Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

NTOSKRNL - HOOK

Started by bd7447 , Apr 29 2009 02:04 PM

  • Please log in to reply

#1
bd7447
Posted 29 April 2009 - 02:04 PM

bd7447

    Member

  • Member
  • PipPip
  • 14 posts
Hi, and thanks for looking.

I've followed, as best I can, the instructions in the Malware Removal Guide. McAfee keeps identifying and removing/quarantining the following:

NROSKRNL-HOOK and Autorun.inf. Autorun.inf, in particular, is being copied to every drive. My IE is redirecting Google links to various sites, other than those to which the link refers. I have limited access to hard drives. Sometimes they open, sometimes not. The subfolders, when I get in, are similarly temperamental.


I've run the ATF Cleaner.


I can't use 'System Restore' as I am constantly told that I am unable to restore, even though there are restore points available.

I've run ERUNT and saved a backup of the registry.


I've downloaded Malwarebytes, and installed this. Unfortunately, it won't get an update, nor will the programme open and run, so I am unable to post anything from that here.


The following is my Rooter File:

Microsoft Windows XP Professional (5.1.2600) Service Pack 3

A:\ [Removable] (Total:0 Mo/Free:0 Mo)
C:\ [Fixed] - NTFS - (Total:245312 Mo/Free:1700 Mo)
D:\ [Fixed] - NTFS - (Total:476937 Mo/Free:967 Mo)
E:\ [Fixed] - NTFS - (Total:231624 Mo/Free:3372 Mo)
F:\ [CD-Rom] (Total:0 Mo/Free:0 Mo)
G:\ [Removable] (Total:0 Mo/Free:0 Mo)
H:\ [CD-Rom] (Total:0 Mo/Free:0 Mo)
I:\ [CD-Rom] (Total:0 Mo/Free:0 Mo)
J:\ [Removable] (Total:0 Mo/Free:0 Mo)

29/04/2009|20:53

----------------------\\ Processes..

--Locked-- [System Process]
---------- System
---------- \SystemRoot\System32\smss.exe
---------- \??\C:\WINDOWS\system32\csrss.exe
---------- \??\C:\WINDOWS\system32\winlogon.exe
---------- C:\WINDOWS\system32\services.exe
---------- C:\WINDOWS\system32\lsass.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\system32\spoolsv.exe
---------- C:\WINDOWS\Explorer.EXE
---------- C:\WINDOWS\ehome\ehtray.exe
---------- C:\WINDOWS\system32\RUNDLL32.EXE
---------- C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE
---------- C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe
---------- C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe
---------- C:\WINDOWS\CTHELPER.EXE
---------- C:\WINDOWS\system32\CTXFIHLP.EXE
---------- C:\Program Files\McAfee.com\Agent\mcagent.exe
---------- C:\Program Files\D-Tools\daemon.exe
---------- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
---------- C:\Program Files\iTunes\iTunesHelper.exe
---------- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
---------- C:\WINDOWS\system32\ctfmon.exe
---------- C:\Program Files\Eraser\eraser.exe
---------- C:\WINDOWS\SYSTEM32\CTXFISPI.EXE
---------- C:\Program Files\WinZip\WZQKPICK.EXE
---------- C:\Program Files\Creative\ShareDLL\CADI\NotiMan.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
---------- C:\Program Files\Bonjour\mDNSResponder.exe
---------- C:\WINDOWS\eHome\ehRecvr.exe
---------- C:\WINDOWS\eHome\ehSched.exe
---------- C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
---------- c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
---------- c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
---------- C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
---------- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
---------- C:\Program Files\McAfee\MPF\MPFSrv.exe
---------- C:\WINDOWS\system32\nvsvc32.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\Program Files\iPod\bin\iPodService.exe
---------- C:\WINDOWS\system32\dllhost.exe
---------- C:\WINDOWS\System32\alg.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\WINDOWS\eHome\ehmsas.exe
---------- C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
---------- c:\PROGRA~1\mcafee\VIRUSS~1\mcvsshld.exe
---------- C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
---------- C:\Program Files\Internet Explorer\iexplore.exe
---------- C:\WINDOWS\system32\cmd.exe
---------- C:\Rooter$\RK.exe

----------------------\\ Search..

