Need a geek? Geeks to Go offers free, quality tech support -- in terms anyone can understand. Volunteers are waiting to help, friendly, technology experts who have knowledge to share, and enjoy helping others. Feel free to browse the site as a guest. However, you must log in to reply to existing topics, or to start a new topic of your own. Other benefits of joining include richer forum features, and removal of all advertising. Learn more in our Welcome Guide Infected? Malware and Spyware Cleaning Guide. What are you waiting for? Click here to join for free today!
 
 Closed TopicStart new topic
Trojan.Win32.AutoRun, IM-Worm.Win32.Sohanad.t [Solved], System infected by backdoor trojan
aravindps
post Oct 14 2009, 01:53 PM
Post #1


New Member
*
Posts: 6
OS: Windows XP
Hi,
My system is infected by virus. Some system files have been infected. Let me know what to do. Can I delete them through the anti-virus software? It is not able to disinfect the affected files.

DETAILS:

Malwarebytes' Anti-Malware report:

Malwarebytes' Anti-Malware 1.41
Database version: 2775
Windows 5.1.2600 Service Pack 2

10/12/2009 10:59:27 PM
mbam-log-2009-10-12 (22-59-19).txt

Scan type: Quick Scan
Objects scanned: 93166
Time elapsed: 2 minute(s), 42 second(s)

Memory Processes Infected: 1
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 1
Registry Data Items Infected: 4
Folders Infected: 0
Files Infected: 2

Memory Processes Infected:
C:\WINDOWS\system32\SSVICHOSST.exe (Worm.Sohanad) -> No action taken.

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\yahoo messengger (Worm.Sohanad) -> No action taken.

Registry Data Items Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoFolderOptions (Hijack.FolderOptions) -> Bad: (1) Good: (0) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools (Hijack.Regedit) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell (Hijack.Shell) -> Bad: (Explorer.exe SSVICHOSST.exe) Good: (Explorer.exe) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (Hijack.TaskManager) -> Bad: (1) Good: (0) -> No action taken.

Folders Infected:
(No malicious items detected)

Files Infected:
C:\WINDOWS\system32\SSVICHOSST.exe (Worm.Sohanad) -> No action taken.
C:\WINDOWS\SSVICHOSST.exe (Worm.Sohanad) -> No action taken.

------------------------------------------------------
Malwarebytes' Anti-Malware has disinfected the registry and cmd is also enable now.

------------------------------------------------------

Detection by kaspersky anti-virus:

detected: virus IM-Worm.Win32.Sohanad.t File: C:\System Volume Information\_restore{3370654A-84FC-44EB-A655-9AFBA0EDDBD6}\RP28\A0001567.exe
detected: virus IM-Worm.Win32.Sohanad.t File: C:\System Volume Information\_restore{3370654A-84FC-44EB-A655-9AFBA0EDDBD6}\RP28\A0001574.exe
detected: Trojan program Trojan.Win32.AutoRun.a File: C:\System Volume Information\_restore{3370654A-84FC-44EB-A655-9AFBA0EDDBD6}\RP28\A0001575.ini
detected: virus IM-Worm.Win32.Sohanad.t File: C:\System Volume Information\_restore{3370654A-84FC-44EB-A655-9AFBA0EDDBD6}\RP29\A0001587.exe
detected: virus IM-Worm.Win32.Sohanad.t File: C:\System Volume Information\_restore{3370654A-84FC-44EB-A655-9AFBA0EDDBD6}\RP29\A0001588.exe
detected: Trojan program Trojan.Win32.AutoRun.a File: C:\System Volume Information\_restore{3370654A-84FC-44EB-A655-9AFBA0EDDBD6}\RP29\A0001589.ini
detected: virus IM-Worm.Win32.Sohanad.t File: C:\System Volume Information\_restore{3370654A-84FC-44EB-A655-9AFBA0EDDBD6}\RP32\A0001661.exe
detected: virus IM-Worm.Win32.Sohanad.t File: C:\System Volume Information\_restore{3370654A-84FC-44EB-A655-9AFBA0EDDBD6}\RP34\A0001714.exe
detected: virus IM-Worm.Win32.Sohanad.t File: C:\System Volume Information\_restore{3370654A-84FC-44EB-A655-9AFBA0EDDBD6}\RP35\A0001744.exe
detected: virus IM-Worm.Win32.Sohanad.t File: C:\System Volume Information\_restore{3370654A-84FC-44EB-A655-9AFBA0EDDBD6}\RP35\A0001776.exe
deleted: Trojan program Trojan.Win32.AutoRun.a File: C:\System Volume Information\_restore{3370654A-84FC-44EB-A655-9AFBA0EDDBD6}\RP35\A0001799.ini
detected: Trojan program Trojan.Win32.AutoRun.a File: C:\WINDOWS\system32\autorun.ini
-------------------------------------------------

Thanks,
aravind

This post has been edited by aravindps: Oct 14 2009, 01:56 PM
Go to the top of the page
 
+Quote Post
aravindps
post Oct 20 2009, 12:49 PM
Post #2


New Member
*
Posts: 6
OS: Windows XP
HI,
Can I delete the system files which are infected?

Thanks,
aravind
Go to the top of the page
 
+Quote Post
emeraldnzl
post Oct 22 2009, 02:33 PM
Post #3


Trusted Helper
Group Icon
Posts: 8,065
OS: XP Pro
Hello aravindps,

Welcome to Geekstogo.

Let's carry out that Malwarbytes scan again but this time fix those ones it found.

That is, make sure you do this bit:

When the scan is complete, click OK, then Show Results to view the results.
Make sure that everything is checked, and click Remove Selected.

The ones it found are bad ones and it won't hurt your machine to remove them. smile.gif

After that

  • Download OTL to your desktop.
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • Under the Standard Registry box change it to All.
  • Check the boxes beside LOP Check and Purity Check.
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply.

So when you return please post
  • MBAM report
  • the two OTL scan logs - OTL.txt and Extras.txt
Go to the top of the page
 
+Quote Post
aravindps
post Oct 27 2009, 12:56 AM
Post #4


New Member
*
Posts: 6
OS: Windows XP
Hi,
Thanks for the response.

The MBAM log is attached below:
------------------------------------------------

Malwarebytes' Anti-Malware 1.41
Database version: 2948
Windows 5.1.2600 Service Pack 2

10/27/2009 12:19:01 PM
mbam-log-2009-10-27 (12-19-01).txt

Scan type: Quick Scan
Objects scanned: 98616
Time elapsed: 1 minute(s), 23 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


------------------------------------------------


The OTL log is attached below: only OTL.txt was generated.
-----------------------------------------------

OTL logfile created on: 10/27/2009 12:14:52 PM - Run 2
OTL by OldTimer - Version 3.0.18.4 Folder = D:\Program Files\PC_Protection_Software\OTL_CheckRegistry SystemFiles_ForMalware
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.90 Gb Available Physical Memory | 94.99% Memory free
4.00 Gb Paging File | 3.86 Gb Available in Paging File | 96.52% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.54 Gb Total Space | 21.09 Gb Free Space | 56.17% Space Free | Partition Type: NTFS
Drive D: | 48.83 Gb Total Space | 45.66 Gb Free Space | 93.50% Space Free | Partition Type: NTFS
Drive E: | 48.83 Gb Total Space | 2.37 Gb Free Space | 4.86% Space Free | Partition Type: NTFS
Drive F: | 48.83 Gb Total Space | 31.61 Gb Free Space | 64.72% Space Free | Partition Type: NTFS
Drive G: | 48.83 Gb Total Space | 48.76 Gb Free Space | 99.86% Space Free | Partition Type: NTFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ARAVIND
Current User Name: Home
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\WINDOWS\System32\nvsvc32.exe (NVIDIA Corporation)
PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\WINDOWS\Explorer.EXE (Microsoft Corporation)
PRC - C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)
PRC - D:\Program Files\Corel\Corel MediaOne\CorelIOMonitor.exe ()
PRC - D:\Program Files\QuickTime\qttask.exe (Apple Computer, Inc.)
PRC - C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe (Macrovision Corporation)
PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - D:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
PRC - D:\Program Files\Java\1.6\jdk\bin\javaw.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE ()
PRC - D:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
PRC - C:\WINDOWS\System32\PSIService.exe ()
PRC - C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
PRC - C:\WINDOWS\DOWNLO~1\DMService.exe ()
PRC - C:\Program Files\Whale Communications\Client Components\3.1.0\WhlCach3.exe (Whale Communications, a Microsoft subsidiary)
PRC - D:\Program Files\PC_Protection_Software\OTL_CheckRegistry SystemFiles_ForMalware\OTL.exe (OldTimer Tools)
PRC - C:\WINDOWS\notepad.exe (Microsoft Corporation)

========== Win32 Services (SafeList) ==========

SRV - (AntiVirSchedulerService [Auto | Running]) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (AntiVirService [Auto | Running]) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (ES lite Service [Auto | Running]) -- C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE ()
SRV - (helpsvc [Auto | Running]) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SRV - (IDriverT [On_Demand | Stopped]) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (JavaQuickStarterService [Auto | Running]) -- D:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
SRV - (NVSvc [Auto | Running]) -- C:\WINDOWS\System32\nvsvc32.exe (NVIDIA Corporation)
SRV - (ProtexisLicensing [Auto | Running]) -- C:\WINDOWS\System32\PSIService.exe ()
SRV - (DMService [On_Demand | Running]) -- C:\WINDOWS\DOWNLO~1\DMService.exe ()

========== Driver Services (SafeList) ==========

DRV - (avgio [System | Running]) -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (avgntflt [Auto | Running]) -- C:\WINDOWS\System32\DRIVERS\avgntflt.sys (Avira GmbH)
DRV - (avipbb [System | Running]) -- C:\WINDOWS\System32\DRIVERS\avipbb.sys (Avira GmbH)
DRV - (gdrv [On_Demand | Running]) -- C:\WINDOWS\gdrv.sys (Windows ® 2000 DDK provider)
DRV - (HDAudBus [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\HDAudBus.sys (Windows ® Server 2003 DDK provider)
DRV - (ialm [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\igxpmp32.sys (Intel Corporation)
DRV - (IntcAzAudAddService [On_Demand | Running]) -- C:\WINDOWS\System32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (nv [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\nv4_mini.sys (NVIDIA Corporation)
DRV - (Ptilink [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys (Parallel Technologies, Inc.)
DRV - (PxHelp20 [Boot | Running]) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys (Sonic Solutions)
DRV - (RTLE8023xp [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\Rtenicxp.sys (Realtek Semiconductor Corporation )
DRV - (RTLTEAMING [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\RTLTEAMING.SYS (Realtek Semiconductor Corporation)
DRV - (RTLVLAN [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\RTLVLAN.SYS (Realtek Semiconductor Corporation )
DRV - (RtNdPt5x [Auto | Running]) -- C:\WINDOWS\System32\DRIVERS\RtNdPt5x.sys (Realtek Semiconductor Corporation )
DRV - (SASDIFSV [System | Running]) -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASENUM [On_Demand | Running]) -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS ( SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASKUTIL [System | Running]) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (Secdrv [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (ssmdrv [System | Running]) -- C:\WINDOWS\System32\DRIVERS\ssmdrv.sys (Avira GmbH)
DRV - (GVTDrv [Unknown | Stopped]) -- C:\WINDOWS\System32\Drivers\GVTDrv.sys ()

========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\..\URLSearchHook: {0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - C:\WINDOWS\System32\dvmurl.dll (DeviceVM Inc.)
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\System32\ieframe.dll (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: D:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009/10/20 21:48:56 | 00,000,000 | ---D | M]


O1 HOSTS File: (734 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\System32\browseui.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\System32\browseui.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (&Links) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\System32\SHELL32.dll (Microsoft Corporation)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [Corel File Shell Monitor] D:\Program Files\Corel\Corel MediaOne\CorelIOMonitor.exe ()
O4 - HKLM..\Run: [Corel Photo Downloader] D:\Program Files\Corel\Corel MediaOne\Corel PhotoDownloader.exe File not found
O4 - HKLM..\Run: [EasyTuneVI] C:\Program Files\GIGABYTE\ET6\ETcall.exe ()
O4 - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [ISUSPM] C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe (Macrovision Corporation)
O4 - HKLM..\Run: [ISUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (Macrovision Corporation)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe File not found
O4 - HKLM..\Run: [Persistence] C:\WINDOWS\System32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [QuickTime Task] D:\Program Files\QuickTime\qttask.exe (Apple Computer, Inc.)
O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] D:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKCU..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe (Microsoft Corporation)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKCU..\Run: [WhlCach3.exe] C:\Program Files\Whale Communications\Client Components\3.1.0\WhlCach3.exe (Whale Communications, a Microsoft subsidiary)
O4 - Startup: C:\Documents and Settings\Home\Start Menu\Programs\Startup\SDK Tray Menu.lnk = D:\Program Files\Java\1.6\jdk\bin\javaw.exe (Sun Microsystems, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFolderOptions = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 0
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\System32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\System32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\System32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwa...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.com/content/DriverDownlo...sreqlab_nvd.cab (System Requirements Lab Class)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/...b?1254597812906 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {8D9563A9-8D5F-459B-87F2-BA842255CB9A} https://gatewaymtw.mindtree.com/InternalSite/WhlCompMgr.cab (Whale Client Components)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwa...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.1
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\System32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\System32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\System32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\System32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter: - Class Install Handler - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter: - deflate - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter: - gzip - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter: - lzdhtml - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter: - text/webviewhtml - C:\WINDOWS\System32\SHELL32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\System32\WlNotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\System32\SHELL32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\System32\SHELL32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\System32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\System32\webcheck.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\System32\browseui.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\WINDOWS\System32\browseui.dll (Microsoft Corporation)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O27 - HKLM IFEO\Your Image File Name Here without a path: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/10/03 21:03:14 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found

