- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnt7554.sys
[2010/03/09 11:42:02 | 000,126,686 | -H-- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlmnt5.sys
[2010/03/09 11:42:02 | 000,104,960 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinrvxx.sys
[2010/03/09 11:42:02 | 000,095,424 | -H-- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnthal.sys
[2010/03/09 11:42:02 | 000,073,216 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atintuxx.sys
[2010/03/09 11:42:02 | 000,063,663 | -H-- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1rvxx.sys
[2010/03/09 11:42:02 | 000,063,488 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxsxx.sys
[2010/03/09 11:42:02 | 000,057,856 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinbtxx.sys
[2010/03/09 11:42:02 | 000,056,623 | -H-- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1btxx.sys
[2010/03/09 11:42:02 | 000,052,224 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinraxx.sys
[2010/03/09 11:42:02 | 000,036,480 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthprint.sys
[2010/03/09 11:42:02 | 000,036,463 | -H-- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1tuxx.sys
[2010/03/09 11:42:02 | 000,034,735 | -H-- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xsxx.sys
[2010/03/09 11:42:02 | 000,031,744 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxbxx.sys
[2010/03/09 11:42:02 | 000,030,671 | -H-- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1raxx.sys
[2010/03/09 11:42:02 | 000,030,592 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rndismpx.sys
[2010/03/09 11:42:02 | 000,029,455 | -H-- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xbxx.sys
[2010/03/09 11:42:02 | 000,028,672 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinsnxx.sys
[2010/03/09 11:42:02 | 000,026,367 | -H-- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1snxx.sys
[2010/03/09 11:42:02 | 000,025,471 | -H-- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\watv10nt.sys
[2010/03/09 11:42:02 | 000,025,471 | -H-- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\atv04nt5.dll
[2010/03/09 11:42:02 | 000,022,271 | -H-- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\watv06nt.sys
[2010/03/09 11:42:02 | 000,021,343 | -H-- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1ttxx.sys
[2010/03/09 11:42:02 | 000,021,183 | -H-- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\atv01nt5.dll
[2010/03/09 11:42:02 | 000,017,279 | -H-- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\atv10nt5.dll
[2010/03/09 11:42:02 | 000,015,423 | -H-- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\ch7xxnt5.dll
[2010/03/09 11:42:02 | 000,014,336 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinpdxx.sys
[2010/03/09 11:42:02 | 000,014,143 | -H-- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\atv06nt5.dll
[2010/03/09 11:42:02 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinttxx.sys
[2010/03/09 11:42:02 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinmdxx.sys
[2010/03/09 11:42:02 | 000,013,776 | -H-- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\recagent.sys
[2010/03/09 11:42:02 | 000,013,240 | -H-- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slwdmsup.sys
[2010/03/09 11:42:02 | 000,012,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mutohpen.sys
[2010/03/09 11:42:02 | 000,012,047 | -H-- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1pdxx.sys
[2010/03/09 11:42:02 | 000,011,935 | -H-- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\wadv11nt.sys
[2010/03/09 11:42:02 | 000,011,871 | -H-- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\wadv09nt.sys
[2010/03/09 11:42:02 | 000,011,807 | -H-- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\wadv07nt.sys
[2010/03/09 11:42:02 | 000,011,615 | -H-- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1mdxx.sys
[2010/03/09 11:42:02 | 000,011,359 | -H-- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\atv02nt5.dll
[2010/03/09 11:42:02 | 000,011,325 | -H-- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\vchnt5.dll
[2010/03/09 11:42:02 | 000,011,295 | -H-- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\wadv08nt.sys
[2010/03/09 11:42:02 | 000,004,255 | -H-- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv01nt5.dll
[2010/03/09 11:42:02 | 000,003,967 | -H-- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv02nt5.dll
[2010/03/09 11:42:02 | 000,003,901 | -H-- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\siint5.dll
[2010/03/09 11:42:02 | 000,003,775 | -H-- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv11nt5.dll
[2010/03/09 11:42:02 | 000,003,711 | -H-- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv09nt5.dll
[2010/03/09 11:42:02 | 000,003,647 | -H-- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv07nt5.dll
[2010/03/09 11:42:02 | 000,003,615 | -H-- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv05nt5.dll
[2010/03/09 11:42:02 | 000,003,135 | -H-- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv08nt5.dll
[2010/03/09 11:42:02 | 000,000,000 | -H-D | C] -- C:\WINDOWS\network diagnostic
[2010/03/09 11:41:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups
[2010/03/09 11:41:42 | 000,026,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spupdsvc.exe
[2010/03/09 11:41:17 | 000,000,000 | -H-D | C] -- C:\WINDOWS\EHome
[2010/03/09 11:37:55 | 000,000,000 | -H-D | C] -- C:\Program Files\SpeedFan
[2010/03/09 11:30:32 | 000,000,000 | -HSD | C] -- C:\WINDOWS\Installer
[2010/03/09 11:30:30 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\OrlandoBoom\Application Data\Identities
[2010/03/09 11:30:27 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\OrlandoBoom\My Documents\My Music
[2010/03/09 11:30:27 | 000,000,000 | R--D | C] -- C:\Documents and Settings\OrlandoBoom\My Documents\My Pictures
[2010/03/09 11:30:27 | 000,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
[2010/03/09 11:30:26 | 000,000,000 | --SD | C] -- C:\Documents and Settings\OrlandoBoom\Application Data\Microsoft
[2010/03/09 11:30:26 | 000,000,000 | --SD | C] -- C:\Documents and Settings\OrlandoBoom\Cookies
[2010/03/09 11:30:26 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\OrlandoBoom\SendTo
[2010/03/09 11:30:26 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\OrlandoBoom\Favorites
[2010/03/09 11:30:26 | 000,000,000 | R--D | C] -- C:\Documents and Settings\OrlandoBoom\Start Menu
[2010/03/09 11:30:26 | 000,000,000 | R--D | C] -- C:\Documents and Settings\OrlandoBoom\My Documents
[2010/03/09 11:30:26 | 000,000,000 | R--D | C] -- C:\Documents and Settings\OrlandoBoom\Application Data
[2010/03/09 11:30:26 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\OrlandoBoom\Templates
[2010/03/09 11:30:26 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\OrlandoBoom\PrintHood
[2010/03/09 11:30:26 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\OrlandoBoom\NetHood
[2010/03/09 11:30:26 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\OrlandoBoom\Local Settings\Application Data\Microsoft
[2010/03/09 11:30:26 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\OrlandoBoom\Local Settings
[2010/03/09 11:30:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\OrlandoBoom\Desktop
[2010/03/09 11:29:03 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2010/03/09 11:29:01 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2010/03/09 11:29:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2010/03/09 11:26:47 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\xircom
[2010/03/09 11:26:47 | 000,000,000 | -H-D | C] -- C:\Program Files\xerox
[2010/03/09 11:26:47 | 000,000,000 | -H-D | C] -- C:\Program Files\microsoft frontpage
[2010/03/09 11:26:17 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\DRM
[2010/03/09 11:26:12 | 000,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files
[2010/03/09 11:26:12 | 000,000,000 | RH-D | C] -- C:\WINDOWS\Offline Web Pages
[2010/03/09 11:25:56 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\DirectX
[2010/03/09 11:25:24 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\notiflag.exe
[2010/03/09 11:25:24 | 000,011,264 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\atrace.dll
[2010/03/09 11:25:24 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atrace.dll
[2010/03/09 11:25:23 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helphost.exe
[2010/03/09 11:25:23 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\brpinfo.dll
[2010/03/09 11:25:23 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hcappres.dll
[2010/03/09 11:25:15 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srdiag.exe
[2010/03/09 11:25:14 | 000,012,288 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmevtmsg.dll
[2010/03/09 11:25:14 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmevtmsg.dll
[2010/03/09 11:25:13 | 000,064,512 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\acctres.dll
[2010/03/09 11:25:13 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\acctres.dll
[2010/03/09 11:25:13 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msinfo32.exe
[2010/03/09 11:25:13 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wb32.exe
[2010/03/09 11:25:13 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cb32.exe
[2010/03/09 11:25:12 | 000,000,000 | -H-D | C] -- C:\Program Files\Common Files\Services
[2010/03/09 11:25:09 | 000,000,000 | --SD | C] -- C:\WINDOWS\Tasks
[2010/03/09 11:25:08 | 000,016,384 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icfgnt5.dll
[2010/03/09 11:25:08 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icfgnt5.dll
[2010/03/09 11:25:07 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssoapr.dll
[2010/03/09 11:25:06 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssoap1.dll
[2010/03/09 11:25:06 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wisc10.dll
[2010/03/09 11:25:06 | 000,000,000 | -H-D | C] -- C:\Program Files\Common Files\MSSoap
[2010/03/09 11:25:04 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieinfo5.ocx
[2010/03/09 11:25:02 | 000,000,000 | -H-D | C] -- C:\WINDOWS\srchasst
[2010/03/09 11:25:01 | 000,520,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpvis.dll
[2010/03/09 11:25:01 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\Macromed
[2010/03/09 11:25:00 | 000,319,542 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmmres.dll
[2010/03/09 11:25:00 | 000,163,897 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmmutil.dll
[2010/03/09 11:25:00 | 000,110,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmmfilt.dll
[2010/03/09 11:25:00 | 000,000,000 | -H-D | C] -- C:\Program Files\Movie Maker
[2010/03/09 11:24:56 | 000,000,000 | -H-D | C] -- C:\WINDOWS\PCHealth
[2010/03/09 11:24:55 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\Restore
[2010/03/09 11:24:52 | 000,000,000 | -H-D | C] -- C:\Program Files\NetMeeting
[2010/03/09 11:24:51 | 000,000,000 | -H-D | C] -- C:\Program Files\Outlook Express
[2010/03/09 11:24:47 | 000,000,000 | -H-D | C] -- C:\Program Files\Common Files\System
[2010/03/09 11:24:45 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Pictures
[2010/03/09 11:24:45 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Music
[2010/03/09 11:24:45 | 000,000,000 | -H-D | C] -- C:\Program Files\Internet Explorer
[2010/03/09 11:24:34 | 000,000,000 | -H-D | C] -- C:\Program Files\ComPlus Applications
[2010/03/09 11:24:33 | 000,000,000 | -H-D | C] -- C:\WINDOWS\Registration
[2010/03/09 11:24:32 | 000,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate
[2010/03/09 11:24:32 | 000,000,000 | -H-D | C] -- C:\Program Files\Windows Media Player
[2010/03/09 11:24:32 | 000,000,000 | -H-D | C] -- C:\Program Files\Online Services
[2010/03/09 11:24:29 | 000,000,000 | -H-D | C] -- C:\Program Files\Messenger
[2010/03/09 11:24:27 | 001,817,687 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgres.dll
[2010/03/09 11:24:27 | 000,780,885 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrres.dll
[2010/03/09 11:24:27 | 000,753,236 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvseres.dll
[2010/03/09 11:24:27 | 000,082,501 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckg.dll
