Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

tdss.565


  • This topic is locked This topic is locked
23 replies to this topic

#1 mc303

mc303

  • Members
  • 56 posts
  • OFFLINE
  •  
  • Local time:08:55 PM

Posted 06 April 2010 - 01:36 PM

Hi i am getting redirected , cannot go to previous in ie8, when i run dr web i get
atapi.sys;C:\WINDOWS\system32\drivers;BackDoor.Tdss.565;Will be cured after restart.;
atapi.sys;c:\windows\system32\drivers;BackDoor.Tdss.565;Will be cured after restart.;
when dr web finds these norton tells me
windows/system32/drivers/drw69.tmp & drw6A.tmp
cannot repair access denied, tried bitdefender online,,, nothing, here is latest HJT log
thank you for your valuable time
Regards
Michael


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:32:39, on 06/04/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Norton Personal Firewall\NISUM.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EKIJ5000MUI.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Norton Personal Firewall\ccPxySvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Kodak\AiO\Center\ekdiscovery.exe
C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Michael\My Documents\Washer\washer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\Michael\Desktop\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe
O4 - HKLM\..\Run: [ccRegVfy] C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe
O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Conime] %windir%\system32\conime.exe
O4 - HKLM\..\Run: [EKIJ5000StatusMonitor] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EKIJ5000MUI.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\RunOnce: [washindex] c:\Program Files\Washer\washidx.exe "Michael"
O4 - HKLM\..\RunServicesOnce: [washindex] c:\Program Files\Washer\washidx.exe "Michael"
O4 - HKCU\..\Run: [Washer] c:\Program Files\Washer\washer.exe /0
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\RunOnce: [washindex] c:\Program Files\Washer\washidx.exe "Michael"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/...can8/oscan8.cab
O16 - DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/eB...l_v1-0-31-0.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Proxy Service (ccPxySvc) - Symantec Corporation - C:\Program Files\Norton Personal Firewall\ccPxySvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Kodak AiO Network Discovery Service - Eastman Kodak Company - C:\Program Files\Kodak\AiO\Center\ekdiscovery.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Personal Firewall Accounts Manager (NISUM) - Symantec Corporation - C:\Program Files\Norton Personal Firewall\NISUM.EXE
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

--
End of file - 6647 bytes


BC AdBot (Login to Remove)

 


#2 etavares

etavares

    Bleepin' Remover


  • Malware Response Team
  • 15,514 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:55 PM

Posted 09 April 2010 - 06:46 PM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.

Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process. Please also continue to work with me until I give you the all clear. Even if your computer appears to act better, you may still be infected.

Even if you have already provided information about your PC, we need a new log to see what has changed since you originally posted your problem.

Once we start working together, please reply back within 3 days or this thread may be closed so we can help others who are waiting.

We need to create an OTL report,
  • Please download OTL from this link.
  • Save it to your desktop.
  • Double click on the icon on your desktop.
  • Click the "Scan All Users" checkbox.
  • Under the Custom Scan box paste this in:

    netsvcs
    msconfig
    activex
    drivers32
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %SYSTEMDRIVE%\*.exe
    /md5start
    eventlog.dll
    scecli.dll
    netlogon.dll
    cngaudit.dll
    sceclt.dll
    ntelogon.dll
    logevent.dll
    iaStor.sys
    nvstor.sys
    atapi.sys
    IdeChnDr.sys
    viasraid.sys
    AGP440.sys
    vaxscsi.sys
    nvatabus.sys
    viamraid.sys
    nvata.sys
    nvgts.sys
    iastorv.sys
    ViPrt.sys
    eNetHook.dll
    ahcix86.sys
    KR10N.sys
    nvstor32
    ahcix86s.sys
    nvrd32.sys
    /md5stop
    %systemroot%\*. /mp /s
    CREATERESTOREPOINT

  • Click the Quick Scan button.
  • The scan should take a few minutes.
  • Please copy and paste both logs in your reply.

We also need a new log from the GMER anti-rootkit scanner. Please first disable any CD emulation programs using the steps found in this topic:

Why we request you disable CD Emulation when receiving Malware Removal Advice

Then create another GMER log and post it as an attachment to the reply where you post your new OTL log. Instructions on how to properly create a GMER log can be found here:

How to create a GMER log


In your reply, please post both OTL logs and the GMER log.


If I don't respond within 2 days, please feel free to PM me.
Please don't ask for help via PM. The forums are there for a reason. Please post in the forums so others may benefit as well.

Posted Image
Unified Network of Instructors and Trusted Eliminators
 


#3 mc303

mc303
  • Topic Starter

  • Members
  • 56 posts
  • OFFLINE
  •  
  • Local time:08:55 PM

Posted 10 April 2010 - 07:21 AM

Hi Etaveras and thank you for helping me with your experience and time
THE RESULTS WOULD NOT FIT IN ONE POST THE RESULTS ARE IN 3 POSTS.

OTL logfile created on: 10/04/2010 10:34:53 - Run 1
OTL by OldTimer - Version 3.2.1.0 Folder = C:\Documents and Settings\Michael\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

511.00 Mb Total Physical Memory | 140.00 Mb Available Physical Memory | 27.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 73.00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.26 Gb Total Space | 27.74 Gb Free Space | 74.44% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: SPURS
Current User Name: Michael
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/04/07 00:48:40 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Michael\Desktop\OTL.exe
PRC - [2009/08/05 12:49:44 | 000,284,016 | ---- | M] (Eastman Kodak Company) -- C:\Program Files\Kodak\AiO\Center\ekdiscovery.exe
PRC - [2009/08/03 09:33:06 | 001,626,112 | ---- | M] (Eastman Kodak Company) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\EKIJ5000MUI.exe
PRC - [2008/04/14 01:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2004/11/02 16:59:50 | 000,316,544 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
PRC - [2002/11/14 19:41:26 | 000,116,336 | ---- | M] (Symantec Corporation) -- C:\Program Files\Norton AntiVirus\NAVAPSVC.EXE
PRC - [2002/09/14 20:23:52 | 000,140,992 | ---- | M] (Symantec Corporation) -- C:\Program Files\Norton Personal Firewall\NISUM.EXE
PRC - [2002/09/14 20:22:26 | 000,034,496 | ---- | M] (Symantec Corporation) -- C:\Program Files\Norton Personal Firewall\ccPxySvc.exe
PRC - [2002/09/14 20:21:22 | 000,054,976 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccApp.exe
PRC - [2002/09/12 19:52:38 | 000,317,128 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
PRC - [2002/08/14 06:03:00 | 000,135,168 | ---- | M] (Symantec Corporation) -- C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE


========== Modules (SafeList) ==========

MOD - [2010/04/07 00:48:40 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Michael\Desktop\OTL.exe


========== Win32 Services (SafeList) ==========

SRV - [2009/08/05 12:49:44 | 000,284,016 | ---- | M] (Eastman Kodak Company) [Auto | Running] -- C:\Program Files\Kodak\AiO\Center\ekdiscovery.exe -- (Kodak AiO Network Discovery Service)
SRV - [2004/11/02 16:59:50 | 000,316,544 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe -- (SymWSC)
SRV - [2002/11/14 19:41:26 | 000,116,336 | ---- | M] (Symantec Corporation) [On_Demand | Running] -- C:\Program Files\Norton AntiVirus\NAVAPSVC.EXE -- (navapsvc)
SRV - [2002/09/14 20:23:52 | 000,140,992 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton Personal Firewall\NISUM.EXE -- (NISUM)
SRV - [2002/09/14 20:22:26 | 000,034,496 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton Personal Firewall\ccPxySvc.exe -- (ccPxySvc)
SRV - [2002/09/14 20:22:20 | 000,067,264 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe -- (ccPwdSvc)
SRV - [2002/09/12 19:52:38 | 000,317,128 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe -- (ccEvtMgr)
SRV - [2002/08/14 06:03:00 | 000,135,168 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE -- (NProtectService)
SRV - [2001/08/13 23:18:36 | 000,054,408 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\Script Blocking\SBServ.exe -- (SBService)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1275210071-507921405-1343024091-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
IE - HKU\S-1-5-21-1275210071-507921405-1343024091-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



O1 HOSTS File: ([2004/08/04 13:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (CNavExtBho Class) - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NAVSHEXT.DLL (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Norton AntiVirus) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NAVSHEXT.DLL (Symantec Corporation)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-1275210071-507921405-1343024091-1004\..\Toolbar\WebBrowser: (Norton AntiVirus) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NAVSHEXT.DLL (Symantec Corporation)
O4 - HKLM..\Run: [Advanced Tools Check] C:\Program Files\Norton AntiVirus\AdvTools\AdvChk.exe (Symantec Corporation)
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [ccRegVfy] C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe (Symantec Corporation)
O4 - HKLM..\Run: [Cmaudio] File not found
O4 - HKLM..\Run: [Conime] C:\WINDOWS\system32\conime.exe (Microsoft Corporation)
O4 - HKLM..\Run: [EKIJ5000StatusMonitor] C:\WINDOWS\system32\spool\drivers\w32x86\3\EKIJ5000MUI.exe (Eastman Kodak Company)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKU\S-1-5-21-1275210071-507921405-1343024091-1004..\Run: [Washer] c:\Program Files\Washer\washer.exe File not found
O4 - HKLM..\RunServicesOnce: [washindex] c:\Program Files\Washer\washidx.exe File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1275210071-507921405-1343024091-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/e/2...78f/wvc1dmo.cab (Reg Error: Key error.)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://download.bitdefender.com/resources/...can8/oscan8.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} http://tools.ebayimg.com/eps/wl/activex/eB...l_v1-0-31-0.cab (EPUImageControl Class)
O16 - DPF: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/get/shock...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/04/01 08:58:49 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2010/04/01 08:58:13 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Wmi - C:\WINDOWS\system32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found


ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (16902109354000384)

========== Files/Folders - Created Within 14 Days ==========

[2010/04/08 11:23:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael\My Documents\CubeCart-latest
[2010/04/08 01:40:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\kds_kodak
[2010/04/08 01:35:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael\My Documents\Adobe Photoshop 7.0
[2010/04/07 22:51:44 | 000,569,344 | ---- | C] (UtahSoft) -- C:\Documents and Settings\Michael\Desktop\icrop.exe
[2010/04/07 19:20:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael\Desktop\New Folder
[2010/04/07 16:30:55 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Michael\IECompatCache
[2010/04/07 16:23:33 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2010/04/07 16:15:31 | 000,000,000 | ---D | C] -- C:\Program Files\Moyea
[2010/04/07 14:31:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael\My Documents\prods
[2010/04/07 14:29:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael\My Documents\ws_ftple508
[2010/04/07 13:01:36 | 000,000,000 | ---D | C] -- C:\Program Files\Digital Dutch
[2010/04/07 13:01:25 | 002,244,968 | ---- | C] (Digital Dutch ) -- C:\Documents and Settings\Michael\My Documents\arles586.exe
[2010/04/07 11:49:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael\Desktop\prods
[2010/04/07 11:16:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2010/04/07 11:15:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael\Application Data\SUPERAntiSpyware.com
[2010/04/07 11:15:59 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2010/04/07 11:15:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2010/04/07 00:48:34 | 000,561,664 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Michael\Desktop\OTL.exe
[2010/04/06 21:23:58 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2010/04/06 19:40:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael\Local Settings\Application Data\Adobe
[2010/04/06 19:39:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2010/04/06 19:32:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael\Desktop\HijackThis
[2010/04/06 18:57:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/04/06 18:57:29 | 000,000,000 | ---D | C] -- C:\Program Files\SpywareBlaster
[2010/04/06 18:56:22 | 003,012,768 | ---- | C] (Javacool Software LLC ) -- C:\Documents and Settings\Michael\Desktop\spywareblastersetup42.exe
[2010/04/06 14:16:16 | 001,840,232 | ---- | C] (Trend Micro) -- C:\Documents and Settings\Michael\Desktop\HousecallLauncher.exe
[2010/04/06 14:13:32 | 000,000,000 | ---D | C] -- C:\Program Files\TrendMicro
[2010/04/05 15:11:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael\Local Settings\Application Data\Identities
[2010/04/04 19:28:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael\My Documents\Washer
[2010/04/04 13:08:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael\Desktop\whole
[2010/04/03 14:07:21 | 000,020,824 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/04/03 14:07:18 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/04/03 14:07:17 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/04/03 10:53:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2010/04/03 00:06:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael\Local Settings\Application Data\PCHealth
[2010/04/02 21:28:03 | 000,000,000 | ---D | C] -- C:\Program Files\Norton Personal Firewall
[2010/04/02 19:15:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2010/04/02 19:15:11 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2010/04/02 19:14:51 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2010/04/02 19:14:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\BDOSCAN8
[2010/04/02 19:03:41 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Michael\PrivacIE
[2010/04/02 18:52:45 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Michael\IETldCache
[2010/04/02 18:50:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2010/04/02 18:47:27 | 002,876,728 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Michael\My Documents\mbam-setup.exe
[2010/04/02 11:54:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2010/04/02 11:52:59 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2010/04/02 11:15:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael\DoctorWeb
[2010/04/02 11:00:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael\Application Data\Malwarebytes
[2010/04/02 11:00:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/04/02 09:55:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun
[2010/04/02 09:25:36 | 015,819,658 | ---- | C] (Plastics Direct ) -- C:\Documents and Settings\Michael\Desktop\kc2_designs.exe
[2010/04/02 09:00:53 | 012,991,848 | ---- | C] (Opera Software ASA) -- C:\Documents and Settings\Michael\My Documents\Opera_1051_int_Setup.exe
[2010/04/02 08:55:34 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2010/04/01 22:45:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael\My Documents\shem
[2010/04/01 22:23:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael\Application Data\Media Player Classic
[2010/04/01 22:23:19 | 000,000,000 | ---D | C] -- C:\Program Files\K-Lite Codec Pack
[2010/04/01 17:17:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2010/04/01 17:16:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2010/04/01 16:47:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\RegisteredPackages
[2010/04/01 16:41:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-us
[2010/04/01 16:40:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting
[2010/04/01 16:40:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2010/04/01 16:40:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en
[2010/04/01 16:40:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2010/04/01 16:31:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2010/04/01 16:29:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups
[2010/04/01 16:24:20 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2010/04/01 16:24:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\EHome
[2010/04/01 16:15:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2010/04/01 13:34:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2010/04/01 12:27:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael\Local Settings\Application Data\KODAK
[2010/04/01 12:27:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael\Local Settings\Application Data\Eastman Kodak Company
[2010/04/01 12:27:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Eastman Kodak Company
[2010/04/01 12:26:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\kodak
[2010/04/01 12:25:51 | 000,405,504 | ---- | C] (Eastman Kodak Company) -- C:\WINDOWS\System32\EKIJ5000MON.dll
[2010/04/01 12:25:51 | 000,126,976 | ---- | C] (Eastman Kodak Company) -- C:\WINDOWS\System32\EKIJCOINST05.dll
[2010/04/01 12:25:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
[2010/04/01 12:25:17 | 000,000,000 | ---D | C] -- C:\Program Files\Kodak
[2010/04/01 12:24:49 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2010/04/01 12:24:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple
[2010/04/01 12:23:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Kodak
[2010/04/01 12:22:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael\Application Data\Temp
[2010/04/01 12:20:13 | 000,000,000 | R-SD | C] -- C:\WINDOWS\assembly
[2010/04/01 12:19:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET
[2010/04/01 12:02:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael\Application Data\Macromedia
[2010/04/01 12:02:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael\Application Data\Adobe
[2010/04/01 11:43:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun
[2010/04/01 11:43:31 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010/04/01 11:42:43 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2010/04/01 11:42:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael\Application Data\Sun
[2010/04/01 09:54:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael\Local Settings\Application Data\Plastics Direct
[2010/04/01 09:54:08 | 000,000,000 | ---D | C] -- C:\Program Files\Keyring Creator 2
[2010/04/01 09:50:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael\Desktop\KEYS
[2010/04/01 09:47:59 | 000,000,000 | -HSD | C] -- C:\WINDOWS\Installer
[2010/04/01 09:47:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC
[2010/04/01 09:47:55 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeechEngines
[2010/04/01 09:47:54 | 000,000,000 | R--D | C] -- C:\Program Files
[2010/04/01 09:47:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Shared
[2010/04/01 09:47:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files
[2010/04/01 09:47:30 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu
[2010/04/01 09:47:30 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents
[2010/04/01 09:47:30 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Templates
[2010/04/01 09:47:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Favorites
[2010/04/01 09:47:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Desktop
[2010/04/01 09:47:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2010/04/01 09:47:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot
[2010/04/01 09:47:11 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2010/04/01 09:47:11 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\All Users\Application Data
[2010/04/01 09:46:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings
[2010/04/01 09:46:45 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2010/04/01 09:39:02 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Michael\UserData
[2010/04/01 09:38:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2010/04/01 09:36:55 | 000,000,000 | ---D | C] -- C:\Program Files\O2
[2010/04/01 09:33:08 | 000,000,000 | ---D | C] -- C:\Program Files\O2_Installer
[2010/04/01 09:23:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael\My Documents\My Received Files
[2010/04/01 09:22:57 | 000,000,000 | R-SD | C] -- C:\WINDOWS\Fonts
[2010/04/01 09:22:57 | 000,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2010/04/01 09:22:57 | 000,000,000 | R--D | C] -- C:\WINDOWS\Web
[2010/04/01 09:22:57 | 000,000,000 | -H-D | C] -- C:\WINDOWS\inf
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\WinSxS
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wins
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\twain_32
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\system32
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\system
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\spool
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\security
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\Resources
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\repair
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ras
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\Provisioning
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\PeerNet
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\pchealth
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\npp
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\mui
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\mui
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\msapps
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\msagent
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\Media
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\java
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\IME
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\ime
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ias
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\Help
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\export
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\Debug
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cursors
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\config
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\Config
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\AppPatch
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\addins
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3076
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\2052
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1054
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1042
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1041
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1037
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1033
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1031
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1028
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1025
[2010/04/01 09:21:19 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
[2010/04/01 09:20:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2010/04/01 09:20:57 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$
[2010/04/01 09:15:50 | 000,034,578 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NPDRIVER.SYS
[2010/04/01 09:15:50 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010/04/01 09:14:27 | 000,083,672 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\S32EVNT1.DLL
[2010/04/01 09:14:27 | 000,073,640 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2010/04/01 09:14:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael\Application Data\Symantec
[2010/04/01 09:14:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Symantec
[2010/04/01 09:14:02 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2010/04/01 09:13:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2010/04/01 09:13:49 | 000,000,000 | ---D | C] -- C:\Program Files\Norton AntiVirus
[2010/04/01 09:11:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2010/04/01 09:06:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael\Local Settings\Application Data\SupportSoft
[2010/04/01 09:06:22 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SupportSoft
[2010/04/01 09:04:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael\Application Data\Identities
[2010/04/01 09:04:15 | 000,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
[2010/04/01 09:04:14 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Michael\My Documents\My Pictures
[2010/04/01 09:04:14 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Michael\My Documents\My Music
[2010/04/01 09:04:09 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Michael\Application Data\Microsoft
[2010/04/01 09:04:09 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Michael\SendTo
[2010/04/01 09:04:09 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Michael\Recent
[2010/04/01 09:04:09 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Michael\Application Data
[2010/04/01 09:04:09 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Michael\Start Menu
[2010/04/01 09:04:09 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Michael\My Documents
[2010/04/01 09:04:09 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Michael\Favorites
[2010/04/01 09:04:09 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Michael\Cookies
[2010/04/01 09:04:09 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Michael\Templates
[2010/04/01 09:04:09 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Michael\PrintHood
[2010/04/01 09:04:09 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Michael\NetHood
[2010/04/01 09:04:09 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Michael\Local Settings
[2010/04/01 09:04:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael\Local Settings\Application Data\Microsoft
[2010/04/01 09:04:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael\Desktop
[2010/04/01 09:02:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2010/04/01 09:02:50 | 000,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft
[2010/04/01 09:02:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2010/04/01 09:01:01 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2010/04/01 09:01:01 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2010/04/01 08:59:51 | 000,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll
[2010/04/01 08:59:51 | 000,045,056 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll
[2010/04/01 08:59:51 | 000,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll
[2010/04/01 08:59:35 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2010/04/01 08:59:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom
[2010/04/01 08:59:00 | 000,000,000 | ---D | C] -- C:\Program Files\xerox
[2010/04/01 08:59:00 | 000,000,000 | ---D | C] -- C:\Program Files\microsoft frontpage
[2010/04/01 08:58:42 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2010/04/01 08:58:42 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2010/04/01 08:57:41 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\DRM
[2010/04/01 08:57:29 | 000,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files
[2010/04/01 08:57:29 | 000,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages
[2010/04/01 08:57:15 | 000,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate
[2010/04/01 08:56:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX
[2010/04/01 08:56:31 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Services
[2010/04/01 08:56:30 | 000,000,000 | --SD | C] -- C:\WINDOWS\Tasks
[2010/04/01 08:56:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap
[2010/04/01 08:56:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\srchasst
[2010/04/01 08:56:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed
[2010/04/01 08:56:18 | 000,000,000 | ---D | C] -- C:\Program Files\Movie Maker
[2010/04/01 08:56:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore
[2010/04/01 08:56:09 | 000,000,000 | ---D | C] -- C:\Program Files\NetMeeting
[2010/04/01 08:56:06 | 000,000,000 | ---D | C] -- C:\Program Files\Outlook Express
[2010/04/01 08:56:01 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\System
[2010/04/01 08:55:59 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Explorer
[2010/04/01 08:55:58 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Pictures
[2010/04/01 08:55:47 | 000,000,000 | ---D | C] -- C:\Program Files\ComPlus Applications
[2010/04/01 08:55:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\Registration
[2010/04/01 08:55:04 | 000,000,000 | ---D | C] -- C:\Program Files\Online Services
[2010/04/01 08:55:03 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Music
[2010/04/01 08:55:03 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Player
[2010/04/01 08:54:56 | 000,000,000 | ---D | C] -- C:\Program Files\Messenger
[2010/04/01 08:54:53 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Gaming Zone
[2010/04/01 08:54:24 | 000,000,000 | ---D | C] -- C:\Program Files\MSN
[2010/04/01 08:54:23 | 000,000,000 | ---D | C] -- C:\Program Files\Windows NT
[2010/04/01 08:54:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc
[2010/04/01 08:54:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Com
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 14 Days ==========

[2010/04/10 10:37:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\Symantec NetDetect.job
[2010/04/10 10:28:22 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/04/10 10:28:18 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/04/10 10:13:26 | 000,000,426 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{F847089E-2516-4483-BFD6-9464CF58DF2D}.job
[2010/04/10 09:55:41 | 000,014,848 | ---- | M] () -- C:\Documents and Settings\Michael\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/04/10 00:58:23 | 003,145,728 | -H-- | M] () -- C:\Documents and Settings\Michael\NTUSER.DAT
[2010/04/10 00:58:23 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Michael\ntuser.ini
[2010/04/10 00:58:07 | 006,938,938 | -H-- | M] () -- C:\Documents and Settings\Michael\Local Settings\Application Data\IconCache.db
[2010/04/08 11:20:03 | 003,103,920 | ---- | M] () -- C:\Documents and Settings\Michael\My Documents\CubeCart-latest.zip
[2010/04/08 05:25:00 | 000,001,148 | ---- | M] () -- C:\Documents and Settings\Michael\My Documents\index.tpl
[2010/04/08 01:42:26 | 000,023,531 | ---- | M] () -- C:\Documents and Settings\Michael\Desktop\NEWZEALAND2a.jpg
[2010/04/08 01:39:39 | 000,000,814 | ---- | M] () -- C:\Documents and Settings\Michael\Desktop\Adobe Photoshop 7.0.lnk
[2010/04/08 01:39:03 | 000,000,986 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
[2010/04/08 00:45:15 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2010/04/07 22:12:00 | 000,024,763 | ---- | M] () -- C:\Documents and Settings\Michael\Desktop\1012876.jpg
[2010/04/07 21:54:02 | 000,000,680 | ---- | M] () -- C:\Documents and Settings\Michael\Desktop\Shortcut to WS_FTP95.exe.lnk
[2010/04/07 18:54:54 | 000,014,744 | ---- | M] () -- C:\Documents and Settings\Michael\Desktop\wedding2.jpg
[2010/04/07 16:29:59 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/04/07 16:07:01 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/04/07 13:01:44 | 000,000,827 | ---- | M] () -- C:\Documents and Settings\Michael\Desktop\Arles Image Web Page Creator.lnk
[2010/04/07 11:16:05 | 000,000,780 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010/04/07 11:14:58 | 007,976,992 | ---- | M] () -- C:\Documents and Settings\Michael\Desktop\SUPERAntiSpyware.exe
[2010/04/07 00:48:40 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Michael\Desktop\OTL.exe
[2010/04/06 19:41:37 | 000,827,762 | ---- | M] () -- C:\Documents and Settings\Michael\Desktop\Property Flyer -wk 1(7-11Apr10).pdf
[2010/04/06 19:31:22 | 000,318,067 | ---- | M] () -- C:\Documents and Settings\Michael\Desktop\HijackThis.zip
[2010/04/06 19:04:51 | 000,000,631 | ---- | M] () -- C:\Documents and Settings\Michael\Desktop\Shortcut to washer.lnk
[2010/04/06 18:57:39 | 000,000,690 | ---- | M] () -- C:\Documents and Settings\Michael\Desktop\SpywareBlaster.lnk
[2010/04/06 18:56:25 | 003,012,768 | ---- | M] (Javacool Software LLC ) -- C:\Documents and Settings\Michael\Desktop\spywareblastersetup42.exe
[2010/04/06 14:16:23 | 000,000,036 | ---- | M] () -- C:\Documents and Settings\Michael\Local Settings\Application Data\housecall.guid.cache
[2010/04/06 14:16:17 | 001,840,232 | ---- | M] (Trend Micro) -- C:\Documents and Settings\Michael\Desktop\HousecallLauncher.exe
[2010/04/06 14:13:41 | 000,002,445 | ---- | M] () -- C:\Documents and Settings\Michael\Desktop\HiJackThis.lnk
[2010/04/06 14:13:13 | 001,401,344 | ---- | M] () -- C:\Documents and Settings\Michael\Desktop\HijackThis.msi
[2010/04/06 14:05:13 | 000,000,174 | ---- | M] () -- C:\Documents and Settings\Michael\Desktop\DrWeb.csv
[2010/04/06 13:25:11 | 036,556,072 | ---- | M] () -- C:\Documents and Settings\Michael\Desktop\dr.exe
[2010/04/03 18:54:18 | 000,017,392 | ---- | M] () -- C:\Documents and Settings\Michael\My Documents\bitdefender.html
[2010/04/03 14:07:21 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/04/03 14:05:43 | 000,000,292 | ---- | M] () -- C:\WINDOWS\System\cmicnfg.ini
[2010/04/03 13:20:51 | 000,015,481 | ---- | M] () -- C:\Documents and Settings\Michael\My Documents\!Bm4v3k!CGk~$(KGrHqUH-DkEttFPlWZWBLhUB6Fw+g~~_12.jpg
[2010/04/03 11:12:04 | 000,488,244 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/04/03 11:12:04 | 000,432,356 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/04/03 11:12:04 | 000,067,312 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/04/03 01:34:37 | 036,249,912 | ---- | M] () -- C:\Documents and Settings\Michael\Desktop\drweb.exe
[2010/04/03 00:03:41 | 000,013,104 | ---- | M] () -- C:\Documents and Settings\Michael\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/04/02 21:28:37 | 000,000,032 | -HS- | M] () -- C:\WINDOWS\{F13E0DEA-6950-47FB-A30D-4CC10BD0D92C}.dat
[2010/04/02 21:28:37 | 000,000,032 | -HS- | M] () -- C:\WINDOWS\System32\{EF0457F6-4E56-46B9-8783-B49EB463CC16}.dat
[2010/04/02 21:28:18 | 000,001,793 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Norton Personal Firewall.lnk
[2010/04/02 19:22:52 | 000,095,072 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/04/02 11:42:54 | 001,908,578 | ---- | M] () -- C:\Documents and Settings\Michael\My Documents\PD017.pdf
[2010/04/02 09:53:51 | 000,179,200 | ---- | M] () -- C:\WINDOWS\Dkyqya.exe
[2010/04/02 09:25:53 | 015,819,658 | ---- | M] (Plastics Direct ) -- C:\Documents and Settings\Michael\Desktop\kc2_designs.exe
[2010/04/02 09:01:07 | 012,991,848 | ---- | M] (Opera Software ASA) -- C:\Documents and Settings\Michael\My Documents\Opera_1051_int_Setup.exe
[2010/04/01 17:18:18 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2010/04/01 16:43:39 | 000,000,231 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/04/01 16:30:49 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2010/04/01 13:32:10 | 000,002,155 | ---- | M] () -- C:\Documents and Settings\Michael\Desktop\310310 Letter Benefits Services MF.doc
[2010/04/01 12:31:28 | 000,000,578 | ---- | M] () -- C:\WINDOWS\tasks\AiO Home Center Registration Remind Task.job
[2010/04/01 12:27:13 | 000,000,775 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\KODAK AiO Home Centre.lnk
[2010/04/01 11:26:17 | 000,068,063 | ---- | M] () -- C:\Documents and Settings\Michael\Desktop\topHeader1.jpg
[2010/04/01 09:54:10 | 000,000,710 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Keyring Creator 2.lnk
[2010/04/01 09:48:49 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.bak
[2010/04/01 09:16:48 | 000,001,925 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Norton AntiVirus 2003 Professional Edition.lnk
[2010/04/01 09:16:10 | 000,000,032 | -HS- | M] () -- C:\WINDOWS\System32\{DE22D068-8219-41C3-AE36-5E3813B59FC9}.dat
[2010/04/01 09:16:10 | 000,000,032 | -HS- | M] () -- C:\WINDOWS\{79CB7DF4-0E71-40E6-9FB5-CD8648B871B0}.dat
[2010/04/01 09:16:05 | 000,000,014 | ---- | M] () -- C:\WINDOWS\System32\SR2.dat
[2010/04/01 09:02:43 | 000,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD
[2010/04/01 09:01:44 | 000,000,261 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2010/04/01 08:58:49 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/04/01 08:58:49 | 000,000,477 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/04/01 08:58:49 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2010/04/01 08:58:49 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/04/01 08:58:49 | 000,000,000 | ---- | M] () -- C:\WINDOWS\control.ini
[2010/04/01 08:58:49 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010/04/01 08:58:49 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010/04/01 08:58:41 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2010/04/01 08:58:41 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2010/04/01 08:58:29 | 000,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2010/04/01 08:57:28 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\System32\WindowsLogon.manifest
[2010/04/01 08:57:28 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2010/04/01 08:57:20 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2010/04/01 08:57:20 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\WindowsShell.Manifest
[2010/04/01 08:57:20 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2010/04/01 08:57:20 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2010/04/01 08:57:20 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2010/04/01 08:57:20 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2010/04/01 08:55:56 | 000,021,640 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010/04/01 08:55:44 | 000,000,037 | ---- | M] () -- C:\WINDOWS\vbaddin.ini
[2010/04/01 08:55:44 | 000,000,036 | ---- | M] () -- C:\WINDOWS\vb.ini
[2010/04/01 08:53:12 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2010/03/30 00:46:30 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/03/30 00:45:52 | 000,020,824 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/04/08 11:19:57 | 003,103,920 | ---- | C] () -- C:\Documents and Settings\Michael\My Documents\CubeCart-latest.zip
[2010/04/08 05:25:00 | 000,001,148 | ---- | C] () -- C:\Documents and Settings\Michael\My Documents\index.tpl
[2010/04/08 01:42:25 | 000,023,531 | ---- | C] () -- C:\Documents and Settings\Michael\Desktop\NEWZEALAND2a.jpg
[2010/04/08 01:39:39 | 000,000,814 | ---- | C] () -- C:\Documents and Settings\Michael\Desktop\Adobe Photoshop 7.0.lnk
[2010/04/08 01:39:03 | 000,000,986 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
[2010/04/08 00:48:18 | 000,000,426 | -H-- | C] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{F847089E-2516-4483-BFD6-9464CF58DF2D}.job
[2010/04/07 22:18:03 | 000,014,744 | ---- | C] () -- C:\Documents and Settings\Michael\Desktop\wedding2.jpg
[2010/04/07 22:12:10 | 000,024,763 | ---- | C] () -- C:\Documents and Settings\Michael\Desktop\1012876.jpg
[2010/04/07 21:54:02 | 000,000,680 | ---- | C] () -- C:\Documents and Settings\Michael\Desktop\Shortcut to WS_FTP95.exe.lnk
[2010/04/07 13:01:44 | 000,000,827 | ---- | C] () -- C:\Documents and Settings\Michael\Desktop\Arles Image Web Page Creator.lnk
[2010/04/07 11:16:05 | 000,000,780 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010/04/07 11:14:58 | 007,976,992 | ---- | C] () -- C:\Documents and Settings\Michael\Desktop\SUPERAntiSpyware.exe
[2010/04/06 21:24:28 | 000,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2010/04/06 19:41:36 | 000,827,762 | ---- | C] () -- C:\Documents and Settings\Michael\Desktop\Property Flyer -wk 1(7-11Apr10).pdf
[2010/04/06 19:31:20 | 000,318,067 | ---- | C] () -- C:\Documents and Settings\Michael\Desktop\HijackThis.zip
[2010/04/06 19:04:51 | 000,000,631 | ---- | C] () -- C:\Documents and Settings\Michael\Desktop\Shortcut to washer.lnk
[2010/04/06 18:57:39 | 000,000,690 | ---- | C] () -- C:\Documents and Settings\Michael\Desktop\SpywareBlaster.lnk
[2010/04/06 14:16:23 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\Michael\Local Settings\Application Data\housecall.guid.cache
[2010/04/06 14:13:33 | 000,002,445 | ---- | C] () -- C:\Documents and Settings\Michael\Desktop\HiJackThis.lnk
[2010/04/06 14:13:07 | 001,401,344 | ---- | C] () -- C:\Documents and Settings\Michael\Desktop\HijackThis.msi
[2010/04/06 14:05:13 | 000,000,174 | ---- | C] () -- C:\Documents and Settings\Michael\Desktop\DrWeb.csv
[2010/04/06 13:25:08 | 036,556,072 | ---- | C] () -- C:\Documents and Settings\Michael\Desktop\dr.exe
[2010/04/03 21:06:52 | 000,017,392 | ---- | C] () -- C:\Documents and Settings\Michael\My Documents\bitdefender.html
[2010/04/03 14:07:21 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/04/03 14:05:42 | 000,000,292 | ---- | C] () -- C:\WINDOWS\System\cmicnfg.ini
[2010/04/03 13:20:58 | 000,015,481 | ---- | C] () -- C:\Documents and Settings\Michael\My Documents\!Bm4v3k!CGk~$(KGrHqUH-DkEttFPlWZWBLhUB6Fw+g~~_12.jpg
[2010/04/03 01:34:35 | 036,249,912 | ---- | C] () -- C:\Documents and Settings\Michael\Desktop\drweb.exe
[2010/04/02 21:28:37 | 000,000,032 | -HS- | C] () -- C:\WINDOWS\{F13E0DEA-6950-47FB-A30D-4CC10BD0D92C}.dat
[2010/04/02 21:28:37 | 000,000,032 | -HS- | C] () -- C:\WINDOWS\System32\{EF0457F6-4E56-46B9-8783-B49EB463CC16}.dat
[2010/04/02 21:28:18 | 000,001,793 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Norton Personal Firewall.lnk
[2010/04/02 11:42:53 | 001,908,578 | ---- | C] () -- C:\Documents and Settings\Michael\My Documents\PD017.pdf
[2010/04/02 09:54:15 | 000,179,200 | ---- | C] () -- C:\WINDOWS\Dkyqya.exe
[2010/04/01 22:23:23 | 000,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2010/04/01 22:23:23 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2010/04/01 22:22:42 | 000,014,848 | ---- | C] () -- C:\Documents and Settings\Michael\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/04/01 13:21:58 | 000,002,155 | ---- | C] () -- C:\Documents and Settings\Michael\Desktop\310310 Letter Benefits Services MF.doc
[2010/04/01 12:31:28 | 000,000,578 | ---- | C] () -- C:\WINDOWS\tasks\AiO Home Center Registration Remind Task.job
[2010/04/01 12:27:13 | 000,000,775 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\KODAK AiO Home Centre.lnk
[2010/04/01 12:17:02 | 000,246,660 | ---- | C] () -- C:\Documents and Settings\Michael\Local Settings\Application Data\installer.log
[2010/04/01 11:39:56 | 000,068,063 | ---- | C] () -- C:\Documents and Settings\Michael\Desktop\topHeader1.jpg
[2010/04/01 09:54:10 | 000,000,710 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Keyring Creator 2.lnk
[2010/04/01 09:48:50 | 000,013,646 | ---- | C] () -- C:\WINDOWS\System32\wpa.bak
[2010/04/01 09:48:38 | 000,613,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.chm
[2010/04/01 09:48:38 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud7.wav
[2010/04/01 09:48:38 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud6.wav
[2010/04/01 09:48:38 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud9.wav
[2010/04/01 09:48:38 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud8.wav
[2010/04/01 09:48:38 | 000,086,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud5.wav
[2010/04/01 09:48:38 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud4.wav
[2010/04/01 09:48:38 | 000,010,457 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.hta
[2010/04/01 09:48:38 | 000,001,771 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.css
[2010/04/01 09:48:38 | 000,000,855 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpocm.inf
[2010/04/01 09:48:38 | 000,000,420 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmploc.js
[2010/04/01 09:48:37 | 000,354,468 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud1.wav
[2010/04/01 09:48:37 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud3.wav
[2010/04/01 09:48:37 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud2.wav
[2010/04/01 09:48:37 | 000,017,272 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmdm.inf
[2010/04/01 09:48:37 | 000,008,677 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm7.gif
[2010/04/01 09:48:37 | 000,007,892 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm9.gif
[2010/04/01 09:48:37 | 000,007,636 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm2.gif
[2010/04/01 09:48:37 | 000,007,369 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm4.gif
[2010/04/01 09:48:37 | 000,006,769 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmfsdk.inf
[2010/04/01 09:48:37 | 000,006,241 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm3.gif
[2010/04/01 09:48:37 | 000,006,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm6.gif
[2010/04/01 09:48:37 | 000,005,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm1.gif
[2010/04/01 09:48:37 | 000,004,193 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm8.gif
[2010/04/01 09:48:37 | 000,002,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm5.gif
[2010/04/01 09:48:35 | 000,300,969 | ---- | C] () -- C:\WINDOWS\System32\dllcache\viz.wmv
[2010/04/01 09:48:35 | 000,017,489 | ---- | C] () -- C:\WINDOWS\System32\dllcache\videobg.gif
[2010/04/01 09:48:35 | 000,005,290 | ---- | C] () -- C:\WINDOWS\System32\dllcache\vidsamp.gif
[2010/04/01 09:48:34 | 000,002,375 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplayh.gif
[2010/04/01 09:48:33 | 000,023,829 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tourbg.gif
[2010/04/01 09:48:33 | 000,003,187 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tour.js
[2010/04/01 09:48:33 | 000,002,469 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplay.gif
[2010/04/01 09:48:33 | 000,002,450 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpause.gif
[2010/04/01 09:48:33 | 000,002,371 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpauseh.gif
[2010/04/01 09:48:33 | 000,001,398 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taon.gif
[2010/04/01 09:48:33 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taonh.gif
[2010/04/01 09:48:33 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoff.gif
[2010/04/01 09:48:33 | 000,001,367 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoffh.gif
[2010/04/01 09:48:31 | 000,001,148 | ---- | C] () -- C:\WINDOWS\System32\dllcache\snd.htm
[2010/04/01 09:48:30 | 000,000,908 | ---- | C] () -- C:\WINDOWS\System32\dllcache\skins.inf
[2010/04/01 09:48:29 | 000,572,557 | ---- | C] () -- C:\WINDOWS\System32\dllcache\rtuner.wmv
[2010/04/01 09:48:28 | 000,077,307 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plyr_err.chm
[2010/04/01 09:48:27 | 000,375,519 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nuskin.wmv
[2010/04/01 09:48:27 | 000,022,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npds.zip
[2010/04/01 09:48:27 | 000,000,403 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npdrmv2.zip
[2010/04/01 09:48:26 | 000,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img
[2010/04/01 09:48:21 | 000,002,778 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogoh.gif
[2010/04/01 09:48:21 | 000,002,545 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogo.gif
[2010/04/01 09:48:20 | 000,097,117 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.hlp
[2010/04/01 09:48:20 | 000,018,286 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.inf
[2010/04/01 09:48:20 | 000,001,885 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.cnt
[2010/04/01 09:48:17 | 000,457,607 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mdlib.wmv
[2010/04/01 09:48:05 | 000,005,971 | ---- | C] () -- C:\WINDOWS\System32\dllcache\events.js
[2010/04/01 09:48:02 | 000,001,355 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2010/04/01 09:47:56 | 001,685,606 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.spd
[2010/04/01 09:47:56 | 000,605,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa
[2010/04/01 09:47:56 | 000,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty
[2010/04/01 09:47:56 | 000,000,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.sdf
[2010/04/01 09:47:55 | 000,643,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa
[2010/04/01 09:47:55 | 000,381,425 | ---- | C] () -- C:\WINDOWS\System32\dllcache\copycd.wmv
[2010/04/01 09:47:55 | 000,009,585 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.css
[2010/04/01 09:47:55 | 000,008,298 | ---- | C] () -- C:\WINDOWS\System32\dllcache\contents.htm
[2010/04/01 09:47:55 | 000,006,878 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.js
[2010/04/01 09:47:55 | 000,000,999 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bktrh.gif
[2010/04/01 09:47:55 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnth.gif
[2010/04/01 09:47:55 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnt.gif
[2010/04/01 09:47:55 | 000,000,772 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cntd.gif
[2010/04/01 09:47:55 | 000,000,760 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapph.gif
[2010/04/01 09:47:55 | 000,000,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapp.gif
[2010/04/01 09:47:53 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28603.nls
[2010/04/01 09:47:53 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28603.nls
[2010/04/01 09:47:52 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_857.nls
[2010/04/01 09:47:52 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_857.nls
[2010/04/01 09:47:52 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28599.nls
[2010/04/01 09:47:52 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28599.nls
[2010/04/01 09:47:52 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10081.nls
[2010/04/01 09:47:52 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10081.nls
[2010/04/01 09:47:50 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28595.nls
[2010/04/01 09:47:50 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28595.NLS
[2010/04/01 09:47:50 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10017.nls
[2010/04/01 09:47:50 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10017.nls
[2010/04/01 09:47:50 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10007.nls
[2010/04/01 09:47:50 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10007.nls
[2010/04/01 09:47:48 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_869.nls
[2010/04/01 09:47:48 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_869.nls
[2010/04/01 09:47:48 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_737.nls
[2010/04/01 09:47:48 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_737.nls
[2010/04/01 09:47:48 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_875.nls
[2010/04/01 09:47:48 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_875.nls
[2010/04/01 09:47:48 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28597.nls
[2010/04/01 09:47:48 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28597.NLS
[2010/04/01 09:47:48 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10006.nls
[2010/04/01 09:47:48 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10006.nls
[2010/04/01 09:47:47 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_866.nls
[2010/04/01 09:47:47 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_866.nls
[2010/04/01 09:47:47 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_855.nls
[2010/04/01 09:47:47 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_855.nls
[2010/04/01 09:47:47 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28594.nls
[2010/04/01 09:47:47 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28594.NLS
[2010/04/01 09:47:45 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_852.nls
[2010/04/01 09:47:45 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_852.nls
[2010/04/01 09:47:45 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10082.nls
[2010/04/01 09:47:45 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10082.nls
[2010/04/01 09:47:45 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10029.nls
[2010/04/01 09:47:45 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10029.nls
[2010/04/01 09:47:45 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10010.nls
[2010/04/01 09:47:45 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10010.nls
[2010/04/01 09:47:44 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20127.nls
[2010/04/01 09:47:44 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_20127.nls
[2010/04/01 09:47:40 | 000,001,688 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2010/04/01 09:47:28 | 001,042,903 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP2.CAT
[2010/04/01 09:47:28 | 000,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2010/04/01 09:47:28 | 000,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2010/04/01 09:47:28 | 000,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2010/04/01 09:47:28 | 000,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2010/04/01 09:47:28 | 000,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2010/04/01 09:47:28 | 000,007,382 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2010/04/01 09:47:28 | 000,007,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat
[2010/04/01 09:46:44 | 000,095,072 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/04/01 09:46:08 | 000,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod
[2010/04/01 09:45:47 | 000,000,261 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf
[2010/04/01 09:37:16 | 000,000,211 | -HS- | C] () -- C:\boot.ini
[2010/04/01 09:16:43 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\Symantec NetDetect.job
[2010/04/01 09:16:10 | 000,000,032 | -HS- | C] () -- C:\WINDOWS\System32\{DE22D068-8219-41C3-AE36-5E3813B59FC9}.dat
[2010/04/01 09:16:10 | 000,000,032 | -HS- | C] () -- C:\WINDOWS\{79CB7DF4-0E71-40E6-9FB5-CD8648B871B0}.dat
[2010/04/01 09:16:05 | 000,000,014 | ---- | C] () -- C:\WINDOWS\System32\SR2.dat
[2010/04/01 09:14:29 | 000,001,925 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Norton AntiVirus 2003 Professional Edition.lnk
[2010/04/01 09:14:27 | 000,123,619 | ---- | C] () -- C:\WINDOWS\System32\SYMEVNT.386
[2010/04/01 09:04:10 | 000,143,360 | -H-- | C] () -- C:\Documents and Settings\Michael\ntuser.dat.LOG
[2010/04/01 09:04:10 | 000,000,178 | -HS- | C] () -- C:\Documents and Settings\Michael\ntuser.ini
[2010/04/01 09:04:09 | 003,145,728 | -H-- | C] () -- C:\Documents and Settings\Michael\NTUSER.DAT
[2010/04/01 09:02:43 | 000,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2010/04/01 09:01:44 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010/04/01 09:01:36 | 000,028,288 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xjis.nls
[2010/04/01 09:00:54 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prcp.nls
[2010/04/01 09:00:54 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prc.nls
[2010/04/01 09:00:52 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2010/04/01 09:00:27 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2010/04/01 09:00:27 | 000,047,066 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ksc.nls
[2010/04/01 09:00:17 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2010/04/01 09:00:16 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2010/04/01 09:00:13 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2010/04/01 09:00:04 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2010/04/01 08:59:59 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2010/04/01 08:59:39 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2010/04/01 08:59:35 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_870.nls
[2010/04/01 08:59:34 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_864.nls
[2010/04/01 08:59:34 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_862.nls
[2010/04/01 08:59:34 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_858.nls
[2010/04/01 08:59:34 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_720.nls
[2010/04/01 08:59:34 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_708.nls
[2010/04/01 08:59:33 | 000,180,770 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20932.nls
[2010/04/01 08:59:33 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20949.nls
[2010/04/01 08:59:33 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20936.nls
[2010/04/01 08:59:33 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28596.nls
[2010/04/01 08:59:33 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21027.nls
[2010/04/01 08:59:33 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21025.nls
[2010/04/01 08:59:32 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20924.nls
[2010/04/01 08:59:32 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20880.nls
[2010/04/01 08:59:32 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20871.nls
[2010/04/01 08:59:32 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20838.nls
[2010/04/01 08:59:32 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20833.nls
[2010/04/01 08:59:32 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20424.nls
[2010/04/01 08:59:32 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20423.nls
[2010/04/01 08:59:32 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20420.nls
[2010/04/01 08:59:32 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20297.nls
[2010/04/01 08:59:31 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20290.nls
[2010/04/01 08:59:31 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20285.nls
[2010/04/01 08:59:31 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20284.nls
[2010/04/01 08:59:31 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20280.nls
[2010/04/01 08:59:31 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20278.nls
[2010/04/01 08:59:31 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20277.nls
[2010/04/01 08:59:31 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20273.nls
[2010/04/01 08:59:31 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20269.nls
[2010/04/01 08:59:30 | 000,187,938 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20005.nls
[2010/04/01 08:59:30 | 000,185,378 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20003.nls
[2010/04/01 08:59:30 | 000,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20004.nls
[2010/04/01 08:59:30 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20002.nls
[2010/04/01 08:59:30 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20108.nls
[2010/04/01 08:59:30 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20107.nls
[2010/04/01 08:59:30 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20106.nls
[2010/04/01 08:59:30 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20105.nls
[2010/04/01 08:59:29 | 000,189,986 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1361.nls
[2010/04/01 08:59:29 | 000,186,402 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20001.nls
[2010/04/01 08:59:29 | 000,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20000.nls
[2010/04/01 08:59:29 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1149.nls
[2010/04/01 08:59:29 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1148.nls
[2010/04/01 08:59:29 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1147.nls
[2010/04/01 08:59:28 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1146.nls
[2010/04/01 08:59:28 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1145.nls
[2010/04/01 08:59:28 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1144.nls
[2010/04/01 08:59:28 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1143.nls
[2010/04/01 08:59:28 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1142.nls
[2010/04/01 08:59:28 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1141.nls
[2010/04/01 08:59:28 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1140.nls
[2010/04/01 08:59:28 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1047.nls
[2010/04/01 08:59:27 | 000,195,618 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10002.nls
[2010/04/01 08:59:27 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10003.nls
[2010/04/01 08:59:27 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10008.nls
[2010/04/01 08:59:27 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10021.nls
[2010/04/01 08:59:27 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10005.nls
[2010/04/01 08:59:27 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10004.nls
[2010/04/01 08:59:26 | 000,162,850 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10001.nls
[2010/04/01 08:59:26 | 000,082,172 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bopomofo.nls
[2010/04/01 08:59:26 | 000,066,728 | ---- | C] () -- C:\WINDOWS\System32\dllcache\big5.nls
[2010/04/01 08:58:49 | 000,002,577 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/04/01 08:58:49 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2010/04/01 08:58:49 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2010/04/01 08:58:49 | 000,000,000 | ---- | C] () -- C:\CONFIG.SYS
[2010/04/01 08:58:49 | 000,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT
[2010/04/01 08:58:41 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2010/04/01 08:58:41 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2010/04/01 08:58:39 | 000,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2010/04/01 08:57:28 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\WindowsLogon.manifest
[2010/04/01 08:57:28 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2010/04/01 08:57:20 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2010/04/01 08:57:20 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\WindowsShell.Manifest
[2010/04/01 08:57:20 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2010/04/01 08:57:20 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2010/04/01 08:57:20 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2010/04/01 08:57:20 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2010/04/01 08:57:02 | 004,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex
[2010/04/01 08:56:38 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2010/04/01 08:56:38 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2010/04/01 08:56:33 | 000,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf
[2010/04/01 08:55:56 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010/04/01 08:54:41 | 000,065,978 | ---- | C] () -- C:\WINDOWS\Soap Bubbles.bmp
[2010/04/01 08:54:41 | 000,065,954 | ---- | C] () -- C:\WINDOWS\Prairie Wind.bmp
[2010/04/01 08:54:41 | 000,065,832 | ---- | C] () -- C:\WINDOWS\Santa Fe Stucco.bmp
[2010/04/01 08:54:41 | 000,026,680 | ---- | C] () -- C:\WINDOWS\River Sumida.bmp
[2010/04/01 08:54:41 | 000,026,582 | ---- | C] () -- C:\WINDOWS\Greenstone.bmp
[2010/04/01 08:54:41 | 000,017,362 | ---- | C] () -- C:\WINDOWS\Rhododendron.bmp
[2010/04/01 08:54:41 | 000,017,336 | ---- | C] () -- C:\WINDOWS\Gone Fishing.bmp
[2010/04/01 08:54:41 | 000,017,062 | ---- | C] () -- C:\WINDOWS\Coffee Bean.bmp
[2010/04/01 08:54:41 | 000,016,730 | ---- | C] () -- C:\WINDOWS\FeatherTexture.bmp
[2010/04/01 08:54:41 | 000,009,522 | ---- | C] () -- C:\WINDOWS\Zapotec.bmp
[2010/04/01 08:54:41 | 000,001,272 | ---- | C] () -- C:\WINDOWS\Blue Lace 16.bmp
[2010/04/01 08:54:40 | 000,093,702 | ---- | C] () -- C:\WINDOWS\System32\subrange.uce
[2010/04/01 08:54:40 | 000,060,458 | ---- | C] () -- C:\WINDOWS\System32\ideograf.uce
[2010/04/01 08:54:40 | 000,024,006 | ---- | C] () -- C:\WINDOWS\System32\gb2312.uce
[2010/04/01 08:54:40 | 000,022,984 | ---- | C] () -- C:\WINDOWS\System32\bopomofo.uce
[2010/04/01 08:54:40 | 000,016,740 | ---- | C] () -- C:\WINDOWS\System32\shiftjis.uce
[2010/04/01 08:54:40 | 000,012,876 | ---- | C] () -- C:\WINDOWS\System32\korean.uce
[2010/04/01 08:54:40 | 000,008,484 | ---- | C] () -- C:\WINDOWS\System32\kanji_2.uce
[2010/04/01 08:54:40 | 000,006,948 | ---- | C] () -- C:\WINDOWS\System32\kanji_1.uce
[2010/04/01 08:54:39 | 000,001,161 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2010/04/01 08:54:38 | 000,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h
[2010/04/01 08:54:38 | 000,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h
[2010/04/01 08:54:33 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc
[2009/01/05 15:44:10 | 000,000,453 | ---- | C] () -- C:\WINDOWS\bdoscandellang.ini
[2003/02/18 18:26:28 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\cmirmdrv.dll