========== Files/Folders - Created Within 30 Days ==========

[1 C:\WINDOWS\*.tmp files]
[2009/10/04 02:21:20 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data
[2009/10/03 22:03:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Adobe
[2009/10/09 19:39:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Apple Computer
[2009/10/15 13:30:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Avira
[2009/10/03 22:10:17 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Corel
[2009/10/03 21:57:48 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\InstallShield
[2009/10/03 22:01:04 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Kaspersky Lab
[2009/10/12 22:52:52 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Malwarebytes
[2009/10/04 02:21:20 | 00,000,000 | --SD | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft
[2009/10/24 19:54:08 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\NVIDIA Corporation
[2009/10/13 00:26:26 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\SUPERAntiSpyware.com
[2009/10/09 20:12:12 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Trymedia
[2009/10/04 00:59:56 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Windows Genuine Advantage
[2009/10/03 22:07:02 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\WinZip
[2009/10/03 21:07:51 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\Home\Application Data
[2009/10/04 00:22:02 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Home\Application Data\Adobe
[2009/10/09 11:53:48 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Home\Application Data\AdobeUM
[2009/10/09 19:50:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Home\Application Data\Apple Computer
[2009/10/06 23:33:24 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Home\Application Data\Corel
[2009/10/07 22:43:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Home\Application Data\Google
[2009/10/03 21:08:08 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Home\Application Data\Identities
[2009/10/03 21:49:28 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Home\Application Data\InstallShield
[2009/10/04 00:22:02 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Home\Application Data\Macromedia
[2009/10/12 22:52:58 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Home\Application Data\Malwarebytes
[2009/10/03 21:07:51 | 00,000,000 | --SD | C] -- C:\Documents and Settings\Home\Application Data\Microsoft
[2009/10/04 16:53:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Home\Application Data\Notepad++
[2009/10/20 21:38:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Home\Application Data\Opera
[2009/10/20 21:40:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Home\Application Data\Sun
[2009/10/13 00:26:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Home\Application Data\SUPERAntiSpyware.com
[2009/10/05 00:18:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Home\Application Data\uTorrent
[2009/10/04 16:47:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Home\Application Data\vlc
[2009/10/04 16:56:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Home\Application Data\WinRAR
[2009/10/03 21:07:51 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\Home\Local Settings\Application Data
[2009/10/09 11:53:08 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Home\Local Settings\Application Data\Adobe
[2009/10/22 22:32:25 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Home\Local Settings\Application Data\Apple Computer
[2009/10/06 23:33:22 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Home\Local Settings\Application Data\Corel
[2009/10/07 22:43:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Home\Local Settings\Application Data\Google
[2009/10/09 21:03:35 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Home\Local Settings\Application Data\Identities
[2009/10/03 21:07:51 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Home\Local Settings\Application Data\Microsoft
[2009/10/20 21:38:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Home\Local Settings\Application Data\Opera
[2009/10/04 01:28:14 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files
[2009/10/09 11:53:00 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2009/10/03 22:09:59 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Corel
[2009/10/03 21:43:53 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2009/10/04 01:28:14 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Shared
[2009/10/03 21:01:29 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap
[2009/10/04 01:28:17 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC
[2009/10/03 21:01:33 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Services
[2009/10/04 01:28:15 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeechEngines
[2009/10/03 21:00:45 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\System
[2009/10/13 00:25:25 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2009/10/04 01:28:14 | 00,000,000 | R--D | C] -- C:\Program Files
[2009/10/13 01:03:06 | 00,000,000 | ---D | C] -- C:\Program Files\Activision
[2009/10/24 18:32:12 | 00,000,000 | ---D | C] -- C:\Program Files\AGEIA Technologies
[2009/10/09 19:39:59 | 00,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2009/10/15 00:20:11 | 00,000,000 | ---D | C] -- C:\Program Files\Avast Home Edition AntiVirus
[2009/10/15 13:30:30 | 00,000,000 | ---D | C] -- C:\Program Files\Avira
[2009/10/03 21:44:14 | 00,000,000 | ---D | C] -- C:\Program Files\Browser Configuration Utility
[2009/10/04 01:28:14 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files
[2009/10/03 21:00:23 | 00,000,000 | ---D | C] -- C:\Program Files\ComPlus Applications
[2009/10/12 23:11:41 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2009/10/03 21:43:55 | 00,000,000 | ---D | C] -- C:\Program Files\Gigabyte
[2009/10/07 00:50:32 | 00,000,000 | ---D | C] -- C:\Program Files\Google
[2009/10/03 21:43:55 | 00,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2009/10/03 21:44:41 | 00,000,000 | ---D | C] -- C:\Program Files\Intel
[2009/10/03 21:00:44 | 00,000,000 | ---D | C] -- C:\Program Files\Internet Explorer
[2009/10/12 22:52:52 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/10/03 21:00:07 | 00,000,000 | ---D | C] -- C:\Program Files\Messenger
[2009/10/03 21:03:32 | 00,000,000 | ---D | C] -- C:\Program Files\microsoft frontpage
[2009/10/03 21:01:12 | 00,000,000 | ---D | C] -- C:\Program Files\Movie Maker
[2009/10/03 20:59:24 | 00,000,000 | ---D | C] -- C:\Program Files\MSN
[2009/10/03 21:00:03 | 00,000,000 | ---D | C] -- C:\Program Files\MSN Gaming Zone
[2009/10/04 03:22:47 | 00,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2009/10/03 21:00:57 | 00,000,000 | ---D | C] -- C:\Program Files\NetMeeting
[2009/10/24 19:54:02 | 00,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2009/10/03 21:00:12 | 00,000,000 | ---D | C] -- C:\Program Files\Online Services
[2009/10/03 21:00:53 | 00,000,000 | ---D | C] -- C:\Program Files\Outlook Express
[2009/10/03 21:47:21 | 00,000,000 | ---D | C] -- C:\Program Files\Realtek
[2009/10/13 00:26:15 | 00,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2009/10/24 19:01:32 | 00,000,000 | ---D | C] -- C:\Program Files\SystemRequirementsLab
[2009/10/12 22:48:52 | 00,000,000 | ---D | C] -- C:\Program Files\TFC
[2009/10/03 21:08:07 | 00,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
[2009/10/27 11:11:30 | 00,000,000 | ---D | C] -- C:\Program Files\Whale Communications
[2009/10/03 21:00:11 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Media Player
[2009/10/03 20:59:21 | 00,000,000 | ---D | C] -- C:\Program Files\Windows NT
[2009/10/03 21:02:25 | 00,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate
[2009/10/03 21:03:32 | 00,000,000 | ---D | C] -- C:\Program Files\xerox
[2009/10/24 19:55:07 | 00,000,000 | -HSD | C] -- C:\Config.Msi
[2009/10/24 19:53:29 | 00,000,000 | ---D | C] -- C:\NVIDIA
[2009/10/24 19:14:08 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Home\My Documents\NFS Carbon
[2009/10/24 18:48:05 | 00,000,000 | ---D | C] -- C:\WINDOWS\NV36483644.TMP
[2009/10/24 18:32:12 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\AGEIA
[2009/10/24 18:31:08 | 00,490,088 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvudisp.exe
[2009/10/24 18:31:08 | 00,000,000 | ---D | C] -- C:\WINDOWS\nview
[2009/10/24 18:30:27 | 00,490,088 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NVUNINST.EXE
[2009/10/20 22:22:01 | 00,000,000 | ---D | C] -- C:\WINDOWS\ie7updates
[2009/10/20 22:20:48 | 00,000,000 | -H-D | C] -- C:\WINDOWS\ie7
[2009/10/20 22:20:39 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
[2009/10/20 22:20:28 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
[2009/10/20 22:19:37 | 00,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2009/10/20 22:19:15 | 00,380,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieapfltr.dll
[2009/10/20 22:19:15 | 00,063,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icardie.dll
[2009/10/20 22:19:15 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieudinit.exe
[2009/10/20 22:19:14 | 02,452,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieapfltr.dat
[2009/10/20 22:19:14 | 00,991,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll.mui
[2009/10/20 21:50:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\Sun
[2009/10/20 21:49:00 | 00,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deploytk.dll
[2009/10/20 21:49:00 | 00,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2009/10/20 21:49:00 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2009/10/20 21:49:00 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2009/10/20 21:49:00 | 00,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2009/10/15 13:30:32 | 00,096,104 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2009/10/15 13:30:32 | 00,055,656 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2009/10/15 13:30:32 | 00,045,416 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys
[2009/10/15 13:30:32 | 00,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2009/10/15 13:30:32 | 00,022,360 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys
[2009/10/13 01:23:09 | 00,000,000 | -HSD | C] -- C:\WINDOWS\ftpcache
[2009/10/13 01:21:35 | 01,124,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_34.dll
[2009/10/13 01:21:35 | 00,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_34.dll
[2009/10/13 01:21:35 | 00,266,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_8.dll
[2009/10/13 01:21:35 | 00,018,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_2.dll
[2009/10/13 01:21:34 | 03,497,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_34.dll
[2009/10/13 01:21:34 | 00,261,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_7.dll
[2009/10/13 01:21:34 | 00,081,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_3.dll
[2009/10/13 01:21:33 | 00,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_33.dll
[2009/10/13 01:21:32 | 03,495,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_33.dll
[2009/10/13 01:21:32 | 01,123,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_33.dll
[2009/10/13 01:21:31 | 03,426,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_32.dll
[2009/10/13 01:21:31 | 00,255,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_6.dll
[2009/10/13 01:21:31 | 00,251,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_5.dll
[2009/10/13 01:21:30 | 02,414,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_31.dll
[2009/10/13 01:21:30 | 00,237,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_4.dll
[2009/10/13 01:21:30 | 00,236,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_3.dll
[2009/10/13 01:21:30 | 00,015,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_1.dll
[2009/10/13 01:21:29 | 00,062,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_2.dll
[2009/10/12 23:32:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2009/10/12 22:52:53 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/10/12 22:52:52 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/10/10 03:00:54 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\KB905474
[2009/10/09 23:57:11 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot_bak
[2009/10/09 21:20:21 | 00,000,000 | -H-D | C] -- C:\WINDOWS\System32\GroupPolicy
[2009/10/09 20:11:43 | 02,388,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_30.dll
[2009/10/09 20:11:43 | 00,230,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_2.dll
[2009/10/09 20:11:43 | 00,229,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_1.dll
[2009/10/09 20:11:43 | 00,062,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_1.dll
[2009/10/09 20:11:42 | 02,332,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_29.dll
[2009/10/09 20:11:42 | 02,323,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_28.dll
[2009/10/09 20:11:42 | 00,230,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_0.dll
[2009/10/09 20:11:42 | 00,014,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_0.dll
[2009/10/09 20:11:41 | 02,337,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_25.dll
[2009/10/09 20:11:41 | 02,319,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_27.dll
[2009/10/09 20:11:41 | 02,297,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_26.dll
[2009/10/09 20:11:41 | 00,061,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput9_1_0.dll
[2009/10/09 20:11:40 | 02,222,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_24.dll
[2009/10/09 11:53:04 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Home\My Documents\My eBooks
[2009/10/08 00:19:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Home\Desktop\Icons
[2009/10/08 00:14:24 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Home\My Documents\FIFA 06
[2009/10/07 23:35:56 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Home\My Documents\My Received Files
[2009/10/07 00:34:21 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Adobe
[2009/10/06 23:33:28 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Home\My Documents\My Corel Shows
[2009/10/05 00:32:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Home\My Documents\Downloads
[2009/10/04 21:05:19 | 00,532,480 | ---- | C] (ScreenTime Media) -- C:\WINDOWS\System32\manutd_fanzone_oldtrafford.scr
[2009/10/04 21:05:19 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\manutd_fanzone_oldtrafford dir
[2009/10/04 16:35:29 | 00,100,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iecompat.dll
[2009/10/04 16:35:16 | 00,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2009/10/04 16:34:54 | 11,069,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2009/10/04 16:34:54 | 01,985,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2009/10/04 16:34:54 | 00,594,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2009/10/04 16:34:54 | 00,246,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieproxy.dll
[2009/10/04 16:34:54 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2009/10/04 16:34:54 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpshims.dll
[2009/10/04 16:34:35 | 00,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2009/10/04 16:33:47 | 00,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ieencode.dll
[2009/10/04 16:33:47 | 00,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieencode.dll
[2009/10/04 16:33:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US
[2009/10/04 14:39:17 | 25,198,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe
[2009/10/04 03:23:44 | 00,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2009/10/04 02:48:56 | 00,046,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tzchange.exe
[2009/10/04 02:29:14 | 02,136,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe
[2009/10/04 02:29:13 | 02,180,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe
[2009/10/04 02:29:13 | 02,057,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlpa.exe
[2009/10/04 02:29:13 | 02,015,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe
[2009/10/04 02:25:39 | 00,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\audstub.sys
[2009/10/04 02:24:54 | 00,057,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\redbook.sys
[2009/10/04 02:24:22 | 00,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\usbui.dll
[2009/10/04 02:24:22 | 00,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbui.dll
[2009/10/04 02:23:37 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt041f.dll
[2009/10/04 02:23:36 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuq.dll
[2009/10/04 02:23:36 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuf.dll
[2009/10/04 02:23:36 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtuq.dll
[2009/10/04 02:23:36 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtuf.dll
[2009/10/04 02:23:36 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdazel.dll
[2009/10/04 02:23:36 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdazel.dll
[2009/10/04 02:23:35 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0419.dll
[2009/10/04 02:23:34 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtat.dll
[2009/10/04 02:23:34 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmon.dll
[2009/10/04 02:23:34 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkyr.dll
[2009/10/04 02:23:34 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtat.dll
[2009/10/04 02:23:34 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdmon.dll
[2009/10/04 02:23:34 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkyr.dll
[2009/10/04 02:23:33 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0408.dll
[2009/10/04 02:23:33 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycc.dll
[2009/10/04 02:23:33 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbduzb.dll
[2009/10/04 02:23:33 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdur.dll
[2009/10/04 02:23:33 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru1.dll
[2009/10/04 02:23:33 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru.dll
[2009/10/04 02:23:33 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkaz.dll
[2009/10/04 02:23:33 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbu.dll
[2009/10/04 02:23:33 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdblr.dll
[2009/10/04 02:23:33 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdaze.dll
[2009/10/04 02:23:33 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdycc.dll
[2009/10/04 02:23:33 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbduzb.dll
[2009/10/04 02:23:33 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdur.dll
[2009/10/04 02:23:33 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdru1.dll
[2009/10/04 02:23:33 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdru.dll
[2009/10/04 02:23:33 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkaz.dll
[2009/10/04 02:23:33 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdbu.dll
[2009/10/04 02:23:33 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdblr.dll
[2009/10/04 02:23:33 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdaze.dll
[2009/10/04 02:23:31 | 00,008,192 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhept.dll
[2009/10/04 02:23:31 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhept.dll
[2009/10/04 02:23:31 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela3.dll
[2009/10/04 02:23:31 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhela3.dll
[2009/10/04 02:23:31 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela2.dll
[2009/10/04 02:23:31 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdgkl.dll
[2009/10/04 02:23:31 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhela2.dll
[2009/10/04 02:23:31 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgkl.dll
[2009/10/04 02:23:31 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe319.dll
[2009/10/04 02:23:31 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe220.dll
[2009/10/04 02:23:31 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe.dll
[2009/10/04 02:23:31 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe319.dll
[2009/10/04 02:23:31 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe220.dll
[2009/10/04 02:23:31 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe.dll
[2009/10/04 02:23:30 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv1.dll
[2009/10/04 02:23:30 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv.dll
[2009/10/04 02:23:30 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdest.dll
[2009/10/04 02:23:30 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlv1.dll
[2009/10/04 02:23:30 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlv.dll
[2009/10/04 02:23:30 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdest.dll
[2009/10/04 02:23:30 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt1.dll
[2009/10/04 02:23:30 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt.dll
[2009/10/04 02:23:30 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlt1.dll
[2009/10/04 02:23:30 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlt.dll
[2009/10/04 02:23:29 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt040e.dll
[2009/10/04 02:23:29 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0415.dll
[2009/10/04 02:23:29 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0405.dll
[2009/10/04 02:23:28 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl1.dll
[2009/10/04 02:23:28 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl.dll
[2009/10/04 02:23:28 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpl.dll
[2009/10/04 02:23:28 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsl1.dll
[2009/10/04 02:23:28 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsl.dll
[2009/10/04 02:23:28 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdpl.dll
[2009/10/04 02:23:28 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdro.dll
[2009/10/04 02:23:28 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdro.dll
[2009/10/04 02:23:27 | 00,007,168 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz.dll
[2009/10/04 02:23:27 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz.dll
[2009/10/04 02:23:27 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycl.dll
[2009/10/04 02:23:27 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu.dll
[2009/10/04 02:23:27 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz2.dll
[2009/10/04 02:23:27 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz1.dll
[2009/10/04 02:23:27 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcr.dll
[2009/10/04 02:23:27 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\KBDAL.DLL
[2009/10/04 02:23:27 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdycl.dll
[2009/10/04 02:23:27 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhu.dll
[2009/10/04 02:23:27 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz2.dll
[2009/10/04 02:23:27 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz1.dll
[2009/10/04 02:23:27 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcr.dll
[2009/10/04 02:23:27 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdal.dll
[2009/10/04 02:23:27 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpl1.dll
[2009/10/04 02:23:27 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu1.dll
[2009/10/04 02:23:27 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdpl1.dll
[2009/10/04 02:23:27 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhu1.dll
[2009/10/04 02:23:25 | 00,176,157 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dllcache\dgrpsetu.dll
[2009/10/04 02:23:25 | 00,176,157 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dgrpsetu.dll
[2009/10/04 02:23:25 | 00,103,424 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\EqnClass.Dll
[2009/10/04 02:23:25 | 00,103,424 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqnclass.dll
[2009/10/04 02:23:25 | 00,085,020 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dllcache\dgsetup.dll
[2009/10/04 02:23:25 | 00,085,020 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dgsetup.dll
[2009/10/04 02:23:25 | 00,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\spxcoins.dll
[2009/10/04 02:23:25 | 00,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxcoins.dll
[2009/10/04 02:23:25 | 00,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TAPI.DLL
[2009/10/04 02:23:25 | 00,013,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\WFWNET.DRV
[2009/10/04 02:23:25 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irclass.dll
[2009/10/04 02:23:25 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irclass.dll
[2009/10/04 02:23:25 | 00,009,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VER.DLL
[2009/10/04 02:23:25 | 00,004,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TIMER.DRV
[2009/10/04 02:23:25 | 00,002,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VGA.DRV
[2009/10/04 02:23:24 | 00,126,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MSVIDEO.DLL
[2009/10/04 02:23:24 | 00,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLECLI.DLL
[2009/10/04 02:23:24 | 00,073,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIAVI.DRV
[2009/10/04 02:23:24 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIWAVE.DRV
[2009/10/04 02:23:24 | 00,025,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCISEQ.DRV
[2009/10/04 02:23:24 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLESVR.DLL
[2009/10/04 02:23:24 | 00,009,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\LZEXPAND.DLL
[2009/10/04 02:23:24 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SHELL.DLL
[2009/10/04 02:23:24 | 00,003,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SYSTEM.DRV
[2009/10/04 02:23:24 | 00,002,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MOUSE.DRV
[2009/10/04 02:23:24 | 00,002,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\KEYBOARD.DRV
[2009/10/04 02:23:24 | 00,001,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SOUND.DRV
[2009/10/04 02:23:24 | 00,001,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MMTASK.TSK
[2009/10/04 02:23:23 | 00,109,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVIFILE.DLL
[2009/10/04 02:23:23 | 00,069,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVICAP.DLL
[2009/10/04 02:23:23 | 00,032,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\COMMDLG.DLL
[2009/10/04 02:23:23 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\TASKMAN.EXE
[2009/10/04 02:23:23 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\taskman.exe
[2009/10/04 02:23:23 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\irenum.sys
[2009/10/04 02:23:23 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irenum.sys
[2009/10/04 02:23:23 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\batt.dll
[2009/10/04 02:23:23 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\batt.dll
[2009/10/04 02:23:22 | 00,146,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\WINSPOOL.DRV
[2009/10/04 02:23:22 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\NOTEPAD.EXE
[2009/10/04 02:23:22 | 00,068,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MMSYSTEM.DLL
[2009/10/04 02:23:20 | 00,074,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\storprop.dll
[2009/10/04 02:15:53 | 00,000,000 | ---D | C] -- C:\WINDOWS\ehome
[2009/10/04 02:11:41 | 00,272,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthport.sys
[2009/10/04 02:11:41 | 00,272,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthport.sys
[2009/10/04 01:28:18 | 00,000,000 | -HSD | C] -- C:\WINDOWS\Installer
[2009/10/04 01:28:16 | 00,774,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spttseng.dll
[2009/10/04 01:28:16 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spcommon.dll
[2009/10/04 01:28:16 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spcplui.dll
[2009/10/04 01:28:15 | 00,741,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapi.dll
[2009/10/04 01:28:15 | 00,155,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapi.cpl
[2009/10/04 01:28:15 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapisvr.exe
[2009/10/04 01:28:14 | 00,000,000 | R--D | C] -- C:\Program Files
[2009/10/04 01:26:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2009/10/04 01:26:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot
[2009/10/04 01:25:35 | 00,000,000 | ---D | C] -- C:\Documents and Settings
[2009/10/04 01:20:28 | 00,000,000 | -HSD | C] -- C:\System Volume Information
[2009/10/04 01:19:35 | 00,000,000 | R-SD | C] -- C:\WINDOWS\Fonts
[2009/10/04 01:19:35 | 00,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2009/10/04 01:19:35 | 00,000,000 | R--D | C] -- C:\WINDOWS\Web
[2009/10/04 01:19:35 | 00,000,000 | -H-D | C] -- C:\WINDOWS\inf
[2009/10/04 01:19:35 | 00,000,000 | ---D | C] -- C:\WINDOWS\WinSxS
[2009/10/04 01:19:35 | 00,000,000 | ---D | C] -- C:\WINDOWS\twain_32
[2009/10/04 01:19:35 | 00,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2009/10/04 01:19:35 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\wins
[2009/10/04 01:19:35 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem
[2009/10/04 01:19:35 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt
[2009/10/04 01:19:35 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\spool
[2009/10/04 01:19:35 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt
[2009/10/04 01:19:35 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup
[2009/10/04 01:19:35 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ras
[2009/10/04 01:19:35 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe
[2009/10/04 01:19:35 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\npp
[2009/10/04 01:19:35 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\mui
[2009/10/04 01:19:35 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv
[2009/10/04 01:19:35 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\IME
[2009/10/04 01:19:35 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml
[2009/10/04 01:19:35 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ias
[2009/10/04 01:19:35 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\export
[2009/10/04 01:19:35 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc
[2009/10/04 01:19:35 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn
[2009/10/04 01:19:35 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers
[2009/10/04 01:19:35 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp
[2009/10/04 01:19:35 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\config
[2009/10/04 01:19:35 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi
[2009/10/04 01:19:35 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\3076
[2009/10/04 01:19:35 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\2052
[2009/10/04 01:19:35 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1054
[2009/10/04 01:19:35 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1042
[2009/10/04 01:19:35 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1041
[2009/10/04 01:19:35 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1037
[2009/10/04 01:19:35 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1033
[2009/10/04 01:19:35 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1031
[2009/10/04 01:19:35 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1028
[2009/10/04 01:19:35 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1025
[2009/10/04 01:19:35 | 00,000,000 | ---D | C] -- C:\WINDOWS\system32
[2009/10/04 01:19:35 | 00,000,000 | ---D | C] -- C:\WINDOWS\system
[2009/10/04 01:19:35 | 00,000,000 | ---D | C] -- C:\WINDOWS\security
[2009/10/04 01:19:35 | 00,000,000 | ---D | C] -- C:\WINDOWS\Resources
[2009/10/04 01:19:35 | 00,000,000 | ---D | C] -- C:\WINDOWS\repair
[2009/10/04 01:19:35 | 00,000,000 | ---D | C] -- C:\WINDOWS\Provisioning
[2009/10/04 01:19:35 | 00,000,000 | ---D | C] -- C:\WINDOWS\PeerNet
[2009/10/04 01:19:35 | 00,000,000 | ---D | C] -- C:\WINDOWS\pchealth
[2009/10/04 01:19:35 | 00,000,000 | ---D | C] -- C:\WINDOWS\mui
[2009/10/04 01:19:35 | 00,000,000 | ---D | C] -- C:\WINDOWS\msapps
[2009/10/04 01:19:35 | 00,000,000 | ---D | C] -- C:\WINDOWS\msagent
[2009/10/04 01:19:35 | 00,000,000 | ---D | C] -- C:\WINDOWS\Media
[2009/10/04 01:19:35 | 00,000,000 | ---D | C] -- C:\WINDOWS\java
[2009/10/04 01:19:35 | 00,000,000 | ---D | C] -- C:\WINDOWS\ime
[2009/10/04 01:19:35 | 00,000,000 | ---D | C] -- C:\WINDOWS\Help
[2009/10/04 01:19:35 | 00,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache
[2009/10/04 01:19:35 | 00,000,000 | ---D | C] -- C:\WINDOWS\Debug
[2009/10/04 01:19:35 | 00,000,000 | ---D | C] -- C:\WINDOWS\Cursors
[2009/10/04 01:19:35 | 00,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard
[2009/10/04 01:19:35 | 00,000,000 | ---D | C] -- C:\WINDOWS\Config
[2009/10/04 01:19:35 | 00,000,000 | ---D | C] -- C:\WINDOWS\AppPatch
[2009/10/04 01:19:35 | 00,000,000 | ---D | C] -- C:\WINDOWS\addins
[2009/10/04 01:19:35 | 00,000,000 | ---D | C] -- C:\WINDOWS
[2009/10/04 00:59:42 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2009/10/04 00:59:40 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$
[2009/10/04 00:55:04 | 00,043,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wups2.dll
[2009/10/04 00:55:04 | 00,031,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll.mui
[2009/10/04 00:55:03 | 00,023,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaucpl.cpl.mui
[2009/10/04 00:55:03 | 00,023,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll.mui
[2009/10/04 00:55:03 | 00,018,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng.dll.mui
[2009/10/04 00:55:03 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2009/10/03 23:10:38 | 00,026,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\USBSTOR.SYS
[2009/10/03 23:10:38 | 00,026,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbstor.sys
[2009/10/03 23:09:55 | 00,000,000 | -HSD | C] -- C:\RECYCLER
[2009/10/03 23:06:24 | 00,000,000 | ---D | C] -- C:\Temp
[2009/10/03 22:11:35 | 00,060,416 | R--- | C] (Realtek Semiconductor Corporation) -- C:\WINDOWS\System32\RTLTEAMING_NB.DLL
[2009/10/03 22:11:35 | 00,028,672 | R--- | C] (Realtek Semiconductor Corporation) -- C:\WINDOWS\System32\drivers\RTLTEAMING.SYS
[2009/10/03 22:11:34 | 00,017,408 | R--- | C] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\System32\drivers\RTLVLAN.SYS
[2009/10/03 22:11:32 | 00,022,016 | R--- | C] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\System32\drivers\RtNdPt5x.sys
[2009/10/03 22:08:48 | 00,016,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2009/10/03 22:08:39 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
[2009/10/03 22:02:35 | 00,000,000 | ---D | C] -- C:\WINDOWS\Cache
[2009/10/03 21:57:47 | 00,073,728 | ---- | C] (Macrovision Corporation) -- C:\WINDOWS\System32\ISUSPM.cpl
[2009/10/03 21:49:54 | 00,117,888 | R--- | C] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\System32\drivers\Rtenicxp.sys
[2009/10/03 21:49:54 | 00,009,728 | R--- | C] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\System32\RtNicProp32.dll
[2009/10/03 21:49:35 | 00,000,000 | ---D | C] -- C:\WINDOWS\OPTIONS
[2009/10/03 21:47:55 | 00,006,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\splitter.sys
[2009/10/03 21:47:55 | 00,006,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\splitter.sys
[2009/10/03 21:47:54 | 00,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\wdmaud.sys
[2009/10/03 21:47:54 | 00,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wdmaud.sys
[2009/10/03 21:47:53 | 00,052,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\DMusic.sys
[2009/10/03 21:47:53 | 00,052,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmusic.sys
[2009/10/03 21:47:52 | 00,142,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\aec.sys
[2009/10/03 21:47:52 | 00,142,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aec.sys
[2009/10/03 21:47:52 | 00,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\swmidi.sys
[2009/10/03 21:47:52 | 00,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swmidi.sys
[2009/10/03 21:47:51 | 00,172,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\kmixer.sys
[2009/10/03 21:47:51 | 00,172,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kmixer.sys
[2009/10/03 21:47:50 | 00,002,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmkaud.sys
[2009/10/03 21:47:50 | 00,002,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmkaud.sys
[2009/10/03 21:47:49 | 00,060,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sysaudio.sys
[2009/10/03 21:47:49 | 00,060,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sysaudio.sys
[2009/10/03 21:47:48 | 00,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\MSKSSRV.sys
[2009/10/03 21:47:48 | 00,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mskssrv.sys
[2009/10/03 21:47:48 | 00,004,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\MSPQM.sys
[2009/10/03 21:47:48 | 00,004,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspqm.sys
[2009/10/03 21:47:46 | 00,005,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\MSPCLOCK.sys
[2009/10/03 21:47:46 | 00,005,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspclock.sys
[2009/10/03 21:47:42 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\RTCOM
[2009/10/03 21:47:40 | 00,130,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksproxy.ax
[2009/10/03 21:47:40 | 00,130,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksproxy.ax
[2009/10/03 21:47:40 | 00,060,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmk.sys
[2009/10/03 21:47:40 | 00,060,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmk.sys
[2009/10/03 21:47:40 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksuser.dll
[2009/10/03 21:47:40 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksuser.dll
[2009/10/03 21:47:37 | 00,290,816 | ---- | C] (Realtek Semiconductor Crop.) -- C:\WINDOWS\vncutil.exe
[2009/10/03 21:47:37 | 00,077,824 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE
[2009/10/03 21:47:36 | 01,826,816 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SkyTel.exe
[2009/10/03 21:47:36 | 01,200,128 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RtlUpd.exe
[2009/10/03 21:47:35 | 00,266,240 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\RTSndMgr.CPL
[2009/10/03 21:47:35 | 00,104,992 | ---- | C] (Realtek Semiconductor) -- C:\WINDOWS\RtkAudioService.exe
[2009/10/03 21:47:35 | 00,035,840 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\RtkCoInstXP.dll
[2009/10/03 21:47:33 | 09,715,200 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTLCPL.EXE
[2009/10/03 21:47:32 | 05,015,040 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\RtkHDAud.sys
[2009/10/03 21:47:28 | 18,084,864 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.EXE
[2009/10/03 21:47:27 | 01,389,056 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\drivers\Monfilt.sys
[2009/10/03 21:47:26 | 02,168,320 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\MicCal.exe
[2009/10/03 21:47:23 | 00,057,344 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\ALCMTR.EXE
[2009/10/03 21:47:22 | 02,808,832 | ---- | C] (RealTek Semicoductor Corp.) -- C:\WINDOWS\ALCWZRD.EXE
[2009/10/03 21:47:22 | 01,684,736 | ---- | C] (Creative) -- C:\WINDOWS\System32\drivers\Ambfilt.sys
[2009/10/03 21:47:21 | 00,278,528 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\ALSNDMGR.CPL
[2009/10/03 21:47:19 | 00,528,384 | R--- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RtlExUpd.dll
[2009/10/03 21:47:01 | 00,026,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spupdsvc.exe
[2009/10/03 21:46:46 | 06,273,504 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\drivers\igxpmp32.sys
[2009/10/03 21:46:46 | 05,702,656 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxress.dll
[2009/10/03 21:46:46 | 03,773,440 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igxpdx32.dll
[2009/10/03 21:46:46 | 02,685,760 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igxpdv32.dll
[2009/10/03 21:46:46 | 02,342,912 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\iglicd32.dll
[2009/10/03 21:46:46 | 00,652,312 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxcfg.exe
[2009/10/03 21:46:46 | 00,310,784 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrell.lrc
[2009/10/03 21:46:46 | 00,304,640 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrita.lrc
[2009/10/03 21:46:46 | 00,303,616 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrdeu.lrc
[2009/10/03 21:46:46 | 00,303,104 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrfra.lrc
[2009/10/03 21:46:46 | 00,303,104 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxresp.lrc
[2009/10/03 21:46:46 | 00,299,008 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrnld.lrc
[2009/10/03 21:46:46 | 00,294,912 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igldev32.dll
[2009/10/03 21:46:46 | 00,294,912 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrptg.lrc
[2009/10/03 21:46:46 | 00,291,328 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrrus.lrc
[2009/10/03 21:46:46 | 00,289,280 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrptb.lrc
[2009/10/03 21:46:46 | 00,288,256 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrhun.lrc
[2009/10/03 21:46:46 | 00,287,744 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrplk.lrc
[2009/10/03 21:46:46 | 00,282,624 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrsve.lrc
[2009/10/03 21:46:46 | 00,282,624 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrsky.lrc
[2009/10/03 21:46:46 | 00,282,624 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrcsy.lrc
[2009/10/03 21:46:46 | 00,281,088 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrfin.lrc
[2009/10/03 21:46:46 | 00,280,576 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrdan.lrc
[2009/10/03 21:46:46 | 00,279,552 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrnor.lrc
[2009/10/03 21:46:46 | 00,279,040 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrtrk.lrc
[2009/10/03 21:46:46 | 00,277,504 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrslv.lrc
[2009/10/03 21:46:46 | 00,275,968 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrenu.lrc
[2009/10/03 21:46:46 | 00,262,656 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrtha.lrc
[2009/10/03 21:46:46 | 00,252,416 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrara.lrc
[2009/10/03 21:46:46 | 00,250,392 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxsrvc.exe
[2009/10/03 21:46:46 | 00,249,856 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrheb.lrc
[2009/10/03 21:46:46 | 00,206,848 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrjpn.lrc
[2009/10/03 21:46:46 | 00,205,312 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrkor.lrc
[2009/10/03 21:46:46 | 00,205,312 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxdev.dll
[2009/10/03 21:46:46 | 00,199,168 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxpph.dll
[2009/10/03 21:46:46 | 00,183,808 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igxpgd32.dll
[2009/10/03 21:46:46 | 00,179,712 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrcht.lrc
[2009/10/03 21:46:46 | 00,178,176 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrchs.lrc
[2009/10/03 21:46:46 | 00,173,592 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\hkcmd.exe
[2009/10/03 21:46:46 | 00,172,056 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxext.exe
[2009/10/03 21:46:46 | 00,147,456 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxCoIn_v5009.dll
[2009/10/03 21:46:46 | 00,141,336 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxtray.exe
[2009/10/03 21:46:46 | 00,141,336 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxpers.exe
[2009/10/03 21:46:46 | 00,130,048 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxdo.dll
[2009/10/03 21:46:46 | 00,119,296 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxcpl.cpl
[2009/10/03 21:46:46 | 00,093,696 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\hccutils.dll
[2009/10/03 21:46:46 | 00,057,344 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igxprd32.dll
[2009/10/03 21:46:46 | 00,051,712 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxsrvc.dll
[2009/10/03 21:46:46 | 00,023,552 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxexps.dll
[2009/10/03 21:46:28 | 00,319,456 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\difxapi.dll
[2009/10/03 21:46:28 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Lang
[2009/10/03 21:44:43 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups
[2009/10/03 21:44:41 | 00,053,248 | R--- | C] (Windows XP Bundled build C-Centric Single User) -- C:\WINDOWS\System32\CSVer.dll
[2009/10/03 21:44:41 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
[2009/10/03 21:44:34 | 00,000,000 | ---D | C] -- C:\Intel
[2009/10/03 21:44:14 | 00,146,528 | ---- | C] (DeviceVM Inc.) -- C:\WINDOWS\System32\dvmurl.dll
[2009/10/03 21:43:01 | 00,016,608 | ---- | C] (Windows ® 2000 DDK provider) -- C:\WINDOWS\gdrv.sys
[2009/10/03 21:08:05 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Home\My Documents\My Pictures
[2009/10/03 21:08:05 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Home\My Documents\My Music
[2009/10/03 21:06:19 | 00,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2009/10/03 21:06:18 | 00,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2009/10/03 21:06:17 | 00,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft
[2009/10/03 21:04:50 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winzm.ime
[2009/10/03 21:04:49 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winsp.ime
[2009/10/03 21:04:49 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winpy.ime
[2009/10/03 21:04:49 | 00,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winar30.ime
[2009/10/03 21:04:49 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wingb.ime
[2009/10/03 21:04:49 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winime.ime
[2009/10/03 21:04:48 | 00,363,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3svc.dll
[2009/10/03 21:04:48 | 00,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wam51.dll
[2009/10/03 21:04:48 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamreg51.dll
[2009/10/03 21:04:48 | 00,041,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.dll
[2009/10/03 21:04:48 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.sys
[2009/10/03 21:04:48 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamps51.dll
[2009/10/03 21:04:48 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3svapi.dll
[2009/10/03 21:04:47 | 00,426,041 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicepad.dll
[2009/10/03 21:04:47 | 00,086,073 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicesub.dll
[2009/10/03 21:04:47 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ext.dll
[2009/10/03 21:04:47 | 00,048,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32.dll
[2009/10/03 21:04:47 | 00,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ctrs51.dll
[2009/10/03 21:04:46 | 00,103,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uihelper.dll
[2009/10/03 21:04:46 | 00,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniime.dll
[2009/10/03 21:04:46 | 00,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unicdime.ime
[2009/10/03 21:04:46 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe
[2009/10/03 21:04:45 | 00,571,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlgnt.ime
[2009/10/03 21:04:45 | 00,455,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintsetp.exe
[2009/10/03 21:04:45 | 00,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\thawbrkr.dll
[2009/10/03 21:04:45 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlphr.exe
[2009/10/03 21:04:45 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tools.dll
[2009/10/03 21:04:45 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmigrate.dll
[2009/10/03 21:04:44 | 00,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\svcext51.dll
[2009/10/03 21:04:44 | 00,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdipx.sys
[2009/10/03 21:04:44 | 00,019,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdspx.sys
[2009/10/03 21:04:44 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\status.dll
[2009/10/03 21:04:44 | 00,013,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdasync.sys
[2009/10/03 21:04:43 | 00,143,422 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\softkey.dll
[2009/10/03 21:04:43 | 00,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusbusd.dll
[2009/10/03 21:04:43 | 00,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sspifilt.dll
[2009/10/03 21:04:43 | 00,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ssinc51.dll
[2009/10/03 21:04:42 | 00,358,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpincl.dll
[2009/10/03 21:04:42 | 00,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpsmir.dll
[2009/10/03 21:04:42 | 00,040,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpthrd.dll
[2009/10/03 21:04:42 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpstup.dll
[2009/10/03 21:04:42 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmptrap.exe
[2009/10/03 21:04:42 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll
[2009/10/03 21:04:42 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpmib.dll
[2009/10/03 21:04:41 | 00,456,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpsvc.dll
[2009/10/03 21:04:41 | 00,259,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpcl.dll
[2009/10/03 21:04:41 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmp.exe
[2009/10/03 21:04:41 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll
[2009/10/03 21:04:41 | 00,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpapi.dll
[2009/10/03 21:04:40 | 00,236,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smi2smir.exe
[2009/10/03 21:04:40 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm9aw.dll
[2009/10/03 21:04:40 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb6w.dll
[2009/10/03 21:04:40 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma3w.dll
[2009/10/03 21:04:40 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm87w.dll
[2009/10/03 21:04:40 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm81w.dll
[2009/10/03 21:04:40 | 00,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8cw.dll
[2009/10/03 21:04:40 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm93w.dll
[2009/10/03 21:04:40 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm92w.dll
[2009/10/03 21:04:40 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm90w.dll
[2009/10/03 21:04:40 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8dw.dll
[2009/10/03 21:04:40 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8aw.dll
[2009/10/03 21:04:40 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm89w.dll
[2009/10/03 21:04:40 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm59w.dll
[2009/10/03 21:04:40 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsm.dll
[2009/10/03 21:04:40 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smimsgif.dll
[2009/10/03 21:04:40 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsy.dll
[2009/10/03 21:04:39 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\simptcp.dll
[2009/10/03 21:04:38 | 00,221,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\seo.dll
[2009/10/03 21:04:38 | 00,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_scripto.dll
[2009/10/03 21:04:38 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seos.dll
[2009/10/03 21:04:37 | 00,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2009/10/03 21:04:37 | 00,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2009/10/03 21:04:37 | 00,026,624 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll
[2009/10/03 21:04:37 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\romanime.ime
[2009/10/03 21:04:37 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rw001ext.dll
[2009/10/03 21:04:37 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rwnh.dll
[2009/10/03 21:04:37 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcref.dll
[2009/10/03 21:04:36 | 00,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe
[2009/10/03 21:04:36 | 00,020,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ramdisk.sys
[2009/10/03 21:04:36 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quser.exe
[2009/10/03 21:04:36 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe
[2009/10/03 21:04:35 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quick.ime
[2009/10/03 21:04:35 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe
[2009/10/03 21:04:35 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pwsdata.dll
[2009/10/03 21:04:34 | 00,482,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlgnt.ime
[2009/10/03 21:04:34 | 00,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxviceo.dll
[2009/10/03 21:04:34 | 00,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlphr.exe
[2009/10/03 21:04:34 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmigrate.dll
[2009/10/03 21:04:34 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlcsd.dll
[2009/10/03 21:04:34 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxmcro.dll
[2009/10/03 21:04:34 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxgl.dll
[2009/10/03 21:04:33 | 00,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phon.ime
[2009/10/03 21:04:33 | 00,036,927 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs411.dll
[2009/10/03 21:04:33 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pagecnt.dll
[2009/10/03 21:04:33 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\permchk.dll
[2009/10/03 21:04:33 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs404.dll
[2009/10/03 21:04:33 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs804.dll
[2009/10/03 21:04:33 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs412.dll
[2009/10/03 21:04:32 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll
[2009/10/03 21:04:31 | 00,229,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\multibox.dll
[2009/10/03 21:04:31 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nextlink.dll
[2009/10/03 21:04:31 | 00,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nsepm.dll
[2009/10/03 21:04:30 | 00,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtstocom.exe
[2009/10/03 21:04:29 | 01,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.lex
[2009/10/03 21:04:29 | 00,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.dll
[2009/10/03 21:04:29 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msiregmv.exe
[2009/10/03 21:04:26 | 00,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.sys
[2009/10/03 21:04:26 | 00,092,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.dll
[2009/10/03 21:04:26 | 00,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\metada51.dll
[2009/10/03 21:04:26 | 00,037,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\md5filt.dll
[2009/10/03 21:04:26 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mdsync.dll
[2009/10/03 21:04:26 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migregdb.exe
[2009/10/03 21:04:25 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll
[2009/10/03 21:04:25 | 00,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lpdsvc.dll
[2009/10/03 21:04:25 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logscrpt.dll
[2009/10/03 21:04:25 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lprmon.dll
[2009/10/03 21:04:25 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lonsint.dll
[2009/10/03 21:04:24 | 00,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\korwbrkr.dll
[2009/10/03 21:04:24 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lmmib2.dll
[2009/10/03 21:04:23 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecat.dll
[2009/10/03 21:04:23 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecnt.dll
[2009/10/03 21:04:23 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnec95.dll
[2009/10/03 21:04:23 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth3.dll
[2009/10/03 21:04:23 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth2.dll
[2009/10/03 21:04:23 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41j.dll
[2009/10/03 21:04:23 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdvntc.dll
[2009/10/03 21:04:23 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdusa.dll
[2009/10/03 21:04:23 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdurdu.dll
[2009/10/03 21:04:23 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth1.dll
[2009/10/03 21:04:23 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth0.dll
[2009/10/03 21:04:23 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr2.dll
[2009/10/03 21:04:23 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr1.dll
[2009/10/03 21:04:22 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdibm02.dll
[2009/10/03 21:04:22 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41a.dll
[2009/10/03 21:04:22 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinpun.dll
[2009/10/03 21:04:22 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdax2.dll
[2009/10/03 21:04:22 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintel.dll
[2009/10/03 21:04:22 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintam.dll
[2009/10/03 21:04:22 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinmar.dll
[2009/10/03 21:04:22 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinkan.dll
[2009/10/03 21:04:22 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinhin.dll
[2009/10/03 21:04:22 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinguj.dll
[2009/10/03 21:04:22 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdindev.dll
[2009/10/03 21:04:22 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdheb.dll
[2009/10/03 21:04:22 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdfa.dll
[2009/10/03 21:04:22 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv2.dll
[2009/10/03 21:04:22 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv1.dll
[2009/10/03 21:04:22 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgeo.dll
[2009/10/03 21:04:22 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarmw.dll
[2009/10/03 21:04:22 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarme.dll
[2009/10/03 21:04:21 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iprip.dll
[2009/10/03 21:04:21 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iscomlog.dll
[2009/10/03 21:04:21 | 00,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jupiw.dll
[2009/10/03 21:04:21 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iwrps.dll
[2009/10/03 21:04:21 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isapips.dll
[2009/10/03 21:04:21 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd106n.dll
[2009/10/03 21:04:21 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101a.dll
[2009/10/03 21:04:21 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101.dll
[2009/10/03 21:04:21 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda3.dll
[2009/10/03 21:04:21 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda2.dll
[2009/10/03 21:04:21 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda1.dll
[2009/10/03 21:04:20 | 00,315,452 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskf.dll
[2009/10/03 21:04:20 | 00,257,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infocomm.dll
[2009/10/03 21:04:20 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetin51.exe
[2009/10/03 21:04:20 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infoctrs.dll
[2009/10/03 21:04:19 | 00,471,102 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskdic.dll
[2009/10/03 21:04:19 | 00,274,489 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputyc.dll
[2009/10/03 21:04:19 | 00,262,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputy.exe
[2009/10/03 21:04:19 | 00,233,527 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjprw.exe
[2009/10/03 21:04:19 | 00,208,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpmig.exe
[2009/10/03 21:04:19 | 00,102,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imlang.dll
[2009/10/03 21:04:19 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imkrinst.exe
[2009/10/03 21:04:19 | 00,045,109 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpuex.exe
[2009/10/03 21:04:18 | 00,811,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81k.dll
[2009/10/03 21:04:18 | 00,716,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcus.dll
[2009/10/03 21:04:18 | 00,368,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcic.dll
[2009/10/03 21:04:18 | 00,307,257 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.exe
