Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Infection Popup At Bootup [Solved]

Started by rshaffer61 , Mar 12 2009 07:17 AM

This topic is locked

#1
rshaffer61

Posted 12 March 2009 - 07:17 AM

Moderator

Moderator
34,114 posts

Everytime I reboot I get a System 32 and a C:\Window folder that pops up when windows starts. I tried going thru the Applications forum but was referred back to malware. I will include my HJT log and mbam logs. There was one Trojan Agent but was quarantined. Thanks in advance Essexboy for your help with the virut virus and now this.

HJT log

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:39:35 PM, on 3/11/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18372)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Alwil Software\Avast4\aswUpdSv.exe
C:\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Google\Quick Search Box\qsb.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Portrait Displays\Pivot Software\wpctrl.exe
C:\Program Files\Acer Display\eDisplay Management\DTHtml.exe
C:\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe
C:\IObit\Advanced SystemCare 3\AWC.exe
C:\Program Files\Common Files\Portrait Displays\Shared\HookManager.exe
C:\Program Files\Lexmark 1200 Series\lxczbmon.exe
C:\Program Files\Portrait Displays\Pivot Software\floater.exe
C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe
C:\ICQ\ICQ.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Alwil Software\Avast4\ashMaiSv.exe
C:\Alwil Software\Avast4\ashWebSv.exe
C:\Winmx\WinMX.exe
C:\MxMonitor\MXMoniE.exe
C:\Metis 2.6\RoboMX.exe
C:\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\mspaint.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Elvis\Desktop\GeeksToGo Software\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tigerdire...hoppingcart.asp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.tigerdirect.com/cgi-bin/shoppingcart.asp
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.tigerdirect.com/cgi-bin/ShoppingCart.asp
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_9993303B90FE6C1D.dll
O2 - BHO: Ask.com Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\Supertoolbar\GenericAskToolbar.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: Ask.com Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\Supertoolbar\GenericAskToolbar.dll
O4 - HKLM\..\Run: [Google Quick Search Box] C:\Program Files\Google\Quick Search Box\qsb.exe /autorun
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe
O4 - HKLM\..\Run: [Windows Defender] C:\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [PivotSoftware] C:\Program Files\Portrait Displays\Pivot Software\wpctrl.exe
O4 - HKLM\..\Run: [DT ACR] C:\Program Files\Acer Display\eDisplay Management\DTHtml.exe -startup_folder
O4 - HKLM\..\Run: [avast!] C:\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Mirabilis ICQ] C:\ICQ\ICQNet.exe
O4 - HKLM\..\Run: [Lexmark 1200 Series] C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe
O4 - HKCU\..\Run: [Advanced SystemCare 3] C:\IObit\Advanced SystemCare 3\AWC.exe /startup
O4 - HKCU\..\Run: [comidle] "C:\Documents and Settings\Elvis\Application Data\comidle\comidle.exe" 61A847B5BBF72810339E3F466188719AB689201522886B092CBD44BD8689220221DD3257
O4 - HKCU\..\Run: [DW6] C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\MICROS~1\Office10\EXCEL.EXE/3000
O9 - Extra button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} - C:\ICQ\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\ICQ\ICQ.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1236058644531
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-sec...m/ols/fscax.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.m...ash/swflash.cab
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_9993303B90FE6C1D.dll
O20 - Winlogon Notify: !SASWinLogon - C:\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Portrait Displays Display Tune Service (DTSRVC) - Unknown owner - C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE

--
End of file - 7181 bytes

And the mbam log

Malwarebytes' Anti-Malware 1.34
Database version: 1814
Windows 5.1.2600 Service Pack 3

3/11/2009 8:07:18 PM
mbam-log-2009-03-11 (20-07-18).txt

Scan type: Quick Scan
Objects scanned: 64256
Time elapsed: 6 minute(s), 36 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\comidle (Trojan.Agent) -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

Edited by rshaffer61, 12 March 2009 - 07:19 AM.

#2
Essexboy

Posted 12 March 2009 - 12:27 PM

GeekU Moderator

Retired Staff
69,964 posts

Hi again Ron - you really should be careful using P2P programmes, scan all downloads with Avast before opening

OK to work

Please download the OTMoveIt3 by OldTimer.

Save it to your desktop.
Please double-click OTMoveIt3.exe to run it. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).

Copy the lines in the codebox below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):

:Reg
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"comidle"=-

:Files
C:\Documents and Settings\Elvis\Application Data\comidle

:Commands
[purity]
[emptytemp]

Return to OTMoveIt3, right click in the "Paste Instructions for Items to be Moved" window (under the yellow bar) and choose Paste.
Click the red Moveit! button.
Copy everything in the Results window (under the green bar) to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
Close OTMoveIt3

Note: If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes. In this case, after the reboot, open Notepad (Start->All Programs->Accessories->Notepad), click File->Open, in the File Name box enter *.log and press the Enter key, navigate to the C:\_OTMoveIt\MovedFiles folder, and open the newest .log file present, and copy/paste the contents of that document back here in your next post.

THEN

To ensure that I get all the information this log will need to be attached (instructions at the end) if it is to large to attach then upload to Mediafire and post the sharing link.

Download OTScanit2 to your Desktop and double-click on it to extract the files. It will create a folder named OTScanIt on your desktop.

Close ALL OTHER PROGRAMS.
Open the OTScanit folder and double-click on OTScanit.exe to start the program.
Check the box that says Scan All Users
Check the Radio button for Rootkit check YES
Under Additional Scans check the following:
- File - Lop Check
- File - Purity Scan
- Evnt - EventViewer Errors/Warnings (last 10)
Now click the Run Scan button on the toolbar.
Let it run unhindered until it finishes.
When the scan is complete Notepad will open with the report file loaded in it.
Click the Format menu and make sure that Wordwrap is not checked. If it is then click on it to uncheck it.

Please attach the log in your next post.

To attach a file, do the following:

Click Add Reply
Under the reply panel is the Attachments Panel
Browse for the attachment file you want to upload, then click the green Upload button
Once it has uploaded, click the Manage Current Attachments drop down box
Click on to insert the attachment into your post

#3
rshaffer61

Posted 12 March 2009 - 01:03 PM

Moderator

Topic Starter
Moderator
34,114 posts

OK Essex here we go. Btw What files are u seeing from p2p that started this mess? I usually have marelwarebytes scan everything before I open it. Should I use Avast for scanning instead? Here are the logs you requested

========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\comidle not found.
========== FILES ==========
File/Folder C:\Documents and Settings\Elvis\Application Data\comidle not found.
========== COMMANDS ==========
File delete failed. C:\DOCUME~1\Elvis\LOCALS~1\Temp\etilqs_kjQt8AUOxZ5H0fzB3YWs scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Elvis\LOCALS~1\Temp\qsb.log scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Elvis\LOCALS~1\Temp\~DF37.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Elvis\LOCALS~1\Temp\~DFFD15.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Elvis\LOCALS~1\Temp\~ROMFN_00000750 scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
File delete failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_5f8.dat scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_828.dat scheduled to be deleted on reboot.
Windows Temp folder emptied.
Java cache emptied.
File delete failed. C:\Documents and Settings\Elvis\Local Settings\Application Data\Mozilla\Firefox\Profiles\0u9fdn78.default\Cache\_CACHE_001_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Elvis\Local Settings\Application Data\Mozilla\Firefox\Profiles\0u9fdn78.default\Cache\_CACHE_002_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Elvis\Local Settings\Application Data\Mozilla\Firefox\Profiles\0u9fdn78.default\Cache\_CACHE_003_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Elvis\Local Settings\Application Data\Mozilla\Firefox\Profiles\0u9fdn78.default\Cache\_CACHE_MAP_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Elvis\Local Settings\Application Data\Mozilla\Firefox\Profiles\0u9fdn78.default\urlclassifier3.sqlite scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Elvis\Local Settings\Application Data\Mozilla\Firefox\Profiles\0u9fdn78.default\XUL.mfl scheduled to be deleted on reboot.
FireFox cache emptied.
Temp folders emptied.

OTMoveIt3 by OldTimer - Version 1.0.8.0 log created on 03122009_133427

Files moved on Reboot...
File C:\DOCUME~1\Elvis\LOCALS~1\Temp\etilqs_kjQt8AUOxZ5H0fzB3YWs not found!
C:\DOCUME~1\Elvis\LOCALS~1\Temp\qsb.log moved successfully.
File C:\DOCUME~1\Elvis\LOCALS~1\Temp\~DF37.tmp not found!
C:\DOCUME~1\Elvis\LOCALS~1\Temp\~DFFD15.tmp moved successfully.
File C:\DOCUME~1\Elvis\LOCALS~1\Temp\~ROMFN_00000750 not found!
File move failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be moved on reboot.
File move failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be moved on reboot.
File C:\WINDOWS\temp\Perflib_Perfdata_5f8.dat not found!
File C:\WINDOWS\temp\Perflib_Perfdata_828.dat not found!
C:\Documents and Settings\Elvis\Local Settings\Application Data\Mozilla\Firefox\Profiles\0u9fdn78.default\Cache\_CACHE_001_ moved successfully.
C:\Documents and Settings\Elvis\Local Settings\Application Data\Mozilla\Firefox\Profiles\0u9fdn78.default\Cache\_CACHE_002_ moved successfully.
C:\Documents and Settings\Elvis\Local Settings\Application Data\Mozilla\Firefox\Profiles\0u9fdn78.default\Cache\_CACHE_003_ moved successfully.
C:\Documents and Settings\Elvis\Local Settings\Application Data\Mozilla\Firefox\Profiles\0u9fdn78.default\Cache\_CACHE_MAP_ moved successfully.
C:\Documents and Settings\Elvis\Local Settings\Application Data\Mozilla\Firefox\Profiles\0u9fdn78.default\urlclassifier3.sqlite moved successfully.
C:\Documents and Settings\Elvis\Local Settings\Application Data\Mozilla\Firefox\Profiles\0u9fdn78.default\XUL.mfl moved successfully.

#4
Essexboy

Posted 12 March 2009 - 01:29 PM

GeekU Moderator

Retired Staff
69,964 posts

I usually have marelwarebytes scan everything before I open it. Should I use Avast for scanning instead?

Yes because I do not know if MBAM can detect Virut but I know that Avast can catch some of the vectors. Ensure that P2P shield in Avast is set to high and right click and scan with Avast when the download is complete.

That looked OK

Could you know click start and select Startup and let me know what programmes are within that section

#5
rshaffer61

Posted 12 March 2009 - 01:45 PM

Moderator

Topic Starter
Moderator
34,114 posts

Under Start>All Programs>Startup
There is only Microsoft Office

Is this what you needed?

#6
Essexboy

Posted 12 March 2009 - 01:53 PM

GeekU Moderator

Retired Staff
69,964 posts

Yep and it did not say what I wanted. Could I have a new log please

Download OTListIt2 to your desktop.
Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
When the window appears, underneath Output at the top change it to Minimal Output.
Check the boxes beside LOP Check and Purity Check.
Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
When the scan completes, it will open two notepad windows. OTListIt.Txt and Extras.Txt. These are saved in the same location as OTListIt2.
Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply.

#7
rshaffer61

Posted 12 March 2009 - 02:00 PM

Moderator

Topic Starter
Moderator
34,114 posts

Here is the OTlistit Log

OTListIt logfile created on: 3/12/2009 2:56:55 PM - Run 1
OTListIt2 by OldTimer - Version 2.0.3.5 Folder = C:\Documents and Settings\Elvis\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18372)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.97 Gb Total Physical Memory | 1.56 Gb Available Physical Memory | 79.50% Memory free
3.82 Gb Paging File | 3.47 Gb Available in Paging File | 90.89% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 76.68 Gb Total Space | 67.45 Gb Free Space | 87.96% Space Free | Partition Type: NTFS
Drive D: | 76.69 Gb Total Space | 68.46 Gb Free Space | 89.28% Space Free | Partition Type: NTFS
Drive E: | 232.88 Gb Total Space | 155.79 Gb Free Space | 66.90% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: RONALD
Current User Name: Elvis
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On

========== Processes (SafeList) ==========

PRC - C:\Windows Defender\MsMpEng.exe (Microsoft Corporation)
PRC - C:\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
PRC - C:\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
PRC - C:\WINDOWS\Explorer.EXE (Microsoft Corporation)
PRC - C:\WINDOWS\system32\LEXBCES.EXE (Lexmark International, Inc.)
PRC - C:\WINDOWS\system32\LEXPPS.EXE (Lexmark International, Inc.)
PRC - C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
PRC - C:\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)
PRC - C:\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)
PRC - C:\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
PRC - C:\Program Files\Portrait Displays\Pivot Software\wpctrl.exe ()
PRC - C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe (Lexmark International, Inc.)
PRC - C:\Program Files\Google\Quick Search Box\qsb.exe (Google Inc.)
PRC - C:\Program Files\Lexmark 1200 Series\lxczbmon.exe (Lexmark International, Inc.)
PRC - C:\Program Files\Common Files\Portrait Displays\Shared\HookManager.exe (Portrait Displays Inc.)
PRC - C:\IObit\Advanced SystemCare 3\AWC.exe (IObit)
PRC - C:\Program Files\Portrait Displays\Pivot Software\floater.exe ()
PRC - C:\Documents and Settings\Elvis\Desktop\OTListIt2.exe (OldTimer Tools)

========== Win32 Services (SafeList) ==========

SRV - (aswUpdSv [Auto | Running]) -- C:\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
SRV - (avast! Antivirus [Auto | Running]) -- C:\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
SRV - (avast! Mail Scanner [On_Demand | Running]) -- C:\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)
SRV - (avast! Web Scanner [On_Demand | Running]) -- C:\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)
SRV - (DTSRVC [Disabled | Stopped]) -- C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe ()
SRV - (gusvc [On_Demand | Stopped]) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (Google)
SRV - (helpsvc [Auto | Running]) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SRV - (JavaQuickStarterService [Auto | Running]) -- C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
SRV - (LexBceS [Auto | Running]) -- C:\WINDOWS\system32\LEXBCES.EXE (Lexmark International, Inc.)
SRV - (WinDefend [Auto | Running]) -- C:\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SRV - (WMPNetworkSvc [On_Demand | Stopped]) -- C:\Program Files\Windows Media Player\WMPNetwk.exe (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV - (Aavmker4 [System | Running]) -- C:\WINDOWS\System32\drivers\aavmker4.sys (ALWIL Software)
DRV - (aeaudio [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\aeaudio.sys (Andrea Electronics Corporation)
DRV - (aslm75 [Auto | Running]) -- C:\WINDOWS\system32\drivers\aslm75.sys ()
DRV - (aswFsBlk [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys (ALWIL Software)
DRV - (aswMon2 [Auto | Running]) -- C:\WINDOWS\System32\drivers\aswmon2.sys (ALWIL Software)
DRV - (aswRdr [On_Demand | Running]) -- C:\WINDOWS\System32\drivers\aswRdr.sys (ALWIL Software)
DRV - (aswSP [System | Running]) -- C:\WINDOWS\System32\drivers\aswSP.sys (ALWIL Software)
DRV - (aswTdi [System | Running]) -- C:\WINDOWS\System32\drivers\aswTdi.sys (ALWIL Software)
DRV - (DCamUSBCompany [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\p35u.sys (Tekom Technologies, Inc.)
DRV - (FET5X86V [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys (VIA Technologies, Inc. )
DRV - (FETND5BV [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys (VIA Technologies, Inc. )
DRV - (FETNDIS [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\fetnd5.sys (VIA Technologies, Inc. )
DRV - (gameenum [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\gameenum.sys (Microsoft Corporation)
DRV - (ms_mpu401 [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\msmpu401.sys (Microsoft Corporation)
DRV - (pdiddcci [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\pdiddcci.sys (Portrait Displays, Inc.)
DRV - (PdiPorts [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\PdiPorts.sys (Portrait Displays, Inc.)
DRV - (Pivot [System | Running]) -- C:\WINDOWS\System32\drivers\pivot.sys (Portrait Displays, Inc.)
DRV - (pivotmou [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\pivotmou.sys (Portrait Displays, Inc.)
DRV - (Ptilink [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\ptilink.sys (Parallel Technologies, Inc.)
DRV - (PxHelp20 [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\PxHelp20.sys (Sonic Solutions)
DRV - (SASDIFSV [System | Running]) -- C:\SUPERAntiSpyware\SASDIFSV.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASENUM [On_Demand | Stopped]) -- C:\SUPERAntiSpyware\SASENUM.SYS (SuperAdBlocker, Inc.)
DRV - (SASKUTIL [System | Running]) -- C:\SUPERAntiSpyware\SASKUTIL.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (Secdrv [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (smwdm [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\smwdm.sys (Analog Devices, Inc.)
DRV - (viaagp1 [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\viaagp1.sys (VIA Technologies, Inc.)
DRV - (viagfx [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\vtmini.sys (Copyright © VIA/S3 Graphics, Inc.)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = www.tigerdirect.com/cgi-bin/shoppingcart.asp
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.tigerdirect.com/cgi-bin/ShoppingCart.asp
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn...st/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.tigerdire...pin..., 1, 1, 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
FF - prefs.js..browser.startup.homepage: "http://www.tigerdire...oppingcart.asp"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}:6.0.12
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:1.9.1
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.7
FF - HKLM\software\mozilla\Firefox\extensions\\[email protected] -> %ProgramFiles%\JAVA\JRE6\LIB\DEPLOY\JQS\FF [C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF] -> [2009/03/03 04:30:01 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.7\extensions\\Components -> %SystemDrive%\MOZILLA FIREFOX\COMPONENTS [C:\MOZILLA FIREFOX\COMPONENTS] -> [2009/03/05 11:58:37 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.7\extensions\\Plugins -> %SystemDrive%\MOZILLA FIREFOX\PLUGINS [C:\MOZILLA FIREFOX\PLUGINS] -> [2009/03/05 11:58:36 00,000,000 | ---D | M]
FF - C:\Documents and Settings\Elvis\Application Data\mozilla\Extensions [2009/03/03 00:25:50 00,000,000 | ---D | M]
FF - C:\Documents and Settings\Elvis\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} [2009/03/03 00:25:50 00,000,000 | ---D | M]
FF - C:\Documents and Settings\Elvis\Application Data\mozilla\Firefox\Profiles\0u9fdn78.default\extensions [2009/03/12 13:39:13 00,000,000 | ---D | M]
FF - C:\Documents and Settings\Elvis\Application Data\mozilla\Firefox\Profiles\0u9fdn78.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232} [2009/03/12 13:39:08 00,000,000 | ---D | M]

