Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Browser Redirect, Tried EVERYTHING


  • This topic is locked This topic is locked
30 replies to this topic

#1 legogirl88

legogirl88

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:10:30 PM

Posted 23 July 2010 - 11:27 AM

Split from here: http://www.bleepingcomputer.com/forums/t/332821/browser-redirect-tried-everything/ Please read for problem description. ~ OB

That didn't work....I think the problem is deeper than that.

Here's what I'm running:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:26:24 AM, on 7/23/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ycomp/def...//www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.dell.com/openmanage
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: YSPManager - {25BC7718-0BFA-40EA-B381-4B2D9732D686} - C:\Program Files\Yahoo!\Search Protection\ysp.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [BlackBerryAutoUpdate] C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe /background
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\K. Nykol Brown\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

--
End of file - 6469 bytes

Edited by Orange Blossom, 27 July 2010 - 11:27 PM.


BC AdBot (Login to Remove)

 


#2 syler

syler

  • Malware Response Team
  • 8,150 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Warrington, UK
  • Local time:04:30 AM

Posted 30 July 2010 - 10:37 AM

Hello legogirl88, My name is Syler and I will be helping you to solve your malware issues. Sorry for the delay
in replying, we are very busy at the moment.

Please note we are very busy, so if I don't hear from you within 5 days the topic will be closed, If you have
since resolved your issues I would appreciate if you would let me no so I can close this topic.


Please download Malwarebytes' Anti-Malware from Here

Note: If you already have Malwarebytes' Anti-Malware, just update then run it.
  • Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan (the scan may take some time to finish, so please be patient).
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy and Paste the entire report in your next reply .
Note: If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.



Please follow these instructions to disable any CD Emulation programs using DeFogger.
  1. Please download GMER from one of the following locations, and save it to your desktop:
    • Main Mirror
      This version will download a randomly named file (Recommended)
    • Zip Mirror
      This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.
  2. Disconnect from the Internet and close all running programs, as this process may crash your computer.
  3. Temporarily disable any real-time active protection so your security program drivers will not conflict with gmer's driver.
  4. Double click on Gmer to run it.
  5. Allow the gmer.sys driver to load if asked.
  6. You may see a rootkit warning window, If you do, click No.
  7. Untick the following boxes on the right side of the Gmer screen.
    Show All
  8. Click on and wait for the scan to finish.
  9. If you see a rootkit warning window, click OK.
  10. Push and save the logfile to your desktop.
  11. Copy and Paste the contents of that file in your next post.




We need to create an OTL Report
  1. Please download OTL from one of the following mirrors:
  2. Save it to your desktop.
  3. Double click on the icon on your desktop.
  4. Click the "Scan All Users" checkbox.
    Under the Custom Scans/Fixes box at the bottom, paste in the following bold text.
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\System32\config\*.sav
    %systemroot%\*. /mp /s
    %SYSTEMDRIVE%\*.exe
    netsvcs
    msconfig
    drivers32
    CREATERESTOREPOINT

  5. Push the button.
  6. Two reports will open, copy and paste them in a reply here:
    • OTL.txt <-- Will be opened
    • Extra.txt <-- Will be minimized


Then please post back here with the following logs:
  • MBAM log
  • Gmer log
  • OTL.txt
  • Extra.txt

Thanks

unite.jpg


#3 legogirl88

legogirl88
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:10:30 PM

Posted 01 August 2010 - 12:45 PM

Thank you for helping me! I didn't an "Extra.txt" file....here's what I have:

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4052

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

8/1/2010 11:35:26 AM
mbam-log-2010-08-01 (11-35-26).txt

Scan type: Quick scan
Objects scanned: 111523
Time elapsed: 5 minute(s), 14 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)





----------------------------------------------------------------------



GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-08-01 12:25:35
Windows 5.1.2600 Service Pack 3
Running: vueclfom.exe; Driver: C:\DOCUME~1\K9689~1.NYK\LOCALS~1\Temp\pxtdqpog.sys


---- Devices - GMER 1.0.15 ----

AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)

Device \FileSystem\Fastfat \Fat A91A7D20

AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

---- EOF - GMER 1.0.15 ----


---------------------------------------------------------



OTL logfile created on: 8/1/2010 12:26:37 PM - Run 2
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Documents and Settings\K. Nykol Brown\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

503.00 Mb Total Physical Memory | 139.00 Mb Available Physical Memory | 28.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 77.00% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 52.72 Gb Total Space | 40.03 Gb Free Space | 75.93% Space Free | Partition Type: NTFS
Drive D: | 18.61 Gb Total Space | 18.55 Gb Free Space | 99.66% Space Free | Partition Type: NTFS
Drive E: | 654.81 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: B130
Current User Name: K. Nykol Brown
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/08/01 11:31:57 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\K. Nykol Brown\My Documents\Downloads\OTL.exe
PRC - [2010/04/29 15:39:34 | 000,304,464 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2010/03/10 22:32:26 | 000,648,536 | ---- | M] (Research In Motion Limited) -- C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe
PRC - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/04/06 14:58:52 | 001,032,192 | ---- | M] (Dell Inc) -- C:\Program Files\Dell\QuickSet\quickset.exe
PRC - [2006/04/06 14:57:54 | 000,380,928 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\QuickSet\NicConfigSvc.exe
PRC - [2006/03/24 17:30:44 | 000,282,624 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\stsystra.exe
PRC - [2005/07/22 12:21:40 | 012,061,896 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE


========== Modules (SafeList) ==========

MOD - [2010/08/01 11:31:57 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\K. Nykol Brown\My Documents\Downloads\OTL.exe
MOD - [2008/04/13 19:10:20 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2006/04/06 14:59:08 | 000,073,728 | ---- | M] () -- C:\Program Files\Dell\QuickSet\dadkeyb.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - [2010/04/29 15:39:34 | 000,304,464 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2006/04/06 14:57:54 | 000,380,928 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell\QuickSet\NicConfigSvc.exe -- (NICCONFIGSVC)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\UIUSys.sys -- (UIUSys)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\K9689~1.NYK\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2010/04/29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2008/12/16 15:44:42 | 000,516,480 | ---- | M] (Digital Camera) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\Ca1528av.sys -- (Ca1528av)
DRV - [2008/06/27 16:41:14 | 000,011,648 | ---- | M] (SunPlus) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Bulk1528.sys -- (Bulk1528)
DRV - [2008/04/13 11:36:05 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2006/03/24 17:34:30 | 001,156,648 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2006/03/08 12:35:10 | 000,191,872 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)
DRV - [2005/11/02 13:24:34 | 000,424,320 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2005/08/12 17:50:46 | 000,016,128 | ---- | M] (Dell Inc) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS -- (APPDRV)
DRV - [2005/08/05 11:32:16 | 000,045,312 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2005/07/22 11:02:12 | 001,035,008 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2005/07/22 11:01:08 | 000,201,600 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2005/07/22 11:01:00 | 000,717,952 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2001/08/22 08:42:58 | 000,013,632 | ---- | M] (Dell Computer Corporation) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\OMCI.SYS -- (OMCI)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1417001333-2000478354-2147097355-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
IE - HKU\S-1-5-21-1417001333-2000478354-2147097355-1004\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
IE - HKU\S-1-5-21-1417001333-2000478354-2147097355-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1417001333-2000478354-2147097355-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.startup.homepage: "www.yahoo.com"
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/07/24 16:16:02 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/07/25 17:47:31 | 000,000,000 | ---D | M]

[2010/07/25 17:48:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\K. Nykol Brown\Application Data\Mozilla\Extensions
[2010/07/25 17:48:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\K. Nykol Brown\Application Data\Mozilla\Extensions\mozswing@mozswing.org
[2010/08/01 11:25:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\K. Nykol Brown\Application Data\Mozilla\Firefox\Profiles\r2nrabz6.default\extensions
[2010/07/23 12:22:37 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\K. Nykol Brown\Application Data\Mozilla\Firefox\Profiles\r2nrabz6.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/07/18 22:56:24 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Documents and Settings\K. Nykol Brown\Application Data\Mozilla\Firefox\Profiles\r2nrabz6.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2010/08/01 11:25:21 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/07/25 17:47:34 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/07/25 17:47:18 | 000,423,656 | ---- | M] (Oracle) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll

O1 HOSTS File: ([2010/07/18 22:44:13 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Yahooo Search Protection) - {25BC7718-0BFA-40EA-B381-4B2D9732D686} - C:\Program Files\Yahoo!\Search Protection\ysp.dll (Yahoo! Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O3 - HKU\S-1-5-21-1417001333-2000478354-2147097355-1004\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [BlackBerryAutoUpdate] C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe (Research In Motion Limited)
O4 - HKLM..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
O4 - Startup: C:\Documents and Settings\K. Nykol Brown\Start Menu\Programs\Startup\LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe (Lime Wire, LLC)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1417001333-2000478354-2147097355-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1417001333-2000478354-2147097355-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1417001333-2000478354-2147097355-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1417001333-2000478354-2147097355-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl...indows-i586.cab (Java Plug-in 1.4.2_03)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_21)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\K. Nykol Brown\Desktop\myBox o'Stuff\capital one design copy.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\K. Nykol Brown\Desktop\myBox o'Stuff\capital one design copy.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/07/17 10:24:17 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2002/10/15 05:51:31 | 000,000,066 | R--- | M] () - E:\AUTORUN.INF -- [ CDFS ]
O32 - AutoRun File - [2002/01/07 11:13:00 | 000,258,048 | R--- | M] () - E:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2002/10/15 05:56:54 | 000,000,000 | R--D | M] - E:\autorun -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found
NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Wmi - C:\WINDOWS\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found


Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.SP54 - SP5X_32.DLL File not found
Drivers32: VIDC.SP55 - SP5X_32.DLL File not found
Drivers32: VIDC.SP56 - SP5X_32.DLL File not found
Drivers32: VIDC.SP57 - SP5X_32.DLL File not found
Drivers32: VIDC.SP58 - SP5X_32.DLL File not found
Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (16902109354000384)