[2009/10/03 21:04:18 | 00,155,705 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdsvr.exe
[2009/10/03 21:04:18 | 00,081,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.dll
[2009/10/03 21:04:18 | 00,057,398 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdadm.exe
[2009/10/03 21:04:17 | 00,340,023 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81.ime
[2009/10/03 21:04:17 | 00,311,359 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsv.exe
[2009/10/03 21:04:17 | 00,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrcic.dll
[2009/10/03 21:04:17 | 00,102,463 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsm.dll
[2009/10/03 21:04:17 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekr61.ime
[2009/10/03 21:04:17 | 00,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmbx.dll
[2009/10/03 21:04:17 | 00,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iislog51.dll
[2009/10/03 21:04:17 | 00,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisclex4.dll
[2009/10/03 21:04:17 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmig.exe
[2009/10/03 21:04:17 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iiscrmap.dll
[2009/10/03 21:04:17 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisfecnv.dll
[2009/10/03 21:04:17 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iissync.exe
[2009/10/03 21:04:17 | 00,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iismui.dll
[2009/10/03 21:04:16 | 00,145,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iische51.dll
[2009/10/03 21:04:16 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisadmin.dll
[2009/10/03 21:04:13 | 10,129,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxkor.dll
[2009/10/03 21:04:05 | 10,096,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxcht.dll
[2009/10/03 21:04:05 | 00,268,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpext.dll
[2009/10/03 21:04:05 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpod51.dll
[2009/10/03 21:04:05 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpmb51.dll
[2009/10/03 21:04:04 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hostmib.dll
[2009/10/03 21:04:04 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hanjadic.dll
[2009/10/03 21:04:04 | 00,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gzip.dll
[2009/10/03 21:04:03 | 00,562,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsst.dll
[2009/10/03 21:04:03 | 00,400,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsxp32.dll
[2009/10/03 21:04:03 | 00,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxstiff.dll
[2009/10/03 21:04:03 | 00,267,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssvc.exe
[2009/10/03 21:04:03 | 00,246,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxst30.dll
[2009/10/03 21:04:03 | 00,192,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxswzrd.dll
[2009/10/03 21:04:03 | 00,154,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsui.dll
[2009/10/03 21:04:03 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsevent.dll
[2009/10/03 21:04:03 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsroute.dll
[2009/10/03 21:04:03 | 00,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsmon.dll
[2009/10/03 21:04:03 | 00,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsext32.dll
[2009/10/03 21:04:03 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssend.exe
[2009/10/03 21:04:03 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsperf.dll
[2009/10/03 21:04:03 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsres.dll
[2009/10/03 21:04:02 | 00,452,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsapi.dll
[2009/10/03 21:04:02 | 00,285,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscomex.dll
[2009/10/03 21:04:02 | 00,229,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscover.exe
[2009/10/03 21:04:02 | 00,143,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclnt.exe
[2009/10/03 21:04:02 | 00,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclntr.dll
[2009/10/03 21:04:02 | 00,125,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpsv251.dll
[2009/10/03 21:04:02 | 00,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscfgwz.dll
[2009/10/03 21:04:02 | 00,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscom.dll
[2009/10/03 21:04:02 | 00,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsdrv.dll
[2009/10/03 21:04:02 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpctrs2.dll
[2009/10/03 21:04:02 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpmib.dll
[2009/10/03 21:04:02 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftlx041e.dll
[2009/10/03 21:04:01 | 00,618,605 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4autl.dll
[2009/10/03 21:04:01 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll
[2009/10/03 21:04:01 | 00,024,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmcgi.exe
[2009/10/03 21:04:01 | 00,020,541 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmdll.dll
[2009/10/03 21:04:01 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe
[2009/10/03 21:04:00 | 00,101,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntagnt.dll
[2009/10/03 21:04:00 | 00,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntwin.exe
[2009/10/03 21:04:00 | 00,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll
[2009/10/03 21:04:00 | 00,045,056 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll
[2009/10/03 21:04:00 | 00,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll
[2009/10/03 21:04:00 | 00,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\et4000.sys
[2009/10/03 21:04:00 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntcmd.exe
[2009/10/03 21:04:00 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\exstrace.dll
[2009/10/03 21:04:00 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\f3ahvoas.dll
[2009/10/03 21:03:59 | 00,514,587 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\edb500.dll
[2009/10/03 21:03:57 | 00,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dayi.ime
[2009/10/03 21:03:57 | 00,042,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\davcdata.exe
[2009/10/03 21:03:56 | 00,057,399 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cplexe.exe
[2009/10/03 21:03:56 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\convlog.exe
[2009/10/03 21:03:56 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\controt.dll
[2009/10/03 21:03:56 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\counters.dll
[2009/10/03 21:03:56 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cprofile.exe
[2009/10/03 21:03:55 | 00,480,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintsetp.exe
[2009/10/03 21:03:55 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\compfilt.dll
[2009/10/03 21:03:54 | 00,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtbrkr.dll
[2009/10/03 21:03:54 | 00,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintime.dll
[2009/10/03 21:03:54 | 00,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtmbx.dll
[2009/10/03 21:03:54 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtskdic.dll
[2009/10/03 21:03:54 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintlgnt.ime
[2009/10/03 21:03:53 | 01,677,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chsbrkr.dll
[2009/10/03 21:03:53 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgport.exe
[2009/10/03 21:03:53 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgusr.exe
[2009/10/03 21:03:53 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chglogon.exe
[2009/10/03 21:03:52 | 00,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chajei.ime
[2009/10/03 21:03:52 | 00,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2009/10/03 21:03:52 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\change.exe
[2009/10/03 21:03:51 | 00,218,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_g18030.dll
[2009/10/03 21:03:51 | 00,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_iscii.dll
[2009/10/03 21:03:51 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_is2022.dll
[2009/10/03 21:03:48 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\browscap.dll
[2009/10/03 21:03:47 | 00,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asptxn.dll
[2009/10/03 21:03:47 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aspperf.dll
[2009/10/03 21:03:47 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\authfilt.dll
[2009/10/03 21:03:46 | 00,369,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asp51.dll
[2009/10/03 21:03:46 | 00,331,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aqueue.dll
[2009/10/03 21:03:45 | 00,108,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\appconf.dll
[2009/10/03 21:03:45 | 00,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll
[2009/10/03 21:03:45 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0804.dll
[2009/10/03 21:03:45 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0412.dll
[2009/10/03 21:03:45 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0411.dll
[2009/10/03 21:03:45 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt040d.dll
[2009/10/03 21:03:45 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0404.dll
[2009/10/03 21:03:45 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0401.dll
[2009/10/03 21:03:45 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll
[2009/10/03 21:03:44 | 00,049,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adrot.dll
[2009/10/03 21:03:44 | 00,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admexs.dll
[2009/10/03 21:03:44 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admxprox.dll
[2009/10/03 21:03:42 | 00,032,827 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptest.exe
[2009/10/03 21:03:42 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptsat.dll
[2009/10/03 21:03:42 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\staxmem.dll
[2009/10/03 21:03:42 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamregps.dll
[2009/10/03 21:03:41 | 02,134,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpsnap.dll
[2009/10/03 21:03:41 | 00,189,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpadm.dll
[2009/10/03 21:03:41 | 00,020,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.dll
[2009/10/03 21:03:41 | 00,016,437 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.exe
[2009/10/03 21:03:39 | 00,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logui.ocx
[2009/10/03 21:03:39 | 00,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isatq.dll
[2009/10/03 21:03:39 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetsloc.dll
[2009/10/03 21:03:39 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infoadmn.dll
[2009/10/03 21:03:39 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmgr.exe
[2009/10/03 21:03:38 | 00,829,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmgr.dll
[2009/10/03 21:03:38 | 00,169,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisui.dll
[2009/10/03 21:03:38 | 00,133,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrtl.dll
[2009/10/03 21:03:38 | 00,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisext51.dll
[2009/10/03 21:03:38 | 00,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iismap.dll
[2009/10/03 21:03:38 | 00,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrstas.exe
[2009/10/03 21:03:38 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisreset.exe
[2009/10/03 21:03:38 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpsapi2.dll
[2009/10/03 21:03:38 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrstap.dll
[2009/10/03 21:03:37 | 00,598,071 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmc.dll
[2009/10/03 21:03:37 | 00,208,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmcsat.dll
[2009/10/03 21:03:37 | 00,188,494 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpcount.exe
[2009/10/03 21:03:37 | 00,109,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98swin.exe
[2009/10/03 21:03:37 | 00,020,541 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpexedll.dll
[2009/10/03 21:03:37 | 00,020,538 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpremadm.exe
[2009/10/03 21:03:37 | 00,014,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98sadm.exe
[2009/10/03 21:03:36 | 00,876,653 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4awel.dll
[2009/10/03 21:03:36 | 00,184,435 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4amsft.dll
[2009/10/03 21:03:36 | 00,147,513 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4apws.dll
[2009/10/03 21:03:36 | 00,102,509 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4atxt.dll
[2009/10/03 21:03:36 | 00,082,035 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4anscp.dll
[2009/10/03 21:03:36 | 00,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cnfgprts.ocx
[2009/10/03 21:03:36 | 00,049,212 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4awebs.dll
[2009/10/03 21:03:36 | 00,049,210 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4areg.dll
[2009/10/03 21:03:36 | 00,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\coadmin.dll
[2009/10/03 21:03:36 | 00,041,020 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4avnb.dll
[2009/10/03 21:03:36 | 00,032,826 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4avss.dll
[2009/10/03 21:03:35 | 00,290,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adsiis51.dll
[2009/10/03 21:03:35 | 00,275,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\certwiz.ocx
[2009/10/03 21:03:35 | 00,188,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cfgwiz.exe
[2009/10/03 21:03:35 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\certmap.ocx
[2009/10/03 21:03:35 | 00,020,540 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.dll
[2009/10/03 21:03:35 | 00,016,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.exe
[2009/10/03 21:03:34 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admwprox.dll
[2009/10/03 21:03:34 | 00,016,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.exe
[2009/10/03 21:03:33 | 00,020,540 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.dll
[2009/10/03 21:03:32 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom
[2009/10/03 21:03:03 | 00,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mapi32.dll
[2009/10/03 21:02:32 | 00,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files
[2009/10/03 21:02:32 | 00,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages
[2009/10/03 21:02:08 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX
[2009/10/03 21:01:47 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoobe.exe
[2009/10/03 21:01:46 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\notiflag.exe
[2009/10/03 21:01:46 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atrace.dll
[2009/10/03 21:01:46 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\atrace.dll
[2009/10/03 21:01:45 | 00,099,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helphost.exe
[2009/10/03 21:01:45 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\brpinfo.dll
[2009/10/03 21:01:45 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hcappres.dll
[2009/10/03 21:01:35 | 00,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msg723.acm
[2009/10/03 21:01:35 | 00,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srdiag.exe
[2009/10/03 21:01:35 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmevtmsg.dll
[2009/10/03 21:01:35 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmevtmsg.dll
[2009/10/03 21:01:34 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msinfo32.exe
[2009/10/03 21:01:34 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wb32.exe
[2009/10/03 21:01:34 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cb32.exe
[2009/10/03 21:01:33 | 00,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\acctres.dll
[2009/10/03 21:01:33 | 00,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\acctres.dll
[2009/10/03 21:01:30 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trialoc.dll
[2009/10/03 21:01:30 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icfgnt5.dll
[2009/10/03 21:01:30 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icfgnt5.dll
[2009/10/03 21:01:30 | 00,000,000 | --SD | C] -- C:\WINDOWS\Tasks
[2009/10/03 21:01:29 | 00,235,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssoap1.dll
[2009/10/03 21:01:29 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwtutor.exe
[2009/10/03 21:01:29 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwres.dll
[2009/10/03 21:01:29 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wisc10.dll
[2009/10/03 21:01:29 | 00,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssoapr.dll
[2009/10/03 21:01:29 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isignup.exe
[2009/10/03 21:01:28 | 00,093,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieinfo5.ocx
[2009/10/03 21:01:25 | 00,725,566 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srchui.dll
[2009/10/03 21:01:25 | 00,058,434 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srchctls.dll
[2009/10/03 21:01:24 | 03,166,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msgr3en.dll
[2009/10/03 21:01:24 | 00,765,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vgx.dll
[2009/10/03 21:01:24 | 00,000,000 | ---D | C] -- C:\WINDOWS\srchasst
[2009/10/03 21:01:23 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed
[2009/10/03 21:01:22 | 00,774,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setup_wm.exe
[2009/10/03 21:01:22 | 00,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpband.dll
[2009/10/03 21:01:21 | 00,786,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migrate.exe
[2009/10/03 21:01:21 | 00,368,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpvis.dll
[2009/10/03 21:01:21 | 00,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpns.dll
[2009/10/03 21:01:21 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmplayer.exe
[2009/10/03 21:01:21 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\custsat.dll
[2009/10/03 21:01:20 | 00,364,544 | ---- | C] (Microsoft Corporation (written by Digital Renaissance Inc.)) -- C:\WINDOWS\System32\dllcache\npdsplay.dll
[2009/10/03 21:01:20 | 00,226,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npdrmv2.dll
[2009/10/03 21:01:20 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npwmsdrm.dll
[2009/10/03 21:01:19 | 00,323,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll
[2009/10/03 21:01:19 | 00,323,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wucltui.dll
[2009/10/03 21:01:19 | 00,202,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuweb.dll
[2009/10/03 21:01:19 | 00,202,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuweb.dll
[2009/10/03 21:01:19 | 00,183,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng1.dll
[2009/10/03 21:01:19 | 00,183,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaueng1.dll
[2009/10/03 21:01:19 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauserv.dll
[2009/10/03 21:01:19 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauserv.dll
[2009/10/03 21:01:18 | 01,809,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng.dll
[2009/10/03 21:01:18 | 01,809,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaueng.dll
[2009/10/03 21:01:18 | 00,213,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaucpl.cpl
[2009/10/03 21:01:18 | 00,213,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaucpl.cpl
[2009/10/03 21:01:18 | 00,165,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauclt1.exe
[2009/10/03 21:01:18 | 00,165,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauclt1.exe
[2009/10/03 21:01:18 | 00,051,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauclt.exe
[2009/10/03 21:01:18 | 00,051,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauclt.exe
[2009/10/03 21:01:18 | 00,034,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wups.dll
[2009/10/03 21:01:18 | 00,034,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wups.dll
[2009/10/03 21:01:17 | 00,561,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll
[2009/10/03 21:01:17 | 00,561,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuapi.dll
[2009/10/03 21:01:17 | 00,382,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qmgr.dll
[2009/10/03 21:01:17 | 00,382,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qmgr.dll
[2009/10/03 21:01:17 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qmgrprxy.dll
[2009/10/03 21:01:17 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qmgrprxy.dll
[2009/10/03 21:01:17 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bitsprx2.dll
[2009/10/03 21:01:17 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx2.dll
[2009/10/03 21:01:17 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bitsprx3.dll
[2009/10/03 21:01:17 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx3.dll
[2009/10/03 21:01:15 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2res2.dll
[2009/10/03 21:01:15 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2eres.dll
[2009/10/03 21:01:14 | 04,256,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2res.dll
[2009/10/03 21:01:14 | 00,502,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2fxa.dll
[2009/10/03 21:01:14 | 00,402,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2filt.dll
[2009/10/03 21:01:14 | 00,325,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2fxb.dll
[2009/10/03 21:01:14 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2ext.dll
[2009/10/03 21:01:13 | 00,167,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2ae.dll
[2009/10/03 21:01:12 | 03,555,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\moviemk.exe
[2009/10/03 21:01:11 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobdl.dll
[2009/10/03 21:01:10 | 00,561,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobmain.dll
[2009/10/03 21:01:10 | 00,122,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobcomm.dll
[2009/10/03 21:01:10 | 00,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oobebaln.exe
[2009/10/03 21:01:10 | 00,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobshel.dll
[2009/10/03 21:01:10 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobweb.dll
[2009/10/03 21:01:08 | 00,150,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uploadm.exe
[2009/10/03 21:01:08 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrslv.dll
[2009/10/03 21:01:08 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\safrslv.dll
[2009/10/03 21:01:08 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrcdlg.dll
[2009/10/03 21:01:08 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\racpldlg.dll
[2009/10/03 21:01:08 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\safrcdlg.dll
[2009/10/03 21:01:08 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\racpldlg.dll
[2009/10/03 21:01:08 | 00,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrdm.dll
[2009/10/03 21:01:08 | 00,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\safrdm.dll
[2009/10/03 21:01:07 | 00,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pchshell.dll
[2009/10/03 21:01:07 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pchsvc.dll
[2009/10/03 21:01:05 | 00,158,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msconfig.exe
[2009/10/03 21:01:04 | 00,768,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpctr.exe
[2009/10/03 21:01:04 | 00,743,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe
[2009/10/03 21:01:04 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hscupd.exe
[2009/10/03 21:01:03 | 00,380,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rstrui.exe
[2009/10/03 21:01:03 | 00,128,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\fltmgr.sys
[2009/10/03 21:01:03 | 00,128,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fltmgr.sys
[2009/10/03 21:01:03 | 00,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fltmc.exe
[2009/10/03 21:01:03 | 00,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fltmc.exe
[2009/10/03 21:01:03 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fltlib.dll
[2009/10/03 21:01:03 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fltlib.dll
[2009/10/03 21:01:02 | 00,239,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srrstr.dll
[2009/10/03 21:01:02 | 00,239,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srrstr.dll
[2009/10/03 21:01:02 | 00,170,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srsvc.dll
[2009/10/03 21:01:02 | 00,170,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srsvc.dll
[2009/10/03 21:01:02 | 00,073,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sr.sys
[2009/10/03 21:01:02 | 00,073,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sr.sys
[2009/10/03 21:01:02 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srclient.dll
[2009/10/03 21:01:02 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srclient.dll
[2009/10/03 21:01:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore
[2009/10/03 21:01:01 | 00,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msh261.drv
[2009/10/03 21:01:01 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ils.dll
[2009/10/03 21:01:01 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ils.dll
[2009/10/03 21:01:01 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msconf.dll
[2009/10/03 21:01:01 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msconf.dll
[2009/10/03 21:01:01 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dcap32.dll
[2009/10/03 21:01:01 | 00,034,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mnmdd.dll
[2009/10/03 21:01:01 | 00,034,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mnmdd.dll
[2009/10/03 21:01:01 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mnmsrvc.exe
[2009/10/03 21:01:01 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mnmsrvc.exe
[2009/10/03 21:01:01 | 00,032,768 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\isrdbg32.dll
[2009/10/03 21:01:01 | 00,032,768 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\isrdbg32.dll
[2009/10/03 21:01:01 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmmkcert.dll
[2009/10/03 21:01:01 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmmkcert.dll
[2009/10/03 21:01:00 | 00,385,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\callcont.dll
[2009/10/03 21:01:00 | 00,229,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmas.dll
[2009/10/03 21:01:00 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rrcm.dll
[2009/10/03 21:01:00 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmasnt.dll
[2009/10/03 21:00:59 | 00,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mst120.dll
[2009/10/03 21:00:59 | 00,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nac.dll
[2009/10/03 21:00:59 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmchat.dll
[2009/10/03 21:00:59 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmcom.dll
[2009/10/03 21:00:59 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mst123.dll
[2009/10/03 21:00:59 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\h323cc.dll
[2009/10/03 21:00:59 | 00,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\confmrsl.dll
[2009/10/03 21:00:58 | 01,032,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\conf.exe
[2009/10/03 21:00:58 | 00,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmwb.dll
[2009/10/03 21:00:58 | 00,172,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmoldwb.dll
[2009/10/03 21:00:58 | 00,151,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmft.dll
[2009/10/03 21:00:57 | 00,510,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab32.dll
[2009/10/03 21:00:57 | 00,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoeacct.dll
[2009/10/03 21:00:57 | 00,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoeacct.dll
[2009/10/03 21:00:57 | 00,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoert2.dll
[2009/10/03 21:00:57 | 00,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoert2.dll
[2009/10/03 21:00:57 | 00,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wabimp.dll
[2009/10/03 21:00:57 | 00,046,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab.exe
[2009/10/03 21:00:57 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wabfind.dll
[2009/10/03 21:00:57 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wabmig.exe
[2009/10/03 21:00:56 | 00,683,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcomm.dll
[2009/10/03 21:00:56 | 00,683,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcomm.dll
[2009/10/03 21:00:56 | 00,249,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab32res.dll
[2009/10/03 21:00:56 | 00,086,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\directdb.dll
[2009/10/03 21:00:56 | 00,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetres.dll
[2009/10/03 21:00:56 | 00,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetres.dll
[2009/10/03 21:00:55 | 01,315,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoe.dll
[2009/10/03 21:00:55 | 00,104,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oeimport.dll
[2009/10/03 21:00:55 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msimn.exe
[2009/10/03 21:00:54 | 02,479,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoeres.dll
[2009/10/03 21:00:54 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oemig50.exe
[2009/10/03 21:00:54 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oemiglib.dll
[2009/10/03 21:00:53 | 00,274,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstask.dll
[2009/10/03 21:00:53 | 00,274,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstask.dll
[2009/10/03 21:00:53 | 00,190,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\schedsvc.dll
[2009/10/03 21:00:53 | 00,190,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\schedsvc.dll
[2009/10/03 21:00:53 | 00,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setup50.exe
[2009/10/03 21:00:53 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstinit.exe
[2009/10/03 21:00:53 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstinit.exe
[2009/10/03 21:00:52 | 00,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcfg.dll
[2009/10/03 21:00:52 | 00,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcfg.dll
[2009/10/03 21:00:52 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\isign32.dll
[2009/10/03 21:00:52 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isign32.dll