O1 HOSTS File: (727 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx ()
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_9993303B90FE6C1D.dll (Google Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (&Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {00000000-0000-0000-0000-000000000000} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O4 - HKLM..\Run: [avast!] C:\ALWILS~1\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [DT ACR] C:\Program Files\Acer Display\eDisplay Management\DTHtml.exe startup (Portrait Displays, Inc)
O4 - HKLM..\Run: [Google Quick Search Box] C:\Program Files\Google\Quick Search Box\qsb.exe /autorun (Google Inc.)
O4 - HKLM..\Run: [Lexmark 1200 Series] C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe (Lexmark International, Inc.)
O4 - HKLM..\Run: [Mirabilis ICQ] C:\ICQ\ICQNet.exe ()
O4 - HKLM..\Run: [PivotSoftware] C:\Program Files\Portrait Displays\Pivot Software\wpctrl.exe ()
O4 - HKLM..\Run: [Windows Defender] C:\Windows Defender\MSASCui.exe -hide (Microsoft Corporation)
O4 - HKCU..\Run: [Advanced SystemCare 3] C:\IObit\Advanced SystemCare 3\AWC.exe /startup (IObit)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\MICROS~1\Office10\EXCEL.EXE/3000
O9 - Extra Button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} - C:\ICQ\ICQ.exe (ICQ Inc.)
O9 - Extra 'Tools' menuitem : ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\ICQ\ICQ.exe (ICQ Inc.)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: 8 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft....k/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1236058644531 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_12)
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} http://support.f-sec...m/ols/fscax.cab (F-Secure Online Scanner 3.3)
O16 - DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_12)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_12)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\ipp Reg Error: Value error. - Reg Error: Key error. File not found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp Reg Error: Value error. - Reg Error: Key error. File not found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Filter: - x-sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_9993303B90FE6C1D.dll (Google Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\SUPERAntiSpyware\SASWINLO.DLL - C:\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Windows Defender\MpShHook.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - Autorun File - C:\AUTOEXEC.BAT () - [ NTFS ]