========== Files/Folders - Created Within 30 Days ==========

[2010/07/29 22:45:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\K. Nykol Brown\Desktop\New Folder
[2010/07/25 17:48:39 | 000,000,000 | R--D | C] -- C:\Documents and Settings\K. Nykol Brown\My Documents\LimeWire
[2010/07/25 17:48:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\K. Nykol Brown\Application Data\LimeWire
[2010/07/25 17:47:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun
[2010/07/25 17:47:31 | 000,423,656 | ---- | C] (Oracle) -- C:\WINDOWS\System32\deployJava1.dll
[2010/07/25 17:47:31 | 000,153,376 | ---- | C] (Oracle) -- C:\WINDOWS\System32\javaws.exe
[2010/07/25 17:47:31 | 000,145,184 | ---- | C] (Oracle) -- C:\WINDOWS\System32\javaw.exe
[2010/07/25 17:47:31 | 000,145,184 | ---- | C] (Oracle) -- C:\WINDOWS\System32\java.exe
[2010/07/25 17:47:31 | 000,073,728 | ---- | C] (Oracle) -- C:\WINDOWS\System32\javacpl.cpl
[2010/07/24 23:48:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\K. Nykol Brown\Application Data\Uniblue
[2010/07/24 23:46:03 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\K. Nykol Brown\Recent
[2010/07/24 08:26:15 | 000,010,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndisip.sys
[2010/07/24 08:26:10 | 000,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstee.sys
[2010/07/24 08:26:05 | 000,015,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\streamip.sys
[2010/07/24 08:26:04 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipsink.ax
[2010/07/24 08:26:04 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipsink.ax
[2010/07/24 08:26:00 | 000,011,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\slip.sys
[2010/07/24 08:25:55 | 000,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wstcodec.sys
[2010/07/24 08:25:51 | 000,085,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nabtsfec.sys
[2010/07/24 08:25:47 | 000,017,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ccdecode.sys
[2010/07/24 08:25:39 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vfwwdm32.dll
[2010/07/24 08:25:39 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vfwwdm32.dll
[2010/07/24 08:25:38 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kswdmcap.ax
[2010/07/24 08:25:38 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kswdmcap.ax
[2010/07/24 08:25:38 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kstvtune.ax
[2010/07/24 08:25:38 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kstvtune.ax
[2010/07/24 08:25:38 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksxbar.ax
[2010/07/24 08:25:38 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksxbar.ax
[2010/07/24 08:25:29 | 000,516,480 | ---- | C] (Digital Camera) -- C:\WINDOWS\System32\drivers\Ca1528av.sys
[2010/07/24 08:25:29 | 000,131,072 | ---- | C] (Sunplus) -- C:\WINDOWS\System\SP5X_32.DLL
[2010/07/24 08:25:29 | 000,011,648 | ---- | C] (SunPlus) -- C:\WINDOWS\System32\drivers\Bulk1528.sys
[2010/07/24 08:25:28 | 000,016,384 | ---- | C] (Windows ® 2000 DDK provider) -- C:\WINDOWS\System32\Dext1528.ax
[2010/07/24 08:25:28 | 000,000,000 | ---D | C] -- C:\Program Files\SPCA1528
[2010/07/24 08:24:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Vivitar
[2010/07/24 08:24:24 | 000,060,273 | ---- | C] (Open Source Software community project) -- C:\WINDOWS\System32\pthreadGC2.dll
[2010/07/24 08:24:24 | 000,000,000 | ---D | C] -- C:\Program Files\ffdshow
[2010/07/24 08:23:40 | 000,000,000 | ---D | C] -- C:\Program Files\Vivitar Experience Image Manager
[2010/07/23 11:26:07 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010/07/22 12:27:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Yahoo!
[2010/07/22 12:27:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple
[2010/07/21 00:29:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\K. Nykol Brown\My Documents\Harry Potter II
[2010/07/21 00:28:46 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010/07/18 23:03:38 | 000,032,824 | ---- | C] (Resplendence Software Projects Sp) -- C:\WINDOWS\System32\rrMon.sys
[2010/07/18 23:03:33 | 000,000,000 | ---D | C] -- C:\Program Files\Registrar Registry Manager
[2010/07/18 22:47:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2010/07/18 22:38:30 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010/07/18 22:36:55 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010/07/18 22:36:55 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010/07/18 22:36:55 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010/07/18 22:36:55 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010/07/18 22:35:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/07/18 22:35:26 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010/07/18 22:10:41 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\K. Nykol Brown\IECompatCache
[2010/07/18 21:18:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\K. Nykol Brown\Local Settings\Application Data\Temp
[2010/07/18 21:18:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\K. Nykol Brown\Local Settings\Application Data\Google
[2010/07/18 15:08:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2010/07/18 15:08:29 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2010/07/18 15:08:21 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2010/07/18 15:07:51 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\printfilterpipelinesvc.exe
[2010/07/18 15:07:51 | 000,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpsshhdr.dll
[2010/07/18 15:07:51 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\prntvpt.dll
[2010/07/18 15:07:51 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\filterpipelineprintproc.dll
[2010/07/18 15:07:50 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpssvcs.dll
[2010/07/18 15:07:50 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpssvcs.dll
[2010/07/18 15:07:50 | 000,000,000 | ---D | C] -- C:\242aea37d657bf588fbdf238e3
[2010/07/18 15:02:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Research In Motion
[2010/07/18 12:23:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2010/07/18 10:58:02 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2010/07/18 10:58:02 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2010/07/18 10:58:00 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2010/07/18 10:57:59 | 001,985,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2010/07/18 10:57:57 | 011,076,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2010/07/17 20:26:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\K. Nykol Brown\My Documents\Harry Potter and the Prisoner of Azkaban
[2010/07/17 20:22:46 | 000,000,000 | ---D | C] -- C:\Program Files\EA GAMES
[2010/07/17 18:53:57 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\K. Nykol Brown\PrivacIE
[2010/07/17 17:03:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2010/07/17 16:16:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting
[2010/07/17 16:16:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2010/07/17 16:15:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en
[2010/07/17 16:15:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2010/07/17 16:10:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2010/07/17 16:05:24 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2010/07/17 15:11:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MpEngineStore
[2010/07/17 14:55:25 | 000,276,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmphoto.dll
[2010/07/17 14:55:24 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wlanapi.dll
[2010/07/17 14:55:22 | 000,712,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\windowscodecs.dll
[2010/07/17 14:55:22 | 000,346,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\windowscodecsext.dll
[2010/07/17 14:55:20 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\verclsid.exe
[2010/07/17 14:55:16 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsgqec.dll
[2010/07/17 14:55:07 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\setupn.exe
[2010/07/17 14:55:05 | 000,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rhttpaa.dll
[2010/07/17 14:55:03 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rasqec.dll
[2010/07/17 14:55:02 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qutil.dll
[2010/07/17 14:55:01 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qagent.dll
[2010/07/17 14:55:01 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qcliprov.dll
[2010/07/17 14:55:00 | 000,412,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\photometadatahandler.dll
[2010/07/17 14:54:58 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\onex.dll
[2010/07/17 14:54:50 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napmontr.dll
[2010/07/17 14:54:50 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napstat.exe
[2010/07/17 14:54:50 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napipsec.dll
[2010/07/17 14:54:49 | 001,372,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6.dll
[2010/07/17 14:54:49 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6r.dll
[2010/07/17 14:54:47 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mssha.dll
[2010/07/17 14:54:47 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msshavmsg.dll
[2010/07/17 14:54:36 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcperf.exe
[2010/07/17 14:54:35 | 000,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcex.dll
[2010/07/17 14:54:35 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\microsoft.managementconsole.dll
[2010/07/17 14:54:35 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcfxcommon.dll
[2010/07/17 14:54:26 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\l2gpstore.dll
[2010/07/17 14:54:26 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpash.dll
[2010/07/17 14:54:26 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdnepr.dll
[2010/07/17 14:54:26 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdiultn.dll
[2010/07/17 14:54:26 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbhc.dll
[2010/07/17 14:54:20 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ieencode.dll
[2010/07/17 14:54:09 | 000,184,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapp3hst.dll
[2010/07/17 14:54:09 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapphost.dll
[2010/07/17 14:54:09 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappcfg.dll
[2010/07/17 14:54:09 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappgnui.dll
[2010/07/17 14:54:09 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapqec.dll
[2010/07/17 14:54:09 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappprxy.dll
[2010/07/17 14:54:09 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapolqec.dll
[2010/07/17 14:54:07 | 000,650,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3ui.dll
[2010/07/17 14:54:07 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3cfg.dll
[2010/07/17 14:54:07 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3msm.dll
[2010/07/17 14:54:07 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3gpclnt.dll
[2010/07/17 14:54:07 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3api.dll
[2010/07/17 14:54:07 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3dlg.dll
[2010/07/17 14:54:06 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dimsroam.dll
[2010/07/17 14:54:04 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dhcpqec.dll
[2010/07/17 14:53:59 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\azroles.dll
[2010/07/17 14:53:59 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx4.dll
[2010/07/17 14:53:52 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\aaclient.dll
[2010/07/17 14:20:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\K. Nykol Brown\Application Data\Blackberry Desktop
[2010/07/17 14:17:27 | 000,272,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthport.sys
[2010/07/17 14:16:59 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srv.sys
[2010/07/17 14:16:33 | 000,455,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys
[2010/07/17 14:16:13 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aclayers.dll
[2010/07/17 14:14:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\K. Nykol Brown\Application Data\Research In Motion
[2010/07/17 14:12:22 | 000,203,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rmcast.sys
[2010/07/17 14:12:08 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe
[2010/07/17 14:11:55 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\t2embed.dll
[2010/07/17 14:11:55 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fontsub.dll
[2010/07/17 14:08:31 | 000,730,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lsasrv.dll
[2010/07/17 14:08:29 | 002,189,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe
[2010/07/17 14:08:29 | 002,146,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe
[2010/07/17 14:08:27 | 002,024,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe
[2010/07/17 14:06:01 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Roxio Shared
[2010/07/17 14:05:24 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Research In Motion
[2010/07/17 14:05:16 | 000,000,000 | ---D | C] -- C:\Program Files\Research In Motion
[2010/07/17 13:58:44 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netapi32.dll
[2010/07/17 13:58:07 | 000,000,000 | R-SD | C] -- C:\WINDOWS\assembly
[2010/07/17 13:55:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET
[2010/07/17 13:52:26 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cabview.dll
[2010/07/17 13:51:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2010/07/17 13:49:23 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 6.0
[2010/07/17 13:48:42 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
[2010/07/17 13:45:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\K. Nykol Brown\Local Settings\Application Data\Yahoo
[2010/07/17 13:43:25 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\K. Nykol Brown\IETldCache
[2010/07/17 13:41:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\K. Nykol Brown\Application Data\Macromedia
[2010/07/17 13:39:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\K. Nykol Brown\Local Settings\Application Data\Mozilla
[2010/07/17 13:39:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\K. Nykol Brown\Application Data\Mozilla
[2010/07/17 13:39:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2010/07/17 13:38:01 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2010/07/17 13:38:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US
[2010/07/17 13:35:59 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2010/07/17 13:34:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\K. Nykol Brown\Local Settings\Application Data\Yahoo!
[2010/07/17 13:33:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Yahoo!
[2010/07/17 13:31:37 | 000,000,000 | R--D | C] -- C:\Documents and Settings\K. Nykol Brown\My Documents\Program Tools
[2010/07/17 13:27:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2010/07/17 13:24:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\K. Nykol Brown\Application Data\Malwarebytes
[2010/07/17 13:24:53 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/07/17 13:24:52 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/07/17 13:24:51 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/07/17 13:24:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/07/17 13:24:25 | 000,000,000 | ---D | C] -- C:\Program Files\Uniblue
[2010/07/17 13:19:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Adobe
[2010/07/17 13:17:13 | 000,000,000 | R--D | C] -- C:\Documents and Settings\K. Nykol Brown\My Documents\Updater
[2010/07/17 13:16:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\K. Nykol Brown\Application Data\Adobe
[2010/07/17 13:15:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\K. Nykol Brown\Local Settings\Application Data\Adobe
[2010/07/17 13:09:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\Adobe PDF
[2010/07/17 13:07:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe Systems
[2010/07/17 13:07:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe Systems Shared
[2010/07/17 13:00:28 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Plus! Digital Media Edition
[2010/07/17 12:58:47 | 000,000,000 | ---D | C] -- C:\Program Files\LimeWire
[2010/07/17 12:57:18 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Videos
[2010/07/17 12:55:45 | 000,016,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2010/07/17 12:54:51 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Connect 2
[2010/07/17 12:52:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\UMDF
[2010/07/17 12:52:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles
[2010/07/17 12:52:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2010/07/17 12:51:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\K. Nykol Brown\Application Data\Apple Computer
[2010/07/17 12:51:20 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\WINDOWS\System32\GEARAspi.dll
[2010/07/17 12:50:36 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010/07/17 12:50:32 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2010/07/17 12:50:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[2010/07/17 12:50:11 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2010/07/17 12:49:08 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2010/07/17 12:49:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
[2010/07/17 12:48:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\K. Nykol Brown\Local Settings\Application Data\Apple
[2010/07/17 12:48:42 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2010/07/17 12:48:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
[2010/07/17 12:48:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2010/07/17 12:48:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple
[2010/07/17 12:47:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\K. Nykol Brown\Local Settings\Application Data\Apple Computer
[2010/07/17 12:42:14 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft ActiveSync
[2010/07/17 12:42:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2010/07/17 12:41:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\SHELLNEW
[2010/07/17 12:41:35 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2010/07/17 12:39:01 | 000,000,000 | ---D | C] -- C:\Program Files\Extensis
[2010/07/17 12:38:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2010/07/17 12:37:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2010/07/17 12:36:57 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2010/07/17 12:35:25 | 000,000,000 | ---D | C] -- C:\Program Files\PowerZip 7.0
[2010/07/17 12:34:14 | 000,000,000 | R--D | C] -- C:\Documents and Settings\K. Nykol Brown\My Documents\My Videos
[2010/07/17 12:34:14 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DivX Shared
[2010/07/17 12:34:14 | 000,000,000 | ---D | C] -- C:\Program Files\DivX
[2010/07/17 12:32:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
[2010/07/17 12:32:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\K. Nykol Brown\Application Data\Yahoo!
[2010/07/17 12:32:39 | 000,000,000 | ---D | C] -- C:\Program Files\Yahoo!
[2010/07/17 12:32:37 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010/07/17 12:28:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Zylom
[2010/07/17 12:25:51 | 000,000,000 | R--D | C] -- C:\Documents and Settings\K. Nykol Brown\My Documents\My Porn
[2010/07/17 12:23:38 | 000,000,000 | R--D | C] -- C:\Documents and Settings\K. Nykol Brown\Desktop\myBox o'Stuff
[2010/07/17 12:22:00 | 000,000,000 | R--D | C] -- C:\Documents and Settings\K. Nykol Brown\Desktop\myArt & Designs
[2010/07/17 12:21:37 | 000,000,000 | R--D | C] -- C:\Documents and Settings\K. Nykol Brown\Desktop\myPrograms
[2010/07/17 12:21:18 | 000,000,000 | R--D | C] -- C:\Documents and Settings\K. Nykol Brown\Desktop\Neux Muzik
[2010/07/17 12:16:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nero
[2010/07/17 12:15:42 | 000,106,496 | ---- | C] (Pegasus Software) -- C:\WINDOWS\System32\TwnLib20.dll
[2010/07/17 12:15:37 | 001,568,768 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\ImagX7.dll
[2010/07/17 12:15:37 | 000,476,320 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\ImagXpr7.dll
[2010/07/17 12:15:37 | 000,471,040 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\ImagXRA7.dll
[2010/07/17 12:15:37 | 000,262,144 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\ImagXR7.dll
[2010/07/17 12:15:35 | 000,155,648 | ---- | C] (Ahead Software Gmbh) -- C:\WINDOWS\System32\NeroCheck.exe
[2010/07/17 12:15:32 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Ahead
[2010/07/17 12:15:30 | 000,000,000 | ---D | C] -- C:\Program Files\Ahead
[2010/07/17 12:12:47 | 000,000,000 | ---D | C] -- C:\Program Files\CyberLink
[2010/07/17 11:59:09 | 000,000,000 | ---D | C] -- C:\Program Files\Peggle-Deluxe
[2010/07/17 11:45:24 | 000,000,000 | R--D | C] -- C:\Documents and Settings\K. Nykol Brown\My Documents\Special Fonts
[2010/07/17 11:45:16 | 000,000,000 | R--D | C] -- C:\Documents and Settings\K. Nykol Brown\My Documents\Extra Icons
[2010/07/17 11:44:03 | 000,000,000 | R--D | C] -- C:\Documents and Settings\K. Nykol Brown\My Documents\Downloads
[2010/07/17 11:43:39 | 000,000,000 | ---D | C] -- C:\Program Files\Nestopia
[2010/07/17 11:43:35 | 000,000,000 | ---D | C] -- C:\Program Files\Illustrate
[2010/07/17 11:43:33 | 000,000,000 | ---D | C] -- C:\Program Files\Audacity
[2010/07/17 11:43:32 | 000,000,000 | ---D | C] -- C:\Program Files\Pocket Tanks Deluxe
[2010/07/17 11:43:26 | 000,000,000 | ---D | C] -- C:\Program Files\On Hand Software
[2010/07/17 11:31:06 | 000,135,168 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxres.dll
[2010/07/17 11:27:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\K. Nykol Brown\Application Data\Sun
[2010/07/17 11:27:46 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2010/07/17 11:27:45 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010/07/17 11:27:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\K. Nykol Brown\Local Settings\Application Data\{7148F0A6-6813-11D6-A77B-00B0D0142030}
[2010/07/17 11:26:36 | 000,191,872 | ---- | C] (Synaptics, Inc.) -- C:\WINDOWS\System32\drivers\SynTP.sys
[2010/07/17 11:26:36 | 000,114,688 | ---- | C] (Synaptics, Inc.) -- C:\WINDOWS\System32\SynCtrl.dll
[2010/07/17 11:26:36 | 000,094,299 | ---- | C] (Synaptics, Inc.) -- C:\WINDOWS\System32\SynTPAPI.dll
[2010/07/17 11:26:36 | 000,082,014 | ---- | C] (Synaptics, Inc.) -- C:\WINDOWS\System32\SynCOM.dll
[2010/07/17 11:26:36 | 000,081,920 | ---- | C] (Synaptics, Inc.) -- C:\WINDOWS\System32\SynTPCo2.dll
[2010/07/17 11:26:36 | 000,069,723 | ---- | C] (Synaptics, Inc.) -- C:\WINDOWS\System32\SynTPFcs.dll
[2010/07/17 11:26:36 | 000,000,000 | ---D | C] -- C:\Program Files\Synaptics
[2010/07/17 11:25:56 | 000,000,000 | ---D | C] -- C:\Program Files\CONEXANT
[2010/07/17 11:25:31 | 001,035,008 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\drivers\HSF_DPV.sys
[2010/07/17 11:25:31 | 000,717,952 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\drivers\HSF_CNXT.sys
[2010/07/17 11:25:31 | 000,110,592 | ---- | C] (Conexant Systems, Inc) -- C:\WINDOWS\System32\uci100.dll
[2010/07/17 11:25:29 | 000,201,600 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\drivers\HSFHWAZL.sys
[2010/07/17 11:25:14 | 000,000,000 | ---D | C] -- C:\Program Files\Modem Helper
[2010/07/17 11:24:08 | 004,882,432 | ---- | C] (SigmaTel, Inc.) -- C:\WINDOWS\System32\stacgui.cpl
[2010/07/17 11:24:08 | 001,052,672 | ---- | C] (SigmaTel, Inc.) -- C:\WINDOWS\System32\stlang.dll
[2010/07/17 11:24:08 | 000,282,624 | ---- | C] (SigmaTel, Inc.) -- C:\WINDOWS\stsystra.exe
[2010/07/17 11:24:07 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksuser.dll
[2010/07/17 11:24:07 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksuser.dll
[2010/07/17 11:24:05 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksproxy.ax
[2010/07/17 11:24:05 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksproxy.ax
[2010/07/17 11:24:05 | 000,060,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmk.sys
[2010/07/17 11:24:04 | 000,112,128 | ---- | C] (SigmaTel, Inc.) -- C:\WINDOWS\System32\staco.dll
[2010/07/17 11:23:45 | 001,156,648 | ---- | C] (SigmaTel, Inc.) -- C:\WINDOWS\System32\drivers\sthda.sys
[2010/07/17 11:23:44 | 000,208,896 | ---- | C] (SigmaTel, Inc.) -- C:\WINDOWS\System32\stacapi.dll
[2010/07/17 11:23:44 | 000,000,000 | ---D | C] -- C:\Program Files\SigmaTel
[2010/07/17 11:23:13 | 000,307,200 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\BMAPI.dll
[2010/07/17 11:23:13 | 000,172,032 | ---- | C] (Dell Inc.) -- C:\WINDOWS\System32\NicConfigSvc.cpl
[2010/07/17 11:23:13 | 000,061,440 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\KPower.dll
[2010/07/17 11:22:51 | 000,016,128 | ---- | C] (Dell Inc) -- C:\WINDOWS\System32\drivers\APPDRV.SYS
[2010/07/17 11:21:44 | 000,053,248 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\oemdspif.dll
[2010/07/17 11:21:43 | 002,310,144 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\iglicd32.dll
[2010/07/17 11:21:43 | 000,524,288 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igldev32.dll
[2010/07/17 11:21:43 | 000,151,552 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrnld.lrc
[2010/07/17 11:21:43 | 000,151,552 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrita.lrc
[2010/07/17 11:21:43 | 000,147,456 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrhun.lrc
[2010/07/17 11:21:43 | 000,147,456 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrfra.lrc
[2010/07/17 11:21:43 | 000,143,360 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrrus.lrc
[2010/07/17 11:21:43 | 000,143,360 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrptg.lrc
[2010/07/17 11:21:43 | 000,143,360 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrptb.lrc
[2010/07/17 11:21:43 | 000,143,360 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrplk.lrc
[2010/07/17 11:21:43 | 000,139,264 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrtrk.lrc
[2010/07/17 11:21:43 | 000,139,264 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrsve.lrc
[2010/07/17 11:21:43 | 000,139,264 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrnor.lrc
[2010/07/17 11:21:43 | 000,139,264 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrfin.lrc
[2010/07/17 11:21:43 | 000,126,976 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrtha.lrc
[2010/07/17 11:21:43 | 000,122,880 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrheb.lrc
[2010/07/17 11:21:43 | 000,114,688 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxzoom.exe
[2010/07/17 11:21:43 | 000,098,304 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrkor.lrc
[2010/07/17 11:21:43 | 000,098,304 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrjpn.lrc
[2010/07/17 11:21:43 | 000,057,344 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxsrvc.dll
[2010/07/17 11:21:42 | 001,503,232 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxress.dll
[2010/07/17 11:21:42 | 000,901,242 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\ialmdd5.dll
[2010/07/17 11:21:42 | 000,446,464 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxcfg.exe
[2010/07/17 11:21:42 | 000,213,274 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\ialmdev5.dll
[2010/07/17 11:21:42 | 000,155,648 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrell.lrc
[2010/07/17 11:21:42 | 000,155,648 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrdeu.lrc
[2010/07/17 11:21:42 | 000,151,552 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxresp.lrc
[2010/07/17 11:21:42 | 000,147,456 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxpph.dll
[2010/07/17 11:21:42 | 000,139,264 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrdan.lrc
[2010/07/17 11:21:42 | 000,139,264 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrcsy.lrc
[2010/07/17 11:21:42 | 000,135,168 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrenu.lrc
[2010/07/17 11:21:42 | 000,135,168 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxdev.dll
[2010/07/17 11:21:42 | 000,122,880 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrara.lrc
[2010/07/17 11:21:42 | 000,118,395 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\ialmdnt5.dll
[2010/07/17 11:21:42 | 000,114,688 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmudlg.exe
[2010/07/17 11:21:42 | 000,094,208 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxext.exe
[2010/07/17 11:21:42 | 000,086,016 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxdo.dll
[2010/07/17 11:21:42 | 000,081,920 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrcht.lrc
[2010/07/17 11:21:42 | 000,081,920 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrchs.lrc
[2010/07/17 11:21:42 | 000,077,824 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxcpl.cpl
[2010/07/17 11:21:42 | 000,073,728 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\hccutils.dll
[2010/07/17 11:21:42 | 000,061,440 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\iAlmCoIn_v4410.dll
[2010/07/17 11:21:42 | 000,049,152 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\ialmrem.dll
[2010/07/17 11:21:42 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuTRK.dll
[2010/07/17 11:21:42 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuTHA.dll
[2010/07/17 11:21:42 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuSVE.dll
[2010/07/17 11:21:42 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuRUS.dll
[2010/07/17 11:21:42 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuPTG.dll
[2010/07/17 11:21:42 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuPTB.dll
[2010/07/17 11:21:42 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuPLK.dll
[2010/07/17 11:21:42 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuNOR.dll
[2010/07/17 11:21:42 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuNLD.dll
[2010/07/17 11:21:42 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuKOR.dll
[2010/07/17 11:21:42 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuJPN.dll
[2010/07/17 11:21:42 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuITA.dll
[2010/07/17 11:21:42 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuHUN.dll
[2010/07/17 11:21:42 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuHEB.dll
[2010/07/17 11:21:42 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuFRC.dll
[2010/07/17 11:21:42 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuFRA.dll
[2010/07/17 11:21:42 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuFIN.dll
[2010/07/17 11:21:42 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuESP.dll
[2010/07/17 11:21:42 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuENG.dll
[2010/07/17 11:21:42 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuELL.dll
[2010/07/17 11:21:42 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuDEU.dll
[2010/07/17 11:21:42 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuDAN.dll
[2010/07/17 11:21:42 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuCSY.dll
[2010/07/17 11:21:42 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuCHT.dll
[2010/07/17 11:21:42 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuCHS.dll
[2010/07/17 11:21:42 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuARB.dll
[2010/07/17 11:21:42 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuARA.dll
[2010/07/17 11:21:42 | 000,040,960 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxexps.dll
[2010/07/17 11:21:42 | 000,036,990 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\ialmrnt5.dll
[2010/07/17 11:21:10 | 000,667,648 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\BCMLogon.dll
[2010/07/17 11:21:10 | 000,424,320 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\drivers\BCMWL5.SYS
[2010/07/17 11:21:09 | 000,000,000 | ---D | C] -- C:\Program Files\Dell
[2010/07/17 11:21:03 | 000,253,952 | ---- | C] (Dell Inc.) -- C:\WINDOWS\System32\bcmwlu00.exe
[2010/07/17 11:21:03 | 000,069,632 | ---- | C] (CACE Technologies) -- C:\WINDOWS\System32\bcmwlpkt.dll
[2010/07/17 11:21:03 | 000,033,664 | ---- | C] (CACE Technologies) -- C:\WINDOWS\System32\drivers\BCMWLNPF.SYS
[2010/07/17 11:20:45 | 003,096,576 | ---- | C] (Dell Inc.) -- C:\WINDOWS\System32\BCMWLCPL.CPL
[2010/07/17 11:20:45 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ATL71.DLL
[2010/07/17 11:20:45 | 000,044,032 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\wltrynt.dll
[2010/07/17 11:20:44 | 002,129,920 | ---- | C] (BCGSoft Ltd) -- C:\WINDOWS\System32\WLBCGCBPRO731.DLL
[2010/07/17 11:20:44 | 001,060,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MFC71.DLL
[2010/07/17 11:20:44 | 000,499,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSVCP71.DLL
[2010/07/17 11:20:44 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSVCR71.DLL
[2010/07/17 11:20:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups
[2010/07/17 11:20:00 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2010/07/17 11:19:24 | 000,000,000 | ---D | C] -- C:\Program Files\Broadcom
[2010/07/17 11:14:39 | 000,000,000 | ---D | C] -- C:\Netgear
[2010/07/17 11:02:51 | 000,701,440 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtag.sys
[2010/07/17 11:02:51 | 000,327,040 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtaa.sys
[2010/07/17 11:02:51 | 000,104,960 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinrvxx.sys
[2010/07/17 11:02:51 | 000,063,663 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1rvxx.sys
[2010/07/17 11:02:51 | 000,057,856 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinbtxx.sys
[2010/07/17 11:02:51 | 000,056,623 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1btxx.sys
[2010/07/17 11:02:51 | 000,052,224 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinraxx.sys
[2010/07/17 11:02:51 | 000,043,008 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\System32\drivers\amdagp.sys
[2010/07/17 11:02:51 | 000,036,463 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1tuxx.sys
[2010/07/17 11:02:51 | 000,034,735 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xsxx.sys
[2010/07/17 11:02:51 | 000,030,671 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1raxx.sys
[2010/07/17 11:02:51 | 000,029,455 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xbxx.sys
[2010/07/17 11:02:51 | 000,028,672 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinsnxx.sys
[2010/07/17 11:02:51 | 000,026,367 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1snxx.sys
[2010/07/17 11:02:51 | 000,021,343 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1ttxx.sys
[2010/07/17 11:02:51 | 000,014,336 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinpdxx.sys
[2010/07/17 11:02:51 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinmdxx.sys
[2010/07/17 11:02:51 | 000,012,047 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1pdxx.sys
[2010/07/17 11:02:51 | 000,011,615 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1mdxx.sys
[2010/07/17 11:02:51 | 000,004,255 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv01nt5.dll
[2010/07/17 11:02:51 | 000,003,967 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv02nt5.dll
[2010/07/17 11:02:51 | 000,003,775 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv11nt5.dll
[2010/07/17 11:02:51 | 000,003,711 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv09nt5.dll
[2010/07/17 11:02:51 | 000,003,647 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv07nt5.dll
[2010/07/17 11:02:51 | 000,003,615 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv05nt5.dll
[2010/07/17 11:02:51 | 000,003,135 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv08nt5.dll
[2010/07/17 11:02:50 | 000,126,686 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlmnt5.sys
[2010/07/17 11:02:50 | 000,073,216 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atintuxx.sys
[2010/07/17 11:02:50 | 000,063,488 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxsxx.sys
[2010/07/17 11:02:50 | 000,036,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthprint.sys
[2010/07/17 11:02:50 | 000,031,744 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxbxx.sys
[2010/07/17 11:02:50 | 000,025,471 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\atv04nt5.dll
[2010/07/17 11:02:50 | 000,021,183 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\atv01nt5.dll
[2010/07/17 11:02:50 | 000,017,279 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\atv10nt5.dll
[2010/07/17 11:02:50 | 000,015,423 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\ch7xxnt5.dll
[2010/07/17 11:02:50 | 000,014,143 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\atv06nt5.dll
[2010/07/17 11:02:50 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinttxx.sys
[2010/07/17 11:02:50 | 000,011,359 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\atv02nt5.dll
[2010/07/17 11:02:49 | 001,897,408 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\drivers\nv4_mini.sys
[2010/07/17 11:02:49 | 001,309,184 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlstrm.sys
[2010/07/17 11:02:49 | 000,452,736 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\drivers\mtxparhm.sys
[2010/07/17 11:02:49 | 000,180,360 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\ntmtlfax.sys
[2010/07/17 11:02:49 | 000,166,912 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\drivers\s3gnbm.sys
[2010/07/17 11:02:49 | 000,129,535 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnt7554.sys
[2010/07/17 11:02:49 | 000,040,960 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\drivers\sisagp.sys
[2010/07/17 11:02:49 | 000,030,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rndismpx.sys
[2010/07/17 11:02:49 | 000,013,776 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\recagent.sys
[2010/07/17 11:02:49 | 000,012,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mutohpen.sys
[2010/07/17 11:02:49 | 000,003,901 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\siint5.dll
[2010/07/17 11:02:48 | 001,888,992 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ati3duag.dll
[2010/07/17 11:02:48 | 000,870,784 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ati3d1ag.dll
[2010/07/17 11:02:48 | 000,516,768 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ativvaxx.dll
[2010/07/17 11:02:48 | 000,404,990 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slntamr.sys
[2010/07/17 11:02:48 | 000,377,984 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2dvaa.dll
[2010/07/17 11:02:48 | 000,229,376 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2cqag.dll
[2010/07/17 11:02:48 | 000,201,728 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2dvag.dll
[2010/07/17 11:02:48 | 000,095,424 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnthal.sys
[2010/07/17 11:02:48 | 000,032,768 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativtmxx.dll
[2010/07/17 11:02:48 | 000,032,285 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\hsfcisp2.dll
[2010/07/17 11:02:48 | 000,025,471 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\watv10nt.sys
[2010/07/17 11:02:48 | 000,023,040 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativmvxx.ax
[2010/07/17 11:02:48 | 000,022,271 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\watv06nt.sys
[2010/07/17 11:02:48 | 000,013,240 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slwdmsup.sys
[2010/07/17 11:02:48 | 000,011,935 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\wadv11nt.sys
[2010/07/17 11:02:48 | 000,011,871 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\wadv09nt.sys
[2010/07/17 11:02:48 | 000,011,807 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\wadv07nt.sys
[2010/07/17 11:02:48 | 000,011,325 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\vchnt5.dll
[2010/07/17 11:02:48 | 000,011,295 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\wadv08nt.sys
[2010/07/17 11:02:48 | 000,009,728 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativdaxx.ax
[2010/07/17 11:02:48 | 000,005,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\smbali.sys
[2010/07/17 11:02:47 | 004,274,816 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nv4_disp.dll
[2010/07/17 11:02:47 | 001,737,856 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\mtxparhd.dll
[2010/07/17 11:02:47 | 000,397,056 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\s3gnb.dll
[2010/07/17 11:02:47 | 000,286,792 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slextspk.dll
[2010/07/17 11:02:47 | 000,188,508 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slgen.dll
[2010/07/17 11:02:47 | 000,086,016 | ---- | C] (Conexant) -- C:\WINDOWS\System32\mdmxsdk.dll
[2010/07/17 11:02:47 | 000,073,832 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slcoinst.dll
[2010/07/17 11:02:47 | 000,073,796 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slserv.exe
[2010/07/17 11:02:47 | 000,032,866 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slrundll.exe
[2010/07/17 11:02:47 | 000,032,866 | ---- | C] (Smart Link) -- C:\WINDOWS\slrundll.exe
[2010/07/17 11:02:47 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vidcap.ax
[2010/07/17 11:02:47 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vidcap.ax
[2010/07/17 11:00:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2010/07/17 11:00:09 | 000,026,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spupdsvc.exe
[2010/07/17 11:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\EHome
[2010/07/17 10:50:46 | 000,446,464 | R--- | C] (Blue Sky Software Corporation.) -- C:\WINDOWS\System32\hhactivex.dll
[2010/07/17 10:50:46 | 000,176,128 | ---- | C] (Dell Computer Corporation) -- C:\WINDOWS\System32\RcdScan.dll
[2010/07/17 10:50:45 | 000,645,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSCOMCT2.OCX
[2010/07/17 10:50:45 | 000,414,944 | ---- | C] (Microsoft Corporation ) -- C:\WINDOWS\System32\COMCT332.OCX
[2010/07/17 10:50:45 | 000,328,480 | ---- | C] (Sheridan Software Systems, Inc.) -- C:\WINDOWS\System32\ssa3d30.ocx
[2010/07/17 10:50:44 | 000,089,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\VB5DB.DLL
[2010/07/17 10:50:43 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2010/07/17 10:50:42 | 000,013,632 | ---- | C] (Dell Computer Corporation) -- C:\WINDOWS\System32\drivers\omci.sys
[2010/07/17 10:50:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2010/07/17 10:47:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\K. Nykol Brown\Application Data\Identities
[2010/07/17 10:47:48 | 000,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
[2010/07/17 10:47:45 | 000,000,000 | R--D | C] -- C:\Documents and Settings\K. Nykol Brown\My Documents\My Pictures
[2010/07/17 10:47:45 | 000,000,000 | R--D | C] -- C:\Documents and Settings\K. Nykol Brown\My Documents\My Music
[2010/07/17 10:47:41 | 000,000,000 | --SD | C] -- C:\Documents and Settings\K. Nykol Brown\Application Data\Microsoft
[2010/07/17 10:47:41 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\K. Nykol Brown\SendTo
[2010/07/17 10:47:41 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\K. Nykol Brown\Application Data
[2010/07/17 10:47:41 | 000,000,000 | R--D | C] -- C:\Documents and Settings\K. Nykol Brown\Start Menu
[2010/07/17 10:47:41 | 000,000,000 | R--D | C] -- C:\Documents and Settings\K. Nykol Brown\My Documents
[2010/07/17 10:47:41 | 000,000,000 | R--D | C] -- C:\Documents and Settings\K. Nykol Brown\Favorites
[2010/07/17 10:47:41 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\K. Nykol Brown\Cookies
[2010/07/17 10:47:41 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\K. Nykol Brown\Templates
[2010/07/17 10:47:41 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\K. Nykol Brown\PrintHood
[2010/07/17 10:47:41 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\K. Nykol Brown\NetHood
[2010/07/17 10:47:41 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\K. Nykol Brown\Local Settings
[2010/07/17 10:47:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\K. Nykol Brown\Local Settings\Application Data\Microsoft
[2010/07/17 10:47:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\K. Nykol Brown\Desktop
[2010/07/17 10:46:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2010/07/17 10:46:52 | 000,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft
[2010/07/17 10:46:48 | 000,000,000 | --SD | C] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2010/07/17 10:46:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2010/07/17 10:27:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2010/07/17 10:27:51 | 000,000,000 | --SD | C] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2010/07/17 10:26:55 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winzm.ime
[2010/07/17 10:26:55 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winsp.ime
[2010/07/17 10:26:55 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winpy.ime
[2010/07/17 10:26:54 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wingb.ime
[2010/07/17 10:26:54 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winime.ime
[2010/07/17 10:26:53 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winar30.ime
[2010/07/17 10:26:53 | 000,041,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.dll
[2010/07/17 10:26:53 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.sys
[2010/07/17 10:26:51 | 000,086,073 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicesub.dll
[2010/07/17 10:26:51 | 000,048,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32.dll
[2010/07/17 10:26:50 | 000,426,041 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicepad.dll
[2010/07/17 10:26:49 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniime.dll
[2010/07/17 10:26:49 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unicdime.ime
[2010/07/17 10:26:48 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe
[2010/07/17 10:26:47 | 000,571,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlgnt.ime
[2010/07/17 10:26:47 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintsetp.exe
[2010/07/17 10:26:47 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlphr.exe
[2010/07/17 10:26:47 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmigrate.dll
[2010/07/17 10:26:46 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\thawbrkr.dll
[2010/07/17 10:26:46 | 000,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdipx.sys
[2010/07/17 10:26:46 | 000,019,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdspx.sys
[2010/07/17 10:26:46 | 000,013,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdasync.sys
[2010/07/17 10:26:44 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusbusd.dll
[2010/07/17 10:26:42 | 000,143,422 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\softkey.dll
[2010/07/17 10:26:41 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpstup.dll
[2010/07/17 10:26:41 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll
[2010/07/17 10:26:40 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll
[2010/07/17 10:26:39 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm9aw.dll
[2010/07/17 10:26:39 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb6w.dll
[2010/07/17 10:26:39 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma3w.dll
[2010/07/17 10:26:39 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm93w.dll
[2010/07/17 10:26:39 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm92w.dll
[2010/07/17 10:26:39 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsm.dll
[2010/07/17 10:26:39 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smimsgif.dll
[2010/07/17 10:26:39 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsy.dll
[2010/07/17 10:26:38 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm87w.dll
[2010/07/17 10:26:38 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm81w.dll
[2010/07/17 10:26:38 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8cw.dll
[2010/07/17 10:26:38 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm90w.dll
[2010/07/17 10:26:38 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8dw.dll
[2010/07/17 10:26:38 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8aw.dll
[2010/07/17 10:26:38 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm89w.dll
[2010/07/17 10:26:38 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm59w.dll
[2010/07/17 10:26:37 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\simptcp.dll
[2010/07/17 10:26:34 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_scripto.dll
[2010/07/17 10:26:34 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seos.dll
[2010/07/17 10:26:33 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2010/07/17 10:26:33 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2010/07/17 10:26:32 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\romanime.ime
[2010/07/17 10:26:31 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe
[2010/07/17 10:26:31 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe
[2010/07/17 10:26:29 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quick.ime
[2010/07/17 10:26:29 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quser.exe
[2010/07/17 10:26:29 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe
[2010/07/17 10:26:27 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxviceo.dll
[2010/07/17 10:26:27 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmigrate.dll
[2010/07/17 10:26:27 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxmcro.dll
[2010/07/17 10:26:27 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxgl.dll
[2010/07/17 10:26:26 | 000,482,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlgnt.ime
[2010/07/17 10:26:26 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlphr.exe
[2010/07/17 10:26:26 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlcsd.dll
[2010/07/17 10:26:25 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phon.ime
[2010/07/17 10:26:25 | 000,036,927 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs411.dll
[2010/07/17 10:26:25 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs404.dll
[2010/07/17 10:26:25 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs804.dll
[2010/07/17 10:26:25 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs412.dll
[2010/07/17 10:26:23 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll
[2010/07/17 10:26:20 | 000,229,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\multibox.dll
[2010/07/17 10:26:15 | 001,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.lex
[2010/07/17 10:26:15 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.dll
[2010/07/17 10:26:09 | 000,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.sys
[2010/07/17 10:26:09 | 000,092,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.dll
[2010/07/17 10:26:08 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll
[2010/07/17 10:26:05 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\korwbrkr.dll
[2010/07/17 10:26:05 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth3.dll
[2010/07/17 10:26:05 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdvntc.dll
[2010/07/17 10:26:05 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdusa.dll
[2010/07/17 10:26:05 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdurdu.dll
[2010/07/17 10:26:04 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecat.dll
[2010/07/17 10:26:04 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecnt.dll
[2010/07/17 10:26:04 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnec95.dll
[2010/07/17 10:26:04 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth2.dll
[2010/07/17 10:26:04 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth1.dll
[2010/07/17 10:26:04 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth0.dll
[2010/07/17 10:26:04 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr2.dll
[2010/07/17 10:26:04 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr1.dll
[2010/07/17 10:26:03 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinpun.dll
[2010/07/17 10:26:03 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintel.dll
[2010/07/17 10:26:03 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintam.dll
[2010/07/17 10:26:03 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinmar.dll
[2010/07/17 10:26:03 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinkan.dll
[2010/07/17 10:26:03 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinhin.dll
[2010/07/17 10:26:03 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinguj.dll
[2010/07/17 10:26:03 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdindev.dll
[2010/07/17 10:26:03 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdheb.dll
[2010/07/17 10:26:02 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdfa.dll
[2010/07/17 10:26:02 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv2.dll
[2010/07/17 10:26:02 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv1.dll
[2010/07/17 10:26:02 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgeo.dll
[2010/07/17 10:26:02 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarmw.dll
[2010/07/17 10:26:02 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarme.dll
[2010/07/17 10:26:01 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jupiw.dll
[2010/07/17 10:26:01 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101a.dll
[2010/07/17 10:26:01 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda3.dll
[2010/07/17 10:26:01 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda2.dll
[2010/07/17 10:26:01 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda1.dll
[2010/07/17 10:25:59 | 000,471,102 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskdic.dll
[2010/07/17 10:25:59 | 000,315,455 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskf.dll
[2010/07/17 10:25:58 | 000,274,489 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputyc.dll
[2010/07/17 10:25:58 | 000,262,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputy.exe
[2010/07/17 10:25:58 | 000,233,527 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjprw.exe
[2010/07/17 10:25:58 | 000,208,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpmig.exe
[2010/07/17 10:25:58 | 000,102,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imlang.dll
[2010/07/17 10:25:58 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imkrinst.exe
[2010/07/17 10:25:58 | 000,045,109 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpuex.exe
[2010/07/17 10:25:57 | 000,716,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcus.dll
[2010/07/17 10:25:57 | 000,307,257 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.exe
[2010/07/17 10:25:57 | 000,155,705 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdsvr.exe
[2010/07/17 10:25:57 | 000,081,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.dll
[2010/07/17 10:25:57 | 000,057,398 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdadm.exe
[2010/07/17 10:25:56 | 000,811,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81k.dll
[2010/07/17 10:25:56 | 000,368,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcic.dll
[2010/07/17 10:25:56 | 000,340,023 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81.ime
[2010/07/17 10:25:56 | 000,311,359 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsv.exe
[2010/07/17 10:25:55 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrcic.dll
[2010/07/17 10:25:55 | 000,102,463 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsm.dll
[2010/07/17 10:25:55 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekr61.ime
[2010/07/17 10:25:55 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmbx.dll
[2010/07/17 10:25:55 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmig.exe
[2010/07/17 10:25:49 | 010,129,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxkor.dll
[2010/07/17 10:25:37 | 010,096,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxcht.dll
[2010/07/17 10:25:36 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hanjadic.dll
[2010/07/17 10:25:34 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsroute.dll
[2010/07/17 10:25:34 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssend.exe
[2010/07/17 10:25:32 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclntr.dll
[2010/07/17 10:25:32 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscfgwz.dll
[2010/07/17 10:25:32 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftlx041e.dll
[2010/07/17 10:25:31 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe
[2010/07/17 10:25:30 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll
[2010/07/17 10:25:29 | 000,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll
[2010/07/17 10:25:29 | 000,045,056 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll
[2010/07/17 10:25:29 | 000,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll
[2010/07/17 10:25:29 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\et4000.sys
[2010/07/17 10:25:28 | 000,514,587 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\edb500.dll
[2010/07/17 10:25:24 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dayi.ime
[2010/07/17 10:25:22 | 000,057,399 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cplexe.exe
[2010/07/17 10:25:22 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cprofile.exe
[2010/07/17 10:25:20 | 000,480,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintsetp.exe
[2010/07/17 10:25:20 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintlgnt.ime
[2010/07/17 10:25:19 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintime.dll
[2010/07/17 10:25:19 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtmbx.dll
[2010/07/17 10:25:19 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtskdic.dll
[2010/07/17 10:25:18 | 001,677,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chsbrkr.dll
[2010/07/17 10:25:18 | 000,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtbrkr.dll
[2010/07/17 10:25:17 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chajei.ime
[2010/07/17 10:25:17 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgport.exe
[2010/07/17 10:25:17 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgusr.exe
[2010/07/17 10:25:17 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chglogon.exe
[2010/07/17 10:25:17 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\change.exe
[2010/07/17 10:25:16 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2010/07/17 10:25:15 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_iscii.dll
[2010/07/17 10:25:15 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_is2022.dll
[2010/07/17 10:25:06 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll
[2010/07/17 10:25:05 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll
[2010/07/17 10:24:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom
[2010/07/17 10:24:50 | 000,000,000 | ---D | C] -- C:\Program Files\xerox
[2010/07/17 10:24:50 | 000,000,000 | ---D | C] -- C:\Program Files\microsoft frontpage
[2010/07/17 10:24:47 | 000,000,000 | ---D | C] -- C:\DELL
[2010/07/17 10:24:35 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$
[2010/07/17 10:24:33 | 000,689,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsp3res.dll
[2010/07/17 10:23:57 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mapi32.dll
[2010/07/17 10:23:10 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\DRM
[2010/07/17 10:22:58 | 000,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files
[2010/07/17 10:22:58 | 000,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages
[2010/07/17 10:22:45 | 000,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate
[2010/07/17 10:22:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX
[2010/07/17 10:22:01 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helphost.exe
[2010/07/17 10:22:01 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\notiflag.exe
[2010/07/17 10:22:01 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\brpinfo.dll
[2010/07/17 10:22:01 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atrace.dll
[2010/07/17 10:22:01 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\atrace.dll
[2010/07/17 10:22:01 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hcappres.dll
[2010/07/17 10:21:52 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srdiag.exe
[2010/07/17 10:21:51 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wb32.exe
[2010/07/17 10:21:51 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmevtmsg.dll
[2010/07/17 10:21:51 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmevtmsg.dll
[2010/07/17 10:21:50 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\acctres.dll
[2010/07/17 10:21:50 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\acctres.dll
[2010/07/17 10:21:50 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msinfo32.exe
[2010/07/17 10:21:50 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cb32.exe
[2010/07/17 10:21:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Services
[2010/07/17 10:21:47 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwtutor.exe
[2010/07/17 10:21:47 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwres.dll
[2010/07/17 10:21:47 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trialoc.dll
[2010/07/17 10:21:47 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isignup.exe