[2009/10/03 21:00:52 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwdial.dll
[2009/10/03 21:00:52 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwdial.dll
[2009/10/03 21:00:52 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwphbk.dll
[2009/10/03 21:00:52 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwphbk.dll
[2009/10/03 21:00:51 | 00,172,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwhelp.dll
[2009/10/03 21:00:51 | 00,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwconn2.exe
[2009/10/03 21:00:51 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwconn.dll
[2009/10/03 21:00:51 | 00,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwutil.dll
[2009/10/03 21:00:51 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwdl.dll
[2009/10/03 21:00:51 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwrmind.exe
[2009/10/03 21:00:51 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetwiz.exe
[2009/10/03 21:00:50 | 00,554,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dao360.dll
[2009/10/03 21:00:50 | 00,217,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sqlxmlx.dll
[2009/10/03 21:00:50 | 00,214,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwconn1.exe
[2009/10/03 21:00:49 | 00,487,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oledb32.dll
[2009/10/03 21:00:49 | 00,204,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaps.dll
[2009/10/03 21:00:49 | 00,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdatl3.dll
[2009/10/03 21:00:49 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaosp.dll
[2009/10/03 21:00:49 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oledb32r.dll
[2009/10/03 21:00:48 | 00,315,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdasql.dll
[2009/10/03 21:00:48 | 00,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaora.dll
[2009/10/03 21:00:48 | 00,200,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadox.dll
[2009/10/03 21:00:48 | 00,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadomd.dll
[2009/10/03 21:00:48 | 00,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msjro.dll
[2009/10/03 21:00:48 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadrh15.dll
[2009/10/03 21:00:48 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msador15.dll
[2009/10/03 21:00:48 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxactps.dll
[2009/10/03 21:00:48 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdatt.dll
[2009/10/03 21:00:48 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdasqlr.dll
[2009/10/03 21:00:48 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaorar.dll
[2009/10/03 21:00:48 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaurl.dll
[2009/10/03 21:00:48 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdasc.dll
[2009/10/03 21:00:48 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaer.dll
[2009/10/03 21:00:48 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaenum.dll
[2009/10/03 21:00:48 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdadc.dll
[2009/10/03 21:00:47 | 00,536,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado15.dll
[2009/10/03 21:00:47 | 00,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdarem.dll
[2009/10/03 21:00:47 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado27.tlb
[2009/10/03 21:00:47 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado26.tlb
[2009/10/03 21:00:47 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado25.tlb
[2009/10/03 21:00:47 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado21.tlb
[2009/10/03 21:00:47 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado20.tlb
[2009/10/03 21:00:47 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msader15.dll
[2009/10/03 21:00:46 | 00,331,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadce.dll
[2009/10/03 21:00:46 | 00,200,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaprst.dll
[2009/10/03 21:00:46 | 00,155,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadds.dll
[2009/10/03 21:00:46 | 00,143,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadco.dll
[2009/10/03 21:00:46 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcf.dll
[2009/10/03 21:00:46 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcs.dll
[2009/10/03 21:00:46 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdfmap.dll
[2009/10/03 21:00:46 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msaddsr.dll
[2009/10/03 21:00:46 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcer.dll
[2009/10/03 21:00:46 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaremr.dll
[2009/10/03 21:00:46 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaprsr.dll
[2009/10/03 21:00:46 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcor.dll
[2009/10/03 21:00:46 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcfr.dll
[2009/10/03 21:00:45 | 00,153,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\triedit.dll
[2009/10/03 21:00:45 | 00,128,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dhtmled.ocx
[2009/10/03 21:00:45 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hmmapi.dll
[2009/10/03 21:00:44 | 00,634,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iexplore.exe
[2009/10/03 21:00:44 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedw.exe
[2009/10/03 21:00:43 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users.WINDOWS\Documents\My Pictures
[2009/10/03 21:00:17 | 00,000,000 | ---D | C] -- C:\WINDOWS\Registration
[2009/10/03 21:00:11 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users.WINDOWS\Documents\My Music
[2009/10/03 21:00:06 | 01,817,687 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgres.dll
[2009/10/03 21:00:06 | 00,082,501 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckg.dll
[2009/10/03 21:00:06 | 00,042,577 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgzm.exe
[2009/10/03 21:00:05 | 02,178,131 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlres.dll
[2009/10/03 21:00:05 | 01,175,635 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzres.dll
[2009/10/03 21:00:05 | 00,780,885 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrres.dll
[2009/10/03 21:00:05 | 00,753,236 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvseres.dll
[2009/10/03 21:00:05 | 00,066,113 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvl.dll
[2009/10/03 21:00:05 | 00,057,409 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtz.dll
[2009/10/03 21:00:05 | 00,048,706 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvse.dll
[2009/10/03 21:00:05 | 00,042,575 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrzm.exe
[2009/10/03 21:00:05 | 00,042,574 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvsezm.exe
[2009/10/03 21:00:05 | 00,042,573 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlzm.exe
[2009/10/03 21:00:05 | 00,042,573 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzzm.exe
[2009/10/03 21:00:05 | 00,040,515 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkr.dll
[2009/10/03 21:00:04 | 01,039,955 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnresm.dll
[2009/10/03 21:00:04 | 00,041,029 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zcorem.dll
[2009/10/03 21:00:04 | 00,032,339 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniansi.dll
[2009/10/03 21:00:04 | 00,013,894 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zonelibm.dll
[2009/10/03 21:00:04 | 00,004,677 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zeeverm.dll
[2009/10/03 21:00:03 | 00,217,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnclim.dll
[2009/10/03 21:00:03 | 00,113,222 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zoneclim.dll
[2009/10/03 21:00:03 | 00,036,937 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zclientm.exe
[2009/10/03 21:00:03 | 00,029,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\znetm.dll
[2009/10/03 21:00:03 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\write.exe
[2009/10/03 21:00:03 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\write.exe
[2009/10/03 20:59:54 | 00,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avtapi.dll
[2009/10/03 20:59:54 | 00,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avtapi.dll
[2009/10/03 20:59:54 | 00,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndvol32.exe
[2009/10/03 20:59:54 | 00,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndvol32.exe
[2009/10/03 20:59:54 | 00,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avwav.dll
[2009/10/03 20:59:54 | 00,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avwav.dll
[2009/10/03 20:59:54 | 00,044,544 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\hticons.dll
[2009/10/03 20:59:54 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avmeter.dll
[2009/10/03 20:59:54 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avmeter.dll
[2009/10/03 20:59:54 | 00,013,312 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\dllcache\htrn_jis.dll
[2009/10/03 20:59:53 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winchat.exe
[2009/10/03 20:59:53 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winchat.exe
[2009/10/03 20:59:46 | 00,605,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\getuname.dll
[2009/10/03 20:59:46 | 00,605,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\getuname.dll
[2009/10/03 20:59:45 | 00,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\calc.exe
[2009/10/03 20:59:45 | 00,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\calc.exe
[2009/10/03 20:59:45 | 00,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\charmap.exe
[2009/10/03 20:59:45 | 00,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\charmap.exe
[2009/10/03 20:59:45 | 00,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sol.exe
[2009/10/03 20:59:45 | 00,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sol.exe
[2009/10/03 20:59:44 | 00,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mshearts.exe
[2009/10/03 20:59:44 | 00,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshearts.exe
[2009/10/03 20:59:44 | 00,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winmine.exe
[2009/10/03 20:59:44 | 00,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmine.exe
[2009/10/03 20:59:44 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\freecell.exe
[2009/10/03 20:59:44 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\freecell.exe
[2009/10/03 20:59:44 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\reset.exe
[2009/10/03 20:59:44 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\reset.exe
[2009/10/03 20:59:43 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\regini.exe
[2009/10/03 20:59:43 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\regini.exe
[2009/10/03 20:59:43 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qwinsta.exe
[2009/10/03 20:59:43 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qwinsta.exe
[2009/10/03 20:59:43 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsshutdn.exe
[2009/10/03 20:59:43 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qappsrv.exe
[2009/10/03 20:59:43 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsshutdn.exe
[2009/10/03 20:59:43 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qappsrv.exe
[2009/10/03 20:59:43 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tskill.exe
[2009/10/03 20:59:43 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tskill.exe
[2009/10/03 20:59:43 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rwinsta.exe
[2009/10/03 20:59:43 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rwinsta.exe
[2009/10/03 20:59:43 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsdiscon.exe
[2009/10/03 20:59:43 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscon.exe
[2009/10/03 20:59:43 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\shadow.exe
[2009/10/03 20:59:43 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsdiscon.exe
[2009/10/03 20:59:43 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscon.exe
[2009/10/03 20:59:43 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shadow.exe
[2009/10/03 20:59:43 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpcfgex.dll
[2009/10/03 20:59:43 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpcfgex.dll
[2009/10/03 20:59:42 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msg.exe
[2009/10/03 20:59:42 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msg.exe
[2009/10/03 20:59:42 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtsadmin.tlb
[2009/10/03 20:59:42 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cdmodem.dll
[2009/10/03 20:59:42 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cdmodem.dll
[2009/10/03 20:59:42 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\logoff.exe
[2009/10/03 20:59:42 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logoff.exe
[2009/10/03 20:59:41 | 00,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrepl.dll
[2009/10/03 20:59:41 | 00,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comrepl.dll
[2009/10/03 20:59:41 | 00,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comaddin.dll
[2009/10/03 20:59:41 | 00,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comaddin.dll
[2009/10/03 20:59:41 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxlegih.dll
[2009/10/03 20:59:41 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxlegih.dll
[2009/10/03 20:59:41 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxdm.dll
[2009/10/03 20:59:41 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxdm.dll
[2009/10/03 20:59:41 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dcomcnfg.exe
[2009/10/03 20:59:41 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrereg.exe
[2009/10/03 20:59:41 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dcomcnfg.exe
[2009/10/03 20:59:41 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxex.dll
[2009/10/03 20:59:41 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxex.dll
[2009/10/03 20:59:40 | 00,147,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comsnap.dll
[2009/10/03 20:59:40 | 00,147,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsnap.dll
[2009/10/03 20:59:40 | 00,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\stclient.dll
[2009/10/03 20:59:40 | 00,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\stclient.dll
[2009/10/03 20:59:40 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmi2xml.dll
[2009/10/03 20:59:37 | 00,075,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipicmp.dll
[2009/10/03 20:59:37 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmimsg.dll
[2009/10/03 20:59:37 | 00,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmitimep.dll
[2009/10/03 20:59:36 | 00,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\updprov.dll
[2009/10/03 20:59:36 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmplprov.dll
[2009/10/03 20:59:36 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemdisp.tlb
[2009/10/03 20:59:36 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trnsprov.dll
[2009/10/03 20:59:36 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpcons.dll
[2009/10/03 20:59:36 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.tlb
[2009/10/03 20:59:36 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unsecapp.exe
[2009/10/03 20:59:36 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmtr.dll
[2009/10/03 20:59:36 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmt.exe
[2009/10/03 20:59:36 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.dll
[2009/10/03 20:59:35 | 00,273,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msiprov.dll
[2009/10/03 20:59:35 | 00,120,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsprov.dll
[2009/10/03 20:59:35 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fwdprov.dll
[2009/10/03 20:59:23 | 00,281,088 | ---- | C] (Cinematronics) -- C:\WINDOWS\System32\dllcache\pinball.exe
[2009/10/03 20:59:23 | 00,215,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wordpad.exe
[2009/10/03 20:59:23 | 00,183,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\accwiz.exe
[2009/10/03 20:59:23 | 00,183,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\accwiz.exe
[2009/10/03 20:59:23 | 00,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\access.cpl
[2009/10/03 20:59:23 | 00,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\access.cpl
[2009/10/03 20:59:22 | 00,347,136 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\hypertrm.dll
[2009/10/03 20:59:22 | 00,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndrec32.exe
[2009/10/03 20:59:22 | 00,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndrec32.exe
[2009/10/03 20:59:22 | 00,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mplay32.exe
[2009/10/03 20:59:22 | 00,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplay32.exe
[2009/10/03 20:59:21 | 00,539,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dialer.exe
[2009/10/03 20:59:21 | 00,343,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mspaint.exe
[2009/10/03 20:59:21 | 00,343,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspaint.exe
[2009/10/03 20:59:21 | 00,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clipbrd.exe
[2009/10/03 20:59:21 | 00,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clipbrd.exe
[2009/10/03 20:59:20 | 00,538,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spider.exe
[2009/10/03 20:59:20 | 00,538,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spider.exe
[2009/10/03 20:59:20 | 00,139,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rdpwd.sys
[2009/10/03 20:59:20 | 00,139,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwd.sys
[2009/10/03 20:59:20 | 00,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscfgwmi.dll
[2009/10/03 20:59:20 | 00,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscfgwmi.dll
[2009/10/03 20:59:20 | 00,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tdtcp.sys
[2009/10/03 20:59:20 | 00,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdtcp.sys
[2009/10/03 20:59:20 | 00,012,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tdpipe.sys
[2009/10/03 20:59:20 | 00,012,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdpipe.sys
[2009/10/03 20:59:19 | 00,655,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstscax.dll
[2009/10/03 20:59:19 | 00,655,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstscax.dll
[2009/10/03 20:59:19 | 00,407,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstsc.exe
[2009/10/03 20:59:19 | 00,407,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstsc.exe
[2009/10/03 20:59:19 | 00,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdchost.dll
[2009/10/03 20:59:19 | 00,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdchost.dll
[2009/10/03 20:59:19 | 00,140,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sessmgr.exe
[2009/10/03 20:59:19 | 00,140,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sessmgr.exe
[2009/10/03 20:59:19 | 00,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdshost.exe
[2009/10/03 20:59:19 | 00,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdshost.exe
[2009/10/03 20:59:19 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\remotepg.dll
[2009/10/03 20:59:19 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\remotepg.dll
[2009/10/03 20:59:19 | 00,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscupgrd.exe
[2009/10/03 20:59:19 | 00,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscupgrd.exe
[2009/10/03 20:59:19 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdsaddin.exe
[2009/10/03 20:59:19 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdsaddin.exe
[2009/10/03 20:59:18 | 00,295,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\termsrv.dll
[2009/10/03 20:59:18 | 00,295,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\termsrv.dll
[2009/10/03 20:59:18 | 00,087,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpwsx.dll
[2009/10/03 20:59:18 | 00,087,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwsx.dll
[2009/10/03 20:59:18 | 00,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpclip.exe
[2009/10/03 20:59:18 | 00,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpclip.exe
[2009/10/03 20:59:18 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cfgbkend.dll
[2009/10/03 20:59:18 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cfgbkend.dll
[2009/10/03 20:59:18 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qprocess.exe
[2009/10/03 20:59:18 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qprocess.exe
[2009/10/03 20:59:18 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpsnd.dll
[2009/10/03 20:59:18 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpsnd.dll
[2009/10/03 20:59:18 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icaapi.dll
[2009/10/03 20:59:18 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icaapi.dll
[2009/10/03 20:59:17 | 00,956,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtctm.dll
[2009/10/03 20:59:17 | 00,956,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtctm.dll
[2009/10/03 20:59:17 | 00,428,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcprx.dll
[2009/10/03 20:59:17 | 00,428,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtcprx.dll
[2009/10/03 20:59:17 | 00,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcuiu.dll
[2009/10/03 20:59:17 | 00,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtcuiu.dll
[2009/10/03 20:59:17 | 00,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxoci.dll
[2009/10/03 20:59:17 | 00,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxoci.dll
[2009/10/03 20:59:17 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc
[2009/10/03 20:59:16 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtclog.dll
[2009/10/03 20:59:16 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtclog.dll
[2009/10/03 20:59:16 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xolehlp.dll
[2009/10/03 20:59:16 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xolehlp.dll
[2009/10/03 20:59:16 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtc.exe
[2009/10/03 20:59:16 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtc.exe
[2009/10/03 20:59:15 | 00,195,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comadmin.dll
[2009/10/03 20:59:15 | 00,110,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clbcatex.dll
[2009/10/03 20:59:15 | 00,110,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clbcatex.dll
[2009/10/03 20:59:15 | 00,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\catsrvps.dll
[2009/10/03 20:59:15 | 00,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvps.dll
[2009/10/03 20:59:15 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\colbact.dll
[2009/10/03 20:59:15 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\colbact.dll
[2009/10/03 20:59:15 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrepl.exe
[2009/10/03 20:59:15 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Com
[2009/10/03 20:59:14 | 01,267,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comsvcs.dll
[2009/10/03 20:59:14 | 01,267,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsvcs.dll
[2009/10/03 20:59:14 | 00,625,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\catsrvut.dll
[2009/10/03 20:59:14 | 00,625,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvut.dll
[2009/10/03 20:59:14 | 00,225,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\catsrv.dll
[2009/10/03 20:59:14 | 00,225,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrv.dll
[2009/10/03 20:59:13 | 00,540,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comuid.dll
[2009/10/03 20:59:13 | 00,540,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comuid.dll
[2009/10/03 20:59:13 | 00,498,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clbcatq.dll
[2009/10/03 20:59:13 | 00,498,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clbcatq.dll
[2009/10/03 20:59:11 | 00,453,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprvsd.dll
[2009/10/03 20:59:11 | 00,358,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmic.exe
[2009/10/03 20:59:11 | 00,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprvse.exe
[2009/10/03 20:59:11 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipcima.dll
[2009/10/03 20:59:11 | 00,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmisvc.dll
[2009/10/03 20:59:11 | 00,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprov.dll
[2009/10/03 20:59:11 | 00,140,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmidcprv.dll
[2009/10/03 20:59:11 | 00,132,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipdskq.dll
[2009/10/03 20:59:11 | 00,126,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiapsrv.exe
[2009/10/03 20:59:11 | 00,095,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiutils.dll
[2009/10/03 20:59:11 | 00,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipjobj.dll
[2009/10/03 20:59:11 | 00,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipiprt.dll
[2009/10/03 20:59:11 | 00,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmicookr.dll
[2009/10/03 20:59:11 | 00,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipsess.dll
[2009/10/03 20:59:10 | 00,530,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcore.dll
[2009/10/03 20:59:10 | 00,273,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemess.dll
[2009/10/03 20:59:10 | 00,214,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcomn.dll
[2009/10/03 20:59:10 | 00,197,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemupgd.dll
[2009/10/03 20:59:10 | 00,196,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiadap.exe
[2009/10/03 20:59:10 | 00,196,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcntl.dll
[2009/10/03 20:59:10 | 00,178,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemdisp.dll
[2009/10/03 20:59:10 | 00,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\viewprov.dll
[2009/10/03 20:59:10 | 00,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemtest.exe
[2009/10/03 20:59:10 | 00,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiaprpl.dll
[2009/10/03 20:59:10 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcons.dll
[2009/10/03 20:59:10 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemsvc.dll
[2009/10/03 20:59:10 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemprox.dll
[2009/10/03 20:59:10 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiapres.dll
[2009/10/03 20:59:09 | 00,237,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\provthrd.dll
[2009/10/03 20:59:09 | 00,212,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntevt.dll
[2009/10/03 20:59:09 | 00,177,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\repdrvfs.dll
[2009/10/03 20:59:09 | 00,092,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\policman.dll
[2009/10/03 20:59:09 | 00,086,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\stdprov.dll
[2009/10/03 20:59:09 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scrcons.exe
[2009/10/03 20:59:08 | 00,185,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\framedyn.dll
[2009/10/03 20:59:08 | 00,123,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mofd.dll
[2009/10/03 20:59:08 | 00,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ncprov.dll
[2009/10/03 20:59:08 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\krnlprov.dll
[2009/10/03 20:59:08 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mofcomp.exe
[2009/10/03 20:59:07 | 01,352,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cimwin32.dll
[2009/10/03 20:59:07 | 00,473,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fastprox.dll
[2009/10/03 20:59:07 | 00,247,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\esscli.dll
[2009/10/03 20:59:06 | 00,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmprops.dll
[2009/10/03 20:59:06 | 00,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmprops.dll
[2009/10/03 20:59:06 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\licwmi.dll
[2009/10/03 20:59:06 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\licwmi.dll
[2009/10/03 20:59:06 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\servdeps.dll
[2009/10/03 20:59:06 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\servdeps.dll
[2009/10/03 20:59:06 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmfutil.dll
[2009/10/03 20:59:06 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mmfutil.dll
[2009/10/03 20:59:02 | 00,196,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rdpdr.sys
[2009/10/03 20:59:02 | 00,040,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\termdd.sys
[2009/10/03 20:59:02 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users.WINDOWS\Documents\My Videos
[2009/09/27 18:20:04 | 02,173,544 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcplui.exe
[2009/09/27 18:20:04 | 00,420,456 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcpl.cpl
[2009/09/27 18:20:00 | 00,081,920 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvwddi.dll
[2009/09/27 18:19:52 | 03,166,208 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvwss.dll
[2009/09/27 18:19:50 | 04,026,368 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvvitvs.dll
[2009/09/27 18:19:48 | 03,547,136 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvgames.dll
[2009/09/27 18:19:48 | 01,286,144 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvmobls.dll
[2009/09/27 18:19:48 | 00,188,416 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvmccss.dll
[2009/09/27 18:19:46 | 13,918,208 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcpl.dll
[2009/09/27 18:19:46 | 04,935,680 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvdisps.dll
[2009/09/27 18:19:46 | 00,172,100 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvsvc32.exe
[2009/09/27 18:19:46 | 00,143,360 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcolor.exe
[2009/09/27 18:19:46 | 00,086,016 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvmctray.dll
[2009/09/27 18:19:40 | 00,229,376 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvmccs.dll
[2009/09/27 16:12:22 | 02,194,024 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcuvid.dll
[2009/09/27 16:12:22 | 01,714,792 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcuvenc.dll