========== Files/Folders - Created Within 30 Days ==========

[4 C:\WINDOWS\System32\*.tmp files]
[4 C:\WINDOWS\*.tmp files]
[2009/03/12 14:55:42 | 00,497,664 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Elvis\Desktop\OTListIt2.exe
[2009/03/12 13:41:52 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Elvis\Desktop\OTScanIt2
[2009/03/12 13:34:27 | 00,000,000 | ---D | C] -- C:\_OTMoveIt
[2009/03/12 12:11:45 | 00,000,000 | ---D | C] -- C:\Rooter$
[2009/03/12 00:51:35 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2009/03/11 22:29:50 | 00,001,598 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
[2009/03/11 18:13:41 | 00,449,494 | ---- | C] () -- C:\Documents and Settings\Elvis\Desktop\Msconfig2.bmp
[2009/03/11 11:04:25 | 00,000,000 | -H-D | C] -- C:\WINDOWS\System32\GroupPolicy
[2009/03/10 21:04:13 | 00,223,368 | ---- | C] () -- C:\Documents and Settings\Elvis\Desktop\CrucialScan.exe
[2009/03/10 19:15:25 | 00,000,000 | ---D | C] -- C:\Deck Desgn
[2009/03/10 19:13:35 | 00,000,629 | ---- | C] () -- C:\Documents and Settings\Elvis\Desktop\IsoBuster.lnk
[2009/03/10 19:13:32 | 00,000,000 | ---D | C] -- C:\Smart Projects
[2009/03/10 19:03:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Elvis\Application Data\BitZipper
[2009/03/10 19:03:13 | 00,000,534 | ---- | C] () -- C:\Documents and Settings\Elvis\Desktop\BitZipper.lnk
[2009/03/10 19:03:10 | 00,000,000 | ---D | C] -- C:\BitZipper
[2009/03/10 18:55:25 | 00,000,000 | ---D | C] -- C:\Big Hammer
[2009/03/10 13:37:26 | 00,000,000 | ---D | C] -- C:\ie-spyad_zo
[2009/03/10 13:29:56 | 00,204,496 | ---- | C] (Malwarebytes) -- C:\Documents and Settings\Elvis\Desktop\StartUpLite.exe
[2009/03/10 12:22:09 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Elvis\Local Settings\Application Data\Help
[2009/03/10 12:22:09 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Elvis\Application Data\Help
[2009/03/10 12:20:43 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2009/03/10 12:19:00 | 00,000,479 | ---- | C] () -- C:\Documents and Settings\Elvis\Desktop\NTREGOPT.lnk
[2009/03/10 12:19:00 | 00,000,460 | ---- | C] () -- C:\Documents and Settings\Elvis\Desktop\ERUNT.lnk
[2009/03/10 12:19:00 | 00,000,000 | ---D | C] -- C:\ERUNT
[2009/03/10 11:18:03 | 00,000,000 | ---D | C] -- C:\Uniblue
[2009/03/10 11:18:03 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Elvis\Application Data\Uniblue
[2009/03/10 11:18:03 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\DriverScanner
[2009/03/10 11:17:23 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}
[2009/03/08 14:37:55 | 00,008,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\i2omgmt.sys
[2009/03/08 14:37:55 | 00,008,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\i2omgmt.sys
[2009/03/08 14:37:26 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\changer.sys
[2009/03/08 14:37:26 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\changer.sys
[2009/03/06 22:59:47 | 00,000,501 | ---- | C] () -- C:\Documents and Settings\Elvis\Desktop\Tweak UI.lnk
[2009/03/06 22:55:14 | 00,266,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\TweakUI.exe
[2009/03/06 22:55:14 | 00,160,217 | ---- | C] () -- C:\WINDOWS\System32\PowerToysLicense.rtf
[2009/03/06 22:25:43 | 00,000,000 | ---D | C] -- C:\CPUZ150
[2009/03/06 19:59:21 | 00,000,000 | ---D | C] -- C:\Bulletproof FTP
[2009/03/06 04:32:15 | 00,001,445 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\DivX Movies.lnk
[2009/03/06 04:32:12 | 00,010,382 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2009/03/06 04:32:12 | 00,000,056 | RHS- | C] () -- C:\WINDOWS\System32\4F3DA9204E.sys
[2009/03/06 04:31:50 | 00,000,000 | ---D | C] -- C:\Divx52
[2009/03/06 04:15:47 | 00,086,016 | ---- | C] (MindVision Software) -- C:\WINDOWS\unvise32.exe
[2009/03/06 04:15:07 | 00,000,000 | ---D | C] -- C:\Divx5
[2009/03/05 23:56:57 | 00,000,000 | ---D | C] -- C:\Program Files\Ask.com
[2009/03/05 23:54:12 | 00,000,000 | ---D | C] -- C:\Trillian
[2009/03/05 23:50:11 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Elvis\Application Data\Miranda
[2009/03/05 23:50:06 | 00,000,000 | ---D | C] -- C:\Miranda IM
[2009/03/05 23:48:00 | 00,086,016 | ---- | C] (Divio, Inc.) -- C:\Documents and Settings\Elvis\Desktop\Camera.exe
[2009/03/05 23:29:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Elvis\Local Settings\Application Data\WMTools Downloaded Files
[2009/03/05 22:49:42 | 00,000,100 | ---- | C] () -- C:\WINDOWS\lexstat.ini
[2009/03/05 22:49:07 | 00,996,256 | ---- | C] () -- C:\WINDOWS\System32\LXCZLPA.HLP
[2009/03/05 22:49:07 | 00,343,423 | ---- | C] () -- C:\WINDOWS\System32\LXCZDRV.HLP
[2009/03/05 22:49:07 | 00,155,648 | ---- | C] () -- C:\WINDOWS\System32\LEXPING.EXE
[2009/03/05 22:49:07 | 00,090,112 | ---- | C] (Lexmark International Inc.) -- C:\WINDOWS\System32\LXCZCUR.DLL
[2009/03/05 22:49:07 | 00,069,632 | ---- | C] (Lexmark International Inc.) -- C:\WINDOWS\System32\LXCZCU.DLL
[2009/03/05 22:49:07 | 00,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxczvs.dll
[2009/03/05 22:49:07 | 00,040,960 | ---- | C] () -- C:\WINDOWS\System32\INSTMON.EXE
[2009/03/05 22:49:07 | 00,002,190 | ---- | C] () -- C:\WINDOWS\System32\LXCZDRV.CNT
[2009/03/05 22:49:07 | 00,001,954 | ---- | C] () -- C:\WINDOWS\System32\LXCZLPA.CNT
[2009/03/05 22:49:07 | 00,000,448 | ---- | C] () -- C:\WINDOWS\System32\LXCZ.LOC
[2009/03/05 22:49:07 | 00,000,279 | ---- | C] () -- C:\WINDOWS\System32\LXCZMA.CNT
[2009/03/05 22:48:48 | 00,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbscan.sys
[2009/03/05 22:48:48 | 00,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbscan.sys
[2009/03/05 22:48:42 | 00,087,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wiafbdrv.dll
[2009/03/05 22:48:42 | 00,087,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wiafbdrv.dll
[2009/03/05 22:48:39 | 00,983,107 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\LXCZGF.DLL
[2009/03/05 22:48:39 | 00,356,352 | ---- | C] (Lexmark International Inc.) -- C:\WINDOWS\System32\LXCZUTIL.DLL
[2009/03/05 22:48:39 | 00,000,270 | ---- | C] () -- C:\WINDOWS\System32\lxczcoin.ini
[2009/03/05 22:48:37 | 00,458,752 | ---- | C] (Lexmark International Inc.) -- C:\WINDOWS\System32\LXCZJSWR.DLL
[2009/03/05 22:48:37 | 00,000,000 | ---D | C] -- C:\Program Files\Lexmark 1200 Series
[2009/03/05 22:47:44 | 00,000,000 | ---D | C] -- C:\Lexmark
[2009/03/05 22:38:48 | 00,010,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\NdisIP.sys
[2009/03/05 22:38:48 | 00,010,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndisip.sys
[2009/03/05 22:38:44 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipsink.ax
[2009/03/05 22:38:44 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipsink.ax
[2009/03/05 22:38:44 | 00,015,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\StreamIP.sys
[2009/03/05 22:38:44 | 00,015,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\streamip.sys
[2009/03/05 22:38:41 | 00,011,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\SLIP.sys
[2009/03/05 22:38:41 | 00,011,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\slip.sys
[2009/03/05 22:38:37 | 00,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\MSTEE.sys
[2009/03/05 22:38:37 | 00,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstee.sys
[2009/03/05 22:38:33 | 00,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\WSTCODEC.SYS
[2009/03/05 22:38:33 | 00,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wstcodec.sys
[2009/03/05 22:38:29 | 00,085,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\NABTSFEC.sys
[2009/03/05 22:38:29 | 00,085,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nabtsfec.sys
[2009/03/05 22:38:26 | 00,017,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\CCDECODE.sys
[2009/03/05 22:38:26 | 00,017,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ccdecode.sys
[2009/03/05 22:38:15 | 00,041,984 | R--- | C] (Tekom Technologies, Inc.) -- C:\WINDOWS\System\p35e_32.dll
[2009/03/05 22:38:15 | 00,027,136 | R--- | C] (Tekom Technologies, Inc.) -- C:\WINDOWS\System\p35uds.dll
[2009/03/05 22:38:14 | 00,098,272 | R--- | C] (Tekom Technologies, Inc.) -- C:\WINDOWS\System32\drivers\p35u.sys
[2009/03/05 22:38:14 | 00,069,632 | R--- | C] (Tekom Technologies, Inc.) -- C:\WINDOWS\System\P35uTWN.ax
[2009/03/05 22:38:14 | 00,032,768 | R--- | C] (Tekom Technologies, Inc.) -- C:\WINDOWS\System\jpgl.dll
[2009/03/05 22:38:14 | 00,028,672 | R--- | C] () -- C:\WINDOWS\rmvall.exe
[2009/03/05 22:37:58 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vfwwdm32.dll
[2009/03/05 22:37:58 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vfwwdm32.dll
[2009/03/05 22:37:56 | 00,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kswdmcap.ax
[2009/03/05 22:37:56 | 00,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kswdmcap.ax
[2009/03/05 22:37:56 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kstvtune.ax
[2009/03/05 22:37:56 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kstvtune.ax
[2009/03/05 22:37:56 | 00,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksxbar.ax
[2009/03/05 22:37:56 | 00,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksxbar.ax
[2009/03/05 22:34:31 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Elvis\My Documents\PNP2205
[2009/03/05 21:26:39 | 00,000,000 | ---D | C] -- C:\Metis 2.6
[2009/03/05 18:07:09 | 00,000,000 | ---D | C] -- C:\WINDOWS\pss
[2009/03/05 17:57:46 | 00,000,000 | ---D | C] -- C:\WINDOWS\Sun
[2009/03/05 15:39:39 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Elvis\Desktop\GeeksToGo Software
[2009/03/05 15:31:03 | 00,000,000 | ---D | C] -- C:\Java
[2009/03/05 15:26:04 | 00,000,000 | ---D | C] -- C:\JavaRa
[2009/03/05 10:39:30 | 00,000,000 | ---D | C] -- C:\WINDOWS\Aoork DVD2AVI Pro
[2009/03/05 10:39:30 | 00,000,000 | ---D | C] -- C:\Aoork DVD2AVI Pro
[2009/03/05 10:31:40 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Elvis\Application Data\DVD2AVI Ripper Professional
[2009/03/05 09:02:23 | 00,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009/03/05 09:02:19 | 00,004,608 | ---- | C] () -- C:\Documents and Settings\Elvis\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/03/04 23:52:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Elvis\Application Data\DivX
[2009/03/04 23:45:11 | 00,000,000 | ---D | C] -- C:\GordianKnot
[2009/03/04 23:32:57 | 00,000,728 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\DivX Player.lnk
[2009/03/04 23:32:42 | 00,000,646 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\DivX Converter.lnk
[2009/03/04 23:32:16 | 00,000,000 | ---D | C] -- C:\DivX
[2009/03/04 22:43:38 | 00,000,602 | ---- | C] () -- C:\Documents and Settings\Elvis\Desktop\Dvd list.lnk
[2009/03/04 21:24:43 | 05,760,054 | ---- | C] () -- C:\Documents and Settings\Elvis\Desktop\Look At this.bmp
[2009/03/04 15:45:30 | 00,000,000 | ---D | C] -- C:\Ghost
[2009/03/04 15:40:47 | 00,000,000 | ---D | C] -- C:\Winrar
[2009/03/04 15:22:23 | 00,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2009/03/04 13:17:51 | 00,000,003 | ---- | C] () -- C:\WINDOWS\sbacknt.bin
[2009/03/04 13:16:10 | 00,152,904 | ---- | C] () -- C:\WINDOWS\System32\vghd.scr
[2009/03/04 13:16:06 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Elvis\Application Data\vghd
[2009/03/04 12:40:05 | 00,000,000 | ---D | C] -- C:\WINDOWS\Downloaded Installations
[2009/03/04 12:38:30 | 00,000,000 | ---D | C] -- C:\Mem Turbo
[2009/03/04 12:24:42 | 00,000,404 | ---- | C] () -- C:\Documents and Settings\Elvis\Desktop\Emule Directory.lnk
[2009/03/04 10:36:05 | 00,000,000 | ---D | C] -- C:\Archivos de programa
[2009/03/04 10:34:38 | 00,000,000 | ---D | C] -- C:\eMuleplus
[2009/03/04 10:24:00 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Elvis\My Documents\eMule Downloads
[2009/03/04 10:04:42 | 00,000,365 | ---- | C] () -- C:\Documents and Settings\Elvis\Desktop\Download.lnk
[2009/03/04 09:54:16 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Elvis\Application Data\eMule
[2009/03/04 09:54:13 | 00,000,000 | ---D | C] -- C:\eMule
[2009/03/04 09:46:03 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Elvis\Local Settings\Application Data\WeatherBug
[2009/03/04 09:45:06 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Elvis\Application Data\WeatherBug
[2009/03/04 09:45:06 | 00,000,000 | ---D | C] -- C:\AWS
[2009/03/04 09:38:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Elvis\Desktop\Lawn Service
[2009/03/04 09:09:37 | 00,000,000 | ---D | C] -- C:\Dvd2Avi
[2009/03/03 21:29:56 | 00,364,544 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\TwnLib4.dll
[2009/03/03 21:06:09 | 00,268,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll
[2009/03/03 21:06:09 | 00,027,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll.mui
[2009/03/03 18:05:16 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Elvis\My Documents\My Videos
[2009/03/03 18:03:30 | 00,017,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2009/03/03 18:02:44 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Media Connect 2
[2009/03/03 18:00:24 | 00,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
[2009/03/03 18:00:16 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles
[2009/03/03 18:00:16 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\UMDF
[2009/03/03 17:56:18 | 00,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmpns.dll
[2009/03/03 14:13:15 | 00,000,000 | ---D | C] -- C:\XoftSpySE
[2009/03/03 14:07:34 | 00,000,000 | ---D | C] -- C:\DVD Decrypter
[2009/03/03 14:03:27 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Elvis\Local Settings\Application Data\Ahead
[2009/03/03 13:41:57 | 00,106,496 | ---- | C] (Pegasus Software) -- C:\WINDOWS\System32\TwnLib20.dll
[2009/03/03 13:41:56 | 01,568,768 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\ImagX7.dll
[2009/03/03 13:41:56 | 00,476,320 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\ImagXpr7.dll
[2009/03/03 13:41:56 | 00,471,040 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\ImagXRA7.dll
[2009/03/03 13:41:56 | 00,262,144 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\ImagXR7.dll
[2009/03/03 13:41:56 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Ahead
[2009/03/03 13:41:52 | 00,000,000 | ---D | C] -- C:\Ahead
[2009/03/03 12:56:22 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Elvis\Local Settings\Application Data\Collectorz.com
[2009/03/03 12:56:10 | 00,000,770 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Movie Collector.lnk
[2009/03/03 12:56:01 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Elvis\My Documents\Movie Collector
[2009/03/03 12:55:58 | 00,000,000 | ---D | C] -- C:\Collectorz.com
[2009/03/03 11:14:25 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Elvis\Application Data\IObit
[2009/03/03 11:14:24 | 00,000,000 | ---D | C] -- C:\IObit
[2009/03/03 11:08:40 | 00,000,000 | ---D | C] -- C:\Eusing Free Registry Cleaner
[2009/03/03 10:59:33 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Elvis\Desktop\RP
[2009/03/03 10:58:55 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Elvis\Desktop\Bios
[2009/03/03 10:57:02 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Elvis\Desktop\Excel Sheets
[2009/03/03 09:26:41 | 00,024,598 | ---- | C] () -- C:\Documents and Settings\Elvis\Application Data\Comma Separated Values (Windows).ADR
[2009/03/03 09:19:29 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009/03/03 09:18:06 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft ActiveSync
[2009/03/03 09:17:53 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Designer
[2009/03/03 09:17:07 | 00,000,000 | ---D | C] -- C:\WINDOWS\ShellNew
[2009/03/03 09:17:06 | 00,000,000 | ---D | C] -- C:\Microsoft Office
[2009/03/03 09:14:40 | 00,051,376 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2009/03/03 09:14:40 | 00,023,152 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2009/03/03 09:14:39 | 00,026,944 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2009/03/03 09:14:38 | 00,097,480 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\AvastSS.scr
[2009/03/03 09:14:37 | 00,114,768 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2009/03/03 09:14:37 | 00,094,032 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2009/03/03 09:14:37 | 00,093,296 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2009/03/03 09:14:37 | 00,020,560 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2009/03/03 09:14:14 | 01,256,296 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\aswBoot.exe
[2009/03/03 09:14:14 | 01,060,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MFC71.dll
[2009/03/03 09:14:14 | 00,499,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSVCP71.dll
[2009/03/03 09:14:14 | 00,380,928 | ---- | C] () -- C:\WINDOWS\System32\actskin4.ocx
[2009/03/03 09:14:14 | 00,348,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSVCR71.dll
[2009/03/03 09:14:10 | 00,000,000 | ---D | C] -- C:\Alwil Software
[2009/03/03 08:58:11 | 00,000,000 | ---D | C] -- C:\Office
[2009/03/03 08:44:10 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Elvis\Application Data\DisplayTune
[2009/03/03 08:41:57 | 00,011,776 | ---- | C] (Portrait Displays, Inc.) -- C:\WINDOWS\System32\drivers\pdiddcci.sys
[2009/03/03 08:41:50 | 00,015,920 | ---- | C] (Portrait Displays, Inc.) -- C:\WINDOWS\System32\drivers\PdiPorts.sys
[2009/03/03 08:41:30 | 00,062,009 | ---- | C] (Portrait Displays, Inc.) -- C:\WINDOWS\System32\wpfb_vtdisp.dll
[2009/03/03 08:41:29 | 00,002,304 | ---- | C] () -- C:\WINDOWS\System32\Machnm32.sys
[2009/03/03 08:41:28 | 00,062,009 | ---- | C] (Portrait Displays, Inc.) -- C:\WINDOWS\System32\WPFB.DLL
[2009/03/03 08:41:28 | 00,017,465 | ---- | C] (Portrait Displays, Inc.) -- C:\WINDOWS\System32\drivers\pivot.sys
[2009/03/03 08:41:28 | 00,011,323 | ---- | C] (Portrait Displays, Inc.) -- C:\WINDOWS\System32\drivers\pivotmou.sys
[2009/03/03 08:41:28 | 00,000,000 | ---D | C] -- C:\Program Files\Portrait Displays
[2009/03/03 08:41:08 | 01,392,671 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\msvbvm60.dll
[2009/03/03 08:41:08 | 01,093,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\mfc80.dll
[2009/03/03 08:41:08 | 01,079,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\mfc80u.dll
[2009/03/03 08:41:08 | 00,974,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\mfc70.dll
[2009/03/03 08:41:08 | 00,626,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\msvcr80.dll
[2009/03/03 08:41:08 | 00,548,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\msvcp80.dll
[2009/03/03 08:41:08 | 00,487,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\msvcp70.dll
[2009/03/03 08:41:08 | 00,344,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\msvcr70.dll
[2009/03/03 08:41:08 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\mfcm80.dll
[2009/03/03 08:41:08 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\mfcm80u.dll
[2009/03/03 08:41:08 | 00,000,550 | ---- | C] () -- C:\WINDOWS\Microsoft.VC80.MFC.manifest
[2009/03/03 08:41:07 | 00,479,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\msvcm80.dll
[2009/03/03 08:41:07 | 00,095,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\atl80.dll
[2009/03/03 08:41:07 | 00,000,522 | ---- | C] () -- C:\WINDOWS\Microsoft.VC80.CRT.manifest
[2009/03/03 08:41:07 | 00,000,456 | ---- | C] () -- C:\WINDOWS\Microsoft.VC80.ATL.manifest
[2009/03/03 08:41:05 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Portrait Displays
[2009/03/03 08:41:01 | 00,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2009/03/03 08:41:01 | 00,000,000 | ---D | C] -- C:\Program Files\Acer Display
[2009/03/03 08:40:25 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2009/03/03 08:38:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\Profiles
[2009/03/03 08:38:53 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2009/03/03 08:38:53 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Elvis\My Documents\My eBooks
[2009/03/03 08:38:53 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Elvis\Application Data\InterTrust
[2009/03/03 08:38:52 | 00,000,000 | ---D | C] -- C:\Adobe
[2009/03/03 08:34:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Elvis\Application Data\Macromedia
[2009/03/03 08:34:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Elvis\Application Data\Adobe
[2009/03/03 05:37:54 | 00,000,000 | ---D | C] -- C:\MxMonitor
[2009/03/03 05:35:28 | 00,000,302 | -H-- | C] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2009/03/03 05:32:22 | 00,000,000 | ---D | C] -- C:\Windows Defender
[2009/03/03 04:34:32 | 00,000,000 | ---D | C] -- C:\avz4
[2009/03/03 04:29:55 | 00,000,000 | ---D | C] -- C:\Program Files\Java
[2009/03/03 04:29:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Elvis\Application Data\Sun
[2009/03/03 04:22:51 | 00,000,000 | ---D | C] -- C:\OtScanIt
[2009/03/03 04:21:19 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Elvis\Application Data\Malwarebytes
[2009/03/03 04:21:18 | 00,015,504 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/03/03 04:21:16 | 00,038,496 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/03/03 04:21:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/03/03 04:21:14 | 00,000,000 | ---D | C] -- C:\Malwarebytes' Anti-Malware
[2009/03/03 03:59:44 | 00,000,000 | ---D | C] -- C:\Trend Micro
[2009/03/03 03:56:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2009/03/03 03:56:29 | 00,000,000 | ---D | C] -- C:\SUPERAntiSpyware
[2009/03/03 03:56:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Elvis\Application Data\SUPERAntiSpyware.com
[2009/03/03 03:55:54 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2009/03/03 03:49:04 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Elvis\Application Data\Google
[2009/03/03 03:48:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Elvis\Local Settings\Application Data\Google
[2009/03/03 03:48:29 | 00,000,000 | ---D | C] -- C:\Program Files\Google
[2009/03/03 03:48:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Google
[2009/03/03 03:45:22 | 00,000,489 | ---- | C] () -- C:\Documents and Settings\Elvis\Desktop\Cpuz.lnk
[2009/03/03 03:44:36 | 00,000,000 | ---D | C] -- C:\Cpuz
[2009/03/03 03:17:48 | 00,001,869 | ---- | C] () -- C:\Documents and Settings\Elvis\Desktop\oledlg.ini
[2009/03/03 03:09:55 | 00,000,000 | ---D | C] -- C:\Winmx
[2009/03/03 02:43:00 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Elvis\Application Data\ICQ
[2009/03/03 02:42:50 | 00,000,000 | ---D | C] -- C:\WINDOWS\aod
[2009/03/03 02:42:32 | 00,000,000 | ---D | C] -- C:\ICQ
[2009/03/03 02:26:04 | 00,000,000 | ---D | C] -- C:\Winamp
[2009/03/03 02:23:36 | 00,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2009/03/03 02:21:19 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Elvis\My Documents\My Received Files
[2009/03/03 02:21:13 | 00,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2009/03/03 02:20:08 | 00,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iecompat.dll
[2009/03/03 01:33:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Elvis\Local Settings\Application Data\Identities
[2009/03/03 01:32:01 | 00,052,553 | R--- | C] () -- C:\WINDOWS\System32\VTovrlay.cfg
[2009/03/03 01:32:01 | 00,038,191 | R--- | C] () -- C:\WINDOWS\System32\VTInfo2.cfg
[2009/03/03 01:32:00 | 00,060,195 | R--- | C] () -- C:\WINDOWS\System32\VTDisply.cfg
[2009/03/03 01:32:00 | 00,060,144 | R--- | C] () -- C:\WINDOWS\System32\VTDispl2.cfg
[2009/03/03 01:32:00 | 00,048,879 | R--- | C] () -- C:\WINDOWS\System32\VTGamma2.cfg
[2009/03/03 01:22:05 | 00,000,000 | ---D | C] -- C:\WINDOWS\ie7updates
[2009/03/03 01:21:52 | 10,963,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2009/03/03 01:21:52 | 03,698,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieapfltr.dat
[2009/03/03 01:21:52 | 01,975,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2009/03/03 01:21:52 | 01,228,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll.mui
[2009/03/03 01:21:52 | 00,593,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2009/03/03 01:21:52 | 00,445,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieapfltr.dll
[2009/03/03 01:21:52 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icardie.dll
[2009/03/03 01:21:52 | 00,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2009/03/03 01:21:52 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieudinit.exe
[2009/03/03 01:21:41 | 00,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2009/03/03 01:20:38 | 00,000,000 | -H-D | C] -- C:\WINDOWS\ie7
[2009/03/03 01:20:28 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
[2009/03/03 01:20:17 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
[2009/03/03 01:18:34 | 24,768,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe
[2009/03/03 01:12:32 | 00,272,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthport.sys
[2009/03/03 01:12:12 | 00,911,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wininet.dll
[2009/03/03 01:12:11 | 01,182,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\urlmon.dll
[2009/03/03 01:12:09 | 01,499,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shdocvw.dll
[2009/03/03 01:11:54 | 01,846,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\win32k.sys
[2009/03/03 01:11:52 | 02,145,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe
[2009/03/03 01:11:51 | 02,189,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe
[2009/03/03 01:11:50 | 02,023,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe
[2009/03/03 01:11:49 | 02,066,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlpa.exe
[2009/03/03 01:11:39 | 05,888,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll
[2009/03/03 01:11:35 | 00,203,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rmcast.sys
[2009/03/03 01:11:34 | 00,455,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys
[2009/03/03 01:11:32 | 00,333,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srv.sys
[2009/03/03 01:11:31 | 00,331,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadce.dll
[2009/03/03 01:11:23 | 00,691,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcomm.dll
[2009/03/03 01:11:10 | 00,337,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netapi32.dll
[2009/03/03 01:11:08 | 01,106,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml3.dll
[2009/03/03 01:08:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2009/03/03 01:07:38 | 03,192,566 | -H-- | C] () -- C:\Documents and Settings\Elvis\Local Settings\Application Data\IconCache.db
[2009/03/03 01:01:44 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting
[2009/03/03 01:01:44 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\en-us
[2009/03/03 01:01:43 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\en
[2009/03/03 01:01:43 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2009/03/03 01:01:43 | 00,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2009/03/03 00:59:44 | 00,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2009/03/03 00:57:42 | 00,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2009/03/03 00:54:33 | 00,017,856 | ---- | C] () -- C:\Documents and Settings\Elvis\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009/03/03 00:54:17 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2009/03/03 00:48:39 | 00,001,509 | ---- | C] () -- C:\Documents and Settings\Elvis\Desktop\Windows Explorer.lnk
[2009/03/03 00:47:54 | 00,613,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.chm
[2009/03/03 00:47:54 | 00,069,612 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.adm
[2009/03/03 00:47:54 | 00,023,195 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplay.chm
[2009/03/03 00:47:54 | 00,010,457 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.hta