----------------------\\ ROOTKIT !!


----------------------\\ Rogues..

C:\DOCUME~1\Bernie\APPLIC~1\AdwareAlert


1 - "C:\Rooter$\Rooter_1.txt" - 29/04/2009|20:53

----------------------\\ Scan completed at 20:53


The following is the OTListIt2 Log:

OTListIt logfile created on: 29/04/2009 21:00:14 - Run 1
OTListIt2 by OldTimer - Version 2.0.14.0 Folder = C:\Documents and Settings\Bernie\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 100.00% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 239.56 Gb Total Space | 137.66 Gb Free Space | 57.46% Space Free | Partition Type: NTFS
Drive D: | 465.76 Gb Total Space | 40.94 Gb Free Space | 8.79% Space Free | Partition Type: NTFS
Drive E: | 226.20 Gb Total Space | 143.29 Gb Free Space | 63.35% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: DADS
Current User Name: Bernie
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On

========== Processes (SafeList) ==========

PRC - C:\WINDOWS\Explorer.EXE (Microsoft Corporation)
PRC - C:\WINDOWS\ehome\ehtray.exe (Microsoft Corporation)
PRC - C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE (Creative Technology Ltd)
PRC - C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe (Creative Technology Ltd.)
PRC - C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe (Creative Technology Ltd)
PRC - C:\WINDOWS\CTHELPER.EXE (Creative Technology Ltd)
PRC - C:\WINDOWS\system32\CTXFIHLP.EXE (Creative Technology Ltd)
PRC - C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
PRC - C:\Program Files\D-Tools\daemon.exe (DAEMON'S HOME)
PRC - C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
PRC - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
PRC - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
PRC - C:\Program Files\Eraser\eraser.exe (-)
PRC - C:\WINDOWS\SYSTEM32\CTXFISPI.EXE (Creative Technology Ltd)
PRC - C:\Program Files\WinZip\WZQKPICK.EXE (WinZip Computing, S.L.)
PRC - C:\Program Files\Creative\ShareDLL\CADI\NotiMan.exe (Creative Technology Ltd.)
PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
PRC - C:\WINDOWS\eHome\ehRecvr.exe (Microsoft Corporation)
PRC - C:\WINDOWS\eHome\ehSched.exe (Microsoft Corporation)
PRC - C:\Program Files\McAfee\MSC\mcmscsvc.exe (McAfee, Inc.)
PRC - c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe (McAfee, Inc.)
PRC - c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe (McAfee, Inc.)
PRC - C:\Program Files\McAfee\VirusScan\Mcshield.exe (McAfee, Inc.)
PRC - C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)
PRC - C:\Program Files\McAfee\MPF\MPFSrv.exe (McAfee, Inc.)
PRC - C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Corporation)
PRC - C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
PRC - C:\WINDOWS\eHome\ehmsas.exe (Microsoft Corporation)
PRC - C:\Program Files\McAfee\VirusScan\mcsysmon.exe (McAfee, Inc.)
PRC - c:\Program Files\McAfee\VirusScan\mcvsshld.exe (McAfee, Inc.)
PRC - C:\Program Files\McAfee\VirusScan\mcods.exe (McAfee, Inc.)
PRC - C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
PRC - C:\Documents and Settings\Bernie\Desktop\OTListIt2.exe (OldTimer Tools)