[2010/07/17 10:21:47 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icfgnt5.dll
[2010/07/17 10:21:47 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icfgnt5.dll
[2010/07/17 10:21:47 | 000,000,000 | --SD | C] -- C:\WINDOWS\Tasks
[2010/07/17 10:21:46 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssoap1.dll
[2010/07/17 10:21:46 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieinfo5.ocx
[2010/07/17 10:21:46 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wisc10.dll
[2010/07/17 10:21:46 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssoapr.dll
[2010/07/17 10:21:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap
[2010/07/17 10:21:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\srchasst
[2010/07/17 10:21:41 | 000,759,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\VGX.dll
[2010/07/17 10:21:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed
[2010/07/17 10:21:40 | 001,669,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setup_wm.exe
[2010/07/17 10:21:40 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpvis.dll
[2010/07/17 10:21:40 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpband.dll
[2010/07/17 10:21:39 | 000,786,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migrate.exe
[2010/07/17 10:21:39 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npdrmv2.dll
[2010/07/17 10:21:39 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpns.dll
[2010/07/17 10:21:39 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmplayer.exe
[2010/07/17 10:21:39 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\custsat.dll
[2010/07/17 10:21:38 | 000,364,544 | ---- | C] (Microsoft Corporation (written by Digital Renaissance Inc.)) -- C:\WINDOWS\System32\dllcache\npdsplay.dll
[2010/07/17 10:21:38 | 000,327,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll
[2010/07/17 10:21:38 | 000,327,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wucltui.dll
[2010/07/17 10:21:38 | 000,209,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuweb.dll
[2010/07/17 10:21:38 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npwmsdrm.dll
[2010/07/17 10:21:38 | 000,004,639 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplayer2.exe
[2010/07/17 10:21:37 | 001,929,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaueng.dll
[2010/07/17 10:21:37 | 000,575,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll
[2010/07/17 10:21:37 | 000,575,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuapi.dll
[2010/07/17 10:21:37 | 000,217,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaucpl.cpl
[2010/07/17 10:21:37 | 000,183,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng1.dll
[2010/07/17 10:21:37 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauclt1.exe
[2010/07/17 10:21:37 | 000,053,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauclt.exe
[2010/07/17 10:21:37 | 000,035,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wups.dll
[2010/07/17 10:21:37 | 000,035,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wups.dll
[2010/07/17 10:21:36 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qmgrprxy.dll
[2010/07/17 10:21:36 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx2.dll
[2010/07/17 10:21:36 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx3.dll
[2010/07/17 10:21:31 | 003,558,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\moviemk.exe
[2010/07/17 10:21:31 | 000,000,000 | ---D | C] -- C:\Program Files\Movie Maker
[2010/07/17 10:21:28 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrslv.dll
[2010/07/17 10:21:28 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrdm.dll
[2010/07/17 10:21:27 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrcdlg.dll
[2010/07/17 10:21:27 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\racpldlg.dll
[2010/07/17 10:21:24 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fltmc.exe
[2010/07/17 10:21:23 | 000,239,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srrstr.dll
[2010/07/17 10:21:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore
[2010/07/17 10:21:22 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ils.dll
[2010/07/17 10:21:22 | 000,034,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mnmdd.dll
[2010/07/17 10:21:22 | 000,032,768 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\isrdbg32.dll
[2010/07/17 10:21:22 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmmkcert.dll
[2010/07/17 10:21:21 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msconf.dll
[2010/07/17 10:21:19 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoert2.dll
[2010/07/17 10:21:19 | 000,000,000 | ---D | C] -- C:\Program Files\NetMeeting
[2010/07/17 10:21:18 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoeacct.dll
[2010/07/17 10:21:17 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetres.dll
[2010/07/17 10:21:15 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstinit.exe
[2010/07/17 10:21:15 | 000,000,000 | ---D | C] -- C:\Program Files\Outlook Express
[2010/07/17 10:21:14 | 000,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcfg.dll
[2010/07/17 10:21:14 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\isign32.dll
[2010/07/17 10:21:14 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwdial.dll
[2010/07/17 10:21:14 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwphbk.dll
[2010/07/17 10:21:08 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadce.dll
[2010/07/17 10:21:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\System
[2010/07/17 10:21:06 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hmmapi.dll
[2010/07/17 10:21:05 | 000,638,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iexplore.exe
[2010/07/17 10:21:03 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Explorer
[2010/07/17 10:21:02 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Pictures
[2010/07/17 10:20:48 | 000,000,000 | ---D | C] -- C:\Program Files\ComPlus Applications
[2010/07/17 10:20:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\Registration
[2010/07/17 10:20:07 | 000,000,000 | R--D | C] -- C:\Documents and Settings\K. Nykol Brown\Desktop\System Tools
[2010/07/17 10:20:07 | 000,000,000 | R--D | C] -- C:\Documents and Settings\K. Nykol Brown\Desktop\Games
[2010/07/17 10:20:07 | 000,000,000 | ---D | C] -- C:\Program Files\Online Services
[2010/07/17 10:20:06 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Music
[2010/07/17 10:20:06 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Player
[2010/07/17 10:20:01 | 000,042,577 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgzm.exe
[2010/07/17 10:20:01 | 000,000,000 | ---D | C] -- C:\Program Files\Messenger
[2010/07/17 10:20:00 | 001,817,687 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgres.dll
[2010/07/17 10:20:00 | 000,753,236 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvseres.dll
[2010/07/17 10:20:00 | 000,082,501 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckg.dll
[2010/07/17 10:20:00 | 000,048,706 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvse.dll
[2010/07/17 10:20:00 | 000,042,574 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvsezm.exe
[2010/07/17 10:19:59 | 002,178,131 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlres.dll
[2010/07/17 10:19:59 | 001,175,635 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzres.dll
[2010/07/17 10:19:59 | 000,780,885 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrres.dll
[2010/07/17 10:19:59 | 000,066,113 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvl.dll
[2010/07/17 10:19:59 | 000,057,409 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtz.dll
[2010/07/17 10:19:59 | 000,042,575 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrzm.exe
[2010/07/17 10:19:59 | 000,042,573 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlzm.exe
[2010/07/17 10:19:59 | 000,042,573 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzzm.exe
[2010/07/17 10:19:59 | 000,040,515 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkr.dll
[2010/07/17 10:19:59 | 000,004,677 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zeeverm.dll
[2010/07/17 10:19:58 | 001,039,955 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnresm.dll
[2010/07/17 10:19:58 | 000,113,222 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zoneclim.dll
[2010/07/17 10:19:58 | 000,041,029 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zcorem.dll
[2010/07/17 10:19:58 | 000,032,339 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniansi.dll
[2010/07/17 10:19:58 | 000,013,894 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zonelibm.dll
[2010/07/17 10:19:57 | 000,217,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnclim.dll
[2010/07/17 10:19:57 | 000,036,937 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zclientm.exe
[2010/07/17 10:19:57 | 000,029,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\znetm.dll
[2010/07/17 10:19:57 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\write.exe
[2010/07/17 10:19:57 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\write.exe
[2010/07/17 10:19:57 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Gaming Zone
[2010/07/17 10:19:49 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndvol32.exe
[2010/07/17 10:19:49 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndvol32.exe
[2010/07/17 10:19:48 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avtapi.dll
[2010/07/17 10:19:48 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avtapi.dll
[2010/07/17 10:19:48 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avwav.dll
[2010/07/17 10:19:48 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avwav.dll
[2010/07/17 10:19:48 | 000,044,544 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\hticons.dll
[2010/07/17 10:19:48 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avmeter.dll
[2010/07/17 10:19:48 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avmeter.dll
[2010/07/17 10:19:48 | 000,013,312 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\dllcache\htrn_jis.dll
[2010/07/17 10:19:47 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winchat.exe
[2010/07/17 10:19:47 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winchat.exe
[2010/07/17 10:19:41 | 000,605,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\getuname.dll
[2010/07/17 10:19:41 | 000,605,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\getuname.dll
[2010/07/17 10:19:41 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\calc.exe
[2010/07/17 10:19:41 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\calc.exe
[2010/07/17 10:19:41 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\charmap.exe
[2010/07/17 10:19:41 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\charmap.exe
[2010/07/17 10:19:40 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mshearts.exe
[2010/07/17 10:19:40 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshearts.exe
[2010/07/17 10:19:40 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winmine.exe
[2010/07/17 10:19:40 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmine.exe
[2010/07/17 10:19:40 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sol.exe
[2010/07/17 10:19:40 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sol.exe
[2010/07/17 10:19:40 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\freecell.exe
[2010/07/17 10:19:40 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\freecell.exe
[2010/07/17 10:19:40 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\reset.exe
[2010/07/17 10:19:40 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\reset.exe
[2010/07/17 10:19:39 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\regini.exe
[2010/07/17 10:19:39 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\regini.exe
[2010/07/17 10:19:39 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qwinsta.exe
[2010/07/17 10:19:39 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qwinsta.exe
[2010/07/17 10:19:39 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msg.exe
[2010/07/17 10:19:39 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msg.exe
[2010/07/17 10:19:39 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsshutdn.exe
[2010/07/17 10:19:39 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsshutdn.exe
[2010/07/17 10:19:39 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qappsrv.exe
[2010/07/17 10:19:39 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qappsrv.exe
[2010/07/17 10:19:39 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tskill.exe
[2010/07/17 10:19:39 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tskill.exe
[2010/07/17 10:19:39 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rwinsta.exe
[2010/07/17 10:19:39 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rwinsta.exe
[2010/07/17 10:19:39 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\logoff.exe
[2010/07/17 10:19:39 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logoff.exe
[2010/07/17 10:19:39 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsdiscon.exe
[2010/07/17 10:19:39 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsdiscon.exe
[2010/07/17 10:19:39 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscon.exe
[2010/07/17 10:19:39 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscon.exe
[2010/07/17 10:19:39 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\shadow.exe
[2010/07/17 10:19:39 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shadow.exe
[2010/07/17 10:19:39 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpcfgex.dll
[2010/07/17 10:19:39 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpcfgex.dll
[2010/07/17 10:19:38 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxlegih.dll
[2010/07/17 10:19:38 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtsadmin.tlb
[2010/07/17 10:19:38 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cdmodem.dll
[2010/07/17 10:19:38 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cdmodem.dll
[2010/07/17 10:19:38 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dcomcnfg.exe
[2010/07/17 10:19:37 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsnap.dll
[2010/07/17 10:19:37 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comrepl.dll
[2010/07/17 10:19:37 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\stclient.dll
[2010/07/17 10:19:37 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmi2xml.dll
[2010/07/17 10:19:37 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxdm.dll
[2010/07/17 10:19:37 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comaddin.dll
[2010/07/17 10:19:37 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxex.dll
[2010/07/17 10:19:34 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipicmp.dll
[2010/07/17 10:19:34 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmimsg.dll
[2010/07/17 10:19:34 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemdisp.tlb
[2010/07/17 10:19:34 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmitimep.dll
[2010/07/17 10:19:34 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.tlb
[2010/07/17 10:19:34 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmtr.dll
[2010/07/17 10:19:34 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmt.exe
[2010/07/17 10:19:34 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.dll
[2010/07/17 10:19:33 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msiprov.dll
[2010/07/17 10:19:33 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsprov.dll
[2010/07/17 10:19:33 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\updprov.dll
[2010/07/17 10:19:33 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmplprov.dll
[2010/07/17 10:19:33 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trnsprov.dll
[2010/07/17 10:19:33 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fwdprov.dll
[2010/07/17 10:19:33 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpcons.dll
[2010/07/17 10:19:33 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unsecapp.exe
[2010/07/17 10:19:18 | 000,000,000 | ---D | C] -- C:\Program Files\MSN
[2010/07/17 10:19:17 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\accwiz.exe
[2010/07/17 10:19:17 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndrec32.exe
[2010/07/17 10:19:17 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\access.cpl
[2010/07/17 10:19:16 | 000,347,136 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\hypertrm.dll
[2010/07/17 10:19:16 | 000,343,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mspaint.exe
[2010/07/17 10:19:16 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mplay32.exe
[2010/07/17 10:19:16 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplay32.exe
[2010/07/17 10:19:16 | 000,000,000 | ---D | C] -- C:\Program Files\Windows NT
[2010/07/17 10:19:15 | 000,538,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spider.exe
[2010/07/17 10:19:15 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clipbrd.exe
[2010/07/17 10:19:14 | 002,066,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstscax.dll
[2010/07/17 10:19:14 | 000,407,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstsc.exe
[2010/07/17 10:19:14 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscfgwmi.dll
[2010/07/17 10:19:14 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdshost.exe
[2010/07/17 10:19:14 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdsaddin.exe
[2010/07/17 10:19:13 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdchost.dll
[2010/07/17 10:19:13 | 000,087,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpwsx.dll
[2010/07/17 10:19:13 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpclip.exe
[2010/07/17 10:19:13 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscupgrd.exe
[2010/07/17 10:19:13 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscupgrd.exe
[2010/07/17 10:19:13 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cfgbkend.dll
[2010/07/17 10:19:13 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpsnd.dll
[2010/07/17 10:19:13 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qprocess.exe
[2010/07/17 10:19:13 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icaapi.dll
[2010/07/17 10:19:12 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtctm.dll
[2010/07/17 10:19:12 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcprx.dll
[2010/07/17 10:19:12 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcuiu.dll
[2010/07/17 10:19:12 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxoci.dll
[2010/07/17 10:19:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc
[2010/07/17 10:19:11 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtclog.dll
[2010/07/17 10:19:11 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xolehlp.dll
[2010/07/17 10:19:10 | 000,625,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvut.dll
[2010/07/17 10:19:10 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrv.dll
[2010/07/17 10:19:10 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clbcatex.dll
[2010/07/17 10:19:10 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvps.dll
[2010/07/17 10:19:10 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\colbact.dll
[2010/07/17 10:19:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Com
[2010/07/17 10:19:09 | 001,267,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsvcs.dll
[2010/07/17 10:19:09 | 000,539,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comuid.dll
[2010/07/17 10:19:03 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmprops.dll
[2010/07/17 10:19:03 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\licwmi.dll
[2010/07/17 10:19:03 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\servdeps.dll
[2010/07/17 10:19:03 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmfutil.dll
[2010/07/17 05:10:32 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\usbui.dll
[2010/07/17 05:10:18 | 000,014,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\battc.sys
[2010/07/17 05:09:19 | 000,000,000 | -HSD | C] -- C:\WINDOWS\Installer
[2010/07/17 05:09:18 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC
[2010/07/17 05:09:17 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spcommon.dll
[2010/07/17 05:09:17 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spcplui.dll
[2010/07/17 05:09:15 | 000,774,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spttseng.dll
[2010/07/17 05:09:14 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapisvr.exe
[2010/07/17 05:09:14 | 000,000,000 | R--D | C] -- C:\Program Files
[2010/07/17 05:09:14 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeechEngines
[2010/07/17 05:09:14 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Shared
[2010/07/17 05:09:14 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files
[2010/07/17 05:09:11 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuq.dll
[2010/07/17 05:09:11 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuf.dll
[2010/07/17 05:09:11 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtuq.dll
[2010/07/17 05:09:11 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtuf.dll
[2010/07/17 05:09:11 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdazel.dll
[2010/07/17 05:09:11 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdazel.dll
[2010/07/17 05:09:09 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycc.dll
[2010/07/17 05:09:09 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbduzb.dll
[2010/07/17 05:09:09 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdur.dll
[2010/07/17 05:09:09 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtat.dll
[2010/07/17 05:09:09 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru1.dll
[2010/07/17 05:09:09 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru.dll
[2010/07/17 05:09:09 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmon.dll
[2010/07/17 05:09:09 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkyr.dll
[2010/07/17 05:09:09 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkaz.dll
[2010/07/17 05:09:09 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbu.dll
[2010/07/17 05:09:09 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdblr.dll
[2010/07/17 05:09:09 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdaze.dll
[2010/07/17 05:09:09 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdycc.dll
[2010/07/17 05:09:09 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbduzb.dll
[2010/07/17 05:09:09 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdur.dll
[2010/07/17 05:09:09 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtat.dll
[2010/07/17 05:09:09 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdru1.dll
[2010/07/17 05:09:09 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdru.dll
[2010/07/17 05:09:09 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdmon.dll
[2010/07/17 05:09:09 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkyr.dll
[2010/07/17 05:09:09 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkaz.dll
[2010/07/17 05:09:09 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdbu.dll
[2010/07/17 05:09:09 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdblr.dll
[2010/07/17 05:09:09 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdaze.dll
[2010/07/17 05:09:07 | 000,008,192 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhept.dll
[2010/07/17 05:09:07 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhept.dll
[2010/07/17 05:09:07 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela3.dll
[2010/07/17 05:09:07 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhela3.dll
[2010/07/17 05:09:07 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela2.dll
[2010/07/17 05:09:07 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdgkl.dll
[2010/07/17 05:09:07 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhela2.dll
[2010/07/17 05:09:07 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgkl.dll
[2010/07/17 05:09:07 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe319.dll
[2010/07/17 05:09:07 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe220.dll
[2010/07/17 05:09:07 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe.dll
[2010/07/17 05:09:07 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe319.dll
[2010/07/17 05:09:07 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe220.dll
[2010/07/17 05:09:07 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe.dll
[2010/07/17 05:09:06 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv1.dll
[2010/07/17 05:09:06 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv.dll
[2010/07/17 05:09:06 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdest.dll
[2010/07/17 05:09:06 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlv1.dll
[2010/07/17 05:09:06 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlv.dll
[2010/07/17 05:09:06 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdest.dll
[2010/07/17 05:09:06 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt1.dll
[2010/07/17 05:09:06 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt.dll
[2010/07/17 05:09:06 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlt1.dll
[2010/07/17 05:09:06 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlt.dll
[2010/07/17 05:09:04 | 000,007,168 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz.dll
[2010/07/17 05:09:04 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz.dll
[2010/07/17 05:09:04 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycl.dll
[2010/07/17 05:09:04 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl1.dll
[2010/07/17 05:09:04 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl.dll
[2010/07/17 05:09:04 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpl.dll
[2010/07/17 05:09:04 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu.dll
[2010/07/17 05:09:04 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz2.dll
[2010/07/17 05:09:04 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz1.dll
[2010/07/17 05:09:04 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcr.dll
[2010/07/17 05:09:04 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\KBDAL.DLL
[2010/07/17 05:09:04 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdycl.dll
[2010/07/17 05:09:04 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsl1.dll
[2010/07/17 05:09:04 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsl.dll
[2010/07/17 05:09:04 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdpl.dll
[2010/07/17 05:09:04 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhu.dll
[2010/07/17 05:09:04 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz2.dll
[2010/07/17 05:09:04 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz1.dll
[2010/07/17 05:09:04 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcr.dll
[2010/07/17 05:09:04 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdal.dll
[2010/07/17 05:09:04 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdro.dll
[2010/07/17 05:09:04 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpl1.dll
[2010/07/17 05:09:04 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu1.dll
[2010/07/17 05:09:04 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdro.dll
[2010/07/17 05:09:04 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdpl1.dll
[2010/07/17 05:09:04 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhu1.dll
[2010/07/17 05:09:02 | 000,176,157 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dllcache\dgrpsetu.dll
[2010/07/17 05:09:02 | 000,176,157 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dgrpsetu.dll
[2010/07/17 05:09:02 | 000,085,020 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dllcache\dgsetup.dll
[2010/07/17 05:09:02 | 000,085,020 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dgsetup.dll
[2010/07/17 05:09:02 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irclass.dll
[2010/07/17 05:09:02 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irclass.dll
[2010/07/17 05:09:01 | 000,103,424 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\EqnClass.Dll
[2010/07/17 05:09:01 | 000,103,424 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqnclass.dll
[2010/07/17 05:09:01 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\spxcoins.dll
[2010/07/17 05:09:01 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxcoins.dll
[2010/07/17 05:09:01 | 000,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TAPI.DLL
[2010/07/17 05:09:01 | 000,013,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\WFWNET.DRV
[2010/07/17 05:09:01 | 000,009,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VER.DLL
[2010/07/17 05:09:01 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SHELL.DLL
[2010/07/17 05:09:01 | 000,004,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TIMER.DRV
[2010/07/17 05:09:01 | 000,003,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SYSTEM.DRV
[2010/07/17 05:09:01 | 000,002,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VGA.DRV
[2010/07/17 05:09:01 | 000,001,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SOUND.DRV
[2010/07/17 05:09:00 | 000,126,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MSVIDEO.DLL
[2010/07/17 05:09:00 | 000,109,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVIFILE.DLL
[2010/07/17 05:09:00 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLECLI.DLL
[2010/07/17 05:09:00 | 000,073,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIAVI.DRV
[2010/07/17 05:09:00 | 000,032,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\COMMDLG.DLL
[2010/07/17 05:09:00 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIWAVE.DRV
[2010/07/17 05:09:00 | 000,025,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCISEQ.DRV
[2010/07/17 05:09:00 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLESVR.DLL
[2010/07/17 05:09:00 | 000,009,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\LZEXPAND.DLL
[2010/07/17 05:09:00 | 000,002,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MOUSE.DRV
[2010/07/17 05:09:00 | 000,002,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\KEYBOARD.DRV
[2010/07/17 05:09:00 | 000,001,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MMTASK.TSK
[2010/07/17 05:08:59 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\winspool.drv
[2010/07/17 05:08:59 | 000,069,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVICAP.DLL
[2010/07/17 05:08:59 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\TASKMAN.EXE
[2010/07/17 05:08:59 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\taskman.exe
[2010/07/17 05:08:59 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\batt.dll
[2010/07/17 05:08:58 | 000,068,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MMSYSTEM.DLL
[2010/07/17 05:08:57 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\storprop.dll
[2010/07/17 05:08:48 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu
[2010/07/17 05:08:48 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents
[2010/07/17 05:08:48 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Templates
[2010/07/17 05:08:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Favorites
[2010/07/17 05:08:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Desktop
[2010/07/17 05:08:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2010/07/17 05:08:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot
[2010/07/17 05:08:27 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2010/07/17 05:08:27 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\All Users\Application Data
[2010/07/17 05:07:58 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2010/07/17 05:07:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings
[2010/07/17 05:00:06 | 000,000,000 | R-SD | C] -- C:\WINDOWS\Fonts
[2010/07/17 05:00:06 | 000,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2010/07/17 05:00:06 | 000,000,000 | R--D | C] -- C:\WINDOWS\Web
[2010/07/17 05:00:06 | 000,000,000 | -H-D | C] -- C:\WINDOWS\inf
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\WinSxS
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wins
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\twain_32
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\system32
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\system
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\spool
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\security
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\Resources
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\repair
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ras
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\Provisioning
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\PeerNet
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\pchealth
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\npp
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\mui
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\mui
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\msapps
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\msagent
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\Media
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\java
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\IME
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\ime
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ias
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\Help
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\export
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\dell
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\Debug
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cursors
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\config
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\Config
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\AppPatch
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\addins
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3076
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\2052
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1054
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1042
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1041
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1037
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1033
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1031
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1028
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1025
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/08/01 12:23:26 | 000,001,014 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1417001333-2000478354-2147097355-1004UA.job
[2010/08/01 11:29:45 | 000,033,280 | ---- | M] () -- C:\Documents and Settings\K. Nykol Brown\Desktop\my help.doc
[2010/08/01 11:15:10 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/08/01 11:15:08 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/08/01 11:15:06 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/07/31 00:01:01 | 002,097,152 | -H-- | M] () -- C:\Documents and Settings\K. Nykol Brown\NTUSER.DAT
[2010/07/31 00:00:37 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\K. Nykol Brown\ntuser.ini
[2010/07/31 00:00:25 | 003,720,236 | -H-- | M] () -- C:\Documents and Settings\K. Nykol Brown\Local Settings\Application Data\IconCache.db
[2010/07/29 22:48:11 | 000,000,256 | ---- | M] () -- C:\WINDOWS\System32\pool.bin
[2010/07/28 21:23:02 | 000,000,962 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1417001333-2000478354-2147097355-1004Core.job
[2010/07/25 18:46:51 | 000,003,400 | ---- | M] () -- C:\WINDOWS\System32\SpoonUninstall-dBpoweramp Windows Media Audio 10 Codec.dat
[2010/07/25 18:46:34 | 000,033,846 | ---- | M] () -- C:\WINDOWS\System32\SpoonUninstall-dBpoweramp Windows Media Audio 10 Codec.bmp
[2010/07/25 18:46:09 | 010,901,680 | ---- | M] () -- C:\WINDOWS\System32\SpoonUninstall.exe
[2010/07/25 17:48:43 | 000,001,536 | ---- | M] () -- C:\Documents and Settings\K. Nykol Brown\Start Menu\Programs\Startup\LimeWire On Startup.lnk
[2010/07/25 17:47:17 | 000,423,656 | ---- | M] (Oracle) -- C:\WINDOWS\System32\deployJava1.dll
[2010/07/25 17:47:17 | 000,153,376 | ---- | M] (Oracle) -- C:\WINDOWS\System32\javaws.exe
[2010/07/25 17:47:17 | 000,145,184 | ---- | M] (Oracle) -- C:\WINDOWS\System32\javaw.exe
[2010/07/25 17:47:17 | 000,145,184 | ---- | M] (Oracle) -- C:\WINDOWS\System32\java.exe
[2010/07/25 17:47:17 | 000,073,728 | ---- | M] (Oracle) -- C:\WINDOWS\System32\javacpl.cpl
[2010/07/25 17:40:29 | 000,010,240 | ---- | M] () -- C:\Documents and Settings\K. Nykol Brown\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/07/25 00:27:32 | 000,000,356 | ---- | M] () -- C:\WINDOWS\tasks\Uniblue SpyEraser.job
[2010/07/22 12:27:07 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/07/21 00:28:11 | 000,000,525 | ---- | M] () -- C:\WINDOWS\eReg.dat
[2010/07/19 12:02:53 | 000,493,258 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/07/19 12:02:53 | 000,435,828 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/07/19 12:02:53 | 000,068,558 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/07/18 22:44:26 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/07/18 22:44:13 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010/07/18 22:38:35 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2010/07/18 21:21:46 | 000,002,331 | ---- | M] () -- C:\Documents and Settings\K. Nykol Brown\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/07/18 15:33:52 | 000,118,152 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/07/17 20:13:49 | 000,000,014 | ---- | M] () -- C:\WINDOWS\popcinfo.dat
[2010/07/17 20:01:16 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010/07/17 19:17:39 | 000,018,632 | ---- | M] () -- C:\Documents and Settings\K. Nykol Brown\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/07/17 16:09:50 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2010/07/17 15:11:26 | 000,000,127 | ---- | M] () -- C:\WINDOWS\System32\MRT.INI
[2010/07/17 14:22:34 | 000,000,792 | ---- | M] () -- C:\Documents and Settings\K. Nykol Brown\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Microsoft Office Outlook.lnk
[2010/07/17 13:44:10 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\K. Nykol Brown\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010/07/17 13:40:11 | 000,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2010/07/17 13:36:42 | 000,001,602 | ---- | M] () -- C:\Documents and Settings\K. Nykol Brown\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/07/17 13:36:04 | 000,001,602 | ---- | M] () -- C:\Documents and Settings\K. Nykol Brown\Desktop\Mozilla Firefox.lnk
[2010/07/17 13:34:14 | 000,262,144 | ---- | M] () -- C:\Documents and Settings\All Users\ntuser.dat
[2010/07/17 12:55:25 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2010/07/17 12:55:25 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2010/07/17 12:55:16 | 000,000,603 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/07/17 12:53:55 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2010/07/17 12:52:54 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
[2010/07/17 12:44:01 | 000,000,376 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2010/07/17 11:23:16 | 000,000,004 | -H-- | M] () -- C:\Documents and Settings\All Users\Application Data\QSLLPSVCShare
[2010/07/17 11:03:14 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[2010/07/17 10:47:58 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\K. Nykol Brown\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2010/07/17 10:27:13 | 000,000,261 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2010/07/17 10:24:17 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/07/17 10:24:17 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2010/07/17 10:24:17 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/07/17 10:24:17 | 000,000,000 | ---- | M] () -- C:\WINDOWS\control.ini
[2010/07/17 10:24:17 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010/07/17 10:24:17 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010/07/17 10:23:57 | 000,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2010/07/17 10:22:58 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\System32\WindowsLogon.manifest
[2010/07/17 10:22:58 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2010/07/17 10:22:51 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2010/07/17 10:22:51 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\WindowsShell.Manifest
[2010/07/17 10:22:51 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2010/07/17 10:22:51 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2010/07/17 10:22:51 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2010/07/17 10:22:51 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2010/07/17 10:21:00 | 000,021,640 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010/07/17 10:20:45 | 000,000,037 | ---- | M] () -- C:\WINDOWS\vbaddin.ini
[2010/07/17 10:20:45 | 000,000,036 | ---- | M] () -- C:\WINDOWS\vb.ini
[2010/07/09 08:44:52 | 000,032,824 | ---- | M] (Resplendence Software Projects Sp) -- C:\WINDOWS\System32\rrMon.sys
[2010/07/09 08:44:50 | 000,120,376 | ---- | M] () -- C:\WINDOWS\System32\rrsec.dll
[2010/07/09 08:44:48 | 000,097,888 | ---- | M] () -- C:\WINDOWS\System32\rrsec2k.exe
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/08/01 11:29:45 | 000,033,280 | ---- | C] () -- C:\Documents and Settings\K. Nykol Brown\Desktop\my help.doc
[2010/07/25 18:46:51 | 000,033,846 | ---- | C] () -- C:\WINDOWS\System32\SpoonUninstall-dBpoweramp Windows Media Audio 10 Codec.bmp
[2010/07/25 18:46:50 | 010,901,680 | ---- | C] () -- C:\WINDOWS\System32\SpoonUninstall.exe
[2010/07/25 18:46:50 | 000,003,400 | ---- | C] () -- C:\WINDOWS\System32\SpoonUninstall-dBpoweramp Windows Media Audio 10 Codec.dat
[2010/07/25 17:48:43 | 000,001,536 | ---- | C] () -- C:\Documents and Settings\K. Nykol Brown\Start Menu\Programs\Startup\LimeWire On Startup.lnk
[2010/07/25 00:27:32 | 000,000,356 | ---- | C] () -- C:\WINDOWS\tasks\Uniblue SpyEraser.job
[2010/07/24 08:25:29 | 000,014,115 | ---- | C] () -- C:\WINDOWS\twspmm.ini
[2010/07/24 08:25:29 | 000,005,860 | ---- | C] () -- C:\WINDOWS\twspmm.src
[2010/07/24 08:24:26 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2010/07/24 08:24:25 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010/07/21 00:28:11 | 000,000,525 | ---- | C] () -- C:\WINDOWS\eReg.dat
[2010/07/18 23:03:34 | 000,120,376 | ---- | C] () -- C:\WINDOWS\System32\rrsec.dll
[2010/07/18 23:03:34 | 000,097,888 | ---- | C] () -- C:\WINDOWS\System32\rrsec2k.exe
[2010/07/18 22:38:35 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2010/07/18 22:38:33 | 000,260,272 | ---- | C] () -- C:\cmldr
[2010/07/18 22:36:55 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010/07/18 22:36:55 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010/07/18 22:36:55 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010/07/18 22:36:55 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010/07/18 21:21:46 | 000,002,331 | ---- | C] () -- C:\Documents and Settings\K. Nykol Brown\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/07/18 21:18:50 | 000,001,014 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1417001333-2000478354-2147097355-1004UA.job
[2010/07/18 21:18:48 | 000,000,962 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1417001333-2000478354-2147097355-1004Core.job
[2010/07/17 20:13:49 | 000,000,014 | ---- | C] () -- C:\WINDOWS\popcinfo.dat
[2010/07/17 20:00:51 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2010/07/17 15:11:26 | 000,000,127 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2010/07/17 14:54:18 | 000,001,261 | ---- | C] () -- C:\WINDOWS\System32\pid.inf
[2010/07/17 14:22:34 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\K. Nykol Brown\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Microsoft Office Outlook.lnk
[2010/07/17 14:14:25 | 000,000,256 | ---- | C] () -- C:\WINDOWS\System32\pool.bin
[2010/07/17 13:44:10 | 000,000,815 | ---- | C] () -- C:\Documents and Settings\K. Nykol Brown\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010/07/17 13:40:11 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010/07/17 13:36:42 | 000,001,602 | ---- | C] () -- C:\Documents and Settings\K. Nykol Brown\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/07/17 13:36:04 | 000,001,602 | ---- | C] () -- C:\Documents and Settings\K. Nykol Brown\Desktop\Mozilla Firefox.lnk
[2010/07/17 13:34:13 | 000,262,144 | ---- | C] () -- C:\Documents and Settings\All Users\ntuser.dat
[2010/07/17 13:34:13 | 000,001,024 | -H-- | C] () -- C:\Documents and Settings\All Users\ntuser.dat.LOG
[2010/07/17 13:19:35 | 000,016,384 | ---- | C] () -- C:\WINDOWS\System32\FileOps.exe
[2010/07/17 12:52:54 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
[2010/07/17 12:48:50 | 000,000,284 | ---- | C] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/07/17 12:44:01 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010/07/17 12:25:59 | 000,010,240 | ---- | C] () -- C:\Documents and Settings\K. Nykol Brown\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/07/17 11:29:37 | 000,000,666 | ---- | C] () -- C:\WINDOWS\speed.reg
[2010/07/17 11:25:29 | 000,133,972 | ---- | C] () -- C:\WINDOWS\System32\drivers\del1028.cty
[2010/07/17 11:23:16 | 000,000,004 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\QSLLPSVCShare
[2010/07/17 11:21:44 | 000,058,704 | ---- | C] () -- C:\WINDOWS\System32\igxpxk32.vp
[2010/07/17 11:21:44 | 000,024,704 | ---- | C] () -- C:\WINDOWS\System32\igxpxs32.vp
[2010/07/17 11:21:44 | 000,000,929 | ---- | C] () -- C:\WINDOWS\System32\igxpxa32.vp
[2010/07/17 11:21:43 | 000,524,850 | ---- | C] () -- C:\WINDOWS\System32\igxpxa32.cpa
[2010/07/17 11:20:45 | 000,757,760 | ---- | C] () -- C:\WINDOWS\System32\bcm1xsup.dll
[2010/07/17 11:20:45 | 000,018,944 | ---- | C] () -- C:\WINDOWS\System32\WLTRYSVC.EXE
[2010/07/17 11:20:44 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\preflib.dll
[2010/07/17 11:02:50 | 000,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty
[2010/07/17 11:02:50 | 000,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod
[2010/07/17 11:02:49 | 000,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img
[2010/07/17 10:50:45 | 000,171,967 | ---- | C] () -- C:\WINDOWS\System32\Odbcjet.hlp
[2010/07/17 10:50:45 | 000,007,348 | ---- | C] () -- C:\WINDOWS\System32\Odbcjet.cnt
[2010/07/17 10:47:58 | 000,000,079 | ---- | C] () -- C:\Documents and Settings\K. Nykol Brown\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2010/07/17 10:47:42 | 000,024,576 | -H-- | C] () -- C:\Documents and Settings\K. Nykol Brown\ntuser.dat.LOG
[2010/07/17 10:47:42 | 000,000,278 | -HS- | C] () -- C:\Documents and Settings\K. Nykol Brown\ntuser.ini
[2010/07/17 10:47:40 | 002,097,152 | -H-- | C] () -- C:\Documents and Settings\K. Nykol Brown\NTUSER.DAT
[2010/07/17 10:27:08 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010/07/17 10:27:01 | 000,028,288 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xjis.nls
[2010/07/17 10:26:28 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prcp.nls
[2010/07/17 10:26:28 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prc.nls
[2010/07/17 10:26:26 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2010/07/17 10:26:06 | 000,047,066 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ksc.nls
[2010/07/17 10:26:05 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2010/07/17 10:25:59 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2010/07/17 10:25:57 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2010/07/17 10:25:55 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2010/07/17 10:25:42 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2010/07/17 10:25:36 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2010/07/17 10:25:19 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2010/07/17 10:25:15 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_864.nls
[2010/07/17 10:25:15 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_862.nls
[2010/07/17 10:25:15 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_858.nls
[2010/07/17 10:25:15 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_870.nls
[2010/07/17 10:25:14 | 000,180,770 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20932.nls
[2010/07/17 10:25:14 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20949.nls
[2010/07/17 10:25:14 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20936.nls
[2010/07/17 10:25:14 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_720.nls
[2010/07/17 10:25:14 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_708.nls
[2010/07/17 10:25:14 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28596.nls
[2010/07/17 10:25:14 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21027.nls
[2010/07/17 10:25:14 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21025.nls
[2010/07/17 10:25:13 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20924.nls
[2010/07/17 10:25:13 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20880.nls
[2010/07/17 10:25:13 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20871.nls
[2010/07/17 10:25:13 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20838.nls
[2010/07/17 10:25:13 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20833.nls
[2010/07/17 10:25:13 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20424.nls
[2010/07/17 10:25:13 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20423.nls
[2010/07/17 10:25:13 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20420.nls
[2010/07/17 10:25:13 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20297.nls
[2010/07/17 10:25:13 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20290.nls
[2010/07/17 10:25:13 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20285.nls
[2010/07/17 10:25:13 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20284.nls
[2010/07/17 10:25:12 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20280.nls
[2010/07/17 10:25:12 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20278.nls
[2010/07/17 10:25:12 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20277.nls
[2010/07/17 10:25:12 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20273.nls
[2010/07/17 10:25:12 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20269.nls
[2010/07/17 10:25:12 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20108.nls
[2010/07/17 10:25:12 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20107.nls
[2010/07/17 10:25:12 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20106.nls
[2010/07/17 10:25:12 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20105.nls
[2010/07/17 10:25:11 | 000,189,986 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1361.nls
[2010/07/17 10:25:11 | 000,187,938 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20005.nls
[2010/07/17 10:25:11 | 000,186,402 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20001.nls
[2010/07/17 10:25:11 | 000,185,378 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20003.nls
[2010/07/17 10:25:11 | 000,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20004.nls
[2010/07/17 10:25:11 | 000,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20000.nls
[2010/07/17 10:25:11 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20002.nls
[2010/07/17 10:25:10 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1149.nls
[2010/07/17 10:25:10 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1148.nls
[2010/07/17 10:25:10 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1147.nls
[2010/07/17 10:25:10 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1146.nls
[2010/07/17 10:25:10 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1145.nls
[2010/07/17 10:25:10 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1144.nls
[2010/07/17 10:25:10 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1143.nls
[2010/07/17 10:25:10 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1142.nls
[2010/07/17 10:25:10 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1141.nls
[2010/07/17 10:25:10 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1140.nls
[2010/07/17 10:25:10 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1047.nls
[2010/07/17 10:25:09 | 000,195,618 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10002.nls
[2010/07/17 10:25:09 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10003.nls
[2010/07/17 10:25:09 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10008.nls
[2010/07/17 10:25:09 | 000,162,850 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10001.nls
[2010/07/17 10:25:09 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10021.nls
[2010/07/17 10:25:09 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10005.nls
[2010/07/17 10:25:09 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10004.nls
[2010/07/17 10:25:08 | 000,082,172 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bopomofo.nls
[2010/07/17 10:25:08 | 000,066,728 | ---- | C] () -- C:\WINDOWS\System32\dllcache\big5.nls
[2010/07/17 10:24:17 | 000,002,577 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/07/17 10:24:17 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2010/07/17 10:24:17 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2010/07/17 10:24:17 | 000,000,000 | ---- | C] () -- C:\CONFIG.SYS
[2010/07/17 10:24:17 | 000,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT
[2010/07/17 10:24:08 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2010/07/17 10:24:08 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2010/07/17 10:24:07 | 000,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2010/07/17 10:22:58 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\WindowsLogon.manifest
[2010/07/17 10:22:58 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2010/07/17 10:22:51 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2010/07/17 10:22:51 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\WindowsShell.Manifest
[2010/07/17 10:22:51 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2010/07/17 10:22:51 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2010/07/17 10:22:51 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2010/07/17 10:22:51 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2010/07/17 10:22:30 | 004,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex
[2010/07/17 10:21:58 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2010/07/17 10:21:58 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2010/07/17 10:21:52 | 000,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf
[2010/07/17 10:21:00 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010/07/17 10:19:43 | 000,065,954 | ---- | C] () -- C:\WINDOWS\Prairie Wind.bmp
[2010/07/17 10:19:43 | 000,065,832 | ---- | C] () -- C:\WINDOWS\Santa Fe Stucco.bmp
[2010/07/17 10:19:43 | 000,026,680 | ---- | C] () -- C:\WINDOWS\River Sumida.bmp
[2010/07/17 10:19:43 | 000,026,582 | ---- | C] () -- C:\WINDOWS\Greenstone.bmp
[2010/07/17 10:19:43 | 000,017,362 | ---- | C] () -- C:\WINDOWS\Rhododendron.bmp
[2010/07/17 10:19:43 | 000,017,336 | ---- | C] () -- C:\WINDOWS\Gone Fishing.bmp
[2010/07/17 10:19:43 | 000,009,522 | ---- | C] () -- C:\WINDOWS\Zapotec.bmp
[2010/07/17 10:19:42 | 000,093,702 | ---- | C] () -- C:\WINDOWS\System32\subrange.uce
[2010/07/17 10:19:42 | 000,065,978 | ---- | C] () -- C:\WINDOWS\Soap Bubbles.bmp
[2010/07/17 10:19:42 | 000,017,062 | ---- | C] () -- C:\WINDOWS\Coffee Bean.bmp
[2010/07/17 10:19:42 | 000,016,740 | ---- | C] () -- C:\WINDOWS\System32\shiftjis.uce
[2010/07/17 10:19:42 | 000,016,730 | ---- | C] () -- C:\WINDOWS\FeatherTexture.bmp
[2010/07/17 10:19:42 | 000,012,876 | ---- | C] () -- C:\WINDOWS\System32\korean.uce
[2010/07/17 10:19:42 | 000,008,484 | ---- | C] () -- C:\WINDOWS\System32\kanji_2.uce
[2010/07/17 10:19:42 | 000,006,948 | ---- | C] () -- C:\WINDOWS\System32\kanji_1.uce
[2010/07/17 10:19:42 | 000,001,272 | ---- | C] () -- C:\WINDOWS\Blue Lace 16.bmp
[2010/07/17 10:19:41 | 000,060,458 | ---- | C] () -- C:\WINDOWS\System32\ideograf.uce
[2010/07/17 10:19:41 | 000,024,006 | ---- | C] () -- C:\WINDOWS\System32\gb2312.uce
[2010/07/17 10:19:41 | 000,022,984 | ---- | C] () -- C:\WINDOWS\System32\bopomofo.uce
[2010/07/17 10:19:40 | 000,001,161 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2010/07/17 10:19:39 | 000,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h
[2010/07/17 10:19:38 | 000,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h
[2010/07/17 10:19:33 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc
[2010/07/17 05:09:16 | 001,685,606 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.spd
[2010/07/17 05:09:16 | 000,000,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.sdf
[2010/07/17 05:09:15 | 000,605,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa
[2010/07/17 05:09:14 | 000,643,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa
[2010/07/17 05:09:12 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28603.nls
[2010/07/17 05:09:12 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28603.nls
[2010/07/17 05:09:11 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_857.nls
[2010/07/17 05:09:11 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_857.nls
[2010/07/17 05:09:11 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28599.nls
[2010/07/17 05:09:11 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28599.nls
[2010/07/17 05:09:11 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10081.nls
[2010/07/17 05:09:11 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10081.nls
[2010/07/17 05:09:09 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28595.nls
[2010/07/17 05:09:09 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28595.NLS
[2010/07/17 05:09:09 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10017.nls
[2010/07/17 05:09:09 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10017.nls
[2010/07/17 05:09:09 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10007.nls
[2010/07/17 05:09:09 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10007.nls
[2010/07/17 05:09:07 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_869.nls
[2010/07/17 05:09:07 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_869.nls
[2010/07/17 05:09:07 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_737.nls
[2010/07/17 05:09:07 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_737.nls
[2010/07/17 05:09:07 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_875.nls
[2010/07/17 05:09:07 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_875.nls
[2010/07/17 05:09:07 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28597.nls
[2010/07/17 05:09:07 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28597.NLS
[2010/07/17 05:09:07 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10006.nls
[2010/07/17 05:09:07 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10006.nls
[2010/07/17 05:09:06 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_866.nls
[2010/07/17 05:09:06 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_866.nls
[2010/07/17 05:09:06 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_855.nls
[2010/07/17 05:09:06 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_855.nls
[2010/07/17 05:09:06 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28594.nls
[2010/07/17 05:09:06 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28594.NLS
[2010/07/17 05:09:04 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_852.nls
[2010/07/17 05:09:04 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_852.nls
[2010/07/17 05:09:04 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10082.nls
[2010/07/17 05:09:04 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10082.nls
[2010/07/17 05:09:04 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10029.nls
[2010/07/17 05:09:04 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10029.nls
[2010/07/17 05:09:04 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10010.nls
[2010/07/17 05:09:04 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10010.nls
[2010/07/17 05:09:02 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20127.nls
[2010/07/17 05:09:02 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_20127.nls
[2010/07/17 05:08:59 | 000,001,688 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2010/07/17 05:08:47 | 001,042,903 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP2.CAT
[2010/07/17 05:08:47 | 000,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2010/07/17 05:08:47 | 000,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2010/07/17 05:08:47 | 000,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2010/07/17 05:08:47 | 000,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2010/07/17 05:08:47 | 000,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2010/07/17 05:08:47 | 000,007,710 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2010/07/17 05:08:47 | 000,007,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat
[2010/07/17 05:07:57 | 000,118,152 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/07/17 05:07:22 | 000,000,281 | RHS- | C] () -- C:\boot.ini
[2010/07/17 05:07:18 | 000,000,261 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf
[2003/01/07 10:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI

========== Custom Scans ==========


< %systemroot%\system32\*.dll /lockedfiles >
[4 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2010/07/17 05:07:21 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2010/07/17 05:07:21 | 000,634,880 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2010/07/17 05:07:20 | 000,884,736 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\*. /mp /s >

< %SYSTEMDRIVE%\*.exe >
[2007/11/07 08:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe
< End of report >






#4 syler

syler

  • Malware Response Team
  • 8,150 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Warrington, UK
  • Local time:04:30 AM

Posted 02 August 2010 - 05:59 AM

Hi legogirl88,

Im not seeing much wrong in your logs, can you tell me what problems you are currently having?

Please download these two files from here and here then place them in the following folder:

C:\windows\system32


Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    CODE
    :OTL
    DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\UIUSys.sys -- (UIUSys)
    Drivers32: VIDC.SP54 - SP5X_32.DLL File not found
    Drivers32: VIDC.SP55 - SP5X_32.DLL File not found
    Drivers32: VIDC.SP56 - SP5X_32.DLL File not found
    Drivers32: VIDC.SP57 - SP5X_32.DLL File not found
    Drivers32: VIDC.SP58 - SP5X_32.DLL File not found
    :Commands
    [emptytemp]
    [emptyflash]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot when it is done
  • You will get a log that shows the results of the fix. Please post it.
  • Then also run a new OTL scan without the bold text, and post the new OTL log.

unite.jpg


#5 legogirl88

legogirl88
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:10:30 PM

Posted 02 August 2010 - 11:16 AM

The only problem I am having is with my internet searches. When I click a link, it redirects me to another site. I have to click the "recent pages" arrow and go back 3 pages to the original search page and click the link again. It usually works the second time, but it's just extremely annoying. My girlfriends laptop does the exact same thing so I am so confused!




All processes killed
========== OTL ==========
Service UIUSys stopped successfully!
Service UIUSys deleted successfully!
File C:\WINDOWS\System32\drivers\UIUSys.sys not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32\\VIDC.SP54 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32\\VIDC.SP55 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32\\VIDC.SP56 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32\\VIDC.SP57 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32\\VIDC.SP58 deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: K. Nykol Brown
->Temp folder emptied: 10141399 bytes
->Temporary Internet Files folder emptied: 3111703 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 37819594 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 3528 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 615990 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 2840081 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 52393508 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 112349071 bytes

Total Files Cleaned = 209.00 mb


[EMPTYFLASH]

User: All Users

User: Default User

User: K. Nykol Brown
->Flash cache emptied: 0 bytes

User: LocalService

User: NetworkService

Total Flash Files Cleaned = 0.00 mb


OTL by OldTimer - Version 3.2.9.1 log created on 08022010_110222

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...


------------------------------------------------------------------------------------------------



OTL logfile created on: 8/2/2010 11:06:10 AM - Run 3
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Documents and Settings\K. Nykol Brown\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

503.00 Mb Total Physical Memory | 173.00 Mb Available Physical Memory | 34.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 77.00% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 52.72 Gb Total Space | 40.22 Gb Free Space | 76.29% Space Free | Partition Type: NTFS
Drive D: | 18.61 Gb Total Space | 18.55 Gb Free Space | 99.66% Space Free | Partition Type: NTFS
Drive E: | 654.81 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: B130
Current User Name: K. Nykol Brown
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/08/01 11:31:57 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\K. Nykol Brown\My Documents\Downloads\OTL.exe
PRC - [2010/07/24 16:15:56 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/04/29 15:39:34 | 000,304,464 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2010/04/29 15:39:32 | 000,437,584 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2010/03/10 22:32:26 | 000,648,536 | ---- | M] (Research In Motion Limited) -- C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe
PRC - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/04/06 14:58:52 | 001,032,192 | ---- | M] (Dell Inc) -- C:\Program Files\Dell\QuickSet\quickset.exe
PRC - [2006/04/06 14:57:54 | 000,380,928 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\QuickSet\NicConfigSvc.exe
PRC - [2006/03/24 17:30:44 | 000,282,624 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\stsystra.exe


========== Modules (SafeList) ==========

MOD - [2010/08/01 11:31:57 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\K. Nykol Brown\My Documents\Downloads\OTL.exe
MOD - [2008/04/13 19:10:20 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx


========== Win32 Services (SafeList) ==========

SRV - [2010/04/29 15:39:34 | 000,304,464 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2006/04/06 14:57:54 | 000,380,928 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell\QuickSet\NicConfigSvc.exe -- (NICCONFIGSVC)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\K9689~1.NYK\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2010/04/29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2008/12/16 15:44:42 | 000,516,480 | ---- | M] (Digital Camera) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\Ca1528av.sys -- (Ca1528av)
DRV - [2008/06/27 16:41:14 | 000,011,648 | ---- | M] (SunPlus) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Bulk1528.sys -- (Bulk1528)
DRV - [2008/04/13 11:36:05 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2006/03/24 17:34:30 | 001,156,648 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2006/03/08 12:35:10 | 000,191,872 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)
DRV - [2005/11/02 13:24:34 | 000,424,320 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2005/08/12 17:50:46 | 000,016,128 | ---- | M] (Dell Inc) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS -- (APPDRV)
DRV - [2005/08/05 11:32:16 | 000,045,312 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2005/07/22 11:02:12 | 001,035,008 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2005/07/22 11:01:08 | 000,201,600 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2005/07/22 11:01:00 | 000,717,952 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2001/08/22 08:42:58 | 000,013,632 | ---- | M] (Dell Computer Corporation) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\OMCI.SYS -- (OMCI)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.startup.homepage: "www.yahoo.com"
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/07/24 16:16:02 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/07/25 17:47:31 | 000,000,000 | ---D | M]

[2010/07/25 17:48:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\K. Nykol Brown\Application Data\Mozilla\Extensions
[2010/07/25 17:48:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\K. Nykol Brown\Application Data\Mozilla\Extensions\mozswing@mozswing.org
[2010/08/01 11:25:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\K. Nykol Brown\Application Data\Mozilla\Firefox\Profiles\r2nrabz6.default\extensions
[2010/07/23 12:22:37 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\K. Nykol Brown\Application Data\Mozilla\Firefox\Profiles\r2nrabz6.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/07/18 22:56:24 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Documents and Settings\K. Nykol Brown\Application Data\Mozilla\Firefox\Profiles\r2nrabz6.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2010/08/01 11:25:21 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/07/25 17:47:34 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/07/25 17:47:18 | 000,423,656 | ---- | M] (Oracle) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll

O1 HOSTS File: ([2010/07/18 22:44:13 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Yahooo Search Protection) - {25BC7718-0BFA-40EA-B381-4B2D9732D686} - C:\Program Files\Yahoo!\Search Protection\ysp.dll (Yahoo! Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [BlackBerryAutoUpdate] C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe (Research In Motion Limited)
O4 - HKLM..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
O4 - Startup: C:\Documents and Settings\K. Nykol Brown\Start Menu\Programs\Startup\LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe (Lime Wire, LLC)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl...indows-i586.cab (Java Plug-in 1.4.2_03)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_21)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 172.16.0.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\K. Nykol Brown\Desktop\myBox o'Stuff\capital one design copy.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\K. Nykol Brown\Desktop\myBox o'Stuff\capital one design copy.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/07/17 10:24:17 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2002/10/15 05:51:31 | 000,000,066 | R--- | M] () - E:\AUTORUN.INF -- [ CDFS ]
O32 - AutoRun File - [2002/01/07 11:13:00 | 000,258,048 | R--- | M] () - E:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2002/10/15 05:56:54 | 000,000,000 | R--D | M] - E:\autorun -- [ CDFS ]
O33 - MountPoints2\{ba58f686-9189-11df-8bae-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{ba58f686-9189-11df-8bae-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{ba58f686-9189-11df-8bae-806d6172696f}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2002/01/07 11:13:00 | 000,258,048 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/08/02 11:02:23 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/08/02 11:00:47 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidserv.dll
[2010/08/01 13:03:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\K. Nykol Brown\Application Data\DivX
[2010/08/01 12:58:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\K. Nykol Brown\Local Settings\Application Data\WMTools Downloaded Files
[2010/07/25 17:48:39 | 000,000,000 | R--D | C] -- C:\Documents and Settings\K. Nykol Brown\My Documents\LimeWire
[2010/07/25 17:48:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\K. Nykol Brown\Application Data\LimeWire
[2010/07/25 17:47:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun
[2010/07/25 17:47:31 | 000,423,656 | ---- | C] (Oracle) -- C:\WINDOWS\System32\deployJava1.dll
[2010/07/25 17:47:31 | 000,153,376 | ---- | C] (Oracle) -- C:\WINDOWS\System32\javaws.exe
[2010/07/25 17:47:31 | 000,145,184 | ---- | C] (Oracle) -- C:\WINDOWS\System32\javaw.exe
[2010/07/25 17:47:31 | 000,145,184 | ---- | C] (Oracle) -- C:\WINDOWS\System32\java.exe
[2010/07/25 17:47:31 | 000,073,728 | ---- | C] (Oracle) -- C:\WINDOWS\System32\javacpl.cpl
[2010/07/24 23:48:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\K. Nykol Brown\Application Data\Uniblue
[2010/07/24 23:46:03 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\K. Nykol Brown\Recent
[2010/07/24 08:26:15 | 000,010,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndisip.sys
[2010/07/24 08:26:10 | 000,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstee.sys
[2010/07/24 08:26:05 | 000,015,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\streamip.sys
[2010/07/24 08:26:04 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipsink.ax
[2010/07/24 08:26:04 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipsink.ax
[2010/07/24 08:26:00 | 000,011,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\slip.sys
[2010/07/24 08:25:55 | 000,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wstcodec.sys
[2010/07/24 08:25:51 | 000,085,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nabtsfec.sys
[2010/07/24 08:25:47 | 000,017,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ccdecode.sys
[2010/07/24 08:25:39 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vfwwdm32.dll
[2010/07/24 08:25:39 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vfwwdm32.dll
[2010/07/24 08:25:38 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kswdmcap.ax
[2010/07/24 08:25:38 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kswdmcap.ax
[2010/07/24 08:25:38 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kstvtune.ax
[2010/07/24 08:25:38 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kstvtune.ax
[2010/07/24 08:25:38 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksxbar.ax
[2010/07/24 08:25:38 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksxbar.ax
[2010/07/24 08:25:29 | 000,516,480 | ---- | C] (Digital Camera) -- C:\WINDOWS\System32\drivers\Ca1528av.sys
[2010/07/24 08:25:29 | 000,131,072 | ---- | C] (Sunplus) -- C:\WINDOWS\System\SP5X_32.DLL
[2010/07/24 08:25:29 | 000,011,648 | ---- | C] (SunPlus) -- C:\WINDOWS\System32\drivers\Bulk1528.sys
[2010/07/24 08:25:28 | 000,016,384 | ---- | C] (Windows ® 2000 DDK provider) -- C:\WINDOWS\System32\Dext1528.ax
[2010/07/24 08:25:28 | 000,000,000 | ---D | C] -- C:\Program Files\SPCA1528
[2010/07/24 08:24:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Vivitar
[2010/07/24 08:24:24 | 000,060,273 | ---- | C] (Open Source Software community project) -- C:\WINDOWS\System32\pthreadGC2.dll
[2010/07/24 08:24:24 | 000,000,000 | ---D | C] -- C:\Program Files\ffdshow
[2010/07/24 08:23:40 | 000,000,000 | ---D | C] -- C:\Program Files\Vivitar Experience Image Manager
[2010/07/23 11:26:07 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010/07/22 12:27:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Yahoo!
[2010/07/22 12:27:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple
[2010/07/21 00:29:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\K. Nykol Brown\My Documents\Harry Potter II
[2010/07/21 00:28:46 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010/07/18 23:03:38 | 000,032,824 | ---- | C] (Resplendence Software Projects Sp) -- C:\WINDOWS\System32\rrMon.sys
[2010/07/18 23:03:33 | 000,000,000 | ---D | C] -- C:\Program Files\Registrar Registry Manager
[2010/07/18 22:47:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2010/07/18 22:38:30 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010/07/18 22:36:55 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010/07/18 22:36:55 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010/07/18 22:36:55 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010/07/18 22:36:55 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010/07/18 22:35:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/07/18 22:35:26 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010/07/18 22:10:41 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\K. Nykol Brown\IECompatCache
[2010/07/18 21:18:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\K. Nykol Brown\Local Settings\Application Data\Temp
[2010/07/18 21:18:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\K. Nykol Brown\Local Settings\Application Data\Google
[2010/07/18 15:08:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2010/07/18 15:08:29 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2010/07/18 15:08:21 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2010/07/18 15:07:51 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\printfilterpipelinesvc.exe
[2010/07/18 15:07:51 | 000,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpsshhdr.dll
[2010/07/18 15:07:51 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\prntvpt.dll
[2010/07/18 15:07:51 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\filterpipelineprintproc.dll
[2010/07/18 15:07:50 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpssvcs.dll
[2010/07/18 15:07:50 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpssvcs.dll
[2010/07/18 15:07:50 | 000,000,000 | ---D | C] -- C:\242aea37d657bf588fbdf238e3
[2010/07/18 15:02:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Research In Motion
[2010/07/18 12:23:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2010/07/18 10:58:02 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2010/07/18 10:58:02 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2010/07/18 10:58:00 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2010/07/18 10:57:59 | 001,985,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2010/07/18 10:57:57 | 011,076,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2010/07/17 20:26:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\K. Nykol Brown\My Documents\Harry Potter and the Prisoner of Azkaban
[2010/07/17 20:22:46 | 000,000,000 | ---D | C] -- C:\Program Files\EA GAMES
[2010/07/17 18:53:57 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\K. Nykol Brown\PrivacIE
[2010/07/17 17:03:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2010/07/17 16:16:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting
[2010/07/17 16:16:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2010/07/17 16:15:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en
[2010/07/17 16:15:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2010/07/17 16:10:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2010/07/17 16:05:24 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2010/07/17 15:11:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MpEngineStore
[2010/07/17 14:55:25 | 000,276,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmphoto.dll
[2010/07/17 14:55:24 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wlanapi.dll
[2010/07/17 14:55:22 | 000,712,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\windowscodecs.dll
[2010/07/17 14:55:22 | 000,346,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\windowscodecsext.dll
[2010/07/17 14:55:20 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\verclsid.exe
[2010/07/17 14:55:16 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsgqec.dll
[2010/07/17 14:55:07 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\setupn.exe
[2010/07/17 14:55:05 | 000,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rhttpaa.dll
[2010/07/17 14:55:03 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rasqec.dll
[2010/07/17 14:55:02 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qutil.dll
[2010/07/17 14:55:01 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qagent.dll
[2010/07/17 14:55:01 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qcliprov.dll
[2010/07/17 14:55:00 | 000,412,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\photometadatahandler.dll
[2010/07/17 14:54:58 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\onex.dll
[2010/07/17 14:54:50 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napmontr.dll
[2010/07/17 14:54:50 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napstat.exe
[2010/07/17 14:54:50 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napipsec.dll
[2010/07/17 14:54:49 | 001,372,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6.dll
[2010/07/17 14:54:49 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6r.dll
[2010/07/17 14:54:47 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mssha.dll
[2010/07/17 14:54:47 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msshavmsg.dll
[2010/07/17 14:54:36 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcperf.exe
[2010/07/17 14:54:35 | 000,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcex.dll
[2010/07/17 14:54:35 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\microsoft.managementconsole.dll
[2010/07/17 14:54:35 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcfxcommon.dll
[2010/07/17 14:54:26 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\l2gpstore.dll
[2010/07/17 14:54:26 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpash.dll
[2010/07/17 14:54:26 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdnepr.dll
[2010/07/17 14:54:26 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdiultn.dll
[2010/07/17 14:54:26 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbhc.dll
[2010/07/17 14:54:20 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ieencode.dll
[2010/07/17 14:54:09 | 000,184,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapp3hst.dll
[2010/07/17 14:54:09 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapphost.dll
[2010/07/17 14:54:09 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappcfg.dll
[2010/07/17 14:54:09 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappgnui.dll
[2010/07/17 14:54:09 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapqec.dll
[2010/07/17 14:54:09 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappprxy.dll
[2010/07/17 14:54:09 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapolqec.dll
[2010/07/17 14:54:07 | 000,650,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3ui.dll
[2010/07/17 14:54:07 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3cfg.dll
[2010/07/17 14:54:07 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3msm.dll
[2010/07/17 14:54:07 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3gpclnt.dll
[2010/07/17 14:54:07 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3api.dll
[2010/07/17 14:54:07 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3dlg.dll
[2010/07/17 14:54:06 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dimsroam.dll
[2010/07/17 14:54:04 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dhcpqec.dll
[2010/07/17 14:53:59 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\azroles.dll
[2010/07/17 14:53:59 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx4.dll
[2010/07/17 14:53:52 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\aaclient.dll
[2010/07/17 14:20:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\K. Nykol Brown\Application Data\Blackberry Desktop
[2010/07/17 14:17:27 | 000,272,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthport.sys
[2010/07/17 14:16:59 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srv.sys
[2010/07/17 14:16:33 | 000,455,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys
[2010/07/17 14:16:13 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aclayers.dll
[2010/07/17 14:14:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\K. Nykol Brown\Application Data\Research In Motion
[2010/07/17 14:12:22 | 000,203,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rmcast.sys
[2010/07/17 14:12:08 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe
[2010/07/17 14:11:55 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\t2embed.dll
[2010/07/17 14:11:55 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fontsub.dll
[2010/07/17 14:08:31 | 000,730,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lsasrv.dll
[2010/07/17 14:08:29 | 002,189,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe
[2010/07/17 14:08:29 | 002,146,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe
[2010/07/17 14:08:27 | 002,024,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe
[2010/07/17 14:06:01 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Roxio Shared
[2010/07/17 14:05:24 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Research In Motion
[2010/07/17 14:05:16 | 000,000,000 | ---D | C] -- C:\Program Files\Research In Motion
[2010/07/17 13:58:44 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netapi32.dll
[2010/07/17 13:58:07 | 000,000,000 | R-SD | C] -- C:\WINDOWS\assembly
[2010/07/17 13:55:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET
[2010/07/17 13:52:26 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cabview.dll
[2010/07/17 13:51:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2010/07/17 13:49:23 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 6.0
[2010/07/17 13:48:42 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
[2010/07/17 13:45:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\K. Nykol Brown\Local Settings\Application Data\Yahoo
[2010/07/17 13:43:25 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\K. Nykol Brown\IETldCache
[2010/07/17 13:41:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\K. Nykol Brown\Application Data\Macromedia
[2010/07/17 13:39:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\K. Nykol Brown\Local Settings\Application Data\Mozilla
[2010/07/17 13:39:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\K. Nykol Brown\Application Data\Mozilla
[2010/07/17 13:39:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2010/07/17 13:38:01 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2010/07/17 13:38:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US
[2010/07/17 13:35:59 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2010/07/17 13:34:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\K. Nykol Brown\Local Settings\Application Data\Yahoo!
[2010/07/17 13:33:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Yahoo!
[2010/07/17 13:31:37 | 000,000,000 | R--D | C] -- C:\Documents and Settings\K. Nykol Brown\My Documents\Program Tools
[2010/07/17 13:27:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2010/07/17 13:24:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\K. Nykol Brown\Application Data\Malwarebytes
[2010/07/17 13:24:53 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/07/17 13:24:52 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/07/17 13:24:51 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/07/17 13:24:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/07/17 13:24:25 | 000,000,000 | ---D | C] -- C:\Program Files\Uniblue
[2010/07/17 13:19:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Adobe
[2010/07/17 13:17:13 | 000,000,000 | R--D | C] -- C:\Documents and Settings\K. Nykol Brown\My Documents\Updater
[2010/07/17 13:16:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\K. Nykol Brown\Application Data\Adobe
[2010/07/17 13:15:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\K. Nykol Brown\Local Settings\Application Data\Adobe
[2010/07/17 13:09:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\Adobe PDF
[2010/07/17 13:07:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe Systems
[2010/07/17 13:07:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe Systems Shared
[2010/07/17 13:00:28 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Plus! Digital Media Edition
[2010/07/17 12:58:47 | 000,000,000 | ---D | C] -- C:\Program Files\LimeWire
[2010/07/17 12:57:18 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Videos
[2010/07/17 12:55:45 | 000,016,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2010/07/17 12:54:51 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Connect 2
[2010/07/17 12:52:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\UMDF
[2010/07/17 12:52:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles
[2010/07/17 12:52:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2010/07/17 12:51:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\K. Nykol Brown\Application Data\Apple Computer
[2010/07/17 12:51:20 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\WINDOWS\System32\GEARAspi.dll
[2010/07/17 12:50:36 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010/07/17 12:50:32 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2010/07/17 12:50:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[2010/07/17 12:50:11 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2010/07/17 12:49:08 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2010/07/17 12:49:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
[2010/07/17 12:48:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\K. Nykol Brown\Local Settings\Application Data\Apple
[2010/07/17 12:48:42 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2010/07/17 12:48:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
[2010/07/17 12:48:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2010/07/17 12:48:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple
[2010/07/17 12:47:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\K. Nykol Brown\Local Settings\Application Data\Apple Computer
[2010/07/17 12:42:14 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft ActiveSync
[2010/07/17 12:42:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2010/07/17 12:41:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\SHELLNEW
[2010/07/17 12:41:35 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2010/07/17 12:39:01 | 000,000,000 | ---D | C] -- C:\Program Files\Extensis
[2010/07/17 12:38:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2010/07/17 12:37:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2010/07/17 12:36:57 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2010/07/17 12:35:25 | 000,000,000 | ---D | C] -- C:\Program Files\PowerZip 7.0
[2010/07/17 12:34:14 | 000,000,000 | R--D | C] -- C:\Documents and Settings\K. Nykol Brown\My Documents\My Videos
[2010/07/17 12:34:14 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DivX Shared
[2010/07/17 12:34:14 | 000,000,000 | ---D | C] -- C:\Program Files\DivX
[2010/07/17 12:32:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
[2010/07/17 12:32:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\K. Nykol Brown\Application Data\Yahoo!
[2010/07/17 12:32:39 | 000,000,000 | ---D | C] -- C:\Program Files\Yahoo!
[2010/07/17 12:32:37 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010/07/17 12:28:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Zylom
[2010/07/17 12:25:51 | 000,000,000 | R--D | C] -- C:\Documents and Settings\K. Nykol Brown\My Documents\My Porn
[2010/07/17 12:23:38 | 000,000,000 | R--D | C] -- C:\Documents and Settings\K. Nykol Brown\Desktop\myBox o'Stuff
[2010/07/17 12:22:00 | 000,000,000 | R--D | C] -- C:\Documents and Settings\K. Nykol Brown\Desktop\myArt & Designs
[2010/07/17 12:21:37 | 000,000,000 | R--D | C] -- C:\Documents and Settings\K. Nykol Brown\Desktop\myPrograms
[2010/07/17 12:21:18 | 000,000,000 | R--D | C] -- C:\Documents and Settings\K. Nykol Brown\Desktop\Neux Muzik
[2010/07/17 12:16:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nero
[2010/07/17 12:15:42 | 000,106,496 | ---- | C] (Pegasus Software) -- C:\WINDOWS\System32\TwnLib20.dll
[2010/07/17 12:15:37 | 001,568,768 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\ImagX7.dll
[2010/07/17 12:15:37 | 000,476,320 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\ImagXpr7.dll
[2010/07/17 12:15:37 | 000,471,040 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\ImagXRA7.dll
[2010/07/17 12:15:37 | 000,262,144 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\ImagXR7.dll
[2010/07/17 12:15:35 | 000,155,648 | ---- | C] (Ahead Software Gmbh) -- C:\WINDOWS\System32\NeroCheck.exe
[2010/07/17 12:15:32 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Ahead
[2010/07/17 12:15:30 | 000,000,000 | ---D | C] -- C:\Program Files\Ahead
[2010/07/17 12:12:47 | 000,000,000 | ---D | C] -- C:\Program Files\CyberLink
[2010/07/17 11:59:09 | 000,000,000 | ---D | C] -- C:\Program Files\Peggle-Deluxe
[2010/07/17 11:45:24 | 000,000,000 | R--D | C] -- C:\Documents and Settings\K. Nykol Brown\My Documents\Special Fonts
[2010/07/17 11:45:16 | 000,000,000 | R--D | C] -- C:\Documents and Settings\K. Nykol Brown\My Documents\Extra Icons
[2010/07/17 11:44:03 | 000,000,000 | R--D | C] -- C:\Documents and Settings\K. Nykol Brown\My Documents\Downloads
[2010/07/17 11:43:39 | 000,000,000 | ---D | C] -- C:\Program Files\Nestopia
[2010/07/17 11:43:35 | 000,000,000 | ---D | C] -- C:\Program Files\Illustrate
[2010/07/17 11:43:33 | 000,000,000 | ---D | C] -- C:\Program Files\Audacity
[2010/07/17 11:43:32 | 000,000,000 | ---D | C] -- C:\Program Files\Pocket Tanks Deluxe
[2010/07/17 11:43:26 | 000,000,000 | ---D | C] -- C:\Program Files\On Hand Software
[2010/07/17 11:31:06 | 000,135,168 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxres.dll
[2010/07/17 11:27:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\K. Nykol Brown\Application Data\Sun
[2010/07/17 11:27:46 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2010/07/17 11:27:45 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010/07/17 11:27:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\K. Nykol Brown\Local Settings\Application Data\{7148F0A6-6813-11D6-A77B-00B0D0142030}
[2010/07/17 11:26:36 | 000,191,872 | ---- | C] (Synaptics, Inc.) -- C:\WINDOWS\System32\drivers\SynTP.sys
[2010/07/17 11:26:36 | 000,114,688 | ---- | C] (Synaptics, Inc.) -- C:\WINDOWS\System32\SynCtrl.dll
[2010/07/17 11:26:36 | 000,094,299 | ---- | C] (Synaptics, Inc.) -- C:\WINDOWS\System32\SynTPAPI.dll
[2010/07/17 11:26:36 | 000,082,014 | ---- | C] (Synaptics, Inc.) -- C:\WINDOWS\System32\SynCOM.dll
[2010/07/17 11:26:36 | 000,081,920 | ---- | C] (Synaptics, Inc.) -- C:\WINDOWS\System32\SynTPCo2.dll
[2010/07/17 11:26:36 | 000,069,723 | ---- | C] (Synaptics, Inc.) -- C:\WINDOWS\System32\SynTPFcs.dll
[2010/07/17 11:26:36 | 000,000,000 | ---D | C] -- C:\Program Files\Synaptics
[2010/07/17 11:25:56 | 000,000,000 | ---D | C] -- C:\Program Files\CONEXANT
[2010/07/17 11:25:31 | 001,035,008 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\drivers\HSF_DPV.sys
[2010/07/17 11:25:31 | 000,717,952 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\drivers\HSF_CNXT.sys
[2010/07/17 11:25:31 | 000,110,592 | ---- | C] (Conexant Systems, Inc) -- C:\WINDOWS\System32\uci100.dll
[2010/07/17 11:25:29 | 000,201,600 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\drivers\HSFHWAZL.sys
[2010/07/17 11:25:14 | 000,000,000 | ---D | C] -- C:\Program Files\Modem Helper
[2010/07/17 11:24:08 | 004,882,432 | ---- | C] (SigmaTel, Inc.) -- C:\WINDOWS\System32\stacgui.cpl
[2010/07/17 11:24:08 | 001,052,672 | ---- | C] (SigmaTel, Inc.) -- C:\WINDOWS\System32\stlang.dll
[2010/07/17 11:24:08 | 000,282,624 | ---- | C] (SigmaTel, Inc.) -- C:\WINDOWS\stsystra.exe
[2010/07/17 11:24:07 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksuser.dll
[2010/07/17 11:24:07 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksuser.dll
[2010/07/17 11:24:05 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksproxy.ax
[2010/07/17 11:24:05 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksproxy.ax
[2010/07/17 11:24:05 | 000,060,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmk.sys
[2010/07/17 11:24:04 | 000,112,128 | ---- | C] (SigmaTel, Inc.) -- C:\WINDOWS\System32\staco.dll
[2010/07/17 11:23:45 | 001,156,648 | ---- | C] (SigmaTel, Inc.) -- C:\WINDOWS\System32\drivers\sthda.sys
[2010/07/17 11:23:44 | 000,208,896 | ---- | C] (SigmaTel, Inc.) -- C:\WINDOWS\System32\stacapi.dll
[2010/07/17 11:23:44 | 000,000,000 | ---D | C] -- C:\Program Files\SigmaTel
[2010/07/17 11:23:13 | 000,307,200 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\BMAPI.dll
[2010/07/17 11:23:13 | 000,172,032 | ---- | C] (Dell Inc.) -- C:\WINDOWS\System32\NicConfigSvc.cpl
[2010/07/17 11:23:13 | 000,061,440 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\KPower.dll
[2010/07/17 11:22:51 | 000,016,128 | ---- | C] (Dell Inc) -- C:\WINDOWS\System32\drivers\APPDRV.SYS
[2010/07/17 11:21:44 | 000,053,248 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\oemdspif.dll
[2010/07/17 11:21:43 | 002,310,144 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\iglicd32.dll
[2010/07/17 11:21:43 | 000,524,288 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igldev32.dll
[2010/07/17 11:21:43 | 000,151,552 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrnld.lrc
[2010/07/17 11:21:43 | 000,151,552 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrita.lrc
[2010/07/17 11:21:43 | 000,147,456 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrhun.lrc
[2010/07/17 11:21:43 | 000,147,456 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrfra.lrc
[2010/07/17 11:21:43 | 000,143,360 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrrus.lrc
[2010/07/17 11:21:43 | 000,143,360 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrptg.lrc
[2010/07/17 11:21:43 | 000,143,360 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrptb.lrc
[2010/07/17 11:21:43 | 000,143,360 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrplk.lrc
[2010/07/17 11:21:43 | 000,139,264 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrtrk.lrc
[2010/07/17 11:21:43 | 000,139,264 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrsve.lrc
[2010/07/17 11:21:43 | 000,139,264 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrnor.lrc
[2010/07/17 11:21:43 | 000,139,264 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrfin.lrc
[2010/07/17 11:21:43 | 000,126,976 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrtha.lrc
[2010/07/17 11:21:43 | 000,122,880 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrheb.lrc
[2010/07/17 11:21:43 | 000,114,688 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxzoom.exe
[2010/07/17 11:21:43 | 000,098,304 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrkor.lrc
[2010/07/17 11:21:43 | 000,098,304 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrjpn.lrc
[2010/07/17 11:21:43 | 000,057,344 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxsrvc.dll
[2010/07/17 11:21:42 | 001,503,232 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxress.dll
[2010/07/17 11:21:42 | 000,901,242 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\ialmdd5.dll
[2010/07/17 11:21:42 | 000,446,464 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxcfg.exe
[2010/07/17 11:21:42 | 000,213,274 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\ialmdev5.dll
[2010/07/17 11:21:42 | 000,155,648 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrell.lrc
[2010/07/17 11:21:42 | 000,155,648 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrdeu.lrc
[2010/07/17 11:21:42 | 000,151,552 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxresp.lrc
[2010/07/17 11:21:42 | 000,147,456 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxpph.dll
[2010/07/17 11:21:42 | 000,139,264 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrdan.lrc
[2010/07/17 11:21:42 | 000,139,264 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrcsy.lrc
[2010/07/17 11:21:42 | 000,135,168 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrenu.lrc
[2010/07/17 11:21:42 | 000,135,168 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxdev.dll
[2010/07/17 11:21:42 | 000,122,880 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrara.lrc
[2010/07/17 11:21:42 | 000,118,395 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\ialmdnt5.dll
[2010/07/17 11:21:42 | 000,114,688 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmudlg.exe
[2010/07/17 11:21:42 | 000,094,208 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxext.exe
[2010/07/17 11:21:42 | 000,086,016 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxdo.dll
[2010/07/17 11:21:42 | 000,081,920 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrcht.lrc
[2010/07/17 11:21:42 | 000,081,920 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrchs.lrc
[2010/07/17 11:21:42 | 000,077,824 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxcpl.cpl
[2010/07/17 11:21:42 | 000,073,728 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\hccutils.dll
[2010/07/17 11:21:42 | 000,061,440 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\iAlmCoIn_v4410.dll
[2010/07/17 11:21:42 | 000,049,152 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\ialmrem.dll
[2010/07/17 11:21:42 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuTRK.dll
[2010/07/17 11:21:42 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuTHA.dll
[2010/07/17 11:21:42 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuSVE.dll
[2010/07/17 11:21:42 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuRUS.dll
[2010/07/17 11:21:42 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuPTG.dll
[2010/07/17 11:21:42 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuPTB.dll
[2010/07/17 11:21:42 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuPLK.dll
[2010/07/17 11:21:42 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuNOR.dll
[2010/07/17 11:21:42 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuNLD.dll
[2010/07/17 11:21:42 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuKOR.dll
[2010/07/17 11:21:42 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuJPN.dll
[2010/07/17 11:21:42 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuITA.dll
[2010/07/17 11:21:42 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuHUN.dll
[2010/07/17 11:21:42 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuHEB.dll
[2010/07/17 11:21:42 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuFRC.dll
[2010/07/17 11:21:42 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuFRA.dll
[2010/07/17 11:21:42 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuFIN.dll
[2010/07/17 11:21:42 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuESP.dll
[2010/07/17 11:21:42 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuENG.dll
[2010/07/17 11:21:42 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuELL.dll
[2010/07/17 11:21:42 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuDEU.dll
[2010/07/17 11:21:42 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuDAN.dll
[2010/07/17 11:21:42 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuCSY.dll
[2010/07/17 11:21:42 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuCHT.dll
[2010/07/17 11:21:42 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuCHS.dll
[2010/07/17 11:21:42 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuARB.dll
[2010/07/17 11:21:42 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuARA.dll
[2010/07/17 11:21:42 | 000,040,960 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxexps.dll
[2010/07/17 11:21:42 | 000,036,990 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\ialmrnt5.dll
[2010/07/17 11:21:10 | 000,667,648 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\BCMLogon.dll
[2010/07/17 11:21:10 | 000,424,320 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\drivers\BCMWL5.SYS
[2010/07/17 11:21:09 | 000,000,000 | ---D | C] -- C:\Program Files\Dell
[2010/07/17 11:21:03 | 000,253,952 | ---- | C] (Dell Inc.) -- C:\WINDOWS\System32\bcmwlu00.exe
[2010/07/17 11:21:03 | 000,069,632 | ---- | C] (CACE Technologies) -- C:\WINDOWS\System32\bcmwlpkt.dll
[2010/07/17 11:21:03 | 000,033,664 | ---- | C] (CACE Technologies) -- C:\WINDOWS\System32\drivers\BCMWLNPF.SYS
[2010/07/17 11:20:45 | 003,096,576 | ---- | C] (Dell Inc.) -- C:\WINDOWS\System32\BCMWLCPL.CPL
[2010/07/17 11:20:45 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ATL71.DLL
[2010/07/17 11:20:45 | 000,044,032 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\wltrynt.dll
[2010/07/17 11:20:44 | 002,129,920 | ---- | C] (BCGSoft Ltd) -- C:\WINDOWS\System32\WLBCGCBPRO731.DLL
[2010/07/17 11:20:44 | 001,060,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MFC71.DLL
[2010/07/17 11:20:44 | 000,499,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSVCP71.DLL
[2010/07/17 11:20:44 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSVCR71.DLL
[2010/07/17 11:20:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups
[2010/07/17 11:20:00 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2010/07/17 11:19:24 | 000,000,000 | ---D | C] -- C:\Program Files\Broadcom
[2010/07/17 11:14:39 | 000,000,000 | ---D | C] -- C:\Netgear
[2010/07/17 11:02:51 | 000,701,440 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtag.sys
[2010/07/17 11:02:51 | 000,327,040 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtaa.sys
[2010/07/17 11:02:51 | 000,104,960 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinrvxx.sys
[2010/07/17 11:02:51 | 000,063,663 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1rvxx.sys
[2010/07/17 11:02:51 | 000,057,856 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinbtxx.sys
[2010/07/17 11:02:51 | 000,056,623 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1btxx.sys
[2010/07/17 11:02:51 | 000,052,224 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinraxx.sys
[2010/07/17 11:02:51 | 000,043,008 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\System32\drivers\amdagp.sys
[2010/07/17 11:02:51 | 000,036,463 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1tuxx.sys
[2010/07/17 11:02:51 | 000,034,735 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xsxx.sys
[2010/07/17 11:02:51 | 000,030,671 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1raxx.sys
[2010/07/17 11:02:51 | 000,029,455 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xbxx.sys
[2010/07/17 11:02:51 | 000,028,672 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinsnxx.sys
[2010/07/17 11:02:51 | 000,026,367 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1snxx.sys
[2010/07/17 11:02:51 | 000,021,343 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1ttxx.sys
[2010/07/17 11:02:51 | 000,014,336 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinpdxx.sys
[2010/07/17 11:02:51 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinmdxx.sys
[2010/07/17 11:02:51 | 000,012,047 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1pdxx.sys
[2010/07/17 11:02:51 | 000,011,615 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1mdxx.sys
[2010/07/17 11:02:51 | 000,004,255 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv01nt5.dll
[2010/07/17 11:02:51 | 000,003,967 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv02nt5.dll
[2010/07/17 11:02:51 | 000,003,775 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv11nt5.dll
[2010/07/17 11:02:51 | 000,003,711 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv09nt5.dll
[2010/07/17 11:02:51 | 000,003,647 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv07nt5.dll
[2010/07/17 11:02:51 | 000,003,615 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv05nt5.dll
[2010/07/17 11:02:51 | 000,003,135 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv08nt5.dll
[2010/07/17 11:02:50 | 000,126,686 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlmnt5.sys
[2010/07/17 11:02:50 | 000,073,216 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atintuxx.sys
[2010/07/17 11:02:50 | 000,063,488 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxsxx.sys
[2010/07/17 11:02:50 | 000,036,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthprint.sys
[2010/07/17 11:02:50 | 000,031,744 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxbxx.sys
[2010/07/17 11:02:50 | 000,025,471 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\atv04nt5.dll
[2010/07/17 11:02:50 | 000,021,183 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\atv01nt5.dll
[2010/07/17 11:02:50 | 000,017,279 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\atv10nt5.dll
[2010/07/17 11:02:50 | 000,015,423 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\ch7xxnt5.dll
[2010/07/17 11:02:50 | 000,014,143 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\atv06nt5.dll
[2010/07/17 11:02:50 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinttxx.sys
[2010/07/17 11:02:50 | 000,011,359 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\atv02nt5.dll
[2010/07/17 11:02:49 | 001,897,408 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\drivers\nv4_mini.sys
[2010/07/17 11:02:49 | 001,309,184 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlstrm.sys
[2010/07/17 11:02:49 | 000,452,736 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\drivers\mtxparhm.sys
[2010/07/17 11:02:49 | 000,180,360 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\ntmtlfax.sys
[2010/07/17 11:02:49 | 000,166,912 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\drivers\s3gnbm.sys
[2010/07/17 11:02:49 | 000,129,535 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnt7554.sys
[2010/07/17 11:02:49 | 000,040,960 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\drivers\sisagp.sys
[2010/07/17 11:02:49 | 000,030,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rndismpx.sys
[2010/07/17 11:02:49 | 000,013,776 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\recagent.sys
[2010/07/17 11:02:49 | 000,012,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mutohpen.sys
[2010/07/17 11:02:49 | 000,003,901 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\siint5.dll
[2010/07/17 11:02:48 | 001,888,992 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ati3duag.dll
[2010/07/17 11:02:48 | 000,870,784 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ati3d1ag.dll
[2010/07/17 11:02:48 | 000,516,768 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ativvaxx.dll
[2010/07/17 11:02:48 | 000,404,990 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slntamr.sys
[2010/07/17 11:02:48 | 000,377,984 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2dvaa.dll
[2010/07/17 11:02:48 | 000,229,376 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2cqag.dll
[2010/07/17 11:02:48 | 000,201,728 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2dvag.dll
[2010/07/17 11:02:48 | 000,095,424 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnthal.sys
[2010/07/17 11:02:48 | 000,032,768 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativtmxx.dll
[2010/07/17 11:02:48 | 000,032,285 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\hsfcisp2.dll
[2010/07/17 11:02:48 | 000,025,471 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\watv10nt.sys
[2010/07/17 11:02:48 | 000,023,040 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativmvxx.ax
[2010/07/17 11:02:48 | 000,022,271 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\watv06nt.sys
[2010/07/17 11:02:48 | 000,013,240 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slwdmsup.sys
[2010/07/17 11:02:48 | 000,011,935 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\wadv11nt.sys
[2010/07/17 11:02:48 | 000,011,871 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\wadv09nt.sys
[2010/07/17 11:02:48 | 000,011,807 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\wadv07nt.sys
[2010/07/17 11:02:48 | 000,011,325 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\vchnt5.dll
[2010/07/17 11:02:48 | 000,011,295 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\wadv08nt.sys
[2010/07/17 11:02:48 | 000,009,728 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativdaxx.ax
[2010/07/17 11:02:48 | 000,005,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\smbali.sys
[2010/07/17 11:02:47 | 004,274,816 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nv4_disp.dll
[2010/07/17 11:02:47 | 001,737,856 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\mtxparhd.dll
[2010/07/17 11:02:47 | 000,397,056 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\s3gnb.dll
[2010/07/17 11:02:47 | 000,286,792 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slextspk.dll
[2010/07/17 11:02:47 | 000,188,508 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slgen.dll
[2010/07/17 11:02:47 | 000,086,016 | ---- | C] (Conexant) -- C:\WINDOWS\System32\mdmxsdk.dll
[2010/07/17 11:02:47 | 000,073,832 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slcoinst.dll
[2010/07/17 11:02:47 | 000,073,796 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slserv.exe
[2010/07/17 11:02:47 | 000,032,866 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slrundll.exe
[2010/07/17 11:02:47 | 000,032,866 | ---- | C] (Smart Link) -- C:\WINDOWS\slrundll.exe
[2010/07/17 11:02:47 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vidcap.ax
[2010/07/17 11:02:47 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vidcap.ax
[2010/07/17 11:00:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2010/07/17 11:00:09 | 000,026,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spupdsvc.exe
[2010/07/17 11:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\EHome
[2010/07/17 10:50:46 | 000,446,464 | R--- | C] (Blue Sky Software Corporation.) -- C:\WINDOWS\System32\hhactivex.dll
[2010/07/17 10:50:46 | 000,176,128 | ---- | C] (Dell Computer Corporation) -- C:\WINDOWS\System32\RcdScan.dll
[2010/07/17 10:50:45 | 000,645,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSCOMCT2.OCX
[2010/07/17 10:50:45 | 000,414,944 | ---- | C] (Microsoft Corporation ) -- C:\WINDOWS\System32\COMCT332.OCX
[2010/07/17 10:50:45 | 000,328,480 | ---- | C] (Sheridan Software Systems, Inc.) -- C:\WINDOWS\System32\ssa3d30.ocx
[2010/07/17 10:50:44 | 000,089,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\VB5DB.DLL
[2010/07/17 10:50:43 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2010/07/17 10:50:42 | 000,013,632 | ---- | C] (Dell Computer Corporation) -- C:\WINDOWS\System32\drivers\omci.sys
[2010/07/17 10:50:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2010/07/17 10:47:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\K. Nykol Brown\Application Data\Identities
[2010/07/17 10:47:48 | 000,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
[2010/07/17 10:47:45 | 000,000,000 | R--D | C] -- C:\Documents and Settings\K. Nykol Brown\My Documents\My Pictures
[2010/07/17 10:47:45 | 000,000,000 | R--D | C] -- C:\Documents and Settings\K. Nykol Brown\My Documents\My Music
[2010/07/17 10:47:41 | 000,000,000 | --SD | C] -- C:\Documents and Settings\K. Nykol Brown\Application Data\Microsoft
[2010/07/17 10:47:41 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\K. Nykol Brown\SendTo
[2010/07/17 10:47:41 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\K. Nykol Brown\Application Data
[2010/07/17 10:47:41 | 000,000,000 | R--D | C] -- C:\Documents and Settings\K. Nykol Brown\Start Menu
[2010/07/17 10:47:41 | 000,000,000 | R--D | C] -- C:\Documents and Settings\K. Nykol Brown\My Documents
[2010/07/17 10:47:41 | 000,000,000 | R--D | C] -- C:\Documents and Settings\K. Nykol Brown\Favorites
[2010/07/17 10:47:41 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\K. Nykol Brown\Cookies
[2010/07/17 10:47:41 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\K. Nykol Brown\Templates
[2010/07/17 10:47:41 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\K. Nykol Brown\PrintHood
[2010/07/17 10:47:41 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\K. Nykol Brown\NetHood
[2010/07/17 10:47:41 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\K. Nykol Brown\Local Settings
[2010/07/17 10:47:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\K. Nykol Brown\Local Settings\Application Data\Microsoft
[2010/07/17 10:47:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\K. Nykol Brown\Desktop
[2010/07/17 10:46:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2010/07/17 10:46:52 | 000,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft
[2010/07/17 10:46:48 | 000,000,000 | --SD | C] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2010/07/17 10:46:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2010/07/17 10:27:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2010/07/17 10:27:51 | 000,000,000 | --SD | C] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2010/07/17 10:26:55 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winzm.ime
[2010/07/17 10:26:55 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winsp.ime
[2010/07/17 10:26:55 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winpy.ime
[2010/07/17 10:26:54 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wingb.ime
[2010/07/17 10:26:54 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winime.ime
[2010/07/17 10:26:53 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winar30.ime
[2010/07/17 10:26:53 | 000,041,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.dll
[2010/07/17 10:26:53 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.sys
[2010/07/17 10:26:51 | 000,086,073 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicesub.dll
[2010/07/17 10:26:51 | 000,048,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32.dll
[2010/07/17 10:26:50 | 000,426,041 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicepad.dll
[2010/07/17 10:26:49 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniime.dll
[2010/07/17 10:26:49 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unicdime.ime
[2010/07/17 10:26:48 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe
[2010/07/17 10:26:47 | 000,571,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlgnt.ime
[2010/07/17 10:26:47 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintsetp.exe
[2010/07/17 10:26:47 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlphr.exe
[2010/07/17 10:26:47 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmigrate.dll
[2010/07/17 10:26:46 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\thawbrkr.dll
[2010/07/17 10:26:46 | 000,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdipx.sys
[2010/07/17 10:26:46 | 000,019,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdspx.sys
[2010/07/17 10:26:46 | 000,013,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdasync.sys
[2010/07/17 10:26:44 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusbusd.dll
[2010/07/17 10:26:42 | 000,143,422 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\softkey.dll
[2010/07/17 10:26:41 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpstup.dll
[2010/07/17 10:26:41 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll
[2010/07/17 10:26:40 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll
[2010/07/17 10:26:39 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm9aw.dll
[2010/07/17 10:26:39 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb6w.dll
[2010/07/17 10:26:39 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma3w.dll
[2010/07/17 10:26:39 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm93w.dll
[2010/07/17 10:26:39 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm92w.dll
[2010/07/17 10:26:39 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsm.dll
[2010/07/17 10:26:39 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smimsgif.dll
[2010/07/17 10:26:39 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsy.dll
[2010/07/17 10:26:38 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm87w.dll
[2010/07/17 10:26:38 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm81w.dll
[2010/07/17 10:26:38 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8cw.dll
[2010/07/17 10:26:38 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm90w.dll
[2010/07/17 10:26:38 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8dw.dll
[2010/07/17 10:26:38 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8aw.dll
[2010/07/17 10:26:38 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm89w.dll
[2010/07/17 10:26:38 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm59w.dll
[2010/07/17 10:26:37 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\simptcp.dll
[2010/07/17 10:26:34 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_scripto.dll
[2010/07/17 10:26:34 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seos.dll
[2010/07/17 10:26:33 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2010/07/17 10:26:33 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2010/07/17 10:26:32 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\romanime.ime
[2010/07/17 10:26:31 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe
[2010/07/17 10:26:31 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe
[2010/07/17 10:26:29 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quick.ime
[2010/07/17 10:26:29 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quser.exe
[2010/07/17 10:26:29 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe
[2010/07/17 10:26:27 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxviceo.dll
[2010/07/17 10:26:27 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmigrate.dll
[2010/07/17 10:26:27 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxmcro.dll
[2010/07/17 10:26:27 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxgl.dll
[2010/07/17 10:26:26 | 000,482,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlgnt.ime
[2010/07/17 10:26:26 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlphr.exe
[2010/07/17 10:26:26 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlcsd.dll
[2010/07/17 10:26:25 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phon.ime
[2010/07/17 10:26:25 | 000,036,927 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs411.dll
[2010/07/17 10:26:25 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs404.dll
[2010/07/17 10:26:25 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs804.dll
[2010/07/17 10:26:25 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs412.dll
[2010/07/17 10:26:23 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll
[2010/07/17 10:26:20 | 000,229,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\multibox.dll
[2010/07/17 10:26:15 | 001,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.lex
[2010/07/17 10:26:15 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.dll
[2010/07/17 10:26:09 | 000,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.sys
[2010/07/17 10:26:09 | 000,092,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.dll
[2010/07/17 10:26:08 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll
[2010/07/17 10:26:05 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\korwbrkr.dll
[2010/07/17 10:26:05 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth3.dll
[2010/07/17 10:26:05 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdvntc.dll
[2010/07/17 10:26:05 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdusa.dll
[2010/07/17 10:26:05 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdurdu.dll
[2010/07/17 10:26:04 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecat.dll
[2010/07/17 10:26:04 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecnt.dll
[2010/07/17 10:26:04 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnec95.dll
[2010/07/17 10:26:04 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth2.dll
[2010/07/17 10:26:04 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth1.dll
[2010/07/17 10:26:04 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth0.dll
[2010/07/17 10:26:04 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr2.dll
[2010/07/17 10:26:04 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr1.dll
[2010/07/17 10:26:03 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinpun.dll
[2010/07/17 10:26:03 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintel.dll
[2010/07/17 10:26:03 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintam.dll
[2010/07/17 10:26:03 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinmar.dll
[2010/07/17 10:26:03 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinkan.dll
[2010/07/17 10:26:03 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinhin.dll
[2010/07/17 10:26:03 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinguj.dll
[2010/07/17 10:26:03 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdindev.dll
[2010/07/17 10:26:03 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdheb.dll
[2010/07/17 10:26:02 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdfa.dll
[2010/07/17 10:26:02 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv2.dll
[2010/07/17 10:26:02 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv1.dll
[2010/07/17 10:26:02 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgeo.dll
[2010/07/17 10:26:02 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarmw.dll
[2010/07/17 10:26:02 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarme.dll
[2010/07/17 10:26:01 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jupiw.dll
[2010/07/17 10:26:01 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101a.dll
[2010/07/17 10:26:01 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda3.dll
[2010/07/17 10:26:01 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda2.dll
[2010/07/17 10:26:01 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda1.dll
[2010/07/17 10:25:59 | 000,471,102 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskdic.dll
[2010/07/17 10:25:59 | 000,315,455 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskf.dll
[2010/07/17 10:25:58 | 000,274,489 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputyc.dll
[2010/07/17 10:25:58 | 000,262,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputy.exe
[2010/07/17 10:25:58 | 000,233,527 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjprw.exe
[2010/07/17 10:25:58 | 000,208,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpmig.exe
[2010/07/17 10:25:58 | 000,102,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imlang.dll
[2010/07/17 10:25:58 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imkrinst.exe
[2010/07/17 10:25:58 | 000,045,109 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpuex.exe
[2010/07/17 10:25:57 | 000,716,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcus.dll
[2010/07/17 10:25:57 | 000,307,257 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.exe
[2010/07/17 10:25:57 | 000,155,705 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdsvr.exe
[2010/07/17 10:25:57 | 000,081,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.dll
[2010/07/17 10:25:57 | 000,057,398 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdadm.exe
[2010/07/17 10:25:56 | 000,811,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81k.dll
[2010/07/17 10:25:56 | 000,368,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcic.dll
[2010/07/17 10:25:56 | 000,340,023 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81.ime
[2010/07/17 10:25:56 | 000,311,359 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsv.exe
[2010/07/17 10:25:55 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrcic.dll
[2010/07/17 10:25:55 | 000,102,463 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsm.dll
[2010/07/17 10:25:55 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekr61.ime
[2010/07/17 10:25:55 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmbx.dll
[2010/07/17 10:25:55 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmig.exe
[2010/07/17 10:25:49 | 010,129,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxkor.dll
[2010/07/17 10:25:37 | 010,096,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxcht.dll
[2010/07/17 10:25:36 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hanjadic.dll
[2010/07/17 10:25:34 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsroute.dll
[2010/07/17 10:25:34 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssend.exe
[2010/07/17 10:25:32 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclntr.dll
[2010/07/17 10:25:32 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscfgwz.dll
[2010/07/17 10:25:32 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftlx041e.dll
[2010/07/17 10:25:31 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe
[2010/07/17 10:25:30 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll
[2010/07/17 10:25:29 | 000,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll
[2010/07/17 10:25:29 | 000,045,056 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll
[2010/07/17 10:25:29 | 000,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll
[2010/07/17 10:25:29 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\et4000.sys
[2010/07/17 10:25:28 | 000,514,587 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\edb500.dll
[2010/07/17 10:25:24 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dayi.ime
[2010/07/17 10:25:22 | 000,057,399 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cplexe.exe
[2010/07/17 10:25:22 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cprofile.exe
[2010/07/17 10:25:20 | 000,480,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintsetp.exe
[2010/07/17 10:25:20 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintlgnt.ime
[2010/07/17 10:25:19 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintime.dll
[2010/07/17 10:25:19 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtmbx.dll
[2010/07/17 10:25:19 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtskdic.dll
[2010/07/17 10:25:18 | 001,677,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chsbrkr.dll
[2010/07/17 10:25:18 | 000,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtbrkr.dll
[2010/07/17 10:25:17 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chajei.ime
[2010/07/17 10:25:17 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgport.exe
[2010/07/17 10:25:17 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgusr.exe
[2010/07/17 10:25:17 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chglogon.exe
[2010/07/17 10:25:17 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\change.exe
[2010/07/17 10:25:16 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2010/07/17 10:25:15 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_iscii.dll
[2010/07/17 10:25:15 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_is2022.dll
[2010/07/17 10:25:06 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll
[2010/07/17 10:25:05 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll
[2010/07/17 10:24:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom
[2010/07/17 10:24:50 | 000,000,000 | ---D | C] -- C:\Program Files\xerox
[2010/07/17 10:24:50 | 000,000,000 | ---D | C] -- C:\Program Files\microsoft frontpage
[2010/07/17 10:24:47 | 000,000,000 | ---D | C] -- C:\DELL
[2010/07/17 10:24:35 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$
[2010/07/17 10:24:33 | 000,689,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsp3res.dll
[2010/07/17 10:23:57 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mapi32.dll
[2010/07/17 10:23:10 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\DRM
[2010/07/17 10:22:58 | 000,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files
[2010/07/17 10:22:58 | 000,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages
[2010/07/17 10:22:45 | 000,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate
[2010/07/17 10:22:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX
[2010/07/17 10:22:01 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helphost.exe
[2010/07/17 10:22:01 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\notiflag.exe
[2010/07/17 10:22:01 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\brpinfo.dll
[2010/07/17 10:22:01 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atrace.dll
[2010/07/17 10:22:01 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\atrace.dll
[2010/07/17 10:22:01 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hcappres.dll
[2010/07/17 10:21:52 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srdiag.exe
[2010/07/17 10:21:51 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wb32.exe
[2010/07/17 10:21:51 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmevtmsg.dll
[2010/07/17 10:21:51 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmevtmsg.dll
[2010/07/17 10:21:50 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\acctres.dll
[2010/07/17 10:21:50 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\acctres.dll
[2010/07/17 10:21:50 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msinfo32.exe
[2010/07/17 10:21:50 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cb32.exe
[2010/07/17 10:21:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Services
[2010/07/17 10:21:47 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwtutor.exe
[2010/07/17 10:21:47 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwres.dll
[2010/07/17 10:21:47 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trialoc.dll
[2010/07/17 10:21:47 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isignup.exe
[2010/07/17 10:21:47 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icfgnt5.dll
[2010/07/17 10:21:47 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icfgnt5.dll
[2010/07/17 10:21:47 | 000,000,000 | --SD | C] -- C:\WINDOWS\Tasks
[2010/07/17 10:21:46 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssoap1.dll
[2010/07/17 10:21:46 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieinfo5.ocx
[2010/07/17 10:21:46 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wisc10.dll
[2010/07/17 10:21:46 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssoapr.dll
[2010/07/17 10:21:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap
[2010/07/17 10:21:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\srchasst
[2010/07/17 10:21:41 | 000,759,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\VGX.dll
[2010/07/17 10:21:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed
[2010/07/17 10:21:40 | 001,669,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setup_wm.exe
[2010/07/17 10:21:40 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpvis.dll
[2010/07/17 10:21:40 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpband.dll
[2010/07/17 10:21:39 | 000,786,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migrate.exe
[2010/07/17 10:21:39 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npdrmv2.dll
[2010/07/17 10:21:39 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpns.dll
[2010/07/17 10:21:39 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmplayer.exe
[2010/07/17 10:21:39 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\custsat.dll
[2010/07/17 10:21:38 | 000,364,544 | ---- | C] (Microsoft Corporation (written by Digital Renaissance Inc.)) -- C:\WINDOWS\System32\dllcache\npdsplay.dll
[2010/07/17 10:21:38 | 000,327,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll
[2010/07/17 10:21:38 | 000,327,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wucltui.dll
[2010/07/17 10:21:38 | 000,209,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuweb.dll
[2010/07/17 10:21:38 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npwmsdrm.dll
[2010/07/17 10:21:38 | 000,004,639 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplayer2.exe
[2010/07/17 10:21:37 | 001,929,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaueng.dll
[2010/07/17 10:21:37 | 000,575,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll
[2010/07/17 10:21:37 | 000,575,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuapi.dll
[2010/07/17 10:21:37 | 000,217,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaucpl.cpl
[2010/07/17 10:21:37 | 000,183,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng1.dll
[2010/07/17 10:21:37 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauclt1.exe
[2010/07/17 10:21:37 | 000,053,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauclt.exe
[2010/07/17 10:21:37 | 000,035,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wups.dll
[2010/07/17 10:21:37 | 000,035,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wups.dll
[2010/07/17 10:21:36 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qmgrprxy.dll
[2010/07/17 10:21:36 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx2.dll
[2010/07/17 10:21:36 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx3.dll
[2010/07/17 10:21:31 | 003,558,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\moviemk.exe
[2010/07/17 10:21:31 | 000,000,000 | ---D | C] -- C:\Program Files\Movie Maker
[2010/07/17 10:21:28 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrslv.dll
[2010/07/17 10:21:28 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrdm.dll
[2010/07/17 10:21:27 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrcdlg.dll
[2010/07/17 10:21:27 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\racpldlg.dll
[2010/07/17 10:21:24 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fltmc.exe
[2010/07/17 10:21:23 | 000,239,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srrstr.dll
[2010/07/17 10:21:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore
[2010/07/17 10:21:22 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ils.dll
[2010/07/17 10:21:22 | 000,034,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mnmdd.dll
[2010/07/17 10:21:22 | 000,032,768 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\isrdbg32.dll
[2010/07/17 10:21:22 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmmkcert.dll
[2010/07/17 10:21:21 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msconf.dll
[2010/07/17 10:21:19 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoert2.dll
[2010/07/17 10:21:19 | 000,000,000 | ---D | C] -- C:\Program Files\NetMeeting
[2010/07/17 10:21:18 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoeacct.dll
[2010/07/17 10:21:17 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetres.dll
[2010/07/17 10:21:15 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstinit.exe
[2010/07/17 10:21:15 | 000,000,000 | ---D | C] -- C:\Program Files\Outlook Express
[2010/07/17 10:21:14 | 000,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcfg.dll
[2010/07/17 10:21:14 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\isign32.dll
[2010/07/17 10:21:14 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwdial.dll
[2010/07/17 10:21:14 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwphbk.dll
[2010/07/17 10:21:08 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadce.dll
[2010/07/17 10:21:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\System
[2010/07/17 10:21:06 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hmmapi.dll
[2010/07/17 10:21:05 | 000,638,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iexplore.exe
[2010/07/17 10:21:03 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Explorer
[2010/07/17 10:21:02 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Pictures
[2010/07/17 10:20:48 | 000,000,000 | ---D | C] -- C:\Program Files\ComPlus Applications
[2010/07/17 10:20:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\Registration
[2010/07/17 10:20:07 | 000,000,000 | R--D | C] -- C:\Documents and Settings\K. Nykol Brown\Desktop\System Tools
[2010/07/17 10:20:07 | 000,000,000 | R--D | C] -- C:\Documents and Settings\K. Nykol Brown\Desktop\Games
[2010/07/17 10:20:07 | 000,000,000 | ---D | C] -- C:\Program Files\Online Services
[2010/07/17 10:20:06 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Music
[2010/07/17 10:20:06 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Player
[2010/07/17 10:20:01 | 000,042,577 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgzm.exe
[2010/07/17 10:20:01 | 000,000,000 | ---D | C] -- C:\Program Files\Messenger
[2010/07/17 10:20:00 | 001,817,687 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgres.dll
[2010/07/17 10:20:00 | 000,753,236 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvseres.dll
[2010/07/17 10:20:00 | 000,082,501 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckg.dll
[2010/07/17 10:20:00 | 000,048,706 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvse.dll
[2010/07/17 10:20:00 | 000,042,574 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvsezm.exe
[2010/07/17 10:19:59 | 002,178,131 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlres.dll
[2010/07/17 10:19:59 | 001,175,635 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzres.dll
[2010/07/17 10:19:59 | 000,780,885 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrres.dll
[2010/07/17 10:19:59 | 000,066,113 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvl.dll
[2010/07/17 10:19:59 | 000,057,409 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtz.dll
[2010/07/17 10:19:59 | 000,042,575 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrzm.exe
[2010/07/17 10:19:59 | 000,042,573 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlzm.exe
[2010/07/17 10:19:59 | 000,042,573 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzzm.exe
[2010/07/17 10:19:59 | 000,040,515 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkr.dll
[2010/07/17 10:19:59 | 000,004,677 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zeeverm.dll
[2010/07/17 10:19:58 | 001,039,955 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnresm.dll
[2010/07/17 10:19:58 | 000,113,222 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zoneclim.dll
[2010/07/17 10:19:58 | 000,041,029 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zcorem.dll
[2010/07/17 10:19:58 | 000,032,339 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniansi.dll
[2010/07/17 10:19:58 | 000,013,894 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zonelibm.dll
[2010/07/17 10:19:57 | 000,217,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnclim.dll
[2010/07/17 10:19:57 | 000,036,937 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zclientm.exe
[2010/07/17 10:19:57 | 000,029,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\znetm.dll
[2010/07/17 10:19:57 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\write.exe
[2010/07/17 10:19:57 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\write.exe
[2010/07/17 10:19:57 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Gaming Zone
[2010/07/17 10:19:49 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndvol32.exe
[2010/07/17 10:19:49 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndvol32.exe
[2010/07/17 10:19:48 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avtapi.dll
[2010/07/17 10:19:48 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avtapi.dll
[2010/07/17 10:19:48 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avwav.dll
[2010/07/17 10:19:48 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avwav.dll
[2010/07/17 10:19:48 | 000,044,544 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\hticons.dll
[2010/07/17 10:19:48 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avmeter.dll
[2010/07/17 10:19:48 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avmeter.dll
[2010/07/17 10:19:48 | 000,013,312 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\dllcache\htrn_jis.dll
[2010/07/17 10:19:47 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winchat.exe
[2010/07/17 10:19:47 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winchat.exe
[2010/07/17 10:19:41 | 000,605,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\getuname.dll
[2010/07/17 10:19:41 | 000,605,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\getuname.dll
[2010/07/17 10:19:41 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\calc.exe
[2010/07/17 10:19:41 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\calc.exe
[2010/07/17 10:19:41 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\charmap.exe
[2010/07/17 10:19:41 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\charmap.exe
[2010/07/17 10:19:40 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mshearts.exe
[2010/07/17 10:19:40 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshearts.exe
[2010/07/17 10:19:40 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winmine.exe
[2010/07/17 10:19:40 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmine.exe
[2010/07/17 10:19:40 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sol.exe
[2010/07/17 10:19:40 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sol.exe
[2010/07/17 10:19:40 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\freecell.exe
[2010/07/17 10:19:40 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\freecell.exe
[2010/07/17 10:19:40 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\reset.exe
[2010/07/17 10:19:40 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\reset.exe
[2010/07/17 10:19:39 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\regini.exe
[2010/07/17 10:19:39 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\regini.exe
[2010/07/17 10:19:39 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qwinsta.exe
[2010/07/17 10:19:39 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qwinsta.exe
[2010/07/17 10:19:39 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msg.exe
[2010/07/17 10:19:39 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msg.exe
[2010/07/17 10:19:39 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsshutdn.exe
[2010/07/17 10:19:39 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsshutdn.exe
[2010/07/17 10:19:39 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qappsrv.exe
[2010/07/17 10:19:39 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qappsrv.exe
[2010/07/17 10:19:39 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tskill.exe
[2010/07/17 10:19:39 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tskill.exe
[2010/07/17 10:19:39 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rwinsta.exe
[2010/07/17 10:19:39 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rwinsta.exe
[2010/07/17 10:19:39 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\logoff.exe
[2010/07/17 10:19:39 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logoff.exe
[2010/07/17 10:19:39 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsdiscon.exe
[2010/07/17 10:19:39 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsdiscon.exe
[2010/07/17 10:19:39 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscon.exe
[2010/07/17 10:19:39 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscon.exe
[2010/07/17 10:19:39 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\shadow.exe
[2010/07/17 10:19:39 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shadow.exe
[2010/07/17 10:19:39 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpcfgex.dll
[2010/07/17 10:19:39 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpcfgex.dll
[2010/07/17 10:19:38 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxlegih.dll
[2010/07/17 10:19:38 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtsadmin.tlb
[2010/07/17 10:19:38 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cdmodem.dll
[2010/07/17 10:19:38 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cdmodem.dll
[2010/07/17 10:19:38 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dcomcnfg.exe
[2010/07/17 10:19:37 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsnap.dll
[2010/07/17 10:19:37 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comrepl.dll
[2010/07/17 10:19:37 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\stclient.dll
[2010/07/17 10:19:37 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmi2xml.dll
[2010/07/17 10:19:37 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxdm.dll
[2010/07/17 10:19:37 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comaddin.dll
[2010/07/17 10:19:37 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxex.dll
[2010/07/17 10:19:34 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipicmp.dll
[2010/07/17 10:19:34 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmimsg.dll
[2010/07/17 10:19:34 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemdisp.tlb
[2010/07/17 10:19:34 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmitimep.dll
[2010/07/17 10:19:34 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.tlb
[2010/07/17 10:19:34 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmtr.dll
[2010/07/17 10:19:34 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmt.exe
[2010/07/17 10:19:34 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.dll
[2010/07/17 10:19:33 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msiprov.dll
[2010/07/17 10:19:33 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsprov.dll
[2010/07/17 10:19:33 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\updprov.dll
[2010/07/17 10:19:33 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmplprov.dll
[2010/07/17 10:19:33 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trnsprov.dll
[2010/07/17 10:19:33 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fwdprov.dll
[2010/07/17 10:19:33 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpcons.dll
[2010/07/17 10:19:33 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unsecapp.exe
[2010/07/17 10:19:18 | 000,000,000 | ---D | C] -- C:\Program Files\MSN
[2010/07/17 10:19:17 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\accwiz.exe
[2010/07/17 10:19:17 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndrec32.exe
[2010/07/17 10:19:17 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\access.cpl
[2010/07/17 10:19:16 | 000,347,136 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\hypertrm.dll
[2010/07/17 10:19:16 | 000,343,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mspaint.exe
[2010/07/17 10:19:16 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mplay32.exe
[2010/07/17 10:19:16 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplay32.exe
[2010/07/17 10:19:16 | 000,000,000 | ---D | C] -- C:\Program Files\Windows NT
[2010/07/17 10:19:15 | 000,538,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spider.exe
[2010/07/17 10:19:15 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clipbrd.exe
[2010/07/17 10:19:14 | 002,066,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstscax.dll
[2010/07/17 10:19:14 | 000,407,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstsc.exe
[2010/07/17 10:19:14 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscfgwmi.dll
[2010/07/17 10:19:14 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdshost.exe
[2010/07/17 10:19:14 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdsaddin.exe
[2010/07/17 10:19:13 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdchost.dll
[2010/07/17 10:19:13 | 000,087,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpwsx.dll
[2010/07/17 10:19:13 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpclip.exe
[2010/07/17 10:19:13 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscupgrd.exe
[2010/07/17 10:19:13 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscupgrd.exe
[2010/07/17 10:19:13 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cfgbkend.dll
[2010/07/17 10:19:13 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpsnd.dll
[2010/07/17 10:19:13 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qprocess.exe
[2010/07/17 10:19:13 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icaapi.dll
[2010/07/17 10:19:12 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtctm.dll
[2010/07/17 10:19:12 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcprx.dll
[2010/07/17 10:19:12 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcuiu.dll
[2010/07/17 10:19:12 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxoci.dll
[2010/07/17 10:19:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc
[2010/07/17 10:19:11 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtclog.dll
[2010/07/17 10:19:11 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xolehlp.dll
[2010/07/17 10:19:10 | 000,625,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvut.dll
[2010/07/17 10:19:10 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrv.dll
[2010/07/17 10:19:10 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clbcatex.dll
[2010/07/17 10:19:10 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvps.dll
[2010/07/17 10:19:10 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\colbact.dll
[2010/07/17 10:19:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Com
[2010/07/17 10:19:09 | 001,267,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsvcs.dll
[2010/07/17 10:19:09 | 000,539,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comuid.dll
[2010/07/17 10:19:03 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmprops.dll
[2010/07/17 10:19:03 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\licwmi.dll
[2010/07/17 10:19:03 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\servdeps.dll
[2010/07/17 10:19:03 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmfutil.dll
[2010/07/17 05:10:32 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\usbui.dll
[2010/07/17 05:10:18 | 000,014,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\battc.sys
[2010/07/17 05:09:19 | 000,000,000 | -HSD | C] -- C:\WINDOWS\Installer
[2010/07/17 05:09:18 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC
[2010/07/17 05:09:17 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spcommon.dll
[2010/07/17 05:09:17 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spcplui.dll
[2010/07/17 05:09:15 | 000,774,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spttseng.dll
[2010/07/17 05:09:14 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapisvr.exe
[2010/07/17 05:09:14 | 000,000,000 | R--D | C] -- C:\Program Files
[2010/07/17 05:09:14 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeechEngines
[2010/07/17 05:09:14 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Shared
[2010/07/17 05:09:14 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files
[2010/07/17 05:09:11 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuq.dll
[2010/07/17 05:09:11 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuf.dll
[2010/07/17 05:09:11 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtuq.dll
[2010/07/17 05:09:11 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtuf.dll
[2010/07/17 05:09:11 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdazel.dll
[2010/07/17 05:09:11 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdazel.dll
[2010/07/17 05:09:09 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycc.dll
[2010/07/17 05:09:09 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbduzb.dll
[2010/07/17 05:09:09 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdur.dll
[2010/07/17 05:09:09 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtat.dll
[2010/07/17 05:09:09 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru1.dll
[2010/07/17 05:09:09 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru.dll
[2010/07/17 05:09:09 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmon.dll
[2010/07/17 05:09:09 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkyr.dll
[2010/07/17 05:09:09 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkaz.dll
[2010/07/17 05:09:09 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbu.dll
[2010/07/17 05:09:09 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdblr.dll
[2010/07/17 05:09:09 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdaze.dll
[2010/07/17 05:09:09 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdycc.dll
[2010/07/17 05:09:09 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbduzb.dll
[2010/07/17 05:09:09 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdur.dll
[2010/07/17 05:09:09 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtat.dll
[2010/07/17 05:09:09 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdru1.dll
[2010/07/17 05:09:09 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdru.dll
[2010/07/17 05:09:09 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdmon.dll
[2010/07/17 05:09:09 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkyr.dll
[2010/07/17 05:09:09 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkaz.dll
[2010/07/17 05:09:09 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdbu.dll
[2010/07/17 05:09:09 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdblr.dll
[2010/07/17 05:09:09 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdaze.dll
[2010/07/17 05:09:07 | 000,008,192 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhept.dll
[2010/07/17 05:09:07 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhept.dll
[2010/07/17 05:09:07 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela3.dll
[2010/07/17 05:09:07 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhela3.dll
[2010/07/17 05:09:07 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela2.dll
[2010/07/17 05:09:07 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdgkl.dll
[2010/07/17 05:09:07 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhela2.dll
[2010/07/17 05:09:07 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgkl.dll
[2010/07/17 05:09:07 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe319.dll
[2010/07/17 05:09:07 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe220.dll
[2010/07/17 05:09:07 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe.dll
[2010/07/17 05:09:07 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe319.dll
[2010/07/17 05:09:07 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe220.dll
[2010/07/17 05:09:07 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe.dll
[2010/07/17 05:09:06 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv1.dll
[2010/07/17 05:09:06 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv.dll
[2010/07/17 05:09:06 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdest.dll
[2010/07/17 05:09:06 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlv1.dll
[2010/07/17 05:09:06 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlv.dll
[2010/07/17 05:09:06 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdest.dll
[2010/07/17 05:09:06 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt1.dll
[2010/07/17 05:09:06 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt.dll
[2010/07/17 05:09:06 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlt1.dll
[2010/07/17 05:09:06 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlt.dll
[2010/07/17 05:09:04 | 000,007,168 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz.dll
[2010/07/17 05:09:04 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz.dll
[2010/07/17 05:09:04 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycl.dll
[2010/07/17 05:09:04 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl1.dll
[2010/07/17 05:09:04 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl.dll
[2010/07/17 05:09:04 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpl.dll
[2010/07/17 05:09:04 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu.dll
[2010/07/17 05:09:04 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz2.dll
[2010/07/17 05:09:04 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz1.dll
[2010/07/17 05:09:04 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcr.dll
[2010/07/17 05:09:04 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\KBDAL.DLL
[2010/07/17 05:09:04 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdycl.dll
[2010/07/17 05:09:04 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsl1.dll
[2010/07/17 05:09:04 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsl.dll
[2010/07/17 05:09:04 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdpl.dll
[2010/07/17 05:09:04 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhu.dll
[2010/07/17 05:09:04 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz2.dll
[2010/07/17 05:09:04 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz1.dll
[2010/07/17 05:09:04 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcr.dll
[2010/07/17 05:09:04 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdal.dll
[2010/07/17 05:09:04 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdro.dll
[2010/07/17 05:09:04 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpl1.dll
[2010/07/17 05:09:04 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu1.dll
[2010/07/17 05:09:04 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdro.dll
[2010/07/17 05:09:04 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdpl1.dll
[2010/07/17 05:09:04 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhu1.dll
[2010/07/17 05:09:02 | 000,176,157 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dllcache\dgrpsetu.dll
[2010/07/17 05:09:02 | 000,176,157 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dgrpsetu.dll
[2010/07/17 05:09:02 | 000,085,020 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dllcache\dgsetup.dll
[2010/07/17 05:09:02 | 000,085,020 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dgsetup.dll
[2010/07/17 05:09:02 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irclass.dll
[2010/07/17 05:09:02 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irclass.dll
[2010/07/17 05:09:01 | 000,103,424 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\EqnClass.Dll
[2010/07/17 05:09:01 | 000,103,424 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqnclass.dll
[2010/07/17 05:09:01 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\spxcoins.dll
[2010/07/17 05:09:01 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxcoins.dll
[2010/07/17 05:09:01 | 000,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TAPI.DLL
[2010/07/17 05:09:01 | 000,013,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\WFWNET.DRV
[2010/07/17 05:09:01 | 000,009,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VER.DLL
[2010/07/17 05:09:01 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SHELL.DLL
[2010/07/17 05:09:01 | 000,004,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TIMER.DRV
[2010/07/17 05:09:01 | 000,003,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SYSTEM.DRV
[2010/07/17 05:09:01 | 000,002,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VGA.DRV
[2010/07/17 05:09:01 | 000,001,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SOUND.DRV
[2010/07/17 05:09:00 | 000,126,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MSVIDEO.DLL
[2010/07/17 05:09:00 | 000,109,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVIFILE.DLL
[2010/07/17 05:09:00 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLECLI.DLL
[2010/07/17 05:09:00 | 000,073,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIAVI.DRV
[2010/07/17 05:09:00 | 000,032,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\COMMDLG.DLL
[2010/07/17 05:09:00 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIWAVE.DRV
[2010/07/17 05:09:00 | 000,025,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCISEQ.DRV
[2010/07/17 05:09:00 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLESVR.DLL
[2010/07/17 05:09:00 | 000,009,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\LZEXPAND.DLL
[2010/07/17 05:09:00 | 000,002,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MOUSE.DRV
[2010/07/17 05:09:00 | 000,002,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\KEYBOARD.DRV
[2010/07/17 05:09:00 | 000,001,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MMTASK.TSK
[2010/07/17 05:08:59 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\winspool.drv
[2010/07/17 05:08:59 | 000,069,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVICAP.DLL
[2010/07/17 05:08:59 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\TASKMAN.EXE
[2010/07/17 05:08:59 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\taskman.exe
[2010/07/17 05:08:59 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\batt.dll
[2010/07/17 05:08:58 | 000,068,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MMSYSTEM.DLL
[2010/07/17 05:08:57 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\storprop.dll
[2010/07/17 05:08:48 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu
[2010/07/17 05:08:48 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents
[2010/07/17 05:08:48 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Templates
[2010/07/17 05:08:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Favorites
[2010/07/17 05:08:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Desktop
[2010/07/17 05:08:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2010/07/17 05:08:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot
[2010/07/17 05:08:27 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2010/07/17 05:08:27 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\All Users\Application Data
[2010/07/17 05:07:58 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2010/07/17 05:07:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings
[2010/07/17 05:00:06 | 000,000,000 | R-SD | C] -- C:\WINDOWS\Fonts
[2010/07/17 05:00:06 | 000,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2010/07/17 05:00:06 | 000,000,000 | R--D | C] -- C:\WINDOWS\Web
[2010/07/17 05:00:06 | 000,000,000 | -H-D | C] -- C:\WINDOWS\inf
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\WinSxS
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wins
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\twain_32
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\system32
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\system
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\spool
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\security
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\Resources
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\repair
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ras
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\Provisioning
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\PeerNet
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\pchealth
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\npp
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\mui
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\mui
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\msapps
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\msagent
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\Media
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\java
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\IME
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\ime
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ias
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\Help
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\export
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\dell
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\Debug
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cursors
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\config
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\Config
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\AppPatch
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\addins
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3076
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\2052
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1054
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1042
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1041
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1037
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1033
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1031
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1028
[2010/07/17 05:00:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1025