[2010/03/09 11:24:27 | 000,048,706 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvse.dll
[2010/03/09 11:24:27 | 000,042,577 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgzm.exe
[2010/03/09 11:24:27 | 000,042,575 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrzm.exe
[2010/03/09 11:24:27 | 000,042,574 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvsezm.exe
[2010/03/09 11:24:27 | 000,040,515 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkr.dll
[2010/03/09 11:24:26 | 002,178,131 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlres.dll
[2010/03/09 11:24:26 | 001,175,635 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzres.dll
[2010/03/09 11:24:26 | 000,066,113 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvl.dll
[2010/03/09 11:24:26 | 000,057,409 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtz.dll
[2010/03/09 11:24:26 | 000,042,573 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlzm.exe
[2010/03/09 11:24:26 | 000,042,573 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzzm.exe
[2010/03/09 11:24:26 | 000,041,029 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zcorem.dll
[2010/03/09 11:24:26 | 000,032,339 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniansi.dll
[2010/03/09 11:24:26 | 000,013,894 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zonelibm.dll
[2010/03/09 11:24:26 | 000,004,677 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zeeverm.dll
[2010/03/09 11:24:25 | 001,039,955 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnresm.dll
[2010/03/09 11:24:25 | 000,217,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnclim.dll
[2010/03/09 11:24:25 | 000,113,222 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zoneclim.dll
[2010/03/09 11:24:25 | 000,036,937 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zclientm.exe
[2010/03/09 11:24:25 | 000,029,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\znetm.dll
[2010/03/09 11:24:25 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\write.exe
[2010/03/09 11:24:25 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\write.exe
[2010/03/09 11:24:25 | 000,000,000 | -H-D | C] -- C:\Program Files\MSN Gaming Zone
[2010/03/09 11:24:17 | 000,138,752 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndvol32.exe
[2010/03/09 11:24:17 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndvol32.exe
[2010/03/09 11:24:17 | 000,044,544 | -H-- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\hticons.dll
[2010/03/09 11:24:16 | 000,227,840 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avtapi.dll
[2010/03/09 11:24:16 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avtapi.dll
[2010/03/09 11:24:16 | 000,073,216 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avwav.dll
[2010/03/09 11:24:16 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avwav.dll
[2010/03/09 11:24:16 | 000,016,384 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avmeter.dll
[2010/03/09 11:24:16 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avmeter.dll
[2010/03/09 11:24:16 | 000,013,312 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\dllcache\htrn_jis.dll
[2010/03/09 11:24:15 | 000,035,328 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winchat.exe
[2010/03/09 11:24:15 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winchat.exe
[2010/03/09 11:24:09 | 000,605,696 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\getuname.dll
[2010/03/09 11:24:09 | 000,605,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\getuname.dll
[2010/03/09 11:24:09 | 000,114,688 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\calc.exe
[2010/03/09 11:24:09 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\calc.exe
[2010/03/09 11:24:09 | 000,080,384 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\charmap.exe
[2010/03/09 11:24:09 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\charmap.exe
[2010/03/09 11:24:09 | 000,056,832 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sol.exe
[2010/03/09 11:24:09 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sol.exe
[2010/03/09 11:24:08 | 000,126,976 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mshearts.exe
[2010/03/09 11:24:08 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshearts.exe
[2010/03/09 11:24:08 | 000,119,808 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winmine.exe
[2010/03/09 11:24:08 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmine.exe
[2010/03/09 11:24:08 | 000,055,296 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\freecell.exe
[2010/03/09 11:24:08 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\freecell.exe
[2010/03/09 11:24:08 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\reset.exe
[2010/03/09 11:24:08 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\reset.exe
[2010/03/09 11:24:07 | 000,033,792 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\regini.exe
[2010/03/09 11:24:07 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\regini.exe
[2010/03/09 11:24:07 | 000,022,016 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qwinsta.exe
[2010/03/09 11:24:07 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qwinsta.exe
[2010/03/09 11:24:07 | 000,020,992 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msg.exe
[2010/03/09 11:24:07 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msg.exe
[2010/03/09 11:24:07 | 000,016,896 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsshutdn.exe
[2010/03/09 11:24:07 | 000,016,896 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qappsrv.exe
[2010/03/09 11:24:07 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsshutdn.exe
[2010/03/09 11:24:07 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qappsrv.exe
[2010/03/09 11:24:07 | 000,016,384 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tskill.exe
[2010/03/09 11:24:07 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tskill.exe
[2010/03/09 11:24:07 | 000,015,872 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rwinsta.exe
[2010/03/09 11:24:07 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rwinsta.exe
[2010/03/09 11:24:07 | 000,014,848 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsdiscon.exe
[2010/03/09 11:24:07 | 000,014,848 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscon.exe
[2010/03/09 11:24:07 | 000,014,848 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\shadow.exe
[2010/03/09 11:24:07 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsdiscon.exe
[2010/03/09 11:24:07 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscon.exe
[2010/03/09 11:24:07 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shadow.exe
[2010/03/09 11:24:07 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpcfgex.dll
[2010/03/09 11:24:07 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpcfgex.dll
[2010/03/09 11:24:06 | 000,015,872 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cdmodem.dll
[2010/03/09 11:24:06 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cdmodem.dll
[2010/03/09 11:24:06 | 000,015,360 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\logoff.exe
[2010/03/09 11:24:06 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logoff.exe
[2010/03/09 11:24:05 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtsadmin.tlb
[2010/03/09 11:24:03 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmi2xml.dll
[2010/03/09 11:23:59 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipicmp.dll
[2010/03/09 11:23:59 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmimsg.dll
[2010/03/09 11:23:59 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmitimep.dll
[2010/03/09 11:23:59 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmtr.dll
[2010/03/09 11:23:59 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmt.exe
[2010/03/09 11:23:58 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\updprov.dll
[2010/03/09 11:23:58 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmplprov.dll
[2010/03/09 11:23:58 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemdisp.tlb
[2010/03/09 11:23:58 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trnsprov.dll
[2010/03/09 11:23:58 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpcons.dll
[2010/03/09 11:23:58 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.tlb
[2010/03/09 11:23:58 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unsecapp.exe
[2010/03/09 11:23:58 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.dll
[2010/03/09 11:23:57 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msiprov.dll
[2010/03/09 11:23:57 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsprov.dll
[2010/03/09 11:23:57 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fwdprov.dll
[2010/03/09 11:23:51 | 000,000,000 | -H-D | C] -- C:\Program Files\MSN
[2010/03/09 11:23:50 | 000,000,000 | -H-D | C] -- C:\Program Files\Windows NT
[2010/03/09 11:23:48 | 000,040,960 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscupgrd.exe
[2010/03/09 11:23:48 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscupgrd.exe
[2010/03/09 11:23:47 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\MsDtc
[2010/03/09 11:23:47 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\Com
[2010/03/09 11:23:39 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Videos
[2010/03/09 02:58:36 | 000,006,400 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\enum1394.sys
[2010/03/09 02:58:01 | 000,000,000 | -H-D | C] -- C:\Program Files\Common Files\ODBC
[2010/03/09 02:58:00 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spcommon.dll
[2010/03/09 02:58:00 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spcplui.dll
[2010/03/09 02:57:59 | 000,774,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spttseng.dll
[2010/03/09 02:57:58 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapisvr.exe
[2010/03/09 02:57:58 | 000,000,000 | -H-D | C] -- C:\Program Files\Common Files\SpeechEngines
[2010/03/09 02:57:56 | 000,000,000 | -H-D | C] -- C:\Program Files\Common Files\Microsoft Shared
[2010/03/09 02:57:55 | 000,000,000 | RH-D | C] -- C:\Program Files
[2010/03/09 02:57:55 | 000,000,000 | -H-D | C] -- C:\Program Files\Common Files
[2010/03/09 02:57:45 | 000,176,157 | -H-- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dgrpsetu.dll
[2010/03/09 02:57:45 | 000,176,157 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dllcache\dgrpsetu.dll
[2010/03/09 02:57:45 | 000,103,424 | -H-- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\EqnClass.Dll
[2010/03/09 02:57:45 | 000,103,424 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqnclass.dll
[2010/03/09 02:57:45 | 000,013,600 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System\WFWNET.DRV
[2010/03/09 02:57:45 | 000,013,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wfwnet.drv
[2010/03/09 02:57:45 | 000,004,048 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TIMER.DRV
[2010/03/09 02:57:45 | 000,004,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\timer.drv
[2010/03/09 02:57:45 | 000,003,360 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SYSTEM.DRV
[2010/03/09 02:57:45 | 000,003,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\system.drv
[2010/03/09 02:57:45 | 000,002,176 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VGA.DRV
[2010/03/09 02:57:45 | 000,002,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vga.drv
[2010/03/09 02:57:45 | 000,001,744 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SOUND.DRV
[2010/03/09 02:57:45 | 000,001,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sound.drv
[2010/03/09 02:57:44 | 000,069,584 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVICAP.DLL
[2010/03/09 02:57:44 | 000,069,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avicap.dll
[2010/03/09 02:57:44 | 000,002,032 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MOUSE.DRV
[2010/03/09 02:57:44 | 000,002,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mouse.drv
[2010/03/09 02:57:44 | 000,002,000 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System\KEYBOARD.DRV