========== LOP Check ==========

[2010/04/08 01:40:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\kds_kodak
[2010/04/01 09:38:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2010/04/06 19:02:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/04/01 12:23:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michael\Application Data\Temp
[2010/04/01 12:31:28 | 000,000,578 | ---- | M] () -- C:\WINDOWS\Tasks\AiO Home Center Registration Remind Task.job
[2010/04/10 10:13:26 | 000,000,426 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{F847089E-2516-4483-BFD6-9464CF58DF2D}.job

========== Purity Check ==========



========== Custom Scans ==========


< %systemroot%\system32\*.dll /lockedfiles >
[2009/03/08 04:31:44 | 000,348,160 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\dxtmsft.dll
[2009/03/08 04:31:38 | 000,216,064 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\dxtrans.dll
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %SYSTEMDRIVE%\*.exe >


< MD5 for: [2008/04/13 19:40:30 | 000,096,512 | ---- | M] (MICROSOFT CORPORATION) >
[2008/04/13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\atapi.sys

< MD5 for: AGP440.SYS >
[2004/08/04 13:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2010/04/01 16:24:14 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2010/04/01 16:24:14 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2010/04/01 16:24:14 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\sp3.cab:AGP440.sys
[2008/04/13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\agp440.sys
[2008/04/13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

< MD5 for: ATAPI.SYS >
[2004/08/04 13:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2010/04/01 16:24:14 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2010/04/01 16:24:14 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2010/04/01 16:24:14 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\sp3.cab:atapi.sys
[2008/04/13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\atapi.sys
[2004/08/04 13:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

< MD5 for: EVENTLOG.DLL >
[2008/04/14 01:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008/04/14 01:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\eventlog.dll
[2008/04/14 01:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll
[2004/08/04 13:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

< MD5 for: NETLOGON.DLL >
[2008/04/14 01:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/14 01:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\netlogon.dll
[2008/04/14 01:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll
[2009/02/06 19:46:09 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[2009/02/06 19:46:09 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll
[2009/02/06 19:46:09 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\SoftwareDistribution\Download\78cf8552430e25a8f24bc1e4dfb1970e\sp2qfe\netlogon.dll
[2009/02/06 19:46:09 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\SoftwareDistribution\Download\de81b460c3abcfc5b8494c785a5f3944\sp2qfe\netlogon.dll
[2004/08/04 13:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll

< MD5 for: SCECLI.DLL >
[2004/08/04 13:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008/04/14 01:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008/04/14 01:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\scecli.dll
[2008/04/14 01:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll

< %systemroot%\*. /mp /s >

========== Alternate Data Streams ==========

@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
< End of report >




#4 mc303

mc303
  • Topic Starter

  • Members
  • 56 posts
  • OFFLINE
  •  
  • Local time:08:55 PM

Posted 10 April 2010 - 07:25 AM

OTL Extras logfile created on: 10/04/2010 10:34:53 - Run 1
OTL by OldTimer - Version 3.2.1.0 Folder = C:\Documents and Settings\Michael\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

511.00 Mb Total Physical Memory | 140.00 Mb Available Physical Memory | 27.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 73.00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.26 Gb Total Space | 27.74 Gb Free Space | 74.44% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: SPURS
Current User Name: Michael
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"9322:TCP" = 9322:TCP:*:Enabled:EKDiscovery

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Kodak\AiO\Center\AiOHomeCenter.exe" = C:\Program Files\Kodak\AiO\Center\AiOHomeCenter.exe:*:Enabled:Kodak.AiO.HomeCenter -- (Eastman Kodak Company)
"C:\Program Files\Kodak\AiO\Center\Kodak.Statistics.exe" = C:\Program Files\Kodak\AiO\Center\Kodak.Statistics.exe:*:Enabled:Kodak.AiO.Statistics -- (Eastman Kodak Company)
"C:\Program Files\Kodak\AiO\Center\NetworkPrinterDiscovery.exe" = C:\Program Files\Kodak\AiO\Center\NetworkPrinterDiscovery.exe:*:Enabled:Kodak.AiO.SetupUtility -- (Eastman Kodak Company)
"C:\Program Files\Kodak\AiO\Firmware\KodakAiOUpdater.exe" = C:\Program Files\Kodak\AiO\Firmware\KodakAiOUpdater.exe:*:Enabled:Kodak.AiO.FwUpdater -- (Eastman Kodak Company)
"C:\Documents and Settings\All Users\Application Data\Kodak\Installer\Setup.exe" = C:\Documents and Settings\All Users\Application Data\Kodak\Installer\Setup.exe:*:Enabled:Kodak.AiO.Installer -- (KODAK)
"C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" = C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe:*:Enabled:mbam -- (Malwarebytes Corporation)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0645A454-AD44-4F0D-99CF-6B762735AD1F}" = aioprnt
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A}" = HiJackThis
"{10934A28-0CC6-4B98-A14F-76B3546003AF}" = ksDIP
"{1526D87C-A955-4FAB-BF18-697BA457E352}" = Norton WMI Update
"{15BFECE8-A100-4861-B92B-1EFF76683C23}" = Norton Personal Firewall
"{26A24AE4-039D-4CA4-87B4-2F83216019FF}" = Java™ 6 Update 19
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{56BA241F-580C-43D2-8403-947241AAE633}" = center
"{6882B3A9-AB98-4ABA-A623-2979FBEA5F9F}_is1" = Moyea FLV Player version 1.5.2.7
"{74B1CEB6-B4BF-46FD-8080-CE3C1809B010}" = O2InstV3Win7UpdateV2
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.1
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DA5BDB2A-12F0-4343-8351-21AAEB293990}" = PreReq
"{DE6B7599-D3EF-4436-8836-BAA0B0D7768D}" = aiofw
"{E0F274B7-592B-4669-8FB8-8D9825A09858}" = KODAK AiO Home Centre
"{F4C9398F-B6C6-4A4B-8B6D-795CD86F915D}" = Norton AntiVirus 2003 Professional Edition
"{FE24086F-3B0C-4C47-A874-97A7B8E2FBBE}" = aioscnnr
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Photoshop 7.0" = Adobe Photoshop 7.0
"Advanced Tools" = Advanced Tools
"Arles Image Web Page Creator_is1" = Arles Image Web Page Creator 5.8.6
"C-Media Audio Driver" = C-Media WDM Audio Driver
"HijackThis" = HijackThis 2.0.2
"ie8" = Windows Internet Explorer 8
"Key Ring Creator designs_is1" = Key Ring Creator V2.0.0
"Key Ring Creator templates_is1" = Key Ring Creator V2.0.0
"Keyring Creator 2_is1" = Keyring Creator Version 2.0.0 Build 130
"KLiteCodecPack_is1" = K-Lite Codec Pack 4.1.7 (Standard)
"LiveReg" = LiveReg (Symantec Corporation)
"LiveUpdate" = LiveUpdate 1.80 (Symantec Corporation)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"SpywareBlaster_is1" = SpywareBlaster 4.2
"Windows XP Service Pack" = Windows XP Service Pack 3

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 02/04/2010 07:05:26 | Computer Name = SPURS | Source = MsiInstaller | ID = 11327
Description = Product: Adobe Reader 8.2.0 -- Error 1327.Invalid Drive: E:\

Error - 02/04/2010 14:03:57 | Computer Name = SPURS | Source = MsiInstaller | ID = 11704
Description = Product: RGB9RAST -- Error 1704. An installation for Adobe Reader
8.2.0 is currently suspended. You must undo the changes made by that installation
to continue. Do you want to undo those changes?

Error - 02/04/2010 14:32:47 | Computer Name = SPURS | Source = MsiInstaller | ID = 1008
Description = The installation of D:\Norton Personal Firewall\NPF\NPF.MSI is not
permitted due to an error in software restriction policy processing. The object
cannot be trusted.

Error - 02/04/2010 15:46:25 | Computer Name = SPURS | Source = .NET Runtime | ID = 1023
Description = .NET Runtime version 2.0.50727.3053 - Fatal Execution Engine Error
(7A097706) (80131506)

Error - 02/04/2010 15:46:29 | Computer Name = SPURS | Source = .NET Runtime 2.0 Error Reporting | ID = 1000
Description = Faulting application mscorsvw.exe, version 2.0.50727.3053, stamp 4889dc4b,
faulting module mscorwks.dll, version 2.0.50727.3053, stamp 4889dc18, debug? 0,
fault address 0x00017d6c.

Error - 02/04/2010 15:46:44 | Computer Name = SPURS | Source = .NET Runtime Optimization Service | ID = 1101
Description = .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32)
- Failed to compile: System.Windows.Forms, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
. Error code = 0x800706be

Error - 05/04/2010 10:50:01 | Computer Name = SPURS | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module ntdll.dll, version 5.1.2600.5755, fault address 0x00037c79.

Error - 06/04/2010 19:54:10 | Computer Name = SPURS | Source = Application Hang | ID = 1002
Description = Hanging application OTL.exe, version 3.2.1.0, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 08/04/2010 06:27:22 | Computer Name = SPURS | Source = Application Hang | ID = 1002
Description = Hanging application explorer.exe, version 6.0.2900.5512, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 10/04/2010 04:56:52 | Computer Name = SPURS | Source = Application Hang | ID = 1002
Description = Hanging application wmplayer.exe, version 9.0.0.4503, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

[ System Events ]
Error - 06/04/2010 09:10:50 | Computer Name = SPURS | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 milliseconds) waiting for a transaction response from
the SymWSC service.

Error - 06/04/2010 13:34:56 | Computer Name = SPURS | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 milliseconds) waiting for a transaction response from
the stisvc service.

Error - 06/04/2010 19:35:58 | Computer Name = SPURS | Source = System Error | ID = 1003
Description = Error code 1000008e, parameter1 c0000005, parameter2 bf83ae92, parameter3
f4fab834, parameter4 00000000.

Error - 07/04/2010 05:58:33 | Computer Name = SPURS | Source = DCOM | ID = 10010
Description = The server {DBA28A20-5CE1-4E8D-AD35-418B62269E54} did not register
with DCOM within the required timeout.

Error - 07/04/2010 10:34:16 | Computer Name = SPURS | Source = DCOM | ID = 10010
Description = The server {DBA28A20-5CE1-4E8D-AD35-418B62269E54} did not register
with DCOM within the required timeout.

Error - 08/04/2010 09:50:36 | Computer Name = SPURS | Source = W32Time | ID = 39452689
Description = Time Provider NtpClient: An error occurred during DNS lookup of the
manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
again in 15 minutes. The error was: A socket operation was attempted to an unreachable
host. (0x80072751)

Error - 08/04/2010 09:50:36 | Computer Name = SPURS | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 14 minutes. NtpClient has no source of accurate
time.

Error - 08/04/2010 09:50:38 | Computer Name = SPURS | Source = W32Time | ID = 39452689
Description = Time Provider NtpClient: An error occurred during DNS lookup of the
manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
again in 15 minutes. The error was: A socket operation was attempted to an unreachable
host. (0x80072751)

Error - 08/04/2010 09:50:38 | Computer Name = SPURS | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 14 minutes. NtpClient has no source of accurate
time.

Error - 10/04/2010 04:56:32 | Computer Name = SPURS | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\D.


< End of report >


GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-04-10 13:15:19
Windows 5.1.2600 Service Pack 3
Running: gmer.exe; Driver: C:\DOCUME~1\Michael\LOCALS~1\Temp\kxtdypob.sys


---- Kernel code sections - GMER 1.0.15 ----

.rsrc C:\WINDOWS\system32\drivers\atapi.sys entry point in ".rsrc" section [0xF84D0780]

---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Ntfs \Ntfs SYMEVENT.SYS (Symantec Event Library/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\Ip SYMTDI.SYS (Norton Internet Security Filter/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\Tcp SYMTDI.SYS (Norton Internet Security Filter/Symantec Corporation)

Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 [F84C3B3A] atapi.sys[unknown section] {MOV EAX, [0xffdf0308]; JMP [EAX+0xac]}
Device \Driver\atapi \Device\Ide\IdePort0 [F84C3B3A] atapi.sys[unknown section] {MOV EAX, [0xffdf0308]; JMP [EAX+0xac]}
Device \Driver\atapi \Device\Ide\IdePort1 [F84C3B3A] atapi.sys[unknown section] {MOV EAX, [0xffdf0308]; JMP [EAX+0xac]}
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e [F84C3B3A] atapi.sys[unknown section] {MOV EAX, [0xffdf0308]; JMP [EAX+0xac]}

AttachedDevice \Driver\Tcpip \Device\Udp SYMTDI.SYS (Norton Internet Security Filter/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\RawIp SYMTDI.SYS (Norton Internet Security Filter/Symantec Corporation)
AttachedDevice \FileSystem\Fastfat \Fat SYMEVENT.SYS (Symantec Event Library/Symantec Corporation)