========== Files - Modified Within 30 Days ==========

[2010/08/02 11:03:25 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/08/02 11:03:22 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/08/02 11:02:42 | 002,359,296 | -H-- | M] () -- C:\Documents and Settings\K. Nykol Brown\NTUSER.DAT
[2010/08/02 11:02:42 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\K. Nykol Brown\ntuser.ini
[2010/08/02 11:00:48 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidserv.dll
[2010/08/01 23:47:14 | 004,253,374 | -H-- | M] () -- C:\Documents and Settings\K. Nykol Brown\Local Settings\Application Data\IconCache.db
[2010/08/01 23:23:00 | 000,001,014 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1417001333-2000478354-2147097355-1004UA.job
[2010/08/01 21:23:02 | 000,000,962 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1417001333-2000478354-2147097355-1004Core.job
[2010/08/01 14:28:28 | 000,012,288 | ---- | M] () -- C:\Documents and Settings\K. Nykol Brown\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/08/01 11:15:08 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/07/29 22:48:11 | 000,000,256 | ---- | M] () -- C:\WINDOWS\System32\pool.bin
[2010/07/25 18:46:51 | 000,003,400 | ---- | M] () -- C:\WINDOWS\System32\SpoonUninstall-dBpoweramp Windows Media Audio 10 Codec.dat
[2010/07/25 18:46:34 | 000,033,846 | ---- | M] () -- C:\WINDOWS\System32\SpoonUninstall-dBpoweramp Windows Media Audio 10 Codec.bmp
[2010/07/25 18:46:09 | 010,901,680 | ---- | M] () -- C:\WINDOWS\System32\SpoonUninstall.exe
[2010/07/25 17:48:43 | 000,001,536 | ---- | M] () -- C:\Documents and Settings\K. Nykol Brown\Start Menu\Programs\Startup\LimeWire On Startup.lnk
[2010/07/25 17:47:17 | 000,423,656 | ---- | M] (Oracle) -- C:\WINDOWS\System32\deployJava1.dll
[2010/07/25 17:47:17 | 000,153,376 | ---- | M] (Oracle) -- C:\WINDOWS\System32\javaws.exe
[2010/07/25 17:47:17 | 000,145,184 | ---- | M] (Oracle) -- C:\WINDOWS\System32\javaw.exe
[2010/07/25 17:47:17 | 000,145,184 | ---- | M] (Oracle) -- C:\WINDOWS\System32\java.exe
[2010/07/25 17:47:17 | 000,073,728 | ---- | M] (Oracle) -- C:\WINDOWS\System32\javacpl.cpl
[2010/07/25 00:27:32 | 000,000,356 | ---- | M] () -- C:\WINDOWS\tasks\Uniblue SpyEraser.job
[2010/07/22 12:27:07 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/07/21 00:28:11 | 000,000,525 | ---- | M] () -- C:\WINDOWS\eReg.dat
[2010/07/19 12:02:53 | 000,493,258 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/07/19 12:02:53 | 000,435,828 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/07/19 12:02:53 | 000,068,558 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/07/18 22:44:26 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/07/18 22:44:13 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010/07/18 22:38:35 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2010/07/18 21:21:46 | 000,002,331 | ---- | M] () -- C:\Documents and Settings\K. Nykol Brown\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/07/18 15:33:52 | 000,118,152 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/07/17 20:13:49 | 000,000,014 | ---- | M] () -- C:\WINDOWS\popcinfo.dat
[2010/07/17 20:01:16 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010/07/17 19:17:39 | 000,018,632 | ---- | M] () -- C:\Documents and Settings\K. Nykol Brown\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/07/17 16:09:50 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2010/07/17 15:11:26 | 000,000,127 | ---- | M] () -- C:\WINDOWS\System32\MRT.INI
[2010/07/17 14:22:34 | 000,000,792 | ---- | M] () -- C:\Documents and Settings\K. Nykol Brown\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Microsoft Office Outlook.lnk
[2010/07/17 13:44:10 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\K. Nykol Brown\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010/07/17 13:40:11 | 000,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2010/07/17 13:36:42 | 000,001,602 | ---- | M] () -- C:\Documents and Settings\K. Nykol Brown\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/07/17 13:36:04 | 000,001,602 | ---- | M] () -- C:\Documents and Settings\K. Nykol Brown\Desktop\Mozilla Firefox.lnk
[2010/07/17 13:34:14 | 000,262,144 | ---- | M] () -- C:\Documents and Settings\All Users\ntuser.dat
[2010/07/17 12:55:25 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2010/07/17 12:55:25 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2010/07/17 12:55:16 | 000,000,603 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/07/17 12:53:55 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2010/07/17 12:52:54 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
[2010/07/17 12:44:01 | 000,000,376 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2010/07/17 11:23:16 | 000,000,004 | -H-- | M] () -- C:\Documents and Settings\All Users\Application Data\QSLLPSVCShare
[2010/07/17 11:03:14 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[2010/07/17 10:47:58 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\K. Nykol Brown\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2010/07/17 10:27:13 | 000,000,261 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2010/07/17 10:24:17 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/07/17 10:24:17 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2010/07/17 10:24:17 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/07/17 10:24:17 | 000,000,000 | ---- | M] () -- C:\WINDOWS\control.ini
[2010/07/17 10:24:17 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010/07/17 10:24:17 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010/07/17 10:23:57 | 000,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2010/07/17 10:22:58 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\System32\WindowsLogon.manifest
[2010/07/17 10:22:58 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2010/07/17 10:22:51 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2010/07/17 10:22:51 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\WindowsShell.Manifest
[2010/07/17 10:22:51 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2010/07/17 10:22:51 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2010/07/17 10:22:51 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2010/07/17 10:22:51 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2010/07/17 10:21:00 | 000,021,640 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010/07/17 10:20:45 | 000,000,037 | ---- | M] () -- C:\WINDOWS\vbaddin.ini
[2010/07/17 10:20:45 | 000,000,036 | ---- | M] () -- C:\WINDOWS\vb.ini
[2010/07/09 08:44:52 | 000,032,824 | ---- | M] (Resplendence Software Projects Sp) -- C:\WINDOWS\System32\rrMon.sys
[2010/07/09 08:44:50 | 000,120,376 | ---- | M] () -- C:\WINDOWS\System32\rrsec.dll
[2010/07/09 08:44:48 | 000,097,888 | ---- | M] () -- C:\WINDOWS\System32\rrsec2k.exe

========== Files Created - No Company Name ==========

[2010/07/25 18:46:51 | 000,033,846 | ---- | C] () -- C:\WINDOWS\System32\SpoonUninstall-dBpoweramp Windows Media Audio 10 Codec.bmp
[2010/07/25 18:46:50 | 010,901,680 | ---- | C] () -- C:\WINDOWS\System32\SpoonUninstall.exe
[2010/07/25 18:46:50 | 000,003,400 | ---- | C] () -- C:\WINDOWS\System32\SpoonUninstall-dBpoweramp Windows Media Audio 10 Codec.dat
[2010/07/25 17:48:43 | 000,001,536 | ---- | C] () -- C:\Documents and Settings\K. Nykol Brown\Start Menu\Programs\Startup\LimeWire On Startup.lnk
[2010/07/25 00:27:32 | 000,000,356 | ---- | C] () -- C:\WINDOWS\tasks\Uniblue SpyEraser.job
[2010/07/24 08:25:29 | 000,014,115 | ---- | C] () -- C:\WINDOWS\twspmm.ini
[2010/07/24 08:25:29 | 000,005,860 | ---- | C] () -- C:\WINDOWS\twspmm.src
[2010/07/24 08:24:26 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2010/07/24 08:24:25 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010/07/21 00:28:11 | 000,000,525 | ---- | C] () -- C:\WINDOWS\eReg.dat
[2010/07/18 23:03:34 | 000,120,376 | ---- | C] () -- C:\WINDOWS\System32\rrsec.dll
[2010/07/18 23:03:34 | 000,097,888 | ---- | C] () -- C:\WINDOWS\System32\rrsec2k.exe
[2010/07/18 22:38:35 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2010/07/18 22:38:33 | 000,260,272 | ---- | C] () -- C:\cmldr
[2010/07/18 22:36:55 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010/07/18 22:36:55 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010/07/18 22:36:55 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010/07/18 22:36:55 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010/07/18 21:21:46 | 000,002,331 | ---- | C] () -- C:\Documents and Settings\K. Nykol Brown\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/07/18 21:18:50 | 000,001,014 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1417001333-2000478354-2147097355-1004UA.job
[2010/07/18 21:18:48 | 000,000,962 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1417001333-2000478354-2147097355-1004Core.job
[2010/07/17 20:13:49 | 000,000,014 | ---- | C] () -- C:\WINDOWS\popcinfo.dat
[2010/07/17 20:00:51 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2010/07/17 15:11:26 | 000,000,127 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2010/07/17 14:54:18 | 000,001,261 | ---- | C] () -- C:\WINDOWS\System32\pid.inf
[2010/07/17 14:22:34 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\K. Nykol Brown\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Microsoft Office Outlook.lnk
[2010/07/17 14:14:25 | 000,000,256 | ---- | C] () -- C:\WINDOWS\System32\pool.bin
[2010/07/17 13:44:10 | 000,000,815 | ---- | C] () -- C:\Documents and Settings\K. Nykol Brown\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010/07/17 13:40:11 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010/07/17 13:36:42 | 000,001,602 | ---- | C] () -- C:\Documents and Settings\K. Nykol Brown\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/07/17 13:36:04 | 000,001,602 | ---- | C] () -- C:\Documents and Settings\K. Nykol Brown\Desktop\Mozilla Firefox.lnk
[2010/07/17 13:34:13 | 000,262,144 | ---- | C] () -- C:\Documents and Settings\All Users\ntuser.dat
[2010/07/17 13:34:13 | 000,001,024 | -H-- | C] () -- C:\Documents and Settings\All Users\ntuser.dat.LOG
[2010/07/17 13:19:35 | 000,016,384 | ---- | C] () -- C:\WINDOWS\System32\FileOps.exe
[2010/07/17 12:52:54 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
[2010/07/17 12:48:50 | 000,000,284 | ---- | C] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/07/17 12:44:01 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010/07/17 12:25:59 | 000,012,288 | ---- | C] () -- C:\Documents and Settings\K. Nykol Brown\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/07/17 11:29:37 | 000,000,666 | ---- | C] () -- C:\WINDOWS\speed.reg
[2010/07/17 11:25:29 | 000,133,972 | ---- | C] () -- C:\WINDOWS\System32\drivers\del1028.cty
[2010/07/17 11:23:16 | 000,000,004 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\QSLLPSVCShare
[2010/07/17 11:21:44 | 000,058,704 | ---- | C] () -- C:\WINDOWS\System32\igxpxk32.vp
[2010/07/17 11:21:44 | 000,024,704 | ---- | C] () -- C:\WINDOWS\System32\igxpxs32.vp
[2010/07/17 11:21:44 | 000,000,929 | ---- | C] () -- C:\WINDOWS\System32\igxpxa32.vp
[2010/07/17 11:21:43 | 000,524,850 | ---- | C] () -- C:\WINDOWS\System32\igxpxa32.cpa
[2010/07/17 11:20:45 | 000,757,760 | ---- | C] () -- C:\WINDOWS\System32\bcm1xsup.dll
[2010/07/17 11:20:45 | 000,018,944 | ---- | C] () -- C:\WINDOWS\System32\WLTRYSVC.EXE
[2010/07/17 11:20:44 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\preflib.dll
[2010/07/17 11:02:50 | 000,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty
[2010/07/17 11:02:50 | 000,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod
[2010/07/17 11:02:49 | 000,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img
[2010/07/17 10:50:45 | 000,171,967 | ---- | C] () -- C:\WINDOWS\System32\Odbcjet.hlp
[2010/07/17 10:50:45 | 000,007,348 | ---- | C] () -- C:\WINDOWS\System32\Odbcjet.cnt
[2010/07/17 10:47:58 | 000,000,079 | ---- | C] () -- C:\Documents and Settings\K. Nykol Brown\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2010/07/17 10:47:42 | 000,001,024 | -H-- | C] () -- C:\Documents and Settings\K. Nykol Brown\ntuser.dat.LOG
[2010/07/17 10:47:42 | 000,000,278 | -HS- | C] () -- C:\Documents and Settings\K. Nykol Brown\ntuser.ini
[2010/07/17 10:47:40 | 002,359,296 | -H-- | C] () -- C:\Documents and Settings\K. Nykol Brown\NTUSER.DAT
[2010/07/17 10:27:08 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010/07/17 10:27:01 | 000,028,288 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xjis.nls
[2010/07/17 10:26:28 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prcp.nls
[2010/07/17 10:26:28 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prc.nls
[2010/07/17 10:26:26 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2010/07/17 10:26:06 | 000,047,066 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ksc.nls
[2010/07/17 10:26:05 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2010/07/17 10:25:59 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2010/07/17 10:25:57 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2010/07/17 10:25:55 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2010/07/17 10:25:42 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2010/07/17 10:25:36 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2010/07/17 10:25:19 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2010/07/17 10:25:15 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_864.nls
[2010/07/17 10:25:15 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_862.nls
[2010/07/17 10:25:15 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_858.nls
[2010/07/17 10:25:15 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_870.nls
[2010/07/17 10:25:14 | 000,180,770 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20932.nls
[2010/07/17 10:25:14 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20949.nls
[2010/07/17 10:25:14 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20936.nls
[2010/07/17 10:25:14 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_720.nls
[2010/07/17 10:25:14 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_708.nls
[2010/07/17 10:25:14 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28596.nls
[2010/07/17 10:25:14 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21027.nls
[2010/07/17 10:25:14 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21025.nls
[2010/07/17 10:25:13 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20924.nls
[2010/07/17 10:25:13 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20880.nls
[2010/07/17 10:25:13 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20871.nls
[2010/07/17 10:25:13 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20838.nls
[2010/07/17 10:25:13 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20833.nls
[2010/07/17 10:25:13 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20424.nls
[2010/07/17 10:25:13 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20423.nls
[2010/07/17 10:25:13 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20420.nls
[2010/07/17 10:25:13 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20297.nls
[2010/07/17 10:25:13 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20290.nls
[2010/07/17 10:25:13 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20285.nls
[2010/07/17 10:25:13 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20284.nls
[2010/07/17 10:25:12 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20280.nls
[2010/07/17 10:25:12 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20278.nls
[2010/07/17 10:25:12 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20277.nls
[2010/07/17 10:25:12 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20273.nls
[2010/07/17 10:25:12 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20269.nls
[2010/07/17 10:25:12 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20108.nls
[2010/07/17 10:25:12 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20107.nls
[2010/07/17 10:25:12 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20106.nls
[2010/07/17 10:25:12 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20105.nls
[2010/07/17 10:25:11 | 000,189,986 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1361.nls
[2010/07/17 10:25:11 | 000,187,938 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20005.nls
[2010/07/17 10:25:11 | 000,186,402 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20001.nls
[2010/07/17 10:25:11 | 000,185,378 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20003.nls
[2010/07/17 10:25:11 | 000,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20004.nls
[2010/07/17 10:25:11 | 000,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20000.nls
[2010/07/17 10:25:11 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20002.nls
[2010/07/17 10:25:10 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1149.nls
[2010/07/17 10:25:10 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1148.nls
[2010/07/17 10:25:10 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1147.nls
[2010/07/17 10:25:10 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1146.nls
[2010/07/17 10:25:10 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1145.nls
[2010/07/17 10:25:10 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1144.nls
[2010/07/17 10:25:10 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1143.nls
[2010/07/17 10:25:10 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1142.nls
[2010/07/17 10:25:10 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1141.nls
[2010/07/17 10:25:10 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1140.nls
[2010/07/17 10:25:10 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1047.nls
[2010/07/17 10:25:09 | 000,195,618 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10002.nls
[2010/07/17 10:25:09 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10003.nls
[2010/07/17 10:25:09 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10008.nls
[2010/07/17 10:25:09 | 000,162,850 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10001.nls
[2010/07/17 10:25:09 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10021.nls
[2010/07/17 10:25:09 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10005.nls
[2010/07/17 10:25:09 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10004.nls
[2010/07/17 10:25:08 | 000,082,172 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bopomofo.nls
[2010/07/17 10:25:08 | 000,066,728 | ---- | C] () -- C:\WINDOWS\System32\dllcache\big5.nls
[2010/07/17 10:24:17 | 000,002,577 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/07/17 10:24:17 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2010/07/17 10:24:17 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2010/07/17 10:24:17 | 000,000,000 | ---- | C] () -- C:\CONFIG.SYS
[2010/07/17 10:24:17 | 000,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT
[2010/07/17 10:24:08 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2010/07/17 10:24:08 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2010/07/17 10:24:07 | 000,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2010/07/17 10:22:58 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\WindowsLogon.manifest
[2010/07/17 10:22:58 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2010/07/17 10:22:51 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2010/07/17 10:22:51 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\WindowsShell.Manifest
[2010/07/17 10:22:51 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2010/07/17 10:22:51 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2010/07/17 10:22:51 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2010/07/17 10:22:51 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2010/07/17 10:22:30 | 004,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex
[2010/07/17 10:21:58 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2010/07/17 10:21:58 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2010/07/17 10:21:52 | 000,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf
[2010/07/17 10:21:00 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010/07/17 10:19:43 | 000,065,954 | ---- | C] () -- C:\WINDOWS\Prairie Wind.bmp
[2010/07/17 10:19:43 | 000,065,832 | ---- | C] () -- C:\WINDOWS\Santa Fe Stucco.bmp
[2010/07/17 10:19:43 | 000,026,680 | ---- | C] () -- C:\WINDOWS\River Sumida.bmp
[2010/07/17 10:19:43 | 000,026,582 | ---- | C] () -- C:\WINDOWS\Greenstone.bmp
[2010/07/17 10:19:43 | 000,017,362 | ---- | C] () -- C:\WINDOWS\Rhododendron.bmp
[2010/07/17 10:19:43 | 000,017,336 | ---- | C] () -- C:\WINDOWS\Gone Fishing.bmp
[2010/07/17 10:19:43 | 000,009,522 | ---- | C] () -- C:\WINDOWS\Zapotec.bmp
[2010/07/17 10:19:42 | 000,093,702 | ---- | C] () -- C:\WINDOWS\System32\subrange.uce
[2010/07/17 10:19:42 | 000,065,978 | ---- | C] () -- C:\WINDOWS\Soap Bubbles.bmp
[2010/07/17 10:19:42 | 000,017,062 | ---- | C] () -- C:\WINDOWS\Coffee Bean.bmp
[2010/07/17 10:19:42 | 000,016,740 | ---- | C] () -- C:\WINDOWS\System32\shiftjis.uce
[2010/07/17 10:19:42 | 000,016,730 | ---- | C] () -- C:\WINDOWS\FeatherTexture.bmp
[2010/07/17 10:19:42 | 000,012,876 | ---- | C] () -- C:\WINDOWS\System32\korean.uce
[2010/07/17 10:19:42 | 000,008,484 | ---- | C] () -- C:\WINDOWS\System32\kanji_2.uce
[2010/07/17 10:19:42 | 000,006,948 | ---- | C] () -- C:\WINDOWS\System32\kanji_1.uce
[2010/07/17 10:19:42 | 000,001,272 | ---- | C] () -- C:\WINDOWS\Blue Lace 16.bmp
[2010/07/17 10:19:41 | 000,060,458 | ---- | C] () -- C:\WINDOWS\System32\ideograf.uce
[2010/07/17 10:19:41 | 000,024,006 | ---- | C] () -- C:\WINDOWS\System32\gb2312.uce
[2010/07/17 10:19:41 | 000,022,984 | ---- | C] () -- C:\WINDOWS\System32\bopomofo.uce
[2010/07/17 10:19:40 | 000,001,161 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2010/07/17 10:19:39 | 000,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h
[2010/07/17 10:19:38 | 000,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h
[2010/07/17 10:19:33 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc
[2010/07/17 05:09:16 | 001,685,606 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.spd
[2010/07/17 05:09:16 | 000,000,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.sdf
[2010/07/17 05:09:15 | 000,605,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa
[2010/07/17 05:09:14 | 000,643,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa
[2010/07/17 05:09:12 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28603.nls
[2010/07/17 05:09:12 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28603.nls
[2010/07/17 05:09:11 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_857.nls
[2010/07/17 05:09:11 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_857.nls
[2010/07/17 05:09:11 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28599.nls
[2010/07/17 05:09:11 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28599.nls
[2010/07/17 05:09:11 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10081.nls
[2010/07/17 05:09:11 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10081.nls
[2010/07/17 05:09:09 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28595.nls
[2010/07/17 05:09:09 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28595.NLS
[2010/07/17 05:09:09 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10017.nls
[2010/07/17 05:09:09 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10017.nls
[2010/07/17 05:09:09 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10007.nls
[2010/07/17 05:09:09 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10007.nls
[2010/07/17 05:09:07 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_869.nls
[2010/07/17 05:09:07 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_869.nls
[2010/07/17 05:09:07 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_737.nls
[2010/07/17 05:09:07 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_737.nls
[2010/07/17 05:09:07 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_875.nls
[2010/07/17 05:09:07 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_875.nls
[2010/07/17 05:09:07 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28597.nls
[2010/07/17 05:09:07 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28597.NLS
[2010/07/17 05:09:07 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10006.nls
[2010/07/17 05:09:07 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10006.nls
[2010/07/17 05:09:06 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_866.nls
[2010/07/17 05:09:06 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_866.nls
[2010/07/17 05:09:06 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_855.nls
[2010/07/17 05:09:06 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_855.nls
[2010/07/17 05:09:06 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28594.nls
[2010/07/17 05:09:06 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28594.NLS
[2010/07/17 05:09:04 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_852.nls
[2010/07/17 05:09:04 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_852.nls
[2010/07/17 05:09:04 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10082.nls
[2010/07/17 05:09:04 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10082.nls
[2010/07/17 05:09:04 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10029.nls
[2010/07/17 05:09:04 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10029.nls
[2010/07/17 05:09:04 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10010.nls
[2010/07/17 05:09:04 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10010.nls
[2010/07/17 05:09:02 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20127.nls
[2010/07/17 05:09:02 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_20127.nls
[2010/07/17 05:08:59 | 000,001,688 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2010/07/17 05:08:47 | 001,042,903 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP2.CAT
[2010/07/17 05:08:47 | 000,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2010/07/17 05:08:47 | 000,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2010/07/17 05:08:47 | 000,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2010/07/17 05:08:47 | 000,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2010/07/17 05:08:47 | 000,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2010/07/17 05:08:47 | 000,007,710 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2010/07/17 05:08:47 | 000,007,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat
[2010/07/17 05:07:57 | 000,118,152 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/07/17 05:07:22 | 000,000,281 | RHS- | C] () -- C:\boot.ini
[2010/07/17 05:07:18 | 000,000,261 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf
[2003/01/07 10:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
< End of report >



#6 syler

syler

  • Malware Response Team
  • 8,150 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Warrington, UK
  • Local time:04:30 AM

Posted 02 August 2010 - 02:19 PM

I see that you have been running Combofix, do you have the log combofix.txt that it produced, their may a copy in the folder
C:\qoobox

unite.jpg


#7 legogirl88

legogirl88
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:10:30 PM

Posted 02 August 2010 - 11:39 PM

ComboFix 10-08-02.03 - K. Nykol Brown 08/02/2010 23:25:54.2.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.503.229 [GMT -5:00]
Running from: c:\documents and settings\K. Nykol Brown\My Documents\Downloads\ComboFix.exe
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Install.exe

.
((((((((((((((((((((((((( Files Created from 2010-07-03 to 2010-08-03 )))))))))))))))))))))))))))))))
.