[2010/03/09 02:57:44 | 000,002,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\keyboard.drv
[2010/03/09 02:57:41 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu
[2010/03/09 02:57:41 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents
[2010/03/09 02:57:41 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Templates
[2010/03/09 02:57:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Favorites
[2010/03/09 02:57:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Desktop
[2010/03/09 02:57:34 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\CatRoot2
[2010/03/09 02:57:34 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\CatRoot
[2010/03/09 02:57:29 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2010/03/09 02:57:29 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\All Users\Application Data
[2010/03/09 02:56:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings
[2010/03/09 02:52:31 | 000,000,000 | R-SD | C] -- C:\WINDOWS\Fonts
[2010/03/09 02:52:31 | 000,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2010/03/09 02:52:31 | 000,000,000 | RH-D | C] -- C:\WINDOWS\Web
[2010/03/09 02:52:31 | 000,000,000 | -H-D | C] -- C:\WINDOWS\WinSxS
[2010/03/09 02:52:31 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\wins
[2010/03/09 02:52:31 | 000,000,000 | -H-D | C] -- C:\WINDOWS
[2010/03/09 02:52:31 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\wbem
[2010/03/09 02:52:31 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\usmt
[2010/03/09 02:52:31 | 000,000,000 | -H-D | C] -- C:\WINDOWS\twain_32
[2010/03/09 02:52:31 | 000,000,000 | -H-D | C] -- C:\WINDOWS\Temp
[2010/03/09 02:52:31 | 000,000,000 | -H-D | C] -- C:\WINDOWS\system32
[2010/03/09 02:52:31 | 000,000,000 | -H-D | C] -- C:\WINDOWS\system
[2010/03/09 02:52:31 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\spool
[2010/03/09 02:52:31 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\ShellExt
[2010/03/09 02:52:31 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\Setup
[2010/03/09 02:52:31 | 000,000,000 | -H-D | C] -- C:\WINDOWS\security
[2010/03/09 02:52:31 | 000,000,000 | -H-D | C] -- C:\WINDOWS\Resources
[2010/03/09 02:52:31 | 000,000,000 | -H-D | C] -- C:\WINDOWS\repair
[2010/03/09 02:52:31 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\ras
[2010/03/09 02:52:31 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\oobe
[2010/03/09 02:52:31 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\npp
[2010/03/09 02:52:31 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\mui
[2010/03/09 02:52:31 | 000,000,000 | -H-D | C] -- C:\WINDOWS\mui
[2010/03/09 02:52:31 | 000,000,000 | -H-D | C] -- C:\WINDOWS\msapps
[2010/03/09 02:52:31 | 000,000,000 | -H-D | C] -- C:\WINDOWS\msagent
[2010/03/09 02:52:31 | 000,000,000 | -H-D | C] -- C:\WINDOWS\Media
[2010/03/09 02:52:31 | 000,000,000 | -H-D | C] -- C:\WINDOWS\java
[2010/03/09 02:52:31 | 000,000,000 | -H-D | C] -- C:\WINDOWS\inf
[2010/03/09 02:52:31 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\inetsrv
[2010/03/09 02:52:31 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\IME
[2010/03/09 02:52:31 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ime
[2010/03/09 02:52:31 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\icsxml
[2010/03/09 02:52:31 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\ias
[2010/03/09 02:52:31 | 000,000,000 | -H-D | C] -- C:\WINDOWS\Help
[2010/03/09 02:52:31 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\export
[2010/03/09 02:52:31 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\drivers\etc
[2010/03/09 02:52:31 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\drivers
[2010/03/09 02:52:31 | 000,000,000 | -H-D | C] -- C:\WINDOWS\Driver Cache
[2010/03/09 02:52:31 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\drivers\disdn
[2010/03/09 02:52:31 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\dhcp
[2010/03/09 02:52:31 | 000,000,000 | -H-D | C] -- C:\WINDOWS\Debug
[2010/03/09 02:52:31 | 000,000,000 | -H-D | C] -- C:\WINDOWS\Cursors
[2010/03/09 02:52:31 | 000,000,000 | -H-D | C] -- C:\WINDOWS\Connection Wizard
[2010/03/09 02:52:31 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\config
[2010/03/09 02:52:31 | 000,000,000 | -H-D | C] -- C:\WINDOWS\Config
[2010/03/09 02:52:31 | 000,000,000 | -H-D | C] -- C:\WINDOWS\AppPatch
[2010/03/09 02:52:31 | 000,000,000 | -H-D | C] -- C:\WINDOWS\addins
[2010/03/09 02:52:31 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\3com_dmi
[2010/03/09 02:52:31 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\3076
[2010/03/09 02:52:31 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\2052
[2010/03/09 02:52:31 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\1054
[2010/03/09 02:52:31 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\1042
[2010/03/09 02:52:31 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\1041
[2010/03/09 02:52:31 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\1037
[2010/03/09 02:52:31 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\1033
[2010/03/09 02:52:31 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\1031
[2010/03/09 02:52:31 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\1028
[2010/03/09 02:52:31 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\1025
[2010/03/04 12:49:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\OrlandoBoom\My Documents\Jeff Stokes
[2010/03/04 12:00:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\OrlandoBoom\My Documents\Keyboarding
[2010/03/04 11:48:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\Fonts\KBPD
[2010/03/04 11:46:10 | 000,005,532 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\Stdole.tlb
[2010/03/04 11:46:09 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml3a.dll
[2010/03/04 11:46:09 | 000,021,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml2a.dll
[2010/03/04 11:46:07 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml4a.dll
[2010/03/04 11:45:49 | 000,000,000 | -H-D | C] -- C:\Program Files\Keyboarding Pro 5
[2010/03/04 11:19:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\OrlandoBoom\My Documents\Ubisoft
[2010/03/04 11:18:58 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_4.dll
[2010/03/04 11:18:58 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_1.dll
[2010/03/04 11:18:57 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_3.dll
[2010/03/04 11:18:56 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_31.dll
[2010/03/04 11:18:55 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_3.dll
[2010/03/04 11:18:55 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_2.dll
[2010/03/04 11:18:54 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_2.dll
[2010/03/04 11:18:53 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_1.dll
[2010/03/04 11:18:52 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_1.dll
[2010/03/04 11:18:51 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_30.dll
[2010/03/04 11:18:49 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_0.dll
[2010/03/04 11:18:49 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_0.dll
[2010/03/04 11:18:47 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_29.dll
[2010/03/04 11:09:55 | 000,000,000 | -H-D | C] -- C:\Program Files\Ubisoft
[2010/03/04 11:09:40 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\OrlandoBoom\Application Data\InstallShield
[2010/03/04 00:07:05 | 000,000,000 | -H-D | C] -- C:\Program Files\Microsoft Silverlight
[2010/03/03 21:35:57 | 000,000,000 | -H-D | C] -- C:\WINDOWS\.jagex_cache_32
[2010/03/03 21:35:51 | 000,000,000 | -H-D | C] -- C:\WINDOWS\Sun
[2010/03/03 21:33:50 | 000,000,000 | -H-D | C] -- C:\Program Files\Jagex Games Studio
[2010/03/03 21:33:24 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deploytk.dll
[2010/03/03 21:33:24 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010/03/03 21:33:24 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010/03/03 21:33:23 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010/03/03 21:33:23 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010/03/03 21:33:01 | 000,000,000 | -H-D | C] -- C:\temp
[2010/03/03 21:33:00 | 000,000,000 | -H-D | C] -- C:\Program Files\PConverter
[2010/03/03 21:32:42 | 000,421,376 | ---- | C] (Softuarium) -- C:\WINDOWS\System32\WebPicLib.ocx
[2010/03/03 21:32:42 | 000,303,104 | ---- | C] (BUAA) -- C:\WINDOWS\System32\EasyIcon.ocx
[2010/03/03 21:32:42 | 000,140,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\COMDLG32.OCX
[2010/03/03 21:32:42 | 000,000,000 | -H-D | C] -- C:\Program Files\JPG to Icon Converter
[2010/03/03 21:32:35 | 000,000,000 | -H-D | C] -- C:\Program Files\Devious Codeworks
[2010/03/03 21:32:24 | 000,000,000 | -H-D | C] -- C:\Program Files\7-Zip
[2010/03/03 21:32:10 | 000,000,000 | -H-D | C] -- C:\Program Files\Java
[2010/03/03 21:32:00 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\OrlandoBoom\Application Data\Sun
[2010/03/03 18:46:30 | 000,274,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll
[2010/03/03 18:46:30 | 000,016,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll.mui
[2010/03/03 17:59:10 | 000,000,000 | -H-D | C] -- C:\Program Files\Microsoft Works
[2010/03/03 17:58:49 | 000,000,000 | -H-D | C] -- C:\Program Files\Microsoft Visual Studio
[2010/03/03 17:58:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2010/03/03 17:58:02 | 000,000,000 | -H-D | C] -- C:\Program Files\Microsoft.NET
[2010/03/03 17:56:46 | 000,000,000 | -H-D | C] -- C:\Program Files\Microsoft Visual Studio 8
[2010/03/03 17:56:22 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ShellNew
[2010/03/03 17:56:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\OrlandoBoom\Local Settings\Application Data\Microsoft Help
[2010/03/03 17:56:05 | 000,000,000 | -H-D | C] -- C:\Program Files\Microsoft Office
[2010/03/03 17:56:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft Help
[2010/03/03 17:55:53 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2010/02/22 20:26:00 | 000,147,456 | ---- | C] (TODO: <Company name>) -- C:\WINDOWS\System32\uc_neosteam_launching.dll
[2006/05/23 19:38:39 | 000,060,928 | ---- | C] ( ) -- C:\WINDOWS\System32\a3d.dll
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[14 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/03/19 12:38:00 | 000,000,434 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{A1264EB7-7FAA-45ED-8B44-2EC4D8DEA4EC}.job
[2010/03/19 12:37:34 | 000,000,564 | ---- | M] () -- C:\Documents and Settings\OrlandoBoom\My Documents\math.html
[2010/03/19 12:29:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/03/19 12:01:00 | 000,000,246 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2010/03/19 11:15:10 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2010/03/19 11:12:55 | 000,272,291 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2010/03/19 11:12:37 | 000,013,646 | -H-- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/03/19 11:12:14 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/03/19 11:12:07 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/03/19 11:12:05 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/03/18 23:51:14 | 002,621,440 | -H-- | M] () -- C:\Documents and Settings\OrlandoBoom\NTUSER.DAT
[2010/03/18 23:51:06 | 000,000,052 | ---- | M] () -- C:\WINDOWS\System32\ashttpstats.csv
[2010/03/18 23:35:12 | 000,435,200 | ---- | M] () -- C:\Documents and Settings\OrlandoBoom\My Documents\U995.exe
[2010/03/18 23:29:13 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\OrlandoBoom\ntuser.ini
[2010/03/18 22:21:14 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2010/03/18 22:21:14 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2010/03/18 22:20:49 | 000,000,592 | -H-- | M] () -- C:\WINDOWS\win.ini
[2010/03/18 21:47:29 | 005,733,058 | ---- | M] () -- C:\Documents and Settings\OrlandoBoom\My Documents\clean ass beat.wav
[2010/03/18 21:34:13 | 008,731,858 | ---- | M] () -- C:\Documents and Settings\OrlandoBoom\My Documents\beatbox bump beat.wav
[2010/03/18 21:25:50 | 009,172,858 | ---- | M] () -- C:\Documents and Settings\OrlandoBoom\My Documents\happy place.wav