[2009/03/03 00:47:54 | 00,001,771 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.css
[2009/03/03 00:47:54 | 00,000,855 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpocm.inf
[2009/03/03 00:47:54 | 00,000,420 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmploc.js
[2009/03/03 00:47:53 | 00,354,468 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud1.wav
[2009/03/03 00:47:53 | 00,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud7.wav
[2009/03/03 00:47:53 | 00,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud6.wav
[2009/03/03 00:47:53 | 00,300,969 | ---- | C] () -- C:\WINDOWS\System32\dllcache\viz.wmv
[2009/03/03 00:47:53 | 00,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud9.wav
[2009/03/03 00:47:53 | 00,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud8.wav
[2009/03/03 00:47:53 | 00,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud3.wav
[2009/03/03 00:47:53 | 00,086,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud5.wav
[2009/03/03 00:47:53 | 00,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud4.wav
[2009/03/03 00:47:53 | 00,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud2.wav
[2009/03/03 00:47:53 | 00,017,489 | ---- | C] () -- C:\WINDOWS\System32\dllcache\videobg.gif
[2009/03/03 00:47:53 | 00,017,272 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmdm.inf
[2009/03/03 00:47:53 | 00,008,677 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm7.gif
[2009/03/03 00:47:53 | 00,007,892 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm9.gif
[2009/03/03 00:47:53 | 00,007,636 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm2.gif
[2009/03/03 00:47:53 | 00,007,369 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm4.gif
[2009/03/03 00:47:53 | 00,006,769 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmfsdk.inf
[2009/03/03 00:47:53 | 00,006,241 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm3.gif
[2009/03/03 00:47:53 | 00,006,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm6.gif
[2009/03/03 00:47:53 | 00,005,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm1.gif
[2009/03/03 00:47:53 | 00,005,290 | ---- | C] () -- C:\WINDOWS\System32\dllcache\vidsamp.gif
[2009/03/03 00:47:53 | 00,004,193 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm8.gif
[2009/03/03 00:47:53 | 00,002,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm5.gif
[2009/03/03 00:47:50 | 00,023,829 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tourbg.gif
[2009/03/03 00:47:50 | 00,003,187 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tour.js
[2009/03/03 00:47:50 | 00,002,469 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplay.gif
[2009/03/03 00:47:50 | 00,002,450 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpause.gif
[2009/03/03 00:47:50 | 00,002,375 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplayh.gif
[2009/03/03 00:47:50 | 00,002,371 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpauseh.gif
[2009/03/03 00:47:50 | 00,001,398 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taon.gif
[2009/03/03 00:47:50 | 00,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taonh.gif
[2009/03/03 00:47:50 | 00,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoff.gif
[2009/03/03 00:47:50 | 00,001,367 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoffh.gif
[2009/03/03 00:47:48 | 00,572,557 | ---- | C] () -- C:\WINDOWS\System32\dllcache\rtuner.wmv
[2009/03/03 00:47:48 | 00,001,148 | ---- | C] () -- C:\WINDOWS\System32\dllcache\snd.htm
[2009/03/03 00:47:48 | 00,000,908 | ---- | C] () -- C:\WINDOWS\System32\dllcache\skins.inf
[2009/03/03 00:47:47 | 00,375,519 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nuskin.wmv
[2009/03/03 00:47:47 | 00,077,307 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plyr_err.chm
[2009/03/03 00:47:47 | 00,022,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npds.zip
[2009/03/03 00:47:47 | 00,000,403 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npdrmv2.zip
[2009/03/03 00:47:46 | 00,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img
[2009/03/03 00:47:44 | 00,457,607 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mdlib.wmv
[2009/03/03 00:47:44 | 00,097,117 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.hlp
[2009/03/03 00:47:44 | 00,018,286 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.inf
[2009/03/03 00:47:44 | 00,002,778 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogoh.gif
[2009/03/03 00:47:44 | 00,002,545 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogo.gif
[2009/03/03 00:47:44 | 00,001,885 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.cnt
[2009/03/03 00:47:42 | 00,005,971 | ---- | C] () -- C:\WINDOWS\System32\dllcache\events.js
[2009/03/03 00:47:37 | 00,381,425 | ---- | C] () -- C:\WINDOWS\System32\dllcache\copycd.wmv
[2009/03/03 00:47:37 | 00,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty
[2009/03/03 00:47:37 | 00,009,585 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.css
[2009/03/03 00:47:37 | 00,008,298 | ---- | C] () -- C:\WINDOWS\System32\dllcache\contents.htm
[2009/03/03 00:47:37 | 00,006,878 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.js
[2009/03/03 00:47:37 | 00,000,999 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bktrh.gif
[2009/03/03 00:47:37 | 00,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnth.gif
[2009/03/03 00:47:37 | 00,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnt.gif
[2009/03/03 00:47:37 | 00,000,772 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cntd.gif
[2009/03/03 00:47:37 | 00,000,760 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapph.gif
[2009/03/03 00:47:37 | 00,000,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapp.gif
[2009/03/03 00:46:49 | 00,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod
[2009/03/03 00:34:37 | 00,013,588 | ---- | C] () -- C:\WINDOWS\System32\wpa.bak
[2009/03/03 00:33:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2009/03/03 00:31:55 | 00,458,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\COMCTL32.DLL
[2009/03/03 00:31:55 | 00,187,392 | ---- | C] () -- C:\WINDOWS\System\BCBSMP35.BPL
[2009/03/03 00:31:33 | 00,006,272 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASLM75.SYS
[2009/03/03 00:31:32 | 00,000,000 | ---D | C] -- C:\ASUS
[2009/03/03 00:31:15 | 00,299,520 | ---- | C] (InstallShield Corporation, Inc.) -- C:\WINDOWS\uninst.exe
[2009/03/03 00:30:22 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups
[2009/03/03 00:29:26 | 00,003,415 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2009/03/03 00:29:24 | 00,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2009/03/03 00:28:38 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2009/03/03 00:28:37 | 00,026,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spupdsvc.exe
[2009/03/03 00:28:36 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$
[2009/03/03 00:25:50 | 00,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009/03/03 00:25:48 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Elvis\Local Settings\Application Data\Mozilla
[2009/03/03 00:25:48 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Elvis\Application Data\Mozilla
[2009/03/03 00:25:37 | 00,000,000 | ---D | C] -- C:\Mozilla Firefox
[2009/03/03 00:23:01 | 00,000,154 | ---- | C] () -- C:\Documents and Settings\Elvis\Desktop\Network Connections.lnk
[2009/03/03 00:22:16 | 00,000,000 | -HSD | C] -- C:\RECYCLER
[2009/03/03 00:15:57 | 00,001,486 | ---- | C] () -- C:\Documents and Settings\Elvis\Desktop\Calculator.lnk
[2009/03/03 00:14:31 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Elvis\Application Data\Identities
[2009/03/03 00:14:29 | 00,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
[2009/03/03 00:14:28 | 00,000,076 | -HS- | C] () -- C:\Documents and Settings\Elvis\My Documents\desktop.ini
[2009/03/03 00:14:28 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Elvis\My Documents\My Pictures
[2009/03/03 00:14:28 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Elvis\My Documents\My Music
[2009/03/03 00:14:25 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\Elvis\Application Data\desktop.ini
[2009/03/03 00:14:24 | 00,000,084 | -HS- | C] () -- C:\Documents and Settings\Elvis\Start Menu\Programs\Startup\desktop.ini
[2009/03/03 00:14:24 | 00,000,000 | --SD | C] -- C:\Documents and Settings\Elvis\Application Data\Microsoft
[2009/03/03 00:14:24 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Elvis\Local Settings\Application Data\Microsoft
[2009/03/03 00:13:42 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2009/03/03 00:12:21 | 00,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2009/03/03 00:12:12 | 00,000,006 | -H-- | C] () -- C:\WINDOWS\tasks\SA.DAT
[2009/03/03 00:12:12 | 00,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft
[2009/03/03 00:10:56 | 00,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2009/03/03 00:09:58 | 00,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009/03/03 00:09:42 | 00,028,288 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xjis.nls
[2009/03/03 00:09:35 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winzm.ime
[2009/03/03 00:09:35 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winsp.ime
[2009/03/03 00:09:35 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winpy.ime
[2009/03/03 00:09:34 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wingb.ime
[2009/03/03 00:09:34 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winime.ime
[2009/03/03 00:09:33 | 00,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winar30.ime
[2009/03/03 00:09:33 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.sys
[2009/03/03 00:09:32 | 00,041,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.dll
[2009/03/03 00:09:32 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamps51.dll
[2009/03/03 00:09:31 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ext.dll
[2009/03/03 00:09:31 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3svapi.dll
[2009/03/03 00:09:30 | 00,086,073 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicesub.dll
[2009/03/03 00:09:30 | 00,048,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32.dll
[2009/03/03 00:09:30 | 00,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ctrs51.dll
[2009/03/03 00:09:29 | 00,426,041 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicepad.dll
[2009/03/03 00:09:28 | 00,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniime.dll
[2009/03/03 00:09:27 | 00,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unicdime.ime
[2009/03/03 00:09:26 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe
[2009/03/03 00:09:25 | 00,455,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintsetp.exe
[2009/03/03 00:09:25 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmigrate.dll
[2009/03/03 00:09:24 | 00,571,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlgnt.ime
[2009/03/03 00:09:24 | 00,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\thawbrkr.dll
[2009/03/03 00:09:24 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlphr.exe
[2009/03/03 00:09:23 | 00,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdipx.sys
[2009/03/03 00:09:23 | 00,019,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdspx.sys
[2009/03/03 00:09:23 | 00,013,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdasync.sys
[2009/03/03 00:09:21 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\status.dll
[2009/03/03 00:09:20 | 00,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusbusd.dll
[2009/03/03 00:09:19 | 00,143,422 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\softkey.dll
[2009/03/03 00:09:18 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll
[2009/03/03 00:09:17 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpstup.dll
[2009/03/03 00:09:15 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsm.dll
[2009/03/03 00:09:15 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll
[2009/03/03 00:09:15 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smimsgif.dll
[2009/03/03 00:09:15 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsy.dll
[2009/03/03 00:09:14 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm9aw.dll
[2009/03/03 00:09:14 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb6w.dll
[2009/03/03 00:09:14 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma3w.dll
[2009/03/03 00:09:14 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm93w.dll
[2009/03/03 00:09:14 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm92w.dll
[2009/03/03 00:09:13 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm87w.dll
[2009/03/03 00:09:13 | 00,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8cw.dll
[2009/03/03 00:09:13 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm90w.dll
[2009/03/03 00:09:13 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8dw.dll
[2009/03/03 00:09:13 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8aw.dll
[2009/03/03 00:09:13 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm89w.dll
[2009/03/03 00:09:12 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm81w.dll
[2009/03/03 00:09:12 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm59w.dll
[2009/03/03 00:09:12 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\simptcp.dll
[2009/03/03 00:09:09 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seos.dll
[2009/03/03 00:09:08 | 00,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_scripto.dll
[2009/03/03 00:09:07 | 00,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2009/03/03 00:09:07 | 00,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2009/03/03 00:09:05 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\romanime.ime
[2009/03/03 00:09:04 | 00,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe
[2009/03/03 00:09:04 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe
[2009/03/03 00:09:03 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quick.ime
[2009/03/03 00:09:03 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quser.exe
[2009/03/03 00:09:02 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe
[2009/03/03 00:09:01 | 00,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prcp.nls
[2009/03/03 00:09:01 | 00,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prc.nls
[2009/03/03 00:09:00 | 00,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxviceo.dll
[2009/03/03 00:09:00 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmigrate.dll
[2009/03/03 00:09:00 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxmcro.dll
[2009/03/03 00:09:00 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxgl.dll
[2009/03/03 00:08:59 | 00,482,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlgnt.ime
[2009/03/03 00:08:59 | 00,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2009/03/03 00:08:59 | 00,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlphr.exe
[2009/03/03 00:08:59 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlcsd.dll
[2009/03/03 00:08:58 | 00,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phon.ime
[2009/03/03 00:08:58 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\permchk.dll
[2009/03/03 00:08:57 | 00,036,927 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs411.dll
[2009/03/03 00:08:57 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pagecnt.dll
[2009/03/03 00:08:57 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs404.dll
[2009/03/03 00:08:57 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs804.dll
[2009/03/03 00:08:57 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs412.dll
[2009/03/03 00:08:54 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll
[2009/03/03 00:08:53 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nextlink.dll
[2009/03/03 00:08:51 | 00,229,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\multibox.dll
[2009/03/03 00:08:47 | 01,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.lex
[2009/03/03 00:08:47 | 00,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.dll
[2009/03/03 00:08:40 | 00,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.sys
[2009/03/03 00:08:40 | 00,092,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.dll
[2009/03/03 00:08:40 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mdsync.dll
[2009/03/03 00:08:38 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll
[2009/03/03 00:08:37 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logscrpt.dll
[2009/03/03 00:08:36 | 00,047,066 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ksc.nls
[2009/03/03 00:08:35 | 01,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2009/03/03 00:08:35 | 00,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\korwbrkr.dll
[2009/03/03 00:08:34 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth3.dll
[2009/03/03 00:08:34 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth2.dll
[2009/03/03 00:08:34 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdvntc.dll
[2009/03/03 00:08:34 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdusa.dll
[2009/03/03 00:08:34 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdurdu.dll
[2009/03/03 00:08:34 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth1.dll
[2009/03/03 00:08:34 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth0.dll
[2009/03/03 00:08:33 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecat.dll
[2009/03/03 00:08:33 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecnt.dll
[2009/03/03 00:08:33 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnec95.dll
[2009/03/03 00:08:33 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr2.dll
[2009/03/03 00:08:33 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr1.dll
[2009/03/03 00:08:32 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinpun.dll
[2009/03/03 00:08:32 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintel.dll
[2009/03/03 00:08:32 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintam.dll
[2009/03/03 00:08:32 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinmar.dll
[2009/03/03 00:08:31 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinkan.dll
[2009/03/03 00:08:31 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinhin.dll
[2009/03/03 00:08:31 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinguj.dll
[2009/03/03 00:08:31 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdindev.dll
[2009/03/03 00:08:31 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdheb.dll
[2009/03/03 00:08:30 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdfa.dll
[2009/03/03 00:08:30 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv2.dll
[2009/03/03 00:08:30 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv1.dll
[2009/03/03 00:08:30 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgeo.dll
[2009/03/03 00:08:30 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarmw.dll
[2009/03/03 00:08:29 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101a.dll
[2009/03/03 00:08:29 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda3.dll
[2009/03/03 00:08:29 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda2.dll
[2009/03/03 00:08:29 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda1.dll
[2009/03/03 00:08:29 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarme.dll
[2009/03/03 00:08:28 | 00,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jupiw.dll
[2009/03/03 00:08:28 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iwrps.dll
[2009/03/03 00:08:28 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isapips.dll
[2009/03/03 00:08:26 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infoctrs.dll
[2009/03/03 00:08:25 | 00,471,102 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskdic.dll
[2009/03/03 00:08:25 | 00,315,455 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskf.dll
[2009/03/03 00:08:25 | 00,102,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imlang.dll
[2009/03/03 00:08:25 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imkrinst.exe
[2009/03/03 00:08:25 | 00,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2009/03/03 00:08:24 | 00,274,489 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputyc.dll
[2009/03/03 00:08:24 | 00,262,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputy.exe
[2009/03/03 00:08:24 | 00,045,109 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpuex.exe
[2009/03/03 00:08:23 | 00,233,527 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjprw.exe
[2009/03/03 00:08:22 | 00,307,257 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.exe
[2009/03/03 00:08:22 | 00,208,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpmig.exe
[2009/03/03 00:08:22 | 00,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2009/03/03 00:08:22 | 00,155,705 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdsvr.exe
[2009/03/03 00:08:22 | 00,081,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.dll
[2009/03/03 00:08:22 | 00,057,398 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdadm.exe
[2009/03/03 00:08:21 | 00,716,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcus.dll
[2009/03/03 00:08:21 | 00,368,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcic.dll
[2009/03/03 00:08:20 | 00,811,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81k.dll
[2009/03/03 00:08:20 | 00,340,023 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81.ime
[2009/03/03 00:08:20 | 00,311,359 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsv.exe
[2009/03/03 00:08:19 | 00,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2009/03/03 00:08:19 | 00,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrcic.dll
[2009/03/03 00:08:19 | 00,102,463 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsm.dll
[2009/03/03 00:08:19 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekr61.ime
[2009/03/03 00:08:19 | 00,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmbx.dll
[2009/03/03 00:08:19 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmig.exe
[2009/03/03 00:08:18 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iissync.exe
[2009/03/03 00:08:18 | 00,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iismui.dll
[2009/03/03 00:08:17 | 00,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisclex4.dll
[2009/03/03 00:08:17 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iiscrmap.dll
[2009/03/03 00:08:12 | 10,129,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxkor.dll
[2009/03/03 00:08:08 | 13,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2009/03/03 00:08:04 | 10,096,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxcht.dll
[2009/03/03 00:08:02 | 00,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2009/03/03 00:08:02 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hanjadic.dll
[2009/03/03 00:07:59 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsroute.dll
[2009/03/03 00:07:59 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssend.exe
[2009/03/03 00:07:57 | 00,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclntr.dll
[2009/03/03 00:07:57 | 00,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscfgwz.dll
[2009/03/03 00:07:56 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpctrs2.dll
[2009/03/03 00:07:56 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftlx041e.dll
[2009/03/03 00:07:55 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe
[2009/03/03 00:07:54 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll
[2009/03/03 00:07:53 | 00,045,056 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll
[2009/03/03 00:07:53 | 00,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\et4000.sys
[2009/03/03 00:07:52 | 00,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll
[2009/03/03 00:07:52 | 00,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll
[2009/03/03 00:07:51 | 00,514,587 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\edb500.dll
[2009/03/03 00:07:47 | 00,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dayi.ime
[2009/03/03 00:07:45 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cprofile.exe
[2009/03/03 00:07:44 | 00,057,399 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cplexe.exe
[2009/03/03 00:07:44 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\convlog.exe
[2009/03/03 00:07:44 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\counters.dll
[2009/03/03 00:07:43 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\controt.dll
[2009/03/03 00:07:41 | 00,480,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintsetp.exe
[2009/03/03 00:07:41 | 00,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintime.dll
[2009/03/03 00:07:41 | 00,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2009/03/03 00:07:41 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtskdic.dll
[2009/03/03 00:07:41 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintlgnt.ime
[2009/03/03 00:07:40 | 01,677,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chsbrkr.dll
[2009/03/03 00:07:40 | 00,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtbrkr.dll
[2009/03/03 00:07:40 | 00,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtmbx.dll
[2009/03/03 00:07:39 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgport.exe
[2009/03/03 00:07:39 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgusr.exe
[2009/03/03 00:07:39 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chglogon.exe
[2009/03/03 00:07:39 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\change.exe
[2009/03/03 00:07:38 | 00,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chajei.ime
[2009/03/03 00:07:37 | 00,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2009/03/03 00:07:37 | 00,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_iscii.dll
[2009/03/03 00:07:37 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_is2022.dll
[2009/03/03 00:07:36 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_864.nls
[2009/03/03 00:07:36 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_862.nls
[2009/03/03 00:07:36 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_858.nls
[2009/03/03 00:07:36 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_720.nls
[2009/03/03 00:07:36 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_870.nls
[2009/03/03 00:07:36 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_708.nls
[2009/03/03 00:07:35 | 00,180,770 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20932.nls
[2009/03/03 00:07:35 | 00,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20949.nls
[2009/03/03 00:07:35 | 00,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20936.nls
[2009/03/03 00:07:35 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28596.nls
[2009/03/03 00:07:35 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21027.nls
[2009/03/03 00:07:35 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21025.nls
[2009/03/03 00:07:34 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20924.nls
[2009/03/03 00:07:34 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20880.nls
[2009/03/03 00:07:34 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20871.nls
[2009/03/03 00:07:34 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20838.nls
[2009/03/03 00:07:34 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20833.nls
[2009/03/03 00:07:34 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20424.nls
[2009/03/03 00:07:33 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20423.nls
[2009/03/03 00:07:33 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20420.nls
[2009/03/03 00:07:33 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20297.nls
[2009/03/03 00:07:33 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20290.nls