2010-08-02 16:02 . 2010-08-02 16:02 -------- d-----w- C:\_OTL
2010-08-02 16:00 . 2010-08-02 16:00 167936 ----a-w- c:\windows\system32\appmgmts.dll
2010-08-02 16:00 . 2010-08-02 16:00 21504 -c--a-w- c:\windows\system32\dllcache\hidserv.dll
2010-08-02 16:00 . 2010-08-02 16:00 21504 ----a-w- c:\windows\system32\hidserv.dll
2010-08-01 18:03 . 2010-08-01 18:03 -------- d-----w- c:\documents and settings\K. Nykol Brown\Application Data\DivX
2010-08-01 17:58 . 2010-08-01 17:58 -------- d-----w- c:\documents and settings\K. Nykol Brown\Local Settings\Application Data\WMTools Downloaded Files
2010-07-25 23:46 . 2010-07-25 23:46 3400 ----a-w- c:\windows\system32\SpoonUninstall-dBpoweramp Windows Media Audio 10 Codec.dat
2010-07-25 23:46 . 2010-07-25 23:46 10901680 ----a-w- c:\windows\system32\SpoonUninstall.exe
2010-07-25 22:47 . 2010-07-25 22:47 503808 ----a-w- c:\documents and settings\K. Nykol Brown\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-26e8652c-n\msvcp71.dll
2010-07-25 22:47 . 2010-07-25 22:47 499712 ----a-w- c:\documents and settings\K. Nykol Brown\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-26e8652c-n\jmc.dll
2010-07-25 22:47 . 2010-07-25 22:47 348160 ----a-w- c:\documents and settings\K. Nykol Brown\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-26e8652c-n\msvcr71.dll
2010-07-25 22:47 . 2010-07-25 22:47 61440 ----a-w- c:\documents and settings\K. Nykol Brown\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-101df45a-n\decora-sse.dll
2010-07-25 22:47 . 2010-07-25 22:47 12800 ----a-w- c:\documents and settings\K. Nykol Brown\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-101df45a-n\decora-d3d.dll
2010-07-25 22:47 . 2010-07-25 22:47 423656 ----a-w- c:\windows\system32\deployJava1.dll
2010-07-25 04:48 . 2010-07-25 05:30 -------- d-----w- c:\documents and settings\K. Nykol Brown\Application Data\Uniblue
2010-07-24 13:26 . 2008-04-13 18:46 10880 -c--a-w- c:\windows\system32\dllcache\ndisip.sys
2010-07-24 13:26 . 2008-04-13 18:46 10880 ----a-w- c:\windows\system32\drivers\NdisIP.sys
2010-07-24 13:26 . 2008-04-13 18:39 5504 -c--a-w- c:\windows\system32\dllcache\mstee.sys
2010-07-24 13:26 . 2008-04-13 18:39 5504 ----a-w- c:\windows\system32\drivers\MSTEE.sys
2010-07-24 13:26 . 2008-04-13 18:46 15232 -c--a-w- c:\windows\system32\dllcache\streamip.sys
2010-07-24 13:26 . 2008-04-13 18:46 15232 ----a-w- c:\windows\system32\drivers\StreamIP.sys
2010-07-24 13:26 . 2008-04-13 18:46 11136 -c--a-w- c:\windows\system32\dllcache\slip.sys
2010-07-24 13:26 . 2008-04-13 18:46 11136 ----a-w- c:\windows\system32\drivers\SLIP.sys
2010-07-24 13:25 . 2008-04-13 18:46 19200 -c--a-w- c:\windows\system32\dllcache\wstcodec.sys
2010-07-24 13:25 . 2008-04-13 18:46 19200 ----a-w- c:\windows\system32\drivers\WSTCODEC.SYS
2010-07-24 13:25 . 2008-04-13 18:46 85248 -c--a-w- c:\windows\system32\dllcache\nabtsfec.sys
2010-07-24 13:25 . 2008-04-13 18:46 85248 ----a-w- c:\windows\system32\drivers\NABTSFEC.sys
2010-07-24 13:25 . 2008-04-13 18:46 17024 -c--a-w- c:\windows\system32\dllcache\ccdecode.sys
2010-07-24 13:25 . 2008-04-13 18:46 17024 ----a-w- c:\windows\system32\drivers\CCDECODE.sys
2010-07-24 13:25 . 2008-04-14 00:12 53760 -c--a-w- c:\windows\system32\dllcache\vfwwdm32.dll
2010-07-24 13:25 . 2008-04-14 00:12 53760 ----a-w- c:\windows\system32\vfwwdm32.dll
2010-07-24 13:25 . 2008-12-16 20:44 516480 ----a-w- c:\windows\system32\drivers\Ca1528av.sys
2010-07-24 13:25 . 2008-06-27 21:41 11648 ----a-w- c:\windows\system32\drivers\Bulk1528.sys
2010-07-24 13:25 . 2002-01-19 20:33 131072 ----a-w- c:\windows\system\SP5X_32.DLL
2010-07-24 13:25 . 2010-07-24 13:25 -------- d-----w- c:\program files\SPCA1528
2010-07-24 13:24 . 2010-07-24 13:24 -------- d-----w- c:\documents and settings\All Users\Application Data\Vivitar
2010-07-24 13:24 . 2008-12-18 00:22 57344 ----a-w- c:\windows\system32\ff_vfw.dll
2010-07-24 13:24 . 2010-07-25 05:29 -------- d-----w- c:\program files\ffdshow
2010-07-24 13:24 . 2008-12-11 18:26 60273 ----a-w- c:\windows\system32\pthreadGC2.dll
2010-07-24 13:23 . 2010-07-24 13:24 -------- d-----w- c:\program files\Vivitar Experience Image Manager
2010-07-23 16:26 . 2010-07-23 16:26 -------- d-----w- c:\program files\Trend Micro
2010-07-22 17:27 . 2010-07-22 17:27 -------- d-----w- c:\documents and settings\NetworkService\Application Data\Yahoo!
2010-07-22 17:27 . 2010-07-22 17:27 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Apple
2010-07-21 05:28 . 2010-07-21 05:28 525 ----a-w- c:\windows\eReg.dat
2010-07-19 04:03 . 2010-07-09 13:44 32824 ----a-w- c:\windows\system32\rrMon.sys
2010-07-19 04:03 . 2010-07-19 04:03 -------- d-----w- c:\program files\Registrar Registry Manager
2010-07-19 03:10 . 2010-07-19 03:10 -------- d-sh--w- c:\documents and settings\K. Nykol Brown\IECompatCache
2010-07-19 02:18 . 2010-07-27 04:26 -------- d-----w- c:\documents and settings\K. Nykol Brown\Local Settings\Application Data\Temp
2010-07-19 02:18 . 2010-07-19 02:21 -------- d-----w- c:\documents and settings\K. Nykol Brown\Local Settings\Application Data\Google
2010-07-18 20:08 . 2010-07-18 20:08 -------- d-----w- c:\windows\system32\XPSViewer
2010-07-18 20:08 . 2010-07-18 20:08 -------- d-----w- c:\program files\MSBuild
2010-07-18 20:08 . 2010-07-18 20:08 -------- d-----w- c:\program files\Reference Assemblies
2010-07-18 20:08 . 2008-07-06 12:06 89088 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
2010-07-18 20:07 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2010-07-18 20:07 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2010-07-18 20:07 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
2010-07-18 20:07 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
2010-07-18 20:07 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2010-07-18 20:07 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\Spool\prtprocs\w32x86\printfilterpipelinesvc.exe
2010-07-18 20:07 . 2010-07-18 20:08 -------- d-----w- C:\242aea37d657bf588fbdf238e3
2010-07-18 20:07 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2010-07-18 20:07 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
2010-07-18 20:02 . 2010-07-18 20:02 -------- d-----w- c:\documents and settings\All Users\Application Data\Research In Motion
2010-07-18 17:23 . 2010-07-18 17:24 -------- d-----w- c:\windows\ie8updates
2010-07-18 15:58 . 2010-05-06 10:41 599040 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2010-07-18 15:58 . 2010-05-06 10:41 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2010-07-18 15:58 . 2010-05-06 10:41 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2010-07-18 15:58 . 2010-05-06 10:41 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2010-07-18 15:58 . 2010-05-06 10:41 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll
2010-07-18 15:57 . 2010-05-06 10:41 1985536 -c----w- c:\windows\system32\dllcache\iertutil.dll
2010-07-18 15:57 . 2010-05-06 10:41 11076096 -c----w- c:\windows\system32\dllcache\ieframe.dll
2010-07-18 01:22 . 2010-07-21 05:25 -------- d-----w- c:\program files\EA GAMES
2010-07-18 01:13 . 2010-07-18 01:13 14 ----a-w- c:\windows\popcinfo.dat
2010-07-17 23:53 . 2010-07-17 23:53 -------- d-sh--w- c:\documents and settings\K. Nykol Brown\PrivacIE
2010-07-17 21:16 . 2010-07-17 21:16 -------- d-----w- c:\windows\system32\scripting
2010-07-17 21:16 . 2010-07-17 21:16 -------- d-----w- c:\windows\l2schemas
2010-07-17 21:15 . 2010-07-17 21:15 -------- d-----w- c:\windows\system32\en
2010-07-17 21:15 . 2010-07-17 21:15 -------- d-----w- c:\windows\system32\bits
2010-07-17 20:11 . 2010-07-17 20:11 -------- d-----w- c:\windows\system32\MpEngineStore
2010-07-17 19:54 . 2008-04-14 00:12 144384 ------w- c:\windows\system32\onex.dll
2010-07-17 19:53 . 2008-04-14 00:11 7168 ------w- c:\windows\system32\bitsprx4.dll
2010-07-17 19:53 . 2008-04-14 00:11 233472 ------w- c:\windows\system32\azroles.dll
2010-07-17 19:53 . 2008-04-14 00:11 136192 ------w- c:\windows\system32\aaclient.dll
2010-07-17 19:20 . 2010-07-17 19:20 -------- d-----w- c:\documents and settings\K. Nykol Brown\Application Data\Blackberry Desktop
2010-07-17 19:17 . 2008-04-13 18:45 32128 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2010-07-17 19:17 . 2008-06-13 11:05 272128 -c----w- c:\windows\system32\dllcache\bthport.sys
2010-07-17 19:16 . 2009-12-31 16:50 353792 -c----w- c:\windows\system32\dllcache\srv.sys
2010-07-17 19:16 . 2010-02-24 13:11 455680 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2010-07-17 19:16 . 2009-11-21 15:51 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll
2010-07-17 19:14 . 2010-07-30 03:48 256 ----a-w- c:\windows\system32\pool.bin
2010-07-17 19:14 . 2010-07-17 19:14 -------- d-----w- c:\documents and settings\K. Nykol Brown\Application Data\Research In Motion
2010-07-17 19:12 . 2008-05-08 14:02 203136 -c----w- c:\windows\system32\dllcache\rmcast.sys
2010-07-17 19:12 . 2010-06-14 14:31 744448 -c----w- c:\windows\system32\dllcache\helpsvc.exe
2010-07-17 19:11 . 2009-10-15 16:28 81920 -c----w- c:\windows\system32\dllcache\fontsub.dll
2010-07-17 19:11 . 2009-10-15 16:28 119808 -c----w- c:\windows\system32\dllcache\t2embed.dll
2010-07-17 19:08 . 2009-03-06 14:22 284160 -c----w- c:\windows\system32\dllcache\pdh.dll
2010-07-17 19:08 . 2009-06-25 08:25 730112 -c----w- c:\windows\system32\dllcache\lsasrv.dll
2010-07-17 19:08 . 2009-02-09 12:10 617472 -c----w- c:\windows\system32\dllcache\advapi32.dll
2010-07-17 19:08 . 2009-02-09 12:10 473600 -c----w- c:\windows\system32\dllcache\fastprox.dll
2010-07-17 19:08 . 2009-02-09 12:10 453120 -c----w- c:\windows\system32\dllcache\wmiprvsd.dll
2010-07-17 19:08 . 2009-02-09 12:10 401408 -c----w- c:\windows\system32\dllcache\rpcss.dll
2010-07-17 19:08 . 2009-02-06 11:11 110592 -c----w- c:\windows\system32\dllcache\services.exe
2010-07-17 19:08 . 2009-02-06 10:10 227840 -c----w- c:\windows\system32\dllcache\wmiprvse.exe
2010-07-17 19:08 . 2009-02-09 12:10 714752 -c----w- c:\windows\system32\dllcache\ntdll.dll
2010-07-17 19:08 . 2010-02-17 14:10 2189952 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe
2010-07-17 19:08 . 2010-02-16 14:08 2146304 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2010-07-17 19:08 . 2010-02-16 13:25 2024448 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2010-07-17 19:07 . 2009-01-09 21:18 27136 ----a-r- c:\windows\system32\drivers\RimSerial.sys
2010-07-17 19:06 . 2010-07-17 19:06 -------- d-----w- c:\program files\Common Files\Roxio Shared
2010-07-17 19:05 . 2010-07-17 19:06 -------- d-----w- c:\program files\Common Files\Research In Motion
2010-07-17 19:05 . 2010-07-17 19:05 -------- d-----w- c:\program files\Research In Motion
2010-07-17 18:58 . 2008-10-15 16:34 337408 -c----w- c:\windows\system32\dllcache\netapi32.dll
2010-07-17 18:58 . 2008-05-03 11:55 2560 ------w- c:\windows\system32\xpsp4res.dll
2010-07-17 18:58 . 2008-04-21 12:08 215552 -c----w- c:\windows\system32\dllcache\wordpad.exe
2010-07-17 18:52 . 2010-01-13 14:01 86016 -c----w- c:\windows\system32\dllcache\cabview.dll
2010-07-17 18:49 . 2010-07-17 18:49 -------- d-----w- c:\program files\MSXML 6.0
2010-07-17 18:45 . 2010-07-17 23:53 -------- d-----w- c:\documents and settings\K. Nykol Brown\Local Settings\Application Data\Yahoo
2010-07-17 18:44 . 2010-07-17 18:44 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2010-07-17 18:43 . 2010-07-17 18:43 -------- d-sh--w- c:\documents and settings\K. Nykol Brown\IETldCache
2010-07-17 18:40 . 2010-07-17 18:40 0 ----a-w- c:\windows\nsreg.dat
2010-07-17 18:39 . 2010-07-17 18:39 -------- d-----w- c:\documents and settings\K. Nykol Brown\Local Settings\Application Data\Mozilla
2010-07-17 18:38 . 2010-07-17 18:39 -------- dc-h--w- c:\windows\ie8
2010-07-17 18:34 . 2010-07-17 18:34 -------- d-----w- c:\documents and settings\K. Nykol Brown\Local Settings\Application Data\Yahoo!
2010-07-17 18:33 . 2010-07-17 18:34 -------- d-----w- c:\documents and settings\All Users\Application Data\Yahoo!
2010-07-17 18:33 . 2010-04-20 21:45 607472 ----a-w- c:\documents and settings\All Users\Application Data\Yahoo!\YUpdater\yupdater.exe

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-03 03:47 . 2010-07-25 22:48 -------- d-----w- c:\documents and settings\K. Nykol Brown\Application Data\LimeWire
2010-07-24 13:25 . 2010-07-17 15:50 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-07-23 04:23 . 2004-08-04 10:00 12464 ----a-w- c:\windows\system32\drivers\secdrv.sys
2010-07-17 21:19 . 2010-07-17 15:23 77423 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-07-17 17:51 . 2010-07-17 17:50 -------- d-----w- c:\program files\iTunes
2010-07-17 17:51 . 2010-07-17 17:50 -------- d-----w- c:\documents and settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2010-07-17 17:50 . 2010-07-17 17:50 -------- d-----w- c:\program files\iPod
2010-07-17 17:50 . 2010-07-17 17:49 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer
2010-07-17 17:50 . 2010-07-17 17:50 -------- d-----w- c:\program files\Bonjour
2010-07-17 17:49 . 2010-07-17 17:49 -------- d-----w- c:\program files\QuickTime
2010-07-17 17:48 . 2010-07-17 17:48 -------- d-----w- c:\program files\Apple Software Update
2010-07-17 17:48 . 2010-07-17 17:48 -------- d-----w- c:\program files\Common Files\Apple
2010-07-17 17:48 . 2010-07-17 17:48 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple
2010-07-17 16:29 . 2010-07-17 16:21 -------- d-----w- c:\program files\Dell
2010-07-17 16:22 . 2010-07-17 15:50 -------- d-----w- c:\program files\Common Files\InstallShield
2010-07-17 15:24 . 2010-07-17 15:24 -------- d-----w- c:\program files\microsoft frontpage
2010-07-17 15:21 . 2010-07-17 15:21 21640 ----a-w- c:\windows\system32\emptyregdb.dat
2010-06-14 14:31 . 2010-07-17 15:21 744448 ----a-w- c:\windows\pchealth\helpctr\binaries\helpsvc.exe
2010-05-06 10:41 . 2006-03-04 03:33 916480 ----a-w- c:\windows\system32\wininet.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="c:\documents and settings\K. Nykol Brown\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2010-07-19 136176]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2005-12-19 1347584]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2005-10-14 94208]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-10-14 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-10-14 114688]
"Dell QuickSet"="c:\program files\Dell\QuickSet\quickset.exe" [2006-04-06 1032192]
"SigmatelSysTrayApp"="stsystra.exe" [2006-03-24 282624]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-03-08 761947]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2005-01-12 32768]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-11-04 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-11-20 290088]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2010-04-29 437584]
"BlackBerryAutoUpdate"="c:\program files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe" [2010-03-11 648536]

c:\documents and settings\K. Nykol Brown\Start Menu\Programs\Startup\
LimeWire On Startup.lnk - c:\program files\LimeWire\LimeWire.exe [2010-5-26 503808]

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=

R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [7/17/2010 1:24 PM 304464]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [7/17/2010 1:24 PM 20952]
S2 Ca1528av;SPCA1528 Video Camera Service;c:\windows\system32\drivers\Ca1528av.sys [7/24/2010 8:25 AM 516480]
S3 Bulk1528;SPCA1528 Still Camera Service;c:\windows\system32\drivers\Bulk1528.sys [7/24/2010 8:25 AM 11648]
.
Contents of the 'Scheduled Tasks' folder

2010-07-22 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 17:34]

2010-08-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1417001333-2000478354-2147097355-1004Core.job
- c:\documents and settings\K. Nykol Brown\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-07-19 02:18]

2010-08-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1417001333-2000478354-2147097355-1004UA.job
- c:\documents and settings\K. Nykol Brown\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-07-19 02:18]

2010-07-25 c:\windows\Tasks\Uniblue SpyEraser.job
- c:\program files\Uniblue\SpyEraser\SpyEraser.exe [2010-07-17 14:03]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.yahoo.com
uInternet Connection Wizard,ShellNext = hxxp://www.dell.com/openmanage
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\K. Nykol Brown\Application Data\Mozilla\Firefox\Profiles\r2nrabz6.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - www.yahoo.com
FF - plugin: c:\documents and settings\All Users\Application Data\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll
FF - plugin: c:\documents and settings\K. Nykol Brown\Local Settings\Application Data\Google\Update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\program files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
FF - plugin: c:\program files\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.count", 24);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.size", 4096);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-08-02 23:33
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(596)
c:\windows\System32\BCMLogon.dll
.
Completion time: 2010-08-02 23:36:16
ComboFix-quarantined-files.txt 2010-08-03 04:36
ComboFix2.txt 2010-07-19 03:47

Pre-Run: 43,139,915,776 bytes free
Post-Run: 43,130,286,080 bytes free

- - End Of File - - F22A2613F2B7DB57BC5B3D7681886E28


#8 syler

syler

  • Malware Response Team
  • 8,150 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Warrington, UK
  • Local time:04:30 AM

Posted 03 August 2010 - 07:41 AM

I wasn't asking you to run combofix again, I was asking if you had the log from the run you had already done. Their
should a log at C:\qoobox\combofix2.txt

unite.jpg


#9 legogirl88

legogirl88
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:10:30 PM

Posted 03 August 2010 - 12:06 PM

ComboFix 10-07-16.02 - K. Nykol Brown 07/18/2010 22:39:08.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.503.243 [GMT -5:00]
Running from: c:\documents and settings\K. Nykol Brown\My Documents\Downloads\ComboFix.exe
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\drivers\1028_DELL_XPS_ME051 .MRK
c:\windows\system32\drivers\DELL_XPS_ME051 .MRK

.
((((((((((((((((((((((((( Files Created from 2010-06-19 to 2010-07-19 )))))))))))))))))))))))))))))))
.

2010-07-19 03:10 . 2010-07-19 03:10 -------- d-sh--w- c:\documents and settings\K. Nykol Brown\IECompatCache
2010-07-19 02:18 . 2010-07-19 02:21 -------- d-----w- c:\documents and settings\K. Nykol Brown\Local Settings\Application Data\Temp
2010-07-19 02:18 . 2010-07-19 02:21 -------- d-----w- c:\documents and settings\K. Nykol Brown\Local Settings\Application Data\Google
2010-07-18 20:08 . 2010-07-18 20:08 -------- d-----w- c:\windows\system32\XPSViewer
2010-07-18 20:08 . 2010-07-18 20:08 -------- d-----w- c:\program files\MSBuild
2010-07-18 20:08 . 2010-07-18 20:08 -------- d-----w- c:\program files\Reference Assemblies
2010-07-18 20:08 . 2008-07-06 12:06 89088 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
2010-07-18 20:07 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2010-07-18 20:07 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2010-07-18 20:07 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
2010-07-18 20:07 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
2010-07-18 20:07 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2010-07-18 20:07 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\Spool\prtprocs\w32x86\printfilterpipelinesvc.exe
2010-07-18 20:07 . 2010-07-18 20:08 -------- d-----w- C:\242aea37d657bf588fbdf238e3
2010-07-18 20:07 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2010-07-18 20:07 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
2010-07-18 20:02 . 2010-07-18 20:02 -------- d-----w- c:\documents and settings\All Users\Application Data\Research In Motion
2010-07-18 17:23 . 2010-07-18 17:24 -------- d-----w- c:\windows\ie8updates
2010-07-18 15:58 . 2010-05-06 10:41 599040 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2010-07-18 15:58 . 2010-05-06 10:41 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2010-07-18 15:58 . 2010-05-06 10:41 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2010-07-18 15:58 . 2010-05-06 10:41 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2010-07-18 15:58 . 2010-05-06 10:41 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll
2010-07-18 15:57 . 2010-05-06 10:41 1985536 -c----w- c:\windows\system32\dllcache\iertutil.dll
2010-07-18 15:57 . 2010-05-06 10:41 11076096 -c----w- c:\windows\system32\dllcache\ieframe.dll
2010-07-18 01:22 . 2010-07-18 01:22 -------- d-----w- c:\program files\EA GAMES
2010-07-18 01:13 . 2010-07-18 01:13 14 ----a-w- c:\windows\popcinfo.dat
2010-07-17 23:53 . 2010-07-17 23:53 -------- d-sh--w- c:\documents and settings\K. Nykol Brown\PrivacIE
2010-07-17 21:16 . 2010-07-17 21:16 -------- d-----w- c:\windows\system32\scripting
2010-07-17 21:16 . 2010-07-17 21:16 -------- d-----w- c:\windows\l2schemas
2010-07-17 21:15 . 2010-07-17 21:15 -------- d-----w- c:\windows\system32\en
2010-07-17 21:15 . 2010-07-17 21:15 -------- d-----w- c:\windows\system32\bits
2010-07-17 20:11 . 2010-07-17 20:11 -------- d-----w- c:\windows\system32\MpEngineStore
2010-07-17 19:54 . 2008-04-14 00:12 144384 ------w- c:\windows\system32\onex.dll
2010-07-17 19:53 . 2008-04-14 00:11 7168 ------w- c:\windows\system32\bitsprx4.dll
2010-07-17 19:53 . 2008-04-14 00:11 233472 ------w- c:\windows\system32\azroles.dll
2010-07-17 19:53 . 2008-04-14 00:11 136192 ------w- c:\windows\system32\aaclient.dll
2010-07-17 19:20 . 2010-07-17 19:20 -------- d-----w- c:\documents and settings\K. Nykol Brown\Application Data\Blackberry Desktop
2010-07-17 19:17 . 2008-04-13 18:45 32128 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2010-07-17 19:17 . 2008-06-13 11:05 272128 -c----w- c:\windows\system32\dllcache\bthport.sys
2010-07-17 19:16 . 2009-12-31 16:50 353792 -c----w- c:\windows\system32\dllcache\srv.sys
2010-07-17 19:16 . 2010-02-24 13:11 455680 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2010-07-17 19:16 . 2009-11-21 15:51 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll
2010-07-17 19:14 . 2010-07-17 19:32 256 ----a-w- c:\windows\system32\pool.bin
2010-07-17 19:14 . 2010-07-17 19:14 -------- d-----w- c:\documents and settings\K. Nykol Brown\Application Data\Research In Motion
2010-07-17 19:12 . 2008-05-08 14:02 203136 -c----w- c:\windows\system32\dllcache\rmcast.sys
2010-07-17 19:12 . 2010-06-14 14:31 744448 -c----w- c:\windows\system32\dllcache\helpsvc.exe
2010-07-17 19:11 . 2009-10-15 16:28 81920 -c----w- c:\windows\system32\dllcache\fontsub.dll
2010-07-17 19:11 . 2009-10-15 16:28 119808 -c----w- c:\windows\system32\dllcache\t2embed.dll
2010-07-17 19:08 . 2009-03-06 14:22 284160 -c----w- c:\windows\system32\dllcache\pdh.dll
2010-07-17 19:08 . 2009-06-25 08:25 730112 -c----w- c:\windows\system32\dllcache\lsasrv.dll
2010-07-17 19:08 . 2009-02-09 12:10 617472 -c----w- c:\windows\system32\dllcache\advapi32.dll
2010-07-17 19:08 . 2009-02-09 12:10 473600 -c----w- c:\windows\system32\dllcache\fastprox.dll
2010-07-17 19:08 . 2009-02-09 12:10 453120 -c----w- c:\windows\system32\dllcache\wmiprvsd.dll
2010-07-17 19:08 . 2009-02-09 12:10 401408 -c----w- c:\windows\system32\dllcache\rpcss.dll
2010-07-17 19:08 . 2009-02-06 11:11 110592 -c----w- c:\windows\system32\dllcache\services.exe
2010-07-17 19:08 . 2009-02-06 10:10 227840 -c----w- c:\windows\system32\dllcache\wmiprvse.exe
2010-07-17 19:08 . 2009-02-09 12:10 714752 -c----w- c:\windows\system32\dllcache\ntdll.dll
2010-07-17 19:08 . 2010-02-17 14:10 2189952 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe
2010-07-17 19:08 . 2010-02-16 14:08 2146304 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2010-07-17 19:08 . 2010-02-16 13:25 2024448 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2010-07-17 19:07 . 2009-01-09 21:18 27136 ----a-r- c:\windows\system32\drivers\RimSerial.sys
2010-07-17 19:06 . 2010-07-17 19:06 -------- d-----w- c:\program files\Common Files\Roxio Shared
2010-07-17 19:05 . 2010-07-17 19:06 -------- d-----w- c:\program files\Common Files\Research In Motion
2010-07-17 19:05 . 2010-07-17 19:05 -------- d-----w- c:\program files\Research In Motion
2010-07-17 18:58 . 2008-10-15 16:34 337408 -c----w- c:\windows\system32\dllcache\netapi32.dll
2010-07-17 18:58 . 2008-05-03 11:55 2560 ------w- c:\windows\system32\xpsp4res.dll
2010-07-17 18:58 . 2008-04-21 12:08 215552 -c----w- c:\windows\system32\dllcache\wordpad.exe
2010-07-17 18:52 . 2010-01-13 14:01 86016 -c----w- c:\windows\system32\dllcache\cabview.dll
2010-07-17 18:49 . 2010-07-17 18:49 -------- d-----w- c:\program files\MSXML 6.0
2010-07-17 18:45 . 2010-07-17 23:53 -------- d-----w- c:\documents and settings\K. Nykol Brown\Local Settings\Application Data\Yahoo
2010-07-17 18:44 . 2010-07-17 18:44 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2010-07-17 18:43 . 2010-07-17 18:43 -------- d-sh--w- c:\documents and settings\K. Nykol Brown\IETldCache
2010-07-17 18:40 . 2010-07-17 18:40 0 ----a-w- c:\windows\nsreg.dat
2010-07-17 18:39 . 2010-07-17 18:39 -------- d-----w- c:\documents and settings\K. Nykol Brown\Local Settings\Application Data\Mozilla
2010-07-17 18:38 . 2010-07-17 18:39 -------- dc-h--w- c:\windows\ie8
2010-07-17 18:34 . 2010-07-17 18:34 -------- d-----w- c:\documents and settings\K. Nykol Brown\Local Settings\Application Data\Yahoo!
2010-07-17 18:33 . 2010-07-17 18:34 -------- d-----w- c:\documents and settings\All Users\Application Data\Yahoo!
2010-07-17 18:33 . 2010-04-20 21:45 607472 ----a-w- c:\documents and settings\All Users\Application Data\Yahoo!\YUpdater\yupdater.exe
2010-07-17 18:24 . 2010-07-17 18:24 -------- d-----w- c:\documents and settings\K. Nykol Brown\Application Data\Malwarebytes
2010-07-17 18:24 . 2010-04-29 20:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-07-17 18:24 . 2010-04-29 20:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-07-17 18:24 . 2010-07-17 18:43 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-07-17 18:24 . 2010-07-17 18:24 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-07-17 18:24 . 2010-07-17 18:24 -------- d-----w- c:\program files\Uniblue
2010-07-17 18:19 . 2010-07-17 18:19 -------- d-----w- c:\windows\system32\Adobe
2010-07-17 18:19 . 2004-08-17 00:40 16384 ----a-w- c:\windows\system32\FileOps.exe
2010-07-17 18:15 . 2010-07-18 15:59 -------- d-----w- c:\documents and settings\K. Nykol Brown\Local Settings\Application Data\Adobe
2010-07-17 18:07 . 2010-07-17 18:07 -------- d-----w- c:\documents and settings\All Users\Application Data\Adobe Systems
2010-07-17 18:07 . 2010-07-17 18:07 -------- d-----w- c:\program files\Common Files\Adobe Systems Shared
2010-07-17 18:00 . 2010-07-17 18:00 -------- d-----w- c:\program files\Microsoft Plus! Digital Media Edition
2010-07-17 17:58 . 2010-07-17 17:59 -------- d-----w- c:\program files\LimeWire
2010-07-17 17:57 . 2008-04-14 00:12 26624 ----a-w- c:\documents and settings\LocalService\Application Data\Microsoft\UPnP Device Host\upnphost\udhisapi.dll
2010-07-17 17:55 . 2004-08-04 10:00 221184 ----a-w- c:\windows\system32\wmpns.dll
2010-07-17 17:54 . 2010-07-17 17:54 -------- d-----w- c:\program files\Windows Media Connect 2
2010-07-17 17:52 . 2010-07-17 17:53 -------- d-----w- c:\windows\system32\drivers\UMDF
2010-07-17 17:52 . 2010-07-17 17:52 -------- d-----w- c:\windows\system32\LogFiles
2010-07-17 17:51 . 2010-07-17 17:51 -------- d-----w- c:\documents and settings\K. Nykol Brown\Application Data\Apple Computer
2010-07-17 17:51 . 2008-04-17 18:12 15464 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2010-07-17 17:42 . 2010-07-17 17:42 -------- d-----w- c:\program files\Microsoft ActiveSync
2010-07-17 17:41 . 2010-07-17 17:42 -------- d-----w- c:\windows\SHELLNEW
2010-07-17 17:39 . 2010-07-17 17:39 -------- d-----w- c:\program files\Extensis
2010-07-17 17:38 . 2010-07-17 18:19 -------- d-----w- c:\program files\Common Files\Adobe
2010-07-17 17:35 . 2010-07-17 17:35 -------- d-----w- c:\program files\PowerZip 7.0
2010-07-17 17:34 . 2010-07-17 17:34 -------- d-----w- c:\program files\DivX
2010-07-17 17:34 . 2010-07-17 17:34 -------- d-----w- c:\program files\Common Files\DivX Shared
2010-07-17 17:32 . 2010-07-19 03:04 -------- d-----w- c:\documents and settings\All Users\Application Data\Yahoo! Companion
2010-07-17 17:32 . 2010-07-17 18:45 -------- d-----w- c:\documents and settings\K. Nykol Brown\Application Data\Yahoo!
2010-07-17 17:32 . 2010-07-17 18:34 -------- d-----w- c:\program files\Yahoo!
2010-07-17 17:32 . 2010-07-17 17:32 -------- d-----w- c:\program files\CCleaner
2010-07-17 17:29 . 2010-07-17 17:30 -------- d-----w- c:\program files\Gamehouse
2010-07-17 17:28 . 2010-07-17 17:28 -------- d-----w- c:\documents and settings\All Users\Application Data\Zylom
2010-07-17 17:28 . 2006-03-22 09:27 98304 ----a-w- c:\documents and settings\All Users\Application Data\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll
2010-07-17 17:28 . 2006-03-22 09:27 155648 ----a-w- c:\documents and settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylomgamesplayer.dll
2010-07-17 17:28 . 2010-07-19 03:33 -------- d-----w- c:\program files\Zylom Games
2010-07-17 17:16 . 2010-07-17 17:16 -------- d-----w- c:\program files\Common Files\Nero
2010-07-17 17:15 . 2000-06-26 16:45 106496 ----a-w- c:\windows\system32\TwnLib20.dll
2010-07-17 17:15 . 2004-07-26 22:16 476320 ------w- c:\windows\system32\ImagXpr7.dll
2010-07-17 17:15 . 2004-07-26 22:16 471040 ------w- c:\windows\system32\ImagXRA7.dll
2010-07-17 17:15 . 2004-07-26 22:16 262144 ------w- c:\windows\system32\ImagXR7.dll
2010-07-17 17:15 . 2004-07-26 22:16 1568768 ------w- c:\windows\system32\ImagX7.dll
2010-07-17 17:15 . 2001-07-09 16:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe
2010-07-17 17:15 . 2010-07-17 17:15 -------- d-----w- c:\program files\Common Files\Ahead
2010-07-17 17:15 . 2010-07-17 17:15 -------- d-----w- c:\program files\Ahead
2010-07-17 17:12 . 2010-07-17 17:13 -------- d-----w- c:\program files\CyberLink

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-07-17 21:19 . 2010-07-17 15:23 77423 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-07-17 17:51 . 2010-07-17 17:50 -------- d-----w- c:\program files\iTunes
2010-07-17 17:51 . 2010-07-17 17:50 -------- d-----w- c:\documents and settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2010-07-17 17:50 . 2010-07-17 17:50 -------- d-----w- c:\program files\iPod
2010-07-17 17:50 . 2010-07-17 17:49 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer
2010-07-17 17:50 . 2010-07-17 17:50 -------- d-----w- c:\program files\Bonjour
2010-07-17 17:49 . 2010-07-17 17:49 -------- d-----w- c:\program files\QuickTime
2010-07-17 17:48 . 2010-07-17 17:48 -------- d-----w- c:\program files\Apple Software Update
2010-07-17 17:48 . 2010-07-17 17:48 -------- d-----w- c:\program files\Common Files\Apple
2010-07-17 17:48 . 2010-07-17 17:48 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple
2010-07-17 17:39 . 2010-07-17 15:50 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-07-17 16:29 . 2010-07-17 16:21 -------- d-----w- c:\program files\Dell
2010-07-17 16:22 . 2010-07-17 15:50 -------- d-----w- c:\program files\Common Files\InstallShield
2010-07-17 15:24 . 2010-07-17 15:24 -------- d-----w- c:\program files\microsoft frontpage
2010-07-17 15:21 . 2010-07-17 15:21 21640 ----a-w- c:\windows\system32\emptyregdb.dat
2010-06-14 14:31 . 2010-07-17 15:21 744448 ----a-w- c:\windows\pchealth\helpctr\binaries\helpsvc.exe
2010-05-06 10:41 . 2006-03-04 03:33 916480 ----a-w- c:\windows\system32\wininet.dll
2010-05-02 05:22 . 2004-08-04 10:00 1851264 ----a-w- c:\windows\system32\win32k.sys
2010-04-20 05:30 . 2004-08-04 10:00 285696 ----a-w- c:\windows\system32\atmfd.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="c:\documents and settings\K. Nykol Brown\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2010-07-19 136176]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2005-12-19 1347584]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2005-10-14 94208]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-10-14 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-10-14 114688]
"Dell QuickSet"="c:\program files\Dell\QuickSet\quickset.exe" [2006-04-06 1032192]
"SigmatelSysTrayApp"="stsystra.exe" [2006-03-24 282624]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-03-08 761947]
"SunJavaUpdateSched"="c:\program files\Java\j2re1.4.2_03\bin\jusched.exe" [2003-11-19 32881]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2005-01-12 32768]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-11-04 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-11-20 290088]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2010-04-29 437584]
"BlackBerryAutoUpdate"="c:\program files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe" [2010-03-11 648536]

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [7/17/2010 1:24 PM 304464]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [7/17/2010 1:24 PM 20952]
.
Contents of the 'Scheduled Tasks' folder

2010-07-17 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 17:34]

2010-07-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1417001333-2000478354-2147097355-1004Core.job
- c:\documents and settings\K. Nykol Brown\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-07-19 02:18]

2010-07-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1417001333-2000478354-2147097355-1004UA.job
- c:\documents and settings\K. Nykol Brown\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-07-19 02:18]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.yahoo.com
uInternet Connection Wizard,ShellNext = hxxp://www.dell.com/openmanage
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\K. Nykol Brown\Application Data\Mozilla\Firefox\Profiles\r2nrabz6.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - www.yahoo.com
FF - plugin: c:\documents and settings\All Users\Application Data\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll
FF - plugin: c:\documents and settings\K. Nykol Brown\Local Settings\Application Data\Google\Update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\program files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
FF - plugin: c:\program files\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: c:\program files\Java\j2re1.4.2_03\bin\NPJPI142_03.dll

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - ORPHANS REMOVED - - - -

AddRemove-Bookworm Deluxe - c:\program files\Zylom Games\Bookworm Deluxe\GameInstaller.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-07-18 22:44
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(596)
c:\windows\System32\BCMLogon.dll
.
Completion time: 2010-07-18 22:47:02
ComboFix-quarantined-files.txt 2010-07-19 03:46

Pre-Run: 43,365,998,592 bytes free
Post-Run: 43,371,462,656 bytes free

WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect /NoExecute=OptIn

- - End Of File - - D99BC1FFD1E35D6DEE02ECF31DB5BABA


#10 syler

syler

  • Malware Response Team
  • 8,150 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Warrington, UK
  • Local time:04:30 AM

Posted 03 August 2010 - 04:39 PM

Thank you.