[2010/03/18 21:04:00 | 005,512,558 | ---- | M] () -- C:\Documents and Settings\OrlandoBoom\My Documents\decent riff.wav
[2010/03/18 17:43:37 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\OrlandoBoom\Desktop\OTL.exe
[2010/03/18 16:26:47 | 000,316,640 | -H-- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2010/03/18 16:25:29 | 000,268,600 | -H-- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/03/18 16:24:01 | 000,002,675 | -H-- | M] () -- C:\WINDOWS\imsins.BAK
[2010/03/18 16:20:13 | 000,000,211 | RHS- | M] () -- C:\boot.ini
[2010/03/18 16:16:31 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2010/03/18 16:16:31 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2010/03/17 17:01:58 | 000,000,920 | ---- | M] () -- C:\Documents and Settings\OrlandoBoom\My Documents\OldMac.html
[2010/03/17 16:43:43 | 000,000,626 | ---- | M] () -- C:\Documents and Settings\OrlandoBoom\My Documents\exercise 4.4 food.html
[2010/03/17 16:41:04 | 000,001,299 | ---- | M] () -- C:\Documents and Settings\OrlandoBoom\My Documents\Old macdonald song visual display webpage.html
[2010/03/17 16:39:38 | 000,000,557 | ---- | M] () -- C:\Documents and Settings\OrlandoBoom\My Documents\book example.html
[2010/03/16 22:29:03 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\Msft_User_WpdMtpDr_01_00_00.Wdf
[2010/03/16 22:27:25 | 000,000,001 | ---- | M] () -- C:\Documents and Settings\OrlandoBoom\My Documents\Status.inf
[2010/03/16 21:35:37 | 000,160,663 | ---- | M] () -- C:\Documents and Settings\OrlandoBoom\My Documents\Anatomy.jpg
[2010/03/16 18:58:38 | 000,000,810 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Anarchy Online.lnk
[2010/03/16 16:08:08 | 000,069,632 | ---- | M] () -- C:\WINDOWS\System32\GDIPFONTCACHEV1.DAT
[2010/03/16 16:05:05 | 000,000,446 | ---- | M] () -- C:\WINDOWS\tasks\ASOService.job
[2010/03/16 16:02:21 | 000,054,400 | ---- | M] () -- C:\WINDOWS\System32\BMXStateBkp-{00000003-00000000-00000007-00001102-00000005-00311102}.rfx
[2010/03/16 16:02:21 | 000,054,400 | ---- | M] () -- C:\WINDOWS\System32\BMXState-{00000003-00000000-00000007-00001102-00000005-00311102}.rfx
[2010/03/16 16:02:21 | 000,001,080 | ---- | M] () -- C:\WINDOWS\System32\settingsbkup.sfm
[2010/03/16 16:02:21 | 000,001,080 | ---- | M] () -- C:\WINDOWS\System32\settings.sfm
[2010/03/16 16:02:21 | 000,000,788 | ---- | M] () -- C:\WINDOWS\System32\DVCState-{00000003-00000000-00000007-00001102-00000005-00311102}.rfx
[2010/03/16 16:01:54 | 000,000,288 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2010/03/16 15:59:11 | 000,299,552 | -H-- | M] () -- C:\WINDOWS\WMSysPrx.prx
[2010/03/16 15:59:05 | 000,004,161 | -H-- | M] () -- C:\WINDOWS\ODBCINST.INI
[2010/03/16 15:58:36 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\System32\WindowsLogon.manifest
[2010/03/16 15:58:36 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2010/03/16 15:58:32 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2010/03/16 15:58:32 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\WindowsShell.Manifest
[2010/03/16 15:58:32 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2010/03/16 15:58:32 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2010/03/16 15:58:32 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2010/03/16 15:58:32 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2010/03/16 15:57:19 | 000,022,720 | -H-- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010/03/16 15:55:01 | 000,001,580 | ---- | M] () -- C:\Documents and Settings\OrlandoBoom\Desktop\Defraggler.lnk
[2010/03/16 15:52:16 | 1695,349,051 | ---- | M] () -- C:\Documents and Settings\OrlandoBoom\My Documents\AnarchyOnline_18.1.1_EP1_EP2_EP3.exe.partial
[2010/03/16 12:29:15 | 000,444,952 | ---- | M] (Creative Labs) -- C:\WINDOWS\System32\wrap_oal.dll
[2010/03/16 12:29:15 | 000,109,080 | ---- | M] (Portions © Creative Labs Inc. and NVIDIA Corp.) -- C:\WINDOWS\System32\OpenAL32.dll
[2010/03/16 12:22:47 | 000,000,231 | -H-- | M] () -- C:\WINDOWS\system.ini
[2010/03/16 11:01:35 | 000,001,614 | ---- | M] () -- C:\Documents and Settings\OrlandoBoom\My Documents\Greetings.html
[2010/03/15 22:22:39 | 004,800,700 | -H-- | M] () -- C:\Documents and Settings\OrlandoBoom\Local Settings\Application Data\IconCache.db
[2010/03/15 22:21:50 | 000,113,343 | -H-- | M] () -- C:\WINDOWS\setupapi.old
[2010/03/15 21:06:12 | 000,001,662 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\ijji REACTOR.lnk
[2010/03/15 19:42:24 | 000,260,722 | ---- | M] () -- C:\Documents and Settings\OrlandoBoom\My Documents\more math study guide for math assesment.pdf
[2010/03/15 19:41:37 | 000,094,660 | ---- | M] () -- C:\Documents and Settings\OrlandoBoom\My Documents\math skill requirments for the math assesment.pdf
[2010/03/15 19:24:59 | 000,062,818 | ---- | M] () -- C:\Documents and Settings\OrlandoBoom\My Documents\Math Assesment Arithmetic practice questions.pdf
[2010/03/15 18:58:25 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2010/03/14 20:57:26 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/03/14 20:45:18 | 000,107,888 | ---- | M] (Sony DADC Austria AG.) -- C:\WINDOWS\System32\CmdLineExt.dll
[2010/03/14 20:35:55 | 000,000,622 | ---- | M] () -- C:\Documents and Settings\OrlandoBoom\Desktop\Download Accelerator Plus.lnk
[2010/03/14 20:08:30 | 002,359,350 | ---- | M] () -- C:\Documents and Settings\OrlandoBoom\My Documents\Hell raw looking beastman in ROHAN.bmp
[2010/03/14 20:07:49 | 002,359,350 | ---- | M] () -- C:\Documents and Settings\OrlandoBoom\My Documents\ROHAN players 2.bmp
[2010/03/14 19:52:11 | 002,359,350 | ---- | M] () -- C:\Documents and Settings\OrlandoBoom\My Documents\ROHAN players.bmp
[2010/03/13 23:18:30 | 000,032,263 | ---- | M] () -- C:\Documents and Settings\OrlandoBoom\My Documents\GES+AX50+BKS.JPG
[2010/03/13 23:18:21 | 000,025,176 | ---- | M] () -- C:\Documents and Settings\OrlandoBoom\My Documents\LTD-AX-50.jpg
[2010/03/13 23:17:36 | 000,003,861 | ---- | M] () -- C:\Documents and Settings\OrlandoBoom\My Documents\silver tone guitar $178.54.jpg
[2010/03/13 22:51:33 | 000,000,004 | ---- | M] () -- C:\WINDOWS\System32\msdbcrpt.kar.{5eff6ca1-b420-463c-b4d2-68d7c920122e}
[2010/03/13 22:35:34 | 002,425,558 | ---- | M] () -- C:\Documents and Settings\OrlandoBoom\My Documents\mortal combat music.wav
[2010/03/13 22:00:43 | 004,108,864 | ---- | M] () -- C:\Documents and Settings\OrlandoBoom\get it going good and strong.wav
[2010/03/13 22:00:22 | 004,108,864 | ---- | M] () -- C:\Documents and Settings\OrlandoBoom\rise to the top.wav
[2010/03/13 21:54:42 | 029,780,406 | ---- | M] () -- C:\Documents and Settings\OrlandoBoom\My Documents\gotsta fix repeat bug.wav
[2010/03/13 21:54:35 | 029,780,406 | ---- | M] () -- C:\Documents and Settings\OrlandoBoom\My Documents\gotsta fix repeat bux.wav
[2010/03/13 21:54:20 | 029,780,406 | ---- | M] () -- C:\Documents and Settings\OrlandoBoom\My Documents\first beat with echo bug in it.wav
[2010/03/13 21:48:12 | 000,000,630 | ---- | M] () -- C:\Documents and Settings\OrlandoBoom\Desktop\Audacity.lnk
[2010/03/13 21:47:01 | 042,397,366 | ---- | M] () -- C:\Documents and Settings\OrlandoBoom\My Documents\fun lovin joyous jammin bodatious beat.wav
[2010/03/13 21:14:17 | 000,000,041 | -H-- | M] () -- C:\Documents and Settings\OrlandoBoom\jagex_runescape_preferences.dat
[2010/03/13 21:00:55 | 009,437,238 | ---- | M] () -- C:\Documents and Settings\OrlandoBoom\My Documents\Well made still image of chris's player.BMP
[2010/03/13 20:47:11 | 002,359,350 | ---- | M] () -- C:\Documents and Settings\OrlandoBoom\My Documents\rune armor with pearl white trim.bmp
[2010/03/13 20:44:40 | 002,359,350 | ---- | M] () -- C:\Documents and Settings\OrlandoBoom\My Documents\bandos god sword.bmp
[2010/03/13 20:43:38 | 002,359,350 | ---- | M] () -- C:\Documents and Settings\OrlandoBoom\My Documents\close up jack o lantern.bmp
[2010/03/13 20:42:53 | 002,359,350 | ---- | M] () -- C:\Documents and Settings\OrlandoBoom\My Documents\runescape armor spikes.bmp
[2010/03/13 20:41:01 | 002,359,350 | ---- | M] () -- C:\Documents and Settings\OrlandoBoom\My Documents\RS2 skull helm differnet angle.bmp
[2010/03/13 20:39:46 | 002,359,350 | ---- | M] () -- C:\Documents and Settings\OrlandoBoom\My Documents\runescape pumpin head helmet.bmp
[2010/03/13 20:39:12 | 002,359,350 | ---- | M] () -- C:\Documents and Settings\OrlandoBoom\My Documents\runescape skull helm.bmp
[2010/03/13 20:30:54 | 002,359,350 | ---- | M] () -- C:\Documents and Settings\OrlandoBoom\My Documents\full dragon platebody 2.bmp
[2010/03/13 20:29:35 | 002,359,350 | ---- | M] () -- C:\Documents and Settings\OrlandoBoom\My Documents\Chris's Full dragon platebody RS2.bmp
[2010/03/13 20:25:40 | 000,000,069 | -H-- | M] () -- C:\Documents and Settings\OrlandoBoom\jagex_runescape_preferences2.dat
[2010/03/13 17:13:08 | 000,010,120 | ---- | M] () -- C:\Documents and Settings\OrlandoBoom\My Documents\hijackthis log file 3132010
[2010/03/13 17:02:04 | 000,000,262 | -H-- | M] () -- C:\WINDOWS\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2010/03/13 17:02:03 | 000,000,630 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Ventrilo.lnk
[2010/03/13 16:12:04 | 000,000,792 | ---- | M] () -- C:\Documents and Settings\OrlandoBoom\Desktop\FL Studio 9.lnk
[2010/03/13 15:46:32 | 000,000,004 | ---- | M] () -- C:\WINDOWS\System32\fsdbcrpt.kar.{5eff6ca1-b420-463c-b4d2-68d7c920122e}
[2010/03/13 15:21:38 | 000,001,982 | ---- | M] () -- C:\Documents and Settings\OrlandoBoom\Desktop\Creative Console Launcher.lnk
[2010/03/13 12:09:08 | 000,001,620 | ---- | M] () -- C:\Documents and Settings\OrlandoBoom\Desktop\PaltalkScene.lnk
[2010/03/13 09:17:42 | 000,000,740 | ---- | M] () -- C:\Documents and Settings\OrlandoBoom\Desktop\PeerBlock.lnk
[2010/03/13 09:11:06 | 000,067,881 | ---- | M] () -- C:\Documents and Settings\OrlandoBoom\My Documents\egg salad sandwich.jpg
[2010/03/13 08:43:23 | 000,033,280 | ---- | M] () -- C:\Documents and Settings\OrlandoBoom\My Documents\Resume - Jeffrey A. Stokes, Jr..doc
[2010/03/13 08:26:21 | 000,001,619 | ---- | M] () -- C:\Documents and Settings\OrlandoBoom\Desktop\GFI LANguard.lnk
[2010/03/12 20:04:39 | 000,003,384 | ---- | M] () -- C:\Documents and Settings\OrlandoBoom\My Documents\cc_20100312_200437.reg
[2010/03/12 20:04:19 | 000,057,530 | ---- | M] () -- C:\Documents and Settings\OrlandoBoom\My Documents\cc_20100312_200412.reg
[2010/03/12 19:58:05 | 000,001,548 | ---- | M] () -- C:\Documents and Settings\OrlandoBoom\Desktop\CCleaner.lnk
[2010/03/12 19:22:58 | 000,010,031 | ---- | M] () -- C:\Documents and Settings\OrlandoBoom\My Documents\New hijack this logfile
[2010/03/12 17:59:32 | 000,002,381 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\RuneScape.lnk
[2010/03/12 16:57:59 | 000,001,734 | ---- | M] () -- C:\Documents and Settings\OrlandoBoom\Desktop\HijackThis.lnk
[2010/03/11 15:53:22 | 000,000,850 | -H-- | M] () -- C:\Documents and Settings\OrlandoBoom\Application DataProductTweaks.xml
[2010/03/11 15:53:22 | 000,000,385 | -H-- | M] () -- C:\Documents and Settings\OrlandoBoom\Application Datauser_gensett.xml
[2010/03/11 14:53:04 | 000,000,711 | ---- | M] () -- C:\Documents and Settings\OrlandoBoom\Desktop\Shortcut to Quake4.lnk
[2010/03/11 00:41:54 | 000,000,728 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\BitTorrent.lnk
[2010/03/11 00:21:36 | 000,000,803 | ---- | M] () -- C:\Documents and Settings\OrlandoBoom\Desktop\Internet Explorer.lnk
[2010/03/10 23:58:46 | 000,000,638 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Xfire.lnk
[2010/03/09 22:29:58 | 000,000,385 | ---- | M] () -- C:\WINDOWS\System32\user_gensett.xml
[2010/03/09 21:40:24 | 000,172,032 | ---- | M] (Jin Hui E-mail: jinhui@jcomsoft.com Web: http://www.jcomsoft.com) -- C:\WINDOWS\System32\AniGIF.ocx
[2010/03/09 21:06:54 | 000,000,025 | -H-- | M] () -- C:\Documents and Settings\OrlandoBoom\Application Data\bdfvconp.ini
[2010/03/09 21:03:50 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\PowerISO.lnk
[2010/03/09 20:54:02 | 000,001,564 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CometBird.lnk
[2010/03/09 20:52:35 | 000,000,301 | ---- | M] () -- C:\Documents and Settings\OrlandoBoom\Desktop\Shortcut to Sounds and Audio Devices.lnk