---- Files - GMER 1.0.15 ----

File C:\RECYCLER\NPROTECT 0 bytes
File C:\RECYCLER\NPROTECT\00031263.SOL 217 bytes
File C:\RECYCLER\NPROTECT\00031264.SOL 889 bytes
File C:\RECYCLER\NPROTECT\00031267.sol 37 bytes
File C:\RECYCLER\NPROTECT\00031277.DAT 10752 bytes
File C:\RECYCLER\NPROTECT\00031290.DAT 15360 bytes
File C:\RECYCLER\NPROTECT\00031291.DAT 17408 bytes
File C:\RECYCLER\NPROTECT\00031350.DAT 9216 bytes
File C:\RECYCLER\NPROTECT\00031464.DAT 5632 bytes
File C:\RECYCLER\NPROTECT\00031525.sol 37 bytes
File C:\RECYCLER\NPROTECT\00031529.DAT 44032 bytes
File C:\RECYCLER\NPROTECT\00031531.DAT 15360 bytes
File C:\RECYCLER\NPROTECT\00031548.DAT 21504 bytes
File C:\RECYCLER\NPROTECT\00031549.DAT 326656 bytes
File C:\RECYCLER\NPROTECT\00031550.DAT 25088 bytes
File C:\RECYCLER\NPROTECT\00031551.DAT 136192 bytes
File C:\RECYCLER\NPROTECT\00031552.DAT 26624 bytes
File C:\RECYCLER\NPROTECT\00031553.DAT 328192 bytes
File C:\RECYCLER\NPROTECT\00031590.DAT 134144 bytes
File C:\RECYCLER\NPROTECT\00031594.DAT 51712 bytes
File C:\RECYCLER\NPROTECT\00031595.sol 37 bytes
File C:\RECYCLER\NPROTECT\00031619.CAB 20742 bytes
File C:\RECYCLER\NPROTECT\00031628.edb 65536 bytes
File C:\RECYCLER\NPROTECT\00031632.DAT 14848 bytes
File C:\RECYCLER\NPROTECT\00031633.DAT 18944 bytes
File C:\RECYCLER\NPROTECT\00031635.DAT 7168 bytes
File C:\RECYCLER\NPROTECT\00031649.DAT 22528 bytes
File C:\RECYCLER\NPROTECT\00031655.DAT 25600 bytes
File C:\RECYCLER\NPROTECT\00031665.DAT 17408 bytes
File C:\RECYCLER\NPROTECT\00031666.DAT 6656 bytes
File C:\RECYCLER\NPROTECT\00031695.DAT 5632 bytes
File C:\RECYCLER\NPROTECT\00031696.DAT 1069056 bytes
File C:\RECYCLER\NPROTECT\00031697.DAT 124416 bytes
File C:\RECYCLER\NPROTECT\00031698.DAT 32768 bytes
File C:\RECYCLER\NPROTECT\00031699.DAT 128000 bytes
File C:\RECYCLER\NPROTECT\00031737.DAT 15360 bytes
File C:\RECYCLER\NPROTECT\00031738.DAT 16896 bytes
File C:\RECYCLER\NPROTECT\00031739.DAT 15360 bytes
File C:\RECYCLER\NPROTECT\00031740.DAT 15360 bytes
File C:\RECYCLER\NPROTECT\00031741.DAT 5632 bytes
File C:\RECYCLER\NPROTECT\00031742.DAT 7680 bytes
File C:\RECYCLER\NPROTECT\00031743.DAT 58880 bytes
File C:\RECYCLER\NPROTECT\00031744.DAT 18432 bytes
File C:\RECYCLER\NPROTECT\00031745.DAT 1740 bytes
File C:\RECYCLER\NPROTECT\00031746.DAT 215808 bytes
File C:\RECYCLER\NPROTECT\00031747.dat 156584 bytes
File C:\RECYCLER\NPROTECT\00031752.sol 37 bytes
File C:\RECYCLER\NPROTECT\00031754.DAT 31232 bytes
File C:\RECYCLER\NPROTECT\00031757.edb 65536 bytes
File C:\RECYCLER\NPROTECT\00031760.DAT 4608 bytes
File C:\RECYCLER\NPROTECT\00031761.DAT 41472 bytes
File C:\RECYCLER\NPROTECT\00031768.DAT 4608 bytes
File C:\RECYCLER\NPROTECT\00031772.DAT 77312 bytes
File C:\RECYCLER\NPROTECT\00031774.DAT 12800 bytes
File C:\RECYCLER\NPROTECT\00031776.sol 37 bytes
File C:\RECYCLER\NPROTECT\00031777.DAT 20992 bytes
File C:\RECYCLER\NPROTECT\00031882.DAT 5632 bytes
File C:\RECYCLER\NPROTECT\00031883.sol 904 bytes
File C:\RECYCLER\NPROTECT\00031898.DAT 12288 bytes
File C:\RECYCLER\NPROTECT\00031904.DAT 6144 bytes
File C:\RECYCLER\NPROTECT\00031932.DAT 93696 bytes
File C:\RECYCLER\NPROTECT\00031935.DAT 4608 bytes
File C:\RECYCLER\NPROTECT\00031937.DAT 45568 bytes
File C:\RECYCLER\NPROTECT\00031939.DAT 4608 bytes
File C:\RECYCLER\NPROTECT\00031941.DAT 4608 bytes
File C:\RECYCLER\NPROTECT\00032001.DAT 29184 bytes
File C:\RECYCLER\NPROTECT\00032006.DAT 15360 bytes
File C:\RECYCLER\NPROTECT\00032007.DAT 16896 bytes
File C:\RECYCLER\NPROTECT\00032011.DAT 15360 bytes
File C:\RECYCLER\NPROTECT\00032020.DAT 7168 bytes
File C:\RECYCLER\NPROTECT\00032033.DAT 15360 bytes
File C:\RECYCLER\NPROTECT\00032037.DAT 36352 bytes
File C:\RECYCLER\NPROTECT\00032038.DAT 77824 bytes
File C:\RECYCLER\NPROTECT\00032052.DAT 936448 bytes
File C:\RECYCLER\NPROTECT\00032125.DAT 11776 bytes
File C:\RECYCLER\NPROTECT\00032127.DAT 24576 bytes
File C:\RECYCLER\NPROTECT\00032128.DAT 1074688 bytes
File C:\RECYCLER\NPROTECT\00032129.DAT 28672 bytes
File C:\RECYCLER\NPROTECT\00032130.DAT 12288 bytes
File C:\RECYCLER\NPROTECT\00032131.DAT 965632 bytes
File C:\RECYCLER\NPROTECT\00032132.DAT 90112 bytes
File C:\RECYCLER\NPROTECT\00032133.DAT 80896 bytes
File C:\RECYCLER\NPROTECT\00032134.DAT 4608 bytes
File C:\RECYCLER\NPROTECT\00032135.DAT 37888 bytes
File C:\RECYCLER\NPROTECT\00032136.DAT 15360 bytes
File C:\RECYCLER\NPROTECT\00032137.DAT 15360 bytes
File C:\RECYCLER\NPROTECT\00032139.DAT 15360 bytes
File C:\RECYCLER\NPROTECT\00032140.DAT 15360 bytes
File C:\RECYCLER\NPROTECT\00032141.DAT 15360 bytes
File C:\RECYCLER\NPROTECT\00032142.DAT 24576 bytes
File C:\RECYCLER\NPROTECT\00032143.DAT 16896 bytes
File C:\RECYCLER\NPROTECT\00032144.DAT 15360 bytes
File C:\RECYCLER\NPROTECT\00032145.DAT 15360 bytes
File C:\RECYCLER\NPROTECT\00032146.DAT 15360 bytes
File C:\RECYCLER\NPROTECT\00032147.DAT 8192 bytes
File C:\RECYCLER\NPROTECT\00032148.DAT 15360 bytes
File C:\RECYCLER\NPROTECT\00032149.DAT 15360 bytes
File C:\RECYCLER\NPROTECT\00032150.DAT 18432 bytes
File C:\RECYCLER\NPROTECT\00032151.DAT 16896 bytes
File C:\RECYCLER\NPROTECT\00032152.DAT 15360 bytes
File C:\RECYCLER\NPROTECT\00032153.DAT 15360 bytes
File C:\RECYCLER\NPROTECT\00032154.DAT 24576 bytes
File C:\RECYCLER\NPROTECT\00032155.DAT 17920 bytes
File C:\RECYCLER\NPROTECT\00032157.DAT 4096 bytes
File C:\RECYCLER\NPROTECT\00032158.DAT 15360 bytes
File C:\RECYCLER\NPROTECT\00032159.DAT 4096 bytes
File C:\RECYCLER\NPROTECT\00032160.DAT 24576 bytes
File C:\RECYCLER\NPROTECT\00032161.DAT 5120 bytes
File C:\RECYCLER\NPROTECT\00032162.DAT 15360 bytes
File C:\RECYCLER\NPROTECT\00032163.DAT 15872 bytes
File C:\RECYCLER\NPROTECT\00032164.DAT 35840 bytes
File C:\RECYCLER\NPROTECT\00032165.DAT 4608 bytes
File C:\RECYCLER\NPROTECT\00032166.DAT 4608 bytes
File C:\RECYCLER\NPROTECT\00032168.DAT 46592 bytes
File C:\RECYCLER\NPROTECT\00032169.DAT 4608 bytes
File C:\RECYCLER\NPROTECT\00032170.DAT 102400 bytes
File C:\RECYCLER\NPROTECT\00032171.DAT 6144 bytes
File C:\RECYCLER\NPROTECT\00032172.DAT 12800 bytes
File C:\RECYCLER\NPROTECT\00032173.DAT 5120 bytes
File C:\RECYCLER\NPROTECT\00032174.DAT 22016 bytes
File C:\RECYCLER\NPROTECT\00032176.DAT 83456 bytes
File C:\RECYCLER\NPROTECT\00032177.DAT 16896 bytes
File C:\RECYCLER\NPROTECT\00032178.DAT 45056 bytes
File C:\RECYCLER\NPROTECT\00032179.DAT 4608 bytes
File C:\RECYCLER\NPROTECT\00032180.DAT 23040 bytes
File C:\RECYCLER\NPROTECT\00032181.DAT 1740 bytes
File C:\RECYCLER\NPROTECT\00032182.DAT 215808 bytes
File C:\RECYCLER\NPROTECT\00032183.dat 156584 bytes
File C:\RECYCLER\NPROTECT\00032186.CAB 20742 bytes
File C:\RECYCLER\NPROTECT\00032204.sol 37 bytes
File C:\RECYCLER\NPROTECT\00032205.edb 65536 bytes
File C:\RECYCLER\NPROTECT\00032206.DAT 1740 bytes
File C:\RECYCLER\NPROTECT\00032207.DAT 215808 bytes
File C:\RECYCLER\NPROTECT\00032208.dat 156584 bytes
File C:\RECYCLER\NPROTECT\00032213 512 bytes
File C:\RECYCLER\NPROTECT\00032214 512 bytes
File C:\RECYCLER\NPROTECT\00032216.DAT 5120 bytes
File C:\RECYCLER\NPROTECT\00032218.DAT 16896 bytes
File C:\RECYCLER\NPROTECT\00032221.DAT 15872 bytes
File C:\RECYCLER\NPROTECT\00032222.edb 1056768 bytes
File C:\RECYCLER\NPROTECT\00032226.sol 37 bytes
File C:\RECYCLER\NPROTECT\00032227.edb 65536 bytes
File C:\RECYCLER\NPROTECT\00032228.wpl 353 bytes
File C:\RECYCLER\NPROTECT\00032230.DAT 1069056 bytes
File C:\RECYCLER\NPROTECT\00032231.DAT 1740 bytes
File C:\RECYCLER\NPROTECT\00032232.DAT 215808 bytes
File C:\RECYCLER\NPROTECT\00032233.dat 156584 bytes
File C:\RECYCLER\NPROTECT\00032234.DAT 40448 bytes
File C:\RECYCLER\NPROTECT\00032235.DAT 26624 bytes
File C:\RECYCLER\NPROTECT\00032236.DAT 38400 bytes
File C:\RECYCLER\NPROTECT\00032237.DAT 4608 bytes
File C:\RECYCLER\NPROTECT\00032238.DAT 6144 bytes
File C:\RECYCLER\NPROTECT\00032239.sol 37 bytes
File C:\RECYCLER\NPROTECT\00032240.DAT 4608 bytes
File C:\RECYCLER\NPROTECT\00030931.PF 81128 bytes
File C:\RECYCLER\NPROTECT\00030951.PF 17462 bytes
File C:\RECYCLER\NPROTECT\00030997.DAT 380928 bytes
File C:\RECYCLER\NPROTECT\00031043.DAT 13312 bytes
File C:\RECYCLER\NPROTECT\00031061.DAT 5120 bytes
File C:\RECYCLER\NPROTECT\00031262.SOL 217 bytes
File C:\RECYCLER\NPROTECT\00031554.DAT 24064 bytes
File C:\RECYCLER\NPROTECT\00031579.sol 37 bytes
File C:\RECYCLER\NPROTECT\00031700.DAT 1121792 bytes
File C:\RECYCLER\NPROTECT\00031718.DAT 15360 bytes
File C:\RECYCLER\NPROTECT\00031736.DAT 27648 bytes
File C:\RECYCLER\NPROTECT\00031771.DAT 11776 bytes
File C:\RECYCLER\NPROTECT\00032015.DAT 17408 bytes
File C:\RECYCLER\NPROTECT\00032138.DAT 15360 bytes
File C:\RECYCLER\NPROTECT\00032156.DAT 15360 bytes
File C:\RECYCLER\NPROTECT\00032175.DAT 13312 bytes
File C:\RECYCLER\NPROTECT\00032217.DAT 10240 bytes
File C:\RECYCLER\NPROTECT\00032241.DAT 4608 bytes
File C:\RECYCLER\NPROTECT\00032280.edb 1056768 bytes
File C:\RECYCLER\NPROTECT\00032245.DAT 33280 bytes
File C:\RECYCLER\NPROTECT\00032248.edb 65536 bytes
File C:\RECYCLER\NPROTECT\00032254.DAT 6144 bytes
File C:\RECYCLER\NPROTECT\00032255.DAT 27648 bytes
File C:\RECYCLER\NPROTECT\00032256.DAT 1740 bytes
File C:\RECYCLER\NPROTECT\00032257.DAT 215808 bytes
File C:\RECYCLER\NPROTECT\00032258.dat 156584 bytes
File C:\RECYCLER\NPROTECT\00032261.DAT 6144 bytes
File C:\RECYCLER\NPROTECT\00032262.DAT 27136 bytes
File C:\RECYCLER\NPROTECT\00032263.DAT 9728 bytes
File C:\RECYCLER\NPROTECT\00032264.DAT 37888 bytes
File C:\RECYCLER\NPROTECT\00032265.DAT 16896 bytes
File C:\RECYCLER\NPROTECT\00032266.DAT 11776 bytes
File C:\RECYCLER\NPROTECT\00032267.DAT 4608 bytes
File C:\RECYCLER\NPROTECT\00032268.DAT 6656 bytes
File C:\RECYCLER\NPROTECT\00032271.sol 37 bytes
File C:\RECYCLER\NPROTECT\00032275.edb 65536 bytes
File C:\RECYCLER\NPROTECT\00028645.PHP 5456 bytes
File C:\RECYCLER\NPROTECT\00028647.PHP 2574 bytes
File C:\RECYCLER\NPROTECT\00028649.PHP 22335 bytes
File C:\RECYCLER\NPROTECT\00028651.PHP 2448 bytes
File C:\RECYCLER\NPROTECT\00028653.PHP 537 bytes
File C:\RECYCLER\NPROTECT\00028655.PHP 14186 bytes
File C:\RECYCLER\NPROTECT\00028657.PHP 4120 bytes
File C:\RECYCLER\NPROTECT\00028659.PHP 1922 bytes
File C:\RECYCLER\NPROTECT\00028661.PHP 3224 bytes
File C:\RECYCLER\NPROTECT\00028663.PHP 9084 bytes
File C:\RECYCLER\NPROTECT\00028665.PHP 6405 bytes
File C:\RECYCLER\NPROTECT\00028667.PHP 2657 bytes
File C:\RECYCLER\NPROTECT\00028669.php 126 bytes
File C:\RECYCLER\NPROTECT\00028671.PHP 1280 bytes
File C:\RECYCLER\NPROTECT\00028673.gif 376 bytes
File C:\RECYCLER\NPROTECT\00028677.PHP 13402 bytes
File C:\RECYCLER\NPROTECT\00028679.PHP 287 bytes
File C:\RECYCLER\NPROTECT\00028681.PHP 103 bytes
File C:\RECYCLER\NPROTECT\00028683.PHP 249 bytes
File C:\RECYCLER\NPROTECT\00028685.PHP 103 bytes
File C:\RECYCLER\NPROTECT\00028687.PHP 216 bytes
File C:\RECYCLER\NPROTECT\00028689.PHP 117 bytes
File C:\RECYCLER\NPROTECT\00028691.PHP 126 bytes
File C:\RECYCLER\NPROTECT\00028693.PHP 127 bytes
File C:\RECYCLER\NPROTECT\00028695.PHP 416 bytes
File C:\RECYCLER\NPROTECT\00028697.PHP 165 bytes
File C:\RECYCLER\NPROTECT\00028699.PHP 103 bytes
File C:\RECYCLER\NPROTECT\00028701.PHP 187 bytes
File C:\RECYCLER\NPROTECT\00028703.PHP 580 bytes
File C:\RECYCLER\NPROTECT\00028705.PHP 529 bytes
File C:\RECYCLER\NPROTECT\00028707.PHP 541 bytes
File C:\RECYCLER\NPROTECT\00028709.PHP 619 bytes
File C:\RECYCLER\NPROTECT\00028713.PHP 2548 bytes
File C:\RECYCLER\NPROTECT\00028715.PHP 966 bytes
File C:\RECYCLER\NPROTECT\00028717.PHP 308 bytes
File C:\RECYCLER\NPROTECT\00028719.PHP 519 bytes
File C:\RECYCLER\NPROTECT\00028721.PHP 1008 bytes
File C:\RECYCLER\NPROTECT\00028723.PHP 2137 bytes
File C:\RECYCLER\NPROTECT\00028725.PHP 148 bytes
File C:\RECYCLER\NPROTECT\00028727.PHP 1051 bytes
File C:\RECYCLER\NPROTECT\00028729.PHP 3456 bytes
File C:\RECYCLER\NPROTECT\00028731.PHP 518 bytes
File C:\RECYCLER\NPROTECT\00028733.PHP 391 bytes
File C:\RECYCLER\NPROTECT\00028735.PHP 809 bytes
File C:\RECYCLER\NPROTECT\00028737.PHP 1217 bytes
File C:\RECYCLER\NPROTECT\00028739.PHP 114 bytes
File C:\RECYCLER\NPROTECT\00028741.PHP 719 bytes
File C:\RECYCLER\NPROTECT\00028743.PHP 518 bytes
File C:\RECYCLER\NPROTECT\00028745.PHP 244 bytes
File C:\RECYCLER\NPROTECT\00028749.PHP 2030 bytes
File C:\RECYCLER\NPROTECT\00028751.PHP 7072 bytes
File C:\RECYCLER\NPROTECT\00028753.PHP 1427 bytes
File C:\RECYCLER\NPROTECT\00028755.PHP 533 bytes
File C:\RECYCLER\NPROTECT\00028757.PHP 2594 bytes
File C:\RECYCLER\NPROTECT\00028759.PHP 3168 bytes
File C:\RECYCLER\NPROTECT\00028761.PHP 4947 bytes
File C:\RECYCLER\NPROTECT\00028763.PHP 5361 bytes
File C:\RECYCLER\NPROTECT\00028765.PHP 2431 bytes
File C:\RECYCLER\NPROTECT\00028767.PHP 21127 bytes
File C:\RECYCLER\NPROTECT\00028769.PHP 2289 bytes
File C:\RECYCLER\NPROTECT\00028771.PHP 515 bytes
File C:\RECYCLER\NPROTECT\00028773.PHP 13543 bytes
File C:\RECYCLER\NPROTECT\00028775.PHP 3931 bytes
File C:\RECYCLER\NPROTECT\00028777.PHP 1805 bytes
File C:\RECYCLER\NPROTECT\00028779.PHP 3068 bytes
File C:\RECYCLER\NPROTECT\00028781.PHP 8259 bytes
File C:\RECYCLER\NPROTECT\00028785.PHP 2427 bytes
File C:\RECYCLER\NPROTECT\00028787.php 117 bytes
File C:\RECYCLER\NPROTECT\00028789.PHP 1229 bytes
File C:\RECYCLER\NPROTECT\00028791.gif 370 bytes
File C:\RECYCLER\NPROTECT\00028793.php 30 bytes
File C:\RECYCLER\NPROTECT\00028795.PHP 12498 bytes
File C:\RECYCLER\NPROTECT\00028797.PHP 299 bytes
File C:\RECYCLER\NPROTECT\00028799.PHP 102 bytes
File C:\RECYCLER\NPROTECT\00028801.PHP 262 bytes
File C:\RECYCLER\NPROTECT\00028803.PHP 115 bytes
File C:\RECYCLER\NPROTECT\00028805.PHP 238 bytes
File C:\RECYCLER\NPROTECT\00028807.PHP 121 bytes
File C:\RECYCLER\NPROTECT\00028809.PHP 129 bytes
File C:\RECYCLER\NPROTECT\00028811.PHP 136 bytes
File C:\RECYCLER\NPROTECT\00028813.PHP 482 bytes
File C:\RECYCLER\NPROTECT\00028815.PHP 176 bytes
File C:\RECYCLER\NPROTECT\00028817.PHP 101 bytes
File C:\RECYCLER\NPROTECT\00030952.PF 16424 bytes
File C:\RECYCLER\NPROTECT\00030953.PF 7922 bytes
File C:\RECYCLER\NPROTECT\00030954.PF 57080 bytes
File C:\RECYCLER\NPROTECT\00030955.PF 30314 bytes
File C:\RECYCLER\NPROTECT\00030956.PF 15668 bytes
File C:\RECYCLER\NPROTECT\00030957.PF 75336 bytes
File C:\RECYCLER\NPROTECT\00030958.PF 13120 bytes
File C:\RECYCLER\NPROTECT\00030959.PF 18426 bytes
File C:\RECYCLER\NPROTECT\00030960.PF 35528 bytes
File C:\RECYCLER\NPROTECT\00030961.PF 85098 bytes
File C:\RECYCLER\NPROTECT\00030962.PF 13564 bytes
File C:\RECYCLER\NPROTECT\00030963.PF 9182 bytes
File C:\RECYCLER\NPROTECT\00030964.PF 114400 bytes
File C:\RECYCLER\NPROTECT\00030965.PF 58228 bytes
File C:\RECYCLER\NPROTECT\00030983.DAT 9728 bytes
File C:\RECYCLER\NPROTECT\00030988.sol 37 bytes
File C:\RECYCLER\NPROTECT\00030991.sol 37 bytes
File C:\RECYCLER\NPROTECT\00030995.DAT 9216 bytes
File C:\RECYCLER\NPROTECT\00031026.DAT 210432 bytes
File C:\RECYCLER\NPROTECT\00031027.DAT 229376 bytes
File C:\RECYCLER\NPROTECT\00031028.DAT 3584 bytes
File C:\RECYCLER\NPROTECT\00031029.DAT 86528 bytes
File C:\RECYCLER\NPROTECT\00031030.DAT 90624 bytes
File C:\RECYCLER\NPROTECT\00031031.DAT 34816 bytes
File C:\RECYCLER\NPROTECT\00031032.DAT 233984 bytes
File C:\RECYCLER\NPROTECT\00031033.DAT 225280 bytes
File C:\RECYCLER\NPROTECT\00031034.DAT 392704 bytes
File C:\RECYCLER\NPROTECT\00031035.DAT 6656 bytes
File C:\RECYCLER\NPROTECT\00031036.DAT 10240 bytes
File C:\RECYCLER\NPROTECT\00031037.DAT 9728 bytes
File C:\RECYCLER\NPROTECT\00031038.DAT 412160 bytes
File C:\RECYCLER\NPROTECT\00031039.DAT 4096 bytes
File C:\RECYCLER\NPROTECT\00031040.DAT 19456 bytes
File C:\RECYCLER\NPROTECT\00031041.DAT 7168 bytes
File C:\RECYCLER\NPROTECT\00031042.DAT 15360 bytes
File C:\RECYCLER\NPROTECT\00031044.DAT 15360 bytes
File C:\RECYCLER\NPROTECT\00031045.DAT 15360 bytes
File C:\RECYCLER\NPROTECT\00031046.DAT 15872 bytes
File C:\RECYCLER\NPROTECT\00031047.DAT 15360 bytes
File C:\RECYCLER\NPROTECT\00031048.DAT 27136 bytes
File C:\RECYCLER\NPROTECT\00031049.DAT 13312 bytes
File C:\RECYCLER\NPROTECT\00031050.DAT 20480 bytes
File C:\RECYCLER\NPROTECT\00031051.DAT 7680 bytes
File C:\RECYCLER\NPROTECT\00031052.DAT 15360 bytes
File C:\RECYCLER\NPROTECT\00031053.DAT 24576 bytes
File C:\RECYCLER\NPROTECT\00031054.DAT 47104 bytes
File C:\RECYCLER\NPROTECT\00031055.DAT 149504 bytes
File C:\RECYCLER\NPROTECT\00031056.DAT 12800 bytes
File C:\RECYCLER\NPROTECT\00031057.DAT 11776 bytes
File C:\RECYCLER\NPROTECT\00031058.DAT 9728 bytes
File C:\RECYCLER\NPROTECT\00031059.DAT 36352 bytes
File C:\RECYCLER\NPROTECT\00031060.DAT 6656 bytes
File C:\RECYCLER\NPROTECT\00031062.DAT 9728 bytes
File C:\RECYCLER\NPROTECT\00031063.DAT 14848 bytes
File C:\RECYCLER\NPROTECT\00031064.DAT 1740 bytes
File C:\RECYCLER\NPROTECT\00031065.DAT 215808 bytes
File C:\RECYCLER\NPROTECT\00031066.dat 156584 bytes
File C:\RECYCLER\NPROTECT\00031236.edb 65536 bytes
File C:\RECYCLER\NPROTECT\00031249.sol 37 bytes
File C:\RECYCLER\NPROTECT\00031250.sol 37 bytes
File C:\RECYCLER\NPROTECT\00031253.sol 891 bytes
File C:\RECYCLER\NPROTECT\00031254.sol 50 bytes
File C:\RECYCLER\NPROTECT\00031255.sol 61 bytes
File C:\RECYCLER\NPROTECT\00031256.SOL 86 bytes
File C:\RECYCLER\NPROTECT\00031257.SOL 84 bytes
File C:\RECYCLER\NPROTECT\00031258.SOL 108 bytes
File C:\RECYCLER\NPROTECT\00031259.SOL 135 bytes
File C:\RECYCLER\NPROTECT\00031260.SOL 118 bytes
File C:\RECYCLER\NPROTECT\00031261.DAT 85504 bytes
File C:\RECYCLER\NPROTECT\00031555.DAT 15360 bytes
File C:\RECYCLER\NPROTECT\00031556.DAT 24576 bytes
File C:\RECYCLER\NPROTECT\00031557.DAT 15360 bytes
File C:\RECYCLER\NPROTECT\00031558.DAT 5120 bytes
File C:\RECYCLER\NPROTECT\00031559.DAT 47616 bytes
File C:\RECYCLER\NPROTECT\00031560.DAT 5120 bytes
File C:\RECYCLER\NPROTECT\00031561.DAT 9728 bytes
File C:\RECYCLER\NPROTECT\00031562.DAT 17920 bytes
File C:\RECYCLER\NPROTECT\00031563.DAT 24576 bytes
File C:\RECYCLER\NPROTECT\00031564.DAT 5632 bytes
File C:\RECYCLER\NPROTECT\00031565.DAT 46592 bytes
File C:\RECYCLER\NPROTECT\00031566.DAT 15872 bytes
File C:\RECYCLER\NPROTECT\00031567.DAT 8704 bytes
File C:\RECYCLER\NPROTECT\00031568.DAT 1740 bytes
File C:\RECYCLER\NPROTECT\00031569.DAT 215808 bytes
File C:\RECYCLER\NPROTECT\00031570.dat 156584 bytes
File C:\RECYCLER\NPROTECT\00031576.edb 65536 bytes
File C:\RECYCLER\NPROTECT\00031701.DAT 72192 bytes
File C:\RECYCLER\NPROTECT\00031702.DAT 15360 bytes
File C:\RECYCLER\NPROTECT\00031703.DAT 15360 bytes
File C:\RECYCLER\NPROTECT\00031704.DAT 5120 bytes
File C:\RECYCLER\NPROTECT\00031705.DAT 15360 bytes
File C:\RECYCLER\NPROTECT\00031706.DAT 15360 bytes
File C:\RECYCLER\NPROTECT\00031707.DAT 15360 bytes
File C:\RECYCLER\NPROTECT\00031708.DAT 16896 bytes
File C:\RECYCLER\NPROTECT\00031709.DAT 15360 bytes
File C:\RECYCLER\NPROTECT\00031710.DAT 15360 bytes
File C:\RECYCLER\NPROTECT\00031711.DAT 15360 bytes
File C:\RECYCLER\NPROTECT\00031712.DAT 15360 bytes
File C:\RECYCLER\NPROTECT\00031713.DAT 16896 bytes
File C:\RECYCLER\NPROTECT\00031714.DAT 15360 bytes
File C:\RECYCLER\NPROTECT\00031715.DAT 5120 bytes
File C:\RECYCLER\NPROTECT\00031716.DAT 15360 bytes
File C:\RECYCLER\NPROTECT\00031717.DAT 16896 bytes
File C:\RECYCLER\NPROTECT\00028821.PHP 723 bytes
File C:\RECYCLER\NPROTECT\00028823.PHP 615 bytes
File C:\RECYCLER\NPROTECT\00028825.PHP 670 bytes
File C:\RECYCLER\NPROTECT\00028827.PHP 735 bytes
File C:\RECYCLER\NPROTECT\00028829.PHP 1078 bytes
File C:\RECYCLER\NPROTECT\00028831.PHP 2986 bytes
File C:\RECYCLER\NPROTECT\00028833.PHP 977 bytes
File C:\RECYCLER\NPROTECT\00028835.PHP 358 bytes
File C:\RECYCLER\NPROTECT\00028837.PHP 664 bytes
File C:\RECYCLER\NPROTECT\00028839.PHP 1123 bytes
File C:\RECYCLER\NPROTECT\00028841.PHP 2585 bytes
File C:\RECYCLER\NPROTECT\00028843.PHP 153 bytes
File C:\RECYCLER\NPROTECT\00028845.PHP 1322 bytes
File C:\RECYCLER\NPROTECT\00028847.PHP 4356 bytes
File C:\RECYCLER\NPROTECT\00028849.PHP 649 bytes
File C:\RECYCLER\NPROTECT\00028851.PHP 446 bytes
File C:\RECYCLER\NPROTECT\00028853.PHP 966 bytes
File C:\RECYCLER\NPROTECT\00028857.PHP 123 bytes
File C:\RECYCLER\NPROTECT\00028859.PHP 865 bytes
File C:\RECYCLER\NPROTECT\00028861.PHP 567 bytes
File C:\RECYCLER\NPROTECT\00028863.PHP 277 bytes
File C:\RECYCLER\NPROTECT\00028865.PHP 547 bytes
File C:\RECYCLER\NPROTECT\00028867.PHP 2434 bytes
File C:\RECYCLER\NPROTECT\00028869.PHP 8189 bytes
File C:\RECYCLER\NPROTECT\00028871.PHP 1649 bytes
File C:\RECYCLER\NPROTECT\00028873.PHP 624 bytes
File C:\RECYCLER\NPROTECT\00028875.PHP 2928 bytes
File C:\RECYCLER\NPROTECT\00028877.PHP 3714 bytes
File C:\RECYCLER\NPROTECT\00028879.PHP 5727 bytes
File C:\RECYCLER\NPROTECT\00028881.PHP 6287 bytes
File C:\RECYCLER\NPROTECT\00028883.PHP 2696 bytes
File C:\RECYCLER\NPROTECT\00028885.PHP 25593 bytes
File C:\RECYCLER\NPROTECT\00028887.PHP 2627 bytes
File C:\RECYCLER\NPROTECT\00028889.PHP 621 bytes
File C:\RECYCLER\NPROTECT\00028893.PHP 4629 bytes
File C:\RECYCLER\NPROTECT\00028895.PHP 2178 bytes
File C:\RECYCLER\NPROTECT\00028897.PHP 3433 bytes
File C:\RECYCLER\NPROTECT\00028899.PHP 10611 bytes
File C:\RECYCLER\NPROTECT\00028901.PHP 7231 bytes
File C:\RECYCLER\NPROTECT\00028903.PHP 2924 bytes
File C:\RECYCLER\NPROTECT\00028905.php 126 bytes
File C:\RECYCLER\NPROTECT\00028907.PHP 1534 bytes
File C:\RECYCLER\NPROTECT\00028909.gif 369 bytes
File C:\RECYCLER\NPROTECT\00028911.php 30 bytes
File C:\RECYCLER\NPROTECT\00028913.PHP 15915 bytes
File C:\RECYCLER\NPROTECT\00028915.PHP 401 bytes
File C:\RECYCLER\NPROTECT\00028917.PHP 107 bytes
File C:\RECYCLER\NPROTECT\00028919.PHP 401 bytes
File C:\RECYCLER\NPROTECT\00028921.PHP 115 bytes
File C:\RECYCLER\NPROTECT\00028923.PHP 344 bytes
File C:\RECYCLER\NPROTECT\00028925.PHP 132 bytes
File C:\RECYCLER\NPROTECT\00028929.PHP 169 bytes
File C:\RECYCLER\NPROTECT\00028931.PHP 656 bytes
File C:\RECYCLER\NPROTECT\00028933.PHP 197 bytes
File C:\RECYCLER\NPROTECT\00028935.PHP 111 bytes
File C:\RECYCLER\NPROTECT\00028937.PHP 218 bytes
File C:\RECYCLER\NPROTECT\00028939.PHP 889 bytes
File C:\RECYCLER\NPROTECT\00028941.PHP 760 bytes
File C:\RECYCLER\NPROTECT\00028943.PHP 759 bytes
File C:\RECYCLER\NPROTECT\00028945.PHP 988 bytes
File C:\RECYCLER\NPROTECT\00028947.PHP 1393 bytes
File C:\RECYCLER\NPROTECT\00028949.PHP 3811 bytes
File C:\RECYCLER\NPROTECT\00028951.PHP 1256 bytes
File C:\RECYCLER\NPROTECT\00028953.PHP 504 bytes
File C:\RECYCLER\NPROTECT\00028955.PHP 877 bytes
File C:\RECYCLER\NPROTECT\00028957.PHP 1543 bytes
File C:\RECYCLER\NPROTECT\00028959.PHP 3258 bytes
File C:\RECYCLER\NPROTECT\00028961.PHP 184 bytes
File C:\RECYCLER\NPROTECT\00028965.PHP 4803 bytes
File C:\RECYCLER\NPROTECT\00028967.PHP 777 bytes
File C:\RECYCLER\NPROTECT\00028969.PHP 571 bytes
File C:\RECYCLER\NPROTECT\00028971.PHP 1303 bytes
File C:\RECYCLER\NPROTECT\00028973.PHP 1782 bytes
File C:\RECYCLER\NPROTECT\00028975.PHP 138 bytes
File C:\RECYCLER\NPROTECT\00028977.PHP 1069 bytes
File C:\RECYCLER\NPROTECT\00028979.PHP 776 bytes
File C:\RECYCLER\NPROTECT\00028981.PHP 319 bytes
File C:\RECYCLER\NPROTECT\00028983.PHP 701 bytes
File C:\RECYCLER\NPROTECT\00028985.PHP 3068 bytes
File C:\RECYCLER\NPROTECT\00028987.PHP 10940 bytes
File C:\RECYCLER\NPROTECT\00028989.PHP 54 bytes
File C:\RECYCLER\NPROTECT\00028991.PHP 2107 bytes
File C:\RECYCLER\NPROTECT\00028993.PHP 965 bytes
File C:\RECYCLER\NPROTECT\00028995.PHP 3903 bytes
File C:\RECYCLER\NPROTECT\00028997.PHP 4669 bytes
File C:\RECYCLER\NPROTECT\00029001.PHP 7373 bytes
File C:\RECYCLER\NPROTECT\00029003.PHP 3263 bytes
File C:\RECYCLER\NPROTECT\00029005.PHP 32506 bytes
File C:\RECYCLER\NPROTECT\00029007.PHP 3137 bytes
File C:\RECYCLER\NPROTECT\00029009.PHP 593 bytes
File C:\RECYCLER\NPROTECT\00029011.PHP 20159 bytes
File C:\RECYCLER\NPROTECT\00029013.PHP 5878 bytes
File C:\RECYCLER\NPROTECT\00029015.PHP 2340 bytes
File C:\RECYCLER\NPROTECT\00029017.PHP 4569 bytes
File C:\RECYCLER\NPROTECT\00029019.PHP 14104 bytes
File C:\RECYCLER\NPROTECT\00029021.PHP 8983 bytes
File C:\RECYCLER\NPROTECT\00029023.PHP 3953 bytes
File C:\RECYCLER\NPROTECT\00029025.php 162 bytes
File C:\RECYCLER\NPROTECT\00029027.PHP 1975 bytes
File C:\RECYCLER\NPROTECT\00029029.gif 361 bytes
File C:\RECYCLER\NPROTECT\00029031.PHP 20471 bytes
File C:\RECYCLER\NPROTECT\00029033.PHP 335 bytes
File C:\RECYCLER\NPROTECT\00029037.PHP 287 bytes
File C:\RECYCLER\NPROTECT\00029039.PHP 116 bytes
File C:\RECYCLER\NPROTECT\00029041.PHP 261 bytes
File C:\RECYCLER\NPROTECT\00029043.PHP 121 bytes
File C:\RECYCLER\NPROTECT\00029045.PHP 130 bytes
File C:\RECYCLER\NPROTECT\00029047.PHP 142 bytes
File C:\RECYCLER\NPROTECT\00029049.PHP 513 bytes
File C:\RECYCLER\NPROTECT\00029051.PHP 171 bytes
File C:\RECYCLER\NPROTECT\00029053.PHP 102 bytes
File C:\RECYCLER\NPROTECT\00029055.PHP 204 bytes
File C:\RECYCLER\NPROTECT\00029057.PHP 800 bytes
File C:\RECYCLER\NPROTECT\00029059.PHP 690 bytes
File C:\RECYCLER\NPROTECT\00029061.PHP 669 bytes
File C:\RECYCLER\NPROTECT\00029063.PHP 681 bytes
File C:\RECYCLER\NPROTECT\00029065.PHP 1072 bytes
File C:\RECYCLER\NPROTECT\00029067.PHP 3037 bytes
File C:\RECYCLER\NPROTECT\00029069.PHP 931 bytes
File C:\RECYCLER\NPROTECT\00029073.PHP 634 bytes
File C:\RECYCLER\NPROTECT\00029075.PHP 1106 bytes
File C:\RECYCLER\NPROTECT\00029077.PHP 2545 bytes
File C:\RECYCLER\NPROTECT\00029079.PHP 145 bytes
File C:\RECYCLER\NPROTECT\00029081.PHP 1291 bytes
File C:\RECYCLER\NPROTECT\00029083.PHP 4117 bytes
File C:\RECYCLER\NPROTECT\00029085.PHP 597 bytes
File C:\RECYCLER\NPROTECT\00029087.PHP 450 bytes
File C:\RECYCLER\NPROTECT\00029089.PHP 934 bytes
File C:\RECYCLER\NPROTECT\00029091.PHP 1370 bytes
File C:\RECYCLER\NPROTECT\00029093.PHP 124 bytes
File C:\RECYCLER\NPROTECT\00029095.PHP 859 bytes
File C:\RECYCLER\NPROTECT\00029097.PHP 614 bytes
File C:\RECYCLER\NPROTECT\00029099.PHP 293 bytes
File C:\RECYCLER\NPROTECT\00029101.PHP 632 bytes
File C:\RECYCLER\NPROTECT\00029103.PHP 2421 bytes
File C:\RECYCLER\NPROTECT\00029105.PHP 7633 bytes
File C:\RECYCLER\NPROTECT\00028675.php 32 bytes
File C:\RECYCLER\NPROTECT\00028711.PHP 924 bytes
File C:\RECYCLER\NPROTECT\00028747.PHP 517 bytes
File C:\RECYCLER\NPROTECT\00028783.PHP 5896 bytes
File C:\RECYCLER\NPROTECT\00028819.PHP 208 bytes
File C:\RECYCLER\NPROTECT\00028855.PHP 1438 bytes
File C:\RECYCLER\NPROTECT\00028891.PHP 16221 bytes
File C:\RECYCLER\NPROTECT\00028927.PHP 151 bytes
File C:\RECYCLER\NPROTECT\00028963.PHP 1710 bytes
File C:\RECYCLER\NPROTECT\00028999.PHP 6893 bytes
File C:\RECYCLER\NPROTECT\00029035.PHP 102 bytes
File C:\RECYCLER\NPROTECT\00029109.PHP 593 bytes
File C:\RECYCLER\NPROTECT\00029111.PHP 2994 bytes
File C:\RECYCLER\NPROTECT\00029113.PHP 3696 bytes
File C:\RECYCLER\NPROTECT\00029115.PHP 5506 bytes
File C:\RECYCLER\NPROTECT\00029117.PHP 6193 bytes
File C:\RECYCLER\NPROTECT\00029119.PHP 2715 bytes
File C:\RECYCLER\NPROTECT\00029121.PHP 25258 bytes
File C:\RECYCLER\NPROTECT\00029123.PHP 2712 bytes
File C:\RECYCLER\NPROTECT\00029125.PHP 546 bytes
File C:\RECYCLER\NPROTECT\00029127.PHP 16058 bytes
File C:\RECYCLER\NPROTECT\00029129.PHP 4830 bytes
File C:\RECYCLER\NPROTECT\00029131.PHP 2080 bytes
File C:\RECYCLER\NPROTECT\00029133.PHP 3707 bytes
File C:\RECYCLER\NPROTECT\00029135.PHP 10658 bytes
File C:\RECYCLER\NPROTECT\00029137.PHP 7058 bytes
File C:\RECYCLER\NPROTECT\00029139.PHP 2964 bytes
File C:\RECYCLER\NPROTECT\00029141.php 125 bytes
File C:\RECYCLER\NPROTECT\00029145.gif 360 bytes
File C:\RECYCLER\NPROTECT\00029147.php 36 bytes
File C:\RECYCLER\NPROTECT\00029149.PHP 15051 bytes
File C:\RECYCLER\NPROTECT\00029151.PHP 306 bytes
File C:\RECYCLER\NPROTECT\00029153.PHP 101 bytes
File C:\RECYCLER\NPROTECT\00029155.PHP 284 bytes
File C:\RECYCLER\NPROTECT\00029157.PHP 118 bytes
File C:\RECYCLER\NPROTECT\00029159.PHP 235 bytes
File C:\RECYCLER\NPROTECT\00029161.PHP 119 bytes
File C:\RECYCLER\NPROTECT\00029163.PHP 146 bytes
File C:\RECYCLER\NPROTECT\00029165.PHP 132 bytes
File C:\RECYCLER\NPROTECT\00029167.PHP 483 bytes
File C:\RECYCLER\NPROTECT\00029169.PHP 176 bytes
File C:\RECYCLER\NPROTECT\00029171.PHP 101 bytes
File C:\RECYCLER\NPROTECT\00029173.PHP 192 bytes
File C:\RECYCLER\NPROTECT\00029175.PHP 721 bytes
File C:\RECYCLER\NPROTECT\00029177.PHP 640 bytes
File C:\RECYCLER\NPROTECT\00029181.PHP 754 bytes
File C:\RECYCLER\NPROTECT\00029183.PHP 1160 bytes
File C:\RECYCLER\NPROTECT\00029185.PHP 3157 bytes
File C:\RECYCLER\NPROTECT\00029187.PHP 1024 bytes
File C:\RECYCLER\NPROTECT\00029189.PHP 357 bytes
File C:\RECYCLER\NPROTECT\00029191.PHP 660 bytes
File C:\RECYCLER\NPROTECT\00029193.PHP 1212 bytes
File C:\RECYCLER\NPROTECT\00029195.PHP 2582 bytes
File C:\RECYCLER\NPROTECT\00029197.PHP 146 bytes
File C:\RECYCLER\NPROTECT\00029199.PHP 1353 bytes
File C:\RECYCLER\NPROTECT\00029201.PHP 4243 bytes
File C:\RECYCLER\NPROTECT\00029203.PHP 636 bytes
File C:\RECYCLER\NPROTECT\00029205.PHP 493 bytes
File C:\RECYCLER\NPROTECT\00029207.PHP 1113 bytes
File C:\RECYCLER\NPROTECT\00029209.PHP 1511 bytes
File C:\RECYCLER\NPROTECT\00029211.PHP 122 bytes
File C:\RECYCLER\NPROTECT\00029213.PHP 871 bytes
File C:\RECYCLER\NPROTECT\00029217.PHP 325 bytes
File C:\RECYCLER\NPROTECT\00029219.PHP 630 bytes
File C:\RECYCLER\NPROTECT\00029221.PHP 2446 bytes
File C:\RECYCLER\NPROTECT\00029223.PHP 7972 bytes
File C:\RECYCLER\NPROTECT\00029225.PHP 1641 bytes
File C:\RECYCLER\NPROTECT\00029227.PHP 658 bytes
File C:\RECYCLER\NPROTECT\00029229.PHP 2816 bytes
File C:\RECYCLER\NPROTECT\00029231.PHP 3508 bytes
File C:\RECYCLER\NPROTECT\00029233.PHP 4428 bytes
File C:\RECYCLER\NPROTECT\00029235.PHP 6644 bytes
File C:\RECYCLER\NPROTECT\00029237.PHP 2782 bytes
File C:\RECYCLER\NPROTECT\00029239.PHP 26961 bytes
File C:\RECYCLER\NPROTECT\00029241.PHP 3046 bytes
File C:\RECYCLER\NPROTECT\00029243.PHP 569 bytes
File C:\RECYCLER\NPROTECT\00029245.PHP 15077 bytes
File C:\RECYCLER\NPROTECT\00029247.PHP 4917 bytes
File C:\RECYCLER\NPROTECT\00029250.PHP 2054 bytes
File C:\RECYCLER\NPROTECT\00029254.PHP 10889 bytes
File C:\RECYCLER\NPROTECT\00029256.PHP 7391 bytes
File C:\RECYCLER\NPROTECT\00029258.PHP 3025 bytes
File C:\RECYCLER\NPROTECT\00029260.php 125 bytes
File C:\RECYCLER\NPROTECT\00029262.PHP 1561 bytes
File C:\RECYCLER\NPROTECT\00029264.gif 366 bytes
File C:\RECYCLER\NPROTECT\00029266.PHP 16453 bytes
File C:\RECYCLER\NPROTECT\00029268.PHP 300 bytes
File C:\RECYCLER\NPROTECT\00029270.PHP 102 bytes
File C:\RECYCLER\NPROTECT\00029272.PHP 267 bytes
File C:\RECYCLER\NPROTECT\00029274.PHP 103 bytes
File C:\RECYCLER\NPROTECT\00029276.PHP 229 bytes
File C:\RECYCLER\NPROTECT\00029278.PHP 114 bytes
File C:\RECYCLER\NPROTECT\00029280.PHP 127 bytes
File C:\RECYCLER\NPROTECT\00029282.PHP 137 bytes
File C:\RECYCLER\NPROTECT\00029284.PHP 452 bytes
File C:\RECYCLER\NPROTECT\00029286.PHP 172 bytes
File C:\RECYCLER\NPROTECT\00029290.PHP 189 bytes
File C:\RECYCLER\NPROTECT\00029292.PHP 699 bytes
File C:\RECYCLER\NPROTECT\00029294.PHP 610 bytes
File C:\RECYCLER\NPROTECT\00029296.PHP 691 bytes
File C:\RECYCLER\NPROTECT\00029298.PHP 631 bytes
File C:\RECYCLER\NPROTECT\00029300.PHP 751 bytes
File C:\RECYCLER\NPROTECT\00029302.PHP 1071 bytes
File C:\RECYCLER\NPROTECT\00029304.PHP 2902 bytes
File C:\RECYCLER\NPROTECT\00029306.PHP 862 bytes
File C:\RECYCLER\NPROTECT\00029308.PHP 1090 bytes
File C:\RECYCLER\NPROTECT\00029310.PHP 344 bytes
File C:\RECYCLER\NPROTECT\00029312.PHP 573 bytes
File C:\RECYCLER\NPROTECT\00029314.PHP 2392 bytes
File C:\RECYCLER\NPROTECT\00029316.PHP 152 bytes
File C:\RECYCLER\NPROTECT\00029318.PHP 1182 bytes
File C:\RECYCLER\NPROTECT\00029320.PHP 3699 bytes
File C:\RECYCLER\NPROTECT\00029322.PHP 599 bytes
File C:\RECYCLER\NPROTECT\00029326.PHP 951 bytes
File C:\RECYCLER\NPROTECT\00029328.PHP 1371 bytes
File C:\RECYCLER\NPROTECT\00029330.PHP 115 bytes
File C:\RECYCLER\NPROTECT\00029332.PHP 817 bytes
File C:\RECYCLER\NPROTECT\00029334.PHP 570 bytes
File C:\RECYCLER\NPROTECT\00029336.PHP 276 bytes
File C:\RECYCLER\NPROTECT\00029338.PHP 540 bytes
File C:\RECYCLER\NPROTECT\00029340.PHP 2294 bytes
File C:\RECYCLER\NPROTECT\00029342.PHP 7877 bytes
File C:\RECYCLER\NPROTECT\00029344.PHP 1616 bytes
File C:\RECYCLER\NPROTECT\00029346.PHP 570 bytes
File C:\RECYCLER\NPROTECT\00029348.PHP 2541 bytes
File C:\RECYCLER\NPROTECT\00029350.PHP 3126 bytes
File C:\RECYCLER\NPROTECT\00029352.PHP 5556 bytes
File C:\RECYCLER\NPROTECT\00029354.PHP 5745 bytes
File C:\RECYCLER\NPROTECT\00029356.PHP 2550 bytes
File C:\RECYCLER\NPROTECT\00029358.PHP 23184 bytes
File C:\RECYCLER\NPROTECT\00029362.PHP 525 bytes
File C:\RECYCLER\NPROTECT\00029364.PHP 13925 bytes
File C:\RECYCLER\NPROTECT\00029366.PHP 4337 bytes
File C:\RECYCLER\NPROTECT\00029368.PHP 1967 bytes
File C:\RECYCLER\NPROTECT\00029370.PHP 3388 bytes
File C:\RECYCLER\NPROTECT\00029372.PHP 8677 bytes
File C:\RECYCLER\NPROTECT\00029374.PHP 6633 bytes
File C:\RECYCLER\NPROTECT\00029376.PHP 2798 bytes
File C:\RECYCLER\NPROTECT\00029378.php 117 bytes
File C:\RECYCLER\NPROTECT\00029380.PHP 1568 bytes
File C:\RECYCLER\NPROTECT\00029382.gif 362 bytes
File C:\RECYCLER\NPROTECT\00029384.php 35 bytes
File C:\RECYCLER\NPROTECT\00029386.PHP 14172 bytes
File C:\RECYCLER\NPROTECT\00029388.PHP 279 bytes
File C:\RECYCLER\NPROTECT\00029390.PHP 99 bytes
File C:\RECYCLER\NPROTECT\00029392.PHP 253 bytes
File C:\RECYCLER\NPROTECT\00029394.PHP 101 bytes
File C:\RECYCLER\NPROTECT\00029398.PHP 119 bytes
File C:\RECYCLER\NPROTECT\00029400.PHP 129 bytes
File C:\RECYCLER\NPROTECT\00029402.PHP 133 bytes
File C:\RECYCLER\NPROTECT\00029404.PHP 422 bytes
File C:\RECYCLER\NPROTECT\00029406.PHP 172 bytes
File C:\RECYCLER\NPROTECT\00029408.PHP 106 bytes
File C:\RECYCLER\NPROTECT\00029410.PHP 194 bytes
File C:\RECYCLER\NPROTECT\00029412.PHP 617 bytes
File C:\RECYCLER\NPROTECT\00029414.PHP 553 bytes
File C:\RECYCLER\NPROTECT\00029416.PHP 566 bytes
File C:\RECYCLER\NPROTECT\00029418.PHP 624 bytes
File C:\RECYCLER\NPROTECT\00029420.PHP 977 bytes
File C:\RECYCLER\NPROTECT\00029422.PHP 2639 bytes
File C:\RECYCLER\NPROTECT\00029424.PHP 832 bytes
File C:\RECYCLER\NPROTECT\00029426.PHP 339 bytes
File C:\RECYCLER\NPROTECT\00029428.PHP 563 bytes
File C:\RECYCLER\NPROTECT\00029430.PHP 975 bytes
File C:\RECYCLER\NPROTECT\00029434.PHP 152 bytes
File C:\RECYCLER\NPROTECT\00029436.PHP 1098 bytes
File C:\RECYCLER\NPROTECT\00029438.PHP 3573 bytes
File C:\RECYCLER\NPROTECT\00029440.PHP 573 bytes
File C:\RECYCLER\NPROTECT\00029442.PHP 421 bytes
File C:\RECYCLER\NPROTECT\00029444.PHP 846 bytes
File C:\RECYCLER\NPROTECT\00029446.PHP 1278 bytes
File C:\RECYCLER\NPROTECT\00029448.PHP 117 bytes
File C:\RECYCLER\NPROTECT\00029450.PHP 727 bytes
File C:\RECYCLER\NPROTECT\00029452.PHP 534 bytes
File C:\RECYCLER\NPROTECT\00029454.PHP 277 bytes
File C:\RECYCLER\NPROTECT\00029456.PHP 547 bytes
File C:\RECYCLER\NPROTECT\00029458.PHP 2061 bytes
File C:\RECYCLER\NPROTECT\00029460.PHP 7106 bytes
File C:\RECYCLER\NPROTECT\00029462.PHP 1578 bytes
File C:\RECYCLER\NPROTECT\00029464.PHP 567 bytes
File C:\RECYCLER\NPROTECT\00029466.PHP 2771 bytes
File C:\RECYCLER\NPROTECT\00029470.PHP 4708 bytes
File C:\RECYCLER\NPROTECT\00029472.PHP 5449 bytes
File C:\RECYCLER\NPROTECT\00029474.PHP 2544 bytes
File C:\RECYCLER\NPROTECT\00029476.PHP 22167 bytes
File C:\RECYCLER\NPROTECT\00029478.PHP 2263 bytes
File C:\RECYCLER\NPROTECT\00029480.PHP 520 bytes
File C:\RECYCLER\NPROTECT\00029482.PHP 14202 bytes
File C:\RECYCLER\NPROTECT\00029484.PHP 4235 bytes
File C:\RECYCLER\NPROTECT\00029486.PHP 1946 bytes
File C:\RECYCLER\NPROTECT\00029488.PHP 3194 bytes
File C:\RECYCLER\NPROTECT\00029490.PHP 8749 bytes
File C:\RECYCLER\NPROTECT\00029492.PHP 6341 bytes
File C:\RECYCLER\NPROTECT\00029494.PHP 2552 bytes
File C:\RECYCLER\NPROTECT\00029496.php 120 bytes
File C:\RECYCLER\NPROTECT\00029498.PHP 1205 bytes
File C:\RECYCLER\NPROTECT\00029500.gif 360 bytes
File C:\RECYCLER\NPROTECT\00029502.php 36 bytes
File C:\RECYCLER\NPROTECT\00029506.PHP 322 bytes
File C:\RECYCLER\NPROTECT\00029508.PHP 101 bytes
File C:\RECYCLER\NPROTECT\00029510.PHP 258 bytes
File C:\RECYCLER\NPROTECT\00029512.PHP 104 bytes
File C:\RECYCLER\NPROTECT\00029514.PHP 239 bytes
File C:\RECYCLER\NPROTECT\00029516.PHP 120 bytes
File C:\RECYCLER\NPROTECT\00029518.PHP 126 bytes
File C:\RECYCLER\NPROTECT\00029520.PHP 137 bytes
File C:\RECYCLER\NPROTECT\00029522.PHP 438 bytes
File C:\RECYCLER\NPROTECT\00029524.PHP 162 bytes
File C:\RECYCLER\NPROTECT\00029526.PHP 101 bytes
File C:\RECYCLER\NPROTECT\00029528.PHP 179 bytes
File C:\RECYCLER\NPROTECT\00029530.PHP 668 bytes
File C:\RECYCLER\NPROTECT\00029532.PHP 601 bytes
File C:\RECYCLER\NPROTECT\00029534.PHP 621 bytes
File C:\RECYCLER\NPROTECT\00029536.PHP 663 bytes
File C:\RECYCLER\NPROTECT\00029538.PHP 1009 bytes
File C:\RECYCLER\NPROTECT\00029542.PHP 908 bytes
File C:\RECYCLER\NPROTECT\00029544.PHP 326 bytes
File C:\RECYCLER\NPROTECT\00029546.PHP 540 bytes
File C:\RECYCLER\NPROTECT\00029548.PHP 1060 bytes
File C:\RECYCLER\NPROTECT\00029550.PHP 2348 bytes
File C:\RECYCLER\NPROTECT\00029552.PHP 147 bytes
File C:\RECYCLER\NPROTECT\00029554.PHP 1109 bytes
File C:\RECYCLER\NPROTECT\00029556.PHP 3779 bytes
File C:\RECYCLER\NPROTECT\00029558.PHP 584 bytes
File C:\RECYCLER\NPROTECT\00029560.PHP 419 bytes
File C:\RECYCLER\NPROTECT\00029562.PHP 953 bytes
File C:\RECYCLER\NPROTECT\00029564.PHP 1360 bytes
File C:\RECYCLER\NPROTECT\00029566.PHP 114 bytes
File C:\RECYCLER\NPROTECT\00029568.PHP 819 bytes
File C:\RECYCLER\NPROTECT\00029570.PHP 548 bytes
File C:\RECYCLER\NPROTECT\00029572.PHP 236 bytes
File C:\RECYCLER\NPROTECT\00029574.PHP 537 bytes
File C:\RECYCLER\NPROTECT\00029578.PHP 7715 bytes
File C:\RECYCLER\NPROTECT\00029580.PHP 1579 bytes
File C:\RECYCLER\NPROTECT\00029582.PHP 616 bytes
File C:\RECYCLER\NPROTECT\00029584.PHP 2465 bytes
File C:\RECYCLER\NPROTECT\00029586.PHP 2994 bytes
File C:\RECYCLER\NPROTECT\00029588.PHP 3706 bytes
File C:\RECYCLER\NPROTECT\00029590.PHP 5647 bytes
File C:\RECYCLER\NPROTECT\00029592.PHP 2590 bytes
File C:\RECYCLER\NPROTECT\00029594.PHP 23473 bytes
File C:\RECYCLER\NPROTECT\00029596.PHP 2631 bytes
File C:\RECYCLER\NPROTECT\00029598.PHP 535 bytes
File C:\RECYCLER\NPROTECT\00029600.PHP 13519 bytes
File C:\RECYCLER\NPROTECT\00029602.PHP 4248 bytes
File C:\RECYCLER\NPROTECT\00029604.PHP 1913 bytes
File C:\RECYCLER\NPROTECT\00029606.PHP 3296 bytes
File C:\RECYCLER\NPROTECT\00029608.PHP 9024 bytes
File C:\RECYCLER\NPROTECT\00029610.PHP 6351 bytes
File C:\RECYCLER\NPROTECT\00029614.php 118 bytes
File C:\RECYCLER\NPROTECT\00029616.PHP 1416 bytes
File C:\RECYCLER\NPROTECT\00029618.gif 366 bytes
File C:\RECYCLER\NPROTECT\00029620.php 30 bytes
File C:\RECYCLER\NPROTECT\00029622.PHP 14058 bytes
File C:\RECYCLER\NPROTECT\00029624.php 34 bytes
File C:\RECYCLER\NPROTECT\00029626.gif 945 bytes
File C:\RECYCLER\NPROTECT\00029628.PHP 4667 bytes
File C:\RECYCLER\NPROTECT\00029630.PHP 3894 bytes
File C:\RECYCLER\NPROTECT\00029632.PHP 6213 bytes
File C:\RECYCLER\NPROTECT\00029634.PHP 1569 bytes
File C:\RECYCLER\NPROTECT\00029636.php 34 bytes
File C:\RECYCLER\NPROTECT\00029638.gif 1616 bytes
File C:\RECYCLER\NPROTECT\00029640.PHP 4100 bytes
File C:\RECYCLER\NPROTECT\00029642.PHP 3938 bytes
File C:\RECYCLER\NPROTECT\00029644.PHP 1973 bytes
File C:\RECYCLER\NPROTECT\00029646.php 34 bytes
File C:\RECYCLER\NPROTECT\00029650.PHP 7410 bytes
File C:\RECYCLER\NPROTECT\00029652.tpl 4112 bytes
File C:\RECYCLER\NPROTECT\00029654.PHP 1328 bytes
File C:\RECYCLER\NPROTECT\00029656.gif 2468 bytes
File C:\RECYCLER\NPROTECT\00029658.PHP 4191 bytes
File C:\RECYCLER\NPROTECT\00029660.PHP 3377 bytes
File C:\RECYCLER\NPROTECT\00029662.php 34 bytes
File C:\RECYCLER\NPROTECT\00029664.gif 1788 bytes
File C:\RECYCLER\NPROTECT\00029666.PHP 4609 bytes
File C:\RECYCLER\NPROTECT\00029668.PHP 8755 bytes
File C:\RECYCLER\NPROTECT\00029670.tpl 3239 bytes
File C:\RECYCLER\NPROTECT\00029672.PHP 1331 bytes
File C:\RECYCLER\NPROTECT\00029674.php 34 bytes
File C:\RECYCLER\NPROTECT\00029676.gif 2053 bytes
File C:\RECYCLER\NPROTECT\00029678.PHP 5047 bytes
File C:\RECYCLER\NPROTECT\00029680.PHP 2996 bytes
File C:\RECYCLER\NPROTECT\00029682.php 933 bytes
File C:\RECYCLER\NPROTECT\00029686.PHP 2115 bytes
File C:\RECYCLER\NPROTECT\00029688.php 34 bytes
File C:\RECYCLER\NPROTECT\00029690.php 34 bytes
File C:\RECYCLER\NPROTECT\00029692.gif 1816 bytes
File C:\RECYCLER\NPROTECT\00029694.PHP 5828 bytes
File C:\RECYCLER\NPROTECT\00029696.PHP 21626 bytes
File C:\RECYCLER\NPROTECT\00029698.tpl 3794 bytes
File C:\RECYCLER\NPROTECT\00029700.PHP 1325 bytes
File C:\RECYCLER\NPROTECT\00029702.gif 1775 bytes
File C:\RECYCLER\NPROTECT\00029704.PHP 4527 bytes
File C:\RECYCLER\NPROTECT\00029706.PHP 3828 bytes
File C:\RECYCLER\NPROTECT\00029708.PHP 4264 bytes
File C:\RECYCLER\NPROTECT\00029710.gif 2415 bytes
File C:\RECYCLER\NPROTECT\00029712.PHP 4471 bytes
File C:\RECYCLER\NPROTECT\00029714.PHP 11711 bytes
File C:\RECYCLER\NPROTECT\00029716.tpl 2934 bytes
File C:\RECYCLER\NPROTECT\00029718.PHP 1327 bytes
File C:\RECYCLER\NPROTECT\00029107.PHP 1645 bytes
File C:\RECYCLER\NPROTECT\00029143.PHP 1503 bytes
File C:\RECYCLER\NPROTECT\00029179.PHP 728 bytes
File C:\RECYCLER\NPROTECT\00029215.PHP 654 bytes
File C:\RECYCLER\NPROTECT\00029252.PHP 3960 bytes
File C:\RECYCLER\NPROTECT\00029288.PHP 107 bytes
File C:\RECYCLER\NPROTECT\00029324.PHP 447 bytes
File C:\RECYCLER\NPROTECT\00029360.PHP 2482 bytes
File C:\RECYCLER\NPROTECT\00029396.PHP 220 bytes
File C:\RECYCLER\NPROTECT\00029432.PHP 2280 bytes
File C:\RECYCLER\NPROTECT\00029468.PHP 3548 bytes
File C:\RECYCLER\NPROTECT\00029504.PHP 12914 bytes
File C:\RECYCLER\NPROTECT\00029540.PHP 2909 bytes
File C:\RECYCLER\NPROTECT\00029576.PHP 2162 bytes
File C:\RECYCLER\NPROTECT\00029612.PHP 2655 bytes
File C:\RECYCLER\NPROTECT\00029648.PHP 8442 bytes
File C:\RECYCLER\NPROTECT\00029722.gif 1317 bytes
File C:\RECYCLER\NPROTECT\00029724.PHP 3985 bytes
File C:\RECYCLER\NPROTECT\00029726.PHP 6725 bytes
File C:\RECYCLER\NPROTECT\00029728.tpl 2898 bytes
File C:\RECYCLER\NPROTECT\00029730.PHP 3715 bytes
File C:\RECYCLER\NPROTECT\00029732.PHP 11723 bytes
File C:\RECYCLER\NPROTECT\00029734.gif 2564 bytes
File C:\RECYCLER\NPROTECT\00029736.PHP 5624 bytes
File C:\RECYCLER\NPROTECT\00029738.PHP 8675 bytes
File C:\RECYCLER\NPROTECT\00029740.PHP 3017 bytes
File C:\RECYCLER\NPROTECT\00029742.gif 8041 bytes
File C:\RECYCLER\NPROTECT\00029744.PHP 106 bytes
File C:\RECYCLER\NPROTECT\00029746.gif 2235 bytes
File C:\RECYCLER\NPROTECT\00029748.PHP 3926 bytes
File C:\RECYCLER\NPROTECT\00029750.PHP 5066 bytes
File C:\RECYCLER\NPROTECT\00029752.PHP 1087 bytes
File C:\RECYCLER\NPROTECT\00029754.php 34 bytes
File C:\RECYCLER\NPROTECT\00029758.PHP 1375 bytes
File C:\RECYCLER\NPROTECT\00029760.PHP 6835 bytes
File C:\RECYCLER\NPROTECT\00029762.php 34 bytes
File C:\RECYCLER\NPROTECT\00029764.PHP 10149 bytes
File C:\RECYCLER\NPROTECT\00029766.TPL 6079 bytes
File C:\RECYCLER\NPROTECT\00029768.gif 2362 bytes
File C:\RECYCLER\NPROTECT\00029770.PHP 4207 bytes
File C:\RECYCLER\NPROTECT\00029772.PHP 8756 bytes
File C:\RECYCLER\NPROTECT\00029774.PHP 2040 bytes
File C:\RECYCLER\NPROTECT\00029776.php 34 bytes
File C:\RECYCLER\NPROTECT\00029778.gif 2392 bytes
File C:\RECYCLER\NPROTECT\00029780.PHP 11658 bytes
File C:\RECYCLER\NPROTECT\00029782.PHP 2467 bytes
File C:\RECYCLER\NPROTECT\00029784.PHP 1320 bytes
File C:\RECYCLER\NPROTECT\00029786.PHP 503 bytes
File C:\RECYCLER\NPROTECT\00029788.PHP 8421 bytes
File C:\RECYCLER\NPROTECT\00029790.php 3998 bytes
File C:\RECYCLER\NPROTECT\00029794.PHP 3476 bytes
File C:\RECYCLER\NPROTECT\00029796.php 1711 bytes
File C:\RECYCLER\NPROTECT\00029798.php 34 bytes
File C:\RECYCLER\NPROTECT\00029800.PHP 2816 bytes
File C:\RECYCLER\NPROTECT\00029802.php 1570 bytes
File C:\RECYCLER\NPROTECT\00029804.php 34 bytes
File C:\RECYCLER\NPROTECT\00029806.PHP 5668 bytes
File C:\RECYCLER\NPROTECT\00029808.PHP 1928 bytes
File C:\RECYCLER\NPROTECT\00029810.php 1984 bytes
File C:\RECYCLER\NPROTECT\00029812.php 34 bytes
File C:\RECYCLER\NPROTECT\00029814.PHP 3480 bytes
File C:\RECYCLER\NPROTECT\00029816.php 1625 bytes
File C:\RECYCLER\NPROTECT\00029818.php 34 bytes
File C:\RECYCLER\NPROTECT\00029820.gif 4036 bytes
File C:\RECYCLER\NPROTECT\00029822.PHP 9443 bytes
File C:\RECYCLER\NPROTECT\00029824.php 3747 bytes
File C:\RECYCLER\NPROTECT\00029826.php 34 bytes
File C:\RECYCLER\NPROTECT\00029830.gif 399 bytes
File C:\RECYCLER\NPROTECT\00029832.PHP 7091 bytes
File C:\RECYCLER\NPROTECT\00029834.php 2687 bytes
File C:\RECYCLER\NPROTECT\00029836.php 34 bytes
File C:\RECYCLER\NPROTECT\00029838.PHP 3559 bytes
File C:\RECYCLER\NPROTECT\00029840.php 1666 bytes
File C:\RECYCLER\NPROTECT\00029842.php 34 bytes
File C:\RECYCLER\NPROTECT\00029844.gif 2794 bytes
File C:\RECYCLER\NPROTECT\00029846.PHP 19820 bytes
File C:\RECYCLER\NPROTECT\00029848.PHP 15028 bytes
File C:\RECYCLER\NPROTECT\00029850.php 9539 bytes
File C:\RECYCLER\NPROTECT\00029852.php 31 bytes
File C:\RECYCLER\NPROTECT\00029854.PHP 3803 bytes
File C:\RECYCLER\NPROTECT\00029856.php 2010 bytes
File C:\RECYCLER\NPROTECT\00029858.php 34 bytes
File C:\RECYCLER\NPROTECT\00029860.PHP 404 bytes
File C:\RECYCLER\NPROTECT\00029862.PHP 464 bytes
File C:\RECYCLER\NPROTECT\00029866.PHP 4565 bytes
File C:\RECYCLER\NPROTECT\00029868.PHP 2558 bytes
File C:\RECYCLER\NPROTECT\00029870.php 2863 bytes
File C:\RECYCLER\NPROTECT\00029872.php 34 bytes
File C:\RECYCLER\NPROTECT\00029874.gif 2562 bytes
File C:\RECYCLER\NPROTECT\00029876.PHP 3957 bytes
File C:\RECYCLER\NPROTECT\00029878.INC 221 bytes
File C:\RECYCLER\NPROTECT\00029880.php 2584 bytes
File C:\RECYCLER\NPROTECT\00029882.php 34 bytes
File C:\RECYCLER\NPROTECT\00029884.gif 2376 bytes
File C:\RECYCLER\NPROTECT\00029886.PHP 3911 bytes
File C:\RECYCLER\NPROTECT\00029888.PHP 1304 bytes
File C:\RECYCLER\NPROTECT\00029890.php 34 bytes
File C:\RECYCLER\NPROTECT\00029892.gif 2120 bytes
File C:\RECYCLER\NPROTECT\00029894.PHP 3561 bytes
File C:\RECYCLER\NPROTECT\00029896.PHP 1338 bytes
File C:\RECYCLER\NPROTECT\00029898.php 34 bytes
File C:\RECYCLER\NPROTECT\00029902.PHP 4102 bytes
File C:\RECYCLER\NPROTECT\00029904.PHP 1346 bytes
File C:\RECYCLER\NPROTECT\00029906.php 34 bytes
File C:\RECYCLER\NPROTECT\00029908.gif 1976 bytes
File C:\RECYCLER\NPROTECT\00029910.PHP 3899 bytes
File C:\RECYCLER\NPROTECT\00029912.PHP 1404 bytes
File C:\RECYCLER\NPROTECT\00029914.php 34 bytes
File C:\RECYCLER\NPROTECT\00029916.php 34 bytes
File C:\RECYCLER\NPROTECT\00029918.PHP 1935 bytes
File C:\RECYCLER\NPROTECT\00029920.PHP 1900 bytes
File C:\RECYCLER\NPROTECT\00029922.PHP 10960 bytes
File C:\RECYCLER\NPROTECT\00029924.PHP 3021 bytes
File C:\RECYCLER\NPROTECT\00029926.PHP 3697 bytes
File C:\RECYCLER\NPROTECT\00029928.PHP 3718 bytes
File C:\RECYCLER\NPROTECT\00029930.PHP 2519 bytes
File C:\RECYCLER\NPROTECT\00029932.PHP 1577 bytes
File C:\RECYCLER\NPROTECT\00029934.PHP 5312 bytes
File C:\RECYCLER\NPROTECT\00029938.PHP 17629 bytes
File C:\RECYCLER\NPROTECT\00029940.php 5473 bytes
File C:\RECYCLER\NPROTECT\00029942.gif 3353 bytes
File C:\RECYCLER\NPROTECT\00029944.PHP 6631 bytes
File C:\RECYCLER\NPROTECT\00029946.PHP 23776 bytes
File C:\RECYCLER\NPROTECT\00029948.PHP 1047 bytes
File C:\RECYCLER\NPROTECT\00029950.PHP 341 bytes
File C:\RECYCLER\NPROTECT\00029952.PHP 2378 bytes
File C:\RECYCLER\NPROTECT\00029954.PHP 1646 bytes
File C:\RECYCLER\NPROTECT\00029956.PHP 2236 bytes
File C:\RECYCLER\NPROTECT\00029958.PHP 1284 bytes
File C:\RECYCLER\NPROTECT\00029960.PHP 1909 bytes
File C:\RECYCLER\NPROTECT\00029962.php 2087 bytes
File C:\RECYCLER\NPROTECT\00029964.PHP 21899 bytes
File C:\RECYCLER\NPROTECT\00029966.HTM 13 bytes
File C:\RECYCLER\NPROTECT\00029968.PHP 3689 bytes
File C:\RECYCLER\NPROTECT\00029970.PHP 1488 bytes
File C:\RECYCLER\NPROTECT\00029974.PHP 1379 bytes
File C:\RECYCLER\NPROTECT\00029976.gif 3327 bytes
File C:\RECYCLER\NPROTECT\00029978.PHP 12560 bytes
File C:\RECYCLER\NPROTECT\00029980.htm 2791 bytes
File C:\RECYCLER\NPROTECT\00029982.PHP 3022 bytes
File C:\RECYCLER\NPROTECT\00029984.PHP 2749 bytes
File C:\RECYCLER\NPROTECT\00029986.PHP 1709 bytes
File C:\RECYCLER\NPROTECT\00029988.PHP 2385 bytes
File C:\RECYCLER\NPROTECT\00029990.PHP 1072 bytes
File C:\RECYCLER\NPROTECT\00029992.PHP 2262 bytes
File C:\RECYCLER\NPROTECT\00029994.php 2087 bytes
File C:\RECYCLER\NPROTECT\00029996.PHP 3963 bytes
File C:\RECYCLER\NPROTECT\00029998.HTM 13 bytes
File C:\RECYCLER\NPROTECT\00030000.PHP 3686 bytes
File C:\RECYCLER\NPROTECT\00030002.PHP 1756 bytes
File C:\RECYCLER\NPROTECT\00030004.PHP 4225 bytes
File C:\RECYCLER\NPROTECT\00030006.PHP 1122 bytes
File C:\RECYCLER\NPROTECT\00030010.PHP 3210 bytes
File C:\RECYCLER\NPROTECT\00030012.PHP 979 bytes
File C:\RECYCLER\NPROTECT\00030014.PHP 5588 bytes
File C:\RECYCLER\NPROTECT\00030016.php 34 bytes
File C:\RECYCLER\NPROTECT\00030018.gif 1077 bytes
File C:\RECYCLER\NPROTECT\00030020.php 2310 bytes
File C:\RECYCLER\NPROTECT\00030022.htm 13 bytes
File C:\RECYCLER\NPROTECT\00030024.PHP 18740 bytes
File C:\RECYCLER\NPROTECT\00030026.tpl 6457 bytes
File C:\RECYCLER\NPROTECT\00030028.php 917 bytes
File C:\RECYCLER\NPROTECT\00030030.gif 3951 bytes
File C:\RECYCLER\NPROTECT\00030032.GIF 2117 bytes
File C:\RECYCLER\NPROTECT\00030034.GIF 1085 bytes
File C:\RECYCLER\NPROTECT\00030036.GIF 673 bytes
File C:\RECYCLER\NPROTECT\00030038.GIF 838 bytes
File C:\RECYCLER\NPROTECT\00030040.JPG 861 bytes
File C:\RECYCLER\NPROTECT\00030042.gif 43 bytes
File C:\RECYCLER\NPROTECT\00030046.GIF 43 bytes
File C:\RECYCLER\NPROTECT\00030048.GIF 3151 bytes
File C:\RECYCLER\NPROTECT\00030050.GIF 1766 bytes
File C:\RECYCLER\NPROTECT\00030052.PHP 1368 bytes
File C:\RECYCLER\NPROTECT\00030054.htm 4568 bytes
File C:\RECYCLER\NPROTECT\00030056.GIF 2749 bytes
File C:\RECYCLER\NPROTECT\00030058.php 12002 bytes
File C:\RECYCLER\NPROTECT\00030060.PHP 1943 bytes
File C:\RECYCLER\NPROTECT\00030062.PHP 7482 bytes
File C:\RECYCLER\NPROTECT\00030064.INC 155 bytes
File C:\RECYCLER\NPROTECT\00030066.PHP 21804 bytes
File C:\RECYCLER\NPROTECT\00030068.PHP 1356 bytes
File C:\RECYCLER\NPROTECT\00030070.PHP 6956 bytes
File C:\RECYCLER\NPROTECT\00030072.PHP 3107 bytes
File C:\RECYCLER\NPROTECT\00030074.php 34 bytes
File C:\RECYCLER\NPROTECT\00030076.TXT 6165 bytes
File C:\RECYCLER\NPROTECT\00030078.css 2143 bytes
File C:\RECYCLER\NPROTECT\00030082.PHP 1841 bytes
File C:\RECYCLER\NPROTECT\00030084.SQL 1485 bytes
File C:\RECYCLER\NPROTECT\00030086.SQL 1403 bytes
File C:\RECYCLER\NPROTECT\00030088.sql 14177 bytes
File C:\RECYCLER\NPROTECT\00030090.SQL 75090 bytes
File C:\RECYCLER\NPROTECT\00030092.SQL 1405 bytes
File C:\RECYCLER\NPROTECT\00030094.SQL 921 bytes
File C:\RECYCLER\NPROTECT\00030096.SQL 1419 bytes
File C:\RECYCLER\NPROTECT\00030098.SQL 1412 bytes
File C:\RECYCLER\NPROTECT\00030100.gif 619 bytes
File C:\RECYCLER\NPROTECT\00030102.GIF 28802 bytes
File C:\RECYCLER\NPROTECT\00030104.gif 1094 bytes
File C:\RECYCLER\NPROTECT\00030106.gif 1452 bytes
File C:\RECYCLER\NPROTECT\00030108.GIF 13220 bytes
File C:\RECYCLER\NPROTECT\00030110.gif 3556 bytes
File C:\RECYCLER\NPROTECT\00030112.GIF 33709 bytes
File C:\RECYCLER\NPROTECT\00030114.gif 3506 bytes
File C:\RECYCLER\NPROTECT\00030118.gif 739 bytes
File C:\RECYCLER\NPROTECT\00030120.PHP 840 bytes
File C:\RECYCLER\NPROTECT\00030122.PHP 255 bytes
File C:\RECYCLER\NPROTECT\00030124.PHP 2312 bytes
File C:\RECYCLER\NPROTECT\00030126.php 1287 bytes
File C:\RECYCLER\NPROTECT\00030128.php 1266 bytes
File C:\RECYCLER\NPROTECT\00030130.PHP 3146 bytes
File C:\RECYCLER\NPROTECT\00030132.php 926 bytes
File C:\RECYCLER\NPROTECT\00030134.php 1292 bytes
File C:\RECYCLER\NPROTECT\00030136.js 3224 bytes
File C:\RECYCLER\NPROTECT\00030138.php 34609 bytes
File C:\RECYCLER\NPROTECT\00030140.php 4223 bytes
File C:\RECYCLER\NPROTECT\00030142.PHP 9135 bytes
File C:\RECYCLER\NPROTECT\00030144.php 7904 bytes
File C:\RECYCLER\NPROTECT\00030146.TPL 1119 bytes
File C:\RECYCLER\NPROTECT\00030148.tpl 544 bytes
File C:\RECYCLER\NPROTECT\00030150.tpl 956 bytes
File C:\RECYCLER\NPROTECT\00030154.TPL 1064 bytes
File C:\RECYCLER\NPROTECT\00030156.TPL 502 bytes
File C:\RECYCLER\NPROTECT\00030158.TPL 346 bytes
File C:\RECYCLER\NPROTECT\00030160.TPL 390 bytes
File C:\RECYCLER\NPROTECT\00030162.tpl 278 bytes
File C:\RECYCLER\NPROTECT\00030164.TPL 485 bytes
File C:\RECYCLER\NPROTECT\00030166.tpl 419 bytes
File C:\RECYCLER\NPROTECT\00030168.tpl 359 bytes
File C:\RECYCLER\NPROTECT\00030170.tpl 271 bytes
File C:\RECYCLER\NPROTECT\00030172.tpl 620 bytes
File C:\RECYCLER\NPROTECT\00030174.php 34 bytes
File C:\RECYCLER\NPROTECT\00030176.tpl 2156 bytes
File C:\RECYCLER\NPROTECT\00030178.tpl 1641 bytes
File C:\RECYCLER\NPROTECT\00030180.php 34 bytes
File C:\RECYCLER\NPROTECT\00030182.TPL 1169 bytes
File C:\RECYCLER\NPROTECT\00030184.TPL 163 bytes
File C:\RECYCLER\NPROTECT\00030186.TPL 642 bytes
File C:\RECYCLER\NPROTECT\00030190.TPL 2090 bytes
File C:\RECYCLER\NPROTECT\00030192.TPL 2040 bytes
File C:\RECYCLER\NPROTECT\00030194.tpl 11480 bytes
File C:\RECYCLER\NPROTECT\00030196.tpl 151 bytes
File C:\RECYCLER\NPROTECT\00030198.TPL 1391 bytes
File C:\RECYCLER\NPROTECT\00030200.tpl 1814 bytes
File C:\RECYCLER\NPROTECT\00030202.tpl 769 bytes
File C:\RECYCLER\NPROTECT\00030204.TPL 1442 bytes
File C:\RECYCLER\NPROTECT\00030206.tpl 9490 bytes
File C:\RECYCLER\NPROTECT\00030208.php 34 bytes
File C:\RECYCLER\NPROTECT\00030210.tpl 146 bytes
File C:\RECYCLER\NPROTECT\00030212.tpl 4074 bytes
File C:\RECYCLER\NPROTECT\00030214.tpl 155 bytes
File C:\RECYCLER\NPROTECT\00030216.tpl 2217 bytes
File C:\RECYCLER\NPROTECT\00030218.tpl 3234 bytes
File C:\RECYCLER\NPROTECT\00030220.tpl 1181 bytes
File C:\RECYCLER\NPROTECT\00030222.TPL 882 bytes
File C:\RECYCLER\NPROTECT\00030226.tpl 953 bytes
File C:\RECYCLER\NPROTECT\00030228.tpl 1709 bytes
File C:\RECYCLER\NPROTECT\00030230.tpl 1218 bytes
File C:\RECYCLER\NPROTECT\00030232.tpl 168 bytes
File C:\RECYCLER\NPROTECT\00030234.TPL 1388 bytes
File C:\RECYCLER\NPROTECT\00030236.tpl 6392 bytes
File C:\RECYCLER\NPROTECT\00030238.tpl 158 bytes
File C:\RECYCLER\NPROTECT\00030240.php 34 bytes
File C:\RECYCLER\NPROTECT\00030242.gif 2412 bytes
File C:\RECYCLER\NPROTECT\00030244.jpg 2237 bytes
File C:\RECYCLER\NPROTECT\00030246.GIF 198 bytes
File C:\RECYCLER\NPROTECT\00030248.gif 2602 bytes
File C:\RECYCLER\NPROTECT\00030250.php 34 bytes
File C:\RECYCLER\NPROTECT\00030252.gif 172 bytes
File C:\RECYCLER\NPROTECT\00030254.gif 364 bytes
File C:\RECYCLER\NPROTECT\00030256.GIF 358 bytes
File C:\RECYCLER\NPROTECT\00030258.gif 1019 bytes
File C:\RECYCLER\NPROTECT\00030262.gif 604 bytes
File C:\RECYCLER\NPROTECT\00030264.GIF 112 bytes
File C:\RECYCLER\NPROTECT\00030266.GIF 607 bytes
File C:\RECYCLER\NPROTECT\00030268.txt 160 bytes
File C:\RECYCLER\NPROTECT\00030270.GIF 114 bytes
File C:\RECYCLER\NPROTECT\00030272.gif 73 bytes
File C:\RECYCLER\NPROTECT\00030274.gif 71 bytes
File C:\RECYCLER\NPROTECT\00030276.php 34 bytes
File C:\RECYCLER\NPROTECT\00030278.GIF 522 bytes
File C:\RECYCLER\NPROTECT\00030280.gif 75 bytes
File C:\RECYCLER\NPROTECT\00030282.gif 141 bytes
File C:\RECYCLER\NPROTECT\00030284.gif 591 bytes
File C:\RECYCLER\NPROTECT\00030286.GIF 609 bytes
File C:\RECYCLER\NPROTECT\00030288.gif 976 bytes
File C:\RECYCLER\NPROTECT\00030290.php 34 bytes
File C:\RECYCLER\NPROTECT\00030292.css 3636 bytes
File C:\RECYCLER\NPROTECT\00030294.css 1703 bytes
File C:\RECYCLER\NPROTECT\00030298.css 938 bytes
File C:\RECYCLER\NPROTECT\00030300.css 1111 bytes
File C:\RECYCLER\NPROTECT\00030302.css 458 bytes
File C:\RECYCLER\NPROTECT\00030304.php 34 bytes
File C:\RECYCLER\NPROTECT\00030306.php 34 bytes
File C:\RECYCLER\NPROTECT\00030308.TPL 1119 bytes
File C:\RECYCLER\NPROTECT\00030310.tpl 544 bytes
File C:\RECYCLER\NPROTECT\00030312.tpl 749 bytes
File C:\RECYCLER\NPROTECT\00030314.tpl 338 bytes
File C:\RECYCLER\NPROTECT\00030316.TPL 1065 bytes
File C:\RECYCLER\NPROTECT\00030318.TPL 494 bytes
File C:\RECYCLER\NPROTECT\00030320.TPL 346 bytes
File C:\RECYCLER\NPROTECT\00030322.TPL 390 bytes
File C:\RECYCLER\NPROTECT\00030324.tpl 291 bytes
File C:\RECYCLER\NPROTECT\00030326.TPL 485 bytes
File C:\RECYCLER\NPROTECT\00030328.tpl 419 bytes
File C:\RECYCLER\NPROTECT\00030330.tpl 359 bytes
File C:\RECYCLER\NPROTECT\00029720.php 34 bytes
File C:\RECYCLER\NPROTECT\00029756.gif 68 bytes
File C:\RECYCLER\NPROTECT\00029792.php 34 bytes
File C:\RECYCLER\NPROTECT\00029828.php 6792 bytes
File C:\RECYCLER\NPROTECT\00029864.gif 2407 bytes
File C:\RECYCLER\NPROTECT\00029900.gif 1477 bytes
File C:\RECYCLER\NPROTECT\00029936.PHP 2934 bytes
File C:\RECYCLER\NPROTECT\00029972.PHP 3863 bytes
File C:\RECYCLER\NPROTECT\00030008.gif 1065 bytes
File C:\RECYCLER\NPROTECT\00030044.GIF 1105 bytes
File C:\RECYCLER\NPROTECT\00030080.php 23 bytes
File C:\RECYCLER\NPROTECT\00030116.GIF 189 bytes
File C:\RECYCLER\NPROTECT\00030152.tpl 338 bytes
File C:\RECYCLER\NPROTECT\00030188.TPL 1280 bytes
File C:\RECYCLER\NPROTECT\00030224.TPL 4175 bytes
File C:\RECYCLER\NPROTECT\00030260.gif 54 bytes
File C:\RECYCLER\NPROTECT\00030334.tpl 620 bytes
File C:\RECYCLER\NPROTECT\00030336.php 34 bytes
File C:\RECYCLER\NPROTECT\00030338.tpl 1925 bytes
File C:\RECYCLER\NPROTECT\00030340.tpl 1251 bytes
File C:\RECYCLER\NPROTECT\00030342.php 34 bytes
File C:\RECYCLER\NPROTECT\00030344.TPL 1169 bytes
File C:\RECYCLER\NPROTECT\00030346.TPL 167 bytes
File C:\RECYCLER\NPROTECT\00030348.TPL 642 bytes
File C:\RECYCLER\NPROTECT\00030350.TPL 1283 bytes
File C:\RECYCLER\NPROTECT\00030352.TPL 2085 bytes
File C:\RECYCLER\NPROTECT\00030354.TPL 1983 bytes
File C:\RECYCLER\NPROTECT\00030356.tpl 11487 bytes
File C:\RECYCLER\NPROTECT\00030358.tpl 155 bytes
File C:\RECYCLER\NPROTECT\00030360.TPL 1391 bytes
File C:\RECYCLER\NPROTECT\00030362.tpl 2039 bytes
File C:\RECYCLER\NPROTECT\00030364.tpl 799 bytes
File C:\RECYCLER\NPROTECT\00030366.TPL 1445 bytes
File C:\RECYCLER\NPROTECT\00030370.php 34 bytes
File C:\RECYCLER\NPROTECT\00030372.tpl 154 bytes
File C:\RECYCLER\NPROTECT\00030374.tpl 4159 bytes
File C:\RECYCLER\NPROTECT\00030376.tpl 159 bytes
File C:\RECYCLER\NPROTECT\00030378.tpl 2149 bytes
File C:\RECYCLER\NPROTECT\00030380.tpl 3468 bytes
File C:\RECYCLER\NPROTECT\00030382.tpl 1194 bytes
File C:\RECYCLER\NPROTECT\00030384.TPL 889 bytes
File C:\RECYCLER\NPROTECT\00030386.TPL 4177 bytes
File C:\RECYCLER\NPROTECT\00030388.tpl 918 bytes
File C:\RECYCLER\NPROTECT\00030390.tpl 1649 bytes
File C:\RECYCLER\NPROTECT\00030392.tpl 1218 bytes
File C:\RECYCLER\NPROTECT\00030394.tpl 167 bytes
File C:\RECYCLER\NPROTECT\00030396.TPL 1391 bytes
File C:\RECYCLER\NPROTECT\00030398.tpl 6462 bytes
File C:\RECYCLER\NPROTECT\00030400.tpl 163 bytes
File C:\RECYCLER\NPROTECT\00030402.php 34 bytes
File C:\RECYCLER\NPROTECT\00030442.gif 75 bytes
File C:\RECYCLER\NPROTECT\00030444.gif 141 bytes
File C:\RECYCLER\NPROTECT\00030446.gif 591 bytes
File C:\RECYCLER\NPROTECT\00030448.GIF 609 bytes
File C:\RECYCLER\NPROTECT\00030450.gif 976 bytes
File C:\RECYCLER\NPROTECT\00030452.php 34 bytes
File C:\RECYCLER\NPROTECT\00030454.css 20 bytes
File C:\RECYCLER\NPROTECT\00030456.css 3378 bytes
File C:\RECYCLER\NPROTECT\00030458.css 1703 bytes
File C:\RECYCLER\NPROTECT\00030460.css 5678 bytes
File C:\RECYCLER\NPROTECT\00030462.css 1111 bytes
File C:\RECYCLER\NPROTECT\00030464.php 34 bytes
File C:\RECYCLER\NPROTECT\00030466.php 34 bytes
File C:\RECYCLER\NPROTECT\00030468.TPL 1173 bytes
File C:\RECYCLER\NPROTECT\00030470.tpl 556 bytes
File C:\RECYCLER\NPROTECT\00030472.tpl 662 bytes
File C:\RECYCLER\NPROTECT\00030474.tpl 386 bytes
File C:\RECYCLER\NPROTECT\00030478.TPL 528 bytes
File C:\RECYCLER\NPROTECT\00030480.TPL 333 bytes
File C:\RECYCLER\NPROTECT\00030482.TPL 369 bytes
File C:\RECYCLER\NPROTECT\00030484.tpl 281 bytes
File C:\RECYCLER\NPROTECT\00030486.TPL 482 bytes
File C:\RECYCLER\NPROTECT\00030488.tpl 415 bytes
File C:\RECYCLER\NPROTECT\00030490.tpl 332 bytes
File C:\RECYCLER\NPROTECT\00030492.tpl 224 bytes
File C:\RECYCLER\NPROTECT\00030494.tpl 524 bytes
File C:\RECYCLER\NPROTECT\00030496.php 31 bytes
File C:\RECYCLER\NPROTECT\00030498.tpl 2160 bytes
File C:\RECYCLER\NPROTECT\00030500.tpl 1421 bytes
File C:\RECYCLER\NPROTECT\00030502.php 31 bytes
File C:\RECYCLER\NPROTECT\00030504.TPL 1169 bytes
File C:\RECYCLER\NPROTECT\00030506.TPL 669 bytes
File C:\RECYCLER\NPROTECT\00030508.TPL 1215 bytes
File C:\RECYCLER\NPROTECT\00030510.TPL 1754 bytes
File C:\RECYCLER\NPROTECT\00030514.tpl 10895 bytes
File C:\RECYCLER\NPROTECT\00030516.tpl 141 bytes
File C:\RECYCLER\NPROTECT\00030518.TPL 1391 bytes
File C:\RECYCLER\NPROTECT\00030520.tpl 1986 bytes
File C:\RECYCLER\NPROTECT\00030522.tpl 714 bytes
File C:\RECYCLER\NPROTECT\00030524.TPL 1282 bytes
File C:\RECYCLER\NPROTECT\00030526.tpl 9754 bytes
File C:\RECYCLER\NPROTECT\00030528.php 31 bytes
File C:\RECYCLER\NPROTECT\00030530.tpl 140 bytes
File C:\RECYCLER\NPROTECT\00030532.tpl 3796 bytes
File C:\RECYCLER\NPROTECT\00030534.tpl 2260 bytes
File C:\RECYCLER\NPROTECT\00030536.tpl 3382 bytes
File C:\RECYCLER\NPROTECT\00030538.tpl 1194 bytes
File C:\RECYCLER\NPROTECT\00030540.TPL 789 bytes
File C:\RECYCLER\NPROTECT\00030542.TPL 3658 bytes
File C:\RECYCLER\NPROTECT\00030544.tpl 1148 bytes
File C:\RECYCLER\NPROTECT\00030546.tpl 1569 bytes
File C:\RECYCLER\NPROTECT\00030550.tpl 159 bytes
File C:\RECYCLER\NPROTECT\00030552.TPL 1299 bytes
File C:\RECYCLER\NPROTECT\00030554.tpl 6131 bytes
File C:\RECYCLER\NPROTECT\00030556.js 1573 bytes
File C:\RECYCLER\NPROTECT\00030558.php 31 bytes
File C:\RECYCLER\NPROTECT\00030560.gif 5008 bytes
File C:\RECYCLER\NPROTECT\00030562.gif 447 bytes
File C:\RECYCLER\NPROTECT\00030564.JPG 1048 bytes
File C:\RECYCLER\NPROTECT\00030566.JPG 22761 bytes
File C:\RECYCLER\NPROTECT\00030568.PNG 213 bytes
File C:\RECYCLER\NPROTECT\00030570.jpg 602 bytes
File C:\RECYCLER\NPROTECT\00030572.GIF 198 bytes
File C:\RECYCLER\NPROTECT\00030574.GIF 198 bytes
File C:\RECYCLER\NPROTECT\00030576.gif 98 bytes
File C:\RECYCLER\NPROTECT\00030578.GIF 196 bytes
File C:\RECYCLER\NPROTECT\00030580.GIF 197 bytes
File C:\RECYCLER\NPROTECT\00030582.php 31 bytes
File C:\RECYCLER\NPROTECT\00030586.gif 364 bytes
File C:\RECYCLER\NPROTECT\00030588.GIF 358 bytes
File C:\RECYCLER\NPROTECT\00030590.gif 337 bytes
File C:\RECYCLER\NPROTECT\00030592.gif 385 bytes
File C:\RECYCLER\NPROTECT\00030594.gif 54 bytes
File C:\RECYCLER\NPROTECT\00030596.JPG 701 bytes
File C:\RECYCLER\NPROTECT\00030598.JPG 742 bytes
File C:\RECYCLER\NPROTECT\00030600.JPG 713 bytes
File C:\RECYCLER\NPROTECT\00030602.gif 210 bytes
File C:\RECYCLER\NPROTECT\00030604.gif 64 bytes
File C:\RECYCLER\NPROTECT\00030606.gif 71 bytes
File C:\RECYCLER\NPROTECT\00030608.php 31 bytes
File C:\RECYCLER\NPROTECT\00030610.GIF 2178 bytes
File C:\RECYCLER\NPROTECT\00030612.gif 52 bytes
File C:\RECYCLER\NPROTECT\00030614.gif 316 bytes
File C:\RECYCLER\NPROTECT\00030616.gif 591 bytes
File C:\RECYCLER\NPROTECT\00030618.GIF 3518 bytes
File C:\RECYCLER\NPROTECT\00032286.DAT 11776 bytes
File C:\RECYCLER\NPROTECT\00032296.DAT 7680 bytes
File C:\RECYCLER\NPROTECT\00032315.DAT 7680 bytes
File C:\RECYCLER\NPROTECT\00032322.DAT 139776 bytes
File C:\RECYCLER\NPROTECT\00032325.DAT 23552 bytes
File C:\RECYCLER\NPROTECT\00032326.DAT 382464 bytes
File C:\RECYCLER\NPROTECT\00032327.DAT 24064 bytes
File C:\RECYCLER\NPROTECT\00032328.DAT 154112 bytes
File C:\RECYCLER\NPROTECT\00032329.DAT 7680 bytes
File C:\RECYCLER\NPROTECT\00032330.DAT 4096 bytes
File C:\RECYCLER\NPROTECT\00032331.DAT 8192 bytes
File C:\RECYCLER\NPROTECT\00032332.DAT 4608 bytes
File C:\RECYCLER\NPROTECT\00032333.DAT 6656 bytes
File C:\RECYCLER\NPROTECT\00032334.DAT 1740 bytes
File C:\RECYCLER\NPROTECT\00032335.DAT 215808 bytes
File C:\RECYCLER\NPROTECT\00032336.dat 156584 bytes
File C:\RECYCLER\NPROTECT\00032342.edb 65536 bytes
File C:\RECYCLER\NPROTECT\NPROTECT.LOG 646528 bytes
File C:\RECYCLER\NPROTECT\00030622.php 31 bytes
File C:\RECYCLER\NPROTECT\00030624.css 14245 bytes
File C:\RECYCLER\NPROTECT\00030626.CSS 21 bytes
File C:\RECYCLER\NPROTECT\00030628.css 1676 bytes
File C:\RECYCLER\NPROTECT\00030630.css 8699 bytes
File C:\RECYCLER\NPROTECT\00030632.css 473 bytes
File C:\RECYCLER\NPROTECT\00030634.css 1057 bytes
File C:\RECYCLER\NPROTECT\00030636.php 31 bytes
File C:\RECYCLER\NPROTECT\00030638.css 1196 bytes
File C:\RECYCLER\NPROTECT\00030640.php 34 bytes
File C:\RECYCLER\NPROTECT\00030642.TPL 1173 bytes
File C:\RECYCLER\NPROTECT\00030644.tpl 556 bytes
File C:\RECYCLER\NPROTECT\00030646.tpl 662 bytes
File C:\RECYCLER\NPROTECT\00030648.tpl 386 bytes
File C:\RECYCLER\NPROTECT\00030650.TPL 1096 bytes
File C:\RECYCLER\NPROTECT\00030652.TPL 528 bytes
File C:\RECYCLER\NPROTECT\00030654.TPL 333 bytes
File C:\RECYCLER\NPROTECT\00030802.css 1676 bytes
File C:\RECYCLER\NPROTECT\00030804.css 9085 bytes
File C:\RECYCLER\NPROTECT\00030806.css 2167 bytes
File C:\RECYCLER\NPROTECT\00030808.css 575 bytes
File C:\RECYCLER\NPROTECT\00030810.css 1057 bytes
File C:\RECYCLER\NPROTECT\00030812.php 31 bytes
File C:\RECYCLER\NPROTECT\00030814.css 1151 bytes
File C:\RECYCLER\NPROTECT\00030816.txt 2648 bytes
File C:\RECYCLER\NPROTECT\00030818.php 3795 bytes
File C:\RECYCLER\NPROTECT\00030827.DAT 12288 bytes
File C:\RECYCLER\NPROTECT\00030829.DAT 16896 bytes
File C:\RECYCLER\NPROTECT\00030834.DAT 15360 bytes
File C:\RECYCLER\NPROTECT\00030841.DAT 9728 bytes
File C:\RECYCLER\NPROTECT\00030845.DAT 7168 bytes
File C:\RECYCLER\NPROTECT\00030857.DAT 4608 bytes
File C:\RECYCLER\NPROTECT\00030860.SOL 100 bytes
File C:\RECYCLER\NPROTECT\00030861.DAT 375296 bytes
File C:\RECYCLER\NPROTECT\00029071.PHP 361 bytes
File C:\RECYCLER\NPROTECT\00029684.PHP 2042 bytes
File C:\RECYCLER\NPROTECT\00030296.css 6614 bytes
File C:\RECYCLER\NPROTECT\00030911.PF 13862 bytes
File C:\RECYCLER\NPROTECT\00031719.DAT 16896 bytes
File C:\RECYCLER\NPROTECT\00031720.DAT 4096 bytes
File C:\RECYCLER\NPROTECT\00031721.DAT 15360 bytes
File C:\RECYCLER\NPROTECT\00031722.DAT 15360 bytes
File C:\RECYCLER\NPROTECT\00031723.DAT 5120 bytes
File C:\RECYCLER\NPROTECT\00031724.DAT 6144 bytes
File C:\RECYCLER\NPROTECT\00031725.DAT 7168 bytes
File C:\RECYCLER\NPROTECT\00031726.DAT 15360 bytes
File C:\RECYCLER\NPROTECT\00031727.DAT 5120 bytes
File C:\RECYCLER\NPROTECT\00031728.DAT 15872 bytes
File C:\RECYCLER\NPROTECT\00031729.DAT 15360 bytes
File C:\RECYCLER\NPROTECT\00031730.DAT 17920 bytes
File C:\RECYCLER\NPROTECT\00031731.DAT 15360 bytes
File C:\RECYCLER\NPROTECT\00031732.DAT 37376 bytes
File C:\RECYCLER\NPROTECT\00031733.DAT 5120 bytes
File C:\RECYCLER\NPROTECT\00031734.DAT 15360 bytes
File C:\RECYCLER\NPROTECT\00031735.DAT 15360 bytes
File C:\RECYCLER\NPROTECT\00030658.tpl 281 bytes
File C:\RECYCLER\NPROTECT\00030660.TPL 482 bytes
File C:\RECYCLER\NPROTECT\00030662.tpl 415 bytes
File C:\RECYCLER\NPROTECT\00030664.tpl 332 bytes
File C:\RECYCLER\NPROTECT\00030666.tpl 224 bytes
File C:\RECYCLER\NPROTECT\00030668.tpl 524 bytes
File C:\RECYCLER\NPROTECT\00030670.php 31 bytes
File C:\RECYCLER\NPROTECT\00030672.tpl 2161 bytes
File C:\RECYCLER\NPROTECT\00030674.tpl 1605 bytes
File C:\RECYCLER\NPROTECT\00030676.php 31 bytes
File C:\RECYCLER\NPROTECT\00030678.TPL 1169 bytes
File C:\RECYCLER\NPROTECT\00030680.TPL 671 bytes
File C:\RECYCLER\NPROTECT\00030682.TPL 1222 bytes
File C:\RECYCLER\NPROTECT\00030684.TPL 1754 bytes
File C:\RECYCLER\NPROTECT\00030686.TPL 1826 bytes
File C:\RECYCLER\NPROTECT\00030688.tpl 10988 bytes
File C:\RECYCLER\NPROTECT\00030690.tpl 141 bytes
File C:\RECYCLER\NPROTECT\00030694.tpl 2260 bytes
File C:\RECYCLER\NPROTECT\00030696.tpl 714 bytes
File C:\RECYCLER\NPROTECT\00030698.TPL 1284 bytes
File C:\RECYCLER\NPROTECT\00030700.tpl 9714 bytes
File C:\RECYCLER\NPROTECT\00030702.php 31 bytes
File C:\RECYCLER\NPROTECT\00030704.tpl 140 bytes
File C:\RECYCLER\NPROTECT\00030706.tpl 3797 bytes
File C:\RECYCLER\NPROTECT\00030708.tpl 2248 bytes
File C:\RECYCLER\NPROTECT\00030710.tpl 3366 bytes
File C:\RECYCLER\NPROTECT\00030712.tpl 1194 bytes
File C:\RECYCLER\NPROTECT\00030714.TPL 789 bytes
File C:\RECYCLER\NPROTECT\00030716.TPL 3656 bytes
File C:\RECYCLER\NPROTECT\00030718.tpl 1149 bytes
File C:\RECYCLER\NPROTECT\00030720.tpl 1571 bytes
File C:\RECYCLER\NPROTECT\00030722.tpl 1210 bytes
File C:\RECYCLER\NPROTECT\00030724.tpl 159 bytes
File C:\RECYCLER\NPROTECT\00030726.TPL 1301 bytes
File C:\RECYCLER\NPROTECT\00030730.js 1573 bytes
File C:\RECYCLER\NPROTECT\00030732.php 31 bytes
File C:\RECYCLER\NPROTECT\00030734.gif 5819 bytes
File C:\RECYCLER\NPROTECT\00030736.gif 447 bytes
File C:\RECYCLER\NPROTECT\00030738.JPG 1048 bytes
File C:\RECYCLER\NPROTECT\00030740.JPG 22761 bytes
File C:\RECYCLER\NPROTECT\00030742.PNG 213 bytes
File C:\RECYCLER\NPROTECT\00030744.jpg 602 bytes
File C:\RECYCLER\NPROTECT\00030746.GIF 201 bytes
File C:\RECYCLER\NPROTECT\00030748.GIF 198 bytes
File C:\RECYCLER\NPROTECT\00030750.gif 93 bytes
File C:\RECYCLER\NPROTECT\00030752.GIF 196 bytes
File C:\RECYCLER\NPROTECT\00030754.GIF 197 bytes
File C:\RECYCLER\NPROTECT\00030756.php 31 bytes
File C:\RECYCLER\NPROTECT\00030758.gif 172 bytes
File C:\RECYCLER\NPROTECT\00030760.gif 364 bytes
File C:\RECYCLER\NPROTECT\00030762.GIF 358 bytes
File C:\RECYCLER\NPROTECT\00030766.gif 385 bytes
File C:\RECYCLER\NPROTECT\00030768.gif 54 bytes
File C:\RECYCLER\NPROTECT\00030770.JPG 937 bytes
File C:\RECYCLER\NPROTECT\00030772.JPG 896 bytes
File C:\RECYCLER\NPROTECT\00030774.JPG 885 bytes
File C:\RECYCLER\NPROTECT\00030776.gif 317 bytes
File C:\RECYCLER\NPROTECT\00030778.gif 64 bytes
File C:\RECYCLER\NPROTECT\00030780.gif 71 bytes
File C:\RECYCLER\NPROTECT\00030782.php 31 bytes
File C:\RECYCLER\NPROTECT\00030784.GIF 2208 bytes
File C:\RECYCLER\NPROTECT\00030786.gif 52 bytes
File C:\RECYCLER\NPROTECT\00030788.gif 316 bytes
File C:\RECYCLER\NPROTECT\00030790.gif 591 bytes
File C:\RECYCLER\NPROTECT\00030792.GIF 3545 bytes
File C:\RECYCLER\NPROTECT\00030794.gif 5250 bytes
File C:\RECYCLER\NPROTECT\00030796.php 31 bytes
File C:\RECYCLER\NPROTECT\00030798.css 14103 bytes
File C:\RECYCLER\NPROTECT\00030872.PF 53810 bytes
File C:\RECYCLER\NPROTECT\00030873.PF 32946 bytes
File C:\RECYCLER\NPROTECT\00030874.PF 54654 bytes
File C:\RECYCLER\NPROTECT\00030875.PF 34176 bytes
File C:\RECYCLER\NPROTECT\00030876.PF 41064 bytes
File C:\RECYCLER\NPROTECT\00030877.PF 66992 bytes
File C:\RECYCLER\NPROTECT\00030878.PF 15898 bytes
File C:\RECYCLER\NPROTECT\00030879.PF 23250 bytes
File C:\RECYCLER\NPROTECT\00030880.PF 22578 bytes
File C:\RECYCLER\NPROTECT\00030881.PF 60228 bytes
File C:\RECYCLER\NPROTECT\00030882.PF 61506 bytes
File C:\RECYCLER\NPROTECT\00030883.PF 12454 bytes
File C:\RECYCLER\NPROTECT\00030884.PF 37574 bytes
File C:\RECYCLER\NPROTECT\00030885.PF 30326 bytes
File C:\RECYCLER\NPROTECT\00030886.PF 19748 bytes
File C:\RECYCLER\NPROTECT\00030887.PF 12794 bytes
File C:\RECYCLER\NPROTECT\00030888.PF 15086 bytes
File C:\RECYCLER\NPROTECT\00030889.PF 32094 bytes
File C:\RECYCLER\NPROTECT\00030890.PF 13232 bytes
File C:\RECYCLER\NPROTECT\00030406.jpg 811 bytes
File C:\RECYCLER\NPROTECT\00030408.GIF 198 bytes
File C:\RECYCLER\NPROTECT\00030410.php 34 bytes
File C:\RECYCLER\NPROTECT\00030412.gif 172 bytes
File C:\RECYCLER\NPROTECT\00030414.gif 364 bytes
File C:\RECYCLER\NPROTECT\00030416.GIF 358 bytes
File C:\RECYCLER\NPROTECT\00030418.gif 1019 bytes
File C:\RECYCLER\NPROTECT\00030420.gif 54 bytes
File C:\RECYCLER\NPROTECT\00030422.db 7168 bytes
File C:\RECYCLER\NPROTECT\00030424.gif 604 bytes
File C:\RECYCLER\NPROTECT\00030426.GIF 112 bytes
File C:\RECYCLER\NPROTECT\00030428.GIF 607 bytes
File C:\RECYCLER\NPROTECT\00030430.txt 160 bytes
File C:\RECYCLER\NPROTECT\00030432.GIF 114 bytes
File C:\RECYCLER\NPROTECT\00030434.gif 73 bytes
File C:\RECYCLER\NPROTECT\00030436.gif 71 bytes
File C:\RECYCLER\NPROTECT\00030438.php 34 bytes
File C:\RECYCLER\NPROTECT\00030892.PF 11710 bytes
File C:\RECYCLER\NPROTECT\00030893.PF 19306 bytes
File C:\RECYCLER\NPROTECT\00030894.PF 18806 bytes
File C:\RECYCLER\NPROTECT\00030895.PF 17222 bytes
File C:\RECYCLER\NPROTECT\00030896.PF 51272 bytes
File C:\RECYCLER\NPROTECT\00030897.PF 14842 bytes
File C:\RECYCLER\NPROTECT\00030898.PF 56926 bytes
File C:\RECYCLER\NPROTECT\00030899.PF 9544 bytes
File C:\RECYCLER\NPROTECT\00030900.PF 28154 bytes
File C:\RECYCLER\NPROTECT\00030901.PF 15300 bytes
File C:\RECYCLER\NPROTECT\00030902.PF 47902 bytes
File C:\RECYCLER\NPROTECT\00030903.PF 18708 bytes
File C:\RECYCLER\NPROTECT\00030904.PF 13064 bytes
File C:\RECYCLER\NPROTECT\00030905.PF 65974 bytes
File C:\RECYCLER\NPROTECT\00030906.PF 18830 bytes
File C:\RECYCLER\NPROTECT\00030907.PF 64904 bytes
File C:\RECYCLER\NPROTECT\00030908.PF 25772 bytes
File C:\RECYCLER\NPROTECT\00030909.PF 68728 bytes
File C:\RECYCLER\NPROTECT\00030910.PF 50376 bytes
File C:\RECYCLER\NPROTECT\00030912.PF 16326 bytes
File C:\RECYCLER\NPROTECT\00030913.PF 55084 bytes
File C:\RECYCLER\NPROTECT\00030914.PF 34006 bytes
File C:\RECYCLER\NPROTECT\00030915.PF 16676 bytes
File C:\RECYCLER\NPROTECT\00030916.PF 56886 bytes
File C:\RECYCLER\NPROTECT\00030917.PF 83166 bytes
File C:\RECYCLER\NPROTECT\00030918.PF 35218 bytes
File C:\RECYCLER\NPROTECT\00030919.PF 20702 bytes
File C:\RECYCLER\NPROTECT\00030920.PF 19370 bytes
File C:\RECYCLER\NPROTECT\00030921.PF 19452 bytes
File C:\RECYCLER\NPROTECT\00030922.PF 21260 bytes
File C:\RECYCLER\NPROTECT\00030923.PF 50022 bytes
File C:\RECYCLER\NPROTECT\00030924.PF 13958 bytes
File C:\RECYCLER\NPROTECT\00030925.PF 57584 bytes
File C:\RECYCLER\NPROTECT\00030926.PF 32982 bytes
File C:\RECYCLER\NPROTECT\00030927.PF 6148 bytes
File C:\RECYCLER\NPROTECT\00030928.PF 60254 bytes
File C:\RECYCLER\NPROTECT\00030929.PF 77186 bytes
File C:\RECYCLER\NPROTECT\00030930.PF 76688 bytes
File C:\RECYCLER\NPROTECT\00030332.tpl 271 bytes
File C:\RECYCLER\NPROTECT\00030368.tpl 9466 bytes
File C:\RECYCLER\NPROTECT\00030404.gif 1547 bytes
File C:\RECYCLER\NPROTECT\00030440.GIF 585 bytes
File C:\RECYCLER\NPROTECT\00030476.TPL 1077 bytes
File C:\RECYCLER\NPROTECT\00030512.TPL 1824 bytes
File C:\RECYCLER\NPROTECT\00030548.tpl 1184 bytes
File C:\RECYCLER\NPROTECT\00030584.gif 172 bytes
File C:\RECYCLER\NPROTECT\00030620.gif 5153 bytes
File C:\RECYCLER\NPROTECT\00030656.TPL 369 bytes
File C:\RECYCLER\NPROTECT\00030692.TPL 1391 bytes
File C:\RECYCLER\NPROTECT\00030728.tpl 6079 bytes
File C:\RECYCLER\NPROTECT\00030764.gif 330 bytes
File C:\RECYCLER\NPROTECT\00030800.CSS 22 bytes
File C:\RECYCLER\NPROTECT\00030871.PF 12344 bytes
File C:\RECYCLER\NPROTECT\00030891.PF 8296 bytes
File C:\RECYCLER\NPROTECT\00030932.PF 19894 bytes
File C:\RECYCLER\NPROTECT\00030933.PF 34826 bytes
File C:\RECYCLER\NPROTECT\00030934.PF 62612 bytes
File C:\RECYCLER\NPROTECT\00030935.PF 20186 bytes
File C:\RECYCLER\NPROTECT\00030936.PF 45486 bytes
File C:\RECYCLER\NPROTECT\00030937.PF 15916 bytes
File C:\RECYCLER\NPROTECT\00030938.PF 36754 bytes
File C:\RECYCLER\NPROTECT\00030939.PF 31308 bytes
File C:\RECYCLER\NPROTECT\00030940.PF 26240 bytes
File C:\RECYCLER\NPROTECT\00030941.PF 70534 bytes
File C:\RECYCLER\NPROTECT\00030942.PF 7916 bytes
File C:\RECYCLER\NPROTECT\00030943.PF 26914 bytes
File C:\RECYCLER\NPROTECT\00030944.PF 21438 bytes
File C:\RECYCLER\NPROTECT\00030945.PF 15576 bytes
File C:\RECYCLER\NPROTECT\00030946.PF 10974 bytes
File C:\RECYCLER\NPROTECT\00030947.PF 8334 bytes
File C:\RECYCLER\NPROTECT\00030948.PF 23258 bytes
File C:\RECYCLER\NPROTECT\00030949.PF 11290 bytes
File C:\RECYCLER\NPROTECT\00030950.PF 45902 bytes
File C:\WINDOWS\system32\drivers\atapi.sys suspicious modification