========== Files - Modified Within 30 Days ==========

[1 C:\WINDOWS\*.tmp files]
[2009/10/27 10:46:55 | 00,024,944 | ---- | M] () -- C:\WINDOWS\System32\drivers\GVTDrv.sys
[2009/10/27 10:46:50 | 00,000,260 | ---- | M] () -- C:\WINDOWS\tasks\WGASetup.job
[2009/10/27 10:46:41 | 00,016,608 | ---- | M] (Windows ® 2000 DDK provider) -- C:\WINDOWS\gdrv.sys
[2009/10/27 10:46:40 | 00,248,910 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2009/10/27 10:46:31 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/10/27 10:46:30 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/10/26 14:10:14 | 03,207,062 | -H-- | M] () -- C:\Documents and Settings\Home\Local Settings\Application Data\IconCache.db
[2009/10/25 14:52:59 | 00,000,815 | ---- | M] () -- C:\Documents and Settings\Home\Desktop\Internet Explorer.lnk
[2009/10/24 18:25:32 | 00,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009/10/24 12:31:47 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/10/22 22:32:21 | 00,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2009/10/21 00:07:12 | 00,000,354 | ---- | M] () -- C:\WINDOWS\tasks\At1.job
[2009/10/21 00:01:57 | 00,007,168 | ---- | M] () -- C:\Documents and Settings\Home\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/10/20 22:22:11 | 00,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/10/20 21:48:55 | 00,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deploytk.dll
[2009/10/20 21:48:55 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2009/10/20 21:48:55 | 00,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2009/10/20 21:48:55 | 00,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2009/10/20 21:48:55 | 00,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2009/10/20 21:38:26 | 00,000,498 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Opera.lnk
[2009/10/20 20:50:51 | 00,023,528 | ---- | M] () -- C:\WINDOWS\System32\productregistry
[2009/10/20 20:50:50 | 00,001,025 | ---- | M] () -- C:\Documents and Settings\Home\Start Menu\Programs\Startup\SDK Tray Menu.lnk
[2009/10/15 13:30:39 | 00,001,707 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Avira AntiVir Control Center.lnk
[2009/10/13 01:20:46 | 00,000,319 | ---- | M] () -- C:\WINDOWS\game.ini
[2009/10/13 00:26:20 | 00,000,780 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\SUPERAntiSpyware Free Edition.lnk
[2009/10/10 16:08:00 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/10/09 19:47:04 | 00,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for
[2009/10/09 19:41:07 | 00,001,482 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\QuickTime Player.lnk
[2009/10/06 23:35:36 | 00,000,351 | ---- | M] () -- C:\WINDOWS\wincmd.ini
[2009/10/06 23:33:29 | 00,002,516 | -HS- | M] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2009/10/06 23:33:24 | 00,000,008 | RHS- | M] () -- C:\WINDOWS\System32\C0C3F26E06.sys
[2009/10/05 00:19:59 | 00,000,524 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\µTorrent.lnk
[2009/10/04 21:05:19 | 00,532,480 | ---- | M] (ScreenTime Media) -- C:\WINDOWS\System32\manutd_fanzone_oldtrafford.scr
[2009/10/04 16:55:56 | 00,000,594 | ---- | M] () -- C:\Documents and Settings\Home\Desktop\WinRAR.lnk
[2009/10/04 16:53:35 | 00,000,584 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Notepad++.lnk
[2009/10/04 16:48:57 | 00,000,602 | ---- | M] () -- C:\Documents and Settings\Home\Desktop\Total Commander.lnk
[2009/10/04 16:46:08 | 00,000,615 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\VLC media player.lnk
[2009/10/04 14:25:30 | 00,356,120 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/10/04 14:25:30 | 00,311,934 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/10/04 14:25:30 | 00,040,196 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/10/04 03:29:41 | 00,090,296 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/10/04 02:23:38 | 00,000,231 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/10/03 22:17:10 | 00,012,328 | ---- | M] () -- C:\Documents and Settings\Home\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009/10/03 22:10:09 | 00,001,724 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Corel MediaOne.lnk
[2009/10/03 22:07:52 | 00,001,630 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\WinZip.lnk
[2009/10/03 22:03:42 | 00,001,602 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Adobe Reader 6.0.lnk
[2009/10/03 21:49:11 | 00,940,794 | ---- | M] () -- C:\WINDOWS\System32\LoopyMusic.wav
[2009/10/03 21:49:11 | 00,146,650 | ---- | M] () -- C:\WINDOWS\System32\BuzzingBee.wav
[2009/10/03 21:06:02 | 00,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD
[2009/10/03 21:04:59 | 00,000,261 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2009/10/03 21:03:14 | 00,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2009/10/03 21:03:14 | 00,000,477 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/10/03 21:03:14 | 00,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2009/10/03 21:03:14 | 00,000,000 | RHS- | M] () -- C:\IO.SYS
[2009/10/03 21:03:14 | 00,000,000 | ---- | M] () -- C:\WINDOWS\control.ini
[2009/10/03 21:03:14 | 00,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2009/10/03 21:03:14 | 00,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2009/10/03 21:03:11 | 00,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2009/10/03 21:03:11 | 00,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2009/10/03 21:03:11 | 00,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2009/10/03 21:03:03 | 00,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2009/10/03 21:02:32 | 00,000,488 | RH-- | M] () -- C:\WINDOWS\System32\WindowsLogon.manifest
[2009/10/03 21:02:32 | 00,000,488 | RH-- | M] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2009/10/03 21:02:28 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\WindowsShell.Manifest
[2009/10/03 21:02:28 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2009/10/03 21:02:28 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2009/10/03 21:02:28 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2009/10/03 21:02:28 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2009/10/03 21:02:28 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2009/10/03 21:00:30 | 00,021,640 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009/10/03 21:00:21 | 00,000,037 | ---- | M] () -- C:\WINDOWS\vbaddin.ini
[2009/10/03 21:00:21 | 00,000,036 | ---- | M] () -- C:\WINDOWS\vb.ini
[2009/10/03 20:58:26 | 00,000,211 | -HS- | M] () -- C:\boot.ini
[2009/10/02 23:31:57 | 25,198,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe
[2009/09/27 18:20:04 | 02,173,544 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcplui.exe
[2009/09/27 18:20:04 | 00,420,456 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcpl.cpl
[2009/09/27 18:20:00 | 00,081,920 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvwddi.dll
[2009/09/27 18:19:52 | 03,166,208 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvwss.dll
[2009/09/27 18:19:50 | 04,026,368 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvvitvs.dll
[2009/09/27 18:19:48 | 03,547,136 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvgames.dll
[2009/09/27 18:19:48 | 01,286,144 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvmobls.dll
[2009/09/27 18:19:48 | 00,188,416 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvmccss.dll
[2009/09/27 18:19:46 | 13,918,208 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcpl.dll
[2009/09/27 18:19:46 | 04,935,680 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvdisps.dll
[2009/09/27 18:19:46 | 00,172,100 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvsvc32.exe
[2009/09/27 18:19:46 | 00,143,360 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcolor.exe
[2009/09/27 18:19:46 | 00,086,016 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvmctray.dll
[2009/09/27 18:19:46 | 00,068,587 | ---- | M] () -- C:\WINDOWS\System32\NvwsApps.xml
[2009/09/27 18:19:40 | 00,229,376 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvmccs.dll
[2009/09/27 16:12:22 | 10,756,096 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvoglnt.dll
[2009/09/27 16:12:22 | 07,655,872 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\drivers\nv4_mini.sys
[2009/09/27 16:12:22 | 07,655,872 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\dllcache\nv4_mini.sys
[2009/09/27 16:12:22 | 05,900,416 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nv4_disp.dll
[2009/09/27 16:12:22 | 02,194,024 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcuvid.dll
[2009/09/27 16:12:22 | 02,007,040 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcuda.dll
[2009/09/27 16:12:22 | 01,714,792 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcuvenc.dll
[2009/09/27 16:12:22 | 01,604,482 | ---- | M] () -- C:\WINDOWS\System32\nvdata.bin
[2009/09/27 16:12:22 | 00,888,832 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvapi.dll
[2009/09/27 16:12:22 | 00,490,088 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvudisp.exe
[2009/09/27 16:12:22 | 00,170,600 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcodins.dll
[2009/09/27 16:12:22 | 00,170,600 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcod.dll
[2009/09/27 16:12:22 | 00,023,127 | ---- | M] () -- C:\WINDOWS\System32\nvdisp.nvu

========== Files - No Company Name ==========
[2009/10/25 14:52:59 | 00,000,815 | ---- | C] () -- C:\Documents and Settings\Home\Desktop\Internet Explorer.lnk
[2009/10/24 18:48:45 | 00,201,157 | ---- | C] () -- C:\WINDOWS\System32\nvapps.nvb
[2009/10/24 18:31:08 | 00,023,127 | ---- | C] () -- C:\WINDOWS\System32\nvdisp.nvu
[2009/10/24 18:22:17 | 00,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009/10/20 21:38:26 | 00,000,498 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Opera.lnk
[2009/10/20 20:50:50 | 00,001,025 | ---- | C] () -- C:\Documents and Settings\Home\Start Menu\Programs\Startup\SDK Tray Menu.lnk
[2009/10/20 20:49:48 | 00,023,528 | ---- | C] () -- C:\WINDOWS\System32\productregistry
[2009/10/15 13:30:39 | 00,001,707 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Avira AntiVir Control Center.lnk
[2009/10/13 01:20:46 | 00,000,319 | ---- | C] () -- C:\WINDOWS\game.ini
[2009/10/13 00:26:20 | 00,000,780 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\SUPERAntiSpyware Free Edition.lnk
[2009/10/10 03:00:54 | 00,000,260 | ---- | C] () -- C:\WINDOWS\tasks\WGASetup.job
[2009/10/09 21:10:22 | 00,000,354 | ---- | C] () -- C:\WINDOWS\tasks\At1.job
[2009/10/09 19:47:04 | 00,054,156 | -H-- | C] () -- C:\WINDOWS\QTFont.qfn
[2009/10/09 19:47:04 | 00,001,409 | ---- | C] () -- C:\WINDOWS\QTFont.for
[2009/10/09 19:41:07 | 00,001,482 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\QuickTime Player.lnk
[2009/10/09 19:40:05 | 00,000,284 | ---- | C] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/10/06 23:33:24 | 00,002,516 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2009/10/06 23:33:24 | 00,000,008 | RHS- | C] () -- C:\WINDOWS\System32\C0C3F26E06.sys
[2009/10/05 00:19:59 | 00,000,524 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\µTorrent.lnk
[2009/10/04 16:55:56 | 00,000,594 | ---- | C] () -- C:\Documents and Settings\Home\Desktop\WinRAR.lnk
[2009/10/04 16:53:35 | 00,000,584 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Notepad++.lnk
[2009/10/04 16:48:57 | 00,000,602 | ---- | C] () -- C:\Documents and Settings\Home\Desktop\Total Commander.lnk
[2009/10/04 16:48:56 | 00,000,545 | ---- | C] () -- C:\WINDOWS\UC.PIF
[2009/10/04 16:48:56 | 00,000,545 | ---- | C] () -- C:\WINDOWS\RAR.PIF
[2009/10/04 16:48:56 | 00,000,545 | ---- | C] () -- C:\WINDOWS\PKZIP.PIF
[2009/10/04 16:48:56 | 00,000,545 | ---- | C] () -- C:\WINDOWS\PKUNZIP.PIF
[2009/10/04 16:48:56 | 00,000,545 | ---- | C] () -- C:\WINDOWS\NOCLOSE.PIF
[2009/10/04 16:48:56 | 00,000,545 | ---- | C] () -- C:\WINDOWS\LHA.PIF
[2009/10/04 16:48:56 | 00,000,545 | ---- | C] () -- C:\WINDOWS\ARJ.PIF
[2009/10/04 16:48:56 | 00,000,351 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2009/10/04 16:46:08 | 00,000,615 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\VLC media player.lnk
[2009/10/04 02:23:42 | 00,001,393 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2009/10/04 02:23:37 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28603.nls
[2009/10/04 02:23:37 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28603.nls
[2009/10/04 02:23:35 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_857.nls
[2009/10/04 02:23:35 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_857.nls
[2009/10/04 02:23:35 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28599.nls
[2009/10/04 02:23:35 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10081.nls
[2009/10/04 02:23:35 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28599.nls
[2009/10/04 02:23:35 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10081.nls
[2009/10/04 02:23:33 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28595.nls
[2009/10/04 02:23:33 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10017.nls
[2009/10/04 02:23:33 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10007.nls
[2009/10/04 02:23:33 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28595.NLS
[2009/10/04 02:23:33 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10017.nls
[2009/10/04 02:23:33 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10007.nls
[2009/10/04 02:23:31 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_869.nls
[2009/10/04 02:23:31 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_737.nls
[2009/10/04 02:23:31 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_869.nls
[2009/10/04 02:23:31 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_737.nls
[2009/10/04 02:23:31 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_875.nls
[2009/10/04 02:23:31 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28597.nls
[2009/10/04 02:23:31 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10006.nls
[2009/10/04 02:23:31 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_875.nls
[2009/10/04 02:23:31 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28597.NLS
[2009/10/04 02:23:31 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10006.nls
[2009/10/04 02:23:30 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28594.nls
[2009/10/04 02:23:30 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28594.NLS
[2009/10/04 02:23:29 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_866.nls
[2009/10/04 02:23:29 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_855.nls
[2009/10/04 02:23:29 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_866.nls
[2009/10/04 02:23:29 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_855.nls
[2009/10/04 02:23:27 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_852.nls
[2009/10/04 02:23:27 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_852.nls
[2009/10/04 02:23:27 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10082.nls
[2009/10/04 02:23:27 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10029.nls
[2009/10/04 02:23:27 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10010.nls
[2009/10/04 02:23:27 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10082.nls
[2009/10/04 02:23:27 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10029.nls
[2009/10/04 02:23:27 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10010.nls
[2009/10/04 02:23:26 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20127.nls
[2009/10/04 02:23:26 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_20127.nls
[2009/10/04 02:23:23 | 00,001,688 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2009/10/04 02:23:15 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Application Data\desktop.ini
[2009/10/04 02:21:36 | 00,141,702 | ---- | C] () -- C:\WINDOWS\System32\dllcache\netfx.cat
[2009/10/04 02:21:36 | 00,110,116 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tabletpc.cat
[2009/10/04 02:21:36 | 00,031,965 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mediactr.cat
[2009/10/04 02:21:36 | 00,024,209 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn7.cat
[2009/10/04 02:21:36 | 00,011,651 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn9.cat
[2009/10/04 02:21:36 | 00,007,382 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2009/10/04 02:21:35 | 02,012,670 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5.CAT
[2009/10/04 02:21:35 | 01,086,058 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NTPRINT.CAT
[2009/10/04 02:21:35 | 01,042,903 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP2.CAT
[2009/10/04 02:21:35 | 00,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2009/10/04 02:21:35 | 00,502,724 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5INF.CAT
[2009/10/04 02:21:35 | 00,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2009/10/04 02:21:35 | 00,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2009/10/04 02:21:35 | 00,031,281 | ---- | C] () -- C:\WINDOWS\System32\dllcache\FP4.CAT
[2009/10/04 02:21:35 | 00,013,753 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IMS.CAT
[2009/10/04 02:21:35 | 00,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2009/10/04 02:21:35 | 00,009,581 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSMSGS.CAT
[2009/10/04 02:21:35 | 00,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2009/10/04 02:21:35 | 00,007,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat
[2009/10/04 02:21:35 | 00,007,245 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSTSWEB.CAT
[2009/10/04 02:21:00 | 00,090,296 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/10/04 02:19:59 | 00,000,261 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf
[2009/10/04 01:28:16 | 01,685,606 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.spd
[2009/10/04 01:28:16 | 00,000,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.sdf
[2009/10/04 01:28:15 | 00,643,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa
[2009/10/04 01:28:15 | 00,605,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa
[2009/10/04 01:24:28 | 00,000,211 | -HS- | C] () -- C:\boot.ini
[2009/10/03 23:11:01 | 00,007,168 | ---- | C] () -- C:\Documents and Settings\Home\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/10/03 22:17:10 | 00,012,328 | ---- | C] () -- C:\Documents and Settings\Home\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009/10/03 22:17:03 | 00,024,944 | ---- | C] () -- C:\WINDOWS\System32\drivers\GVTDrv.sys
[2009/10/03 22:10:09 | 00,001,724 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Corel MediaOne.lnk
[2009/10/03 22:07:52 | 00,001,630 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\WinZip.lnk
[2009/10/03 22:03:42 | 00,001,602 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Adobe Reader 6.0.lnk
[2009/10/03 21:49:11 | 00,940,794 | ---- | C] () -- C:\WINDOWS\System32\LoopyMusic.wav
[2009/10/03 21:49:11 | 00,146,650 | ---- | C] () -- C:\WINDOWS\System32\BuzzingBee.wav
[2009/10/03 21:47:56 | 00,000,553 | R--- | C] () -- C:\WINDOWS\USetup.iss
[2009/10/03 21:46:46 | 00,032,320 | R--- | C] () -- C:\WINDOWS\System32\igxpxs32.vp
[2009/10/03 21:46:46 | 00,002,096 | R--- | C] () -- C:\WINDOWS\System32\igxpxk32.vp
[2009/10/03 21:46:28 | 00,208,896 | R--- | C] () -- C:\WINDOWS\System32\igxpun.exe
[2009/10/03 21:23:26 | 03,207,062 | -H-- | C] () -- C:\Documents and Settings\Home\Local Settings\Application Data\IconCache.db
[2009/10/03 21:07:52 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\Home\Application Data\desktop.ini
[2009/10/03 21:06:18 | 00,000,006 | -H-- | C] () -- C:\WINDOWS\tasks\SA.DAT
[2009/10/03 21:06:02 | 00,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2009/10/03 21:04:59 | 00,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009/10/03 21:04:53 | 00,028,288 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xjis.nls
[2009/10/03 21:04:35 | 00,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prcp.nls
[2009/10/03 21:04:35 | 00,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prc.nls
[2009/10/03 21:04:33 | 00,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2009/10/03 21:04:24 | 01,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2009/10/03 21:04:24 | 00,047,066 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ksc.nls
[2009/10/03 21:04:19 | 00,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2009/10/03 21:04:19 | 00,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2009/10/03 21:04:17 | 00,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2009/10/03 21:04:09 | 13,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2009/10/03 21:04:04 | 00,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2009/10/03 21:04:02 | 00,094,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fpencode.dll
[2009/10/03 21:03:54 | 00,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2009/10/03 21:03:51 | 00,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20949.nls
[2009/10/03 21:03:51 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_864.nls
[2009/10/03 21:03:51 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_862.nls
[2009/10/03 21:03:51 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_858.nls
[2009/10/03 21:03:51 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_720.nls
[2009/10/03 21:03:51 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_870.nls
[2009/10/03 21:03:51 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_708.nls
[2009/10/03 21:03:51 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28596.nls
[2009/10/03 21:03:51 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21027.nls
[2009/10/03 21:03:51 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21025.nls
[2009/10/03 21:03:50 | 00,180,770 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20932.nls
[2009/10/03 21:03:50 | 00,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20936.nls
[2009/10/03 21:03:50 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20924.nls
[2009/10/03 21:03:50 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20880.nls
[2009/10/03 21:03:50 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20871.nls
[2009/10/03 21:03:50 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20838.nls
[2009/10/03 21:03:50 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20833.nls
[2009/10/03 21:03:50 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20424.nls
[2009/10/03 21:03:50 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20423.nls
[2009/10/03 21:03:50 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20420.nls
[2009/10/03 21:03:50 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20297.nls
[2009/10/03 21:03:50 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20290.nls
[2009/10/03 21:03:50 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20285.nls
[2009/10/03 21:03:50 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20284.nls
[2009/10/03 21:03:50 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20280.nls
[2009/10/03 21:03:50 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20278.nls
[2009/10/03 21:03:50 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20277.nls
[2009/10/03 21:03:50 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20273.nls
[2009/10/03 21:03:50 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20269.nls
[2009/10/03 21:03:50 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20108.nls
[2009/10/03 21:03:50 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20107.nls
[2009/10/03 21:03:49 | 00,189,986 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1361.nls
[2009/10/03 21:03:49 | 00,187,938 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20005.nls
[2009/10/03 21:03:49 | 00,186,402 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20001.nls
[2009/10/03 21:03:49 | 00,185,378 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20003.nls
[2009/10/03 21:03:49 | 00,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20004.nls
[2009/10/03 21:03:49 | 00,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20000.nls
[2009/10/03 21:03:49 | 00,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20002.nls
[2009/10/03 21:03:49 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20106.nls
[2009/10/03 21:03:49 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20105.nls
[2009/10/03 21:03:49 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1149.nls
[2009/10/03 21:03:49 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1148.nls
[2009/10/03 21:03:49 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1147.nls
[2009/10/03 21:03:49 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1146.nls
[2009/10/03 21:03:49 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1145.nls
[2009/10/03 21:03:49 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1144.nls
[2009/10/03 21:03:49 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1143.nls
[2009/10/03 21:03:49 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1142.nls
[2009/10/03 21:03:48 | 00,195,618 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10002.nls
[2009/10/03 21:03:48 | 00,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10003.nls
[2009/10/03 21:03:48 | 00,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10008.nls
[2009/10/03 21:03:48 | 00,162,850 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10001.nls
[2009/10/03 21:03:48 | 00,082,172 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bopomofo.nls
[2009/10/03 21:03:48 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1141.nls
[2009/10/03 21:03:48 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1140.nls
[2009/10/03 21:03:48 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1047.nls
[2009/10/03 21:03:48 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10021.nls
[2009/10/03 21:03:48 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10005.nls
[2009/10/03 21:03:48 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10004.nls
[2009/10/03 21:03:47 | 00,066,728 | ---- | C] () -- C:\WINDOWS\System32\dllcache\big5.nls
[2009/10/03 21:03:14 | 00,002,577 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT
[2009/10/03 21:03:14 | 00,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2009/10/03 21:03:14 | 00,000,000 | RHS- | C] () -- C:\IO.SYS
[2009/10/03 21:03:14 | 00,000,000 | ---- | C] () -- C:\CONFIG.SYS
[2009/10/03 21:03:14 | 00,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT
[2009/10/03 21:03:11 | 00,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2009/10/03 21:03:11 | 00,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2009/10/03 21:03:10 | 00,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2009/10/03 21:02:32 | 00,000,488 | RH-- | C] () -- C:\WINDOWS\System32\WindowsLogon.manifest
[2009/10/03 21:02:32 | 00,000,488 | RH-- | C] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2009/10/03 21:02:28 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\WindowsShell.Manifest
[2009/10/03 21:02:28 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2009/10/03 21:02:28 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2009/10/03 21:02:28 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2009/10/03 21:02:28 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2009/10/03 21:02:28 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2009/10/03 21:02:15 | 04,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex
[2009/10/03 21:01:43 | 00,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2009/10/03 21:01:43 | 00,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2009/10/03 21:01:35 | 00,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf
[2009/10/03 21:01:20 | 00,004,639 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.exe
[2009/10/03 21:01:05 | 00,376,320 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msinfo.dll
[2009/10/03 21:00:30 | 00,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009/10/03 20:59:48 | 00,065,954 | ---- | C] () -- C:\WINDOWS\Prairie Wind.bmp
[2009/10/03 20:59:48 | 00,065,832 | ---- | C] () -- C:\WINDOWS\Santa Fe Stucco.bmp
[2009/10/03 20:59:48 | 00,026,680 | ---- | C] () -- C:\WINDOWS\River Sumida.bmp
[2009/10/03 20:59:48 | 00,017,362 | ---- | C] () -- C:\WINDOWS\Rhododendron.bmp
[2009/10/03 20:59:48 | 00,009,522 | ---- | C] () -- C:\WINDOWS\Zapotec.bmp
[2009/10/03 20:59:47 | 00,065,978 | ---- | C] () -- C:\WINDOWS\Soap Bubbles.bmp
[2009/10/03 20:59:47 | 00,026,582 | ---- | C] () -- C:\WINDOWS\Greenstone.bmp
[2009/10/03 20:59:47 | 00,017,336 | ---- | C] () -- C:\WINDOWS\Gone Fishing.bmp
[2009/10/03 20:59:47 | 00,017,062 | ---- | C] () -- C:\WINDOWS\Coffee Bean.bmp
[2009/10/03 20:59:47 | 00,016,730 | ---- | C] () -- C:\WINDOWS\FeatherTexture.bmp
[2009/10/03 20:59:47 | 00,001,272 | ---- | C] () -- C:\WINDOWS\Blue Lace 16.bmp
[2009/10/03 20:59:46 | 00,093,702 | ---- | C] () -- C:\WINDOWS\System32\subrange.uce
[2009/10/03 20:59:46 | 00,060,458 | ---- | C] () -- C:\WINDOWS\System32\ideograf.uce
[2009/10/03 20:59:46 | 00,024,006 | ---- | C] () -- C:\WINDOWS\System32\gb2312.uce
[2009/10/03 20:59:46 | 00,016,740 | ---- | C] () -- C:\WINDOWS\System32\shiftjis.uce
[2009/10/03 20:59:46 | 00,012,876 | ---- | C] () -- C:\WINDOWS\System32\korean.uce
[2009/10/03 20:59:46 | 00,008,484 | ---- | C] () -- C:\WINDOWS\System32\kanji_2.uce
[2009/10/03 20:59:46 | 00,006,948 | ---- | C] () -- C:\WINDOWS\System32\kanji_1.uce
[2009/10/03 20:59:45 | 00,022,984 | ---- | C] () -- C:\WINDOWS\System32\bopomofo.uce
[2009/10/03 20:59:43 | 00,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h
[2009/10/03 20:59:43 | 00,001,161 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2009/10/03 20:59:42 | 00,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h
[2009/10/03 20:59:35 | 00,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc
[2009/09/27 18:19:46 | 00,248,910 | ---- | C] () -- C:\WINDOWS\System32\NvApps.xml
[2009/09/27 18:19:46 | 00,068,587 | ---- | C] () -- C:\WINDOWS\System32\NvwsApps.xml
[2009/09/27 16:12:22 | 01,604,482 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin
[2009/08/03 00:21:54 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2009/08/03 00:21:54 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2009/08/03 00:21:54 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2009/08/03 00:21:54 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2009/08/03 00:21:54 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2009/08/03 00:21:54 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2009/08/03 00:21:54 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2009/08/03 00:21:52 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2009/08/03 00:21:52 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2008/10/07 11:03:00 | 00,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2008/06/05 08:58:26 | 00,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2001/08/23 18:00:00 | 00,000,477 | ---- | C] () -- C:\WINDOWS\win.ini
[2001/08/23 18:00:00 | 00,000,231 | ---- | C] () -- C:\WINDOWS\system.ini