[2010/03/09 19:42:32 | 000,001,923 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Advanced System Optimizer.lnk
[2010/03/09 19:42:32 | 000,000,951 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Smart PC Care.lnk
[2010/03/09 19:41:23 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\nsreg.dat
[2010/03/09 19:41:17 | 000,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2010/03/09 17:57:37 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
[2010/03/09 14:49:28 | 000,000,376 | -H-- | M] () -- C:\Documents and Settings\OrlandoBoom\Application Dataprivacy.xml
[2010/03/09 14:01:42 | 000,153,448 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\WINDOWS\System32\drivers\bdfm.sys
[2010/03/09 14:01:42 | 000,106,464 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\WINDOWS\System32\drivers\bdhv.sys
[2010/03/09 12:57:06 | 000,000,016 | ---- | M] () -- C:\WINDOWS\System32\asdict.dat
[2010/03/09 12:57:06 | 000,000,004 | ---- | M] () -- C:\WINDOWS\System32\aspdict-en.dat
[2010/03/09 12:29:38 | 000,013,646 | -H-- | M] () -- C:\WINDOWS\System32\wpa.bak
[2010/03/09 12:28:54 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\wsbl.dat
[2010/03/09 12:28:54 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\phar_unmip.dat
[2010/03/09 12:28:54 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\phar_histprot.dat
[2010/03/09 12:28:54 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\ph_white.dat
[2010/03/09 12:28:54 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\ph_summ.dat
[2010/03/09 12:28:54 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\ph_spoof.sig
[2010/03/09 12:28:54 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\ph_sign.slf
[2010/03/09 12:28:54 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\ph_fuzzy.sig
[2010/03/09 12:28:54 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\ph_black.dat
[2010/03/09 12:28:54 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\pcwords2.dat
[2010/03/09 12:28:54 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\pcwords.dat
[2010/03/09 12:28:54 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\pc_webproxy.dat
[2010/03/09 12:28:54 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\pc_video.dat
[2010/03/09 12:28:54 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\pc_tabloids.dat
[2010/03/09 12:28:54 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\pc_socialnetworks.dat
[2010/03/09 12:28:54 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\pc_sign.slf
[2010/03/09 12:28:54 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\pc_searchengines.dat
[2010/03/09 12:28:54 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\pc_regionaltlds.dat
[2010/03/09 12:28:54 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\pc_pornography.dat
[2010/03/09 12:28:54 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\pc_onlineshop.dat
[2010/03/09 12:28:54 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\pc_onlinepay.dat
[2010/03/09 12:28:54 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\pc_onlinedating.dat
[2010/03/09 12:28:54 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\pc_news.dat
[2010/03/09 12:28:54 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\pc_im.dat
[2010/03/09 12:28:54 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\pc_illegal.dat
[2010/03/09 12:28:54 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\pc_hate.dat
[2010/03/09 12:28:54 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\pc_games.dat
[2010/03/09 12:28:54 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\pc_gambling.dat
[2010/03/09 12:28:54 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\pc_drugs.dat
[2010/03/09 12:28:54 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\ab_sbl.sig
[2010/03/09 12:28:54 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\ab_bl.sig
[2010/03/09 12:27:50 | 000,000,734 | -H-- | M] () -- C:\WINDOWS\System32\drivers\etc\HOSTS
[2010/03/09 12:25:59 | 000,356,120 | -H-- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/03/09 12:25:59 | 000,311,604 | -H-- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/03/09 12:25:59 | 000,039,992 | -H-- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/03/09 12:21:57 | 000,940,794 | -H-- | M] () -- C:\WINDOWS\System32\LoopyMusic.wav
[2010/03/09 12:21:57 | 000,146,650 | -H-- | M] () -- C:\WINDOWS\System32\BuzzingBee.wav
[2010/03/09 12:19:40 | 000,001,869 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\BitDefender Internet Security 2010.lnk
[2010/03/09 12:03:22 | 000,000,230 | -H-- | M] () -- C:\WINDOWS\tasks\Advanced System Optimizer Scheduler.job
[2010/03/09 11:59:10 | 000,001,669 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Spy Sweeper.lnk
[2010/03/09 11:53:29 | 000,001,959 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\ActiveArmor Firewall.lnk
[2010/03/09 11:53:20 | 000,001,024 | -H-- | M] () -- C:\.rnd
[2010/03/09 11:53:16 | 000,000,022 | -H-- | M] () -- C:\WINDOWS\FileName
[2010/03/09 11:52:53 | 000,013,212 | -H-- | M] () -- C:\WINDOWS\Ascd_log.ini
[2010/03/09 11:47:11 | 000,013,174 | -H-- | M] () -- C:\WINDOWS\Ascd_tmp.ini
[2010/03/09 11:45:47 | 000,013,104 | -H-- | M] () -- C:\Documents and Settings\OrlandoBoom\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/03/09 11:37:56 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\OrlandoBoom\Desktop\SpeedFan.lnk
[2010/03/09 11:37:55 | 000,000,045 | -H-- | M] () -- C:\WINDOWS\System32\initdebug.nfo
[2010/03/09 11:30:31 | 000,025,065 | -H-- | M] () -- C:\WINDOWS\System32\wmpscheme.xml
[2010/03/09 11:26:41 | 000,002,577 | -H-- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/03/09 11:26:41 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2010/03/09 11:26:41 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/03/09 11:26:41 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\control.ini
[2010/03/09 11:26:41 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010/03/09 11:26:41 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010/03/09 11:24:34 | 000,000,037 | -H-- | M] () -- C:\WINDOWS\vbaddin.ini
[2010/03/09 11:24:34 | 000,000,036 | -H-- | M] () -- C:\WINDOWS\vb.ini
[2010/03/04 12:56:10 | 000,000,000 | -H-- | M] () -- C:\Documents and Settings\OrlandoBoom\PUTTY.RND
[2010/03/04 11:59:50 | 000,001,673 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Keyboarding Pro™ 5 - Single.lnk
[2010/03/04 11:59:04 | 000,370,070 | R--- | M] () -- C:\Documents and Settings\OrlandoBoom\My Documents\1268423936_midi_keyboard.ico
[2010/03/04 11:21:42 | 000,432,128 | ---- | M] () -- C:\Documents and Settings\OrlandoBoom\My Documents\Internet Explorer U994.exe
[2010/03/03 23:52:46 | 000,022,388 | ---- | M] () -- C:\Documents and Settings\OrlandoBoom\My Documents\New Password sheet.docx
[2010/03/03 21:58:43 | 000,000,000 | -H-- | M] () -- C:\Documents and Settings\OrlandoBoom\jagex__preferences3.dat
[2010/03/03 21:32:43 | 000,000,688 | ---- | M] () -- C:\Documents and Settings\OrlandoBoom\Desktop\JPG to Icon Converter.lnk
[2010/03/03 21:32:36 | 000,000,854 | ---- | M] () -- C:\Documents and Settings\OrlandoBoom\Desktop\Imagicon.lnk
[2010/03/03 21:32:12 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deploytk.dll
[2010/03/03 21:32:12 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010/03/03 21:32:12 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010/03/03 21:32:12 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010/03/03 21:32:12 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010/03/03 18:45:50 | 000,002,515 | ---- | M] () -- C:\Documents and Settings\OrlandoBoom\Desktop\Microsoft Office Word 2007.lnk
[2010/02/24 08:16:06 | 000,181,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MpSigStub.exe
[2010/02/22 20:26:00 | 000,147,456 | ---- | M] (TODO: <Company name>) -- C:\WINDOWS\System32\uc_neosteam_launching.dll
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[14 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/03/19 12:37:34 | 000,000,564 | ---- | C] () -- C:\Documents and Settings\OrlandoBoom\My Documents\math.html
[2010/03/18 23:35:11 | 000,435,200 | ---- | C] () -- C:\Documents and Settings\OrlandoBoom\My Documents\U995.exe
[2010/03/18 21:47:29 | 005,733,058 | ---- | C] () -- C:\Documents and Settings\OrlandoBoom\My Documents\clean ass beat.wav
[2010/03/18 21:34:12 | 008,731,858 | ---- | C] () -- C:\Documents and Settings\OrlandoBoom\My Documents\beatbox bump beat.wav
[2010/03/18 21:25:26 | 009,172,858 | ---- | C] () -- C:\Documents and Settings\OrlandoBoom\My Documents\happy place.wav
[2010/03/18 21:04:00 | 005,512,558 | ---- | C] () -- C:\Documents and Settings\OrlandoBoom\My Documents\decent riff.wav
[2010/03/17 16:58:30 | 000,000,920 | ---- | C] () -- C:\Documents and Settings\OrlandoBoom\My Documents\OldMac.html
[2010/03/17 16:43:43 | 000,000,626 | ---- | C] () -- C:\Documents and Settings\OrlandoBoom\My Documents\exercise 4.4 food.html
[2010/03/17 16:39:38 | 000,000,557 | ---- | C] () -- C:\Documents and Settings\OrlandoBoom\My Documents\book example.html
[2010/03/17 16:39:04 | 000,001,299 | ---- | C] () -- C:\Documents and Settings\OrlandoBoom\My Documents\Old macdonald song visual display webpage.html
[2010/03/16 22:29:03 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\UMDF\Msft_User_WpdMtpDr_01_00_00.Wdf
[2010/03/16 22:25:37 | 000,000,001 | ---- | C] () -- C:\Documents and Settings\OrlandoBoom\My Documents\Status.inf
[2010/03/16 21:35:36 | 000,160,663 | ---- | C] () -- C:\Documents and Settings\OrlandoBoom\My Documents\Anatomy.jpg
[2010/03/16 18:58:38 | 000,000,810 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Anarchy Online.lnk
[2010/03/16 16:02:21 | 000,054,400 | ---- | C] () -- C:\WINDOWS\System32\BMXState-{00000003-00000000-00000007-00001102-00000005-00311102}.rfx
[2010/03/16 16:02:21 | 000,001,080 | ---- | C] () -- C:\WINDOWS\System32\settingsbkup.sfm
[2010/03/16 16:02:21 | 000,001,080 | ---- | C] () -- C:\WINDOWS\System32\settings.sfm
[2010/03/16 16:02:21 | 000,000,788 | ---- | C] () -- C:\WINDOWS\System32\DVCState-{00000003-00000000-00000007-00001102-00000005-00311102}.rfx
[2010/03/16 16:00:58 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2010/03/16 16:00:40 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2010/03/16 16:00:29 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2010/03/16 16:00:28 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2010/03/16 16:00:26 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2010/03/16 16:00:18 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2010/03/16 16:00:13 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2010/03/16 15:59:56 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2010/03/16 15:58:36 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2010/03/16 15:58:32 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2010/03/16 15:58:32 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\WindowsShell.Manifest
[2010/03/16 15:58:32 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2010/03/16 15:58:32 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2010/03/16 15:58:32 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2010/03/16 15:55:00 | 000,001,580 | ---- | C] () -- C:\Documents and Settings\OrlandoBoom\Desktop\Defraggler.lnk
[2010/03/16 15:52:16 | 1695,349,051 | ---- | C] () -- C:\Documents and Settings\OrlandoBoom\My Documents\AnarchyOnline_18.1.1_EP1_EP2_EP3.exe.partial
[2010/03/16 12:22:30 | 000,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2010/03/16 12:22:30 | 000,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2010/03/16 12:22:30 | 000,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2010/03/16 12:22:30 | 000,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2010/03/16 12:22:30 | 000,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2010/03/16 12:22:30 | 000,007,382 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2010/03/16 11:01:35 | 000,001,614 | ---- | C] () -- C:\Documents and Settings\OrlandoBoom\My Documents\Greetings.html
[2010/03/15 21:06:12 | 000,001,662 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\ijji REACTOR.lnk