Download TDSSKiller.zip
  • Extract it to your desktop
  • Double click TDSSKiller.exe
  • Press Start Scan
    • If Malicious objects are found then ensure Cure is selected
    • If any suspicious items are found, let it skip them for now
    • Then click Continue > Reboot now
  • Copy and paste the log in your next reply
    • A copy of the log will be saved automatically to the root of the drive (typically C:\)



1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

3. Open notepad and copy/paste the text in the quotebox below into it:

CODE
Registry::
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000000
RegLock::
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]


Save this as CFScript.txt, in the same location as ComboFix.exe




Refering to the picture above, drag CFScript into ComboFix.exe

When finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply.

unite.jpg


#11 legogirl88

legogirl88
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:10:30 PM

Posted 03 August 2010 - 10:59 PM

2010/08/03 22:41:43.0031 TDSS rootkit removing tool 2.4.0.0 Jul 22 2010 16:09:49
2010/08/03 22:41:43.0031 ================================================================================
2010/08/03 22:41:43.0031 SystemInfo:
2010/08/03 22:41:43.0031
2010/08/03 22:41:43.0031 OS Version: 5.1.2600 ServicePack: 3.0
2010/08/03 22:41:43.0031 Product type: Workstation
2010/08/03 22:41:43.0031 ComputerName: B130
2010/08/03 22:41:43.0031 UserName: K. Nykol Brown
2010/08/03 22:41:43.0031 Windows directory: C:\WINDOWS
2010/08/03 22:41:43.0031 System windows directory: C:\WINDOWS
2010/08/03 22:41:43.0031 Processor architecture: Intel x86
2010/08/03 22:41:43.0031 Number of processors: 1
2010/08/03 22:41:43.0031 Page size: 0x1000
2010/08/03 22:41:43.0031 Boot type: Normal boot
2010/08/03 22:41:43.0031 ================================================================================
2010/08/03 22:41:43.0562 Initialize success
2010/08/03 22:41:45.0281 ================================================================================
2010/08/03 22:41:45.0281 Scan started
2010/08/03 22:41:45.0281 Mode: Manual;
2010/08/03 22:41:45.0281 ================================================================================
2010/08/03 22:41:50.0000 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2010/08/03 22:41:50.0062 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
2010/08/03 22:41:50.0109 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2010/08/03 22:41:50.0171 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys
2010/08/03 22:41:50.0359 APPDRV (ec94e05b76d033b74394e7b2175103cf) C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS
2010/08/03 22:41:50.0437 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2010/08/03 22:41:50.0453 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2010/08/03 22:41:50.0500 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2010/08/03 22:41:50.0531 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2010/08/03 22:41:50.0593 BCM43XX (30d20fc98bcfd52e1da778cf19b223d4) C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
2010/08/03 22:41:50.0640 bcm4sbxp (c768c8a463d32c219ce291645a0621a4) C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys
2010/08/03 22:41:50.0703 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2010/08/03 22:41:50.0796 Bulk1528 (ed1d7546e84a3ebd7f6e900de73cf390) C:\WINDOWS\system32\Drivers\Bulk1528.sys
2010/08/03 22:41:50.0875 Ca1528av (94bf1cd4cdf4b02be835d78ca5104734) C:\WINDOWS\system32\Drivers\Ca1528av.sys
2010/08/03 22:41:51.0125 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2010/08/03 22:41:51.0171 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
2010/08/03 22:41:51.0218 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2010/08/03 22:41:51.0265 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2010/08/03 22:41:51.0296 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2010/08/03 22:41:51.0328 cercsr6 (84853b3fd012251690570e9e7e43343f) C:\WINDOWS\system32\drivers\cercsr6.sys
2010/08/03 22:41:51.0406 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
2010/08/03 22:41:51.0437 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
2010/08/03 22:41:51.0515 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2010/08/03 22:41:51.0578 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
2010/08/03 22:41:51.0625 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
2010/08/03 22:41:51.0640 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2010/08/03 22:41:51.0687 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2010/08/03 22:41:51.0750 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2010/08/03 22:41:51.0781 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2010/08/03 22:41:51.0921 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
2010/08/03 22:41:51.0937 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
2010/08/03 22:41:51.0968 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
2010/08/03 22:41:52.0031 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
2010/08/03 22:41:52.0078 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2010/08/03 22:41:52.0093 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2010/08/03 22:41:52.0140 GEARAspiWDM (ab8a6a87d9d7255c3884d5b9541a6e80) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
2010/08/03 22:41:52.0171 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2010/08/03 22:41:52.0203 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
2010/08/03 22:41:52.0250 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2010/08/03 22:41:52.0328 HSFHWAZL (1c8caa80e91fb71864e9426f9eed048d) C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
2010/08/03 22:41:52.0484 HSF_DPV (698204d9c2832e53633e53a30a53fc3d) C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
2010/08/03 22:41:52.0593 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2010/08/03 22:41:52.0750 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2010/08/03 22:41:52.0859 ialm (5a8e05f1d5c36abd58cffa111eb325ea) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
2010/08/03 22:41:53.0000 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2010/08/03 22:41:53.0046 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
2010/08/03 22:41:53.0109 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
2010/08/03 22:41:53.0140 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
2010/08/03 22:41:53.0203 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2010/08/03 22:41:53.0218 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2010/08/03 22:41:53.0250 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2010/08/03 22:41:53.0296 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2010/08/03 22:41:53.0328 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2010/08/03 22:41:53.0359 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2010/08/03 22:41:53.0453 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2010/08/03 22:41:53.0515 klmd24 (6485ad0a17a0d6286b4d44c652adabb2) C:\WINDOWS\system32\drivers\klmd.sys
2010/08/03 22:41:53.0562 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2010/08/03 22:41:53.0625 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2010/08/03 22:41:53.0671 MBAMProtector (67b48a903430c6d4fb58cbaca1866601) C:\WINDOWS\system32\drivers\mbam.sys
2010/08/03 22:41:53.0718 mdmxsdk (3c318b9cd391371bed62126581ee9961) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
2010/08/03 22:41:53.0796 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2010/08/03 22:41:53.0828 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
2010/08/03 22:41:53.0843 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2010/08/03 22:41:53.0906 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2010/08/03 22:41:54.0015 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2010/08/03 22:41:54.0109 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2010/08/03 22:41:54.0156 MRxSmb (f3aefb11abc521122b67095044169e98) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2010/08/03 22:41:54.0187 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2010/08/03 22:41:54.0218 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2010/08/03 22:41:54.0234 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2010/08/03 22:41:54.0250 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2010/08/03 22:41:54.0281 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2010/08/03 22:41:54.0343 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
2010/08/03 22:41:54.0359 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
2010/08/03 22:41:54.0406 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
2010/08/03 22:41:54.0484 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2010/08/03 22:41:54.0609 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
2010/08/03 22:41:54.0687 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2010/08/03 22:41:54.0703 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2010/08/03 22:41:54.0718 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2010/08/03 22:41:54.0750 NDProxy (6215023940cfd3702b46abc304e1d45a) C:\WINDOWS\system32\drivers\NDProxy.sys
2010/08/03 22:41:54.0781 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2010/08/03 22:41:54.0812 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2010/08/03 22:41:54.0843 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2010/08/03 22:41:54.0906 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2010/08/03 22:41:55.0000 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2010/08/03 22:41:55.0093 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2010/08/03 22:41:55.0140 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2010/08/03 22:41:55.0218 OMCI (cec7e2c6c1fa00c7ab2f5434f848ae51) C:\WINDOWS\SYSTEM32\DRIVERS\OMCI.SYS
2010/08/03 22:41:55.0281 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys
2010/08/03 22:41:55.0312 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2010/08/03 22:41:55.0343 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
2010/08/03 22:41:55.0406 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
2010/08/03 22:41:55.0453 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\drivers\PCIIde.sys
2010/08/03 22:41:55.0484 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
2010/08/03 22:41:55.0671 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2010/08/03 22:41:55.0703 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2010/08/03 22:41:55.0734 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2010/08/03 22:41:55.0765 PxHelp20 (fd9d44ec6d99edfa3782f870b7e00682) C:\WINDOWS\system32\DRIVERS\PxHelp20.sys
2010/08/03 22:41:55.0890 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2010/08/03 22:41:55.0921 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2010/08/03 22:41:55.0937 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2010/08/03 22:41:55.0953 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2010/08/03 22:41:55.0984 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2010/08/03 22:41:56.0031 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2010/08/03 22:41:56.0093 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
2010/08/03 22:41:56.0125 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
2010/08/03 22:41:56.0187 RimUsb (f17713d108aca124a139fde877eef68a) C:\WINDOWS\system32\Drivers\RimUsb.sys
2010/08/03 22:41:56.0218 RimVSerPort (2c4fb2e9f039287767c384e46ee91030) C:\WINDOWS\system32\DRIVERS\RimSerial.sys
2010/08/03 22:41:56.0250 ROOTMODEM (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\WINDOWS\system32\Drivers\RootMdm.sys
2010/08/03 22:41:56.0296 Secdrv (890cada2ab7acf53a5f9cce7515522a2) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2010/08/03 22:41:56.0390 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys
2010/08/03 22:41:56.0421 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
2010/08/03 22:41:56.0500 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
2010/08/03 22:41:56.0562 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2010/08/03 22:41:56.0593 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
2010/08/03 22:41:56.0687 Srv (89220b427890aa1dffd1a02648ae51c3) C:\WINDOWS\system32\DRIVERS\srv.sys
2010/08/03 22:41:56.0796 STHDA (3ad78e22210d3fbd9f76de84a8df19b5) C:\WINDOWS\system32\drivers\sthda.sys
2010/08/03 22:41:56.0906 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
2010/08/03 22:41:56.0953 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2010/08/03 22:41:56.0984 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2010/08/03 22:41:57.0140 SynTP (fa2daa32bed908023272a0f77d625dae) C:\WINDOWS\system32\DRIVERS\SynTP.sys
2010/08/03 22:41:57.0187 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2010/08/03 22:41:57.0281 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2010/08/03 22:41:57.0343 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2010/08/03 22:41:57.0406 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2010/08/03 22:41:57.0453 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2010/08/03 22:41:57.0500 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2010/08/03 22:41:57.0578 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2010/08/03 22:41:57.0625 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2010/08/03 22:41:57.0656 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2010/08/03 22:41:57.0687 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2010/08/03 22:41:57.0718 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2010/08/03 22:41:57.0734 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2010/08/03 22:41:57.0781 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2010/08/03 22:41:57.0906 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
2010/08/03 22:41:57.0937 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2010/08/03 22:41:58.0015 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2010/08/03 22:41:58.0109 winachsf (74cf3f2e4e40c4a2e18d39d6300a5c24) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
2010/08/03 22:41:58.0203 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
2010/08/03 22:41:58.0250 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2010/08/03 22:41:58.0312 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2010/08/03 22:41:58.0375 ================================================================================
2010/08/03 22:41:58.0375 Scan finished
2010/08/03 22:41:58.0375 ================================================================================




ComboFix 10-08-03.02 - K. Nykol Brown 08/03/2010 22:47:38.3.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.503.133 [GMT -5:00]
Running from: c:\documents and settings\K. Nykol Brown\My Documents\Downloads\ComboFix.exe
Command switches used :: c:\documents and settings\K. Nykol Brown\My Documents\Downloads\CFScript.txt
.

((((((((((((((((((((((((( Files Created from 2010-07-04 to 2010-08-04 )))))))))))))))))))))))))))))))
.

2010-08-02 16:02 . 2010-08-02 16:02 -------- d-----w- C:\_OTL
2010-08-02 16:00 . 2010-08-02 16:00 167936 ----a-w- c:\windows\system32\appmgmts.dll
2010-08-02 16:00 . 2010-08-02 16:00 21504 -c--a-w- c:\windows\system32\dllcache\hidserv.dll
2010-08-02 16:00 . 2010-08-02 16:00 21504 ----a-w- c:\windows\system32\hidserv.dll
2010-08-01 18:03 . 2010-08-01 18:03 -------- d-----w- c:\documents and settings\K. Nykol Brown\Application Data\DivX
2010-08-01 17:58 . 2010-08-01 17:58 -------- d-----w- c:\documents and settings\K. Nykol Brown\Local Settings\Application Data\WMTools Downloaded Files
2010-07-25 23:46 . 2010-07-25 23:46 3400 ----a-w- c:\windows\system32\SpoonUninstall-dBpoweramp Windows Media Audio 10 Codec.dat
2010-07-25 23:46 . 2010-07-25 23:46 10901680 ----a-w- c:\windows\system32\SpoonUninstall.exe
2010-07-25 22:47 . 2010-07-25 22:47 503808 ----a-w- c:\documents and settings\K. Nykol Brown\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-26e8652c-n\msvcp71.dll
2010-07-25 22:47 . 2010-07-25 22:47 499712 ----a-w- c:\documents and settings\K. Nykol Brown\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-26e8652c-n\jmc.dll
2010-07-25 22:47 . 2010-07-25 22:47 348160 ----a-w- c:\documents and settings\K. Nykol Brown\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-26e8652c-n\msvcr71.dll
2010-07-25 22:47 . 2010-07-25 22:47 61440 ----a-w- c:\documents and settings\K. Nykol Brown\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-101df45a-n\decora-sse.dll
2010-07-25 22:47 . 2010-07-25 22:47 12800 ----a-w- c:\documents and settings\K. Nykol Brown\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-101df45a-n\decora-d3d.dll
2010-07-25 22:47 . 2010-07-25 22:47 423656 ----a-w- c:\windows\system32\deployJava1.dll
2010-07-25 04:48 . 2010-07-25 05:30 -------- d-----w- c:\documents and settings\K. Nykol Brown\Application Data\Uniblue
2010-07-24 13:26 . 2008-04-13 18:46 10880 -c--a-w- c:\windows\system32\dllcache\ndisip.sys
2010-07-24 13:26 . 2008-04-13 18:46 10880 ----a-w- c:\windows\system32\drivers\NdisIP.sys
2010-07-24 13:26 . 2008-04-13 18:39 5504 -c--a-w- c:\windows\system32\dllcache\mstee.sys
2010-07-24 13:26 . 2008-04-13 18:39 5504 ----a-w- c:\windows\system32\drivers\MSTEE.sys
2010-07-24 13:26 . 2008-04-13 18:46 15232 -c--a-w- c:\windows\system32\dllcache\streamip.sys
2010-07-24 13:26 . 2008-04-13 18:46 15232 ----a-w- c:\windows\system32\drivers\StreamIP.sys
2010-07-24 13:26 . 2008-04-13 18:46 11136 -c--a-w- c:\windows\system32\dllcache\slip.sys
2010-07-24 13:26 . 2008-04-13 18:46 11136 ----a-w- c:\windows\system32\drivers\SLIP.sys
2010-07-24 13:25 . 2008-04-13 18:46 19200 -c--a-w- c:\windows\system32\dllcache\wstcodec.sys
2010-07-24 13:25 . 2008-04-13 18:46 19200 ----a-w- c:\windows\system32\drivers\WSTCODEC.SYS
2010-07-24 13:25 . 2008-04-13 18:46 85248 -c--a-w- c:\windows\system32\dllcache\nabtsfec.sys
2010-07-24 13:25 . 2008-04-13 18:46 85248 ----a-w- c:\windows\system32\drivers\NABTSFEC.sys
2010-07-24 13:25 . 2008-04-13 18:46 17024 -c--a-w- c:\windows\system32\dllcache\ccdecode.sys
2010-07-24 13:25 . 2008-04-13 18:46 17024 ----a-w- c:\windows\system32\drivers\CCDECODE.sys
2010-07-24 13:25 . 2008-04-14 00:12 53760 -c--a-w- c:\windows\system32\dllcache\vfwwdm32.dll
2010-07-24 13:25 . 2008-04-14 00:12 53760 ----a-w- c:\windows\system32\vfwwdm32.dll
2010-07-24 13:25 . 2008-12-16 20:44 516480 ----a-w- c:\windows\system32\drivers\Ca1528av.sys
2010-07-24 13:25 . 2008-06-27 21:41 11648 ----a-w- c:\windows\system32\drivers\Bulk1528.sys
2010-07-24 13:25 . 2002-01-19 20:33 131072 ----a-w- c:\windows\system\SP5X_32.DLL
2010-07-24 13:25 . 2010-07-24 13:25 -------- d-----w- c:\program files\SPCA1528
2010-07-24 13:24 . 2010-07-24 13:24 -------- d-----w- c:\documents and settings\All Users\Application Data\Vivitar
2010-07-24 13:24 . 2008-12-18 00:22 57344 ----a-w- c:\windows\system32\ff_vfw.dll
2010-07-24 13:24 . 2010-07-25 05:29 -------- d-----w- c:\program files\ffdshow
2010-07-24 13:24 . 2008-12-11 18:26 60273 ----a-w- c:\windows\system32\pthreadGC2.dll
2010-07-24 13:23 . 2010-07-24 13:24 -------- d-----w- c:\program files\Vivitar Experience Image Manager
2010-07-23 16:26 . 2010-07-23 16:26 -------- d-----w- c:\program files\Trend Micro
2010-07-22 17:27 . 2010-07-22 17:27 -------- d-----w- c:\documents and settings\NetworkService\Application Data\Yahoo!
2010-07-22 17:27 . 2010-07-22 17:27 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Apple
2010-07-21 05:28 . 2010-07-21 05:28 525 ----a-w- c:\windows\eReg.dat
2010-07-19 04:03 . 2010-07-09 13:44 32824 ----a-w- c:\windows\system32\rrMon.sys
2010-07-19 04:03 . 2010-07-19 04:03 -------- d-----w- c:\program files\Registrar Registry Manager
2010-07-19 03:10 . 2010-07-19 03:10 -------- d-sh--w- c:\documents and settings\K. Nykol Brown\IECompatCache
2010-07-19 02:18 . 2010-07-27 04:26 -------- d-----w- c:\documents and settings\K. Nykol Brown\Local Settings\Application Data\Temp
2010-07-19 02:18 . 2010-07-19 02:21 -------- d-----w- c:\documents and settings\K. Nykol Brown\Local Settings\Application Data\Google
2010-07-18 20:08 . 2010-07-18 20:08 -------- d-----w- c:\windows\system32\XPSViewer
2010-07-18 20:08 . 2010-07-18 20:08 -------- d-----w- c:\program files\MSBuild
2010-07-18 20:08 . 2010-07-18 20:08 -------- d-----w- c:\program files\Reference Assemblies
2010-07-18 20:08 . 2008-07-06 12:06 89088 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
2010-07-18 20:07 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2010-07-18 20:07 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2010-07-18 20:07 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
2010-07-18 20:07 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
2010-07-18 20:07 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2010-07-18 20:07 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\Spool\prtprocs\w32x86\printfilterpipelinesvc.exe
2010-07-18 20:07 . 2010-07-18 20:08 -------- d-----w- C:\242aea37d657bf588fbdf238e3
2010-07-18 20:07 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2010-07-18 20:07 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
2010-07-18 20:02 . 2010-07-18 20:02 -------- d-----w- c:\documents and settings\All Users\Application Data\Research In Motion
2010-07-18 17:23 . 2010-07-18 17:24 -------- d-----w- c:\windows\ie8updates
2010-07-18 15:58 . 2010-05-06 10:41 599040 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2010-07-18 15:58 . 2010-05-06 10:41 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2010-07-18 15:58 . 2010-05-06 10:41 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2010-07-18 15:58 . 2010-05-06 10:41 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2010-07-18 15:58 . 2010-05-06 10:41 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll
2010-07-18 15:57 . 2010-05-06 10:41 1985536 -c----w- c:\windows\system32\dllcache\iertutil.dll
2010-07-18 15:57 . 2010-05-06 10:41 11076096 -c----w- c:\windows\system32\dllcache\ieframe.dll
2010-07-18 01:22 . 2010-07-21 05:25 -------- d-----w- c:\program files\EA GAMES
2010-07-18 01:13 . 2010-07-18 01:13 14 ----a-w- c:\windows\popcinfo.dat
2010-07-17 23:53 . 2010-07-17 23:53 -------- d-sh--w- c:\documents and settings\K. Nykol Brown\PrivacIE
2010-07-17 21:16 . 2010-07-17 21:16 -------- d-----w- c:\windows\system32\scripting
2010-07-17 21:16 . 2010-07-17 21:16 -------- d-----w- c:\windows\l2schemas
2010-07-17 21:15 . 2010-07-17 21:15 -------- d-----w- c:\windows\system32\en
2010-07-17 21:15 . 2010-07-17 21:15 -------- d-----w- c:\windows\system32\bits
2010-07-17 20:11 . 2010-07-17 20:11 -------- d-----w- c:\windows\system32\MpEngineStore
2010-07-17 19:54 . 2008-04-14 00:12 144384 ------w- c:\windows\system32\onex.dll
2010-07-17 19:53 . 2008-04-14 00:11 7168 ------w- c:\windows\system32\bitsprx4.dll
2010-07-17 19:53 . 2008-04-14 00:11 233472 ------w- c:\windows\system32\azroles.dll
2010-07-17 19:53 . 2008-04-14 00:11 136192 ------w- c:\windows\system32\aaclient.dll
2010-07-17 19:20 . 2010-07-17 19:20 -------- d-----w- c:\documents and settings\K. Nykol Brown\Application Data\Blackberry Desktop
2010-07-17 19:17 . 2008-04-13 18:45 32128 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2010-07-17 19:17 . 2008-06-13 11:05 272128 -c----w- c:\windows\system32\dllcache\bthport.sys
2010-07-17 19:16 . 2009-12-31 16:50 353792 -c----w- c:\windows\system32\dllcache\srv.sys
2010-07-17 19:16 . 2010-02-24 13:11 455680 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2010-07-17 19:16 . 2009-11-21 15:51 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll
2010-07-17 19:14 . 2010-07-30 03:48 256 ----a-w- c:\windows\system32\pool.bin
2010-07-17 19:14 . 2010-07-17 19:14 -------- d-----w- c:\documents and settings\K. Nykol Brown\Application Data\Research In Motion
2010-07-17 19:12 . 2008-05-08 14:02 203136 -c----w- c:\windows\system32\dllcache\rmcast.sys
2010-07-17 19:12 . 2010-06-14 14:31 744448 -c----w- c:\windows\system32\dllcache\helpsvc.exe
2010-07-17 19:11 . 2009-10-15 16:28 81920 -c----w- c:\windows\system32\dllcache\fontsub.dll
2010-07-17 19:11 . 2009-10-15 16:28 119808 -c----w- c:\windows\system32\dllcache\t2embed.dll
2010-07-17 19:08 . 2009-03-06 14:22 284160 -c----w- c:\windows\system32\dllcache\pdh.dll
2010-07-17 19:08 . 2009-06-25 08:25 730112 -c----w- c:\windows\system32\dllcache\lsasrv.dll
2010-07-17 19:08 . 2009-02-09 12:10 617472 -c----w- c:\windows\system32\dllcache\advapi32.dll
2010-07-17 19:08 . 2009-02-09 12:10 473600 -c----w- c:\windows\system32\dllcache\fastprox.dll
2010-07-17 19:08 . 2009-02-09 12:10 453120 -c----w- c:\windows\system32\dllcache\wmiprvsd.dll
2010-07-17 19:08 . 2009-02-09 12:10 401408 -c----w- c:\windows\system32\dllcache\rpcss.dll
2010-07-17 19:08 . 2009-02-06 11:11 110592 -c----w- c:\windows\system32\dllcache\services.exe
2010-07-17 19:08 . 2009-02-06 10:10 227840 -c----w- c:\windows\system32\dllcache\wmiprvse.exe
2010-07-17 19:08 . 2009-02-09 12:10 714752 -c----w- c:\windows\system32\dllcache\ntdll.dll
2010-07-17 19:08 . 2010-02-17 14:10 2189952 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe
2010-07-17 19:08 . 2010-02-16 14:08 2146304 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2010-07-17 19:08 . 2010-02-16 13:25 2024448 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2010-07-17 19:07 . 2009-01-09 21:18 27136 ----a-r- c:\windows\system32\drivers\RimSerial.sys
2010-07-17 19:06 . 2010-07-17 19:06 -------- d-----w- c:\program files\Common Files\Roxio Shared
2010-07-17 19:05 . 2010-07-17 19:06 -------- d-----w- c:\program files\Common Files\Research In Motion
2010-07-17 19:05 . 2010-07-17 19:05 -------- d-----w- c:\program files\Research In Motion
2010-07-17 18:58 . 2008-10-15 16:34 337408 -c----w- c:\windows\system32\dllcache\netapi32.dll
2010-07-17 18:58 . 2008-05-03 11:55 2560 ------w- c:\windows\system32\xpsp4res.dll
2010-07-17 18:58 . 2008-04-21 12:08 215552 -c----w- c:\windows\system32\dllcache\wordpad.exe
2010-07-17 18:52 . 2010-01-13 14:01 86016 -c----w- c:\windows\system32\dllcache\cabview.dll
2010-07-17 18:49 . 2010-07-17 18:49 -------- d-----w- c:\program files\MSXML 6.0
2010-07-17 18:45 . 2010-07-17 23:53 -------- d-----w- c:\documents and settings\K. Nykol Brown\Local Settings\Application Data\Yahoo
2010-07-17 18:44 . 2010-07-17 18:44 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2010-07-17 18:43 . 2010-07-17 18:43 -------- d-sh--w- c:\documents and settings\K. Nykol Brown\IETldCache
2010-07-17 18:40 . 2010-07-17 18:40 0 ----a-w- c:\windows\nsreg.dat
2010-07-17 18:39 . 2010-07-17 18:39 -------- d-----w- c:\documents and settings\K. Nykol Brown\Local Settings\Application Data\Mozilla
2010-07-17 18:38 . 2010-07-17 18:39 -------- dc-h--w- c:\windows\ie8
2010-07-17 18:34 . 2010-07-17 18:34 -------- d-----w- c:\documents and settings\K. Nykol Brown\Local Settings\Application Data\Yahoo!
2010-07-17 18:33 . 2010-07-17 18:34 -------- d-----w- c:\documents and settings\All Users\Application Data\Yahoo!
2010-07-17 18:33 . 2010-04-20 21:45 607472 ----a-w- c:\documents and settings\All Users\Application Data\Yahoo!\YUpdater\yupdater.exe

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-04 03:22 . 2010-07-25 22:48 -------- d-----w- c:\documents and settings\K. Nykol Brown\Application Data\LimeWire
2010-07-24 13:25 . 2010-07-17 15:50 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-07-23 04:23 . 2004-08-04 10:00 12464 ----a-w- c:\windows\system32\drivers\secdrv.sys
2010-07-17 21:19 . 2010-07-17 15:23 77423 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-07-17 17:51 . 2010-07-17 17:50 -------- d-----w- c:\program files\iTunes
2010-07-17 17:51 . 2010-07-17 17:50 -------- d-----w- c:\documents and settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2010-07-17 17:50 . 2010-07-17 17:50 -------- d-----w- c:\program files\iPod
2010-07-17 17:50 . 2010-07-17 17:49 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer
2010-07-17 17:50 . 2010-07-17 17:50 -------- d-----w- c:\program files\Bonjour
2010-07-17 17:49 . 2010-07-17 17:49 -------- d-----w- c:\program files\QuickTime
2010-07-17 17:48 . 2010-07-17 17:48 -------- d-----w- c:\program files\Apple Software Update
2010-07-17 17:48 . 2010-07-17 17:48 -------- d-----w- c:\program files\Common Files\Apple
2010-07-17 17:48 . 2010-07-17 17:48 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple
2010-07-17 16:29 . 2010-07-17 16:21 -------- d-----w- c:\program files\Dell
2010-07-17 16:22 . 2010-07-17 15:50 -------- d-----w- c:\program files\Common Files\InstallShield
2010-07-17 15:24 . 2010-07-17 15:24 -------- d-----w- c:\program files\microsoft frontpage
2010-07-17 15:21 . 2010-07-17 15:21 21640 ----a-w- c:\windows\system32\emptyregdb.dat
2010-06-14 14:31 . 2010-07-17 15:21 744448 ----a-w- c:\windows\pchealth\helpctr\binaries\helpsvc.exe
2010-05-06 10:41 . 2006-03-04 03:33 916480 ----a-w- c:\windows\system32\wininet.dll
.

((((((((((((((((((((((((((((( SnapShot@2010-08-03_04.33.15 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-08-04 03:22 . 2010-08-04 03:22 16384 c:\windows\temp\Perflib_Perfdata_6b8.dat
+ 2004-08-04 10:00 . 2010-07-27 06:30 8462336 c:\windows\system32\shell32.dll
+ 2008-06-17 19:02 . 2010-07-27 06:30 8462336 c:\windows\system32\dllcache\shell32.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="c:\documents and settings\K. Nykol Brown\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2010-07-19 136176]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2005-12-19 1347584]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2005-10-14 94208]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-10-14 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-10-14 114688]
"Dell QuickSet"="c:\program files\Dell\QuickSet\quickset.exe" [2006-04-06 1032192]
"SigmatelSysTrayApp"="stsystra.exe" [2006-03-24 282624]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-03-08 761947]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2005-01-12 32768]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-11-04 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-11-20 290088]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2010-04-29 437584]
"BlackBerryAutoUpdate"="c:\program files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe" [2010-03-11 648536]

c:\documents and settings\K. Nykol Brown\Start Menu\Programs\Startup\
LimeWire On Startup.lnk - c:\program files\LimeWire\LimeWire.exe [2010-5-26 503808]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=

R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [7/17/2010 1:24 PM 304464]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [7/17/2010 1:24 PM 20952]
S2 Ca1528av;SPCA1528 Video Camera Service;c:\windows\system32\drivers\Ca1528av.sys [7/24/2010 8:25 AM 516480]
S3 Bulk1528;SPCA1528 Still Camera Service;c:\windows\system32\drivers\Bulk1528.sys [7/24/2010 8:25 AM 11648]

--- Other Services/Drivers In Memory ---

*NewlyCreated* - KLMD24
*Deregistered* - klmd24
.
Contents of the 'Scheduled Tasks' folder

2010-07-22 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 17:34]

2010-08-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1417001333-2000478354-2147097355-1004Core.job
- c:\documents and settings\K. Nykol Brown\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-07-19 02:18]

2010-08-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1417001333-2000478354-2147097355-1004UA.job
- c:\documents and settings\K. Nykol Brown\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-07-19 02:18]

2010-07-25 c:\windows\Tasks\Uniblue SpyEraser.job
- c:\program files\Uniblue\SpyEraser\SpyEraser.exe [2010-07-17 14:03]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.yahoo.com
uInternet Connection Wizard,ShellNext = hxxp://www.dell.com/openmanage
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\K. Nykol Brown\Application Data\Mozilla\Firefox\Profiles\r2nrabz6.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - www.yahoo.com
FF - plugin: c:\documents and settings\All Users\Application Data\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll
FF - plugin: c:\documents and settings\K. Nykol Brown\Local Settings\Application Data\Google\Update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\program files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
FF - plugin: c:\program files\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.count", 24);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.size", 4096);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-08-03 22:54
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(600)
c:\windows\System32\BCMLogon.dll

- - - - - - - > 'explorer.exe'(2228)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2010-08-03 22:57:58
ComboFix-quarantined-files.txt 2010-08-04 03:57
ComboFix2.txt 2010-08-03 04:36
ComboFix3.txt 2010-07-19 03:47

Pre-Run: 43,031,449,600 bytes free
Post-Run: 43,022,794,752 bytes free

- - End Of File - - EBD6C110267A72DC0CD1EC672D5FA359


#12 syler

syler

  • Malware Response Team
  • 8,150 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Warrington, UK
  • Local time:04:30 AM

Posted 04 August 2010 - 05:03 AM

Can you tell me if your searches are still being redirected?

unite.jpg


#13 legogirl88

legogirl88
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:10:30 PM

Posted 04 August 2010 - 11:16 AM

Unfortunately, they are, well Yahoo search does. Google seems to be ok. I don't understand, my system is fairly "clean". The redirect is "www.results.yahoo.com", then it takes me to a site that is related to my search but it's a spam site most likely. I really appreciate your efforts btw, thanks!

#14 syler

syler

  • Malware Response Team
  • 8,150 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Warrington, UK
  • Local time:04:30 AM

Posted 04 August 2010 - 12:47 PM

So at the moment this is only happening on yahoo searches, does this happen in IE, Firefox or both. You have said that
your girlfriends laptop does the exact same thing, is she connected to the same router as you when this happens on her
machine?

  • Go to Start >> Run
  • Copy and paste the following command line into the Run box, then click OK.
cmd /c mbr -t& start mbr.log
  • A file called mbr.log will pop up please post the contents in your reply.

unite.jpg


#15 legogirl88

legogirl88
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:10:30 PM

Posted 04 August 2010 - 10:37 PM

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys atapi.sys hal.dll intelide.sys PCIIDEX.SYS
kernel: MBR read successfully
user & kernel MBR OK


It redirects in IE, Firefox, and Chrome. And my girlfriends computer redirects here and at her house across town. I loaded some of the same programs on her computer as mine, so I thought that might be it. It was a few game files that I had downloaded from the net, but that was a LONG time ago. This redirection just started a few months ago.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users