[2009/03/03 00:07:33 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20285.nls
[2009/03/03 00:07:33 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20284.nls
[2009/03/03 00:07:33 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20280.nls
[2009/03/03 00:07:32 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20278.nls
[2009/03/03 00:07:32 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20277.nls
[2009/03/03 00:07:32 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20273.nls
[2009/03/03 00:07:32 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20269.nls
[2009/03/03 00:07:32 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20108.nls
[2009/03/03 00:07:32 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20107.nls
[2009/03/03 00:07:32 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20106.nls
[2009/03/03 00:07:31 | 00,187,938 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20005.nls
[2009/03/03 00:07:31 | 00,185,378 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20003.nls
[2009/03/03 00:07:31 | 00,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20004.nls
[2009/03/03 00:07:31 | 00,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20002.nls
[2009/03/03 00:07:31 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20105.nls
[2009/03/03 00:07:30 | 00,189,986 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1361.nls
[2009/03/03 00:07:30 | 00,186,402 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20001.nls
[2009/03/03 00:07:30 | 00,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20000.nls
[2009/03/03 00:07:30 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1149.nls
[2009/03/03 00:07:30 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1148.nls
[2009/03/03 00:07:29 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1147.nls
[2009/03/03 00:07:29 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1146.nls
[2009/03/03 00:07:29 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1145.nls
[2009/03/03 00:07:29 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1144.nls
[2009/03/03 00:07:29 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1143.nls
[2009/03/03 00:07:29 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1142.nls
[2009/03/03 00:07:29 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1141.nls
[2009/03/03 00:07:28 | 00,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10003.nls
[2009/03/03 00:07:28 | 00,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10008.nls
[2009/03/03 00:07:28 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1140.nls
[2009/03/03 00:07:28 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1047.nls
[2009/03/03 00:07:28 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10021.nls
[2009/03/03 00:07:28 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10005.nls
[2009/03/03 00:07:28 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10004.nls
[2009/03/03 00:07:27 | 00,195,618 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10002.nls
[2009/03/03 00:07:27 | 00,162,850 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10001.nls
[2009/03/03 00:07:27 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\browscap.dll
[2009/03/03 00:07:26 | 00,082,172 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bopomofo.nls
[2009/03/03 00:07:26 | 00,066,728 | ---- | C] () -- C:\WINDOWS\System32\dllcache\big5.nls
[2009/03/03 00:07:25 | 00,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asptxn.dll
[2009/03/03 00:07:25 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\authfilt.dll
[2009/03/03 00:07:24 | 00,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll
[2009/03/03 00:07:24 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aspperf.dll
[2009/03/03 00:07:21 | 00,049,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adrot.dll
[2009/03/03 00:07:21 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admxprox.dll
[2009/03/03 00:07:21 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll
[2009/03/03 00:07:16 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamregps.dll
[2009/03/03 00:07:07 | 00,169,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisui.dll
[2009/03/03 00:07:07 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetsloc.dll
[2009/03/03 00:07:07 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmgr.exe
[2009/03/03 00:07:06 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisreset.exe
[2009/03/03 00:07:06 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpsapi2.dll
[2009/03/03 00:07:06 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrstap.dll
[2009/03/03 00:07:00 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\certmap.ocx
[2009/03/03 00:06:52 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom
[2009/03/03 00:06:52 | 00,000,000 | ---D | C] -- C:\Program Files\xerox
[2009/03/03 00:06:52 | 00,000,000 | ---D | C] -- C:\Program Files\microsoft frontpage
[2009/03/03 00:06:27 | 00,002,617 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT
[2009/03/03 00:06:27 | 00,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2009/03/03 00:06:27 | 00,000,000 | RHS- | C] () -- C:\IO.SYS
[2009/03/03 00:06:27 | 00,000,000 | ---- | C] () -- C:\WINDOWS\control.ini
[2009/03/03 00:06:27 | 00,000,000 | ---- | C] () -- C:\CONFIG.SYS
[2009/03/03 00:06:27 | 00,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT
[2009/03/03 00:06:17 | 00,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2009/03/03 00:06:17 | 00,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2009/03/03 00:06:15 | 00,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2009/03/03 00:06:06 | 00,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mapi32.dll
[2009/03/03 00:04:43 | 00,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages
[2009/03/03 00:04:42 | 00,000,488 | RH-- | C] () -- C:\WINDOWS\System32\WindowsLogon.manifest
[2009/03/03 00:04:42 | 00,000,488 | RH-- | C] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2009/03/03 00:04:42 | 00,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files
[2009/03/03 00:04:34 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\WindowsShell.Manifest
[2009/03/03 00:04:34 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2009/03/03 00:04:34 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2009/03/03 00:04:34 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2009/03/03 00:04:34 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2009/03/03 00:04:34 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2009/03/03 00:04:28 | 00,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate
[2009/03/03 00:04:13 | 04,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex
[2009/03/03 00:04:06 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX
[2009/03/03 00:03:42 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\notiflag.exe
[2009/03/03 00:03:42 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\brpinfo.dll
[2009/03/03 00:03:42 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atrace.dll
[2009/03/03 00:03:42 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\atrace.dll
[2009/03/03 00:03:41 | 00,099,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helphost.exe
[2009/03/03 00:03:41 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hcappres.dll
[2009/03/03 00:03:40 | 00,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2009/03/03 00:03:40 | 00,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2009/03/03 00:03:39 | 00,000,002 | ---- | C] () -- C:\WINDOWS\System32\desktop.ini
[2009/03/03 00:03:39 | 00,000,002 | ---- | C] () -- C:\WINDOWS\desktop.ini
[2009/03/03 00:03:33 | 00,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srdiag.exe
[2009/03/03 00:03:33 | 00,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf
[2009/03/03 00:03:32 | 00,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msg723.acm
[2009/03/03 00:03:32 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmevtmsg.dll
[2009/03/03 00:03:32 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmevtmsg.dll
[2009/03/03 00:03:31 | 00,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\acctres.dll
[2009/03/03 00:03:31 | 00,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\acctres.dll
[2009/03/03 00:03:31 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msinfo32.exe
[2009/03/03 00:03:31 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wb32.exe
[2009/03/03 00:03:31 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cb32.exe
[2009/03/03 00:03:30 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Services
[2009/03/03 00:03:25 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwres.dll
[2009/03/03 00:03:25 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trialoc.dll
[2009/03/03 00:03:25 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icfgnt5.dll
[2009/03/03 00:03:25 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icfgnt5.dll
[2009/03/03 00:03:25 | 00,000,065 | RH-- | C] () -- C:\WINDOWS\tasks\desktop.ini
[2009/03/03 00:03:25 | 00,000,000 | --SD | C] -- C:\WINDOWS\Tasks
[2009/03/03 00:03:24 | 00,235,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssoap1.dll
[2009/03/03 00:03:24 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwtutor.exe
[2009/03/03 00:03:24 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wisc10.dll
[2009/03/03 00:03:24 | 00,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssoapr.dll
[2009/03/03 00:03:24 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isignup.exe
[2009/03/03 00:03:24 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap
[2009/03/03 00:03:23 | 00,093,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieinfo5.ocx
[2009/03/03 00:03:20 | 00,000,000 | ---D | C] -- C:\WINDOWS\srchasst
[2009/03/03 00:03:18 | 00,096,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpband.dll
[2009/03/03 00:03:18 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed
[2009/03/03 00:03:17 | 01,669,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setup_wm.exe
[2009/03/03 00:03:17 | 00,786,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migrate.exe
[2009/03/03 00:03:17 | 00,243,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpvis.dll
[2009/03/03 00:03:17 | 00,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpns.dll
[2009/03/03 00:03:17 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\custsat.dll
[2009/03/03 00:03:16 | 00,364,544 | ---- | C] (Microsoft Corporation (written by Digital Renaissance Inc.)) -- C:\WINDOWS\System32\dllcache\npdsplay.dll
[2009/03/03 00:03:16 | 00,226,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npdrmv2.dll
[2009/03/03 00:03:16 | 00,064,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmplayer.exe
[2009/03/03 00:03:16 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npwmsdrm.dll
[2009/03/03 00:03:15 | 00,323,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll
[2009/03/03 00:03:15 | 00,202,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuweb.dll
[2009/03/03 00:03:15 | 00,183,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng1.dll
[2009/03/03 00:03:15 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauserv.dll
[2009/03/03 00:03:15 | 00,004,639 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplayer2.exe
[2009/03/03 00:03:14 | 01,809,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng.dll
[2009/03/03 00:03:14 | 00,561,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll
[2009/03/03 00:03:14 | 00,213,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaucpl.cpl
[2009/03/03 00:03:14 | 00,165,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauclt1.exe
[2009/03/03 00:03:14 | 00,051,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauclt.exe
[2009/03/03 00:03:14 | 00,034,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wups.dll
[2009/03/03 00:03:14 | 00,034,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wups.dll
[2009/03/03 00:03:13 | 00,409,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qmgr.dll
[2009/03/03 00:03:13 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qmgrprxy.dll
[2009/03/03 00:03:13 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx2.dll
[2009/03/03 00:03:13 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx3.dll
[2009/03/03 00:03:09 | 00,000,000 | ---D | C] -- C:\Program Files\Movie Maker
[2009/03/03 00:03:04 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrslv.dll
[2009/03/03 00:03:04 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrcdlg.dll
[2009/03/03 00:03:04 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\racpldlg.dll
[2009/03/03 00:03:04 | 00,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrdm.dll
[2009/03/03 00:03:00 | 00,129,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\fltmgr.sys
[2009/03/03 00:03:00 | 00,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fltmc.exe
[2009/03/03 00:03:00 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fltlib.dll
[2009/03/03 00:02:59 | 00,239,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srrstr.dll
[2009/03/03 00:02:59 | 00,171,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srsvc.dll
[2009/03/03 00:02:59 | 00,073,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sr.sys
[2009/03/03 00:02:59 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srclient.dll
[2009/03/03 00:02:59 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore
[2009/03/03 00:02:58 | 00,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msh261.drv
[2009/03/03 00:02:58 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ils.dll
[2009/03/03 00:02:58 | 00,034,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mnmdd.dll
[2009/03/03 00:02:58 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmmkcert.dll
[2009/03/03 00:02:57 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msconf.dll
[2009/03/03 00:02:57 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mnmsrvc.exe
[2009/03/03 00:02:54 | 00,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoeacct.dll
[2009/03/03 00:02:54 | 00,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoert2.dll
[2009/03/03 00:02:54 | 00,000,000 | ---D | C] -- C:\Program Files\NetMeeting
[2009/03/03 00:02:53 | 00,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetres.dll
[2009/03/03 00:02:52 | 00,691,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcomm.dll
[2009/03/03 00:02:51 | 00,192,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\schedsvc.dll
[2009/03/03 00:02:51 | 00,000,000 | ---D | C] -- C:\Program Files\Outlook Express
[2009/03/03 00:02:50 | 00,274,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstask.dll
[2009/03/03 00:02:50 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\isign32.dll
[2009/03/03 00:02:50 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwdial.dll
[2009/03/03 00:02:50 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwphbk.dll
[2009/03/03 00:02:50 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstinit.exe
[2009/03/03 00:02:49 | 00,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcfg.dll
[2009/03/03 00:02:44 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\System
[2009/03/03 00:02:38 | 00,000,000 | ---D | C] -- C:\Program Files\Internet Explorer
[2009/03/03 00:02:37 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Pictures
[2009/03/03 00:02:06 | 00,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009/03/03 00:01:56 | 00,000,000 | ---D | C] -- C:\Program Files\ComPlus Applications
[2009/03/03 00:01:54 | 00,000,037 | ---- | C] () -- C:\WINDOWS\vbaddin.ini
[2009/03/03 00:01:54 | 00,000,036 | ---- | C] () -- C:\WINDOWS\vb.ini
[2009/03/03 00:01:49 | 00,000,000 | ---D | C] -- C:\WINDOWS\Registration
[2009/03/03 00:01:41 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Music
[2009/03/03 00:01:41 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Media Player
[2009/03/03 00:01:41 | 00,000,000 | ---D | C] -- C:\Program Files\Online Services
[2009/03/03 00:01:34 | 00,000,000 | ---D | C] -- C:\Program Files\Messenger
[2009/03/03 00:01:33 | 01,817,687 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgres.dll
[2009/03/03 00:01:33 | 00,753,236 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvseres.dll
[2009/03/03 00:01:33 | 00,082,501 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckg.dll
[2009/03/03 00:01:33 | 00,048,706 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvse.dll
[2009/03/03 00:01:33 | 00,042,577 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgzm.exe
[2009/03/03 00:01:33 | 00,042,575 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrzm.exe
[2009/03/03 00:01:33 | 00,042,574 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvsezm.exe
[2009/03/03 00:01:32 | 02,178,131 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlres.dll
[2009/03/03 00:01:32 | 01,175,635 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzres.dll
[2009/03/03 00:01:32 | 00,780,885 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrres.dll
[2009/03/03 00:01:32 | 00,066,113 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvl.dll
[2009/03/03 00:01:32 | 00,057,409 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtz.dll
[2009/03/03 00:01:32 | 00,042,573 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlzm.exe
[2009/03/03 00:01:32 | 00,042,573 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzzm.exe
[2009/03/03 00:01:32 | 00,040,515 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkr.dll
[2009/03/03 00:01:32 | 00,032,339 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniansi.dll
[2009/03/03 00:01:32 | 00,004,677 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zeeverm.dll
[2009/03/03 00:01:31 | 01,039,955 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnresm.dll
[2009/03/03 00:01:31 | 00,217,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnclim.dll
[2009/03/03 00:01:31 | 00,113,222 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zoneclim.dll
[2009/03/03 00:01:31 | 00,041,029 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zcorem.dll
[2009/03/03 00:01:31 | 00,013,894 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zonelibm.dll
[2009/03/03 00:01:30 | 00,036,937 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zclientm.exe
[2009/03/03 00:01:30 | 00,029,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\znetm.dll
[2009/03/03 00:01:30 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\write.exe
[2009/03/03 00:01:30 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\write.exe
[2009/03/03 00:01:30 | 00,000,000 | ---D | C] -- C:\Program Files\MSN Gaming Zone
[2009/03/03 00:01:21 | 00,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndvol32.exe
[2009/03/03 00:01:21 | 00,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndvol32.exe
[2009/03/03 00:01:20 | 00,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avtapi.dll
[2009/03/03 00:01:20 | 00,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avtapi.dll
[2009/03/03 00:01:20 | 00,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avwav.dll
[2009/03/03 00:01:20 | 00,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avwav.dll
[2009/03/03 00:01:20 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winchat.exe
[2009/03/03 00:01:20 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winchat.exe
[2009/03/03 00:01:20 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avmeter.dll
[2009/03/03 00:01:20 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avmeter.dll
[2009/03/03 00:01:13 | 00,009,522 | ---- | C] () -- C:\WINDOWS\Zapotec.bmp
[2009/03/03 00:01:12 | 00,065,954 | ---- | C] () -- C:\WINDOWS\Prairie Wind.bmp
[2009/03/03 00:01:12 | 00,065,832 | ---- | C] () -- C:\WINDOWS\Santa Fe Stucco.bmp
[2009/03/03 00:01:12 | 00,026,680 | ---- | C] () -- C:\WINDOWS\River Sumida.bmp
[2009/03/03 00:01:12 | 00,017,362 | ---- | C] () -- C:\WINDOWS\Rhododendron.bmp
[2009/03/03 00:01:11 | 00,065,978 | ---- | C] () -- C:\WINDOWS\Soap Bubbles.bmp
[2009/03/03 00:01:11 | 00,026,582 | ---- | C] () -- C:\WINDOWS\Greenstone.bmp
[2009/03/03 00:01:11 | 00,017,336 | ---- | C] () -- C:\WINDOWS\Gone Fishing.bmp
[2009/03/03 00:01:11 | 00,017,062 | ---- | C] () -- C:\WINDOWS\Coffee Bean.bmp
[2009/03/03 00:01:11 | 00,016,730 | ---- | C] () -- C:\WINDOWS\FeatherTexture.bmp
[2009/03/03 00:01:11 | 00,001,272 | ---- | C] () -- C:\WINDOWS\Blue Lace 16.bmp
[2009/03/03 00:01:10 | 00,605,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\getuname.dll
[2009/03/03 00:01:10 | 00,605,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\getuname.dll
[2009/03/03 00:01:10 | 00,093,702 | ---- | C] () -- C:\WINDOWS\System32\subrange.uce
[2009/03/03 00:01:10 | 00,060,458 | ---- | C] () -- C:\WINDOWS\System32\ideograf.uce
[2009/03/03 00:01:10 | 00,024,006 | ---- | C] () -- C:\WINDOWS\System32\gb2312.uce
[2009/03/03 00:01:10 | 00,022,984 | ---- | C] () -- C:\WINDOWS\System32\bopomofo.uce
[2009/03/03 00:01:10 | 00,016,740 | ---- | C] () -- C:\WINDOWS\System32\shiftjis.uce
[2009/03/03 00:01:10 | 00,012,876 | ---- | C] () -- C:\WINDOWS\System32\korean.uce
[2009/03/03 00:01:10 | 00,008,484 | ---- | C] () -- C:\WINDOWS\System32\kanji_2.uce
[2009/03/03 00:01:10 | 00,006,948 | ---- | C] () -- C:\WINDOWS\System32\kanji_1.uce
[2009/03/03 00:01:09 | 00,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winmine.exe
[2009/03/03 00:01:09 | 00,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmine.exe
[2009/03/03 00:01:09 | 00,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\calc.exe
[2009/03/03 00:01:09 | 00,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\calc.exe
[2009/03/03 00:01:09 | 00,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\charmap.exe
[2009/03/03 00:01:09 | 00,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\charmap.exe
[2009/03/03 00:01:09 | 00,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sol.exe
[2009/03/03 00:01:09 | 00,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sol.exe
[2009/03/03 00:01:08 | 00,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mshearts.exe
[2009/03/03 00:01:08 | 00,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshearts.exe
[2009/03/03 00:01:08 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\freecell.exe
[2009/03/03 00:01:08 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\freecell.exe
[2009/03/03 00:01:08 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\reset.exe
[2009/03/03 00:01:08 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\reset.exe
[2009/03/03 00:01:08 | 00,001,161 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2009/03/03 00:01:07 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\regini.exe
[2009/03/03 00:01:07 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\regini.exe
[2009/03/03 00:01:07 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsshutdn.exe
[2009/03/03 00:01:07 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsshutdn.exe
[2009/03/03 00:01:07 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tskill.exe
[2009/03/03 00:01:07 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tskill.exe
[2009/03/03 00:01:07 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rwinsta.exe
[2009/03/03 00:01:07 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rwinsta.exe
[2009/03/03 00:01:07 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsdiscon.exe
[2009/03/03 00:01:07 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscon.exe
[2009/03/03 00:01:07 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\shadow.exe
[2009/03/03 00:01:07 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsdiscon.exe
[2009/03/03 00:01:07 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscon.exe
[2009/03/03 00:01:07 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shadow.exe
[2009/03/03 00:01:07 | 00,013,223 | ---- | C] () -- C:\WINDOWS\System32\tslabels.ini
[2009/03/03 00:01:07 | 00,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h
[2009/03/03 00:01:06 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qwinsta.exe
[2009/03/03 00:01:06 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qwinsta.exe
[2009/03/03 00:01:06 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qappsrv.exe
[2009/03/03 00:01:06 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qappsrv.exe
[2009/03/03 00:01:06 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpcfgex.dll
[2009/03/03 00:01:06 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpcfgex.dll
[2009/03/03 00:01:05 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msg.exe
[2009/03/03 00:01:05 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msg.exe
[2009/03/03 00:01:05 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtsadmin.tlb
[2009/03/03 00:01:05 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cdmodem.dll
[2009/03/03 00:01:05 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cdmodem.dll
[2009/03/03 00:01:05 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\logoff.exe
[2009/03/03 00:01:05 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logoff.exe
[2009/03/03 00:01:05 | 00,001,931 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.ini
[2009/03/03 00:01:05 | 00,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h
[2009/03/03 00:01:04 | 00,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comrepl.dll
[2009/03/03 00:01:04 | 00,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxlegih.dll
[2009/03/03 00:01:04 | 00,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxdm.dll
[2009/03/03 00:01:04 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comaddin.dll
[2009/03/03 00:01:04 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dcomcnfg.exe
[2009/03/03 00:01:04 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxex.dll
[2009/03/03 00:01:03 | 00,167,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsnap.dll
[2009/03/03 00:01:03 | 00,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\stclient.dll
[2009/03/03 00:01:03 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmi2xml.dll
[2009/03/03 00:00:59 | 00,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\updprov.dll
[2009/03/03 00:00:59 | 00,075,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipicmp.dll
[2009/03/03 00:00:59 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmimsg.dll
[2009/03/03 00:00:59 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemdisp.tlb
[2009/03/03 00:00:59 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trnsprov.dll
[2009/03/03 00:00:59 | 00,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmitimep.dll
[2009/03/03 00:00:59 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.tlb
[2009/03/03 00:00:59 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unsecapp.exe
[2009/03/03 00:00:59 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmtr.dll
[2009/03/03 00:00:59 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmt.exe
[2009/03/03 00:00:59 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.dll
[2009/03/03 00:00:58 | 00,273,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msiprov.dll
[2009/03/03 00:00:58 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmplprov.dll
[2009/03/03 00:00:58 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fwdprov.dll
[2009/03/03 00:00:58 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpcons.dll
[2009/03/03 00:00:57 | 00,120,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsprov.dll
[2009/03/03 00:00:57 | 00,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc
[2009/03/03 00:00:47 | 00,000,000 | ---D | C] -- C:\Program Files\MSN
[2009/03/03 00:00:46 | 00,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\accwiz.exe
[2009/03/03 00:00:46 | 00,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndrec32.exe