---- EOF - GMER 1.0.15 ----

#5 etavares

etavares

    Bleepin' Remover


  • Malware Response Team
  • 15,514 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:55 PM

Posted 10 April 2010 - 08:03 AM

Hello, mc303.

Ok, let's get started.

Backdoor Warning
One or more of the identified infections is a backdoor trojan.

This allows hackers to remotely control your computer, steal critical system information and download and execute files.

I would counsel you to disconnect this PC from the Internet immediately. If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation.

Though the trojan has been identified and can be killed, because of it's backdoor functionality, your PC is very likely compromised and there is no way to be sure your computer can ever again be trusted. Many experts in the security community believe that once infected with this type of trojan, the best course of action would be a reformat and reinstall of the OS. Please read these for more information:

How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?
When Should I Format, How Should I Reinstall

We can still clean this machine but I can't guarantee that it will be 100% secure afterwards. Let me know what you decide to do. If you do decide to proceed, please continue with the fix below.



Step 1

Next, please download ComboFix from one of these locations:* IMPORTANT !!! Save ComboFix.exe to your Desktop as mc303CF.exe
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Double click on mc303CF.exe & follow the prompts.
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.



Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:



Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply, along with any symptoms that are present after it runs.

etavares


If I don't respond within 2 days, please feel free to PM me.
Please don't ask for help via PM. The forums are there for a reason. Please post in the forums so others may benefit as well.

Posted Image
Unified Network of Instructors and Trusted Eliminators
 


#6 mc303

mc303
  • Topic Starter

  • Members
  • 56 posts
  • OFFLINE
  •  
  • Local time:08:55 PM

Posted 10 April 2010 - 09:05 AM

whistling.gif It seems we have problems, after this activity with my antivirus disabled i lose all internet conections and have to restart the pc
Please advise
Thank you for you precious time

Attached Files

  • Attached File  1.jpg   52.89KB   5 downloads
  • Attached File  2.jpg   62.92KB   4 downloads
  • Attached File  3.jpg   52.15KB   4 downloads
  • Attached File  4.jpg   37.06KB   8 downloads

Edited by mc303, 10 April 2010 - 09:08 AM.


#7 etavares

etavares

    Bleepin' Remover


  • Malware Response Team
  • 15,514 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:55 PM

Posted 10 April 2010 - 09:25 AM

You need to temporarily disable Norton Antivirus and the firewall when you run Combofix. It is usually picked up as a false positive by antivirus programs. Please see the instructions in my post which refer you to this link. Please disable your firewall and antivirus following the instructions in that post. That will ensure they do not interfere with Combofix.

If you have trouble with that, let me know and we can manually force those processes to close before running Combofix.


If I don't respond within 2 days, please feel free to PM me.
Please don't ask for help via PM. The forums are there for a reason. Please post in the forums so others may benefit as well.

Posted Image
Unified Network of Instructors and Trusted Eliminators
 


#8 mc303

mc303
  • Topic Starter

  • Members
  • 56 posts
  • OFFLINE
  •  
  • Local time:08:55 PM

Posted 10 April 2010 - 10:25 AM

ComboFix 10-04-09.06 - Michael 10/04/2010 16:16:05.2.1 - x86
Running from: c:\documents and settings\Michael\Desktop\bleep\mc303CF.exe
.

((((((((((((((((((((((((( Files Created from 2010-03-10 to 2010-04-10 )))))))))))))))))))))))))))))))
.

2010-04-10 15:12 . 2010-04-10 15:12 -------- d-----w- c:\documents and settings\Michael\Local Settings\Application Data\Help
2010-04-10 13:55 . 2010-04-10 14:00 -------- d-----w- c:\documents and settings\Michael\Application Data\GrabCaptureScreen
2010-04-08 00:40 . 2010-04-08 00:40 -------- d-----w- c:\documents and settings\All Users\Application Data\kds_kodak
2010-04-07 15:30 . 2010-04-07 15:30 -------- d-sh--w- c:\documents and settings\Michael\IECompatCache
2010-04-07 15:23 . 2010-04-07 15:24 -------- dc-h--w- c:\windows\ie8
2010-04-07 15:15 . 2010-04-07 15:15 -------- d-----w- c:\program files\Moyea
2010-04-07 12:01 . 2010-04-07 12:01 -------- d-----w- c:\program files\Digital Dutch
2010-04-07 10:16 . 2010-04-07 10:16 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2010-04-07 10:15 . 2010-04-07 10:16 -------- d-----w- c:\program files\SUPERAntiSpyware
2010-04-07 10:15 . 2010-04-07 10:15 -------- d-----w- c:\documents and settings\Michael\Application Data\SUPERAntiSpyware.com
2010-04-07 10:15 . 2010-04-07 10:15 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-04-06 18:40 . 2010-04-06 18:42 -------- d-----w- c:\documents and settings\Michael\Local Settings\Application Data\Adobe
2010-04-06 17:57 . 2010-04-06 18:02 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2010-04-06 17:57 . 2005-08-25 18:18 118784 ----a-w- c:\windows\system32\MSSTDFMT.DLL
2010-04-06 17:57 . 2010-04-06 18:00 -------- d-----w- c:\program files\SpywareBlaster
2010-04-06 13:13 . 2010-04-06 13:13 388096 ----a-r- c:\documents and settings\Michael\Application Data\Microsoft\Installer\{0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A}\HiJackThis.exe
2010-04-06 13:13 . 2010-04-06 13:13 -------- d-----w- c:\program files\TrendMicro
2010-04-05 14:11 . 2010-04-05 14:11 -------- d-----w- c:\documents and settings\Michael\Local Settings\Application Data\Identities
2010-04-05 12:30 . 2001-08-17 12:56 7552 -c--a-w- c:\windows\system32\dllcache\sonypvu1.sys
2010-04-05 12:30 . 2001-08-17 12:56 7552 ----a-w- c:\windows\system32\drivers\SONYPVU1.SYS
2010-04-03 13:07 . 2010-04-03 13:07 5918775 ----a-w- c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2010-04-03 13:07 . 2010-03-29 23:45 20824 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-04-03 13:07 . 2010-03-29 23:46 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-04-03 13:07 . 2010-04-03 13:07 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-04-03 12:16 . 2008-04-14 00:11 4096 -c--a-w- c:\windows\system32\dllcache\ksuser.dll
2010-04-03 12:16 . 2008-04-14 00:11 4096 ----a-w- c:\windows\system32\ksuser.dll
2010-04-03 12:16 . 2008-04-13 19:19 146048 -c--a-w- c:\windows\system32\dllcache\portcls.sys
2010-04-03 12:16 . 2008-04-13 19:19 146048 ----a-w- c:\windows\system32\drivers\portcls.sys
2010-04-03 12:16 . 2008-04-13 18:45 60160 -c--a-w- c:\windows\system32\dllcache\drmk.sys
2010-04-03 12:16 . 2008-04-13 18:45 60160 ----a-w- c:\windows\system32\drivers\drmk.sys
2010-04-03 11:17 . 2008-04-14 00:11 21504 -c--a-w- c:\windows\system32\dllcache\hidserv.dll
2010-04-03 11:17 . 2008-04-14 00:11 21504 ----a-w- c:\windows\system32\hidserv.dll
2010-04-03 11:17 . 2008-04-13 18:39 14592 -c--a-w- c:\windows\system32\dllcache\kbdhid.sys
2010-04-03 11:17 . 2008-04-13 18:39 14592 ----a-w- c:\windows\system32\drivers\kbdhid.sys
2010-04-03 09:53 . 2010-04-07 15:30 -------- d-----w- c:\windows\ie8updates
2010-04-03 09:19 . 2010-02-25 06:24 594432 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2010-04-03 09:19 . 2010-02-25 06:24 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2010-04-03 09:19 . 2010-02-25 06:24 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2010-04-03 09:19 . 2010-02-25 06:24 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2010-04-03 09:19 . 2010-02-25 06:24 1985536 -c----w- c:\windows\system32\dllcache\iertutil.dll
2010-04-02 23:06 . 2010-04-02 23:06 -------- d-----w- c:\documents and settings\Michael\Local Settings\Application Data\PCHealth
2010-04-02 20:28 . 2010-04-02 20:28 32 --sha-w- c:\windows\system32\{EF0457F6-4E56-46B9-8783-B49EB463CC16}.dat
2010-04-02 20:28 . 2010-04-02 20:28 32 --sha-w- c:\windows\{F13E0DEA-6950-47FB-A30D-4CC10BD0D92C}.dat
2010-04-02 20:28 . 2010-04-02 23:03 -------- d-----w- c:\program files\Norton Personal Firewall
2010-04-02 18:15 . 2010-04-02 18:15 -------- d-----w- c:\windows\system32\XPSViewer
2010-04-02 18:15 . 2010-04-02 18:15 -------- d-----w- c:\program files\MSBuild
2010-04-02 18:14 . 2010-04-02 18:14 -------- d-----w- c:\program files\Reference Assemblies
2010-04-02 18:14 . 2010-04-07 23:46 -------- d-----w- c:\windows\BDOSCAN8
2010-04-02 18:13 . 2008-07-06 12:06 89088 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
2010-04-02 18:12 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
2010-04-02 18:12 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2010-04-02 18:12 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2010-04-02 18:12 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\Spool\prtprocs\w32x86\printfilterpipelinesvc.exe
2010-04-02 18:12 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2010-04-02 18:12 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
2010-04-02 18:12 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2010-04-02 18:12 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
2010-04-02 18:03 . 2010-04-02 18:03 -------- d-sh--w- c:\documents and settings\Michael\PrivacIE
2010-04-02 17:52 . 2010-04-02 17:52 -------- d-sh--w- c:\documents and settings\Michael\IETldCache
2010-04-02 10:52 . 2010-04-08 00:37 -------- d-----w- c:\program files\Common Files\Adobe
2010-04-02 10:15 . 2010-04-02 10:15 -------- d-----w- c:\documents and settings\Michael\DoctorWeb
2010-04-02 10:00 . 2010-04-02 10:00 -------- d-----w- c:\documents and settings\Michael\Application Data\Malwarebytes
2010-04-02 10:00 . 2010-04-02 10:00 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-04-02 08:55 . 2010-04-02 08:55 -------- d-----w- c:\windows\Sun
2010-04-02 08:54 . 2010-04-02 08:53 179200 ----a-w- c:\windows\Dkyqya.exe
2010-04-02 07:56 . 2009-12-09 05:53 726528 -c--a-w- c:\windows\system32\dllcache\jscript.dll
2010-04-02 07:55 . 2010-04-02 07:55 -------- d-----w- c:\program files\MSXML 4.0
2010-04-01 22:41 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe
2010-04-01 21:23 . 2010-04-01 21:23 -------- d-----w- c:\documents and settings\Michael\Application Data\Media Player Classic
2010-04-01 21:23 . 2007-09-04 16:56 164352 ----a-w- c:\windows\system32\unrar.dll
2010-04-01 21:23 . 2004-01-11 22:00 348160 ----a-w- c:\windows\system32\msvcr71.dll
2010-04-01 21:23 . 2010-04-01 21:23 -------- d-----w- c:\program files\K-Lite Codec Pack
2010-04-01 15:40 . 2010-04-01 15:40 -------- d-----w- c:\windows\system32\scripting
2010-04-01 15:40 . 2010-04-01 15:40 -------- d-----w- c:\windows\l2schemas
2010-04-01 15:40 . 2010-04-01 15:40 -------- d-----w- c:\windows\system32\en
2010-04-01 15:40 . 2010-04-01 15:40 -------- d-----w- c:\windows\system32\bits
2010-04-01 15:24 . 2010-04-01 15:24 -------- d-----w- c:\windows\EHome
2010-04-01 12:37 . 2008-04-14 00:12 221184 ----a-w- c:\windows\system32\wmpns.dll
2010-04-01 12:34 . 2010-04-01 15:36 -------- d-----w- c:\windows\ServicePackFiles
2010-04-01 11:30 . 2008-04-13 18:47 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys
2010-04-01 11:30 . 2001-08-17 21:36 87040 -c--a-w- c:\windows\system32\dllcache\wiafbdrv.dll
2010-04-01 11:30 . 2001-08-17 21:36 87040 ----a-w- c:\windows\system32\wiafbdrv.dll
2010-04-01 11:30 . 2008-04-13 18:45 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys
2010-04-01 11:26 . 2010-04-01 11:26 -------- d-----w- c:\windows\system32\kodak
2010-04-01 11:25 . 2009-08-03 08:33 126976 ----a-w- c:\windows\system32\EKIJCOINST05.dll
2010-04-01 11:25 . 2009-08-03 08:33 192512 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\EKIJ5000PPR.dll
2010-04-01 11:25 . 2009-08-03 08:33 405504 ----a-w- c:\windows\system32\EKIJ5000MON.dll
2010-04-01 11:25 . 2010-04-01 11:25 -------- dc----w- c:\windows\system32\DRVSTORE
2010-04-01 11:25 . 2010-04-01 11:27 -------- d-----w- c:\program files\Kodak
2010-04-01 11:24 . 2010-04-01 11:24 -------- d-----w- c:\program files\Bonjour
2010-04-01 11:24 . 2010-04-01 11:24 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple
2010-04-01 11:23 . 2010-04-10 15:09 -------- d-----w- c:\documents and settings\All Users\Application Data\Kodak
2010-04-01 11:22 . 2010-04-01 11:23 -------- d-----w- c:\documents and settings\Michael\Application Data\Temp
2010-04-01 11:17 . 2008-04-13 18:45 32128 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2010-04-01 10:43 . 2010-04-01 10:43 -------- d-----w- c:\program files\Common Files\Java
2010-04-01 10:43 . 2010-04-01 10:43 61440 ----a-w- c:\documents and settings\Michael\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-1a5976d5-n\decora-sse.dll
2010-04-01 10:43 . 2010-04-01 10:43 503808 ----a-w- c:\documents and settings\Michael\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-16b4b6da-n\msvcp71.dll
2010-04-01 10:43 . 2010-04-01 10:43 499712 ----a-w- c:\documents and settings\Michael\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-16b4b6da-n\jmc.dll
2010-04-01 10:43 . 2010-04-01 10:43 348160 ----a-w- c:\documents and settings\Michael\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-16b4b6da-n\msvcr71.dll
2010-04-01 10:43 . 2010-04-01 10:43 12800 ----a-w- c:\documents and settings\Michael\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-1a5976d5-n\decora-d3d.dll
2010-04-01 10:43 . 2010-04-01 10:42 411368 ----a-w- c:\windows\system32\deploytk.dll
2010-04-01 10:42 . 2010-04-01 10:42 -------- d-----w- c:\program files\Java

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-04-10 15:12 . 2010-04-01 08:13 -------- d-----w- c:\program files\Norton AntiVirus
2010-04-10 15:09 . 2010-04-01 08:13 -------- d-----w- c:\program files\Common Files\Symantec Shared
2010-04-02 23:03 . 2010-04-01 08:05 13104 ----a-w- c:\documents and settings\Michael\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-04-02 20:28 . 2010-04-01 08:14 -------- d-----w- c:\program files\Symantec
2010-04-02 20:27 . 2010-04-01 08:14 -------- d-----w- c:\documents and settings\All Users\Application Data\Symantec
2010-04-02 10:34 . 2010-04-01 08:36 -------- d-----w- c:\program files\O2
2010-04-02 08:26 . 2010-04-01 08:54 -------- d-----w- c:\program files\Keyring Creator 2
2010-04-01 15:45 . 2010-04-01 07:57 76487 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-04-01 08:38 . 2010-04-01 08:38 -------- d-----w- c:\documents and settings\All Users\Application Data\SupportSoft
2010-04-01 08:33 . 2010-04-01 08:33 -------- d-----w- c:\program files\O2_Installer
2010-04-01 08:16 . 2010-04-01 08:16 32 --sha-w- c:\windows\system32\{DE22D068-8219-41C3-AE36-5E3813B59FC9}.dat
2010-04-01 08:16 . 2010-04-01 08:16 32 --sha-w- c:\windows\{79CB7DF4-0E71-40E6-9FB5-CD8648B871B0}.dat
2010-04-01 08:16 . 2010-04-01 08:16 14 ----a-w- c:\windows\system32\SR2.dat
2010-04-01 08:14 . 2010-04-01 08:14 -------- d-----w- c:\documents and settings\Michael\Application Data\Symantec
2010-04-01 08:06 . 2010-04-01 08:06 -------- d-----w- c:\program files\Common Files\SupportSoft
2010-04-01 07:59 . 2010-04-01 07:59 -------- d-----w- c:\program files\microsoft frontpage
2010-04-01 07:55 . 2010-04-01 07:55 21640 ----a-w- c:\windows\system32\emptyregdb.dat
2010-02-25 06:24 . 2004-08-04 12:00 916480 ------w- c:\windows\system32\wininet.dll
.