[2010/03/15 19:42:24 | 000,260,722 | ---- | C] () -- C:\Documents and Settings\OrlandoBoom\My Documents\more math study guide for math assesment.pdf
[2010/03/15 19:41:37 | 000,094,660 | ---- | C] () -- C:\Documents and Settings\OrlandoBoom\My Documents\math skill requirments for the math assesment.pdf
[2010/03/15 19:24:59 | 000,062,818 | ---- | C] () -- C:\Documents and Settings\OrlandoBoom\My Documents\Math Assesment Arithmetic practice questions.pdf
[2010/03/15 18:58:25 | 000,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2010/03/14 20:57:26 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/03/14 20:35:55 | 000,000,622 | ---- | C] () -- C:\Documents and Settings\OrlandoBoom\Desktop\Download Accelerator Plus.lnk
[2010/03/14 20:08:30 | 002,359,350 | ---- | C] () -- C:\Documents and Settings\OrlandoBoom\My Documents\Hell raw looking beastman in ROHAN.bmp
[2010/03/14 20:07:49 | 002,359,350 | ---- | C] () -- C:\Documents and Settings\OrlandoBoom\My Documents\ROHAN players 2.bmp
[2010/03/14 19:52:11 | 002,359,350 | ---- | C] () -- C:\Documents and Settings\OrlandoBoom\My Documents\ROHAN players.bmp
[2010/03/14 16:00:13 | 000,000,330 | -H-- | C] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2010/03/13 23:18:30 | 000,032,263 | ---- | C] () -- C:\Documents and Settings\OrlandoBoom\My Documents\GES+AX50+BKS.JPG
[2010/03/13 23:18:21 | 000,025,176 | ---- | C] () -- C:\Documents and Settings\OrlandoBoom\My Documents\LTD-AX-50.jpg
[2010/03/13 23:17:36 | 000,003,861 | ---- | C] () -- C:\Documents and Settings\OrlandoBoom\My Documents\silver tone guitar $178.54.jpg
[2010/03/13 22:35:33 | 002,425,558 | ---- | C] () -- C:\Documents and Settings\OrlandoBoom\My Documents\mortal combat music.wav
[2010/03/13 22:00:42 | 004,108,864 | ---- | C] () -- C:\Documents and Settings\OrlandoBoom\get it going good and strong.wav
[2010/03/13 22:00:22 | 004,108,864 | ---- | C] () -- C:\Documents and Settings\OrlandoBoom\rise to the top.wav
[2010/03/13 21:54:42 | 029,780,406 | ---- | C] () -- C:\Documents and Settings\OrlandoBoom\My Documents\gotsta fix repeat bug.wav
[2010/03/13 21:54:35 | 029,780,406 | ---- | C] () -- C:\Documents and Settings\OrlandoBoom\My Documents\gotsta fix repeat bux.wav
[2010/03/13 21:54:19 | 029,780,406 | ---- | C] () -- C:\Documents and Settings\OrlandoBoom\My Documents\first beat with echo bug in it.wav
[2010/03/13 21:48:12 | 000,000,630 | ---- | C] () -- C:\Documents and Settings\OrlandoBoom\Desktop\Audacity.lnk
[2010/03/13 21:47:01 | 042,397,366 | ---- | C] () -- C:\Documents and Settings\OrlandoBoom\My Documents\fun lovin joyous jammin bodatious beat.wav
[2010/03/13 21:00:54 | 009,437,238 | ---- | C] () -- C:\Documents and Settings\OrlandoBoom\My Documents\Well made still image of chris's player.BMP
[2010/03/13 20:47:10 | 002,359,350 | ---- | C] () -- C:\Documents and Settings\OrlandoBoom\My Documents\rune armor with pearl white trim.bmp
[2010/03/13 20:44:40 | 002,359,350 | ---- | C] () -- C:\Documents and Settings\OrlandoBoom\My Documents\bandos god sword.bmp
[2010/03/13 20:43:38 | 002,359,350 | ---- | C] () -- C:\Documents and Settings\OrlandoBoom\My Documents\close up jack o lantern.bmp
[2010/03/13 20:42:53 | 002,359,350 | ---- | C] () -- C:\Documents and Settings\OrlandoBoom\My Documents\runescape armor spikes.bmp
[2010/03/13 20:41:01 | 002,359,350 | ---- | C] () -- C:\Documents and Settings\OrlandoBoom\My Documents\RS2 skull helm differnet angle.bmp
[2010/03/13 20:39:46 | 002,359,350 | ---- | C] () -- C:\Documents and Settings\OrlandoBoom\My Documents\runescape pumpin head helmet.bmp
[2010/03/13 20:39:12 | 002,359,350 | ---- | C] () -- C:\Documents and Settings\OrlandoBoom\My Documents\runescape skull helm.bmp
[2010/03/13 20:30:53 | 002,359,350 | ---- | C] () -- C:\Documents and Settings\OrlandoBoom\My Documents\full dragon platebody 2.bmp
[2010/03/13 20:29:35 | 002,359,350 | ---- | C] () -- C:\Documents and Settings\OrlandoBoom\My Documents\Chris's Full dragon platebody RS2.bmp
[2010/03/13 17:13:08 | 000,010,120 | ---- | C] () -- C:\Documents and Settings\OrlandoBoom\My Documents\hijackthis log file 3132010
[2010/03/13 17:02:03 | 000,000,630 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Ventrilo.lnk
[2010/03/13 17:02:00 | 000,000,262 | -H-- | C] () -- C:\WINDOWS\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2010/03/13 16:15:45 | 000,002,675 | -H-- | C] () -- C:\WINDOWS\imsins.BAK
[2010/03/13 16:12:04 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\OrlandoBoom\Desktop\FL Studio 9.lnk
[2010/03/13 15:21:38 | 000,001,982 | ---- | C] () -- C:\Documents and Settings\OrlandoBoom\Desktop\Creative Console Launcher.lnk
[2010/03/13 12:09:08 | 000,001,620 | ---- | C] () -- C:\Documents and Settings\OrlandoBoom\Desktop\PaltalkScene.lnk
[2010/03/13 09:37:51 | 000,113,343 | -H-- | C] () -- C:\WINDOWS\setupapi.old
[2010/03/13 09:17:42 | 000,000,740 | ---- | C] () -- C:\Documents and Settings\OrlandoBoom\Desktop\PeerBlock.lnk
[2010/03/13 09:11:06 | 000,067,881 | ---- | C] () -- C:\Documents and Settings\OrlandoBoom\My Documents\egg salad sandwich.jpg
[2010/03/13 08:43:23 | 000,033,280 | ---- | C] () -- C:\Documents and Settings\OrlandoBoom\My Documents\Resume - Jeffrey A. Stokes, Jr..doc
[2010/03/13 08:26:21 | 000,001,619 | ---- | C] () -- C:\Documents and Settings\OrlandoBoom\Desktop\GFI LANguard.lnk
[2010/03/12 20:36:24 | 000,000,004 | ---- | C] () -- C:\WINDOWS\System32\msdbcrpt.kar.{5eff6ca1-b420-463c-b4d2-68d7c920122e}
[2010/03/12 20:36:24 | 000,000,004 | ---- | C] () -- C:\WINDOWS\System32\fsdbcrpt.kar.{5eff6ca1-b420-463c-b4d2-68d7c920122e}
[2010/03/12 20:04:38 | 000,003,384 | ---- | C] () -- C:\Documents and Settings\OrlandoBoom\My Documents\cc_20100312_200437.reg
[2010/03/12 20:04:15 | 000,057,530 | ---- | C] () -- C:\Documents and Settings\OrlandoBoom\My Documents\cc_20100312_200412.reg
[2010/03/12 19:58:05 | 000,001,548 | ---- | C] () -- C:\Documents and Settings\OrlandoBoom\Desktop\CCleaner.lnk
[2010/03/12 19:22:58 | 000,010,031 | ---- | C] () -- C:\Documents and Settings\OrlandoBoom\My Documents\New hijack this logfile
[2010/03/12 16:57:59 | 000,001,734 | ---- | C] () -- C:\Documents and Settings\OrlandoBoom\Desktop\HijackThis.lnk
[2010/03/12 14:30:22 | 000,005,174 | ---- | C] () -- C:\WINDOWS\System32\nppt9x.vxd
[2010/03/11 15:53:22 | 000,000,850 | -H-- | C] () -- C:\Documents and Settings\OrlandoBoom\Application DataProductTweaks.xml
[2010/03/11 15:53:22 | 000,000,385 | -H-- | C] () -- C:\Documents and Settings\OrlandoBoom\Application Datauser_gensett.xml
[2010/03/11 14:53:04 | 000,000,711 | ---- | C] () -- C:\Documents and Settings\OrlandoBoom\Desktop\Shortcut to Quake4.lnk
[2010/03/11 12:48:29 | 003,286,469 | R--- | C] () -- C:\Documents and Settings\OrlandoBoom\Desktop\Planet Boom Motley Crue.wma
[2010/03/11 00:41:54 | 000,000,728 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\BitTorrent.lnk
[2010/03/11 00:21:36 | 000,000,803 | ---- | C] () -- C:\Documents and Settings\OrlandoBoom\Desktop\Internet Explorer.lnk
[2010/03/10 23:58:46 | 000,000,638 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Xfire.lnk
[2010/03/09 23:08:15 | 000,363,520 | -H-- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2010/03/09 23:08:15 | 000,118,272 | -H-- | C] () -- C:\WINDOWS\System32\mpeg2data.ax
[2010/03/09 23:08:15 | 000,056,832 | -H-- | C] () -- C:\WINDOWS\System32\msdvbnp.ax
[2010/03/09 23:08:15 | 000,033,280 | -H-- | C] () -- C:\WINDOWS\System32\psisrndr.ax
[2010/03/09 23:08:13 | 000,148,992 | -H-- | C] () -- C:\WINDOWS\System32\mpg2splt.ax
[2010/03/09 22:29:58 | 000,000,385 | ---- | C] () -- C:\WINDOWS\System32\user_gensett.xml
[2010/03/09 22:28:23 | 000,054,400 | ---- | C] () -- C:\WINDOWS\System32\BMXStateBkp-{00000003-00000000-00000007-00001102-00000005-00311102}.rfx
[2010/03/09 22:15:01 | 000,007,062 | ---- | C] () -- C:\WINDOWS\System32\audiopid.vxd
[2010/03/09 22:13:55 | 000,003,128 | ---- | C] () -- C:\WINDOWS\System32\XFi.bmp
[2010/03/09 22:13:55 | 000,000,766 | ---- | C] () -- C:\WINDOWS\System32\SBXFi.ico
[2010/03/09 22:13:20 | 000,003,072 | -H-- | C] () -- C:\WINDOWS\CTXFIRES.DLL
[2010/03/09 21:06:54 | 000,000,025 | -H-- | C] () -- C:\Documents and Settings\OrlandoBoom\Application Data\bdfvconp.ini
[2010/03/09 21:03:50 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\PowerISO.lnk
[2010/03/09 20:52:35 | 000,000,301 | ---- | C] () -- C:\Documents and Settings\OrlandoBoom\Desktop\Shortcut to Sounds and Audio Devices.lnk
[2010/03/09 19:43:10 | 000,000,446 | ---- | C] () -- C:\WINDOWS\tasks\ASOService.job
[2010/03/09 19:42:34 | 000,017,136 | ---- | C] () -- C:\WINDOWS\System32\sasnative32.exe
[2010/03/09 19:42:32 | 000,001,923 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Advanced System Optimizer.lnk
[2010/03/09 19:42:32 | 000,000,951 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Smart PC Care.lnk
[2010/03/09 19:41:30 | 000,001,564 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\CometBird.lnk
[2010/03/09 19:41:23 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\nsreg.dat
[2010/03/09 19:41:17 | 000,001,602 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2010/03/09 18:11:01 | 000,178,176 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2010/03/09 18:11:01 | 000,000,038 | -H-- | C] () -- C:\WINDOWS\avisplitter.ini
[2010/03/09 18:11:00 | 000,000,414 | ---- | C] () -- C:\WINDOWS\System32\lame_acm.xml
[2010/03/09 18:10:59 | 000,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010/03/09 18:10:59 | 000,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010/03/09 18:10:57 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2010/03/09 18:10:56 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010/03/09 17:57:37 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
[2010/03/09 15:41:57 | 000,000,434 | -H-- | C] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{A1264EB7-7FAA-45ED-8B44-2EC4D8DEA4EC}.job
[2010/03/09 15:14:42 | 000,000,886 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/03/09 15:14:42 | 000,000,882 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/03/09 14:49:28 | 000,000,376 | -H-- | C] () -- C:\Documents and Settings\OrlandoBoom\Application Dataprivacy.xml
[2010/03/09 14:42:30 | 000,008,743 | ---- | C] () -- C:\WINDOWS\System32\nvinfo.pb
[2010/03/09 14:42:27 | 002,293,286 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin
[2010/03/09 12:57:06 | 000,000,016 | ---- | C] () -- C:\WINDOWS\System32\asdict.dat
[2010/03/09 12:57:06 | 000,000,004 | ---- | C] () -- C:\WINDOWS\System32\aspdict-en.dat
[2010/03/09 12:54:02 | 000,000,052 | ---- | C] () -- C:\WINDOWS\System32\ashttpstats.csv
[2010/03/09 12:29:38 | 000,013,646 | -H-- | C] () -- C:\WINDOWS\System32\wpa.bak
[2010/03/09 12:28:54 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\wsbl.dat
[2010/03/09 12:28:54 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\phar_unmip.dat
[2010/03/09 12:28:54 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\phar_histprot.dat
[2010/03/09 12:28:54 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\ph_white.dat
[2010/03/09 12:28:54 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\ph_summ.dat
[2010/03/09 12:28:54 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\ph_spoof.sig
[2010/03/09 12:28:54 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\ph_sign.slf
[2010/03/09 12:28:54 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\ph_fuzzy.sig
[2010/03/09 12:28:54 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\ph_black.dat
[2010/03/09 12:28:54 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\pcwords2.dat
[2010/03/09 12:28:54 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\pcwords.dat
[2010/03/09 12:28:54 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\pc_webproxy.dat
[2010/03/09 12:28:54 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\pc_video.dat
[2010/03/09 12:28:54 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\pc_tabloids.dat
[2010/03/09 12:28:54 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\pc_socialnetworks.dat
[2010/03/09 12:28:54 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\pc_sign.slf
[2010/03/09 12:28:54 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\pc_searchengines.dat