[2009/03/03 00:00:46 | 00,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mplay32.exe
[2009/03/03 00:00:46 | 00,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplay32.exe
[2009/03/03 00:00:46 | 00,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\access.cpl
[2009/03/03 00:00:45 | 00,343,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mspaint.exe
[2009/03/03 00:00:45 | 00,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clipbrd.exe
[2009/03/03 00:00:45 | 00,000,000 | ---D | C] -- C:\Program Files\Windows NT
[2009/03/03 00:00:44 | 00,538,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spider.exe
[2009/03/03 00:00:42 | 00,139,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rdpwd.sys
[2009/03/03 00:00:42 | 00,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscfgwmi.dll
[2009/03/03 00:00:42 | 00,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tdtcp.sys
[2009/03/03 00:00:42 | 00,012,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tdpipe.sys
[2009/03/03 00:00:41 | 02,061,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstscax.dll
[2009/03/03 00:00:41 | 00,677,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstsc.exe
[2009/03/03 00:00:41 | 00,655,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstscax.dll
[2009/03/03 00:00:41 | 00,407,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstsc.exe
[2009/03/03 00:00:41 | 00,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdchost.dll
[2009/03/03 00:00:41 | 00,141,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sessmgr.exe
[2009/03/03 00:00:41 | 00,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdshost.exe
[2009/03/03 00:00:41 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\remotepg.dll
[2009/03/03 00:00:41 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdsaddin.exe
[2009/03/03 00:00:40 | 00,295,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\termsrv.dll
[2009/03/03 00:00:40 | 00,087,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpwsx.dll
[2009/03/03 00:00:40 | 00,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpclip.exe
[2009/03/03 00:00:40 | 00,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscupgrd.exe
[2009/03/03 00:00:40 | 00,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscupgrd.exe
[2009/03/03 00:00:40 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cfgbkend.dll
[2009/03/03 00:00:40 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpsnd.dll
[2009/03/03 00:00:40 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qprocess.exe
[2009/03/03 00:00:40 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icaapi.dll
[2009/03/03 00:00:39 | 00,956,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtctm.dll
[2009/03/03 00:00:39 | 00,427,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcprx.dll
[2009/03/03 00:00:39 | 00,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcuiu.dll
[2009/03/03 00:00:39 | 00,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxoci.dll
[2009/03/03 00:00:39 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtclog.dll
[2009/03/03 00:00:39 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xolehlp.dll
[2009/03/03 00:00:39 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc
[2009/03/03 00:00:38 | 00,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clbcatex.dll
[2009/03/03 00:00:38 | 00,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvps.dll
[2009/03/03 00:00:38 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\colbact.dll
[2009/03/03 00:00:38 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtc.exe
[2009/03/03 00:00:38 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Com
[2009/03/03 00:00:37 | 01,267,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsvcs.dll
[2009/03/03 00:00:37 | 00,625,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvut.dll
[2009/03/03 00:00:37 | 00,539,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comuid.dll
[2009/03/03 00:00:37 | 00,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrv.dll
[2009/03/03 00:00:36 | 00,498,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clbcatq.dll
[2009/03/03 00:00:30 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\servdeps.dll
[2009/03/03 00:00:29 | 00,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmprops.dll
[2009/03/03 00:00:29 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\licwmi.dll
[2009/03/03 00:00:29 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmfutil.dll
[2009/03/03 00:00:24 | 00,196,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rdpdr.sys
[2009/03/03 00:00:24 | 00,040,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\termdd.sys
[2009/03/03 00:00:23 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Videos
[2009/03/02 17:56:40 | 00,006,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\splitter.sys
[2009/03/02 17:56:38 | 00,142,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\aec.sys
[2009/03/02 17:56:33 | 00,056,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\swmidi.sys
[2009/03/02 17:56:31 | 00,052,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\dmusic.sys
[2009/03/02 17:56:28 | 00,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mskssrv.sys
[2009/03/02 17:56:27 | 00,002,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmkaud.sys
[2009/03/02 17:56:25 | 00,005,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mspclock.sys
[2009/03/02 17:56:23 | 00,060,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sysaudio.sys
[2009/03/02 17:56:21 | 00,172,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\kmixer.sys
[2009/03/02 17:56:20 | 00,004,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mspqm.sys
[2009/03/02 17:56:18 | 00,083,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\wdmaud.sys
[2009/03/02 17:56:13 | 00,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\audstub.sys
[2009/03/02 17:55:58 | 00,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbprint.sys
[2009/03/02 17:55:41 | 00,057,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\redbook.sys
[2009/03/02 17:55:09 | 00,146,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\portcls.sys
[2009/03/02 17:55:09 | 00,146,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\portcls.sys
[2009/03/02 17:55:09 | 00,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksproxy.ax
[2009/03/02 17:55:09 | 00,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksproxy.ax
[2009/03/02 17:55:09 | 00,060,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmk.sys
[2009/03/02 17:55:09 | 00,060,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmk.sys
[2009/03/02 17:55:09 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksuser.dll
[2009/03/02 17:55:09 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksuser.dll
[2009/03/02 17:55:09 | 00,002,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\msmpu401.sys
[2009/03/02 17:55:07 | 00,010,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\gameenum.sys
[2009/03/02 17:55:04 | 00,044,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\uagp35.sys
[2009/03/02 17:54:41 | 00,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\usbui.dll
[2009/03/02 17:53:15 | 00,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2009/03/02 17:53:11 | 00,356,120 | ---- | C] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/03/02 17:53:11 | 00,000,000 | -HSD | C] -- C:\WINDOWS\Installer
[2009/03/02 17:53:10 | 00,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009/03/02 17:53:10 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC
[2009/03/02 17:53:09 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spcommon.dll
[2009/03/02 17:53:09 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spcplui.dll
[2009/03/02 17:53:08 | 01,685,606 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.spd
[2009/03/02 17:53:08 | 00,774,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spttseng.dll
[2009/03/02 17:53:08 | 00,000,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.sdf
[2009/03/02 17:53:07 | 00,643,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa
[2009/03/02 17:53:07 | 00,605,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa
[2009/03/02 17:53:07 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapisvr.exe
[2009/03/02 17:53:07 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeechEngines
[2009/03/02 17:53:05 | 00,000,000 | R--D | C] -- C:\Program Files
[2009/03/02 17:53:05 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Shared
[2009/03/02 17:53:05 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files
[2009/03/02 17:53:04 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28603.nls
[2009/03/02 17:53:04 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28603.nls
[2009/03/02 17:53:02 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_857.nls
[2009/03/02 17:53:02 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_857.nls
[2009/03/02 17:53:02 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28599.nls
[2009/03/02 17:53:02 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10081.nls
[2009/03/02 17:53:02 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28599.nls
[2009/03/02 17:53:02 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10081.nls
[2009/03/02 17:53:02 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuq.dll
[2009/03/02 17:53:02 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuf.dll
[2009/03/02 17:53:02 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtuq.dll
[2009/03/02 17:53:02 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtuf.dll
[2009/03/02 17:53:02 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdazel.dll
[2009/03/02 17:53:02 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdazel.dll
[2009/03/02 17:53:00 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28595.nls
[2009/03/02 17:53:00 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10017.nls
[2009/03/02 17:53:00 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10007.nls
[2009/03/02 17:53:00 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28595.NLS
[2009/03/02 17:53:00 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10017.nls
[2009/03/02 17:53:00 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10007.nls
[2009/03/02 17:53:00 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycc.dll
[2009/03/02 17:53:00 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbduzb.dll
[2009/03/02 17:53:00 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdur.dll
[2009/03/02 17:53:00 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtat.dll
[2009/03/02 17:53:00 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru1.dll
[2009/03/02 17:53:00 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru.dll
[2009/03/02 17:53:00 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmon.dll
[2009/03/02 17:53:00 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkyr.dll
[2009/03/02 17:53:00 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkaz.dll
[2009/03/02 17:53:00 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbu.dll
[2009/03/02 17:53:00 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdblr.dll
[2009/03/02 17:53:00 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdaze.dll
[2009/03/02 17:53:00 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdycc.dll
[2009/03/02 17:53:00 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbduzb.dll
[2009/03/02 17:53:00 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdur.dll
[2009/03/02 17:53:00 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtat.dll
[2009/03/02 17:53:00 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdru1.dll
[2009/03/02 17:53:00 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdru.dll
[2009/03/02 17:53:00 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdmon.dll
[2009/03/02 17:53:00 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkyr.dll
[2009/03/02 17:53:00 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkaz.dll
[2009/03/02 17:53:00 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdbu.dll
[2009/03/02 17:53:00 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdblr.dll
[2009/03/02 17:53:00 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdaze.dll
[2009/03/02 17:52:58 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_869.nls
[2009/03/02 17:52:58 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_737.nls
[2009/03/02 17:52:58 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_869.nls
[2009/03/02 17:52:58 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_737.nls
[2009/03/02 17:52:58 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_875.nls
[2009/03/02 17:52:58 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28597.nls
[2009/03/02 17:52:58 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10006.nls
[2009/03/02 17:52:58 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_875.nls
[2009/03/02 17:52:58 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28597.NLS
[2009/03/02 17:52:58 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10006.nls
[2009/03/02 17:52:58 | 00,008,192 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhept.dll
[2009/03/02 17:52:58 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhept.dll
[2009/03/02 17:52:58 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela3.dll
[2009/03/02 17:52:58 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhela3.dll
[2009/03/02 17:52:58 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela2.dll
[2009/03/02 17:52:58 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdgkl.dll
[2009/03/02 17:52:58 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhela2.dll
[2009/03/02 17:52:58 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgkl.dll
[2009/03/02 17:52:58 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe319.dll
[2009/03/02 17:52:58 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe220.dll
[2009/03/02 17:52:58 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe.dll
[2009/03/02 17:52:58 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe319.dll
[2009/03/02 17:52:58 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe220.dll
[2009/03/02 17:52:58 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe.dll
[2009/03/02 17:52:57 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv1.dll
[2009/03/02 17:52:57 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv.dll
[2009/03/02 17:52:57 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlv1.dll
[2009/03/02 17:52:57 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlv.dll
[2009/03/02 17:52:57 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt1.dll
[2009/03/02 17:52:57 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt.dll
[2009/03/02 17:52:57 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlt1.dll
[2009/03/02 17:52:57 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlt.dll
[2009/03/02 17:52:56 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_866.nls
[2009/03/02 17:52:56 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_855.nls
[2009/03/02 17:52:56 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_866.nls
[2009/03/02 17:52:56 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_855.nls
[2009/03/02 17:52:56 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28594.nls
[2009/03/02 17:52:56 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28594.NLS
[2009/03/02 17:52:56 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdest.dll
[2009/03/02 17:52:56 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdest.dll
[2009/03/02 17:52:54 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_852.nls
[2009/03/02 17:52:54 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_852.nls
[2009/03/02 17:52:54 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10082.nls
[2009/03/02 17:52:54 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10029.nls
[2009/03/02 17:52:54 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10010.nls
[2009/03/02 17:52:54 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10082.nls
[2009/03/02 17:52:54 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10029.nls
[2009/03/02 17:52:54 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10010.nls
[2009/03/02 17:52:54 | 00,007,168 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz.dll
[2009/03/02 17:52:54 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz.dll
[2009/03/02 17:52:54 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycl.dll
[2009/03/02 17:52:54 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl1.dll
[2009/03/02 17:52:54 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl.dll
[2009/03/02 17:52:54 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpl.dll
[2009/03/02 17:52:54 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu.dll
[2009/03/02 17:52:54 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz2.dll
[2009/03/02 17:52:54 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz1.dll
[2009/03/02 17:52:54 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcr.dll
[2009/03/02 17:52:54 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\KBDAL.DLL
[2009/03/02 17:52:54 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdycl.dll
[2009/03/02 17:52:54 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsl1.dll
[2009/03/02 17:52:54 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsl.dll
[2009/03/02 17:52:54 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdpl.dll
[2009/03/02 17:52:54 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhu.dll
[2009/03/02 17:52:54 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz2.dll
[2009/03/02 17:52:54 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz1.dll
[2009/03/02 17:52:54 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcr.dll
[2009/03/02 17:52:54 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdal.dll
[2009/03/02 17:52:54 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdro.dll
[2009/03/02 17:52:54 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpl1.dll
[2009/03/02 17:52:54 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu1.dll
[2009/03/02 17:52:54 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdro.dll
[2009/03/02 17:52:54 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdpl1.dll
[2009/03/02 17:52:54 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhu1.dll
[2009/03/02 17:52:52 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20127.nls
[2009/03/02 17:52:52 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_20127.nls
[2009/03/02 17:52:51 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irclass.dll
[2009/03/02 17:52:51 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irclass.dll
[2009/03/02 17:52:48 | 00,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\spxcoins.dll
[2009/03/02 17:52:48 | 00,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxcoins.dll
[2009/03/02 17:52:48 | 00,013,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\WFWNET.DRV
[2009/03/02 17:52:47 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLESVR.DLL
[2009/03/02 17:52:47 | 00,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TAPI.DLL
[2009/03/02 17:52:47 | 00,009,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VER.DLL
[2009/03/02 17:52:47 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SHELL.DLL
[2009/03/02 17:52:47 | 00,004,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TIMER.DRV
[2009/03/02 17:52:47 | 00,003,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SYSTEM.DRV
[2009/03/02 17:52:47 | 00,002,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VGA.DRV
[2009/03/02 17:52:47 | 00,001,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SOUND.DRV
[2009/03/02 17:52:46 | 00,126,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MSVIDEO.DLL
[2009/03/02 17:52:46 | 00,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLECLI.DLL
[2009/03/02 17:52:46 | 00,073,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIAVI.DRV
[2009/03/02 17:52:46 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIWAVE.DRV
[2009/03/02 17:52:46 | 00,025,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCISEQ.DRV
[2009/03/02 17:52:46 | 00,009,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\LZEXPAND.DLL
[2009/03/02 17:52:46 | 00,002,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MOUSE.DRV
[2009/03/02 17:52:46 | 00,002,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\KEYBOARD.DRV
[2009/03/02 17:52:46 | 00,001,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MMTASK.TSK
[2009/03/02 17:52:45 | 00,109,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVIFILE.DLL
[2009/03/02 17:52:45 | 00,069,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVICAP.DLL
[2009/03/02 17:52:45 | 00,032,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\COMMDLG.DLL
[2009/03/02 17:52:45 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\TASKMAN.EXE
[2009/03/02 17:52:45 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\taskman.exe
[2009/03/02 17:52:45 | 00,001,688 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2009/03/02 17:52:44 | 00,146,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\winspool.drv
[2009/03/02 17:52:44 | 00,068,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MMSYSTEM.DLL
[2009/03/02 17:52:44 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\irenum.sys
[2009/03/02 17:52:44 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\batt.dll
[2009/03/02 17:52:43 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\notepad.exe
[2009/03/02 17:52:42 | 00,074,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\storprop.dll
[2009/03/02 17:52:33 | 00,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2009/03/02 17:52:33 | 00,007,382 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2009/03/02 17:52:33 | 00,000,084 | -HS- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\desktop.ini
[2009/03/02 17:52:33 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Documents\desktop.ini
[2009/03/02 17:52:33 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\desktop.ini
[2009/03/02 17:52:32 | 01,042,903 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP2.CAT
[2009/03/02 17:52:32 | 00,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2009/03/02 17:52:32 | 00,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2009/03/02 17:52:32 | 00,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2009/03/02 17:52:32 | 00,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2009/03/02 17:52:32 | 00,007,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat
[2009/03/02 17:52:17 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2009/03/02 17:52:17 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot
[2009/03/02 17:52:11 | 00,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2009/03/02 17:51:34 | 00,000,000 | -HSD | C] -- C:\System Volume Information
[2009/03/02 17:51:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings
[2009/03/02 17:51:33 | 00,110,992 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/03/02 17:50:23 | 00,000,211 | -HS- | C] () -- C:\boot.ini
[2009/03/02 17:50:19 | 00,000,261 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf
[2009/03/02 17:43:04 | 00,000,000 | R-SD | C] -- C:\WINDOWS\Fonts
[2009/03/02 17:43:04 | 00,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2009/03/02 17:43:04 | 00,000,000 | R--D | C] -- C:\WINDOWS\Web
[2009/03/02 17:43:04 | 00,000,000 | -H-D | C] -- C:\WINDOWS\inf
[2009/03/02 17:43:04 | 00,000,000 | ---D | C] -- C:\WINDOWS\WinSxS
[2009/03/02 17:43:04 | 00,000,000 | ---D | C] -- C:\WINDOWS\twain_32
[2009/03/02 17:43:04 | 00,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2009/03/02 17:43:04 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\wins
[2009/03/02 17:43:04 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem
[2009/03/02 17:43:04 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt
[2009/03/02 17:43:04 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\spool
[2009/03/02 17:43:04 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt
[2009/03/02 17:43:04 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup
[2009/03/02 17:43:04 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ras
[2009/03/02 17:43:04 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe
[2009/03/02 17:43:04 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\npp
[2009/03/02 17:43:04 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\mui
[2009/03/02 17:43:04 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv
[2009/03/02 17:43:04 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\IME
[2009/03/02 17:43:04 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml
[2009/03/02 17:43:04 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ias
[2009/03/02 17:43:04 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\export
[2009/03/02 17:43:04 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc
[2009/03/02 17:43:04 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn
[2009/03/02 17:43:04 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers
[2009/03/02 17:43:04 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp
[2009/03/02 17:43:04 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\config
[2009/03/02 17:43:04 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi
[2009/03/02 17:43:04 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\3076
[2009/03/02 17:43:04 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\2052
[2009/03/02 17:43:04 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1054
[2009/03/02 17:43:04 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1042
[2009/03/02 17:43:04 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1041
[2009/03/02 17:43:04 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1037
[2009/03/02 17:43:04 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1033
[2009/03/02 17:43:04 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1031
[2009/03/02 17:43:04 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1028
[2009/03/02 17:43:04 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1025
[2009/03/02 17:43:04 | 00,000,000 | ---D | C] -- C:\WINDOWS\system32
[2009/03/02 17:43:04 | 00,000,000 | ---D | C] -- C:\WINDOWS\system
[2009/03/02 17:43:04 | 00,000,000 | ---D | C] -- C:\WINDOWS\security
[2009/03/02 17:43:04 | 00,000,000 | ---D | C] -- C:\WINDOWS\Resources
[2009/03/02 17:43:04 | 00,000,000 | ---D | C] -- C:\WINDOWS\repair
[2009/03/02 17:43:04 | 00,000,000 | ---D | C] -- C:\WINDOWS\Provisioning
[2009/03/02 17:43:04 | 00,000,000 | ---D | C] -- C:\WINDOWS\PeerNet
[2009/03/02 17:43:04 | 00,000,000 | ---D | C] -- C:\WINDOWS\pchealth
[2009/03/02 17:43:04 | 00,000,000 | ---D | C] -- C:\WINDOWS\mui
[2009/03/02 17:43:04 | 00,000,000 | ---D | C] -- C:\WINDOWS\msapps
[2009/03/02 17:43:04 | 00,000,000 | ---D | C] -- C:\WINDOWS\msagent
[2009/03/02 17:43:04 | 00,000,000 | ---D | C] -- C:\WINDOWS\Media
[2009/03/02 17:43:04 | 00,000,000 | ---D | C] -- C:\WINDOWS\java
[2009/03/02 17:43:04 | 00,000,000 | ---D | C] -- C:\WINDOWS\ime
[2009/03/02 17:43:04 | 00,000,000 | ---D | C] -- C:\WINDOWS\Help
[2009/03/02 17:43:04 | 00,000,000 | ---D | C] -- C:\WINDOWS\ehome
[2009/03/02 17:43:04 | 00,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache
[2009/03/02 17:43:04 | 00,000,000 | ---D | C] -- C:\WINDOWS\Debug
[2009/03/02 17:43:04 | 00,000,000 | ---D | C] -- C:\WINDOWS\Cursors
[2009/03/02 17:43:04 | 00,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard
[2009/03/02 17:43:04 | 00,000,000 | ---D | C] -- C:\WINDOWS\Config
[2009/03/02 17:43:04 | 00,000,000 | ---D | C] -- C:\WINDOWS\AppPatch
[2009/03/02 17:43:04 | 00,000,000 | ---D | C] -- C:\WINDOWS\addins
[2009/03/02 17:43:04 | 00,000,000 | ---D | C] -- C:\WINDOWS