((((((((((((((((((((((((((((( SnapShot@2010-04-10_14.18.00 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-04-10 15:09 . 2010-04-10 15:09 16384 c:\windows\Temp\Perflib_Perfdata_7fc.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Washer"="c:\program files\Washer\washer.exe" [BU]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2002-09-14 54976]
"ccRegVfy"="c:\program files\Common Files\Symantec Shared\ccRegVfy.exe" [2002-09-14 38592]
"Advanced Tools Check"="c:\progra~1\NORTON~1\AdvTools\ADVCHK.EXE" [2002-08-26 79480]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"Conime"="c:\windows\system32\conime.exe" [2008-04-14 27648]
"EKIJ5000StatusMonitor"="c:\windows\System32\spool\DRIVERS\W32X86\3\EKIJ5000MUI.exe" [2009-08-03 1626112]
"Cmaudio"="cmicnfg.cpl" [BU]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce]
"washindex"="c:\program files\Washer\washidx.exe" [BU]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 14:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Kodak\\AiO\\Center\\AiOHomeCenter.exe"=
"c:\\Program Files\\Kodak\\AiO\\Center\\Kodak.Statistics.exe"=
"c:\\Program Files\\Kodak\\AiO\\Center\\NetworkPrinterDiscovery.exe"=
"c:\\Program Files\\Kodak\\AiO\\Firmware\\KodakAiOUpdater.exe"=
"c:\\Documents and Settings\\All Users\\Application Data\\Kodak\\Installer\\Setup.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\spoolsv.exe"=
"c:\\Program Files\\Malwarebytes' Anti-Malware\\mbam.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"9322:TCP"= 9322:TCP:EKDiscovery

R3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2010-02-17 12872]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2010-02-17 12872]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2010-02-17 66632]
S2 ccPxySvc;Symantec Proxy Service;c:\program files\Norton Personal Firewall\ccPxySvc.exe [2002-09-14 34496]
S2 Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service;c:\program files\Kodak\AiO\Center\ekdiscovery.exe [2009-08-05 284016]
S2 NProtectService;Norton Unerase Protection;c:\program files\Norton AntiVirus\AdvTools\NPROTECT.EXE [2002-08-14 135168]
S3 SiSV;SiSV;c:\windows\system32\DRIVERS\SiSV.sys [2001-08-17 50432]

.
Contents of the 'Scheduled Tasks' folder

2010-04-01 c:\windows\Tasks\AiO Home Center Registration Remind Task.job
- c:\documents and settings\All Users\Application Data\Kodak\Installer\Registration.exe [2010-04-01 12:51]

2010-04-10 c:\windows\Tasks\Symantec NetDetect.job
- c:\program files\Symantec\LiveUpdate\NDETECT.EXE [2010-04-01 08:04]

2010-04-10 c:\windows\Tasks\User_Feed_Synchronization-{F847089E-2516-4483-BFD6-9464CF58DF2D}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 03:31]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.co.uk/
.
- - - - ORPHANS REMOVED - - - -

Toolbar-Locked - (no file)
AddRemove-HijackThis - e:\xp\Desktop\Anti Virus\HiJackThis\HijackThis.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-04-10 16:20
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(488)
c:\program files\SUPERAntiSpyware\SASWINLO.dll
c:\windows\system32\WININET.dll

- - - - - - - > 'explorer.exe'(3228)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
.
Completion time: 2010-04-10 16:23:00
ComboFix-quarantined-files.txt 2010-04-10 15:22

Pre-Run: 29,563,592,704 bytes free
Post-Run: 29,539,233,792 bytes free

WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

- - End Of File - - 30435D1D5A5A4F7EF850B221C57A2189


#9 etavares

etavares

    Bleepin' Remover


  • Malware Response Team
  • 15,514 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:55 PM

Posted 10 April 2010 - 10:29 AM

Hi mc303,

The first time may have completed as this is the 2nd run of Combofix. Can you please look in C:\Qoobox\ and there should be a file named Combofix2.txt or something similar. Can you please copy and paste the content in your reply?


If I don't respond within 2 days, please feel free to PM me.
Please don't ask for help via PM. The forums are there for a reason. Please post in the forums so others may benefit as well.

Posted Image
Unified Network of Instructors and Trusted Eliminators
 


#10 mc303

mc303
  • Topic Starter

  • Members
  • 56 posts
  • OFFLINE
  •  
  • Local time:08:55 PM

Posted 10 April 2010 - 10:35 AM

there is a folder named Qoobox but the only txt files are
ComboFix-quarantined-files.txt
Add-Remove Programs.txt
catchme.log
please advise

#11 etavares

etavares

    Bleepin' Remover


  • Malware Response Team
  • 15,514 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:55 PM

Posted 10 April 2010 - 10:50 AM

OK, please post the "Combofix-quarantined-files.txt". I'm trying to see what it removed on the first run. Thanks!


If I don't respond within 2 days, please feel free to PM me.
Please don't ask for help via PM. The forums are there for a reason. Please post in the forums so others may benefit as well.

Posted Image
Unified Network of Instructors and Trusted Eliminators
 


#12 mc303

mc303
  • Topic Starter

  • Members
  • 56 posts
  • OFFLINE
  •  
  • Local time:08:55 PM

Posted 10 April 2010 - 10:59 AM

2010-04-10 15:22:36 . 2010-04-10 15:22:36 758 ----a-w- C:\Qoobox\Quarantine\Registry_backups\AddRemove-HijackThis.reg.dat
2010-04-10 14:19:22 . 2010-04-10 14:19:22 158 ----a-w- C:\Qoobox\Quarantine\Registry_backups\HKLM-RunServicesOnce-washindex.reg.dat
2010-04-10 14:19:21 . 2010-04-10 14:19:21 125 ----a-w- C:\Qoobox\Quarantine\Registry_backups\HKLM-Run-Cmaudio.reg.dat
2010-04-10 14:19:19 . 2010-04-10 14:19:19 132 ----a-w- C:\Qoobox\Quarantine\Registry_backups\HKCU-Run-Washer.reg.dat
2010-04-10 14:19:18 . 2010-04-10 15:22:00 173 ----a-w- C:\Qoobox\Quarantine\Registry_backups\Toolbar-Locked.reg.dat
2010-04-10 14:15:45 . 2010-04-10 15:19:47 4,915 ----a-w- C:\Qoobox\Quarantine\Registry_backups\tcpip.reg
2010-04-10 14:00:13 . 2008-04-13 18:40:30 96,512 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers\atapi.sys.vir
2010-04-10 13:31:35 . 2010-04-10 15:13:10 357 ----a-w- C:\Qoobox\Quarantine\catchme.log


#13 etavares

etavares

    Bleepin' Remover


  • Malware Response Team
  • 15,514 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:55 PM

Posted 10 April 2010 - 11:09 AM

Hello, mc303.
OK, perfect! Good news, the first run caught the TDSS rootkit. We still have some work to do.

Please pull anything out of hte recycle bin that you want to save. Part of this fix will empty temp files, and that does include the recycle bin.



Step 1

We need run an OTL Script
  1. Please download OTL from one of the following mirrors if you do not still have it.
  2. Save it to your desktop.
  3. Double click on the icon on your desktop.
  4. Paste the following code under the Custom Scans/Fixes box at the bottom. Do not include the word "Code".
    CODE
    :OTL
    O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O4 - HKLM..\Run: [Cmaudio] File not found
    O4 - HKLM..\Run: [KernelFaultCheck] File not found
    O4 - HKU\S-1-5-21-1275210071-507921405-1343024091-1004..\Run: [Washer] c:\Program Files\Washer\washer.exe File not found
    O4 - HKLM..\RunServicesOnce: [washindex] c:\Program Files\Washer\washidx.exe File not found
    @Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
    :Files
    C:\WINDOWS\Dkyqya.exe
    :Reg
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
    "DisableMonitoring" = 0
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
    "DisableMonitoring" = 0
    :Commands
    [EmptyTemp]
  5. Click the Run Fix button at the top.
  6. let the program run unhindered and reboot when it is done.
  7. You will get a log when it is done, please post that in your reply.
  8. Please then create a new OTL report....
  9. Click the "Scan All Users" checkbox.
  10. Push the button.
  11. A report will open, copy and paste it in a reply here.



Step 2

Please make sure that you can view all hidden files. Instructions on how to do this can be found here:

How to see hidden files in Windows

Please click this link-->Jotti

When the jotti page has finished loading, click the Browse button and navigate to the following file and click Submit.

C:\WINDOWS\system32\conime.exe

Please post back the results of the scan in your next post.

If Jotti is busy, try the same at Virustotal: http://www.virustotal.com/



Step 3

I'd like us to scan your machine with ESET OnlineScan
  1. Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  2. Click the button.
  3. For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    1. Click on to download the ESET Smart Installer. Save it to your desktop.
    2. Double click on the icon on your desktop.
  4. Check
  5. Click the button.
  6. Accept any security warnings from your browser.
  7. Check
  8. Push the Start button.
  9. ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  10. When the scan completes, push
  11. Push , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  12. Push the button.
  13. Push



Step 3

Please post both OTL logs from Step 1, the Jotti results from Step 2 and the ESET log from Step 3.

etavares



If I don't respond within 2 days, please feel free to PM me.
Please don't ask for help via PM. The forums are there for a reason. Please post in the forums so others may benefit as well.

Posted Image
Unified Network of Instructors and Trusted Eliminators
 


#14 mc303

mc303
  • Topic Starter

  • Members
  • 56 posts
  • OFFLINE
  •  
  • Local time:08:55 PM

Posted 10 April 2010 - 11:34 AM

PART 1
All processes killed
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Cmaudio deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\KernelFaultCheck not found.
Registry value HKEY_USERS\S-1-5-21-1275210071-507921405-1343024091-1004\Software\Microsoft\Windows\CurrentVersion\Run\\Washer deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce\\washindex deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34 deleted successfully.
========== FILES ==========
C:\WINDOWS\Dkyqya.exe moved successfully.
========== REGISTRY ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus\\"DisableMonitoring" | 0 /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall\\"DisableMonitoring" | 0 /E : value set successfully!
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32835 bytes

User: Michael
->Temp folder emptied: 148992 bytes
->Temporary Internet Files folder emptied: 15811193 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 14825 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2162283 bytes
%systemroot%\System32 .tmp files removed: 2577 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 17.00 mb


OTL by OldTimer - Version 3.2.1.0 log created on 04102010_171408

Files\Folders moved on Reboot...
File\Folder C:\Documents and Settings\Michael\Local Settings\Temp\~DFBA3B.tmp not found!
File\Folder C:\Documents and Settings\Michael\Local Settings\Temp\~DFBA61.tmp not found!
File\Folder C:\Documents and Settings\Michael\Local Settings\Temp\~DFBD68.tmp not found!
File\Folder C:\Documents and Settings\Michael\Local Settings\Temp\~DFBD79.tmp not found!
File\Folder C:\Documents and Settings\Michael\Local Settings\Temp\~DFBEA8.tmp not found!
File\Folder C:\Documents and Settings\Michael\Local Settings\Temp\~DFBEB9.tmp not found!
C:\Documents and Settings\Michael\Local Settings\Temporary Internet Files\Content.IE5\TO0ZCUZK\iframe[1].htm moved successfully.
C:\Documents and Settings\Michael\Local Settings\Temporary Internet Files\Content.IE5\TO0ZCUZK\mail[1].htm moved successfully.
C:\Documents and Settings\Michael\Local Settings\Temporary Internet Files\Content.IE5\TO0ZCUZK\mail[2].htm moved successfully.
C:\Documents and Settings\Michael\Local Settings\Temporary Internet Files\Content.IE5\TO0ZCUZK\topic307610[1].htm moved successfully.
C:\Documents and Settings\Michael\Local Settings\Temporary Internet Files\Content.IE5\PA5K37CQ\bind[1].htm moved successfully.
C:\Documents and Settings\Michael\Local Settings\Temporary Internet Files\Content.IE5\PA5K37CQ\mail[1].htm moved successfully.
C:\Documents and Settings\Michael\Local Settings\Temporary Internet Files\Content.IE5\HS4ALD4T\mail[1].htm moved successfully.
C:\Documents and Settings\Michael\Local Settings\Temporary Internet Files\Content.IE5\59MKW1HT\google_co_uk[2].htm moved successfully.
C:\Documents and Settings\Michael\Local Settings\Temporary Internet Files\Content.IE5\59MKW1HT\mail[1].htm moved successfully.
C:\Documents and Settings\Michael\Local Settings\Temporary Internet Files\Content.IE5\59MKW1HT\search[4].htm moved successfully.
C:\Documents and Settings\Michael\Local Settings\Temporary Internet Files\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully.
C:\Documents and Settings\Michael\Local Settings\Temporary Internet Files\SuggestedSites.dat moved successfully.

Registry entries deleted on Reboot...


PART 2
OTL logfile created on: 10/04/2010 17:19:12 - Run 2
OTL by OldTimer - Version 3.2.1.0 Folder = C:\Documents and Settings\Michael\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

511.00 Mb Total Physical Memory | 176.00 Mb Available Physical Memory | 34.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 75.00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.26 Gb Total Space | 27.52 Gb Free Space | 73.86% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: SPURS
Current User Name: Michael
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/04/07 00:48:40 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Michael\Desktop\OTL.exe
PRC - [2009/08/05 12:49:44 | 000,284,016 | ---- | M] (Eastman Kodak Company) -- C:\Program Files\Kodak\AiO\Center\ekdiscovery.exe
PRC - [2009/08/03 09:33:06 | 001,626,112 | ---- | M] (Eastman Kodak Company) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\EKIJ5000MUI.exe
PRC - [2008/04/14 01:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2004/11/02 16:59:50 | 000,316,544 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
PRC - [2002/11/14 19:41:26 | 000,116,336 | ---- | M] (Symantec Corporation) -- C:\Program Files\Norton AntiVirus\NAVAPSVC.EXE
PRC - [2002/09/14 20:23:52 | 000,140,992 | ---- | M] (Symantec Corporation) -- C:\Program Files\Norton Personal Firewall\NISUM.EXE
PRC - [2002/09/14 20:22:26 | 000,034,496 | ---- | M] (Symantec Corporation) -- C:\Program Files\Norton Personal Firewall\ccPxySvc.exe
PRC - [2002/09/14 20:21:22 | 000,054,976 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccApp.exe
PRC - [2002/09/12 19:52:38 | 000,317,128 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
PRC - [2002/08/14 06:03:00 | 000,135,168 | ---- | M] (Symantec Corporation) -- C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE


========== Modules (SafeList) ==========

MOD - [2010/04/07 00:48:40 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Michael\Desktop\OTL.exe


========== Win32 Services (SafeList) ==========

SRV - [2009/08/05 12:49:44 | 000,284,016 | ---- | M] (Eastman Kodak Company) [Auto | Running] -- C:\Program Files\Kodak\AiO\Center\ekdiscovery.exe -- (Kodak AiO Network Discovery Service)
SRV - [2004/11/02 16:59:50 | 000,316,544 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe -- (SymWSC)
SRV - [2002/11/14 19:41:26 | 000,116,336 | ---- | M] (Symantec Corporation) [On_Demand | Running] -- C:\Program Files\Norton AntiVirus\NAVAPSVC.EXE -- (navapsvc)
SRV - [2002/09/14 20:23:52 | 000,140,992 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton Personal Firewall\NISUM.EXE -- (NISUM)
SRV - [2002/09/14 20:22:26 | 000,034,496 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton Personal Firewall\ccPxySvc.exe -- (ccPxySvc)
SRV - [2002/09/14 20:22:20 | 000,067,264 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe -- (ccPwdSvc)
SRV - [2002/09/12 19:52:38 | 000,317,128 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe -- (ccEvtMgr)
SRV - [2002/08/14 06:03:00 | 000,135,168 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE -- (NProtectService)
SRV - [2001/08/13 23:18:36 | 000,054,408 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\Script Blocking\SBServ.exe -- (SBService)


========== Driver Services (SafeList) ==========

DRV - [2010/03/29 09:01:34 | 001,324,720 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20100331.005\NAVEX15.SYS -- (NAVEX15)
DRV - [2010/03/29 09:01:34 | 000,084,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20100331.005\NAVENG.SYS -- (NAVENG)
DRV - [2010/02/17 11:25:50 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2010/02/17 11:15:58 | 000,066,632 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/02/17 11:15:58 | 000,012,872 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2008/04/13 19:45:29 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2004/08/03 22:31:20 | 000,036,224 | ---- | M] (ADMtek Incorporated.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\an983.sys -- (AN983)
DRV - [2003/09/18 13:47:56 | 000,035,552 | ---- | M] (Symantec Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\SAVRTPEL.SYS -- (SAVRTPEL)
DRV - [2003/09/18 13:47:48 | 000,235,744 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SAVRT.SYS -- (SAVRT)
DRV - [2002/09/14 20:54:22 | 000,073,640 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Symantec\SYMEVENT.SYS -- (SymEvent)
DRV - [2002/09/14 19:12:56 | 000,233,496 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\symtdi.sys -- (SYMTDI)
DRV - [2002/09/14 19:12:52 | 000,015,672 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\symredrv.sys -- (SYMREDRV)
DRV - [2002/09/14 19:12:40 | 000,094,232 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SymIDSCo.sys -- (SYMIDSCO)
DRV - [2002/09/14 19:12:36 | 000,039,160 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\symids.sys -- (SYMIDS)
DRV - [2002/09/14 19:12:30 | 000,049,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\symndis.sys -- (SYMNDIS)
DRV - [2002/09/14 19:12:26 | 000,138,072 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\symfw.sys -- (SYMFW)
DRV - [2002/09/14 19:12:20 | 000,011,064 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\symdns.sys -- (SYMDNS)
DRV - [2002/08/14 06:03:00 | 000,034,578 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NPDRIVER.SYS -- (NPDriver)
DRV - [2001/08/17 13:50:56 | 000,050,432 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SiSV.sys -- (SiSV)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1275210071-507921405-1343024091-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
IE - HKU\S-1-5-21-1275210071-507921405-1343024091-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



O1 HOSTS File: ([2004/08/04 13:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (CNavExtBho Class) - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NAVSHEXT.DLL (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Norton AntiVirus) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NAVSHEXT.DLL (Symantec Corporation)
O3 - HKU\S-1-5-21-1275210071-507921405-1343024091-1004\..\Toolbar\WebBrowser: (Norton AntiVirus) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NAVSHEXT.DLL (Symantec Corporation)
O4 - HKLM..\Run: [Advanced Tools Check] C:\Program Files\Norton AntiVirus\AdvTools\AdvChk.exe (Symantec Corporation)
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [ccRegVfy] C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe (Symantec Corporation)
O4 - HKLM..\Run: [Conime] C:\WINDOWS\system32\conime.exe (Microsoft Corporation)
O4 - HKLM..\Run: [EKIJ5000StatusMonitor] C:\WINDOWS\system32\spool\drivers\w32x86\3\EKIJ5000MUI.exe (Eastman Kodak Company)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1275210071-507921405-1343024091-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1275210071-507921405-1343024091-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1275210071-507921405-1343024091-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1275210071-507921405-1343024091-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/e/2...78f/wvc1dmo.cab (Reg Error: Key error.)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://download.bitdefender.com/resources/...can8/oscan8.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} http://tools.ebayimg.com/eps/wl/activex/eB...l_v1-0-31-0.cab (EPUImageControl Class)
O16 - DPF: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/get/shock...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/04/01 08:58:49 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/04/10 17:14:08 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/04/10 16:14:00 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010/04/10 16:12:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael\Local Settings\Application Data\Help
[2010/04/10 16:12:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael\Application Data\Help
[2010/04/10 14:55:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael\Application Data\GrabCaptureScreen
[2010/04/10 14:54:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael\My Documents\GrabCaptureScreen
[2010/04/10 14:31:42 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010/04/10 14:31:42 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010/04/10 14:31:42 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010/04/10 14:31:42 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010/04/10 14:31:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/04/10 14:30:58 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010/04/10 10:43:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael\Desktop\bleep
[2010/04/08 11:23:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael\My Documents\CubeCart-latest
[2010/04/08 01:40:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\kds_kodak
[2010/04/08 01:35:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael\My Documents\Adobe Photoshop 7.0
[2010/04/07 22:51:44 | 000,569,344 | ---- | C] (UtahSoft) -- C:\Documents and Settings\Michael\Desktop\icrop.exe
[2010/04/07 19:20:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael\Desktop\New Folder
[2010/04/07 16:30:55 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Michael\IECompatCache
[2010/04/07 16:23:33 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2010/04/07 16:15:31 | 000,000,000 | ---D | C] -- C:\Program Files\Moyea
[2010/04/07 16:11:13 | 016,883,056 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Michael\Desktop\IE8-WindowsXP-x86-ENU.exe
[2010/04/07 14:31:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael\My Documents\prods
[2010/04/07 14:29:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael\My Documents\ws_ftple508
[2010/04/07 13:01:36 | 000,000,000 | ---D | C] -- C:\Program Files\Digital Dutch
[2010/04/07 13:01:25 | 002,244,968 | ---- | C] (Digital Dutch ) -- C:\Documents and Settings\Michael\My Documents\arles586.exe
[2010/04/07 11:49:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael\Desktop\prods
[2010/04/07 11:16:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2010/04/07 11:15:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael\Application Data\SUPERAntiSpyware.com
[2010/04/07 11:15:59 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2010/04/07 11:15:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2010/04/07 00:48:34 | 000,561,664 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Michael\Desktop\OTL.exe
[2010/04/06 21:23:58 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2010/04/06 19:40:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael\Local Settings\Application Data\Adobe
[2010/04/06 19:39:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2010/04/06 19:32:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael\Desktop\HijackThis
[2010/04/06 18:57:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/04/06 18:57:36 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSSTDFMT.DLL
[2010/04/06 18:57:29 | 000,000,000 | ---D | C] -- C:\Program Files\SpywareBlaster
[2010/04/06 18:56:22 | 003,012,768 | ---- | C] (Javacool Software LLC ) -- C:\Documents and Settings\Michael\Desktop\spywareblastersetup42.exe
[2010/04/06 14:16:16 | 001,840,232 | ---- | C] (Trend Micro) -- C:\Documents and Settings\Michael\Desktop\HousecallLauncher.exe
[2010/04/06 14:13:32 | 000,000,000 | ---D | C] -- C:\Program Files\TrendMicro
[2010/04/05 15:11:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael\Local Settings\Application Data\Identities
[2010/04/05 13:30:28 | 000,007,552 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\sonypvu1.sys
[2010/04/04 19:28:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael\My Documents\Washer
[2010/04/04 13:08:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael\Desktop\whole
[2010/04/03 14:07:21 | 000,020,824 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/04/03 14:07:18 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/04/03 14:07:17 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/04/03 13:17:27 | 000,006,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\splitter.sys
[2010/04/03 13:17:23 | 000,083,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wdmaud.sys
[2010/04/03 13:17:20 | 000,052,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmusic.sys
[2010/04/03 13:17:16 | 000,056,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swmidi.sys
[2010/04/03 13:17:14 | 000,142,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aec.sys
[2010/04/03 13:17:12 | 000,172,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kmixer.sys
[2010/04/03 13:17:10 | 000,002,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmkaud.sys
[2010/04/03 13:17:07 | 000,060,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sysaudio.sys
[2010/04/03 13:17:05 | 000,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mskssrv.sys
[2010/04/03 13:17:04 | 000,004,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspqm.sys
[2010/04/03 13:17:02 | 000,005,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspclock.sys
[2010/04/03 13:16:11 | 000,146,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\portcls.sys
[2010/04/03 13:16:11 | 000,146,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\portcls.sys
[2010/04/03 13:16:11 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksuser.dll
[2010/04/03 13:16:11 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksuser.dll
[2010/04/03 13:16:10 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksproxy.ax
[2010/04/03 13:16:10 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksproxy.ax
[2010/04/03 13:16:08 | 000,060,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmk.sys
[2010/04/03 13:16:08 | 000,060,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmk.sys
[2010/04/03 12:17:59 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidserv.dll
[2010/04/03 12:17:54 | 000,014,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhid.sys
[2010/04/03 10:53:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2010/04/03 10:19:12 | 000,594,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2010/04/03 10:19:11 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2010/04/03 10:19:01 | 001,985,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2010/04/03 00:06:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael\Local Settings\Application Data\PCHealth
[2010/04/02 21:28:03 | 000,000,000 | ---D | C] -- C:\Program Files\Norton Personal Firewall
[2010/04/02 19:15:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2010/04/02 19:15:11 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2010/04/02 19:14:51 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2010/04/02 19:14:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\BDOSCAN8
[2010/04/02 19:12:24 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\prntvpt.dll
[2010/04/02 19:12:23 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\printfilterpipelinesvc.exe
[2010/04/02 19:12:23 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\filterpipelineprintproc.dll
[2010/04/02 19:12:21 | 000,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpsshhdr.dll
[2010/04/02 19:12:20 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpssvcs.dll
[2010/04/02 19:12:20 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpssvcs.dll
[2010/04/02 19:03:41 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Michael\PrivacIE
[2010/04/02 18:52:45 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Michael\IETldCache
[2010/04/02 18:50:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2010/04/02 18:47:27 | 002,876,728 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Michael\My Documents\mbam-setup.exe
[2010/04/02 11:54:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2010/04/02 11:52:59 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2010/04/02 11:15:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael\DoctorWeb
[2010/04/02 11:00:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael\Application Data\Malwarebytes
[2010/04/02 11:00:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/04/02 09:55:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun
[2010/04/02 09:25:36 | 015,819,658 | ---- | C] (Plastics Direct ) -- C:\Documents and Settings\Michael\Desktop\kc2_designs.exe
[2010/04/02 09:00:53 | 012,991,848 | ---- | C] (Opera Software ASA) -- C:\Documents and Settings\Michael\My Documents\Opera_1051_int_Setup.exe
[2010/04/02 08:56:02 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jscript.dll
[2010/04/02 08:55:34 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2010/04/01 23:41:03 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\browserchoice.exe
[2010/04/01 22:45:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael\My Documents\shem
[2010/04/01 22:23:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael\Application Data\Media Player Classic
[2010/04/01 22:23:20 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcr71.dll
[2010/04/01 22:23:19 | 000,000,000 | ---D | C] -- C:\Program Files\K-Lite Codec Pack
[2010/04/01 17:17:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2010/04/01 17:16:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2010/04/01 16:47:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\RegisteredPackages
[2010/04/01 16:45:45 | 025,740,144 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Michael\Desktop\wmp11-windowsxp-x86-enu.exe
[2010/04/01 16:41:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-us
[2010/04/01 16:40:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting
[2010/04/01 16:40:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2010/04/01 16:40:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en
[2010/04/01 16:40:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2010/04/01 16:31:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2010/04/01 16:29:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups
[2010/04/01 16:24:20 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2010/04/01 16:24:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\EHome
[2010/04/01 16:15:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2010/04/01 13:34:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2010/04/01 12:30:25 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wiafbdrv.dll
[2010/04/01 12:30:25 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wiafbdrv.dll
[2010/04/01 12:27:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael\Local Settings\Application Data\KODAK
[2010/04/01 12:27:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael\Local Settings\Application Data\Eastman Kodak Company
[2010/04/01 12:27:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Eastman Kodak Company
[2010/04/01 12:26:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\kodak
[2010/04/01 12:25:51 | 000,405,504 | ---- | C] (Eastman Kodak Company) -- C:\WINDOWS\System32\EKIJ5000MON.dll
[2010/04/01 12:25:51 | 000,126,976 | ---- | C] (Eastman Kodak Company) -- C:\WINDOWS\System32\EKIJCOINST05.dll
[2010/04/01 12:25:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
[2010/04/01 12:25:17 | 000,000,000 | ---D | C] -- C:\Program Files\Kodak
[2010/04/01 12:24:49 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2010/04/01 12:24:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple
[2010/04/01 12:23:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Kodak
[2010/04/01 12:22:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael\Application Data\Temp
[2010/04/01 12:20:13 | 000,000,000 | R-SD | C] -- C:\WINDOWS\assembly
[2010/04/01 12:19:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET
[2010/04/01 12:02:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael\Application Data\Macromedia
[2010/04/01 12:02:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael\Application Data\Adobe
[2010/04/01 11:43:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun
[2010/04/01 11:43:31 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010/04/01 11:43:05 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deploytk.dll
[2010/04/01 11:43:05 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010/04/01 11:43:05 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010/04/01 11:43:05 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010/04/01 11:43:05 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010/04/01 11:42:43 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2010/04/01 11:42:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael\Application Data\Sun
[2010/04/01 09:54:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael\Local Settings\Application Data\Plastics Direct
[2010/04/01 09:54:08 | 000,000,000 | ---D | C] -- C:\Program Files\Keyring Creator 2
[2010/04/01 09:50:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael\Desktop\KEYS
[2010/04/01 09:49:40 | 000,157,696 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\SiSV256.dll
[2010/04/01 09:49:36 | 000,050,432 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\drivers\SiSV.sys
[2010/04/01 09:49:26 | 000,010,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\gameenum.sys
[2010/04/01 09:49:07 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\usbui.dll
[2010/04/01 09:48:36 | 000,025,471 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\watv10nt.sys
[2010/04/01 09:48:36 | 000,022,271 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\watv06nt.sys
[2010/04/01 09:48:36 | 000,011,935 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\wadv11nt.sys
[2010/04/01 09:48:36 | 000,011,871 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\wadv09nt.sys
[2010/04/01 09:48:36 | 000,011,807 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\wadv07nt.sys
[2010/04/01 09:48:36 | 000,011,295 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\wadv08nt.sys
[2010/04/01 09:48:31 | 000,013,240 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slwdmsup.sys
[2010/04/01 09:48:30 | 000,404,990 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slntamr.sys
[2010/04/01 09:48:30 | 000,129,535 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnt7554.sys
[2010/04/01 09:48:30 | 000,095,424 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnthal.sys
[2010/04/01 09:48:29 | 000,166,912 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\drivers\s3gnbm.sys
[2010/04/01 09:48:28 | 000,013,776 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\recagent.sys
[2010/04/01 09:48:27 | 001,897,408 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\drivers\nv4_mini.sys
[2010/04/01 09:48:27 | 000,180,360 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\ntmtlfax.sys
[2010/04/01 09:48:25 | 001,309,184 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlstrm.sys
[2010/04/01 09:48:25 | 000,452,736 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\drivers\mtxparhm.sys
[2010/04/01 09:48:25 | 000,126,686 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlmnt5.sys
[2010/04/01 09:47:59 | 000,000,000 | -HSD | C] -- C:\WINDOWS\Installer
[2010/04/01 09:47:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC
[2010/04/01 09:47:57 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spcommon.dll
[2010/04/01 09:47:57 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spcplui.dll
[2010/04/01 09:47:56 | 000,774,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spttseng.dll
[2010/04/01 09:47:55 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapisvr.exe
[2010/04/01 09:47:55 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeechEngines
[2010/04/01 09:47:54 | 000,000,000 | R--D | C] -- C:\Program Files
[2010/04/01 09:47:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Shared
[2010/04/01 09:47:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files
[2010/04/01 09:47:52 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuq.dll
[2010/04/01 09:47:52 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuf.dll
[2010/04/01 09:47:52 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtuq.dll
[2010/04/01 09:47:52 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtuf.dll
[2010/04/01 09:47:52 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdazel.dll
[2010/04/01 09:47:52 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdazel.dll
[2010/04/01 09:47:50 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycc.dll
[2010/04/01 09:47:50 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbduzb.dll
[2010/04/01 09:47:50 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdur.dll
[2010/04/01 09:47:50 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtat.dll
[2010/04/01 09:47:50 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru1.dll
[2010/04/01 09:47:50 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru.dll
[2010/04/01 09:47:50 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmon.dll
[2010/04/01 09:47:50 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkyr.dll
[2010/04/01 09:47:50 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkaz.dll
[2010/04/01 09:47:50 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbu.dll
[2010/04/01 09:47:50 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdblr.dll
[2010/04/01 09:47:50 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdaze.dll
[2010/04/01 09:47:50 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdycc.dll
[2010/04/01 09:47:50 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbduzb.dll
[2010/04/01 09:47:50 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdur.dll
[2010/04/01 09:47:50 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtat.dll
[2010/04/01 09:47:50 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdru1.dll
[2010/04/01 09:47:50 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdru.dll
[2010/04/01 09:47:50 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdmon.dll
[2010/04/01 09:47:50 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkyr.dll
[2010/04/01 09:47:50 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkaz.dll
[2010/04/01 09:47:50 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdbu.dll
[2010/04/01 09:47:50 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdblr.dll
[2010/04/01 09:47:50 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdaze.dll
[2010/04/01 09:47:48 | 000,008,192 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhept.dll
[2010/04/01 09:47:48 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhept.dll
[2010/04/01 09:47:48 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela3.dll
[2010/04/01 09:47:48 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhela3.dll
[2010/04/01 09:47:48 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela2.dll
[2010/04/01 09:47:48 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdgkl.dll
[2010/04/01 09:47:48 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhela2.dll
[2010/04/01 09:47:48 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgkl.dll
[2010/04/01 09:47:48 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe319.dll
[2010/04/01 09:47:48 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe220.dll
[2010/04/01 09:47:48 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe.dll
[2010/04/01 09:47:48 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe319.dll
[2010/04/01 09:47:48 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe220.dll
[2010/04/01 09:47:48 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe.dll
[2010/04/01 09:47:47 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv1.dll
[2010/04/01 09:47:47 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv.dll
[2010/04/01 09:47:47 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdest.dll
[2010/04/01 09:47:47 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlv1.dll
[2010/04/01 09:47:47 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlv.dll
[2010/04/01 09:47:47 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdest.dll
[2010/04/01 09:47:47 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt1.dll
[2010/04/01 09:47:47 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt.dll
[2010/04/01 09:47:47 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlt1.dll
[2010/04/01 09:47:47 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlt.dll
[2010/04/01 09:47:45 | 000,007,168 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz.dll
[2010/04/01 09:47:45 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz.dll
[2010/04/01 09:47:45 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycl.dll
[2010/04/01 09:47:45 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl1.dll
[2010/04/01 09:47:45 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl.dll
[2010/04/01 09:47:45 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpl.dll
[2010/04/01 09:47:45 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu.dll
[2010/04/01 09:47:45 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz2.dll
[2010/04/01 09:47:45 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz1.dll
[2010/04/01 09:47:45 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcr.dll
[2010/04/01 09:47:45 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\KBDAL.DLL
[2010/04/01 09:47:45 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdycl.dll
[2010/04/01 09:47:45 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsl1.dll
[2010/04/01 09:47:45 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsl.dll
[2010/04/01 09:47:45 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdpl.dll
[2010/04/01 09:47:45 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhu.dll
[2010/04/01 09:47:45 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz2.dll
[2010/04/01 09:47:45 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz1.dll
[2010/04/01 09:47:45 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcr.dll
[2010/04/01 09:47:45 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdal.dll
[2010/04/01 09:47:45 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdro.dll
[2010/04/01 09:47:45 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpl1.dll
[2010/04/01 09:47:45 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu1.dll
[2010/04/01 09:47:45 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdro.dll
[2010/04/01 09:47:45 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdpl1.dll
[2010/04/01 09:47:45 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhu1.dll
[2010/04/01 09:47:43 | 000,176,157 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dllcache\dgrpsetu.dll
[2010/04/01 09:47:43 | 000,176,157 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dgrpsetu.dll
[2010/04/01 09:47:43 | 000,085,020 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dllcache\dgsetup.dll
[2010/04/01 09:47:43 | 000,085,020 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dgsetup.dll
[2010/04/01 09:47:43 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irclass.dll
[2010/04/01 09:47:43 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irclass.dll
[2010/04/01 09:47:42 | 000,103,424 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\EqnClass.Dll
[2010/04/01 09:47:42 | 000,103,424 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqnclass.dll
[2010/04/01 09:47:42 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\spxcoins.dll
[2010/04/01 09:47:42 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxcoins.dll
[2010/04/01 09:47:42 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLESVR.DLL
[2010/04/01 09:47:42 | 000,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TAPI.DLL
[2010/04/01 09:47:42 | 000,013,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\WFWNET.DRV
[2010/04/01 09:47:42 | 000,009,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VER.DLL
[2010/04/01 09:47:42 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SHELL.DLL
[2010/04/01 09:47:42 | 000,004,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TIMER.DRV
[2010/04/01 09:47:42 | 000,003,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SYSTEM.DRV
[2010/04/01 09:47:42 | 000,002,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VGA.DRV
[2010/04/01 09:47:42 | 000,001,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SOUND.DRV
[2010/04/01 09:47:41 | 000,126,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MSVIDEO.DLL
[2010/04/01 09:47:41 | 000,109,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVIFILE.DLL
[2010/04/01 09:47:41 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLECLI.DLL
[2010/04/01 09:47:41 | 000,073,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIAVI.DRV
[2010/04/01 09:47:41 | 000,069,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVICAP.DLL
[2010/04/01 09:47:41 | 000,032,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\COMMDLG.DLL
[2010/04/01 09:47:41 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIWAVE.DRV
[2010/04/01 09:47:41 | 000,025,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCISEQ.DRV
[2010/04/01 09:47:41 | 000,009,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\LZEXPAND.DLL
[2010/04/01 09:47:41 | 000,002,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MOUSE.DRV
[2010/04/01 09:47:41 | 000,002,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\KEYBOARD.DRV
[2010/04/01 09:47:41 | 000,001,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MMTASK.TSK
[2010/04/01 09:47:40 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\winspool.drv
[2010/04/01 09:47:40 | 000,068,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MMSYSTEM.DLL
[2010/04/01 09:47:40 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\TASKMAN.EXE
[2010/04/01 09:47:40 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\taskman.exe
[2010/04/01 09:47:40 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\batt.dll
[2010/04/01 09:47:39 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\storprop.dll
[2010/04/01 09:47:30 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu
[2010/04/01 09:47:30 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents
[2010/04/01 09:47:30 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Templates
[2010/04/01 09:47:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Favorites
[2010/04/01 09:47:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Desktop
[2010/04/01 09:47:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2010/04/01 09:47:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot
[2010/04/01 09:47:11 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2010/04/01 09:47:11 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\All Users\Application Data
[2010/04/01 09:46:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings
[2010/04/01 09:46:45 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2010/04/01 09:46:08 | 000,701,440 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtag.sys
[2010/04/01 09:46:08 | 000,327,040 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtaa.sys
[2010/04/01 09:46:08 | 000,104,960 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinrvxx.sys
[2010/04/01 09:46:08 | 000,073,216 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atintuxx.sys
[2010/04/01 09:46:08 | 000,063,663 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1rvxx.sys
[2010/04/01 09:46:08 | 000,063,488 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxsxx.sys
[2010/04/01 09:46:08 | 000,057,856 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinbtxx.sys
[2010/04/01 09:46:08 | 000,056,623 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1btxx.sys
[2010/04/01 09:46:08 | 000,052,224 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinraxx.sys
[2010/04/01 09:46:08 | 000,036,463 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1tuxx.sys
[2010/04/01 09:46:08 | 000,034,735 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xsxx.sys
[2010/04/01 09:46:08 | 000,031,744 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxbxx.sys
[2010/04/01 09:46:08 | 000,030,671 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1raxx.sys
[2010/04/01 09:46:08 | 000,029,455 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xbxx.sys
[2010/04/01 09:46:08 | 000,028,672 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinsnxx.sys
[2010/04/01 09:46:08 | 000,026,367 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1snxx.sys
[2010/04/01 09:46:08 | 000,021,343 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1ttxx.sys
[2010/04/01 09:46:08 | 000,014,336 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinpdxx.sys
[2010/04/01 09:46:08 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinttxx.sys
[2010/04/01 09:46:08 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinmdxx.sys
[2010/04/01 09:46:08 | 000,012,047 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1pdxx.sys
[2010/04/01 09:46:08 | 000,011,615 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1mdxx.sys
[2010/04/01 09:39:02 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Michael\UserData
[2010/04/01 09:38:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2010/04/01 09:36:55 | 000,000,000 | ---D | C] -- C:\Program Files\O2
[2010/04/01 09:33:08 | 000,000,000 | ---D | C] -- C:\Program Files\O2_Installer
[2010/04/01 09:31:17 | 000,272,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthport.sys
[2010/04/01 09:31:13 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srv.sys
[2010/04/01 09:30:51 | 000,730,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lsasrv.dll
[2010/04/01 09:30:50 | 002,145,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe
[2010/04/01 09:30:49 | 002,189,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe
[2010/04/01 09:30:48 | 002,023,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe
[2010/04/01 09:30:38 | 000,455,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys
[2010/04/01 09:29:02 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netapi32.dll
[2010/04/01 09:28:49 | 000,689,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsp3res.dll
[2010/04/01 09:28:23 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aclayers.dll
[2010/04/01 09:28:06 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\t2embed.dll
[2010/04/01 09:28:06 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fontsub.dll
[2010/04/01 09:27:32 | 000,203,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rmcast.sys
[2010/04/01 09:27:04 | 000,691,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcomm.dll
[2010/04/01 09:23:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael\My Documents\My Received Files
[2010/04/01 09:22:57 | 000,000,000 | R-SD | C] -- C:\WINDOWS\Fonts
[2010/04/01 09:22:57 | 000,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2010/04/01 09:22:57 | 000,000,000 | R--D | C] -- C:\WINDOWS\Web
[2010/04/01 09:22:57 | 000,000,000 | -H-D | C] -- C:\WINDOWS\inf
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\WinSxS
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wins
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\twain_32
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\system32
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\system
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\spool
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\security
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\Resources
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\repair
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ras
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\Provisioning
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\PeerNet
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\pchealth
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\npp
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\mui
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\mui
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\msapps
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\msagent
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\Media
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\java
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\IME
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\ime
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ias
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\Help
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\export
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\Debug
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cursors
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\config
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\Config
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\AppPatch
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\addins
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3076
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\2052
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1054
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1042
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1041
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1037
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1033
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1031
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1028
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1025
[2010/04/01 09:21:19 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
[2010/04/01 09:20:59 | 000,026,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spupdsvc.exe
[2010/04/01 09:20:59 | 000,016,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2010/04/01 09:20:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2010/04/01 09:20:57 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$
[2010/04/01 09:20:13 | 000,138,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\afd.sys
[2010/04/01 09:20:12 | 000,361,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcpip.sys
[2010/04/01 09:20:12 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mswsock.dll
[2010/04/01 09:20:12 | 000,225,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcpip6.sys
[2010/04/01 09:20:12 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dnsapi.dll
[2010/04/01 09:15:50 | 000,034,578 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NPDRIVER.SYS
[2010/04/01 09:15:50 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010/04/01 09:14:35 | 000,306,688 | ---- | C] (InstallShield Software Corporation) -- C:\WINDOWS\IsUninst.exe
[2010/04/01 09:14:27 | 000,083,672 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\S32EVNT1.DLL
[2010/04/01 09:14:27 | 000,073,640 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2010/04/01 09:14:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael\Application Data\Symantec
[2010/04/01 09:14:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Symantec
[2010/04/01 09:14:02 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2010/04/01 09:13:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2010/04/01 09:13:49 | 000,000,000 | ---D | C] -- C:\Program Files\Norton AntiVirus
[2010/04/01 09:11:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2010/04/01 09:10:43 | 000,036,224 | ---- | C] (ADMtek Incorporated.) -- C:\WINDOWS\System32\drivers\an983.sys
[2010/04/01 09:10:43 | 000,036,224 | ---- | C] (ADMtek Incorporated.) -- C:\WINDOWS\System32\dllcache\an983.sys
[2010/04/01 09:06:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael\Local Settings\Application Data\SupportSoft
[2010/04/01 09:06:22 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SupportSoft
[2010/04/01 09:04:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael\Application Data\Identities
[2010/04/01 09:04:15 | 000,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
[2010/04/01 09:04:14 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Michael\My Documents\My Pictures
[2010/04/01 09:04:14 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Michael\My Documents\My Music
[2010/04/01 09:04:09 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Michael\Application Data\Microsoft
[2010/04/01 09:04:09 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Michael\SendTo
[2010/04/01 09:04:09 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Michael\Recent
[2010/04/01 09:04:09 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Michael\Application Data
[2010/04/01 09:04:09 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Michael\Start Menu
[2010/04/01 09:04:09 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Michael\My Documents
[2010/04/01 09:04:09 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Michael\Favorites
[2010/04/01 09:04:09 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Michael\Cookies
[2010/04/01 09:04:09 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Michael\Templates
[2010/04/01 09:04:09 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Michael\PrintHood
[2010/04/01 09:04:09 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Michael\NetHood
[2010/04/01 09:04:09 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Michael\Local Settings
[2010/04/01 09:04:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael\Local Settings\Application Data\Microsoft
[2010/04/01 09:04:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael\Desktop
[2010/04/01 09:02:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2010/04/01 09:02:50 | 000,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft
[2010/04/01 09:02:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2010/04/01 09:01:29 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winzm.ime
[2010/04/01 09:01:28 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winsp.ime
[2010/04/01 09:01:28 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winpy.ime
[2010/04/01 09:01:27 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winar30.ime
[2010/04/01 09:01:27 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wingb.ime
[2010/04/01 09:01:27 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winime.ime
[2010/04/01 09:01:26 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.sys
[2010/04/01 09:01:25 | 000,041,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.dll
[2010/04/01 09:01:24 | 000,048,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32.dll
[2010/04/01 09:01:23 | 000,426,041 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicepad.dll
[2010/04/01 09:01:23 | 000,086,073 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicesub.dll
[2010/04/01 09:01:21 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniime.dll
[2010/04/01 09:01:20 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unicdime.ime
[2010/04/01 09:01:20 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe
[2010/04/01 09:01:18 | 000,571,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlgnt.ime
[2010/04/01 09:01:18 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintsetp.exe
[2010/04/01 09:01:18 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlphr.exe
[2010/04/01 09:01:18 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmigrate.dll
[2010/04/01 09:01:17 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\thawbrkr.dll
[2010/04/01 09:01:17 | 000,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdipx.sys
[2010/04/01 09:01:17 | 000,019,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdspx.sys
[2010/04/01 09:01:17 | 000,013,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdasync.sys
[2010/04/01 09:01:14 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusbusd.dll
[2010/04/01 09:01:12 | 000,143,422 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\softkey.dll
[2010/04/01 09:01:12 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll
[2010/04/01 09:01:11 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpstup.dll
[2010/04/01 09:01:10 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll
[2010/04/01 09:01:10 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smimsgif.dll
[2010/04/01 09:01:09 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm9aw.dll
[2010/04/01 09:01:09 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb6w.dll
[2010/04/01 09:01:09 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma3w.dll
[2010/04/01 09:01:09 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm93w.dll
[2010/04/01 09:01:09 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsm.dll
[2010/04/01 09:01:09 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsy.dll
[2010/04/01 09:01:08 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm87w.dll
[2010/04/01 09:01:08 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm81w.dll
[2010/04/01 09:01:08 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8cw.dll
[2010/04/01 09:01:08 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm92w.dll
[2010/04/01 09:01:08 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm90w.dll
[2010/04/01 09:01:08 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8dw.dll
[2010/04/01 09:01:08 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8aw.dll
[2010/04/01 09:01:08 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm89w.dll
[2010/04/01 09:01:07 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm59w.dll
[2010/04/01 09:01:07 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\simptcp.dll
[2010/04/01 09:01:03 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_scripto.dll
[2010/04/01 09:01:03 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seos.dll
[2010/04/01 09:01:01 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2010/04/01 09:01:01 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2010/04/01 09:01:00 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\romanime.ime
[2010/04/01 09:00:59 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe
[2010/04/01 09:00:58 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe
[2010/04/01 09:00:56 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quick.ime
[2010/04/01 09:00:56 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quser.exe
[2010/04/01 09:00:56 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe
[2010/04/01 09:00:53 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxviceo.dll
[2010/04/01 09:00:53 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlphr.exe
[2010/04/01 09:00:53 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmigrate.dll
[2010/04/01 09:00:53 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxmcro.dll
[2010/04/01 09:00:53 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxgl.dll
[2010/04/01 09:00:52 | 000,482,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlgnt.ime
[2010/04/01 09:00:52 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phon.ime
[2010/04/01 09:00:52 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlcsd.dll
[2010/04/01 09:00:51 | 000,036,927 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs411.dll
[2010/04/01 09:00:51 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs404.dll
[2010/04/01 09:00:51 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs804.dll
[2010/04/01 09:00:51 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs412.dll
[2010/04/01 09:00:48 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll
[2010/04/01 09:00:44 | 000,229,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\multibox.dll
[2010/04/01 09:00:39 | 001,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.lex
[2010/04/01 09:00:39 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.dll
[2010/04/01 09:00:31 | 000,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.sys
[2010/04/01 09:00:31 | 000,092,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.dll
[2010/04/01 09:00:30 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll
[2010/04/01 09:00:27 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\korwbrkr.dll
[2010/04/01 09:00:26 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdvntc.dll
[2010/04/01 09:00:26 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdusa.dll
[2010/04/01 09:00:26 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdurdu.dll
[2010/04/01 09:00:25 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth3.dll
[2010/04/01 09:00:25 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth2.dll
[2010/04/01 09:00:25 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth1.dll
[2010/04/01 09:00:25 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth0.dll
[2010/04/01 09:00:25 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr2.dll
[2010/04/01 09:00:25 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr1.dll
[2010/04/01 09:00:24 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecat.dll
[2010/04/01 09:00:24 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecnt.dll
[2010/04/01 09:00:24 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnec95.dll
[2010/04/01 09:00:24 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintel.dll
[2010/04/01 09:00:23 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinpun.dll
[2010/04/01 09:00:23 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintam.dll
[2010/04/01 09:00:23 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinmar.dll
[2010/04/01 09:00:23 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinkan.dll
[2010/04/01 09:00:23 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinhin.dll
[2010/04/01 09:00:23 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinguj.dll
[2010/04/01 09:00:23 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdindev.dll
[2010/04/01 09:00:22 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdheb.dll
[2010/04/01 09:00:22 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdfa.dll
[2010/04/01 09:00:22 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv2.dll
[2010/04/01 09:00:22 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv1.dll
[2010/04/01 09:00:22 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgeo.dll
[2010/04/01 09:00:21 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda3.dll
[2010/04/01 09:00:21 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda2.dll
[2010/04/01 09:00:21 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda1.dll
[2010/04/01 09:00:21 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarmw.dll
[2010/04/01 09:00:21 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarme.dll
[2010/04/01 09:00:20 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jupiw.dll
[2010/04/01 09:00:20 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101a.dll
[2010/04/01 09:00:18 | 000,315,455 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskf.dll
[2010/04/01 09:00:17 | 000,471,102 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskdic.dll
[2010/04/01 09:00:17 | 000,274,489 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputyc.dll
[2010/04/01 09:00:17 | 000,262,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputy.exe
[2010/04/01 09:00:17 | 000,102,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imlang.dll
[2010/04/01 09:00:17 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imkrinst.exe
[2010/04/01 09:00:16 | 000,307,257 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.exe
[2010/04/01 09:00:16 | 000,233,527 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjprw.exe
[2010/04/01 09:00:16 | 000,208,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpmig.exe
[2010/04/01 09:00:16 | 000,155,705 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdsvr.exe
[2010/04/01 09:00:16 | 000,081,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.dll
[2010/04/01 09:00:16 | 000,045,109 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpuex.exe
[2010/04/01 09:00:15 | 000,811,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81k.dll
[2010/04/01 09:00:15 | 000,716,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcus.dll
[2010/04/01 09:00:15 | 000,368,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcic.dll
[2010/04/01 09:00:15 | 000,057,398 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdadm.exe
[2010/04/01 09:00:14 | 000,340,023 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81.ime
[2010/04/01 09:00:14 | 000,311,359 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsv.exe
[2010/04/01 09:00:14 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrcic.dll
[2010/04/01 09:00:14 | 000,102,463 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsm.dll
[2010/04/01 09:00:14 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekr61.ime
[2010/04/01 09:00:14 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmbx.dll
[2010/04/01 09:00:14 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmig.exe
[2010/04/01 09:00:09 | 010,129,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxkor.dll
[2010/04/01 09:00:01 | 010,096,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxcht.dll
[2010/04/01 08:59:59 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hanjadic.dll
[2010/04/01 08:59:56 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsroute.dll
[2010/04/01 08:59:56 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssend.exe
[2010/04/01 08:59:55 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclntr.dll
[2010/04/01 08:59:55 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscfgwz.dll
[2010/04/01 08:59:54 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftlx041e.dll
[2010/04/01 08:59:53 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe
[2010/04/01 08:59:52 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll
[2010/04/01 08:59:51 | 000,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll
[2010/04/01 08:59:51 | 000,045,056 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll
[2010/04/01 08:59:51 | 000,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll
[2010/04/01 08:59:51 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\et4000.sys
[2010/04/01 08:59:49 | 000,514,587 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\edb500.dll
[2010/04/01 08:59:44 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dayi.ime
[2010/04/01 08:59:42 | 000,057,399 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cplexe.exe
[2010/04/01 08:59:42 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cprofile.exe
[2010/04/01 08:59:39 | 000,480,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintsetp.exe
[2010/04/01 08:59:39 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintime.dll
[2010/04/01 08:59:39 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintlgnt.ime
[2010/04/01 08:59:38 | 001,677,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chsbrkr.dll
[2010/04/01 08:59:38 | 000,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtbrkr.dll
[2010/04/01 08:59:38 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtmbx.dll
[2010/04/01 08:59:38 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtskdic.dll
[2010/04/01 08:59:37 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chajei.ime
[2010/04/01 08:59:37 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgport.exe
[2010/04/01 08:59:37 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgusr.exe
[2010/04/01 08:59:37 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chglogon.exe
[2010/04/01 08:59:37 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\change.exe
[2010/04/01 08:59:35 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2010/04/01 08:59:35 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_iscii.dll
[2010/04/01 08:59:35 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_is2022.dll
[2010/04/01 08:59:23 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll
[2010/04/01 08:59:21 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll
[2010/04/01 08:59:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom
[2010/04/01 08:59:00 | 000,000,000 | ---D | C] -- C:\Program Files\xerox
[2010/04/01 08:59:00 | 000,000,000 | ---D | C] -- C:\Program Files\microsoft frontpage
[2010/04/01 08:58:42 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2010/04/01 08:58:42 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2010/04/01 08:58:29 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mapi32.dll
[2010/04/01 08:57:41 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\DRM
[2010/04/01 08:57:29 | 000,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files
[2010/04/01 08:57:29 | 000,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages
[2010/04/01 08:57:15 | 000,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate
[2010/04/01 08:56:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX
[2010/04/01 08:56:40 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helphost.exe
[2010/04/01 08:56:40 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\notiflag.exe
[2010/04/01 08:56:40 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\brpinfo.dll
[2010/04/01 08:56:40 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atrace.dll
[2010/04/01 08:56:40 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\atrace.dll
[2010/04/01 08:56:40 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hcappres.dll
[2010/04/01 08:56:33 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srdiag.exe
[2010/04/01 08:56:33 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wb32.exe
[2010/04/01 08:56:33 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmevtmsg.dll
[2010/04/01 08:56:33 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmevtmsg.dll
[2010/04/01 08:56:32 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\acctres.dll
[2010/04/01 08:56:32 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\acctres.dll
[2010/04/01 08:56:32 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msinfo32.exe
[2010/04/01 08:56:32 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cb32.exe
[2010/04/01 08:56:31 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Services
[2010/04/01 08:56:30 | 000,000,000 | --SD | C] -- C:\WINDOWS\Tasks
[2010/04/01 08:56:29 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssoap1.dll
[2010/04/01 08:56:29 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwtutor.exe
[2010/04/01 08:56:29 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwres.dll
[2010/04/01 08:56:29 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trialoc.dll
[2010/04/01 08:56:29 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wisc10.dll
[2010/04/01 08:56:29 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssoapr.dll
[2010/04/01 08:56:29 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isignup.exe
[2010/04/01 08:56:29 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icfgnt5.dll
[2010/04/01 08:56:29 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icfgnt5.dll
[2010/04/01 08:56:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap
[2010/04/01 08:56:28 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieinfo5.ocx
[2010/04/01 08:56:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\srchasst
[2010/04/01 08:56:25 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpband.dll
[2010/04/01 08:56:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed
[2010/04/01 08:56:24 | 000,786,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migrate.exe
[2010/04/01 08:56:24 | 000,774,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setup_wm.exe
[2010/04/01 08:56:24 | 000,368,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpvis.dll
[2010/04/01 08:56:24 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpns.dll
[2010/04/01 08:56:24 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmplayer.exe
[2010/04/01 08:56:24 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\custsat.dll
[2010/04/01 08:56:23 | 000,364,544 | ---- | C] (Microsoft Corporation (written by Digital Renaissance Inc.)) -- C:\WINDOWS\System32\dllcache\npdsplay.dll
[2010/04/01 08:56:23 | 000,327,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll
[2010/04/01 08:56:23 | 000,327,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wucltui.dll
[2010/04/01 08:56:23 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npdrmv2.dll
[2010/04/01 08:56:23 | 000,209,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuweb.dll
[2010/04/01 08:56:23 | 000,183,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng1.dll
[2010/04/01 08:56:23 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npwmsdrm.dll
[2010/04/01 08:56:23 | 000,004,639 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplayer2.exe
[2010/04/01 08:56:22 | 001,929,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaueng.dll
[2010/04/01 08:56:22 | 000,575,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll
[2010/04/01 08:56:22 | 000,575,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuapi.dll
[2010/04/01 08:56:22 | 000,217,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaucpl.cpl
[2010/04/01 08:56:22 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauclt1.exe
[2010/04/01 08:56:22 | 000,053,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauclt.exe
[2010/04/01 08:56:22 | 000,035,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wups.dll
[2010/04/01 08:56:22 | 000,035,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wups.dll
[2010/04/01 08:56:22 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qmgrprxy.dll
[2010/04/01 08:56:22 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx2.dll
[2010/04/01 08:56:22 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx3.dll
[2010/04/01 08:56:19 | 003,558,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\moviemk.exe
[2010/04/01 08:56:18 | 000,000,000 | ---D | C] -- C:\Program Files\Movie Maker
[2010/04/01 08:56:15 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrslv.dll
[2010/04/01 08:56:15 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrcdlg.dll
[2010/04/01 08:56:15 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\racpldlg.dll
[2010/04/01 08:56:15 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrdm.dll
[2010/04/01 08:56:13 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fltmc.exe
[2010/04/01 08:56:12 | 000,239,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srrstr.dll
[2010/04/01 08:56:12 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ils.dll
[2010/04/01 08:56:12 | 000,034,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mnmdd.dll
[2010/04/01 08:56:12 | 000,032,768 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\isrdbg32.dll
[2010/04/01 08:56:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore
[2010/04/01 08:56:11 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msconf.dll
[2010/04/01 08:56:11 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmmkcert.dll
[2010/04/01 08:56:09 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoeacct.dll
[2010/04/01 08:56:09 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoert2.dll
[2010/04/01 08:56:09 | 000,000,000 | ---D | C] -- C:\Program Files\NetMeeting
[2010/04/01 08:56:08 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetres.dll
[2010/04/01 08:56:06 | 000,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcfg.dll
[2010/04/01 08:56:06 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\isign32.dll
[2010/04/01 08:56:06 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwdial.dll
[2010/04/01 08:56:06 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwphbk.dll
[2010/04/01 08:56:06 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstinit.exe
[2010/04/01 08:56:06 | 000,000,000 | ---D | C] -- C:\Program Files\Outlook Express
[2010/04/01 08:56:02 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadce.dll
[2010/04/01 08:56:01 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\System
[2010/04/01 08:55:59 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Explorer
[2010/04/01 08:55:58 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Pictures
[2010/04/01 08:55:47 | 000,000,000 | ---D | C] -- C:\Program Files\ComPlus Applications
[2010/04/01 08:55:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\Registration
[2010/04/01 08:55:04 | 000,000,000 | ---D | C] -- C:\Program Files\Online Services
[2010/04/01 08:55:03 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Music
[2010/04/01 08:55:03 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Player
[2010/04/01 08:54:56 | 000,042,577 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgzm.exe
[2010/04/01 08:54:56 | 000,000,000 | ---D | C] -- C:\Program Files\Messenger
[2010/04/01 08:54:55 | 002,178,131 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlres.dll
[2010/04/01 08:54:55 | 001,817,687 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgres.dll
[2010/04/01 08:54:55 | 000,780,885 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrres.dll
[2010/04/01 08:54:55 | 000,753,236 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvseres.dll
[2010/04/01 08:54:55 | 000,082,501 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckg.dll
[2010/04/01 08:54:55 | 000,066,113 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvl.dll
[2010/04/01 08:54:55 | 000,048,706 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvse.dll
[2010/04/01 08:54:55 | 000,042,575 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrzm.exe
[2010/04/01 08:54:55 | 000,042,574 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvsezm.exe
[2010/04/01 08:54:55 | 000,042,573 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlzm.exe
[2010/04/01 08:54:55 | 000,040,515 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkr.dll
[2010/04/01 08:54:54 | 001,175,635 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzres.dll
[2010/04/01 08:54:54 | 001,039,955 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnresm.dll
[2010/04/01 08:54:54 | 000,113,222 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zoneclim.dll
[2010/04/01 08:54:54 | 000,057,409 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtz.dll
[2010/04/01 08:54:54 | 000,042,573 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzzm.exe
[2010/04/01 08:54:54 | 000,041,029 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zcorem.dll
[2010/04/01 08:54:54 | 000,032,339 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniansi.dll
[2010/04/01 08:54:54 | 000,013,894 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zonelibm.dll
[2010/04/01 08:54:54 | 000,004,677 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zeeverm.dll
[2010/04/01 08:54:53 | 000,217,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnclim.dll
[2010/04/01 08:54:53 | 000,036,937 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zclientm.exe
[2010/04/01 08:54:53 | 000,029,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\znetm.dll
[2010/04/01 08:54:53 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\write.exe
[2010/04/01 08:54:53 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\write.exe
[2010/04/01 08:54:53 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Gaming Zone
[2010/04/01 08:54:46 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndvol32.exe
[2010/04/01 08:54:46 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndvol32.exe
[2010/04/01 08:54:46 | 000,044,544 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\hticons.dll
[2010/04/01 08:54:46 | 000,013,312 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\dllcache\htrn_jis.dll
[2010/04/01 08:54:45 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avtapi.dll
[2010/04/01 08:54:45 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avtapi.dll
[2010/04/01 08:54:45 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avwav.dll
[2010/04/01 08:54:45 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avwav.dll
[2010/04/01 08:54:45 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winchat.exe
[2010/04/01 08:54:45 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winchat.exe
[2010/04/01 08:54:45 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avmeter.dll
[2010/04/01 08:54:45 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avmeter.dll
[2010/04/01 08:54:40 | 000,605,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\getuname.dll
[2010/04/01 08:54:40 | 000,605,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\getuname.dll
[2010/04/01 08:54:40 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\calc.exe
[2010/04/01 08:54:40 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\calc.exe
[2010/04/01 08:54:40 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\charmap.exe
[2010/04/01 08:54:40 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\charmap.exe
[2010/04/01 08:54:39 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mshearts.exe
[2010/04/01 08:54:39 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshearts.exe
[2010/04/01 08:54:39 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winmine.exe
[2010/04/01 08:54:39 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmine.exe
[2010/04/01 08:54:39 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sol.exe
[2010/04/01 08:54:39 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sol.exe
[2010/04/01 08:54:39 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\freecell.exe
[2010/04/01 08:54:39 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\freecell.exe
[2010/04/01 08:54:39 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tskill.exe
[2010/04/01 08:54:39 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tskill.exe
[2010/04/01 08:54:39 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\reset.exe
[2010/04/01 08:54:39 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\reset.exe
[2010/04/01 08:54:38 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\regini.exe
[2010/04/01 08:54:38 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\regini.exe
[2010/04/01 08:54:38 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qwinsta.exe
[2010/04/01 08:54:38 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qwinsta.exe
[2010/04/01 08:54:38 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msg.exe
[2010/04/01 08:54:38 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msg.exe
[2010/04/01 08:54:38 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsshutdn.exe
[2010/04/01 08:54:38 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsshutdn.exe
[2010/04/01 08:54:38 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qappsrv.exe
[2010/04/01 08:54:38 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qappsrv.exe
[2010/04/01 08:54:38 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rwinsta.exe
[2010/04/01 08:54:38 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rwinsta.exe
[2010/04/01 08:54:38 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cdmodem.dll
[2010/04/01 08:54:38 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cdmodem.dll
[2010/04/01 08:54:38 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\logoff.exe
[2010/04/01 08:54:38 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logoff.exe
[2010/04/01 08:54:38 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsdiscon.exe
[2010/04/01 08:54:38 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsdiscon.exe
[2010/04/01 08:54:38 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscon.exe
[2010/04/01 08:54:38 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscon.exe
[2010/04/01 08:54:38 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\shadow.exe
[2010/04/01 08:54:38 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shadow.exe
[2010/04/01 08:54:38 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpcfgex.dll
[2010/04/01 08:54:38 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpcfgex.dll
[2010/04/01 08:54:37 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comrepl.dll
[2010/04/01 08:54:37 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxlegih.dll
[2010/04/01 08:54:37 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxdm.dll
[2010/04/01 08:54:37 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comaddin.dll
[2010/04/01 08:54:37 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtsadmin.tlb
[2010/04/01 08:54:37 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dcomcnfg.exe
[2010/04/01 08:54:37 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxex.dll
[2010/04/01 08:54:36 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsnap.dll
[2010/04/01 08:54:36 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\stclient.dll
[2010/04/01 08:54:36 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmi2xml.dll
[2010/04/01 08:54:34 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\updprov.dll
[2010/04/01 08:54:34 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipicmp.dll
[2010/04/01 08:54:34 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmimsg.dll
[2010/04/01 08:54:34 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemdisp.tlb
[2010/04/01 08:54:34 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmitimep.dll
[2010/04/01 08:54:34 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.tlb
[2010/04/01 08:54:34 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unsecapp.exe
[2010/04/01 08:54:34 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmtr.dll
[2010/04/01 08:54:34 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmt.exe
[2010/04/01 08:54:34 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.dll
[2010/04/01 08:54:33 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msiprov.dll
[2010/04/01 08:54:33 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsprov.dll
[2010/04/01 08:54:33 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmplprov.dll
[2010/04/01 08:54:33 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trnsprov.dll
[2010/04/01 08:54:33 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fwdprov.dll
[2010/04/01 08:54:33 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpcons.dll
[2010/04/01 08:54:24 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\accwiz.exe
[2010/04/01 08:54:24 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\access.cpl
[2010/04/01 08:54:24 | 000,000,000 | ---D | C] -- C:\Program Files\MSN
[2010/04/01 08:54:23 | 000,347,136 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\hypertrm.dll
[2010/04/01 08:54:23 | 000,343,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mspaint.exe
[2010/04/01 08:54:23 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndrec32.exe
[2010/04/01 08:54:23 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mplay32.exe
[2010/04/01 08:54:23 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplay32.exe
[2010/04/01 08:54:23 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clipbrd.exe
[2010/04/01 08:54:23 | 000,000,000 | ---D | C] -- C:\Program Files\Windows NT
[2010/04/01 08:54:22 | 002,066,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstscax.dll
[2010/04/01 08:54:22 | 000,538,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spider.exe
[2010/04/01 08:54:22 | 000,407,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstsc.exe
[2010/04/01 08:54:22 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscfgwmi.dll
[2010/04/01 08:54:21 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdchost.dll
[2010/04/01 08:54:21 | 000,087,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpwsx.dll
[2010/04/01 08:54:21 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdshost.exe
[2010/04/01 08:54:21 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpclip.exe
[2010/04/01 08:54:21 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscupgrd.exe
[2010/04/01 08:54:21 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscupgrd.exe
[2010/04/01 08:54:21 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpsnd.dll
[2010/04/01 08:54:21 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qprocess.exe
[2010/04/01 08:54:21 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdsaddin.exe
[2010/04/01 08:54:21 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icaapi.dll
[2010/04/01 08:54:20 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtctm.dll
[2010/04/01 08:54:20 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcprx.dll
[2010/04/01 08:54:20 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcuiu.dll
[2010/04/01 08:54:20 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxoci.dll
[2010/04/01 08:54:20 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtclog.dll
[2010/04/01 08:54:20 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cfgbkend.dll
[2010/04/01 08:54:20 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xolehlp.dll
[2010/04/01 08:54:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc
[2010/04/01 08:54:19 | 000,625,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvut.dll
[2010/04/01 08:54:19 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clbcatex.dll
[2010/04/01 08:54:19 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvps.dll
[2010/04/01 08:54:19 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\colbact.dll
[2010/04/01 08:54:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Com
[2010/04/01 08:54:18 | 001,267,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsvcs.dll
[2010/04/01 08:54:18 | 000,539,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comuid.dll
[2010/04/01 08:54:18 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrv.dll
[2010/04/01 08:54:12 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\servdeps.dll
[2010/04/01 08:54:11 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmprops.dll
[2010/04/01 08:54:11 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\licwmi.dll
[2010/04/01 08:54:11 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmfutil.dll