[2010/03/09 12:28:54 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\pc_regionaltlds.dat
[2010/03/09 12:28:54 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\pc_pornography.dat
[2010/03/09 12:28:54 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\pc_onlineshop.dat
[2010/03/09 12:28:54 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\pc_onlinepay.dat
[2010/03/09 12:28:54 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\pc_onlinedating.dat
[2010/03/09 12:28:54 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\pc_news.dat
[2010/03/09 12:28:54 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\pc_im.dat
[2010/03/09 12:28:54 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\pc_illegal.dat
[2010/03/09 12:28:54 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\pc_hate.dat
[2010/03/09 12:28:54 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\pc_games.dat
[2010/03/09 12:28:54 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\pc_gambling.dat
[2010/03/09 12:28:54 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\pc_drugs.dat
[2010/03/09 12:28:54 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\ab_sbl.sig
[2010/03/09 12:28:54 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\ab_bl.sig
[2010/03/09 12:21:57 | 000,940,794 | -H-- | C] () -- C:\WINDOWS\System32\LoopyMusic.wav
[2010/03/09 12:21:57 | 000,146,650 | -H-- | C] () -- C:\WINDOWS\System32\BuzzingBee.wav
[2010/03/09 12:03:22 | 000,000,230 | -H-- | C] () -- C:\WINDOWS\tasks\Advanced System Optimizer Scheduler.job
[2010/03/09 11:59:10 | 000,001,669 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Spy Sweeper.lnk
[2010/03/09 11:59:07 | 000,000,246 | ---- | C] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2010/03/09 11:57:43 | 000,001,869 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\BitDefender Internet Security 2010.lnk
[2010/03/09 11:53:29 | 000,001,959 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\ActiveArmor Firewall.lnk
[2010/03/09 11:53:20 | 000,001,024 | -H-- | C] () -- C:\.rnd
[2010/03/09 11:53:16 | 000,000,022 | -H-- | C] () -- C:\WINDOWS\FileName
[2010/03/09 11:52:53 | 000,013,212 | -H-- | C] () -- C:\WINDOWS\Ascd_log.ini
[2010/03/09 11:52:44 | 000,024,576 | RH-- | C] () -- C:\WINDOWS\System32\AsIO.dll
[2010/03/09 11:52:44 | 000,012,664 | RH-- | C] () -- C:\WINDOWS\System32\drivers\AsIO.sys
[2010/03/09 11:52:36 | 000,012,096 | -H-- | C] () -- C:\WINDOWS\System32\drivers\AsInsHelp64.sys
[2010/03/09 11:52:36 | 000,010,304 | -H-- | C] () -- C:\WINDOWS\System32\drivers\AsInsHelp32.sys
[2010/03/09 11:50:46 | 000,001,570 | -H-- | C] () -- C:\WINDOWS\System32\nvide.nvu
[2010/03/09 11:50:03 | 000,003,657 | -H-- | C] () -- C:\WINDOWS\System32\nvnrm.nvu
[2010/03/09 11:50:01 | 000,001,864 | RH-- | C] () -- C:\WINDOWS\System32\nvsmb.nvu
[2010/03/09 11:49:26 | 000,000,907 | RH-- | C] () -- C:\WINDOWS\System32\AsusSetup.ini
[2010/03/09 11:49:26 | 000,000,263 | RH-- | C] () -- C:\WINDOWS\System32\raidmgmt.ini
[2010/03/09 11:49:25 | 000,810,056 | RH-- | C] () -- C:\WINDOWS\System32\Alert.bmp
[2010/03/09 11:48:53 | 000,049,152 | RH-- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2010/03/09 11:47:11 | 000,013,174 | -H-- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2010/03/09 11:47:10 | 000,005,810 | RH-- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2010/03/09 11:47:02 | 000,010,288 | -H-- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2010/03/09 11:45:46 | 000,316,640 | -H-- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2010/03/09 11:43:10 | 000,239,616 | -H-- | C] () -- C:\WINDOWS\System32\wstrenderer.ax
[2010/03/09 11:43:10 | 000,164,352 | -H-- | C] () -- C:\WINDOWS\System32\wstpager.ax
[2010/03/09 11:43:10 | 000,053,248 | -H-- | C] () -- C:\WINDOWS\System32\vbicodec.ax
[2010/03/09 11:42:02 | 000,129,045 | -H-- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty
[2010/03/09 11:42:02 | 000,067,866 | -H-- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img
[2010/03/09 11:42:02 | 000,064,352 | -H-- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod
[2010/03/09 11:37:56 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\OrlandoBoom\Desktop\SpeedFan.lnk
[2010/03/09 11:37:55 | 000,000,045 | -H-- | C] () -- C:\WINDOWS\System32\initdebug.nfo
[2010/03/09 11:30:26 | 002,621,440 | -H-- | C] () -- C:\Documents and Settings\OrlandoBoom\NTUSER.DAT
[2010/03/09 11:30:26 | 000,000,178 | -HS- | C] () -- C:\Documents and Settings\OrlandoBoom\ntuser.ini
[2010/03/09 11:27:54 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010/03/09 11:26:41 | 000,002,577 | -H-- | C] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/03/09 11:26:41 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2010/03/09 11:26:41 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2010/03/09 11:26:41 | 000,000,000 | ---- | C] () -- C:\CONFIG.SYS
[2010/03/09 11:26:41 | 000,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT
[2010/03/09 11:26:40 | 000,025,065 | -H-- | C] () -- C:\WINDOWS\System32\wmpscheme.xml
[2010/03/09 11:26:40 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2010/03/09 11:26:40 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2010/03/09 11:26:39 | 000,299,552 | -H-- | C] () -- C:\WINDOWS\WMSysPrx.prx
[2010/03/09 11:26:12 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\WindowsLogon.manifest
[2010/03/09 11:26:09 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2010/03/09 11:26:02 | 004,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex
[2010/03/09 11:25:21 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2010/03/09 11:25:21 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2010/03/09 11:25:15 | 000,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf
[2010/03/09 11:24:35 | 000,022,720 | -H-- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010/03/09 11:24:11 | 000,065,954 | -H-- | C] () -- C:\WINDOWS\Prairie Wind.bmp
[2010/03/09 11:24:11 | 000,065,832 | -H-- | C] () -- C:\WINDOWS\Santa Fe Stucco.bmp
[2010/03/09 11:24:11 | 000,026,680 | -H-- | C] () -- C:\WINDOWS\River Sumida.bmp
[2010/03/09 11:24:11 | 000,026,582 | -H-- | C] () -- C:\WINDOWS\Greenstone.bmp
[2010/03/09 11:24:11 | 000,017,362 | -H-- | C] () -- C:\WINDOWS\Rhododendron.bmp
[2010/03/09 11:24:11 | 000,017,336 | -H-- | C] () -- C:\WINDOWS\Gone Fishing.bmp
[2010/03/09 11:24:11 | 000,009,522 | -H-- | C] () -- C:\WINDOWS\Zapotec.bmp
[2010/03/09 11:24:10 | 000,093,702 | -H-- | C] () -- C:\WINDOWS\System32\subrange.uce
[2010/03/09 11:24:10 | 000,065,978 | -H-- | C] () -- C:\WINDOWS\Soap Bubbles.bmp
[2010/03/09 11:24:10 | 000,060,458 | -H-- | C] () -- C:\WINDOWS\System32\ideograf.uce
[2010/03/09 11:24:10 | 000,017,062 | -H-- | C] () -- C:\WINDOWS\Coffee Bean.bmp
[2010/03/09 11:24:10 | 000,016,740 | -H-- | C] () -- C:\WINDOWS\System32\shiftjis.uce
[2010/03/09 11:24:10 | 000,016,730 | -H-- | C] () -- C:\WINDOWS\FeatherTexture.bmp
[2010/03/09 11:24:10 | 000,012,876 | -H-- | C] () -- C:\WINDOWS\System32\korean.uce
[2010/03/09 11:24:10 | 000,008,484 | -H-- | C] () -- C:\WINDOWS\System32\kanji_2.uce
[2010/03/09 11:24:10 | 000,006,948 | -H-- | C] () -- C:\WINDOWS\System32\kanji_1.uce
[2010/03/09 11:24:10 | 000,001,272 | -H-- | C] () -- C:\WINDOWS\Blue Lace 16.bmp
[2010/03/09 11:24:09 | 000,024,006 | -H-- | C] () -- C:\WINDOWS\System32\gb2312.uce
[2010/03/09 11:24:09 | 000,022,984 | -H-- | C] () -- C:\WINDOWS\System32\bopomofo.uce
[2010/03/09 11:24:07 | 000,003,286 | -H-- | C] () -- C:\WINDOWS\System32\tslabels.h
[2010/03/09 11:24:07 | 000,001,161 | -H-- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2010/03/09 11:24:05 | 000,000,768 | -H-- | C] () -- C:\WINDOWS\System32\msdtcprf.h
[2010/03/09 11:23:56 | 000,063,488 | -H-- | C] () -- C:\WINDOWS\System32\wmimgmt.msc
[2010/03/09 02:57:59 | 001,685,606 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.spd
[2010/03/09 02:57:59 | 000,000,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.sdf
[2010/03/09 02:57:58 | 000,643,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa
[2010/03/09 02:57:58 | 000,605,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa
[2010/03/09 02:57:55 | 000,066,082 | -H-- | C] () -- C:\WINDOWS\System32\c_28603.nls
[2010/03/09 02:57:53 | 000,066,082 | -H-- | C] () -- C:\WINDOWS\System32\c_28599.nls
[2010/03/09 02:57:52 | 000,066,082 | -H-- | C] () -- C:\WINDOWS\System32\C_28595.NLS
[2010/03/09 02:57:50 | 000,066,082 | -H-- | C] () -- C:\WINDOWS\System32\C_28597.NLS
[2010/03/09 02:57:49 | 000,066,082 | -H-- | C] () -- C:\WINDOWS\System32\C_28594.NLS
[2010/03/09 02:57:46 | 000,066,082 | -H-- | C] () -- C:\WINDOWS\System32\c_20127.nls
[2010/03/09 02:57:43 | 000,001,688 | -H-- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2010/03/09 02:56:31 | 000,268,600 | -H-- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/03/09 02:55:21 | 000,000,211 | RHS- | C] () -- C:\boot.ini
[2010/03/09 02:55:20 | 000,000,288 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf
[2010/03/04 11:59:34 | 000,370,070 | R--- | C] () -- C:\Documents and Settings\OrlandoBoom\My Documents\1268423936_midi_keyboard.ico
[2010/03/04 11:48:09 | 000,001,673 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Keyboarding Pro™ 5 - Single.lnk
[2010/03/04 11:30:01 | 028,778,496 | ---- | C] () -- C:\Documents and Settings\OrlandoBoom\My Documents\R6Vegas_Game.exe
[2010/03/04 11:21:41 | 000,432,128 | ---- | C] () -- C:\Documents and Settings\OrlandoBoom\My Documents\Internet Explorer U994.exe
[2010/03/04 11:21:28 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\OrlandoBoom\PUTTY.RND
[2010/03/03 21:58:43 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\OrlandoBoom\jagex__preferences3.dat
[2010/03/03 21:36:59 | 000,000,069 | -H-- | C] () -- C:\Documents and Settings\OrlandoBoom\jagex_runescape_preferences2.dat
[2010/03/03 21:36:11 | 000,000,041 | -H-- | C] () -- C:\Documents and Settings\OrlandoBoom\jagex_runescape_preferences.dat
[2010/03/03 21:33:50 | 000,002,381 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\RuneScape.lnk
[2010/03/03 21:32:43 | 000,000,688 | ---- | C] () -- C:\Documents and Settings\OrlandoBoom\Desktop\JPG to Icon Converter.lnk
[2010/03/03 21:32:36 | 000,000,854 | ---- | C] () -- C:\Documents and Settings\OrlandoBoom\Desktop\Imagicon.lnk
[2010/03/03 19:25:37 | 000,022,388 | ---- | C] () -- C:\Documents and Settings\OrlandoBoom\My Documents\New Password sheet.docx
[2010/03/03 18:06:54 | 000,002,515 | ---- | C] () -- C:\Documents and Settings\OrlandoBoom\Desktop\Microsoft Office Word 2007.lnk
[2009/11/06 12:00:28 | 000,031,088 | -H-- | C] () -- C:\WINDOWS\System32\wrLZMA.dll
[2009/11/05 18:18:24 | 000,041,872 | ---- | C] () -- C:\WINDOWS\System32\xfcodec.dll
[2009/08/03 00:21:54 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2009/08/03 00:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2009/08/03 00:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2009/08/03 00:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2009/08/03 00:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2009/08/03 00:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2009/08/03 00:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2009/08/03 00:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2009/08/03 00:21:52 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2009/08/03 00:21:52 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2009/01/15 12:45:34 | 000,181,248 | -H-- | C] () -- C:\WINDOWS\System32\txmlutil.dll
[2008/10/07 23:08:38 | 000,020,936 | ---- | C] () -- C:\WINDOWS\System32\instwdm.ini
[2008/10/07 22:41:40 | 000,002,560 | ---- | C] () -- C:\WINDOWS\System32\CtxfiRes.dll
[2008/09/12 20:22:40 | 000,000,054 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2007/01/31 13:50:32 | 000,913,408 | -H-- | C] () -- C:\WINDOWS\System32\xreglib.dll
[2006/05/23 20:00:48 | 000,037,888 | ---- | C] () -- C:\WINDOWS\System32\CTBURST.DLL
[2005/07/26 20:13:12 | 000,000,321 | ---- | C] () -- C:\WINDOWS\System32\kill.ini
[2005/06/07 04:10:50 | 000,070,656 | ---- | C] () -- C:\WINDOWS\System32\CTMMACTL.DLL
[1996/04/03 11:33:26 | 000,005,248 | -H-- | C] () -- C:\WINDOWS\System32\giveio.sys