========== Files - Modified Within 30 Days ==========

[4 C:\WINDOWS\System32\*.tmp files]
[4 C:\WINDOWS\*.tmp files]
[2009/03/12 14:55:45 | 00,497,664 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Elvis\Desktop\OTListIt2.exe
[2009/03/12 13:40:59 | 00,356,120 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/03/12 13:40:59 | 00,311,604 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/03/12 13:40:59 | 00,039,992 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/03/12 13:39:54 | 00,000,302 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2009/03/12 13:36:59 | 00,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/03/12 13:36:49 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/03/12 13:36:40 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/03/12 13:35:31 | 03,192,566 | -H-- | M] () -- C:\Documents and Settings\Elvis\Local Settings\Application Data\IconCache.db
[2009/03/11 22:43:12 | 00,000,765 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/03/11 22:43:12 | 00,000,256 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/03/11 22:43:12 | 00,000,211 | -HS- | M] () -- C:\boot.ini
[2009/03/11 18:20:58 | 00,449,494 | ---- | M] () -- C:\Documents and Settings\Elvis\Desktop\Msconfig2.bmp
[2009/03/11 03:07:23 | 00,110,992 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/03/11 03:00:54 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/03/10 21:04:17 | 00,223,368 | ---- | M] () -- C:\Documents and Settings\Elvis\Desktop\CrucialScan.exe
[2009/03/10 19:13:35 | 00,000,629 | ---- | M] () -- C:\Documents and Settings\Elvis\Desktop\IsoBuster.lnk
[2009/03/10 19:03:13 | 00,000,534 | ---- | M] () -- C:\Documents and Settings\Elvis\Desktop\BitZipper.lnk
[2009/03/10 13:29:59 | 00,204,496 | ---- | M] (Malwarebytes) -- C:\Documents and Settings\Elvis\Desktop\StartUpLite.exe
[2009/03/10 12:19:00 | 00,000,479 | ---- | M] () -- C:\Documents and Settings\Elvis\Desktop\NTREGOPT.lnk
[2009/03/10 12:19:00 | 00,000,460 | ---- | M] () -- C:\Documents and Settings\Elvis\Desktop\ERUNT.lnk
[2009/03/10 09:39:38 | 05,760,054 | ---- | M] () -- C:\Documents and Settings\Elvis\Desktop\Look At this.bmp
[2009/03/07 18:38:37 | 00,010,382 | -HS- | M] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2009/03/07 08:33:27 | 00,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2009/03/06 22:59:47 | 00,000,501 | ---- | M] () -- C:\Documents and Settings\Elvis\Desktop\Tweak UI.lnk
[2009/03/06 22:27:07 | 00,000,489 | ---- | M] () -- C:\Documents and Settings\Elvis\Desktop\Cpuz.lnk
[2009/03/06 17:51:30 | 00,001,486 | ---- | M] () -- C:\Documents and Settings\Elvis\Desktop\Calculator.lnk
[2009/03/06 04:33:12 | 00,000,056 | RHS- | M] () -- C:\WINDOWS\System32\4F3DA9204E.sys
[2009/03/06 04:32:15 | 00,001,445 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\DivX Movies.lnk
[2009/03/06 04:32:15 | 00,000,728 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\DivX Player.lnk
[2009/03/05 22:49:42 | 00,000,100 | ---- | M] () -- C:\WINDOWS\lexstat.ini
[2009/03/05 16:47:06 | 00,001,509 | ---- | M] () -- C:\Documents and Settings\Elvis\Desktop\Windows Explorer.lnk
[2009/03/05 14:09:42 | 00,004,608 | ---- | M] () -- C:\Documents and Settings\Elvis\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/03/04 23:49:05 | 00,000,646 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\DivX Converter.lnk
[2009/03/04 22:43:38 | 00,000,602 | ---- | M] () -- C:\Documents and Settings\Elvis\Desktop\Dvd list.lnk
[2009/03/04 15:22:50 | 00,000,727 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2009/03/04 13:18:08 | 00,000,003 | ---- | M] () -- C:\WINDOWS\sbacknt.bin
[2009/03/04 13:16:10 | 00,152,904 | ---- | M] () -- C:\WINDOWS\System32\vghd.scr
[2009/03/04 12:24:42 | 00,000,404 | ---- | M] () -- C:\Documents and Settings\Elvis\Desktop\Emule Directory.lnk
[2009/03/04 10:04:42 | 00,000,365 | ---- | M] () -- C:\Documents and Settings\Elvis\Desktop\Download.lnk
[2009/03/03 18:03:15 | 00,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2009/03/03 18:03:15 | 00,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2009/03/03 18:01:33 | 00,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2009/03/03 18:00:24 | 00,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
[2009/03/03 14:30:37 | 00,017,856 | ---- | M] () -- C:\Documents and Settings\Elvis\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009/03/03 12:56:10 | 00,000,770 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Movie Collector.lnk
[2009/03/03 09:26:41 | 00,024,598 | ---- | M] () -- C:\Documents and Settings\Elvis\Application Data\Comma Separated Values (Windows).ADR
[2009/03/03 09:19:29 | 00,000,376 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2009/03/03 09:18:07 | 00,001,598 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
[2009/03/03 09:14:37 | 00,002,617 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2009/03/03 08:41:30 | 00,062,009 | ---- | M] (Portrait Displays, Inc.) -- C:\WINDOWS\System32\wpfb_vtdisp.dll
[2009/03/03 03:17:48 | 00,001,869 | ---- | M] () -- C:\Documents and Settings\Elvis\Desktop\oledlg.ini
[2009/03/03 03:06:03 | 00,000,076 | -HS- | M] () -- C:\Documents and Settings\Elvis\My Documents\desktop.ini
[2009/03/03 00:57:27 | 00,250,048 | RHS- | M] () -- C:\ntldr
[2009/03/03 00:34:36 | 00,013,588 | ---- | M] () -- C:\WINDOWS\System32\wpa.bak
[2009/03/03 00:29:26 | 00,003,415 | ---- | M] () -- C:\WINDOWS\Ascd_tmp.ini
[2009/03/03 00:25:50 | 00,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2009/03/03 00:23:01 | 00,000,154 | ---- | M] () -- C:\Documents and Settings\Elvis\Desktop\Network Connections.lnk
[2009/03/03 00:10:56 | 00,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD
[2009/03/03 00:09:58 | 00,000,261 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2009/03/03 00:06:33 | 00,000,084 | -HS- | M] () -- C:\Documents and Settings\Elvis\Start Menu\Programs\Startup\desktop.ini
[2009/03/03 00:06:33 | 00,000,084 | -HS- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\desktop.ini
[2009/03/03 00:06:27 | 00,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2009/03/03 00:06:27 | 00,000,000 | RHS- | M] () -- C:\IO.SYS
[2009/03/03 00:06:27 | 00,000,000 | ---- | M] () -- C:\WINDOWS\control.ini
[2009/03/03 00:06:27 | 00,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2009/03/03 00:06:27 | 00,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2009/03/03 00:06:06 | 00,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2009/03/03 00:04:42 | 00,000,488 | RH-- | M] () -- C:\WINDOWS\System32\WindowsLogon.manifest
[2009/03/03 00:04:42 | 00,000,488 | RH-- | M] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2009/03/03 00:04:34 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\WindowsShell.Manifest
[2009/03/03 00:04:34 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2009/03/03 00:04:34 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2009/03/03 00:04:34 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2009/03/03 00:04:34 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2009/03/03 00:04:34 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2009/03/03 00:02:06 | 00,021,640 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009/03/03 00:01:54 | 00,000,037 | ---- | M] () -- C:\WINDOWS\vbaddin.ini
[2009/03/03 00:01:54 | 00,000,036 | ---- | M] () -- C:\WINDOWS\vb.ini
[2009/03/02 17:52:33 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\Elvis\Application Data\desktop.ini
[2009/03/02 17:52:33 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\All Users\Documents\desktop.ini
[2009/03/02 17:52:33 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\desktop.ini
[2009/02/25 15:54:59 | 24,768,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe
[2009/02/11 11:19:42 | 00,038,496 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/02/11 11:19:34 | 00,015,504 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