========== Files - Modified Within 30 Days ==========

[2010/04/10 17:22:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\Symantec NetDetect.job
[2010/04/10 17:15:46 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/04/10 17:15:43 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/04/10 17:14:34 | 003,145,728 | -H-- | M] () -- C:\Documents and Settings\Michael\NTUSER.DAT
[2010/04/10 17:14:34 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Michael\ntuser.ini
[2010/04/10 16:20:57 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/04/10 16:14:07 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2010/04/10 16:13:15 | 000,000,426 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{F847089E-2516-4483-BFD6-9464CF58DF2D}.job
[2010/04/10 15:01:02 | 006,941,480 | -H-- | M] () -- C:\Documents and Settings\Michael\Local Settings\Application Data\IconCache.db
[2010/04/10 14:55:54 | 000,000,548 | ---- | M] () -- C:\Documents and Settings\Michael\Desktop\Shortcut to mc303CF.exe.lnk
[2010/04/10 14:54:51 | 000,000,767 | ---- | M] () -- C:\Documents and Settings\Michael\Desktop\Shortcut to GrabCaptureScreen.exe.lnk
[2010/04/10 10:46:38 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Michael\defogger_reenable
[2010/04/10 09:55:41 | 000,014,848 | ---- | M] () -- C:\Documents and Settings\Michael\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/04/08 11:20:03 | 003,103,920 | ---- | M] () -- C:\Documents and Settings\Michael\My Documents\CubeCart-latest.zip
[2010/04/08 05:25:00 | 000,001,148 | ---- | M] () -- C:\Documents and Settings\Michael\My Documents\index.tpl
[2010/04/08 01:42:26 | 000,023,531 | ---- | M] () -- C:\Documents and Settings\Michael\Desktop\NEWZEALAND2a.jpg
[2010/04/08 01:39:39 | 000,000,814 | ---- | M] () -- C:\Documents and Settings\Michael\Desktop\Adobe Photoshop 7.0.lnk
[2010/04/08 01:39:03 | 000,000,986 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
[2010/04/08 00:45:15 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2010/04/07 22:12:00 | 000,024,763 | ---- | M] () -- C:\Documents and Settings\Michael\Desktop\1012876.jpg
[2010/04/07 21:54:02 | 000,000,680 | ---- | M] () -- C:\Documents and Settings\Michael\Desktop\Shortcut to WS_FTP95.exe.lnk
[2010/04/07 18:54:54 | 000,014,744 | ---- | M] () -- C:\Documents and Settings\Michael\Desktop\wedding2.jpg
[2010/04/07 16:29:59 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/04/07 16:11:31 | 016,883,056 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Michael\Desktop\IE8-WindowsXP-x86-ENU.exe
[2010/04/07 16:07:01 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/04/07 13:01:44 | 000,000,827 | ---- | M] () -- C:\Documents and Settings\Michael\Desktop\Arles Image Web Page Creator.lnk
[2010/04/07 11:16:05 | 000,000,780 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010/04/07 11:14:58 | 007,976,992 | ---- | M] () -- C:\Documents and Settings\Michael\Desktop\SUPERAntiSpyware.exe
[2010/04/07 00:48:40 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Michael\Desktop\OTL.exe
[2010/04/06 19:41:37 | 000,827,762 | ---- | M] () -- C:\Documents and Settings\Michael\Desktop\Property Flyer -wk 1(7-11Apr10).pdf
[2010/04/06 19:31:22 | 000,318,067 | ---- | M] () -- C:\Documents and Settings\Michael\Desktop\HijackThis.zip
[2010/04/06 19:04:51 | 000,000,631 | ---- | M] () -- C:\Documents and Settings\Michael\Desktop\Shortcut to washer.lnk
[2010/04/06 18:57:39 | 000,000,690 | ---- | M] () -- C:\Documents and Settings\Michael\Desktop\SpywareBlaster.lnk
[2010/04/06 18:56:25 | 003,012,768 | ---- | M] (Javacool Software LLC ) -- C:\Documents and Settings\Michael\Desktop\spywareblastersetup42.exe
[2010/04/06 14:16:23 | 000,000,036 | ---- | M] () -- C:\Documents and Settings\Michael\Local Settings\Application Data\housecall.guid.cache
[2010/04/06 14:16:17 | 001,840,232 | ---- | M] (Trend Micro) -- C:\Documents and Settings\Michael\Desktop\HousecallLauncher.exe
[2010/04/06 14:13:41 | 000,002,445 | ---- | M] () -- C:\Documents and Settings\Michael\Desktop\HiJackThis.lnk
[2010/04/06 14:13:13 | 001,401,344 | ---- | M] () -- C:\Documents and Settings\Michael\Desktop\HijackThis.msi
[2010/04/06 14:05:13 | 000,000,174 | ---- | M] () -- C:\Documents and Settings\Michael\Desktop\DrWeb.csv
[2010/04/06 13:25:11 | 036,556,072 | ---- | M] () -- C:\Documents and Settings\Michael\Desktop\dr.exe
[2010/04/03 18:54:18 | 000,017,392 | ---- | M] () -- C:\Documents and Settings\Michael\My Documents\bitdefender.html
[2010/04/03 14:07:21 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/04/03 14:05:43 | 000,000,292 | ---- | M] () -- C:\WINDOWS\System\cmicnfg.ini
[2010/04/03 13:20:51 | 000,015,481 | ---- | M] () -- C:\Documents and Settings\Michael\My Documents\!Bm4v3k!CGk~$(KGrHqUH-DkEttFPlWZWBLhUB6Fw+g~~_12.jpg
[2010/04/03 11:12:04 | 000,488,244 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/04/03 11:12:04 | 000,432,356 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/04/03 11:12:04 | 000,067,312 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/04/03 01:34:37 | 036,249,912 | ---- | M] () -- C:\Documents and Settings\Michael\Desktop\drweb.exe
[2010/04/03 00:03:41 | 000,013,104 | ---- | M] () -- C:\Documents and Settings\Michael\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/04/02 21:28:37 | 000,000,032 | -HS- | M] () -- C:\WINDOWS\{F13E0DEA-6950-47FB-A30D-4CC10BD0D92C}.dat
[2010/04/02 21:28:37 | 000,000,032 | -HS- | M] () -- C:\WINDOWS\System32\{EF0457F6-4E56-46B9-8783-B49EB463CC16}.dat
[2010/04/02 21:28:18 | 000,001,793 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Norton Personal Firewall.lnk
[2010/04/02 19:22:52 | 000,095,072 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/04/02 11:42:54 | 001,908,578 | ---- | M] () -- C:\Documents and Settings\Michael\My Documents\PD017.pdf
[2010/04/02 09:25:53 | 015,819,658 | ---- | M] (Plastics Direct ) -- C:\Documents and Settings\Michael\Desktop\kc2_designs.exe
[2010/04/02 09:01:07 | 012,991,848 | ---- | M] (Opera Software ASA) -- C:\Documents and Settings\Michael\My Documents\Opera_1051_int_Setup.exe
[2010/04/01 17:18:18 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2010/04/01 16:45:48 | 025,740,144 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Michael\Desktop\wmp11-windowsxp-x86-enu.exe
[2010/04/01 16:30:49 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2010/04/01 13:32:10 | 000,002,155 | ---- | M] () -- C:\Documents and Settings\Michael\Desktop\310310 Letter Benefits Services MF.doc
[2010/04/01 12:31:28 | 000,000,578 | ---- | M] () -- C:\WINDOWS\tasks\AiO Home Center Registration Remind Task.job
[2010/04/01 12:27:13 | 000,000,775 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\KODAK AiO Home Centre.lnk
[2010/04/01 11:42:48 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010/04/01 11:42:48 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010/04/01 11:42:47 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010/04/01 11:42:47 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010/04/01 11:42:46 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deploytk.dll
[2010/04/01 11:26:17 | 000,068,063 | ---- | M] () -- C:\Documents and Settings\Michael\Desktop\topHeader1.jpg
[2010/04/01 09:54:10 | 000,000,710 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Keyring Creator 2.lnk
[2010/04/01 09:48:49 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.bak
[2010/04/01 09:16:48 | 000,001,925 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Norton AntiVirus 2003 Professional Edition.lnk
[2010/04/01 09:16:10 | 000,000,032 | -HS- | M] () -- C:\WINDOWS\System32\{DE22D068-8219-41C3-AE36-5E3813B59FC9}.dat
[2010/04/01 09:16:10 | 000,000,032 | -HS- | M] () -- C:\WINDOWS\{79CB7DF4-0E71-40E6-9FB5-CD8648B871B0}.dat
[2010/04/01 09:16:05 | 000,000,014 | ---- | M] () -- C:\WINDOWS\System32\SR2.dat
[2010/04/01 09:02:43 | 000,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD
[2010/04/01 09:01:44 | 000,000,261 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2010/04/01 08:58:49 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/04/01 08:58:49 | 000,000,477 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/04/01 08:58:49 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2010/04/01 08:58:49 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/04/01 08:58:49 | 000,000,000 | ---- | M] () -- C:\WINDOWS\control.ini
[2010/04/01 08:58:49 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010/04/01 08:58:49 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010/04/01 08:58:41 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2010/04/01 08:58:41 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2010/04/01 08:58:29 | 000,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2010/04/01 08:57:28 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\System32\WindowsLogon.manifest
[2010/04/01 08:57:28 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2010/04/01 08:57:20 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2010/04/01 08:57:20 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\WindowsShell.Manifest
[2010/04/01 08:57:20 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2010/04/01 08:57:20 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2010/04/01 08:57:20 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2010/04/01 08:57:20 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2010/04/01 08:55:56 | 000,021,640 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010/04/01 08:55:44 | 000,000,037 | ---- | M] () -- C:\WINDOWS\vbaddin.ini
[2010/04/01 08:55:44 | 000,000,036 | ---- | M] () -- C:\WINDOWS\vb.ini
[2010/04/01 08:53:12 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[2010/03/30 00:46:30 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/03/30 00:45:52 | 000,020,824 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/03/12 18:02:38 | 000,261,632 | ---- | M] () -- C:\WINDOWS\PEV.exe

========== Files Created - No Company Name ==========

[2010/04/10 16:14:07 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2010/04/10 16:14:01 | 000,260,272 | ---- | C] () -- C:\cmldr
[2010/04/10 14:55:54 | 000,000,548 | ---- | C] () -- C:\Documents and Settings\Michael\Desktop\Shortcut to mc303CF.exe.lnk
[2010/04/10 14:54:51 | 000,000,767 | ---- | C] () -- C:\Documents and Settings\Michael\Desktop\Shortcut to GrabCaptureScreen.exe.lnk
[2010/04/10 14:31:42 | 000,261,632 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010/04/10 14:31:42 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010/04/10 14:31:42 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010/04/10 14:31:42 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010/04/10 14:31:42 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010/04/10 10:46:38 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Michael\defogger_reenable
[2010/04/08 11:19:57 | 003,103,920 | ---- | C] () -- C:\Documents and Settings\Michael\My Documents\CubeCart-latest.zip
[2010/04/08 05:25:00 | 000,001,148 | ---- | C] () -- C:\Documents and Settings\Michael\My Documents\index.tpl
[2010/04/08 01:42:25 | 000,023,531 | ---- | C] () -- C:\Documents and Settings\Michael\Desktop\NEWZEALAND2a.jpg
[2010/04/08 01:39:39 | 000,000,814 | ---- | C] () -- C:\Documents and Settings\Michael\Desktop\Adobe Photoshop 7.0.lnk
[2010/04/08 01:39:03 | 000,000,986 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
[2010/04/08 00:48:18 | 000,000,426 | -H-- | C] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{F847089E-2516-4483-BFD6-9464CF58DF2D}.job
[2010/04/07 22:18:03 | 000,014,744 | ---- | C] () -- C:\Documents and Settings\Michael\Desktop\wedding2.jpg
[2010/04/07 22:12:10 | 000,024,763 | ---- | C] () -- C:\Documents and Settings\Michael\Desktop\1012876.jpg
[2010/04/07 21:54:02 | 000,000,680 | ---- | C] () -- C:\Documents and Settings\Michael\Desktop\Shortcut to WS_FTP95.exe.lnk
[2010/04/07 13:01:44 | 000,000,827 | ---- | C] () -- C:\Documents and Settings\Michael\Desktop\Arles Image Web Page Creator.lnk
[2010/04/07 11:16:05 | 000,000,780 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010/04/07 11:14:58 | 007,976,992 | ---- | C] () -- C:\Documents and Settings\Michael\Desktop\SUPERAntiSpyware.exe
[2010/04/06 21:24:28 | 000,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2010/04/06 19:41:36 | 000,827,762 | ---- | C] () -- C:\Documents and Settings\Michael\Desktop\Property Flyer -wk 1(7-11Apr10).pdf
[2010/04/06 19:31:20 | 000,318,067 | ---- | C] () -- C:\Documents and Settings\Michael\Desktop\HijackThis.zip
[2010/04/06 19:04:51 | 000,000,631 | ---- | C] () -- C:\Documents and Settings\Michael\Desktop\Shortcut to washer.lnk
[2010/04/06 18:57:39 | 000,000,690 | ---- | C] () -- C:\Documents and Settings\Michael\Desktop\SpywareBlaster.lnk
[2010/04/06 14:16:23 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\Michael\Local Settings\Application Data\housecall.guid.cache
[2010/04/06 14:13:33 | 000,002,445 | ---- | C] () -- C:\Documents and Settings\Michael\Desktop\HiJackThis.lnk
[2010/04/06 14:13:07 | 001,401,344 | ---- | C] () -- C:\Documents and Settings\Michael\Desktop\HijackThis.msi
[2010/04/06 14:05:13 | 000,000,174 | ---- | C] () -- C:\Documents and Settings\Michael\Desktop\DrWeb.csv
[2010/04/06 13:25:08 | 036,556,072 | ---- | C] () -- C:\Documents and Settings\Michael\Desktop\dr.exe
[2010/04/03 21:06:52 | 000,017,392 | ---- | C] () -- C:\Documents and Settings\Michael\My Documents\bitdefender.html
[2010/04/03 14:07:21 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/04/03 14:05:42 | 000,000,292 | ---- | C] () -- C:\WINDOWS\System\cmicnfg.ini
[2010/04/03 13:20:58 | 000,015,481 | ---- | C] () -- C:\Documents and Settings\Michael\My Documents\!Bm4v3k!CGk~$(KGrHqUH-DkEttFPlWZWBLhUB6Fw+g~~_12.jpg
[2010/04/03 01:34:35 | 036,249,912 | ---- | C] () -- C:\Documents and Settings\Michael\Desktop\drweb.exe
[2010/04/02 21:28:37 | 000,000,032 | -HS- | C] () -- C:\WINDOWS\{F13E0DEA-6950-47FB-A30D-4CC10BD0D92C}.dat
[2010/04/02 21:28:37 | 000,000,032 | -HS- | C] () -- C:\WINDOWS\System32\{EF0457F6-4E56-46B9-8783-B49EB463CC16}.dat
[2010/04/02 21:28:18 | 000,001,793 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Norton Personal Firewall.lnk
[2010/04/02 11:42:53 | 001,908,578 | ---- | C] () -- C:\Documents and Settings\Michael\My Documents\PD017.pdf
[2010/04/01 22:23:23 | 000,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2010/04/01 22:23:23 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2010/04/01 22:22:42 | 000,014,848 | ---- | C] () -- C:\Documents and Settings\Michael\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/04/01 13:21:58 | 000,002,155 | ---- | C] () -- C:\Documents and Settings\Michael\Desktop\310310 Letter Benefits Services MF.doc
[2010/04/01 12:31:28 | 000,000,578 | ---- | C] () -- C:\WINDOWS\tasks\AiO Home Center Registration Remind Task.job
[2010/04/01 12:27:13 | 000,000,775 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\KODAK AiO Home Centre.lnk
[2010/04/01 12:17:02 | 000,246,660 | ---- | C] () -- C:\Documents and Settings\Michael\Local Settings\Application Data\installer.log
[2010/04/01 11:39:56 | 000,068,063 | ---- | C] () -- C:\Documents and Settings\Michael\Desktop\topHeader1.jpg
[2010/04/01 09:54:10 | 000,000,710 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Keyring Creator 2.lnk
[2010/04/01 09:48:50 | 000,013,646 | ---- | C] () -- C:\WINDOWS\System32\wpa.bak
[2010/04/01 09:48:38 | 000,613,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.chm
[2010/04/01 09:48:38 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud7.wav
[2010/04/01 09:48:38 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud6.wav
[2010/04/01 09:48:38 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud9.wav
[2010/04/01 09:48:38 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud8.wav
[2010/04/01 09:48:38 | 000,086,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud5.wav
[2010/04/01 09:48:38 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud4.wav
[2010/04/01 09:48:38 | 000,010,457 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.hta
[2010/04/01 09:48:38 | 000,001,771 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.css
[2010/04/01 09:48:38 | 000,000,855 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpocm.inf
[2010/04/01 09:48:38 | 000,000,420 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmploc.js
[2010/04/01 09:48:37 | 000,354,468 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud1.wav
[2010/04/01 09:48:37 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud3.wav
[2010/04/01 09:48:37 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud2.wav
[2010/04/01 09:48:37 | 000,017,272 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmdm.inf
[2010/04/01 09:48:37 | 000,008,677 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm7.gif
[2010/04/01 09:48:37 | 000,007,892 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm9.gif
[2010/04/01 09:48:37 | 000,007,636 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm2.gif
[2010/04/01 09:48:37 | 000,007,369 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm4.gif
[2010/04/01 09:48:37 | 000,006,769 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmfsdk.inf
[2010/04/01 09:48:37 | 000,006,241 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm3.gif
[2010/04/01 09:48:37 | 000,006,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm6.gif
[2010/04/01 09:48:37 | 000,005,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm1.gif
[2010/04/01 09:48:37 | 000,004,193 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm8.gif
[2010/04/01 09:48:37 | 000,002,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm5.gif
[2010/04/01 09:48:35 | 000,300,969 | ---- | C] () -- C:\WINDOWS\System32\dllcache\viz.wmv
[2010/04/01 09:48:35 | 000,017,489 | ---- | C] () -- C:\WINDOWS\System32\dllcache\videobg.gif
[2010/04/01 09:48:35 | 000,005,290 | ---- | C] () -- C:\WINDOWS\System32\dllcache\vidsamp.gif
[2010/04/01 09:48:34 | 000,002,375 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplayh.gif
[2010/04/01 09:48:33 | 000,023,829 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tourbg.gif
[2010/04/01 09:48:33 | 000,003,187 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tour.js
[2010/04/01 09:48:33 | 000,002,469 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplay.gif
[2010/04/01 09:48:33 | 000,002,450 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpause.gif
[2010/04/01 09:48:33 | 000,002,371 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpauseh.gif
[2010/04/01 09:48:33 | 000,001,398 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taon.gif
[2010/04/01 09:48:33 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taonh.gif
[2010/04/01 09:48:33 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoff.gif
[2010/04/01 09:48:33 | 000,001,367 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoffh.gif
[2010/04/01 09:48:31 | 000,001,148 | ---- | C] () -- C:\WINDOWS\System32\dllcache\snd.htm
[2010/04/01 09:48:30 | 000,000,908 | ---- | C] () -- C:\WINDOWS\System32\dllcache\skins.inf
[2010/04/01 09:48:29 | 000,572,557 | ---- | C] () -- C:\WINDOWS\System32\dllcache\rtuner.wmv
[2010/04/01 09:48:28 | 000,077,307 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plyr_err.chm
[2010/04/01 09:48:27 | 000,375,519 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nuskin.wmv
[2010/04/01 09:48:27 | 000,022,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npds.zip
[2010/04/01 09:48:27 | 000,000,403 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npdrmv2.zip
[2010/04/01 09:48:26 | 000,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img
[2010/04/01 09:48:21 | 000,002,778 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogoh.gif
[2010/04/01 09:48:21 | 000,002,545 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogo.gif
[2010/04/01 09:48:20 | 000,097,117 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.hlp
[2010/04/01 09:48:20 | 000,018,286 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.inf
[2010/04/01 09:48:20 | 000,001,885 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.cnt
[2010/04/01 09:48:17 | 000,457,607 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mdlib.wmv
[2010/04/01 09:48:05 | 000,005,971 | ---- | C] () -- C:\WINDOWS\System32\dllcache\events.js
[2010/04/01 09:48:02 | 000,001,355 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2010/04/01 09:47:56 | 001,685,606 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.spd
[2010/04/01 09:47:56 | 000,605,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa
[2010/04/01 09:47:56 | 000,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty
[2010/04/01 09:47:56 | 000,000,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.sdf
[2010/04/01 09:47:55 | 000,643,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa
[2010/04/01 09:47:55 | 000,381,425 | ---- | C] () -- C:\WINDOWS\System32\dllcache\copycd.wmv
[2010/04/01 09:47:55 | 000,009,585 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.css
[2010/04/01 09:47:55 | 000,008,298 | ---- | C] () -- C:\WINDOWS\System32\dllcache\contents.htm
[2010/04/01 09:47:55 | 000,006,878 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.js
[2010/04/01 09:47:55 | 000,000,999 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bktrh.gif
[2010/04/01 09:47:55 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnth.gif
[2010/04/01 09:47:55 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnt.gif
[2010/04/01 09:47:55 | 000,000,772 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cntd.gif
[2010/04/01 09:47:55 | 000,000,760 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapph.gif
[2010/04/01 09:47:55 | 000,000,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapp.gif
[2010/04/01 09:47:53 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28603.nls
[2010/04/01 09:47:53 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28603.nls
[2010/04/01 09:47:52 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_857.nls
[2010/04/01 09:47:52 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_857.nls
[2010/04/01 09:47:52 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28599.nls
[2010/04/01 09:47:52 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28599.nls
[2010/04/01 09:47:52 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10081.nls
[2010/04/01 09:47:52 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10081.nls
[2010/04/01 09:47:50 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28595.nls
[2010/04/01 09:47:50 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28595.NLS
[2010/04/01 09:47:50 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10017.nls
[2010/04/01 09:47:50 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10017.nls
[2010/04/01 09:47:50 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10007.nls
[2010/04/01 09:47:50 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10007.nls
[2010/04/01 09:47:48 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_869.nls
[2010/04/01 09:47:48 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_869.nls
[2010/04/01 09:47:48 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_737.nls
[2010/04/01 09:47:48 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_737.nls
[2010/04/01 09:47:48 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_875.nls
[2010/04/01 09:47:48 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_875.nls
[2010/04/01 09:47:48 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28597.nls
[2010/04/01 09:47:48 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28597.NLS
[2010/04/01 09:47:48 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10006.nls
[2010/04/01 09:47:48 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10006.nls
[2010/04/01 09:47:47 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_866.nls
[2010/04/01 09:47:47 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_866.nls
[2010/04/01 09:47:47 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_855.nls
[2010/04/01 09:47:47 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_855.nls
[2010/04/01 09:47:47 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28594.nls
[2010/04/01 09:47:47 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28594.NLS
[2010/04/01 09:47:45 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_852.nls
[2010/04/01 09:47:45 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_852.nls
[2010/04/01 09:47:45 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10082.nls
[2010/04/01 09:47:45 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10082.nls
[2010/04/01 09:47:45 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10029.nls
[2010/04/01 09:47:45 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10029.nls
[2010/04/01 09:47:45 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10010.nls
[2010/04/01 09:47:45 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10010.nls
[2010/04/01 09:47:44 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20127.nls
[2010/04/01 09:47:44 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_20127.nls
[2010/04/01 09:47:40 | 000,001,688 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2010/04/01 09:47:28 | 001,042,903 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP2.CAT
[2010/04/01 09:47:28 | 000,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2010/04/01 09:47:28 | 000,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2010/04/01 09:47:28 | 000,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2010/04/01 09:47:28 | 000,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2010/04/01 09:47:28 | 000,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2010/04/01 09:47:28 | 000,007,382 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2010/04/01 09:47:28 | 000,007,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat
[2010/04/01 09:46:44 | 000,095,072 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/04/01 09:46:08 | 000,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod
[2010/04/01 09:45:47 | 000,000,261 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf
[2010/04/01 09:37:16 | 000,000,281 | RHS- | C] () -- C:\boot.ini
[2010/04/01 09:16:43 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\Symantec NetDetect.job
[2010/04/01 09:16:10 | 000,000,032 | -HS- | C] () -- C:\WINDOWS\System32\{DE22D068-8219-41C3-AE36-5E3813B59FC9}.dat
[2010/04/01 09:16:10 | 000,000,032 | -HS- | C] () -- C:\WINDOWS\{79CB7DF4-0E71-40E6-9FB5-CD8648B871B0}.dat
[2010/04/01 09:16:05 | 000,000,014 | ---- | C] () -- C:\WINDOWS\System32\SR2.dat
[2010/04/01 09:14:29 | 000,001,925 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Norton AntiVirus 2003 Professional Edition.lnk
[2010/04/01 09:14:27 | 000,123,619 | ---- | C] () -- C:\WINDOWS\System32\SYMEVNT.386
[2010/04/01 09:04:10 | 000,001,024 | -H-- | C] () -- C:\Documents and Settings\Michael\ntuser.dat.LOG
[2010/04/01 09:04:10 | 000,000,178 | -HS- | C] () -- C:\Documents and Settings\Michael\ntuser.ini
[2010/04/01 09:04:09 | 003,145,728 | -H-- | C] () -- C:\Documents and Settings\Michael\NTUSER.DAT
[2010/04/01 09:02:43 | 000,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2010/04/01 09:01:44 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010/04/01 09:01:36 | 000,028,288 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xjis.nls
[2010/04/01 09:00:54 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prcp.nls
[2010/04/01 09:00:54 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prc.nls
[2010/04/01 09:00:52 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2010/04/01 09:00:27 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2010/04/01 09:00:27 | 000,047,066 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ksc.nls
[2010/04/01 09:00:17 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2010/04/01 09:00:16 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2010/04/01 09:00:13 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2010/04/01 09:00:04 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2010/04/01 08:59:59 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2010/04/01 08:59:39 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2010/04/01 08:59:35 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_870.nls
[2010/04/01 08:59:34 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_864.nls
[2010/04/01 08:59:34 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_862.nls
[2010/04/01 08:59:34 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_858.nls
[2010/04/01 08:59:34 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_720.nls
[2010/04/01 08:59:34 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_708.nls
[2010/04/01 08:59:33 | 000,180,770 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20932.nls
[2010/04/01 08:59:33 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20949.nls
[2010/04/01 08:59:33 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20936.nls
[2010/04/01 08:59:33 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28596.nls
[2010/04/01 08:59:33 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21027.nls
[2010/04/01 08:59:33 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21025.nls
[2010/04/01 08:59:32 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20924.nls
[2010/04/01 08:59:32 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20880.nls
[2010/04/01 08:59:32 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20871.nls
[2010/04/01 08:59:32 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20838.nls
[2010/04/01 08:59:32 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20833.nls
[2010/04/01 08:59:32 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20424.nls
[2010/04/01 08:59:32 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20423.nls
[2010/04/01 08:59:32 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20420.nls
[2010/04/01 08:59:32 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20297.nls
[2010/04/01 08:59:31 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20290.nls
[2010/04/01 08:59:31 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20285.nls
[2010/04/01 08:59:31 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20284.nls
[2010/04/01 08:59:31 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20280.nls
[2010/04/01 08:59:31 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20278.nls
[2010/04/01 08:59:31 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20277.nls
[2010/04/01 08:59:31 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20273.nls
[2010/04/01 08:59:31 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20269.nls
[2010/04/01 08:59:30 | 000,187,938 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20005.nls
[2010/04/01 08:59:30 | 000,185,378 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20003.nls
[2010/04/01 08:59:30 | 000,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20004.nls
[2010/04/01 08:59:30 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20002.nls
[2010/04/01 08:59:30 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20108.nls
[2010/04/01 08:59:30 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20107.nls
[2010/04/01 08:59:30 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20106.nls
[2010/04/01 08:59:30 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20105.nls
[2010/04/01 08:59:29 | 000,189,986 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1361.nls
[2010/04/01 08:59:29 | 000,186,402 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20001.nls
[2010/04/01 08:59:29 | 000,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20000.nls
[2010/04/01 08:59:29 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1149.nls
[2010/04/01 08:59:29 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1148.nls
[2010/04/01 08:59:29 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1147.nls
[2010/04/01 08:59:28 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1146.nls
[2010/04/01 08:59:28 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1145.nls
[2010/04/01 08:59:28 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1144.nls
[2010/04/01 08:59:28 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1143.nls
[2010/04/01 08:59:28 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1142.nls
[2010/04/01 08:59:28 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1141.nls
[2010/04/01 08:59:28 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1140.nls
[2010/04/01 08:59:28 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1047.nls
[2010/04/01 08:59:27 | 000,195,618 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10002.nls
[2010/04/01 08:59:27 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10003.nls
[2010/04/01 08:59:27 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10008.nls
[2010/04/01 08:59:27 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10021.nls
[2010/04/01 08:59:27 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10005.nls
[2010/04/01 08:59:27 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10004.nls
[2010/04/01 08:59:26 | 000,162,850 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10001.nls
[2010/04/01 08:59:26 | 000,082,172 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bopomofo.nls
[2010/04/01 08:59:26 | 000,066,728 | ---- | C] () -- C:\WINDOWS\System32\dllcache\big5.nls
[2010/04/01 08:58:49 | 000,002,577 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/04/01 08:58:49 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2010/04/01 08:58:49 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2010/04/01 08:58:49 | 000,000,000 | ---- | C] () -- C:\CONFIG.SYS
[2010/04/01 08:58:49 | 000,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT
[2010/04/01 08:58:41 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2010/04/01 08:58:41 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2010/04/01 08:58:39 | 000,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2010/04/01 08:57:28 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\WindowsLogon.manifest
[2010/04/01 08:57:28 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2010/04/01 08:57:20 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2010/04/01 08:57:20 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\WindowsShell.Manifest
[2010/04/01 08:57:20 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2010/04/01 08:57:20 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2010/04/01 08:57:20 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2010/04/01 08:57:20 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2010/04/01 08:57:02 | 004,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex
[2010/04/01 08:56:38 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2010/04/01 08:56:38 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2010/04/01 08:56:33 | 000,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf
[2010/04/01 08:55:56 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010/04/01 08:54:41 | 000,065,978 | ---- | C] () -- C:\WINDOWS\Soap Bubbles.bmp
[2010/04/01 08:54:41 | 000,065,954 | ---- | C] () -- C:\WINDOWS\Prairie Wind.bmp
[2010/04/01 08:54:41 | 000,065,832 | ---- | C] () -- C:\WINDOWS\Santa Fe Stucco.bmp
[2010/04/01 08:54:41 | 000,026,680 | ---- | C] () -- C:\WINDOWS\River Sumida.bmp
[2010/04/01 08:54:41 | 000,026,582 | ---- | C] () -- C:\WINDOWS\Greenstone.bmp
[2010/04/01 08:54:41 | 000,017,362 | ---- | C] () -- C:\WINDOWS\Rhododendron.bmp
[2010/04/01 08:54:41 | 000,017,336 | ---- | C] () -- C:\WINDOWS\Gone Fishing.bmp
[2010/04/01 08:54:41 | 000,017,062 | ---- | C] () -- C:\WINDOWS\Coffee Bean.bmp
[2010/04/01 08:54:41 | 000,016,730 | ---- | C] () -- C:\WINDOWS\FeatherTexture.bmp
[2010/04/01 08:54:41 | 000,009,522 | ---- | C] () -- C:\WINDOWS\Zapotec.bmp
[2010/04/01 08:54:41 | 000,001,272 | ---- | C] () -- C:\WINDOWS\Blue Lace 16.bmp
[2010/04/01 08:54:40 | 000,093,702 | ---- | C] () -- C:\WINDOWS\System32\subrange.uce
[2010/04/01 08:54:40 | 000,060,458 | ---- | C] () -- C:\WINDOWS\System32\ideograf.uce
[2010/04/01 08:54:40 | 000,024,006 | ---- | C] () -- C:\WINDOWS\System32\gb2312.uce
[2010/04/01 08:54:40 | 000,022,984 | ---- | C] () -- C:\WINDOWS\System32\bopomofo.uce
[2010/04/01 08:54:40 | 000,016,740 | ---- | C] () -- C:\WINDOWS\System32\shiftjis.uce
[2010/04/01 08:54:40 | 000,012,876 | ---- | C] () -- C:\WINDOWS\System32\korean.uce
[2010/04/01 08:54:40 | 000,008,484 | ---- | C] () -- C:\WINDOWS\System32\kanji_2.uce
[2010/04/01 08:54:40 | 000,006,948 | ---- | C] () -- C:\WINDOWS\System32\kanji_1.uce
[2010/04/01 08:54:39 | 000,001,161 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2010/04/01 08:54:38 | 000,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h
[2010/04/01 08:54:38 | 000,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h
[2010/04/01 08:54:33 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc
[2009/01/05 15:44:10 | 000,000,453 | ---- | C] () -- C:\WINDOWS\bdoscandellang.ini
[2003/02/18 18:26:28 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\cmirmdrv.dll
< End of report >