========== LOP Check ==========

[2009/10/24 19:54:08 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data
[2009/10/03 22:10:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Corel
[2009/10/09 20:12:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Trymedia
[2009/10/03 22:07:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\WinZip
[2009/10/20 21:40:41 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Home\Application Data
[2009/10/06 23:33:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Home\Application Data\Corel
[2009/10/04 16:53:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Home\Application Data\Notepad++
[2009/10/20 21:38:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Home\Application Data\Opera
[2009/10/12 22:08:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Home\Application Data\uTorrent
[2009/10/10 16:08:00 | 00,000,284 | ---- | M] () -- C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
[2009/10/21 00:07:12 | 00,000,354 | ---- | M] () -- C:\WINDOWS\Tasks\At1.job
[2001/08/23 18:00:00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini
[2009/10/27 10:46:31 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT
[2009/10/27 10:46:50 | 00,000,260 | ---- | M] () -- C:\WINDOWS\Tasks\WGASetup.job

========== Purity Check ==========


< End of report >

-----------------------------------------------

Also, I have quarantined viruses through the avira anti-vir software sometime back.
Since I have already done this I am attaching part of this report for your reference:

-----------------------------------------------

Beginning disinfection:
C:\System Volume Information\_restore{3370654A-84FC-44EB-A655-9AFBA0EDDBD6}\RP45\A0002074.ini
[DETECTION] Contains recognition pattern of the INF/AutoRun.J INF virus
[NOTE] The file was moved to '4b168d11.qua'!
C:\System Volume Information\_restore{3370654A-84FC-44EB-A655-9AFBA0EDDBD6}\RP60\A0003790.ini
[DETECTION] Contains recognition pattern of the INF/AutoRun.J INF virus
[NOTE] The file was moved to '4a627e0a.qua'!
E:\System Volume Information\_restore{3370654A-84FC-44EB-A655-9AFBA0EDDBD6}\RP45\A0002075.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '4a6c9712.qua'!

Beginning disinfection:
C:\WINDOWS\system32\autorun.ini
[DETECTION] Contains recognition pattern of the INF/AutoRun.J INF virus
[NOTE] The file was moved to '4b5a8507.qua'!


Beginning disinfection:
I:\SSVICHOSST.exe
[DETECTION] Contains recognition pattern of the W32/Sohanad.R Windows virus
[WARNING] The file was ignored!
I:\picture\picture.exe
[DETECTION] Contains recognition pattern of the W32/Sohanad.R Windows virus
[WARNING] The file was ignored!

-----------------------------------------------
Note: I is a removable disk of my mobile.

Aravind
Go to the top of the page
 
+Quote Post
emeraldnzl
post Oct 27 2009, 12:59 AM
Post #5


Trusted Helper
Group Icon
Posts: 8,065
OS: XP Pro
Hello again aravindps,

Please download ComboFix from one of these locations:

Link 1
Link 2

* IMPORTANT !!! Save ComboFix.exe to your Desktop
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools.
  • Double click on ComboFix.exe & follow the prompts.
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.


**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.



Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:



Click on Yes, to continue scanning for malware.

**Note: Do not mouseclick combo-fix's window while it's running. That may cause it to stall**

When finished, it will produce a log for you. Please include the C:\ComboFix.txt in your next reply.
Go to the top of the page
 
+Quote Post
aravindps
post Oct 28 2009, 11:22 AM
Post #6


New Member
*
Posts: 6
OS: Windows XP
Hi,
The log from comboFix is shown below:

-------------------------------------------

ComboFix 09-10-27.08 - Home 10/28/2009 22:45.1.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.2558.2162 [GMT 5.5:30]
Running from: c:\program files\ComboFix.exe
AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
* Created a new restore point
.

((((((((((((((((((((((((( Files Created from 2009-09-28 to 2009-10-28 )))))))))))))))))))))))))))))))
.

2009-10-28 17:08 . 2009-10-28 17:08 3440553 ----a-r- c:\program files\ComboFix.exe
2009-10-27 05:41 . 2009-10-27 05:41 -------- d-----w- c:\program files\Whale Communications
2009-10-24 14:24 . 2009-10-24 14:24 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\NVIDIA Corporation
2009-10-24 14:24 . 2009-10-24 14:24 -------- d-----w- c:\program files\NVIDIA Corporation
2009-10-24 14:23 . 2009-10-24 14:23 -------- d-----w- C:\NVIDIA
2009-10-24 13:31 . 2009-10-24 13:31 -------- d-----w- c:\program files\SystemRequirementsLab
2009-10-24 13:18 . 2009-10-24 13:20 -------- d-----w- c:\windows\NV36483644.TMP
2009-10-24 13:02 . 2009-10-24 14:24 -------- d-----w- c:\program files\AGEIA Technologies
2009-10-24 13:02 . 2009-10-24 13:02 -------- d-----w- c:\windows\system32\AGEIA
2009-10-24 13:01 . 2009-10-24 14:24 -------- d-----w- c:\windows\nview
2009-10-24 13:01 . 2009-09-27 10:42 490088 ----a-w- c:\windows\system32\nvudisp.exe
2009-10-24 13:00 . 2009-09-24 03:54 490088 ----a-w- c:\windows\system32\NVUNINST.EXE
2009-10-24 12:52 . 2009-10-24 12:55 664 ----a-w- c:\windows\system32\d3d9caps.dat
2009-10-22 17:02 . 2009-10-22 17:02 -------- d-----w- c:\documents and settings\Home\Local Settings\Application Data\Apple Computer
2009-10-20 16:49 . 2009-08-29 07:36 63488 -c----w- c:\windows\system32\dllcache\icardie.dll
2009-10-20 16:49 . 2009-08-29 07:36 380928 -c----w- c:\windows\system32\dllcache\ieapfltr.dll
2009-10-20 16:49 . 2009-08-28 10:28 13824 -c----w- c:\windows\system32\dllcache\ieudinit.exe
2009-10-20 16:49 . 2009-06-29 08:33 2452872 -c----w- c:\windows\system32\dllcache\ieapfltr.dat
2009-10-20 16:20 . 2009-10-20 16:20 -------- d-----w- c:\windows\Sun
2009-10-20 16:19 . 2009-10-20 16:18 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-10-20 16:08 . 2009-10-20 16:08 -------- d-----w- c:\documents and settings\Home\Local Settings\Application Data\Opera
2009-10-15 16:59 . 2009-10-15 16:59 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2009-10-15 08:00 . 2009-07-28 11:03 55656 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2009-10-15 08:00 . 2009-03-30 05:03 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys
2009-10-15 08:00 . 2009-02-13 06:59 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys
2009-10-15 08:00 . 2009-02-13 06:47 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys
2009-10-15 08:00 . 2009-10-15 17:17 -------- d-----w- c:\program files\Avira
2009-10-15 08:00 . 2009-10-15 08:00 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Avira
2009-10-14 18:50 . 2009-10-14 18:50 -------- d-----w- c:\program files\Avast Home Edition AntiVirus
2009-10-12 19:53 . 2009-10-12 19:53 -------- d-sh--w- c:\windows\ftpcache
2009-10-12 19:33 . 2009-10-12 19:33 -------- d-----w- c:\program files\Activision
2009-10-12 18:56 . 2009-10-12 18:56 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\SUPERAntiSpyware.com
2009-10-12 18:56 . 2009-10-15 07:45 -------- d-----w- c:\program files\SUPERAntiSpyware
2009-10-12 18:56 . 2009-10-12 18:56 -------- d-----w- c:\documents and settings\Home\Application Data\SUPERAntiSpyware.com
2009-10-12 18:55 . 2009-10-24 14:24 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-10-12 17:41 . 2009-10-12 17:44 -------- d-----w- c:\program files\ERUNT
2009-10-12 17:22 . 2009-10-12 17:22 -------- d-----w- c:\documents and settings\Home\Application Data\Malwarebytes
2009-10-12 17:22 . 2009-09-10 09:24 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-10-12 17:22 . 2009-10-12 17:29 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-10-12 17:22 . 2009-10-12 17:22 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Malwarebytes
2009-10-12 17:22 . 2009-09-10 09:23 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-10-12 17:18 . 2009-10-12 17:18 -------- d-----w- c:\program files\TFC
2009-10-09 21:30 . 2009-10-09 21:30 -------- d-----w- c:\windows\system32\KB905474
2009-10-09 21:30 . 2009-03-10 16:56 1403264 ----a-w- c:\windows\system32\KB905474\wganotifypackageinner.exe
2009-10-09 21:30 . 2009-03-10 16:48 453512 ----a-w- c:\windows\system32\KB905474\wgasetup.exe
2009-10-09 18:27 . 2009-10-18 19:07 -------- d-----w- c:\windows\system32\CatRoot_bak
2009-10-09 15:50 . 2009-10-09 15:50 -------- d--h--w- c:\windows\system32\GroupPolicy
2009-10-09 15:33 . 2009-10-09 15:33 -------- d-----w- c:\documents and settings\Home\Local Settings\Application Data\Identities
2009-10-09 14:42 . 2009-10-09 14:42 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Trymedia
2009-10-09 14:20 . 2009-10-09 14:20 -------- d-----w- c:\documents and settings\Home\Application Data\Apple Computer
2009-10-09 14:09 . 2009-10-09 14:10 -------- d-----w- c:\program files\Apple Software Update
2009-10-09 14:09 . 2009-10-09 14:09 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Apple Computer
2009-10-09 06:23 . 2009-10-09 06:23 -------- d-----w- c:\documents and settings\Home\Application Data\AdobeUM
2009-10-09 06:23 . 2009-10-09 06:23 -------- d-----w- c:\documents and settings\Home\Local Settings\Application Data\Adobe
2009-10-09 06:23 . 2009-10-09 06:23 -------- d-----w- c:\program files\Common Files\Adobe
2009-10-07 17:13 . 2009-10-17 20:25 -------- d-----w- c:\documents and settings\Home\Local Settings\Application Data\Google
2009-10-06 19:20 . 2009-10-17 20:25 -------- d-----w- c:\program files\Google
2009-10-06 19:04 . 2009-10-06 19:18 -------- d-----w- c:\windows\system32\Adobe
2009-10-06 18:03 . 2009-10-06 18:03 2516 --sha-w- c:\windows\system32\KGyGaAvL.sys
2009-10-06 18:03 . 2009-10-06 18:03 8 --sh--r- c:\windows\system32\C0C3F26E06.sys
2009-10-06 18:03 . 2009-10-06 18:03 -------- d-----w- c:\documents and settings\Home\Application Data\Corel
2009-10-06 18:03 . 2009-10-06 18:20 -------- d-----w- c:\documents and settings\Home\Local Settings\Application Data\Corel
2009-10-04 19:17 . 2009-10-04 19:17 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2009-10-04 18:48 . 2009-10-12 16:38 -------- d-----w- c:\documents and settings\Home\Application Data\uTorrent
2009-10-04 15:35 . 2009-10-04 15:35 -------- d-----w- c:\windows\system32\manutd_fanzone_oldtrafford dir
2009-10-04 15:35 . 2009-10-04 15:35 532480 ----a-w- c:\windows\system32\manutd_fanzone_oldtrafford.scr
2009-10-04 11:23 . 2009-10-04 11:23 -------- d-----w- c:\documents and settings\Home\Application Data\Notepad++
2009-10-04 11:21 . 2009-10-04 11:21 -------- d-sh--w- c:\documents and settings\Home\PrivacIE
2009-10-04 11:20 . 2009-10-04 11:20 -------- d-sh--w- c:\documents and settings\Home\IECompatCache
2009-10-04 11:18 . 2008-04-22 01:33 545 ----a-w- c:\windows\UC.PIF
2009-10-04 11:18 . 2008-04-22 01:33 545 ----a-w- c:\windows\RAR.PIF
2009-10-04 11:18 . 2008-04-22 01:33 545 ----a-w- c:\windows\PKZIP.PIF
2009-10-04 11:18 . 2008-04-22 01:33 545 ----a-w- c:\windows\PKUNZIP.PIF
2009-10-04 11:18 . 2008-04-22 01:33 545 ----a-w- c:\windows\NOCLOSE.PIF
2009-10-04 11:18 . 2008-04-22 01:33 545 ----a-w- c:\windows\LHA.PIF
2009-10-04 11:18 . 2008-04-22 01:33 545 ----a-w- c:\windows\ARJ.PIF
2009-10-04 11:17 . 2009-10-04 11:17 -------- d-----w- c:\documents and settings\Home\Application Data\vlc
2009-10-04 11:13 . 2009-10-04 11:13 -------- d-sh--w- c:\documents and settings\Home\IETldCache
2009-10-04 11:05 . 2009-08-07 08:48 100352 -c----w- c:\windows\system32\dllcache\iecompat.dll
2009-10-04 11:05 . 2009-10-20 16:01 -------- d-----w- c:\windows\ie8updates
2009-10-04 11:04 . 2009-08-29 08:08 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2009-10-04 11:04 . 2009-08-29 08:08 594432 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2009-10-04 11:04 . 2009-08-29 08:08 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2009-10-04 11:04 . 2009-08-29 08:08 1985536 -c----w- c:\windows\system32\dllcache\iertutil.dll
2009-10-04 11:04 . 2009-08-29 08:08 246272 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2009-10-04 11:04 . 2009-08-29 08:08 11069440 -c----w- c:\windows\system32\dllcache\ieframe.dll
2009-10-04 11:03 . 2009-08-29 07:36 78336 -c--a-w- c:\windows\system32\dllcache\ieencode.dll
2009-10-04 11:03 . 2009-08-29 07:36 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-10-03 21:52 . 2009-10-03 21:52 -------- d-----w- c:\program files\MSXML 4.0
2009-10-03 20:59 . 2009-08-04 13:58 2136064 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2009-10-03 20:59 . 2009-08-04 14:00 2180352 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe
2009-10-03 20:59 . 2009-08-04 13:13 2015744 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2009-10-03 20:59 . 2009-08-04 13:13 2057728 -c----w- c:\windows\system32\dllcache\ntkrnlpa.exe
2009-10-03 20:55 . 2001-08-17 13:59 3072 ----a-w- c:\windows\system32\drivers\audstub.sys
2009-10-03 20:54 . 2004-08-03 22:59 57472 ----a-w- c:\windows\system32\drivers\redbook.sys
2009-10-03 20:54 . 2004-08-03 19:26 74240 -c--a-w- c:\windows\system32\dllcache\usbui.dll
2009-10-03 20:54 . 2004-08-03 19:26 74240 ----a-w- c:\windows\system32\usbui.dll
2009-10-03 20:51 . 2009-10-28 17:10 -------- d--h--w- c:\documents and settings\Default User.WINDOWS
2009-10-03 20:51 . 2009-10-03 15:32 -------- d-----w- c:\documents and settings\All Users.WINDOWS
2009-10-03 20:45 . 2009-10-03 20:49 -------- d-----w- c:\windows\ehome
2009-10-03 20:41 . 2008-06-13 13:10 272128 -c----w- c:\windows\system32\dllcache\bthport.sys
2009-10-03 20:41 . 2008-06-13 13:10 272128 ------w- c:\windows\system32\drivers\bthport.sys
2009-10-03 20:28 . 2009-10-03 20:32 -------- d--h--w- c:\documents and settings\Default User
2009-10-03 20:28 . 2009-10-03 20:31 -------- d-----w- c:\documents and settings\All Users