========== Alternate Data Streams ==========

@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:010ADD2C
@Alternate Data Stream - 105 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D74B6CF5
< End of report >


#4 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,207 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:05:58 AM

Posted 19 March 2010 - 05:08 PM

Please post me also the GMER log and the extra.txt logfile that is created by OTL.


regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#5 Where?Wolf

Where?Wolf
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:58 PM

Posted 19 March 2010 - 07:10 PM

I have a bunch of files on the external hardrive that I have that I cant access that I evidently dont have rights to. If you ask me thats got to have something to do with why I cant relly on this peice of technology we call a computer. Im going to take the hardrive to a computer shop on monday. They should be able to hook it up to a windows vista computer and remove the files using the comand prompt manualy deleting every single on of them. That ought to do it.
OTL Extras logfile created on: 3/19/2010 11:46:22 AM - Run 1
OTL by OldTimer - Version 3.1.37.3 Folder = C:\Documents and Settings\OrlandoBoom\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 68.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 81.00% Paging File free
Paging file location(s): c:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 298.08 Gb Total Space | 231.95 Gb Free Space | 77.81% Space Free | Partition Type: NTFS
Drive D: | 149.00 Gb Total Space | 148.90 Gb Free Space | 99.93% Space Free | Partition Type: NTFS
Unable to calculate disk information.
F: Drive not present or media not loaded
G: Drive not present or media not loaded
Drive H: | 465.75 Gb Total Space | 182.68 Gb Free Space | 39.22% Space Free | Partition Type: NTFS
I: Drive not present or media not loaded

Computer Name: R-S7LWKFLKK7U6A
Current User Name: OrlandoBoom
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe" = C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe:*:Enabled:Apache HTTP Server -- (Apache Software Foundation)
"C:\Program Files\BitTorrent\bittorrent.exe" = C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- (BitTorrent, Inc.)
"C:\Program Files\Steam\steamapps\common\bioshock\Builds\Release\Bioshock.exe" = C:\Program Files\Steam\steamapps\common\bioshock\Builds\Release\Bioshock.exe:*:Enabled:BioShock -- ()


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{015C5B35-B678-451C-9AEE-821E8D69621C}_is1" = PeerBlock 1.0.0 (r181)
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{152B782A-05F3-48EC-9AAC-4D3EB68D9E20}" = Quake 4™
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18F11181-EA1A-42AE-AF89-4867C7F7A6FA}" = Sound Blaster X-Fi
"{1F6423DE-7959-4178-80E0-023C7EAA5347}" = NVIDIA ForceWare Network Access Manager
"{1FCC574F-AFA2-4432-9EF1-79CA7BA73431}_is1" = Spy Sweeper
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java™ 6 Update 17
"{32343DB6-9A52-40C9-87E4-5E7C79791C87}" = MSXML 4.0 SP2 and SOAP Toolkit 3.0
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3F5B6210-0903-4DC6-8034-8F488AA3A782}" = Spy Sweeper Core
"{4AEA646F-270A-4ADA-97A5-0B31FDDAD67F}" = Font_Setup
"{5731C0A8-B266-451A-8D3F-8066AA21836F}" = Tom Clancy's Rainbow Six Vegas
"{587178E7-B1DF-494E-9838-FA4DD36E873C}" = ASUSUpdate
"{5E77082C-5DFC-42EF-9B16-64AD165F6BE2}" = MX vs ATV Unleashed Demo
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A7F6127-CF84-476E-B2DE-F3CC912CBF6C}" = RuneScape
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PROPLUS_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PROPLUS_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{901DC58A-5C1B-4315-BA40-5AD3D3A463B9}" = ijji REACTOR
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9E1BAB75-EB78-440D-94C0-A3857BE2E733}" = System Requirements Lab
"{A06275F4-324B-4E85-95E6-87B2CD729401}" = Windows Defender
"{A149E33D-74B9-4033-9B53-A5DE82864850}" = BitDefender Internet Security 2010
"{A1E21995-127E-4B7F-8C4D-CB04AA8A58EF}_is1" = Advanced System Optimizer
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}" = NVIDIA PhysX
"{CBE19707-CF6D-4819-9574-3DFD568960FA}" = GFI LANguard 9.0
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F7338FA3-DAB5-49B2-900D-0AFB5760C166}" = PC Probe II
"7-Zip" = 7-Zip 4.65
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Anarchy Online_is1" = Anarchy Online
"Audacity_is1" = Audacity 1.2.6
"AudioCS" = Creative Audio Control Panel
"BitTorrent" = BitTorrent
"CCleaner" = CCleaner
"CometBird (3.5.6)" = CometBird (3.5.6)
"Creative Software AutoUpdate" = Creative Software AutoUpdate
"Defraggler" = Defraggler
"Download Accelerator Plus (DAP)" = Download Accelerator Plus (DAP)
"FL Studio 9" = FL Studio 9
"Freecorder Toolbar" = Freecorder Toolbar
"Freecorder4.0" = Freecorder 4.0 Application
"HijackThis" = HijackThis 2.0.2
"ie8" = Windows Internet Explorer 8
"InstallShield_{152B782A-05F3-48EC-9AAC-4D3EB68D9E20}" = Quake 4™
"InstallShield_{1F6423DE-7959-4178-80E0-023C7EAA5347}" = NVIDIA ForceWare Network Access Manager
"InstallShield_{CBE19707-CF6D-4819-9574-3DFD568960FA}" = GFI LANguard 9.0
"JPG to Icon Converter_is1" = JPG to Icon Converter 1.0
"Keyboarding Pro 5" = Keyboarding Pro 5
"KLiteCodecPack_is1" = K-Lite Codec Pack 5.7.0 (Full)
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6)" = Mozilla Firefox (3.6)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"OpenAL" = OpenAL
"PalTalk8.2" = PaltalkScene
"PConverter" = PConverter
"PoiZone" = PoiZone
"PowerISO" = PowerISO
"PROPLUS" = Microsoft Office Professional Plus 2007
"Rohan_RBF" = Rohan_RBF
"Sawer" = Sawer
"SpeedBit Video Accelerator" = SpeedBit Video Accelerator
"SpeedBit Video Downloader" = SpeedBit Video Downloader
"SpeedFan" = SpeedFan (remove only)
"Steam App 7670" = BioShock
"SysInfo" = Creative System Information
"Toxic Biohazard" = Toxic Biohazard
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Xfire" = Xfire (remove only)

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Imagicon" = Imagicon
"Yahoo! BrowserPlus" = Yahoo! BrowserPlus

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >


#6 Where?Wolf

Where?Wolf
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:58 PM

Posted 19 March 2010 - 07:12 PM

I gave GMER a go but it had frozen and ceased to operate before giving me the log.

#7 Where?Wolf

Where?Wolf
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:58 PM

Posted 19 March 2010 - 07:19 PM

To describe what is going on with my computer. The time and date changes to a different value by itself. Mozilla firefox opens itself. It took me to zoosk on myspace but that could have been adware. I can no longer set my files and folders to private.
My explorer has been changed to the point where Viewing the hardrives looks differnent than it did before its now dull and boring I dont see as much as i used to. mad.gif ohmy.gif

#8 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,207 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:05:58 AM

Posted 20 March 2010 - 04:41 AM

Hello Where?Wolf,

P2P WARNING
-------------------
Going over your logs I noticed that you have BitTorrent installed.
  • Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs.
  • They are a security risk which can make your computer susceptible to a smörgåsbord of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.
  • Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users.
  • The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications.
It is pretty much certain that if you continue to use P2P programs, you will get infected again.
I would recommend that you uninstall BitTorrent, however that choice is up to you. If you choose to remove these programs, you can do so via Start > Control Panel > Add/Remove Programs.

If you wish to keep it, please do not use it until your computer is cleaned.


COMBOFIX
---------------
Please download ComboFix from one of these locations:
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Double click on Combofix.exe and follow the prompts.
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
**Please note: If the Microsoft Windows Recovery Console is already installed, or if you are running Vista, ComboFix will continue it's malware removal procedures.



Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:



Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.


In your next reply, please include the following:
  • Combofix.txt

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#9 Where?Wolf

Where?Wolf
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:58 PM

Posted 26 March 2010 - 06:08 PM

smile.gif Ive made some changes to the computer that have made a big difference improvments wise. I have formated the external hardrive. That hardrive had files on it that were inaccesable to me. Read only prevented me from having rights to them. I couldnt change that in safemode security tab either. So I used a wipedisc bootdisc to format the drive. I backed up everything that I knew wasnt malicious onto the C or D drives. After I formated H: drive I moved the files back over to the H: drive. Then I reinstalled windows to the C: drive. Im now using windows firewall instead of the motherboards Nvidia firewall on High mode. I have the windows firewall running with the Nvidia firewall antihacker firewall at the same time. Its friggin sweet how well its running. thumbup.gif smile.gif

#10 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,207 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:05:58 AM

Posted 27 March 2010 - 04:47 AM

Hello, glad to hear that everything is running fine.

However, one note, its not a good idea to have two firewalls running at once. They will only compete for control with each other and let malware slip by. Windows firewall does not have outbound protection, which means it will not protect you once malware is on your system and tries to "phone home".

Let me know if you need any more help or if I can close this topic.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#11 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,207 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:05:58 AM

Posted 08 April 2010 - 01:06 PM

Since this issue seems to be resolved, this topic will now be closed.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users