#15 mc303

mc303
  • Topic Starter

  • Members
  • 56 posts
  • OFFLINE
  •  
  • Local time:08:55 PM

Posted 10 April 2010 - 01:53 PM

Hi i am not getting the option to add reply, i hope this works
Part 1
All processes killed
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Cmaudio deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\KernelFaultCheck not found.
Registry value HKEY_USERS\S-1-5-21-1275210071-507921405-1343024091-1004\Software\Microsoft\Windows\CurrentVersion\Run\\Washer deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce\\washindex deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34 deleted successfully.
========== FILES ==========
C:\WINDOWS\Dkyqya.exe moved successfully.
========== REGISTRY ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus\\"DisableMonitoring" | 0 /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall\\"DisableMonitoring" | 0 /E : value set successfully!
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32835 bytes

User: Michael
->Temp folder emptied: 148992 bytes
->Temporary Internet Files folder emptied: 15811193 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 14825 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2162283 bytes
%systemroot%\System32 .tmp files removed: 2577 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 17.00 mb


OTL by OldTimer - Version 3.2.1.0 log created on 04102010_171408

Files\Folders moved on Reboot...
File\Folder C:\Documents and Settings\Michael\Local Settings\Temp\~DFBA3B.tmp not found!
File\Folder C:\Documents and Settings\Michael\Local Settings\Temp\~DFBA61.tmp not found!
File\Folder C:\Documents and Settings\Michael\Local Settings\Temp\~DFBD68.tmp not found!
File\Folder C:\Documents and Settings\Michael\Local Settings\Temp\~DFBD79.tmp not found!
File\Folder C:\Documents and Settings\Michael\Local Settings\Temp\~DFBEA8.tmp not found!
File\Folder C:\Documents and Settings\Michael\Local Settings\Temp\~DFBEB9.tmp not found!
C:\Documents and Settings\Michael\Local Settings\Temporary Internet Files\Content.IE5\TO0ZCUZK\iframe[1].htm moved successfully.
C:\Documents and Settings\Michael\Local Settings\Temporary Internet Files\Content.IE5\TO0ZCUZK\mail[1].htm moved successfully.
C:\Documents and Settings\Michael\Local Settings\Temporary Internet Files\Content.IE5\TO0ZCUZK\mail[2].htm moved successfully.
C:\Documents and Settings\Michael\Local Settings\Temporary Internet Files\Content.IE5\TO0ZCUZK\topic307610[1].htm moved successfully.
C:\Documents and Settings\Michael\Local Settings\Temporary Internet Files\Content.IE5\PA5K37CQ\bind[1].htm moved successfully.
C:\Documents and Settings\Michael\Local Settings\Temporary Internet Files\Content.IE5\PA5K37CQ\mail[1].htm moved successfully.
C:\Documents and Settings\Michael\Local Settings\Temporary Internet Files\Content.IE5\HS4ALD4T\mail[1].htm moved successfully.
C:\Documents and Settings\Michael\Local Settings\Temporary Internet Files\Content.IE5\59MKW1HT\google_co_uk[2].htm moved successfully.
C:\Documents and Settings\Michael\Local Settings\Temporary Internet Files\Content.IE5\59MKW1HT\mail[1].htm moved successfully.
C:\Documents and Settings\Michael\Local Settings\Temporary Internet Files\Content.IE5\59MKW1HT\search[4].htm moved successfully.
C:\Documents and Settings\Michael\Local Settings\Temporary Internet Files\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully.
C:\Documents and Settings\Michael\Local Settings\Temporary Internet Files\SuggestedSites.dat moved successfully.

Registry entries deleted on Reboot...


Part 2
OTL logfile created on: 10/04/2010 17:19:12 - Run 2
OTL by OldTimer - Version 3.2.1.0 Folder = C:\Documents and Settings\Michael\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

511.00 Mb Total Physical Memory | 176.00 Mb Available Physical Memory | 34.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 75.00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.26 Gb Total Space | 27.52 Gb Free Space | 73.86% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: SPURS
Current User Name: Michael
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/04/07 00:48:40 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Michael\Desktop\OTL.exe
PRC - [2009/08/05 12:49:44 | 000,284,016 | ---- | M] (Eastman Kodak Company) -- C:\Program Files\Kodak\AiO\Center\ekdiscovery.exe
PRC - [2009/08/03 09:33:06 | 001,626,112 | ---- | M] (Eastman Kodak Company) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\EKIJ5000MUI.exe
PRC - [2008/04/14 01:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2004/11/02 16:59:50 | 000,316,544 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
PRC - [2002/11/14 19:41:26 | 000,116,336 | ---- | M] (Symantec Corporation) -- C:\Program Files\Norton AntiVirus\NAVAPSVC.EXE
PRC - [2002/09/14 20:23:52 | 000,140,992 | ---- | M] (Symantec Corporation) -- C:\Program Files\Norton Personal Firewall\NISUM.EXE
PRC - [2002/09/14 20:22:26 | 000,034,496 | ---- | M] (Symantec Corporation) -- C:\Program Files\Norton Personal Firewall\ccPxySvc.exe
PRC - [2002/09/14 20:21:22 | 000,054,976 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccApp.exe
PRC - [2002/09/12 19:52:38 | 000,317,128 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
PRC - [2002/08/14 06:03:00 | 000,135,168 | ---- | M] (Symantec Corporation) -- C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE


========== Modules (SafeList) ==========

MOD - [2010/04/07 00:48:40 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Michael\Desktop\OTL.exe


========== Win32 Services (SafeList) ==========

SRV - [2009/08/05 12:49:44 | 000,284,016 | ---- | M] (Eastman Kodak Company) [Auto | Running] -- C:\Program Files\Kodak\AiO\Center\ekdiscovery.exe -- (Kodak AiO Network Discovery Service)
SRV - [2004/11/02 16:59:50 | 000,316,544 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe -- (SymWSC)
SRV - [2002/11/14 19:41:26 | 000,116,336 | ---- | M] (Symantec Corporation) [On_Demand | Running] -- C:\Program Files\Norton AntiVirus\NAVAPSVC.EXE -- (navapsvc)
SRV - [2002/09/14 20:23:52 | 000,140,992 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton Personal Firewall\NISUM.EXE -- (NISUM)
SRV - [2002/09/14 20:22:26 | 000,034,496 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton Personal Firewall\ccPxySvc.exe -- (ccPxySvc)
SRV - [2002/09/14 20:22:20 | 000,067,264 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe -- (ccPwdSvc)
SRV - [2002/09/12 19:52:38 | 000,317,128 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe -- (ccEvtMgr)
SRV - [2002/08/14 06:03:00 | 000,135,168 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE -- (NProtectService)
SRV - [2001/08/13 23:18:36 | 000,054,408 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\Script Blocking\SBServ.exe -- (SBService)


========== Driver Services (SafeList) ==========

DRV - [2010/03/29 09:01:34 | 001,324,720 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20100331.005\NAVEX15.SYS -- (NAVEX15)
DRV - [2010/03/29 09:01:34 | 000,084,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20100331.005\NAVENG.SYS -- (NAVENG)
DRV - [2010/02/17 11:25:50 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2010/02/17 11:15:58 | 000,066,632 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/02/17 11:15:58 | 000,012,872 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2008/04/13 19:45:29 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2004/08/03 22:31:20 | 000,036,224 | ---- | M] (ADMtek Incorporated.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\an983.sys -- (AN983)
DRV - [2003/09/18 13:47:56 | 000,035,552 | ---- | M] (Symantec Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\SAVRTPEL.SYS -- (SAVRTPEL)
DRV - [2003/09/18 13:47:48 | 000,235,744 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SAVRT.SYS -- (SAVRT)
DRV - [2002/09/14 20:54:22 | 000,073,640 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Symantec\SYMEVENT.SYS -- (SymEvent)
DRV - [2002/09/14 19:12:56 | 000,233,496 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\symtdi.sys -- (SYMTDI)
DRV - [2002/09/14 19:12:52 | 000,015,672 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\symredrv.sys -- (SYMREDRV)
DRV - [2002/09/14 19:12:40 | 000,094,232 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SymIDSCo.sys -- (SYMIDSCO)
DRV - [2002/09/14 19:12:36 | 000,039,160 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\symids.sys -- (SYMIDS)
DRV - [2002/09/14 19:12:30 | 000,049,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\symndis.sys -- (SYMNDIS)
DRV - [2002/09/14 19:12:26 | 000,138,072 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\symfw.sys -- (SYMFW)
DRV - [2002/09/14 19:12:20 | 000,011,064 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\symdns.sys -- (SYMDNS)
DRV - [2002/08/14 06:03:00 | 000,034,578 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NPDRIVER.SYS -- (NPDriver)
DRV - [2001/08/17 13:50:56 | 000,050,432 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SiSV.sys -- (SiSV)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1275210071-507921405-1343024091-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
IE - HKU\S-1-5-21-1275210071-507921405-1343024091-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



O1 HOSTS File: ([2004/08/04 13:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (CNavExtBho Class) - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NAVSHEXT.DLL (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Norton AntiVirus) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NAVSHEXT.DLL (Symantec Corporation)
O3 - HKU\S-1-5-21-1275210071-507921405-1343024091-1004\..\Toolbar\WebBrowser: (Norton AntiVirus) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NAVSHEXT.DLL (Symantec Corporation)
O4 - HKLM..\Run: [Advanced Tools Check] C:\Program Files\Norton AntiVirus\AdvTools\AdvChk.exe (Symantec Corporation)
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [ccRegVfy] C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe (Symantec Corporation)
O4 - HKLM..\Run: [Conime] C:\WINDOWS\system32\conime.exe (Microsoft Corporation)
O4 - HKLM..\Run: [EKIJ5000StatusMonitor] C:\WINDOWS\system32\spool\drivers\w32x86\3\EKIJ5000MUI.exe (Eastman Kodak Company)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1275210071-507921405-1343024091-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1275210071-507921405-1343024091-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1275210071-507921405-1343024091-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1275210071-507921405-1343024091-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/e/2...78f/wvc1dmo.cab (Reg Error: Key error.)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://download.bitdefender.com/resources/...can8/oscan8.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} http://tools.ebayimg.com/eps/wl/activex/eB...l_v1-0-31-0.cab (EPUImageControl Class)
O16 - DPF: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/get/shock...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/04/01 08:58:49 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/04/10 17:14:08 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/04/10 16:14:00 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010/04/10 16:12:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael\Local Settings\Application Data\Help
[2010/04/10 16:12:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael\Application Data\Help
[2010/04/10 14:55:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael\Application Data\GrabCaptureScreen
[2010/04/10 14:54:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael\My Documents\GrabCaptureScreen
[2010/04/10 14:31:42 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010/04/10 14:31:42 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010/04/10 14:31:42 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010/04/10 14:31:42 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010/04/10 14:31:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/04/10 14:30:58 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010/04/10 10:43:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael\Desktop\bleep
[2010/04/08 11:23:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael\My Documents\CubeCart-latest
[2010/04/08 01:40:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\kds_kodak
[2010/04/08 01:35:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael\My Documents\Adobe Photoshop 7.0
[2010/04/07 22:51:44 | 000,569,344 | ---- | C] (UtahSoft) -- C:\Documents and Settings\Michael\Desktop\icrop.exe
[2010/04/07 19:20:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael\Desktop\New Folder
[2010/04/07 16:30:55 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Michael\IECompatCache
[2010/04/07 16:23:33 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2010/04/07 16:15:31 | 000,000,000 | ---D | C] -- C:\Program Files\Moyea
[2010/04/07 16:11:13 | 016,883,056 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Michael\Desktop\IE8-WindowsXP-x86-ENU.exe
[2010/04/07 14:31:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael\My Documents\prods
[2010/04/07 14:29:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael\My Documents\ws_ftple508
[2010/04/07 13:01:36 | 000,000,000 | ---D | C] -- C:\Program Files\Digital Dutch
[2010/04/07 13:01:25 | 002,244,968 | ---- | C] (Digital Dutch ) -- C:\Documents and Settings\Michael\My Documents\arles586.exe
[2010/04/07 11:49:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael\Desktop\prods
[2010/04/07 11:16:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2010/04/07 11:15:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael\Application Data\SUPERAntiSpyware.com
[2010/04/07 11:15:59 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2010/04/07 11:15:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2010/04/07 00:48:34 | 000,561,664 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Michael\Desktop\OTL.exe
[2010/04/06 21:23:58 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2010/04/06 19:40:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael\Local Settings\Application Data\Adobe
[2010/04/06 19:39:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2010/04/06 19:32:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael\Desktop\HijackThis
[2010/04/06 18:57:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/04/06 18:57:36 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSSTDFMT.DLL
[2010/04/06 18:57:29 | 000,000,000 | ---D | C] -- C:\Program Files\SpywareBlaster
[2010/04/06 18:56:22 | 003,012,768 | ---- | C] (Javacool Software LLC ) -- C:\Documents and Settings\Michael\Desktop\spywareblastersetup42.exe
[2010/04/06 14:16:16 | 001,840,232 | ---- | C] (Trend Micro) -- C:\Documents and Settings\Michael\Desktop\HousecallLauncher.exe
[2010/04/06 14:13:32 | 000,000,000 | ---D | C] -- C:\Program Files\TrendMicro
[2010/04/05 15:11:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael\Local Settings\Application Data\Identities
[2010/04/05 13:30:28 | 000,007,552 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\sonypvu1.sys
[2010/04/04 19:28:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael\My Documents\Washer
[2010/04/04 13:08:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael\Desktop\whole
[2010/04/03 14:07:21 | 000,020,824 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/04/03 14:07:18 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/04/03 14:07:17 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/04/03 13:17:27 | 000,006,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\splitter.sys
[2010/04/03 13:17:23 | 000,083,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wdmaud.sys
[2010/04/03 13:17:20 | 000,052,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmusic.sys
[2010/04/03 13:17:16 | 000,056,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swmidi.sys
[2010/04/03 13:17:14 | 000,142,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aec.sys
[2010/04/03 13:17:12 | 000,172,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kmixer.sys
[2010/04/03 13:17:10 | 000,002,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmkaud.sys
[2010/04/03 13:17:07 | 000,060,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sysaudio.sys
[2010/04/03 13:17:05 | 000,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mskssrv.sys
[2010/04/03 13:17:04 | 000,004,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspqm.sys
[2010/04/03 13:17:02 | 000,005,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspclock.sys
[2010/04/03 13:16:11 | 000,146,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\portcls.sys
[2010/04/03 13:16:11 | 000,146,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\portcls.sys
[2010/04/03 13:16:11 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksuser.dll
[2010/04/03 13:16:11 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksuser.dll
[2010/04/03 13:16:10 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksproxy.ax
[2010/04/03 13:16:10 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksproxy.ax
[2010/04/03 13:16:08 | 000,060,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmk.sys
[2010/04/03 13:16:08 | 000,060,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmk.sys
[2010/04/03 12:17:59 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidserv.dll
[2010/04/03 12:17:54 | 000,014,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhid.sys
[2010/04/03 10:53:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2010/04/03 10:19:12 | 000,594,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2010/04/03 10:19:11 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2010/04/03 10:19:01 | 001,985,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2010/04/03 00:06:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael\Local Settings\Application Data\PCHealth
[2010/04/02 21:28:03 | 000,000,000 | ---D | C] -- C:\Program Files\Norton Personal Firewall
[2010/04/02 19:15:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2010/04/02 19:15:11 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2010/04/02 19:14:51 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2010/04/02 19:14:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\BDOSCAN8
[2010/04/02 19:12:24 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\prntvpt.dll
[2010/04/02 19:12:23 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\printfilterpipelinesvc.exe
[2010/04/02 19:12:23 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\filterpipelineprintproc.dll
[2010/04/02 19:12:21 | 000,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpsshhdr.dll
[2010/04/02 19:12:20 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpssvcs.dll
[2010/04/02 19:12:20 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpssvcs.dll
[2010/04/02 19:03:41 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Michael\PrivacIE
[2010/04/02 18:52:45 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Michael\IETldCache
[2010/04/02 18:50:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2010/04/02 18:47:27 | 002,876,728 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Michael\My Documents\mbam-setup.exe
[2010/04/02 11:54:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2010/04/02 11:52:59 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2010/04/02 11:15:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael\DoctorWeb
[2010/04/02 11:00:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael\Application Data\Malwarebytes
[2010/04/02 11:00:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/04/02 09:55:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun
[2010/04/02 09:25:36 | 015,819,658 | ---- | C] (Plastics Direct ) -- C:\Documents and Settings\Michael\Desktop\kc2_designs.exe
[2010/04/02 09:00:53 | 012,991,848 | ---- | C] (Opera Software ASA) -- C:\Documents and Settings\Michael\My Documents\Opera_1051_int_Setup.exe
[2010/04/02 08:56:02 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jscript.dll
[2010/04/02 08:55:34 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2010/04/01 23:41:03 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\browserchoice.exe
[2010/04/01 22:45:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael\My Documents\shem
[2010/04/01 22:23:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael\Application Data\Media Player Classic
[2010/04/01 22:23:20 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcr71.dll
[2010/04/01 22:23:19 | 000,000,000 | ---D | C] -- C:\Program Files\K-Lite Codec Pack
[2010/04/01 17:17:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2010/04/01 17:16:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2010/04/01 16:47:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\RegisteredPackages
[2010/04/01 16:45:45 | 025,740,144 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Michael\Desktop\wmp11-windowsxp-x86-enu.exe
[2010/04/01 16:41:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-us
[2010/04/01 16:40:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting
[2010/04/01 16:40:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2010/04/01 16:40:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en
[2010/04/01 16:40:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2010/04/01 16:31:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2010/04/01 16:29:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups
[2010/04/01 16:24:20 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2010/04/01 16:24:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\EHome
[2010/04/01 16:15:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2010/04/01 13:34:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2010/04/01 12:30:25 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wiafbdrv.dll
[2010/04/01 12:30:25 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wiafbdrv.dll
[2010/04/01 12:27:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael\Local Settings\Application Data\KODAK
[2010/04/01 12:27:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael\Local Settings\Application Data\Eastman Kodak Company
[2010/04/01 12:27:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Eastman Kodak Company
[2010/04/01 12:26:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\kodak
[2010/04/01 12:25:51 | 000,405,504 | ---- | C] (Eastman Kodak Company) -- C:\WINDOWS\System32\EKIJ5000MON.dll
[2010/04/01 12:25:51 | 000,126,976 | ---- | C] (Eastman Kodak Company) -- C:\WINDOWS\System32\EKIJCOINST05.dll
[2010/04/01 12:25:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
[2010/04/01 12:25:17 | 000,000,000 | ---D | C] -- C:\Program Files\Kodak
[2010/04/01 12:24:49 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2010/04/01 12:24:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple
[2010/04/01 12:23:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Kodak
[2010/04/01 12:22:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael\Application Data\Temp
[2010/04/01 12:20:13 | 000,000,000 | R-SD | C] -- C:\WINDOWS\assembly
[2010/04/01 12:19:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET
[2010/04/01 12:02:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael\Application Data\Macromedia
[2010/04/01 12:02:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael\Application Data\Adobe
[2010/04/01 11:43:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun
[2010/04/01 11:43:31 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010/04/01 11:43:05 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deploytk.dll
[2010/04/01 11:43:05 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010/04/01 11:43:05 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010/04/01 11:43:05 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010/04/01 11:43:05 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010/04/01 11:42:43 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2010/04/01 11:42:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael\Application Data\Sun
[2010/04/01 09:54:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael\Local Settings\Application Data\Plastics Direct
[2010/04/01 09:54:08 | 000,000,000 | ---D | C] -- C:\Program Files\Keyring Creator 2
[2010/04/01 09:50:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael\Desktop\KEYS
[2010/04/01 09:49:40 | 000,157,696 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\SiSV256.dll
[2010/04/01 09:49:36 | 000,050,432 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\drivers\SiSV.sys
[2010/04/01 09:49:26 | 000,010,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\gameenum.sys
[2010/04/01 09:49:07 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\usbui.dll
[2010/04/01 09:48:36 | 000,025,471 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\watv10nt.sys
[2010/04/01 09:48:36 | 000,022,271 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\watv06nt.sys
[2010/04/01 09:48:36 | 000,011,935 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\wadv11nt.sys
[2010/04/01 09:48:36 | 000,011,871 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\wadv09nt.sys
[2010/04/01 09:48:36 | 000,011,807 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\wadv07nt.sys
[2010/04/01 09:48:36 | 000,011,295 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\wadv08nt.sys
[2010/04/01 09:48:31 | 000,013,240 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slwdmsup.sys
[2010/04/01 09:48:30 | 000,404,990 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slntamr.sys
[2010/04/01 09:48:30 | 000,129,535 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnt7554.sys
[2010/04/01 09:48:30 | 000,095,424 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnthal.sys
[2010/04/01 09:48:29 | 000,166,912 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\drivers\s3gnbm.sys
[2010/04/01 09:48:28 | 000,013,776 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\recagent.sys
[2010/04/01 09:48:27 | 001,897,408 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\drivers\nv4_mini.sys
[2010/04/01 09:48:27 | 000,180,360 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\ntmtlfax.sys
[2010/04/01 09:48:25 | 001,309,184 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlstrm.sys
[2010/04/01 09:48:25 | 000,452,736 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\drivers\mtxparhm.sys
[2010/04/01 09:48:25 | 000,126,686 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlmnt5.sys
[2010/04/01 09:47:59 | 000,000,000 | -HSD | C] -- C:\WINDOWS\Installer
[2010/04/01 09:47:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC
[2010/04/01 09:47:57 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spcommon.dll
[2010/04/01 09:47:57 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spcplui.dll
[2010/04/01 09:47:56 | 000,774,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spttseng.dll
[2010/04/01 09:47:55 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapisvr.exe
[2010/04/01 09:47:55 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeechEngines
[2010/04/01 09:47:54 | 000,000,000 | R--D | C] -- C:\Program Files
[2010/04/01 09:47:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Shared
[2010/04/01 09:47:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files
[2010/04/01 09:47:52 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuq.dll
[2010/04/01 09:47:52 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuf.dll
[2010/04/01 09:47:52 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtuq.dll
[2010/04/01 09:47:52 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtuf.dll
[2010/04/01 09:47:52 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdazel.dll
[2010/04/01 09:47:52 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdazel.dll
[2010/04/01 09:47:50 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycc.dll
[2010/04/01 09:47:50 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbduzb.dll
[2010/04/01 09:47:50 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdur.dll
[2010/04/01 09:47:50 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtat.dll
[2010/04/01 09:47:50 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru1.dll
[2010/04/01 09:47:50 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru.dll
[2010/04/01 09:47:50 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmon.dll
[2010/04/01 09:47:50 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkyr.dll
[2010/04/01 09:47:50 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkaz.dll
[2010/04/01 09:47:50 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbu.dll
[2010/04/01 09:47:50 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdblr.dll
[2010/04/01 09:47:50 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdaze.dll
[2010/04/01 09:47:50 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdycc.dll
[2010/04/01 09:47:50 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbduzb.dll
[2010/04/01 09:47:50 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdur.dll
[2010/04/01 09:47:50 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtat.dll
[2010/04/01 09:47:50 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdru1.dll
[2010/04/01 09:47:50 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdru.dll
[2010/04/01 09:47:50 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdmon.dll
[2010/04/01 09:47:50 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkyr.dll
[2010/04/01 09:47:50 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkaz.dll
[2010/04/01 09:47:50 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdbu.dll
[2010/04/01 09:47:50 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdblr.dll
[2010/04/01 09:47:50 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdaze.dll
[2010/04/01 09:47:48 | 000,008,192 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhept.dll
[2010/04/01 09:47:48 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhept.dll
[2010/04/01 09:47:48 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela3.dll
[2010/04/01 09:47:48 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhela3.dll
[2010/04/01 09:47:48 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela2.dll
[2010/04/01 09:47:48 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdgkl.dll
[2010/04/01 09:47:48 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhela2.dll
[2010/04/01 09:47:48 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgkl.dll
[2010/04/01 09:47:48 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe319.dll
[2010/04/01 09:47:48 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe220.dll
[2010/04/01 09:47:48 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe.dll
[2010/04/01 09:47:48 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe319.dll
[2010/04/01 09:47:48 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe220.dll
[2010/04/01 09:47:48 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe.dll
[2010/04/01 09:47:47 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv1.dll
[2010/04/01 09:47:47 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv.dll
[2010/04/01 09:47:47 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdest.dll
[2010/04/01 09:47:47 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlv1.dll
[2010/04/01 09:47:47 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlv.dll
[2010/04/01 09:47:47 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdest.dll
[2010/04/01 09:47:47 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt1.dll
[2010/04/01 09:47:47 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt.dll
[2010/04/01 09:47:47 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlt1.dll
[2010/04/01 09:47:47 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlt.dll
[2010/04/01 09:47:45 | 000,007,168 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz.dll
[2010/04/01 09:47:45 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz.dll
[2010/04/01 09:47:45 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycl.dll
[2010/04/01 09:47:45 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl1.dll
[2010/04/01 09:47:45 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl.dll
[2010/04/01 09:47:45 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpl.dll
[2010/04/01 09:47:45 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu.dll
[2010/04/01 09:47:45 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz2.dll
[2010/04/01 09:47:45 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz1.dll
[2010/04/01 09:47:45 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcr.dll
[2010/04/01 09:47:45 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\KBDAL.DLL
[2010/04/01 09:47:45 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdycl.dll
[2010/04/01 09:47:45 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsl1.dll
[2010/04/01 09:47:45 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsl.dll
[2010/04/01 09:47:45 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdpl.dll
[2010/04/01 09:47:45 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhu.dll
[2010/04/01 09:47:45 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz2.dll
[2010/04/01 09:47:45 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz1.dll
[2010/04/01 09:47:45 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcr.dll
[2010/04/01 09:47:45 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdal.dll
[2010/04/01 09:47:45 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdro.dll
[2010/04/01 09:47:45 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpl1.dll
[2010/04/01 09:47:45 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu1.dll
[2010/04/01 09:47:45 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdro.dll
[2010/04/01 09:47:45 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdpl1.dll
[2010/04/01 09:47:45 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhu1.dll
[2010/04/01 09:47:43 | 000,176,157 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dllcache\dgrpsetu.dll
[2010/04/01 09:47:43 | 000,176,157 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dgrpsetu.dll
[2010/04/01 09:47:43 | 000,085,020 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dllcache\dgsetup.dll
[2010/04/01 09:47:43 | 000,085,020 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dgsetup.dll
[2010/04/01 09:47:43 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irclass.dll
[2010/04/01 09:47:43 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irclass.dll
[2010/04/01 09:47:42 | 000,103,424 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\EqnClass.Dll
[2010/04/01 09:47:42 | 000,103,424 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqnclass.dll
[2010/04/01 09:47:42 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\spxcoins.dll
[2010/04/01 09:47:42 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxcoins.dll
[2010/04/01 09:47:42 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLESVR.DLL
[2010/04/01 09:47:42 | 000,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TAPI.DLL
[2010/04/01 09:47:42 | 000,013,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\WFWNET.DRV
[2010/04/01 09:47:42 | 000,009,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VER.DLL
[2010/04/01 09:47:42 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SHELL.DLL
[2010/04/01 09:47:42 | 000,004,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TIMER.DRV
[2010/04/01 09:47:42 | 000,003,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SYSTEM.DRV
[2010/04/01 09:47:42 | 000,002,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VGA.DRV
[2010/04/01 09:47:42 | 000,001,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SOUND.DRV
[2010/04/01 09:47:41 | 000,126,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MSVIDEO.DLL
[2010/04/01 09:47:41 | 000,109,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVIFILE.DLL
[2010/04/01 09:47:41 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLECLI.DLL
[2010/04/01 09:47:41 | 000,073,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIAVI.DRV
[2010/04/01 09:47:41 | 000,069,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVICAP.DLL
[2010/04/01 09:47:41 | 000,032,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\COMMDLG.DLL
[2010/04/01 09:47:41 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIWAVE.DRV
[2010/04/01 09:47:41 | 000,025,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCISEQ.DRV
[2010/04/01 09:47:41 | 000,009,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\LZEXPAND.DLL
[2010/04/01 09:47:41 | 000,002,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MOUSE.DRV
[2010/04/01 09:47:41 | 000,002,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\KEYBOARD.DRV
[2010/04/01 09:47:41 | 000,001,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MMTASK.TSK
[2010/04/01 09:47:40 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\winspool.drv
[2010/04/01 09:47:40 | 000,068,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MMSYSTEM.DLL
[2010/04/01 09:47:40 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\TASKMAN.EXE
[2010/04/01 09:47:40 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\taskman.exe
[2010/04/01 09:47:40 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\batt.dll
[2010/04/01 09:47:39 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\storprop.dll
[2010/04/01 09:47:30 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu
[2010/04/01 09:47:30 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents
[2010/04/01 09:47:30 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Templates
[2010/04/01 09:47:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Favorites
[2010/04/01 09:47:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Desktop
[2010/04/01 09:47:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2010/04/01 09:47:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot
[2010/04/01 09:47:11 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2010/04/01 09:47:11 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\All Users\Application Data
[2010/04/01 09:46:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings
[2010/04/01 09:46:45 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2010/04/01 09:46:08 | 000,701,440 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtag.sys
[2010/04/01 09:46:08 | 000,327,040 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtaa.sys
[2010/04/01 09:46:08 | 000,104,960 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinrvxx.sys
[2010/04/01 09:46:08 | 000,073,216 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atintuxx.sys
[2010/04/01 09:46:08 | 000,063,663 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1rvxx.sys
[2010/04/01 09:46:08 | 000,063,488 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxsxx.sys
[2010/04/01 09:46:08 | 000,057,856 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinbtxx.sys
[2010/04/01 09:46:08 | 000,056,623 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1btxx.sys
[2010/04/01 09:46:08 | 000,052,224 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinraxx.sys
[2010/04/01 09:46:08 | 000,036,463 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1tuxx.sys
[2010/04/01 09:46:08 | 000,034,735 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xsxx.sys
[2010/04/01 09:46:08 | 000,031,744 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxbxx.sys
[2010/04/01 09:46:08 | 000,030,671 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1raxx.sys
[2010/04/01 09:46:08 | 000,029,455 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xbxx.sys
[2010/04/01 09:46:08 | 000,028,672 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinsnxx.sys
[2010/04/01 09:46:08 | 000,026,367 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1snxx.sys
[2010/04/01 09:46:08 | 000,021,343 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1ttxx.sys
[2010/04/01 09:46:08 | 000,014,336 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinpdxx.sys
[2010/04/01 09:46:08 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinttxx.sys
[2010/04/01 09:46:08 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinmdxx.sys
[2010/04/01 09:46:08 | 000,012,047 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1pdxx.sys
[2010/04/01 09:46:08 | 000,011,615 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1mdxx.sys
[2010/04/01 09:39:02 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Michael\UserData
[2010/04/01 09:38:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2010/04/01 09:36:55 | 000,000,000 | ---D | C] -- C:\Program Files\O2
[2010/04/01 09:33:08 | 000,000,000 | ---D | C] -- C:\Program Files\O2_Installer
[2010/04/01 09:31:17 | 000,272,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthport.sys
[2010/04/01 09:31:13 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srv.sys
[2010/04/01 09:30:51 | 000,730,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lsasrv.dll
[2010/04/01 09:30:50 | 002,145,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe
[2010/04/01 09:30:49 | 002,189,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe
[2010/04/01 09:30:48 | 002,023,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe
[2010/04/01 09:30:38 | 000,455,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys
[2010/04/01 09:29:02 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netapi32.dll
[2010/04/01 09:28:49 | 000,689,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsp3res.dll
[2010/04/01 09:28:23 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aclayers.dll
[2010/04/01 09:28:06 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\t2embed.dll
[2010/04/01 09:28:06 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fontsub.dll
[2010/04/01 09:27:32 | 000,203,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rmcast.sys
[2010/04/01 09:27:04 | 000,691,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcomm.dll
[2010/04/01 09:23:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael\My Documents\My Received Files
[2010/04/01 09:22:57 | 000,000,000 | R-SD | C] -- C:\WINDOWS\Fonts
[2010/04/01 09:22:57 | 000,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2010/04/01 09:22:57 | 000,000,000 | R--D | C] -- C:\WINDOWS\Web
[2010/04/01 09:22:57 | 000,000,000 | -H-D | C] -- C:\WINDOWS\inf
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\WinSxS
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wins
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\twain_32
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\system32
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\system
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\spool
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\security
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\Resources
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\repair
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ras
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\Provisioning
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\PeerNet
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\pchealth
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\npp
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\mui
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\mui
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\msapps
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\msagent
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\Media
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\java
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\IME
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\ime
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ias
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\Help
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\export
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\Debug
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cursors
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\config
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\Config
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\AppPatch
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\addins
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3076
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\2052
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1054
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1042
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1041
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1037
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1033
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1031
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1028
[2010/04/01 09:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1025
[2010/04/01 09:21:19 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
[2010/04/01 09:20:59 | 000,026,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spupdsvc.exe
[2010/04/01 09:20:59 | 000,016,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2010/04/01 09:20:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2010/04/01 09:20:57 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$
[2010/04/01 09:20:13 | 000,138,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\afd.sys
[2010/04/01 09:20:12 | 000,361,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcpip.sys
[2010/04/01 09:20:12 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mswsock.dll
[2010/04/01 09:20:12 | 000,225,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcpip6.sys
[2010/04/01 09:20:12 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dnsapi.dll
[2010/04/01 09:15:50 | 000,034,578 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NPDRIVER.SYS
[2010/04/01 09:15:50 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010/04/01 09:14:35 | 000,306,688 | ---- | C] (InstallShield Software Corporation) -- C:\WINDOWS\IsUninst.exe
[2010/04/01 09:14:27 | 000,083,672 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\S32EVNT1.DLL
[2010/04/01 09:14:27 | 000,073,640 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2010/04/01 09:14:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael\Application Data\Symantec
[2010/04/01 09:14:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Symantec
[2010/04/01 09:14:02 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2010/04/01 09:13:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2010/04/01 09:13:49 | 000,000,000 | ---D | C] -- C:\Program Files\Norton AntiVirus
[2010/04/01 09:11:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2010/04/01 09:10:43 | 000,036,224 | ---- | C] (ADMtek Incorporated.) -- C:\WINDOWS\System32\drivers\an983.sys
[2010/04/01 09:10:43 | 000,036,224 | ---- | C] (ADMtek Incorporated.) -- C:\WINDOWS\System32\dllcache\an983.sys
[2010/04/01 09:06:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael\Local Settings\Application Data\SupportSoft
[2010/04/01 09:06:22 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SupportSoft
[2010/04/01 09:04:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael\Application Data\Identities
[2010/04/01 09:04:15 | 000,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
[2010/04/01 09:04:14 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Michael\My Documents\My Pictures
[2010/04/01 09:04:14 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Michael\My Documents\My Music
[2010/04/01 09:04:09 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Michael\Application Data\Microsoft
[2010/04/01 09:04:09 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Michael\SendTo
[2010/04/01 09:04:09 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Michael\Recent
[2010/04/01 09:04:09 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Michael\Application Data
[2010/04/01 09:04:09 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Michael\Start Menu
[2010/04/01 09:04:09 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Michael\My Documents
[2010/04/01 09:04:09 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Michael\Favorites
[2010/04/01 09:04:09 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Michael\Cookies
[2010/04/01 09:04:09 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Michael\Templates
[2010/04/01 09:04:09 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Michael\PrintHood
[2010/04/01 09:04:09 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Michael\NetHood
[2010/04/01 09:04:09 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Michael\Local Settings
[2010/04/01 09:04:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael\Local Settings\Application Data\Microsoft
[2010/04/01 09:04:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michael\Desktop
[2010/04/01 09:02:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2010/04/01 09:02:50 | 000,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft
[2010/04/01 09:02:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2010/04/01 09:01:29 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winzm.ime
[2010/04/01 09:01:28 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winsp.ime
[2010/04/01 09:01:28 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winpy.ime
[2010/04/01 09:01:27 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winar30.ime
[2010/04/01 09:01:27 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wingb.ime
[2010/04/01 09:01:27 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winime.ime
[2010/04/01 09:01:26 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.sys
[2010/04/01 09:01:25 | 000,041,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.dll
[2010/04/01 09:01:24 | 000,048,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32.dll
[2010/04/01 09:01:23 | 000,426,041 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicepad.dll
[2010/04/01 09:01:23 | 000,086,073 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicesub.dll
[2010/04/01 09:01:21 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniime.dll
[2010/04/01 09:01:20 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unicdime.ime
[2010/04/01 09:01:20 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe
[2010/04/01 09:01:18 | 000,571,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlgnt.ime
[2010/04/01 09:01:18 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintsetp.exe
[2010/04/01 09:01:18 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlphr.exe
[2010/04/01 09:01:18 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmigrate.dll
[2010/04/01 09:01:17 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\thawbrkr.dll
[2010/04/01 09:01:17 | 000,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdipx.sys
[2010/04/01 09:01:17 | 000,019,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdspx.sys
[2010/04/01 09:01:17 | 000,013,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdasync.sys
[2010/04/01 09:01:14 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusbusd.dll
[2010/04/01 09:01:12 | 000,143,422 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\softkey.dll
[2010/04/01 09:01:12 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll
[2010/04/01 09:01:11 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpstup.dll
[2010/04/01 09:01:10 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll
[2010/04/01 09:01:10 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smimsgif.dll
[2010/04/01 09:01:09 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm9aw.dll
[2010/04/01 09:01:09 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb6w.dll
[2010/04/01 09:01:09 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma3w.dll
[2010/04/01 09:01:09 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm93w.dll
[2010/04/01 09:01:09 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsm.dll
[2010/04/01 09:01:09 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsy.dll
[2010/04/01 09:01:08 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm87w.dll
[2010/04/01 09:01:08 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm81w.dll
[2010/04/01 09:01:08 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8cw.dll
[2010/04/01 09:01:08 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm92w.dll
[2010/04/01 09:01:08 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm90w.dll
[2010/04/01 09:01:08 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8dw.dll
[2010/04/01 09:01:08 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8aw.dll
[2010/04/01 09:01:08 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm89w.dll
[2010/04/01 09:01:07 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm59w.dll
[2010/04/01 09:01:07 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\simptcp.dll
[2010/04/01 09:01:03 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_scripto.dll
[2010/04/01 09:01:03 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seos.dll
[2010/04/01 09:01:01 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2010/04/01 09:01:01 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2010/04/01 09:01:00 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\romanime.ime
[2010/04/01 09:00:59 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe
[2010/04/01 09:00:58 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe
[2010/04/01 09:00:56 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quick.ime
[2010/04/01 09:00:56 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quser.exe
[2010/04/01 09:00:56 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe
[2010/04/01 09:00:53 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxviceo.dll
[2010/04/01 09:00:53 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlphr.exe
[2010/04/01 09:00:53 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmigrate.dll
[2010/04/01 09:00:53 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxmcro.dll
[2010/04/01 09:00:53 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxgl.dll
[2010/04/01 09:00:52 | 000,482,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlgnt.ime
[2010/04/01 09:00:52 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phon.ime
[2010/04/01 09:00:52 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlcsd.dll
[2010/04/01 09:00:51 | 000,036,927 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs411.dll
[2010/04/01 09:00:51 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs404.dll
[2010/04/01 09:00:51 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs804.dll
[2010/04/01 09:00:51 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs412.dll
[2010/04/01 09:00:48 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll
[2010/04/01 09:00:44 | 000,229,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\multibox.dll
[2010/04/01 09:00:39 | 001,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.lex
[2010/04/01 09:00:39 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.dll
[2010/04/01 09:00:31 | 000,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.sys
[2010/04/01 09:00:31 | 000,092,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.dll
[2010/04/01 09:00:30 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll
[2010/04/01 09:00:27 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\korwbrkr.dll
[2010/04/01 09:00:26 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdvntc.dll
[2010/04/01 09:00:26 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdusa.dll
[2010/04/01 09:00:26 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdurdu.dll
[2010/04/01 09:00:25 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth3.dll
[2010/04/01 09:00:25 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth2.dll
[2010/04/01 09:00:25 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth1.dll
[2010/04/01 09:00:25 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth0.dll
[2010/04/01 09:00:25 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr2.dll
[2010/04/01 09:00:25 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr1.dll
[2010/04/01 09:00:24 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecat.dll
[2010/04/01 09:00:24 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecnt.dll
[2010/04/01 09:00:24 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnec95.dll
[2010/04/01 09:00:24 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintel.dll
[2010/04/01 09:00:23 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinpun.dll
[2010/04/01 09:00:23 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintam.dll
[2010/04/01 09:00:23 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinmar.dll
[2010/04/01 09:00:23 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinkan.dll
[2010/04/01 09:00:23 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinhin.dll
[2010/04/01 09:00:23 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinguj.dll
[2010/04/01 09:00:23 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdindev.dll
[2010/04/01 09:00:22 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdheb.dll
[2010/04/01 09:00:22 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdfa.dll
[2010/04/01 09:00:22 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv2.dll
[2010/04/01 09:00:22 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv1.dll
[2010/04/01 09:00:22 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgeo.dll
[2010/04/01 09:00:21 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda3.dll
[2010/04/01 09:00:21 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda2.dll
[2010/04/01 09:00:21 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda1.dll
[2010/04/01 09:00:21 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarmw.dll
[2010/04/01 09:00:21 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarme.dll
[2010/04/01 09:00:20 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jupiw.dll
[2010/04/01 09:00:20 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101a.dll
[2010/04/01 09:00:18 | 000,315,455 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskf.dll
[2010/04/01 09:00:17 | 000,471,102 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskdic.dll
[2010/04/01 09:00:17 | 000,274,489 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputyc.dll
[2010/04/01 09:00:17 | 000,262,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputy.exe
[2010/04/01 09:00:17 | 000,102,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imlang.dll
[2010/04/01 09:00:17 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imkrinst.exe
[2010/04/01 09:00:16 | 000,307,257 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.exe
[2010/04/01 09:00:16 | 000,233,527 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjprw.exe
[2010/04/01 09:00:16 | 000,208,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpmig.exe
[2010/04/01 09:00:16 | 000,155,705 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdsvr.exe
[2010/04/01 09:00:16 | 000,081,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.dll
[2010/04/01 09:00:16 | 000,045,109 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpuex.exe
[2010/04/01 09:00:15 | 000,811,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81k.dll
[2010/04/01 09:00:15 | 000,716,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcus.dll
[2010/04/01 09:00:15 | 000,368,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcic.dll
[2010/04/01 09:00:15 | 000,057,398 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdadm.exe
[2010/04/01 09:00:14 | 000,340,023 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81.ime
[2010/04/01 09:00:14 | 000,311,359 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsv.exe
[2010/04/01 09:00:14 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrcic.dll
[2010/04/01 09:00:14 | 000,102,463 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsm.dll
[2010/04/01 09:00:14 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekr61.ime
[2010/04/01 09:00:14 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmbx.dll
[2010/04/01 09:00:14 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmig.exe
[2010/04/01 09:00:09 | 010,129,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxkor.dll
[2010/04/01 09:00:01 | 010,096,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxcht.dll
[2010/04/01 08:59:59 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hanjadic.dll
[2010/04/01 08:59:56 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsroute.dll
[2010/04/01 08:59:56 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssend.exe
[2010/04/01 08:59:55 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclntr.dll
[2010/04/01 08:59:55 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscfgwz.dll
[2010/04/01 08:59:54 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftlx041e.dll
[2010/04/01 08:59:53 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe
[2010/04/01 08:59:52 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll
[2010/04/01 08:59:51 | 000,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll
[2010/04/01 08:59:51 | 000,045,056 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll
[2010/04/01 08:59:51 | 000,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll
[2010/04/01 08:59:51 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\et4000.sys
[2010/04/01 08:59:49 | 000,514,587 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\edb500.dll
[2010/04/01 08:59:44 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dayi.ime
[2010/04/01 08:59:42 | 000,057,399 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cplexe.exe
[2010/04/01 08:59:42 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cprofile.exe
[2010/04/01 08:59:39 | 000,480,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintsetp.exe
[2010/04/01 08:59:39 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintime.dll
[2010/04/01 08:59:39 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintlgnt.ime
[2010/04/01 08:59:38 | 001,677,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chsbrkr.dll
[2010/04/01 08:59:38 | 000,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtbrkr.dll
[2010/04/01 08:59:38 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtmbx.dll
[2010/04/01 08:59:38 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtskdic.dll
[2010/04/01 08:59:37 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chajei.ime
[2010/04/01 08:59:37 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgport.exe
[2010/04/01 08:59:37 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgusr.exe
[2010/04/01 08:59:37 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chglogon.exe
[2010/04/01 08:59:37 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\change.exe
[2010/04/01 08:59:35 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2010/04/01 08:59:35 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_iscii.dll
[2010/04/01 08:59:35 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_is2022.dll
[2010/04/01 08:59:23 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll
[2010/04/01 08:59:21 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll
[2010/04/01 08:59:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom
[2010/04/01 08:59:00 | 000,000,000 | ---D | C] -- C:\Program Files\xerox
[2010/04/01 08:59:00 | 000,000,000 | ---D | C] -- C:\Program Files\microsoft frontpage
[2010/04/01 08:58:42 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2010/04/01 08:58:42 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2010/04/01 08:58:29 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mapi32.dll
[2010/04/01 08:57:41 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\DRM
[2010/04/01 08:57:29 | 000,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files
[2010/04/01 08:57:29 | 000,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages
[2010/04/01 08:57:15 | 000,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate
[2010/04/01 08:56:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX
[2010/04/01 08:56:40 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helphost.exe
[2010/04/01 08:56:40 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\notiflag.exe
[2010/04/01 08:56:40 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\brpinfo.dll
[2010/04/01 08:56:40 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atrace.dll
[2010/04/01 08:56:40 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\atrace.dll
[2010/04/01 08:56:40 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hcappres.dll
[2010/04/01 08:56:33 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srdiag.exe
[2010/04/01 08:56:33 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wb32.exe
[2010/04/01 08:56:33 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmevtmsg.dll
[2010/04/01 08:56:33 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmevtmsg.dll
[2010/04/01 08:56:32 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\acctres.dll
[2010/04/01 08:56:32 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\acctres.dll
[2010/04/01 08:56:32 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msinfo32.exe
[2010/04/01 08:56:32 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cb32.exe
[2010/04/01 08:56:31 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Services
[2010/04/01 08:56:30 | 000,000,000 | --SD | C] -- C:\WINDOWS\Tasks
[2010/04/01 08:56:29 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssoap1.dll
[2010/04/01 08:56:29 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwtutor.exe
[2010/04/01 08:56:29 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwres.dll
[2010/04/01 08:56:29 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trialoc.dll
[2010/04/01 08:56:29 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wisc10.dll
[2010/04/01 08:56:29 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssoapr.dll
[2010/04/01 08:56:29 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isignup.exe
[2010/04/01 08:56:29 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icfgnt5.dll
[2010/04/01 08:56:29 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icfgnt5.dll
[2010/04/01 08:56:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap
[2010/04/01 08:56:28 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieinfo5.ocx
[2010/04/01 08:56:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\srchasst
[2010/04/01 08:56:25 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpband.dll
[2010/04/01 08:56:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed
[2010/04/01 08:56:24 | 000,786,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migrate.exe
[2010/04/01 08:56:24 | 000,774,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setup_wm.exe
[2010/04/01 08:56:24 | 000,368,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpvis.dll
[2010/04/01 08:56:24 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpns.dll
[2010/04/01 08:56:24 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmplayer.exe
[2010/04/01 08:56:24 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\custsat.dll
[2010/04/01 08:56:23 | 000,364,544 | ---- | C] (Microsoft Corporation (written by Digital Renaissance Inc.)) -- C:\WINDOWS\System32\dllcache\npdsplay.dll
[2010/04/01 08:56:23 | 000,327,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll
[2010/04/01 08:56:23 | 000,327,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wucltui.dll
[2010/04/01 08:56:23 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npdrmv2.dll
[2010/04/01 08:56:23 | 000,209,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuweb.dll
[2010/04/01 08:56:23 | 000,183,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng1.dll
[2010/04/01 08:56:23 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npwmsdrm.dll
[2010/04/01 08:56:23 | 000,004,639 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplayer2.exe
[2010/04/01 08:56:22 | 001,929,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaueng.dll
[2010/04/01 08:56:22 | 000,575,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll
[2010/04/01 08:56:22 | 000,575,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuapi.dll
[2010/04/01 08:56:22 | 000,217,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaucpl.cpl
[2010/04/01 08:56:22 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauclt1.exe
[2010/04/01 08:56:22 | 000,053,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauclt.exe
[2010/04/01 08:56:22 | 000,035,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wups.dll
[2010/04/01 08:56:22 | 000,035,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wups.dll
[2010/04/01 08:56:22 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qmgrprxy.dll
[2010/04/01 08:56:22 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx2.dll
[2010/04/01 08:56:22 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx3.dll
[2010/04/01 08:56:19 | 003,558,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\moviemk.exe
[2010/04/01 08:56:18 | 000,000,000 | ---D | C] -- C:\Program Files\Movie Maker
[2010/04/01 08:56:15 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrslv.dll
[2010/04/01 08:56:15 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrcdlg.dll
[2010/04/01 08:56:15 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\racpldlg.dll
[2010/04/01 08:56:15 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrdm.dll
[2010/04/01 08:56:13 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fltmc.exe
[2010/04/01 08:56:12 | 000,239,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srrstr.dll
[2010/04/01 08:56:12 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ils.dll
[2010/04/01 08:56:12 | 000,034,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mnmdd.dll
[2010/04/01 08:56:12 | 000,032,768 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\isrdbg32.dll
[2010/04/01 08:56:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore
[2010/04/01 08:56:11 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msconf.dll
[2010/04/01 08:56:11 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmmkcert.dll
[2010/04/01 08:56:09 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoeacct.dll
[2010/04/01 08:56:09 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoert2.dll
[2010/04/01 08:56:09 | 000,000,000 | ---D | C] -- C:\Program Files\NetMeeting
[2010/04/01 08:56:08 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetres.dll
[2010/04/01 08:56:06 | 000,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcfg.dll
[2010/04/01 08:56:06 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\isign32.dll
[2010/04/01 08:56:06 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwdial.dll
[2010/04/01 08:56:06 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwphbk.dll
[2010/04/01 08:56:06 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstinit.exe
[2010/04/01 08:56:06 | 000,000,000 | ---D | C] -- C:\Program Files\Outlook Express
[2010/04/01 08:56:02 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadce.dll
[2010/04/01 08:56:01 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\System
[2010/04/01 08:55:59 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Explorer
[2010/04/01 08:55:58 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Pictures
[2010/04/01 08:55:47 | 000,000,000 | ---D | C] -- C:\Program Files\ComPlus Applications
[2010/04/01 08:55:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\Registration
[2010/04/01 08:55:04 | 000,000,000 | ---D | C] -- C:\Program Files\Online Services
[2010/04/01 08:55:03 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Music
[2010/04/01 08:55:03 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Player
[2010/04/01 08:54:56 | 000,042,577 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgzm.exe
[2010/04/01 08:54:56 | 000,000,000 | ---D | C] -- C:\Program Files\Messenger
[2010/04/01 08:54:55 | 002,178,131 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlres.dll
[2010/04/01 08:54:55 | 001,817,687 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgres.dll
[2010/04/01 08:54:55 | 000,780,885 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrres.dll
[2010/04/01 08:54:55 | 000,753,236 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvseres.dll
[2010/04/01 08:54:55 | 000,082,501 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckg.dll
[2010/04/01 08:54:55 | 000,066,113 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvl.dll
[2010/04/01 08:54:55 | 000,048,706 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvse.dll
[2010/04/01 08:54:55 | 000,042,575 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrzm.exe
[2010/04/01 08:54:55 | 000,042,574 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvsezm.exe
[2010/04/01 08:54:55 | 000,042,573 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlzm.exe
[2010/04/01 08:54:55 | 000,040,515 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkr.dll
[2010/04/01 08:54:54 | 001,175,635 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzres.dll
[2010/04/01 08:54:54 | 001,039,955 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnresm.dll
[2010/04/01 08:54:54 | 000,113,222 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zoneclim.dll
[2010/04/01 08:54:54 | 000,057,409 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtz.dll
[2010/04/01 08:54:54 | 000,042,573 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzzm.exe
[2010/04/01 08:54:54 | 000,041,029 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zcorem.dll
[2010/04/01 08:54:54 | 000,032,339 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniansi.dll
[2010/04/01 08:54:54 | 000,013,894 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zonelibm.dll
[2010/04/01 08:54:54 | 000,004,677 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zeeverm.dll
[2010/04/01 08:54:53 | 000,217,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnclim.dll
[2010/04/01 08:54:53 | 000,036,937 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zclientm.exe
[2010/04/01 08:54:53 | 000,029,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\znetm.dll
[2010/04/01 08:54:53 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\write.exe
[2010/04/01 08:54:53 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\write.exe
[2010/04/01 08:54:53 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Gaming Zone
[2010/04/01 08:54:46 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndvol32.exe
[2010/04/01 08:54:46 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndvol32.exe
[2010/04/01 08:54:46 | 000,044,544 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\hticons.dll
[2010/04/01 08:54:46 | 000,013,312 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\dllcache\htrn_jis.dll
[2010/04/01 08:54:45 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avtapi.dll
[2010/04/01 08:54:45 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avtapi.dll
[2010/04/01 08:54:45 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avwav.dll
[2010/04/01 08:54:45 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avwav.dll
[2010/04/01 08:54:45 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winchat.exe
[2010/04/01 08:54:45 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winchat.exe
[2010/04/01 08:54:45 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avmeter.dll
[2010/04/01 08:54:45 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avmeter.dll
[2010/04/01 08:54:40 | 000,605,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\getuname.dll
[2010/04/01 08:54:40 | 000,605,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\getuname.dll
[2010/04/01 08:54:40 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\calc.exe
[2010/04/01 08:54:40 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\calc.exe
[2010/04/01 08:54:40 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\charmap.exe
[2010/04/01 08:54:40 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\charmap.exe
[2010/04/01 08:54:39 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mshearts.exe
[2010/04/01 08:54:39 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshearts.exe
[2010/04/01 08:54:39 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winmine.exe
[2010/04/01 08:54:39 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmine.exe
[2010/04/01 08:54:39 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sol.exe
[2010/04/01 08:54:39 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sol.exe
[2010/04/01 08:54:39 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\freecell.exe
[2010/04/01 08:54:39 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\freecell.exe
[2010/04/01 08:54:39 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tskill.exe
[2010/04/01 08:54:39 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tskill.exe
[2010/04/01 08:54:39 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\reset.exe
[2010/04/01 08:54:39 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\reset.exe
[2010/04/01 08:54:38 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\regini.exe
[2010/04/01 08:54:38 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\regini.exe
[2010/04/01 08:54:38 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qwinsta.exe
[2010/04/01 08:54:38 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qwinsta.exe
[2010/04/01 08:54:38 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msg.exe
[2010/04/01 08:54:38 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msg.exe
[2010/04/01 08:54:38 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsshutdn.exe
[2010/04/01 08:54:38 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsshutdn.exe
[2010/04/01 08:54:38 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qappsrv.exe
[2010/04/01 08:54:38 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qappsrv.exe
[2010/04/01 08:54:38 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rwinsta.exe
[2010/04/01 08:54:38 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rwinsta.exe
[2010/04/01 08:54:38 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cdmodem.dll
[2010/04/01 08:54:38 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cdmodem.dll
[2010/04/01 08:54:38 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\logoff.exe
[2010/04/01 08:54:38 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logoff.exe
[2010/04/01 08:54:38 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsdiscon.exe
[2010/04/01 08:54:38 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsdiscon.exe
[2010/04/01 08:54:38 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscon.exe
[2010/04/01 08:54:38 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscon.exe
[2010/04/01 08:54:38 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\shadow.exe
[2010/04/01 08:54:38 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shadow.exe
[2010/04/01 08:54:38 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpcfgex.dll
[2010/04/01 08:54:38 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpcfgex.dll
[2010/04/01 08:54:37 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comrepl.dll
[2010/04/01 08:54:37 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxlegih.dll
[2010/04/01 08:54:37 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxdm.dll
[2010/04/01 08:54:37 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comaddin.dll
[2010/04/01 08:54:37 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtsadmin.tlb
[2010/04/01 08:54:37 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dcomcnfg.exe
[2010/04/01 08:54:37 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxex.dll
[2010/04/01 08:54:36 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsnap.dll
[2010/04/01 08:54:36 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\stclient.dll
[2010/04/01 08:54:36 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmi2xml.dll
[2010/04/01 08:54:34 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\updprov.dll
[2010/04/01 08:54:34 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipicmp.dll
[2010/04/01 08:54:34 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmimsg.dll
[2010/04/01 08:54:34 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemdisp.tlb
[2010/04/01 08:54:34 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmitimep.dll
[2010/04/01 08:54:34 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.tlb
[2010/04/01 08:54:34 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unsecapp.exe
[2010/04/01 08:54:34 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmtr.dll
[2010/04/01 08:54:34 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmt.exe
[2010/04/01 08:54:34 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.dll
[2010/04/01 08:54:33 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msiprov.dll
[2010/04/01 08:54:33 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsprov.dll
[2010/04/01 08:54:33 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmplprov.dll
[2010/04/01 08:54:33 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trnsprov.dll
[2010/04/01 08:54:33 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fwdprov.dll
[2010/04/01 08:54:33 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpcons.dll
[2010/04/01 08:54:24 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\accwiz.exe
[2010/04/01 08:54:24 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\access.cpl
[2010/04/01 08:54:24 | 000,000,000 | ---D | C] -- C:\Program Files\MSN
[2010/04/01 08:54:23 | 000,347,136 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\hypertrm.dll
[2010/04/01 08:54:23 | 000,343,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mspaint.exe
[2010/04/01 08:54:23 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndrec32.exe
[2010/04/01 08:54:23 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mplay32.exe
[2010/04/01 08:54:23 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplay32.exe
[2010/04/01 08:54:23 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clipbrd.exe
[2010/04/01 08:54:23 | 000,000,000 | ---D | C] -- C:\Program Files\Windows NT
[2010/04/01 08:54:22 | 002,066,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstscax.dll
[2010/04/01 08:54:22 | 000,538,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spider.exe
[2010/04/01 08:54:22 | 000,407,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstsc.exe
[2010/04/01 08:54:22 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscfgwmi.dll
[2010/04/01 08:54:21 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdchost.dll
[2010/04/01 08:54:21 | 000,087,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpwsx.dll
[2010/04/01 08:54:21 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdshost.exe
[2010/04/01 08:54:21 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpclip.exe
[2010/04/01 08:54:21 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscupgrd.exe
[2010/04/01 08:54:21 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscupgrd.exe
[2010/04/01 08:54:21 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpsnd.dll
[2010/04/01 08:54:21 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qprocess.exe
[2010/04/01 08:54:21 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdsaddin.exe
[2010/04/01 08:54:21 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icaapi.dll
[2010/04/01 08:54:20 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtctm.dll
[2010/04/01 08:54:20 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcprx.dll
[2010/04/01 08:54:20 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcuiu.dll
[2010/04/01 08:54:20 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxoci.dll
[2010/04/01 08:54:20 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtclog.dll
[2010/04/01 08:54:20 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cfgbkend.dll
[2010/04/01 08:54:20 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xolehlp.dll
[2010/04/01 08:54:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc
[2010/04/01 08:54:19 | 000,625,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvut.dll
[2010/04/01 08:54:19 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clbcatex.dll
[2010/04/01 08:54:19 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvps.dll
[2010/04/01 08:54:19 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\colbact.dll
[2010/04/01 08:54:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Com
[2010/04/01 08:54:18 | 001,267,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsvcs.dll
[2010/04/01 08:54:18 | 000,539,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comuid.dll
[2010/04/01 08:54:18 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrv.dll
[2010/04/01 08:54:12 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\servdeps.dll
[2010/04/01 08:54:11 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmprops.dll
[2010/04/01 08:54:11 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\licwmi.dll
[2010/04/01 08:54:11 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmfutil.dll