========== Win32 Services (SafeList) ==========

SRV - (Adobe LM Service [On_Demand | Stopped]) -- C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe ()
SRV - (Apple Mobile Device [Auto | Running]) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (Bonjour Service [Auto | Running]) -- C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
SRV - (ehRecvr [Auto | Running]) -- C:\WINDOWS\eHome\ehRecvr.exe (Microsoft Corporation)
SRV - (ehSched [Auto | Running]) -- C:\WINDOWS\eHome\ehSched.exe (Microsoft Corporation)
SRV - (gusvc [On_Demand | Stopped]) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (Google)
SRV - (helpsvc [Auto | Running]) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SRV - (iPod Service [On_Demand | Running]) -- C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
SRV - (mcmscsvc [Auto | Running]) -- C:\Program Files\McAfee\MSC\mcmscsvc.exe (McAfee, Inc.)
SRV - (McNASvc [Auto | Running]) -- c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe (McAfee, Inc.)
SRV - (McODS [On_Demand | Running]) -- C:\Program Files\McAfee\VirusScan\mcods.exe (McAfee, Inc.)
SRV - (McProxy [Auto | Running]) -- c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe (McAfee, Inc.)
SRV - (McShield [Unknown | Running]) -- C:\Program Files\McAfee\VirusScan\Mcshield.exe (McAfee, Inc.)
SRV - (McSysmon [On_Demand | Running]) -- C:\Program Files\McAfee\VirusScan\mcsysmon.exe (McAfee, Inc.)
SRV - (MDM [Auto | Running]) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)
SRV - (MHN [On_Demand | Stopped]) -- C:\WINDOWS\System32\mhn.dll (Microsoft Corporation)
SRV - (MpfService [Auto | Running]) -- C:\Program Files\McAfee\MPF\MPFSrv.exe (McAfee, Inc.)
SRV - (NVSvc [Auto | Running]) -- C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Corporation)
SRV - (ose [On_Demand | Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (UMWdf [On_Demand | Stopped]) -- C:\WINDOWS\system32\wdfmgr.exe (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV - (Asapi [System | Running]) -- C:\WINDOWS\System32\drivers\asapi.sys (VOB Computersysteme GmbH)
DRV - (ctac32k [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\ctac32k.sys (Creative Technology Ltd)
DRV - (ctaud2k [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\ctaud2k.sys (Creative Technology Ltd)
DRV - (ctdvda2k [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\ctdvda2k.sys (Creative Technology Ltd)
DRV - (ctprxy2k [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\ctprxy2k.sys (Creative Technology Ltd)
DRV - (ctsfm2k [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\ctsfm2k.sys (Creative Technology Ltd)
DRV - (d347bus [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\d347bus.sys ( )
DRV - (d347prt [Boot | Running]) -- C:\WINDOWS\System32\Drivers\d347prt.sys ( )
DRV - (emupia [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\emupia2k.sys (Creative Technology Ltd)
DRV - (GEARAspiWDM [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - (ha20x2k [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\ha20x2k.sys (Creative Technology Ltd)
DRV - (mfeavfk [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\mfeavfk.sys (McAfee, Inc.)
DRV - (mfebopk [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\mfebopk.sys (McAfee, Inc.)
DRV - (mfehidk [System | Running]) -- C:\WINDOWS\system32\drivers\mfehidk.sys (McAfee, Inc.)
DRV - (mferkdk [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\mferkdk.sys (McAfee, Inc.)
DRV - (mfesmfk [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\mfesmfk.sys (McAfee, Inc.)
DRV - (MPFP [System | Running]) -- C:\WINDOWS\System32\Drivers\Mpfp.sys (McAfee, Inc.)
DRV - (Nsynas32 [Auto | Stopped]) -- C:\WINDOWS\System32\drivers\NSynas32.sys (Syncrosoft Hard- und Software GmbH)
DRV - (nv [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\nv4_mini.sys (NVIDIA Corporation)
DRV - (nvata [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\nvata.sys (NVIDIA Corporation)
DRV - (NVENETFD [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\NVENETFD.sys (NVIDIA Corporation)
DRV - (nvnetbus [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\nvnetbus.sys (NVIDIA Corporation)
DRV - (ossrv [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\ctoss2k.sys (Creative Technology Ltd.)
DRV - (Ptilink [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\ptilink.sys (Parallel Technologies, Inc.)
DRV - (PxHelp20 [Boot | Running]) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys (Sonic Solutions)
DRV - (Secdrv [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (SynasUSB [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\SynasUSB.sys (SIA Syncrosoft)
DRV - (USBAAPL [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\usbaapl.sys (Apple, Inc.)
DRV - (usbaudio [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\usbaudio.sys (Microsoft Corporation)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\PROGRAM FILES\REAL\REALPLAYER\BROWSERRECORD [2009/04/14 10:07:53 | 00,000,000 | ---D | M]