========== LOP Check ==========

[2009/03/10 11:18:03 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Application Data
[2009/03/10 11:18:12 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}
[2009/03/10 11:19:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DriverScanner
[2009/03/03 03:48:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Google
[2009/03/03 04:21:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/03/03 09:17:06 | 00,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2009/03/03 03:56:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2009/03/03 00:33:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2009/03/10 19:03:15 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Elvis\Application Data
[2009/03/03 08:34:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Elvis\Application Data\Adobe
[2009/03/10 19:03:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Elvis\Application Data\BitZipper
[2009/03/03 08:44:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Elvis\Application Data\DisplayTune
[2009/03/05 00:21:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Elvis\Application Data\DivX
[2009/03/05 10:31:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Elvis\Application Data\DVD2AVI Ripper Professional
[2009/03/04 10:24:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Elvis\Application Data\eMule
[2009/03/03 03:49:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Elvis\Application Data\Google
[2009/03/10 12:22:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Elvis\Application Data\Help
[2009/03/03 02:43:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Elvis\Application Data\ICQ
[2009/03/03 00:14:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Elvis\Application Data\Identities
[2009/03/03 08:38:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Elvis\Application Data\InterTrust
[2009/03/03 11:14:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Elvis\Application Data\IObit
[2009/03/03 08:34:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Elvis\Application Data\Macromedia
[2009/03/03 04:21:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Elvis\Application Data\Malwarebytes
[2009/03/04 12:41:10 | 00,000,000 | --SD | M] -- C:\Documents and Settings\Elvis\Application Data\Microsoft
[2009/03/05 23:53:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Elvis\Application Data\Miranda
[2009/03/03 00:25:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Elvis\Application Data\Mozilla
[2009/03/03 04:29:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Elvis\Application Data\Sun
[2009/03/03 03:56:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Elvis\Application Data\SUPERAntiSpyware.com
[2009/03/10 11:18:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Elvis\Application Data\Uniblue
[2009/03/04 14:40:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Elvis\Application Data\vghd
[2009/03/04 09:45:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Elvis\Application Data\WeatherBug
[2004/08/04 07:00:00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini
[2009/03/12 13:39:54 | 00,000,302 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job
[2009/03/12 13:36:49 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT

========== Purity Check ==========

< End of report >

And The Extras

OTListIt Extras logfile created on: 3/12/2009 2:56:55 PM - Run 1
OTListIt2 by OldTimer - Version 2.0.3.5 Folder = C:\Documents and Settings\Elvis\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18372)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.97 Gb Total Physical Memory | 1.56 Gb Available Physical Memory | 79.50% Memory free
3.82 Gb Paging File | 3.47 Gb Available in Paging File | 90.89% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 76.68 Gb Total Space | 67.45 Gb Free Space | 87.96% Space Free | Partition Type: NTFS
Drive D: | 76.69 Gb Total Space | 68.46 Gb Free Space | 89.28% Space Free | Partition Type: NTFS
Drive E: | 232.88 Gb Total Space | 155.79 Gb Free Space | 66.90% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: RONALD
Current User Name: Elvis
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 (Microsoft Corporation)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0217E1D1-BCEF-4A61-AF6D-F7740F65A066}" = Pivot Software
"{0DEA342C-15CB-4F52-97B6-06A9C4B9C06F}" = SDK
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216012FF}" = Java™ 6 Update 12
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{70DECFBF-9119-4434-B2D3-A3C283D15E45}" = WeatherBug
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Pro
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{90280409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional with FrontPage
"{9E2BAFF1-4FB9-4553-94A4-ED280DE79B23}" = MemTurbo 3.0
"{A06275F4-324B-4E85-95E6-87B2CD729401}" = Windows Defender
"{A586DC50-B18D-48FB-B7CC-A598200457C2}" = Acer eDisplay Management
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{C427E746-4EC9-4E3C-AACB-C6BB1F714D7F}" = Uniblue DriverScanner 2009
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{FB46B7D6-3BD9-43BD-A6BB-98273F53E1B1}" = DeckBot 5.3.6
"Adobe Acrobat 5.0" = Adobe Acrobat 5.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Advanced SystemCare 3_is1" = Advanced SystemCare 3
"Aoork DVD2AVI Pro3.0" = Aoork DVD2AVI Pro
"ASUS Probe V2.20.08" = ASUS Probe V2.20.08
"AsusUpdate" = AsusUpdate
"avast!" = avast! Antivirus
"AviSynth" = AviSynth 2.5
"BitZipper_is1" = BitZipper 5.1
"BPFTP Server" = BPFTP Server (remove only)
"Collectorz.com Movie Collector" = Collectorz.com Movie Collector
"DivX 5.0.2 Pro Bundle" = DivX 5.0.2 Pro Bundle
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DVD Decrypter" = DVD Decrypter (Remove Only)
"eMule" = eMule
"ERUNT_is1" = ERUNT 1.1j
"Eusing Free Registry Cleaner" = Eusing Free Registry Cleaner
"Gordian Knot" = Gordian Knot Rip Pack 0.28.7
"HijackThis" = HijackThis 2.0.2
"ICQ" = ICQ
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8 Release Candidate 1
"InstallShield_{FB46B7D6-3BD9-43BD-A6BB-98273F53E1B1}" = DeckBot 5.3.6
"IsoBuster_is1" = IsoBuster 2.5
"Lexmark 1200 Series" = Lexmark 1200 Series
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Miranda IM" = Miranda IM 0.7.17
"Mozilla Firefox (3.0.7)" = Mozilla Firefox (3.0.7)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Mx Monitor" = Mx Monitor 1.29 Eb
"Nero - Burning Rom!UninstallKey" = Nero 6 Enterprise Edition
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"P35U Camera Capture" = P35U Camera Capture
"Trillian" = Trillian
"Tweak UI 2.10" = Tweak UI
"Uniblue DriverScanner 2009" = Uniblue DriverScanner 2009
"VN_VUIns_Rhine_VIA" = VIA Rhine-Family Fast-Ethernet Adapter
"VobSub" = VobSub v2.23 (Remove Only)
"VTDisplay" = S3 S3Display
"VTGamma2" = S3 S3Gamma2
"VTInfo2" = S3 S3Info2
"VTOverlay" = S3 S3Overlay
"Winamp" = Winamp (remove only)
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"Winmx Community 1" = Winmx Community 1
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XoftSpySE" = XoftSpySE

========== Last 10 Event Log Errors ==========

[ Antivirus Events ]
Error - 3/3/2009 6:17:35 PM | Computer Name = RONALD | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
D:\RECYCLER\NPROTECT\00000187.xls failed, 00000005.

Error - 3/3/2009 6:17:35 PM | Computer Name = RONALD | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
D:\RECYCLER\NPROTECT\00000188.XLS failed, 00000005.

Error - 3/3/2009 6:17:35 PM | Computer Name = RONALD | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
D:\RECYCLER\NPROTECT\00000190.XLS failed, 00000005.

Error - 3/3/2009 6:17:35 PM | Computer Name = RONALD | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
D:\RECYCLER\NPROTECT\00000192.doc failed, 00000005.

Error - 3/3/2009 6:17:35 PM | Computer Name = RONALD | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
D:\RECYCLER\NPROTECT\00000193.XLS failed, 00000005.

Error - 3/3/2009 6:17:35 PM | Computer Name = RONALD | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
D:\RECYCLER\NPROTECT\00000194.XLS failed, 00000005.

Error - 3/3/2009 6:18:00 PM | Computer Name = RONALD | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
D:\RECYCLER\NPROTECT\00001665.JPG failed, 00000005.

[ Application Events ]
Error - 3/5/2009 11:27:50 AM | Computer Name = RONALD | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18372, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 3/5/2009 11:31:52 AM | Computer Name = RONALD | Source = Application Error | ID = 1000
Description = Faulting application video.exe, version 3.5.0.81, faulting module
ntdll.dll, version 5.1.2600.5512, fault address 0x000108d3.

Error - 3/5/2009 11:33:21 AM | Computer Name = RONALD | Source = Application Hang | ID = 1002
Description = Hanging application video.exe, version 3.5.0.81, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 3/6/2009 7:18:02 PM | Computer Name = RONALD | Source = G6FTPServer.exe | ID = 1
Description =

Error - 3/6/2009 7:18:34 PM | Computer Name = RONALD | Source = G6FTPServer.exe | ID = 1
Description =

Error - 3/6/2009 7:21:24 PM | Computer Name = RONALD | Source = G6FTPServer.exe | ID = 1
Description =

Error - 3/7/2009 2:10:51 AM | Computer Name = RONALD | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 1.9.0.3334, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 3/8/2009 3:37:58 PM | Computer Name = RONALD | Source = Application Hang | ID = 1002
Description = Hanging application Setup.exe, version 0.0.0.0, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 3/12/2009 1:37:42 AM | Computer Name = RONALD | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.5512, faulting
module unknown, version 0.0.0.0, fault address 0x100030b6.

Error - 3/12/2009 1:37:51 AM | Computer Name = RONALD | Source = Application Error | ID = 1000
Description = Faulting application drwtsn32.exe, version 5.1.2600.0, faulting module
dbghelp.dll, version 5.1.2600.5512, fault address 0x0001295d.

[ System Events ]
Error - 3/11/2009 11:24:00 PM | Computer Name = RONALD | Source = Service Control Manager | ID = 7000
Description = The Aspi32 service failed to start due to the following error: %%2

Error - 3/11/2009 11:24:00 PM | Computer Name = RONALD | Source = Service Control Manager | ID = 7023
Description = The IPSEC Services service terminated with the following error: %%2148074295

Error - 3/11/2009 11:31:27 PM | Computer Name = RONALD | Source = Service Control Manager | ID = 7000
Description = The Aspi32 service failed to start due to the following error: %%2

Error - 3/11/2009 11:31:27 PM | Computer Name = RONALD | Source = Service Control Manager | ID = 7023
Description = The IPSEC Services service terminated with the following error: %%2148074295

Error - 3/11/2009 11:41:46 PM | Computer Name = RONALD | Source = Service Control Manager | ID = 7000
Description = The Aspi32 service failed to start due to the following error: %%2

Error - 3/11/2009 11:41:46 PM | Computer Name = RONALD | Source = Service Control Manager | ID = 7023
Description = The IPSEC Services service terminated with the following error: %%2148074295

Error - 3/11/2009 11:44:57 PM | Computer Name = RONALD | Source = Service Control Manager | ID = 7000
Description = The Aspi32 service failed to start due to the following error: %%2

Error - 3/11/2009 11:44:57 PM | Computer Name = RONALD | Source = Service Control Manager | ID = 7023
Description = The IPSEC Services service terminated with the following error: %%2148074295

Error - 3/12/2009 1:41:19 AM | Computer Name = RONALD | Source = Service Control Manager | ID = 7000
Description = The Aspi32 service failed to start due to the following error: %%2

Error - 3/12/2009 1:41:19 AM | Computer Name = RONALD | Source = Service Control Manager | ID = 7023
Description = The IPSEC Services service terminated with the following error: %%2148074295

< End of report >

#8
Essexboy

Posted 13 March 2009 - 03:25 AM

GeekU Moderator

Retired Staff
69,964 posts

I was hoping that that log would show me the problem as according to MS here it may be a small registry error

Would you be happy doing a registry export from regedit ?

#9
rshaffer61

Posted 13 March 2009 - 05:20 AM

Moderator

Topic Starter
Moderator
34,114 posts

Sure I've done those before. I've disabled Dr Watson so many times in the past that exporting doesn't bother me. Just let me know where to go .

#10
Essexboy

Posted 13 March 2009 - 05:30 AM

GeekU Moderator

Retired Staff
69,964 posts

OK open regedit and navigate to this key

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Right click the key and select Export

Once on your desktop then Zip and attach please

#11
rshaffer61

Posted 13 March 2009 - 05:35 AM

Moderator

Topic Starter
Moderator
34,114 posts

Here ya go. Easy as 1,2,3

#12
rshaffer61

Posted 13 March 2009 - 11:55 AM

Moderator

Topic Starter
Moderator
34,114 posts

I just wanted to let you know I have deleted the 2 offending files. They both had keygens in them and thinking back I believe this is when my problems started. I apologize for this and hope with your help we can fix the popup problem. The last time I rebooted the only popup I'm getting now is the folder named C:\Windows. Like the System32 folder that was poping up all it says is that this folder contains hidden files. I hope this helps you with finding the problem.

Ron

#13
Essexboy

Posted 13 March 2009 - 12:36 PM

GeekU Moderator

Retired Staff
69,964 posts

This windows folder that opens does it contain any visible files ? and is that the way it is spelt not wind0ws

To ensure that I get all the information this log will need to be attached (instructions at the end) if it is to large to attach then upload to Mediafire and post the sharing link.

Download OTScanit2 to your Desktop and double-click on it to extract the files. It will create a folder named OTScanIt on your desktop.

Close ALL OTHER PROGRAMS.
Open the OTScanit folder and double-click on OTScanit.exe to start the program.
Check the box that says Scan All Users
Check the Radio button for Rootkit check YES
Under Additional Scans check the following:
- File - Lop Check
- File - Purity Scan
- Evnt - EventViewer Errors/Warnings (last 10)
Now click the Run Scan button on the toolbar.
Let it run unhindered until it finishes.
When the scan is complete Notepad will open with the report file loaded in it.
Click the Format menu and make sure that Wordwrap is not checked. If it is then click on it to uncheck it.

Please attach the log in your next post.

To attach a file, do the following:

Click Add Reply
Under the reply panel is the Attachments Panel
Browse for the attachment file you want to upload, then click the green Upload button
Once it has uploaded, click the Manage Current Attachments drop down box
Click on to insert the attachment into your post

#14
rshaffer61

Posted 13 March 2009 - 12:53 PM

Moderator

Topic Starter
Moderator
34,114 posts

Here ya go Thank you again for the help. The folder contains no files. just says that this folder contains hidden files and on the left it says to show hidden files click here. I can take a screen shot to show you if this will help
The folder name is
C:\Windows
not Wind0ws
I hope this helps.
Thanks, Ron

Edited by rshaffer61, 13 March 2009 - 12:57 PM.