========== Files - Modified Within 30 Days ==========

[2010/04/10 17:22:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\Symantec NetDetect.job
[2010/04/10 17:15:46 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/04/10 17:15:43 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/04/10 17:14:34 | 003,145,728 | -H-- | M] () -- C:\Documents and Settings\Michael\NTUSER.DAT
[2010/04/10 17:14:34 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Michael\ntuser.ini
[2010/04/10 16:20:57 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/04/10 16:14:07 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2010/04/10 16:13:15 | 000,000,426 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{F847089E-2516-4483-BFD6-9464CF58DF2D}.job
[2010/04/10 15:01:02 | 006,941,480 | -H-- | M] () -- C:\Documents and Settings\Michael\Local Settings\Application Data\IconCache.db
[2010/04/10 14:55:54 | 000,000,548 | ---- | M] () -- C:\Documents and Settings\Michael\Desktop\Shortcut to mc303CF.exe.lnk
[2010/04/10 14:54:51 | 000,000,767 | ---- | M] () -- C:\Documents and Settings\Michael\Desktop\Shortcut to GrabCaptureScreen.exe.lnk
[2010/04/10 10:46:38 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Michael\defogger_reenable
[2010/04/10 09:55:41 | 000,014,848 | ---- | M] () -- C:\Documents and Settings\Michael\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/04/08 11:20:03 | 003,103,920 | ---- | M] () -- C:\Documents and Settings\Michael\My Documents\CubeCart-latest.zip
[2010/04/08 05:25:00 | 000,001,148 | ---- | M] () -- C:\Documents and Settings\Michael\My Documents\index.tpl
[2010/04/08 01:42:26 | 000,023,531 | ---- | M] () -- C:\Documents and Settings\Michael\Desktop\NEWZEALAND2a.jpg
[2010/04/08 01:39:39 | 000,000,814 | ---- | M] () -- C:\Documents and Settings\Michael\Desktop\Adobe Photoshop 7.0.lnk
[2010/04/08 01:39:03 | 000,000,986 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
[2010/04/08 00:45:15 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2010/04/07 22:12:00 | 000,024,763 | ---- | M] () -- C:\Documents and Settings\Michael\Desktop\1012876.jpg
[2010/04/07 21:54:02 | 000,000,680 | ---- | M] () -- C:\Documents and Settings\Michael\Desktop\Shortcut to WS_FTP95.exe.lnk
[2010/04/07 18:54:54 | 000,014,744 | ---- | M] () -- C:\Documents and Settings\Michael\Desktop\wedding2.jpg
[2010/04/07 16:29:59 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/04/07 16:11:31 | 016,883,056 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Michael\Desktop\IE8-WindowsXP-x86-ENU.exe
[2010/04/07 16:07:01 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/04/07 13:01:44 | 000,000,827 | ---- | M] () -- C:\Documents and Settings\Michael\Desktop\Arles Image Web Page Creator.lnk
[2010/04/07 11:16:05 | 000,000,780 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010/04/07 11:14:58 | 007,976,992 | ---- | M] () -- C:\Documents and Settings\Michael\Desktop\SUPERAntiSpyware.exe
[2010/04/07 00:48:40 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Michael\Desktop\OTL.exe
[2010/04/06 19:41:37 | 000,827,762 | ---- | M] () -- C:\Documents and Settings\Michael\Desktop\Property Flyer -wk 1(7-11Apr10).pdf
[2010/04/06 19:31:22 | 000,318,067 | ---- | M] () -- C:\Documents and Settings\Michael\Desktop\HijackThis.zip
[2010/04/06 19:04:51 | 000,000,631 | ---- | M] () -- C:\Documents and Settings\Michael\Desktop\Shortcut to washer.lnk
[2010/04/06 18:57:39 | 000,000,690 | ---- | M] () -- C:\Documents and Settings\Michael\Desktop\SpywareBlaster.lnk
[2010/04/06 18:56:25 | 003,012,768 | ---- | M] (Javacool Software LLC ) -- C:\Documents and Settings\Michael\Desktop\spywareblastersetup42.exe
[2010/04/06 14:16:23 | 000,000,036 | ---- | M] () -- C:\Documents and Settings\Michael\Local Settings\Application Data\housecall.guid.cache
[2010/04/06 14:16:17 | 001,840,232 | ---- | M] (Trend Micro) -- C:\Documents and Settings\Michael\Desktop\HousecallLauncher.exe
[2010/04/06 14:13:41 | 000,002,445 | ---- | M] () -- C:\Documents and Settings\Michael\Desktop\HiJackThis.lnk
[2010/04/06 14:13:13 | 001,401,344 | ---- | M] () -- C:\Documents and Settings\Michael\Desktop\HijackThis.msi
[2010/04/06 14:05:13 | 000,000,174 | ---- | M] () -- C:\Documents and Settings\Michael\Desktop\DrWeb.csv
[2010/04/06 13:25:11 | 036,556,072 | ---- | M] () -- C:\Documents and Settings\Michael\Desktop\dr.exe
[2010/04/03 18:54:18 | 000,017,392 | ---- | M] () -- C:\Documents and Settings\Michael\My Documents\bitdefender.html
[2010/04/03 14:07:21 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/04/03 14:05:43 | 000,000,292 | ---- | M] () -- C:\WINDOWS\System\cmicnfg.ini
[2010/04/03 13:20:51 | 000,015,481 | ---- | M] () -- C:\Documents and Settings\Michael\My Documents\!Bm4v3k!CGk~$(KGrHqUH-DkEttFPlWZWBLhUB6Fw+g~~_12.jpg
[2010/04/03 11:12:04 | 000,488,244 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/04/03 11:12:04 | 000,432,356 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/04/03 11:12:04 | 000,067,312 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/04/03 01:34:37 | 036,249,912 | ---- | M] () -- C:\Documents and Settings\Michael\Desktop\drweb.exe
[2010/04/03 00:03:41 | 000,013,104 | ---- | M] () -- C:\Documents and Settings\Michael\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/04/02 21:28:37 | 000,000,032 | -HS- | M] () -- C:\WINDOWS\{F13E0DEA-6950-47FB-A30D-4CC10BD0D92C}.dat
[2010/04/02 21:28:37 | 000,000,032 | -HS- | M] () -- C:\WINDOWS\System32\{EF0457F6-4E56-46B9-8783-B49EB463CC16}.dat
[2010/04/02 21:28:18 | 000,001,793 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Norton Personal Firewall.lnk
[2010/04/02 19:22:52 | 000,095,072 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/04/02 11:42:54 | 001,908,578 | ---- | M] () -- C:\Documents and Settings\Michael\My Documents\PD017.pdf
[2010/04/02 09:25:53 | 015,819,658 | ---- | M] (Plastics Direct ) -- C:\Documents and Settings\Michael\Desktop\kc2_designs.exe
[2010/04/02 09:01:07 | 012,991,848 | ---- | M] (Opera Software ASA) -- C:\Documents and Settings\Michael\My Documents\Opera_1051_int_Setup.exe
[2010/04/01 17:18:18 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2010/04/01 16:45:48 | 025,740,144 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Michael\Desktop\wmp11-windowsxp-x86-enu.exe
[2010/04/01 16:30:49 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2010/04/01 13:32:10 | 000,002,155 | ---- | M] () -- C:\Documents and Settings\Michael\Desktop\310310 Letter Benefits Services MF.doc
[2010/04/01 12:31:28 | 000,000,578 | ---- | M] () -- C:\WINDOWS\tasks\AiO Home Center Registration Remind Task.job
[2010/04/01 12:27:13 | 000,000,775 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\KODAK AiO Home Centre.lnk
[2010/04/01 11:42:48 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010/04/01 11:42:48 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010/04/01 11:42:47 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010/04/01 11:42:47 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010/04/01 11:42:46 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deploytk.dll
[2010/04/01 11:26:17 | 000,068,063 | ---- | M] () -- C:\Documents and Settings\Michael\Desktop\topHeader1.jpg
[2010/04/01 09:54:10 | 000,000,710 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Keyring Creator 2.lnk
[2010/04/01 09:48:49 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.bak
[2010/04/01 09:16:48 | 000,001,925 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Norton AntiVirus 2003 Professional Edition.lnk
[2010/04/01 09:16:10 | 000,000,032 | -HS- | M] () -- C:\WINDOWS\System32\{DE22D068-8219-41C3-AE36-5E3813B59FC9}.dat
[2010/04/01 09:16:10 | 000,000,032 | -HS- | M] () -- C:\WINDOWS\{79CB7DF4-0E71-40E6-9FB5-CD8648B871B0}.dat
[2010/04/01 09:16:05 | 000,000,014 | ---- | M] () -- C:\WINDOWS\System32\SR2.dat
[2010/04/01 09:02:43 | 000,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD
[2010/04/01 09:01:44 | 000,000,261 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2010/04/01 08:58:49 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/04/01 08:58:49 | 000,000,477 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/04/01 08:58:49 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2010/04/01 08:58:49 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/04/01 08:58:49 | 000,000,000 | ---- | M] () -- C:\WINDOWS\control.ini
[2010/04/01 08:58:49 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010/04/01 08:58:49 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010/04/01 08:58:41 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2010/04/01 08:58:41 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2010/04/01 08:58:29 | 000,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2010/04/01 08:57:28 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\System32\WindowsLogon.manifest
[2010/04/01 08:57:28 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2010/04/01 08:57:20 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2010/04/01 08:57:20 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\WindowsShell.Manifest
[2010/04/01 08:57:20 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2010/04/01 08:57:20 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2010/04/01 08:57:20 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2010/04/01 08:57:20 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2010/04/01 08:55:56 | 000,021,640 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010/04/01 08:55:44 | 000,000,037 | ---- | M] () -- C:\WINDOWS\vbaddin.ini
[2010/04/01 08:55:44 | 000,000,036 | ---- | M] () -- C:\WINDOWS\vb.ini
[2010/04/01 08:53:12 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[2010/03/30 00:46:30 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/03/30 00:45:52 | 000,020,824 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/03/12 18:02:38 | 000,261,632 | ---- | M] () -- C:\WINDOWS\PEV.exe

========== Files Created - No Company Name ==========

[2010/04/10 16:14:07 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2010/04/10 16:14:01 | 000,260,272 | ---- | C] () -- C:\cmldr
[2010/04/10 14:55:54 | 000,000,548 | ---- | C] () -- C:\Documents and Settings\Michael\Desktop\Shortcut to mc303CF.exe.lnk
[2010/04/10 14:54:51 | 000,000,767 | ---- | C] () -- C:\Documents and Settings\Michael\Desktop\Shortcut to GrabCaptureScreen.exe.lnk
[2010/04/10 14:31:42 | 000,261,632 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010/04/10 14:31:42 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010/04/10 14:31:42 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010/04/10 14:31:42 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010/04/10 14:31:42 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010/04/10 10:46:38 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Michael\defogger_reenable
[2010/04/08 11:19:57 | 003,103,920 | ---- | C] () -- C:\Documents and Settings\Michael\My Documents\CubeCart-latest.zip
[2010/04/08 05:25:00 | 000,001,148 | ---- | C] () -- C:\Documents and Settings\Michael\My Documents\index.tpl
[2010/04/08 01:42:25 | 000,023,531 | ---- | C] () -- C:\Documents and Settings\Michael\Desktop\NEWZEALAND2a.jpg
[2010/04/08 01:39:39 | 000,000,814 | ---- | C] () -- C:\Documents and Settings\Michael\Desktop\Adobe Photoshop 7.0.lnk
[2010/04/08 01:39:03 | 000,000,986 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
[2010/04/08 00:48:18 | 000,000,426 | -H-- | C] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{F847089E-2516-4483-BFD6-9464CF58DF2D}.job
[2010/04/07 22:18:03 | 000,014,744 | ---- | C] () -- C:\Documents and Settings\Michael\Desktop\wedding2.jpg
[2010/04/07 22:12:10 | 000,024,763 | ---- | C] () -- C:\Documents and Settings\Michael\Desktop\1012876.jpg
[2010/04/07 21:54:02 | 000,000,680 | ---- | C] () -- C:\Documents and Settings\Michael\Desktop\Shortcut to WS_FTP95.exe.lnk
[2010/04/07 13:01:44 | 000,000,827 | ---- | C] () -- C:\Documents and Settings\Michael\Desktop\Arles Image Web Page Creator.lnk
[2010/04/07 11:16:05 | 000,000,780 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010/04/07 11:14:58 | 007,976,992 | ---- | C] () -- C:\Documents and Settings\Michael\Desktop\SUPERAntiSpyware.exe
[2010/04/06 21:24:28 | 000,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2010/04/06 19:41:36 | 000,827,762 | ---- | C] () -- C:\Documents and Settings\Michael\Desktop\Property Flyer -wk 1(7-11Apr10).pdf
[2010/04/06 19:31:20 | 000,318,067 | ---- | C] () -- C:\Documents and Settings\Michael\Desktop\HijackThis.zip
[2010/04/06 19:04:51 | 000,000,631 | ---- | C] () -- C:\Documents and Settings\Michael\Desktop\Shortcut to washer.lnk
[2010/04/06 18:57:39 | 000,000,690 | ---- | C] () -- C:\Documents and Settings\Michael\Desktop\SpywareBlaster.lnk
[2010/04/06 14:16:23 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\Michael\Local Settings\Application Data\housecall.guid.cache
[2010/04/06 14:13:33 | 000,002,445 | ---- | C] () -- C:\Documents and Settings\Michael\Desktop\HiJackThis.lnk
[2010/04/06 14:13:07 | 001,401,344 | ---- | C] () -- C:\Documents and Settings\Michael\Desktop\HijackThis.msi
[2010/04/06 14:05:13 | 000,000,174 | ---- | C] () -- C:\Documents and Settings\Michael\Desktop\DrWeb.csv
[2010/04/06 13:25:08 | 036,556,072 | ---- | C] () -- C:\Documents and Settings\Michael\Desktop\dr.exe
[2010/04/03 21:06:52 | 000,017,392 | ---- | C] () -- C:\Documents and Settings\Michael\My Documents\bitdefender.html
[2010/04/03 14:07:21 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/04/03 14:05:42 | 000,000,292 | ---- | C] () -- C:\WINDOWS\System\cmicnfg.ini
[2010/04/03 13:20:58 | 000,015,481 | ---- | C] () -- C:\Documents and Settings\Michael\My Documents\!Bm4v3k!CGk~$(KGrHqUH-DkEttFPlWZWBLhUB6Fw+g~~_12.jpg
[2010/04/03 01:34:35 | 036,249,912 | ---- | C] () -- C:\Documents and Settings\Michael\Desktop\drweb.exe
[2010/04/02 21:28:37 | 000,000,032 | -HS- | C] () -- C:\WINDOWS\{F13E0DEA-6950-47FB-A30D-4CC10BD0D92C}.dat
[2010/04/02 21:28:37 | 000,000,032 | -HS- | C] () -- C:\WINDOWS\System32\{EF0457F6-4E56-46B9-8783-B49EB463CC16}.dat
[2010/04/02 21:28:18 | 000,001,793 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Norton Personal Firewall.lnk
[2010/04/02 11:42:53 | 001,908,578 | ---- | C] () -- C:\Documents and Settings\Michael\My Documents\PD017.pdf
[2010/04/01 22:23:23 | 000,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2010/04/01 22:23:23 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2010/04/01 22:22:42 | 000,014,848 | ---- | C] () -- C:\Documents and Settings\Michael\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/04/01 13:21:58 | 000,002,155 | ---- | C] () -- C:\Documents and Settings\Michael\Desktop\310310 Letter Benefits Services MF.doc
[2010/04/01 12:31:28 | 000,000,578 | ---- | C] () -- C:\WINDOWS\tasks\AiO Home Center Registration Remind Task.job
[2010/04/01 12:27:13 | 000,000,775 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\KODAK AiO Home Centre.lnk
[2010/04/01 12:17:02 | 000,246,660 | ---- | C] () -- C:\Documents and Settings\Michael\Local Settings\Application Data\installer.log
[2010/04/01 11:39:56 | 000,068,063 | ---- | C] () -- C:\Documents and Settings\Michael\Desktop\topHeader1.jpg
[2010/04/01 09:54:10 | 000,000,710 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Keyring Creator 2.lnk
[2010/04/01 09:48:50 | 000,013,646 | ---- | C] () -- C:\WINDOWS\System32\wpa.bak
[2010/04/01 09:48:38 | 000,613,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.chm
[2010/04/01 09:48:38 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud7.wav
[2010/04/01 09:48:38 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud6.wav
[2010/04/01 09:48:38 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud9.wav
[2010/04/01 09:48:38 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud8.wav
[2010/04/01 09:48:38 | 000,086,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud5.wav
[2010/04/01 09:48:38 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud4.wav
[2010/04/01 09:48:38 | 000,010,457 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.hta
[2010/04/01 09:48:38 | 000,001,771 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.css
[2010/04/01 09:48:38 | 000,000,855 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpocm.inf
[2010/04/01 09:48:38 | 000,000,420 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmploc.js
[2010/04/01 09:48:37 | 000,354,468 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud1.wav
[2010/04/01 09:48:37 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud3.wav
[2010/04/01 09:48:37 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud2.wav
[2010/04/01 09:48:37 | 000,017,272 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmdm.inf
[2010/04/01 09:48:37 | 000,008,677 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm7.gif
[2010/04/01 09:48:37 | 000,007,892 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm9.gif
[2010/04/01 09:48:37 | 000,007,636 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm2.gif
[2010/04/01 09:48:37 | 000,007,369 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm4.gif
[2010/04/01 09:48:37 | 000,006,769 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmfsdk.inf
[2010/04/01 09:48:37 | 000,006,241 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm3.gif
[2010/04/01 09:48:37 | 000,006,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm6.gif
[2010/04/01 09:48:37 | 000,005,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm1.gif
[2010/04/01 09:48:37 | 000,004,193 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm8.gif
[2010/04/01 09:48:37 | 000,002,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm5.gif
[2010/04/01 09:48:35 | 000,300,969 | ---- | C] () -- C:\WINDOWS\System32\dllcache\viz.wmv
[2010/04/01 09:48:35 | 000,017,489 | ---- | C] () -- C:\WINDOWS\System32\dllcache\videobg.gif
[2010/04/01 09:48:35 | 000,005,290 | ---- | C] () -- C:\WINDOWS\System32\dllcache\vidsamp.gif
[2010/04/01 09:48:34 | 000,002,375 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplayh.gif
[2010/04/01 09:48:33 | 000,023,829 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tourbg.gif
[2010/04/01 09:48:33 | 000,003,187 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tour.js
[2010/04/01 09:48:33 | 000,002,469 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplay.gif
[2010/04/01 09:48:33 | 000,002,450 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpause.gif
[2010/04/01 09:48:33 | 000,002,371 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpauseh.gif
[2010/04/01 09:48:33 | 000,001,398 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taon.gif
[2010/04/01 09:48:33 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taonh.gif
[2010/04/01 09:48:33 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoff.gif
[2010/04/01 09:48:33 | 000,001,367 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoffh.gif
[2010/04/01 09:48:31 | 000,001,148 | ---- | C] () -- C:\WINDOWS\System32\dllcache\snd.htm
[2010/04/01 09:48:30 | 000,000,908 | ---- | C] () -- C:\WINDOWS\System32\dllcache\skins.inf
[2010/04/01 09:48:29 | 000,572,557 | ---- | C] () -- C:\WINDOWS\System32\dllcache\rtuner.wmv
[2010/04/01 09:48:28 | 000,077,307 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plyr_err.chm
[2010/04/01 09:48:27 | 000,375,519 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nuskin.wmv
[2010/04/01 09:48:27 | 000,022,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npds.zip
[2010/04/01 09:48:27 | 000,000,403 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npdrmv2.zip
[2010/04/01 09:48:26 | 000,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img
[2010/04/01 09:48:21 | 000,002,778 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogoh.gif
[2010/04/01 09:48:21 | 000,002,545 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogo.gif
[2010/04/01 09:48:20 | 000,097,117 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.hlp
[2010/04/01 09:48:20 | 000,018,286 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.inf
[2010/04/01 09:48:20 | 000,001,885 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.cnt
[2010/04/01 09:48:17 | 000,457,607 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mdlib.wmv
[2010/04/01 09:48:05 | 000,005,971 | ---- | C] () -- C:\WINDOWS\System32\dllcache\events.js
[2010/04/01 09:48:02 | 000,001,355 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2010/04/01 09:47:56 | 001,685,606 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.spd
[2010/04/01 09:47:56 | 000,605,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa
[2010/04/01 09:47:56 | 000,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty
[2010/04/01 09:47:56 | 000,000,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.sdf
[2010/04/01 09:47:55 | 000,643,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa
[2010/04/01 09:47:55 | 000,381,425 | ---- | C] () -- C:\WINDOWS\System32\dllcache\copycd.wmv
[2010/04/01 09:47:55 | 000,009,585 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.css
[2010/04/01 09:47:55 | 000,008,298 | ---- | C] () -- C:\WINDOWS\System32\dllcache\contents.htm
[2010/04/01 09:47:55 | 000,006,878 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.js
[2010/04/01 09:47:55 | 000,000,999 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bktrh.gif
[2010/04/01 09:47:55 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnth.gif
[2010/04/01 09:47:55 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnt.gif
[2010/04/01 09:47:55 | 000,000,772 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cntd.gif
[2010/04/01 09:47:55 | 000,000,760 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapph.gif
[2010/04/01 09:47:55 | 000,000,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapp.gif
[2010/04/01 09:47:53 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28603.nls
[2010/04/01 09:47:53 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28603.nls
[2010/04/01 09:47:52 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_857.nls
[2010/04/01 09:47:52 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_857.nls
[2010/04/01 09:47:52 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28599.nls
[2010/04/01 09:47:52 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28599.nls
[2010/04/01 09:47:52 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10081.nls
[2010/04/01 09:47:52 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10081.nls
[2010/04/01 09:47:50 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28595.nls
[2010/04/01 09:47:50 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28595.NLS
[2010/04/01 09:47:50 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10017.nls
[2010/04/01 09:47:50 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10017.nls
[2010/04/01 09:47:50 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10007.nls
[2010/04/01 09:47:50 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10007.nls
[2010/04/01 09:47:48 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_869.nls
[2010/04/01 09:47:48 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_869.nls
[2010/04/01 09:47:48 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_737.nls
[2010/04/01 09:47:48 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_737.nls
[2010/04/01 09:47:48 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_875.nls
[2010/04/01 09:47:48 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_875.nls
[2010/04/01 09:47:48 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28597.nls
[2010/04/01 09:47:48 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28597.NLS
[2010/04/01 09:47:48 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10006.nls
[2010/04/01 09:47:48 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10006.nls
[2010/04/01 09:47:47 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_866.nls
[2010/04/01 09:47:47 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_866.nls
[2010/04/01 09:47:47 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_855.nls
[2010/04/01 09:47:47 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_855.nls
[2010/04/01 09:47:47 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28594.nls
[2010/04/01 09:47:47 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28594.NLS
[2010/04/01 09:47:45 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_852.nls
[2010/04/01 09:47:45 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_852.nls
[2010/04/01 09:47:45 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10082.nls
[2010/04/01 09:47:45 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10082.nls
[2010/04/01 09:47:45 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10029.nls
[2010/04/01 09:47:45 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10029.nls
[2010/04/01 09:47:45 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10010.nls
[2010/04/01 09:47:45 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10010.nls
[2010/04/01 09:47:44 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20127.nls
[2010/04/01 09:47:44 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_20127.nls
[2010/04/01 09:47:40 | 000,001,688 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2010/04/01 09:47:28 | 001,042,903 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP2.CAT
[2010/04/01 09:47:28 | 000,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2010/04/01 09:47:28 | 000,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2010/04/01 09:47:28 | 000,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2010/04/01 09:47:28 | 000,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2010/04/01 09:47:28 | 000,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2010/04/01 09:47:28 | 000,007,382 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2010/04/01 09:47:28 | 000,007,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat
[2010/04/01 09:46:44 | 000,095,072 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/04/01 09:46:08 | 000,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod
[2010/04/01 09:45:47 | 000,000,261 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf
[2010/04/01 09:37:16 | 000,000,281 | RHS- | C] () -- C:\boot.ini
[2010/04/01 09:16:43 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\Symantec NetDetect.job
[2010/04/01 09:16:10 | 000,000,032 | -HS- | C] () -- C:\WINDOWS\System32\{DE22D068-8219-41C3-AE36-5E3813B59FC9}.dat
[2010/04/01 09:16:10 | 000,000,032 | -HS- | C] () -- C:\WINDOWS\{79CB7DF4-0E71-40E6-9FB5-CD8648B871B0}.dat
[2010/04/01 09:16:05 | 000,000,014 | ---- | C] () -- C:\WINDOWS\System32\SR2.dat
[2010/04/01 09:14:29 | 000,001,925 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Norton AntiVirus 2003 Professional Edition.lnk
[2010/04/01 09:14:27 | 000,123,619 | ---- | C] () -- C:\WINDOWS\System32\SYMEVNT.386
[2010/04/01 09:04:10 | 000,001,024 | -H-- | C] () -- C:\Documents and Settings\Michael\ntuser.dat.LOG
[2010/04/01 09:04:10 | 000,000,178 | -HS- | C] () -- C:\Documents and Settings\Michael\ntuser.ini
[2010/04/01 09:04:09 | 003,145,728 | -H-- | C] () -- C:\Documents and Settings\Michael\NTUSER.DAT
[2010/04/01 09:02:43 | 000,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2010/04/01 09:01:44 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010/04/01 09:01:36 | 000,028,288 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xjis.nls
[2010/04/01 09:00:54 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prcp.nls
[2010/04/01 09:00:54 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prc.nls
[2010/04/01 09:00:52 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2010/04/01 09:00:27 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2010/04/01 09:00:27 | 000,047,066 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ksc.nls
[2010/04/01 09:00:17 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2010/04/01 09:00:16 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2010/04/01 09:00:13 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2010/04/01 09:00:04 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2010/04/01 08:59:59 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2010/04/01 08:59:39 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2010/04/01 08:59:35 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_870.nls
[2010/04/01 08:59:34 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_864.nls
[2010/04/01 08:59:34 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_862.nls
[2010/04/01 08:59:34 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_858.nls
[2010/04/01 08:59:34 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_720.nls
[2010/04/01 08:59:34 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_708.nls
[2010/04/01 08:59:33 | 000,180,770 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20932.nls
[2010/04/01 08:59:33 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20949.nls
[2010/04/01 08:59:33 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20936.nls
[2010/04/01 08:59:33 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28596.nls
[2010/04/01 08:59:33 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21027.nls
[2010/04/01 08:59:33 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21025.nls
[2010/04/01 08:59:32 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20924.nls
[2010/04/01 08:59:32 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20880.nls
[2010/04/01 08:59:32 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20871.nls
[2010/04/01 08:59:32 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20838.nls
[2010/04/01 08:59:32 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20833.nls
[2010/04/01 08:59:32 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20424.nls
[2010/04/01 08:59:32 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20423.nls
[2010/04/01 08:59:32 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20420.nls
[2010/04/01 08:59:32 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20297.nls
[2010/04/01 08:59:31 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20290.nls
[2010/04/01 08:59:31 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20285.nls
[2010/04/01 08:59:31 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20284.nls
[2010/04/01 08:59:31 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20280.nls
[2010/04/01 08:59:31 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20278.nls
[2010/04/01 08:59:31 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20277.nls
[2010/04/01 08:59:31 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20273.nls
[2010/04/01 08:59:31 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20269.nls
[2010/04/01 08:59:30 | 000,187,938 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20005.nls
[2010/04/01 08:59:30 | 000,185,378 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20003.nls
[2010/04/01 08:59:30 | 000,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20004.nls
[2010/04/01 08:59:30 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20002.nls
[2010/04/01 08:59:30 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20108.nls
[2010/04/01 08:59:30 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20107.nls
[2010/04/01 08:59:30 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20106.nls
[2010/04/01 08:59:30 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20105.nls
[2010/04/01 08:59:29 | 000,189,986 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1361.nls
[2010/04/01 08:59:29 | 000,186,402 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20001.nls
[2010/04/01 08:59:29 | 000,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20000.nls
[2010/04/01 08:59:29 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1149.nls
[2010/04/01 08:59:29 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1148.nls
[2010/04/01 08:59:29 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1147.nls
[2010/04/01 08:59:28 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1146.nls
[2010/04/01 08:59:28 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1145.nls
[2010/04/01 08:59:28 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1144.nls
[2010/04/01 08:59:28 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1143.nls
[2010/04/01 08:59:28 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1142.nls
[2010/04/01 08:59:28 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1141.nls
[2010/04/01 08:59:28 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1140.nls
[2010/04/01 08:59:28 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1047.nls
[2010/04/01 08:59:27 | 000,195,618 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10002.nls
[2010/04/01 08:59:27 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10003.nls
[2010/04/01 08:59:27 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10008.nls
[2010/04/01 08:59:27 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10021.nls
[2010/04/01 08:59:27 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10005.nls
[2010/04/01 08:59:27 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10004.nls
[2010/04/01 08:59:26 | 000,162,850 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10001.nls
[2010/04/01 08:59:26 | 000,082,172 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bopomofo.nls
[2010/04/01 08:59:26 | 000,066,728 | ---- | C] () -- C:\WINDOWS\System32\dllcache\big5.nls
[2010/04/01 08:58:49 | 000,002,577 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/04/01 08:58:49 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2010/04/01 08:58:49 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2010/04/01 08:58:49 | 000,000,000 | ---- | C] () -- C:\CONFIG.SYS
[2010/04/01 08:58:49 | 000,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT
[2010/04/01 08:58:41 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2010/04/01 08:58:41 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2010/04/01 08:58:39 | 000,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2010/04/01 08:57:28 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\WindowsLogon.manifest
[2010/04/01 08:57:28 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2010/04/01 08:57:20 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2010/04/01 08:57:20 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\WindowsShell.Manifest
[2010/04/01 08:57:20 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2010/04/01 08:57:20 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2010/04/01 08:57:20 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2010/04/01 08:57:20 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2010/04/01 08:57:02 | 004,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex
[2010/04/01 08:56:38 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2010/04/01 08:56:38 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2010/04/01 08:56:33 | 000,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf
[2010/04/01 08:55:56 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010/04/01 08:54:41 | 000,065,978 | ---- | C] () -- C:\WINDOWS\Soap Bubbles.bmp
[2010/04/01 08:54:41 | 000,065,954 | ---- | C] () -- C:\WINDOWS\Prairie Wind.bmp
[2010/04/01 08:54:41 | 000,065,832 | ---- | C] () -- C:\WINDOWS\Santa Fe Stucco.bmp
[2010/04/01 08:54:41 | 000,026,680 | ---- | C] () -- C:\WINDOWS\River Sumida.bmp
[2010/04/01 08:54:41 | 000,026,582 | ---- | C] () -- C:\WINDOWS\Greenstone.bmp
[2010/04/01 08:54:41 | 000,017,362 | ---- | C] () -- C:\WINDOWS\Rhododendron.bmp
[2010/04/01 08:54:41 | 000,017,336 | ---- | C] () -- C:\WINDOWS\Gone Fishing.bmp
[2010/04/01 08:54:41 | 000,017,062 | ---- | C] () -- C:\WINDOWS\Coffee Bean.bmp
[2010/04/01 08:54:41 | 000,016,730 | ---- | C] () -- C:\WINDOWS\FeatherTexture.bmp
[2010/04/01 08:54:41 | 000,009,522 | ---- | C] () -- C:\WINDOWS\Zapotec.bmp
[2010/04/01 08:54:41 | 000,001,272 | ---- | C] () -- C:\WINDOWS\Blue Lace 16.bmp
[2010/04/01 08:54:40 | 000,093,702 | ---- | C] () -- C:\WINDOWS\System32\subrange.uce
[2010/04/01 08:54:40 | 000,060,458 | ---- | C] () -- C:\WINDOWS\System32\ideograf.uce
[2010/04/01 08:54:40 | 000,024,006 | ---- | C] () -- C:\WINDOWS\System32\gb2312.uce
[2010/04/01 08:54:40 | 000,022,984 | ---- | C] () -- C:\WINDOWS\System32\bopomofo.uce
[2010/04/01 08:54:40 | 000,016,740 | ---- | C] () -- C:\WINDOWS\System32\shiftjis.uce
[2010/04/01 08:54:40 | 000,012,876 | ---- | C] () -- C:\WINDOWS\System32\korean.uce
[2010/04/01 08:54:40 | 000,008,484 | ---- | C] () -- C:\WINDOWS\System32\kanji_2.uce
[2010/04/01 08:54:40 | 000,006,948 | ---- | C] () -- C:\WINDOWS\System32\kanji_1.uce
[2010/04/01 08:54:39 | 000,001,161 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2010/04/01 08:54:38 | 000,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h
[2010/04/01 08:54:38 | 000,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h
[2010/04/01 08:54:33 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc
[2009/01/05 15:44:10 | 000,000,453 | ---- | C] () -- C:\WINDOWS\bdoscandellang.ini
[2003/02/18 18:26:28 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\cmirmdrv.dll
< End of report >




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users