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-10-28 17:03 . 2009-10-03 16:47 24944 ----a-w- c:\windows\system32\drivers\GVTDrv.sys
2009-10-28 17:03 . 2009-10-03 16:13 16608 ----a-w- c:\windows\gdrv.sys
2009-10-20 16:46 . 2009-10-03 16:31 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Kaspersky Lab
2009-10-12 19:50 . 2009-10-03 16:13 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-10-03 16:47 . 2009-10-03 16:47 12328 ----a-w- c:\documents and settings\Home\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-10-03 16:41 . 2009-10-03 16:17 -------- d-----w- c:\program files\Realtek
2009-10-03 16:40 . 2009-10-03 16:40 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Corel
2009-10-03 16:40 . 2009-10-03 16:39 -------- d-----w- c:\program files\Common Files\Corel
2009-10-03 16:37 . 2009-10-03 16:37 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\WinZip
2009-10-03 16:27 . 2009-10-03 16:27 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\InstallShield
2009-10-03 16:27 . 2009-10-03 16:13 -------- d-----w- c:\program files\Gigabyte
2009-10-03 16:27 . 2009-10-03 16:13 -------- d-----w- c:\program files\Common Files\InstallShield
2009-10-03 16:19 . 2009-10-03 16:19 -------- d-----w- c:\documents and settings\Home\Application Data\InstallShield
2009-10-03 16:14 . 2009-10-03 16:14 -------- d-----w- c:\program files\Intel
2009-10-03 16:14 . 2009-10-03 16:14 -------- d-----w- c:\program files\Browser Configuration Utility
2009-10-03 15:33 . 2009-10-03 15:33 -------- d-----w- c:\program files\microsoft frontpage
2009-10-03 15:30 . 2009-10-03 15:30 21640 ----a-w- c:\windows\system32\emptyregdb.dat
2009-09-27 12:50 . 2009-09-27 12:50 2173544 ----a-w- c:\windows\system32\nvcplui.exe
2009-09-27 12:50 . 2009-09-27 12:50 81920 ----a-w- c:\windows\system32\nvwddi.dll
2009-09-27 12:49 . 2009-09-27 12:49 3166208 ----a-w- c:\windows\system32\nvwss.dll
2009-09-27 12:49 . 2009-09-27 12:49 4026368 ----a-w- c:\windows\system32\nvvitvs.dll
2009-09-27 12:49 . 2009-09-27 12:49 3547136 ----a-w- c:\windows\system32\nvgames.dll
2009-09-27 12:49 . 2009-09-27 12:49 188416 ----a-w- c:\windows\system32\nvmccss.dll
2009-09-27 12:49 . 2009-09-27 12:49 1286144 ----a-w- c:\windows\system32\nvmobls.dll
2009-09-27 12:49 . 2009-09-27 12:49 86016 ----a-w- c:\windows\system32\nvmctray.dll
2009-09-27 12:49 . 2009-09-27 12:49 4935680 ----a-w- c:\windows\system32\nvdisps.dll
2009-09-27 12:49 . 2009-09-27 12:49 172100 ----a-w- c:\windows\system32\nvsvc32.exe
2009-09-27 12:49 . 2009-09-27 12:49 143360 ----a-w- c:\windows\system32\nvcolor.exe
2009-09-27 12:49 . 2009-09-27 12:49 13918208 ----a-w- c:\windows\system32\nvcpl.dll
2009-09-27 12:49 . 2009-09-27 12:49 229376 ----a-w- c:\windows\system32\nvmccs.dll
2009-09-27 10:42 . 2009-09-27 10:42 2194024 ----a-w- c:\windows\system32\nvcuvid.dll
2009-09-27 10:42 . 2009-09-27 10:42 1714792 ----a-w- c:\windows\system32\nvcuvenc.dll
2009-09-27 10:42 . 2009-09-27 10:42 1604482 ----a-w- c:\windows\system32\nvdata.bin
2009-09-27 10:42 . 2008-10-07 05:33 888832 ----a-w- c:\windows\system32\nvapi.dll
2009-09-27 10:42 . 2008-10-07 05:33 7655872 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2009-09-27 10:42 . 2008-10-07 05:33 5900416 ----a-w- c:\windows\system32\nv4_disp.dll
2009-09-27 10:42 . 2008-10-07 05:33 2007040 ----a-w- c:\windows\system32\nvcuda.dll
2009-09-27 10:42 . 2008-10-07 05:33 170600 ----a-w- c:\windows\system32\nvcodins.dll
2009-09-27 10:42 . 2008-10-07 05:33 170600 ----a-w- c:\windows\system32\nvcod.dll
2009-09-27 10:42 . 2008-10-07 05:33 10756096 ----a-w- c:\windows\system32\nvoglnt.dll
2009-09-11 14:33 . 2004-08-03 19:56 133632 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-04 20:45 . 2004-08-03 19:56 58880 ----a-w- c:\windows\system32\msasn1.dll
2009-08-29 07:36 . 2004-08-03 19:56 832512 ----a-w- c:\windows\system32\wininet.dll
2009-08-29 07:36 . 2004-08-03 19:56 17408 ------w- c:\windows\system32\corpol.dll
2009-08-26 08:16 . 2004-08-03 19:56 247326 ----a-w- c:\windows\system32\strmdll.dll
2009-08-14 08:06 . 2009-08-14 08:06 70936 ----a-w- c:\windows\system32\PhysXLoader.dll
2009-08-05 09:11 . 2004-08-03 19:56 204800 ----a-w- c:\windows\system32\mswebdvd.dll
2009-08-04 13:58 . 2004-08-03 18:18 2136064 ----a-w- c:\windows\system32\ntoskrnl.exe
2009-08-04 13:13 . 2004-08-03 22:59 2015744 ----a-w- c:\windows\system32\ntkrnlpa.exe
2009-08-02 18:51 . 2009-08-02 18:51 58648 ----a-w- c:\windows\system32\AgCPanelTraditionalChinese.dll
2009-08-02 18:51 . 2009-08-02 18:51 58648 ----a-w- c:\windows\system32\AgCPanelSwedish.dll
2009-08-02 18:51 . 2009-08-02 18:51 58648 ----a-w- c:\windows\system32\AgCPanelSpanish.dll
2009-08-02 18:51 . 2009-08-02 18:51 58648 ----a-w- c:\windows\system32\AgCPanelSimplifiedChinese.dll
2009-08-02 18:51 . 2009-08-02 18:51 58648 ----a-w- c:\windows\system32\AgCPanelPortugese.dll
2009-08-02 18:51 . 2009-08-02 18:51 58648 ----a-w- c:\windows\system32\AgCPanelKorean.dll
2009-08-02 18:51 . 2009-08-02 18:51 58648 ----a-w- c:\windows\system32\AgCPanelJapanese.dll
2009-08-02 18:51 . 2009-08-02 18:51 288024 ----a-w- c:\windows\system32\PhysXCplUI.exe
2009-08-02 18:51 . 2009-08-02 18:51 288024 ----a-w- c:\windows\system32\PhysXCompatCplUI.exe
2009-08-02 18:51 . 2009-08-02 18:51 23320 ----a-w- c:\windows\system32\PhysXDevice.dll
2009-08-02 18:51 . 2009-08-02 18:51 58648 ----a-w- c:\windows\system32\AgCPanelGerman.dll
2009-08-02 18:51 . 2009-08-02 18:51 58648 ----a-w- c:\windows\system32\AgCPanelFrench.dll
2009-07-31 12:47 . 2009-07-31 12:47 499712 ----a-w- c:\windows\system32\msvcp71.dll
2009-07-31 12:47 . 2009-07-31 12:47 348160 ----a-w- c:\windows\system32\msvcr71.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2009-10-15 2000112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-11-24 141336]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-11-24 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-11-24 141336]
"EasyTuneVI"="c:\program files\GIGABYTE\ET6\ETcall.exe" [2007-07-26 20480]
"Corel File Shell Monitor"="d:\program files\Corel\Corel MediaOne\CorelIOMonitor.exe" [2007-12-01 38400]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" [2006-03-20 213936]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2006-03-20 86960]
"QuickTime Task"="d:\program files\QuickTime\qttask.exe" [2007-02-16 282624]
"ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2006-03-20 213936]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"SunJavaUpdateSched"="d:\program files\Java\jre6\bin\jusched.exe" [2009-10-20 149280]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-09-27 13918208]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-09-27 86016]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.EXE [2009-01-13 18084864]

c:\documents and settings\Home\Start Menu\Programs\Startup\
SDK Tray Menu.lnk - d:\program files\Java\1.6\jdk\bin\javaw.exe [2009-10-20 139264]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 09:51 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"d:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"d:\\Program Files\\Java\\1.6\\jdk\\bin\\java.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"e:\\Games\\Cod4 Call Of Duty 4 Modern Warfare RELOADED\\Cod4\\Setup\\Data\\iw3mp.exe"=
"e:\\Games\\Valve\\Condition Zero\\czero.exe"=

R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [9/15/2009 11:42 AM 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [9/15/2009 11:42 AM 74480]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [10/15/2009 1:30 PM 108289]
R2 ES lite Service;ES lite Service for program management.;c:\program files\Gigabyte\EasySaver\essvr.exe [10/3/2009 9:43 PM 68136]
R2 RtNdPt5x;Realtek NDIS Protocol Driver;c:\windows\system32\drivers\RtNdPt5x.sys [10/3/2009 10:11 PM 22016]
R3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [9/15/2009 11:42 AM 7408]
S3 DMService;Whale Component Manager;c:\windows\DOWNLO~1\DMService.exe [10/27/2009 11:11 AM 423576]
S3 PciCon;PciCon;\??\h:\pcicon.sys --> h:\PciCon.sys [?]
S3 RTLTEAMING;Realtek Intermediate Driver for Ethernet Extended Features;c:\windows\system32\drivers\RTLTEAMING.SYS [10/3/2009 10:11 PM 28672]
S3 RTLVLAN;Realtek VLAN Intermediate Driver;c:\windows\system32\drivers\RTLVLAN.SYS [10/3/2009 10:11 PM 17408]
SUnknown GVTDrv;GVTDrv; [x]

--- Other Services/Drivers In Memory ---

*NewlyCreated* - MBR
*Deregistered* - mbr
.
Contents of the 'Scheduled Tasks' folder

2009-10-10 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-01-10 10:12]

2009-10-28 c:\windows\Tasks\WGASetup.job
- c:\windows\system32\KB905474\wgasetup.exe [2009-10-09 16:48]
.
.
------- Supplementary Scan -------
.
uStart Page = about:blank
DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
.
- - - - ORPHANS REMOVED - - - -

HKLM-Run-Corel Photo Downloader - d:\program files\Corel\Corel MediaOne\Corel PhotoDownloader.exe
HKLM-Run-nwiz - c:\program files\NVIDIA Corporation\nView\nwiz.exe
AddRemove-IGI 2 - c:\windows\unvise32.exe
AddRemove-NVIDIA nView Desktop Manager - c:\program files\NVIDIA Corporation\nView\nViewSetup.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-10-28 22:46
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(716)
c:\program files\SUPERAntiSpyware\SASWINLO.dll
c:\windows\system32\WININET.dll

- - - - - - - > 'explorer.exe'(3532)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
.
Completion time: 2009-10-28 22:47
ComboFix-quarantined-files.txt 2009-10-28 17:17

Pre-Run: 22,563,426,304 bytes free
Post-Run: 22,561,939,456 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

- - End Of File - - 667F12FBFBF1812BA8A67E56B0DEC5C0

-------------------------------------------
Regards,
Aravind
Go to the top of the page
 
+Quote Post
emeraldnzl
post Oct 28 2009, 01:58 PM
Post #7


Trusted Helper
Group Icon
Posts: 8,065
OS: XP Pro
Hello aravindps,

Well nothing leaping out at me there.

I suspect you have already dealt with the problem but let's just make two further checks to make sure we haven't missed anything.

Download GMER from here

Unzip it to the desktop.

**Caution**
These types of scans can produce false positives. Do NOT take any action on any "<--- ROOKIT" entries unless advised by a trained Security Analyst.

Open the program and click on the Rootkit tab.
Make sure all the boxes on the right of the screen are checked, EXCEPT for ‘Show All’.
Click on Scan.
When the scan has run click Copy and paste the results (if any) into this thread.

Next

Kaspersky on line scanner is very thorough. It can take a long time and for periods may seem not to be working. Just be patient and let it do its job.

Kaspersky works with Internet Explorer and Firefox 3. It uses Java Runtime Environment (JRE) .

Go to Kaspersky website and perform an online antivirus scan.

Note: you will need to turn off your security programs to allow Kaspersky to do its job.

  • Read through the requirements and privacy statement and click on Accept button.
  • It will start dowanloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run.
  • When the downloads have finished, click on Settings.
  • Make sure these boxes are checked (ticked). If they are not, please tick them and click on the Save button:
      Spyware, Adware, Dialers, and other potentially dangerous programs
      Archives
      Mail databases
  • Click on My Computer under Scan.
  • Once the scan is complete, it will display the results. Click on View Scan Report.
  • You will see a list of infected items there. Click on Save Report As....
  • Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button.
Copy and paste that information in your next post.

So when you return please post
  • GMER Rootkit revealer scan results
  • Kaspersky scan results
Go to the top of the page
 
+Quote Post
aravindps
post Oct 30 2009, 01:08 AM
Post #8


New Member
*
Posts: 6
OS: Windows XP
Hi,
The Kaspersky scan did not return any results. The log of GMER is given below:

----------------------------------------------------------------

GMER 1.0.15.15163 - http://www.gmer.net
Rootkit scan 2009-10-30 01:05:22
Windows 5.1.2600 Service Pack 2
Running: gtw5tzlt.exe; Driver: C:\DOCUME~1\Home\LOCALS~1\Temp\pxrdrpob.sys


---- System - GMER 1.0.15 ----

SSDT B87DA766 ZwCreateKey
SSDT B87DA75C ZwCreateThread
SSDT B87DA76B ZwDeleteKey
SSDT B87DA775 ZwDeleteValueKey
SSDT B87DA77A ZwLoadKey
SSDT B87DA748 ZwOpenProcess
SSDT B87DA74D ZwOpenThread
SSDT B87DA784 ZwReplaceKey
SSDT B87DA77F ZwRestoreKey
SSDT B87DA770 ZwSetValueKey
SSDT \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys (SASKUTIL.SYS/SUPERAdBlocker.com and SUPERAntiSpyware.com) ZwTerminateProcess [0xB421A0B0]

---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\Internet Explorer\iexplore.exe[3276] USER32.dll!DialogBoxParamW 7E42555F 5 Bytes JMP 3E1DF4B9 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3276] USER32.dll!DialogBoxIndirectParamW 7E432032 5 Bytes JMP 3E351FF7 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3276] USER32.dll!MessageBoxIndirectA 7E43A04A 5 Bytes JMP 3E351F78 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3276] USER32.dll!DialogBoxParamA 7E43B10C 5 Bytes JMP 3E351FBC C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3276] USER32.dll!MessageBoxExW 7E4505D8 5 Bytes JMP 3E351F04 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3276] USER32.dll!MessageBoxExA 7E4505FC 5 Bytes JMP 3E351F3E C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3276] USER32.dll!DialogBoxIndirectParamA 7E456B50 5 Bytes JMP 3E352032 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3276] USER32.dll!MessageBoxIndirectW 7E4662AB 5 Bytes JMP 3E2017EA C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3276] ole32.dll!OleLoadFromStream 7752A257 5 Bytes JMP 3E3521F4 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Fastfat \Fat fltMgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

---- EOF - GMER 1.0.15 ----


----------------------------------------------------------------

Regards,
Aravind
Go to the top of the page
 
+Quote Post
emeraldnzl
post Oct 30 2009, 02:13 AM
Post #9


Trusted Helper
Group Icon
Posts: 8,065
OS: XP Pro
Hello aravindps,

Your machine looks clean to me. thumbsup.gif

We have a couple of last steps to perform and then you're all set.

Follow these steps to uninstall Combofix and tools used in the removal of malware. This will also clean out and reset your Restore Points.
  • Click START then RUN
  • Now type Combofix /u in the runbox and click OK. Note the space between the X and the U, it needs to be there.


Step 2
  • Double-click OTL.exe to run it. (Vista users, please right click on OTL.exe and select "Run as an Administrator")
  • Click on the CleanUp! button
  • Click Yes to begin the Cleanup process and remove these components, including this application.
  • You will be asked to reboot the machine to finish the Cleanup process. If you are asked to reboot the machine choose Yes.


MBAM can be uninstalled via control panel add/remove but it may be a useful tool to keep. Erunt can also be uninstalled via the add/remove programs utility, for some though, it may be a useful backup program to hold on to.


-------------------------------------------------------------------------------------------------------------------

A reminder: Remember to turn back on any anti-malware programs you may have turned off during the cleaning process.

-------------------------------------------------------------------------------------------------------------------

Now that your machine is clean here are some things that I think are worth having a look at if you don't already know a bout them:

---------------------------------------------------------------------------------------------------------------------

Be sure and give the Temp folders a cleaning out now and then. This helps with security and your computer will run more efficiently. I clean mine once a week. For ease of use, you might consider the following free program:
--------------------------------------------------------------------------------------------------------------------

Make Internet Explorer more secure
  • Click Start > Run
  • Type Inetcpl.cpl & click OK
  • Click on the Security tab
  • Click Reset all zones to default level
  • Make sure the Internet Zone is selected & Click Custom level
  • In the ActiveX section, set the first two options ("Download signed and unsigned ActiveX controls) to "Prompt", and ("Initialize and Script ActiveX controls not marked as safe") to "Disable".
  • Next Click OK, then Apply button and then OK to exit the Internet Properties page.

* MVPS Hosts file replaces your current HOSTS file with one containing well known ad sites and other bad sites. Basically, this prevents your computer from connecting to those sites by redirecting them to 127.0.0.1 which is your local computer, meaning it will be difficult to infect yourself in the future.

* Consider using an alternate browser. Mozilla's Firefox browser is excellant; it is more secure than Internet Explorer. Firefox is my default browser but I retain Internet Explorer as well so that I can access the very few sites that require it.

Firefox may be downloaded from Here

NoScripts is a good Add-on for Firefox that prevents execution of malicious scripts.

-----------------------------------------------------------------------------------------------------------------------

Startuplite is a tool to help you stop some programs not needed when you start your computer from loading. They will begin automatically only when needed.

-----------------------------------------------------------------------------------------------------------------------

To help protect your computer in the future here are some free programs you can look at:

If your Microsoft Update is not working automatically. Keep your operating system up to date by visiting

monthly.

It is recommended that you do set Windows to check, download and install your updates automatically.
  • Click Start > Control Panel > Automatic Updates
  • Set the day and time for the update check. Set this to a time when your computer will normally be on and connected to the internet.
  • Click Apply then OK.

Go here for some good advice about how to prevent infection.

Have a safe and happy computing day!
Go to the top of the page
 
+Quote Post
aravindps
post Nov 1 2009, 10:48 AM
Post #10


New Member
*
Posts: 6
OS: Windows XP
Hi,
Thanks for the help. I am not seeing any infections as well through the anti-virus software.

Aravind thumbsup.gif
Go to the top of the page
 
+Quote Post
emeraldnzl
post Nov 1 2009, 12:20 PM
Post #11


Trusted Helper
Group Icon
Posts: 8,065
OS: XP Pro
Your welcome. smile.gif
Go to the top of the page
 
+Quote Post
emeraldnzl
post Nov 1 2009, 12:21 PM
Post #12


Trusted Helper
Group Icon
Posts: 8,065
OS: XP Pro
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. smile.gif

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
Go to the top of the page
 
+Quote Post
 

Closed TopicStart new topic
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:

 
RSS Time is now: 21st November 2009 - 06:36 AM

Advertisements do not imply our endorsement of that product or service. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks mentioned on this page are the property of their respective owners.

© Geeks to Go, Inc. | All Rights Reserved | Privacy Policy | Advertising
Powered By IP.Board © 2009  IPS, Inc.