O1 HOSTS File: (736 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (WsftpBrowserHelper Class) - {601ED020-FB6C-11D3-87D8-0050DA59922B} - C:\Program Files\Ipswitch\WS_FTP Pro\wsbho2k0.dll (Ipswitch, Inc. 10 Maguire Road - Suite 220 Lexington, MA 02421)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\Program Files\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (&Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AudioDrvEmulator] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll" (Creative Technology Ltd.)
O4 - HKLM..\Run: [CTDVDDET] "C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE" (Creative Technology Ltd)
O4 - HKLM..\Run: [CTHelper] CTHELPER.EXE (Creative Technology Ltd)
O4 - HKLM..\Run: [CTxfiHlp] CTXFIHLP.EXE (Creative Technology Ltd)
O4 - HKLM..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033 (DAEMON'S HOME)
O4 - HKLM..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe (Microsoft Corporation)
O4 - HKLM..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" (Apple Inc.)
O4 - HKLM..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey (McAfee, Inc.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] nwiz.exe /install ()
O4 - HKLM..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime (Apple Inc.)
O4 - HKLM..\Run: [RCSystem] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" RCSystem * -Startup (Creative Technology Ltd.)
O4 - HKLM..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot (RealNetworks, Inc.)
O4 - HKLM..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE (Creative Technology Ltd.)
O4 - HKLM..\Run: [VolPanel] "C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe" /r (Creative Technology Ltd)
O4 - HKCU..\Run: [AdwareAlert] C:\Program Files\AdwareAlert\AdwareAlert.exe -boot File not found
O4 - HKCU..\Run: [Eraser] C:\Program Files\Eraser\eraser.exe -hide (-)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE (WinZip Computing, S.L.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [NWLink IPX/SPX/NetBIOS Compatible Transport Protocol] - C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {1803B9EF-9905-4F34-AFC4-05D1BAB28801} http://download.yaho...bt/yregucfg.cab (RegUserCfgUI Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - Autorun File - C:\AUTOEXEC.BAT () - [ NTFS ]
O32 - Autorun File - D:\AUTOEXEC.BAT () - [ NTFS ]
O32 - Autorun File - D:\autorun.inf () - [ NTFS ]
O32 - Autorun File - E:\autorun.inf () - [ NTFS ]
O33 - MountPoints2\{7f8702ec-2e97-11de-9d3b-00155838ad70}\Shell - "" = Autorun
O33 - MountPoints2\{7f8702ec-2e97-11de-9d3b-00155838ad70}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{7f8702ec-2e97-11de-9d3b-00155838ad70}\Shell\Open\command - "" = K:\RECYCLER\S-7-5-33-100006533-100003565-100015352-8854.com -- File not found
O33 - MountPoints2\{b126fa29-1fbe-11de-8c01-806d6172696f}\Shell - "" = Autorun
O33 - MountPoints2\{b126fa29-1fbe-11de-8c01-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{b126fa29-1fbe-11de-8c01-806d6172696f}\Shell\Open\command - "" = D:\RECYCLER\S-2-8-54-100027608-100009675-100016926-2744.com -- [2009/04/25 20:16:58 | 00,023,040 | RHS- | M] ()
O33 - MountPoints2\{b126fa2b-1fbe-11de-8c01-806d6172696f}\Shell - "" = Autorun
O33 - MountPoints2\{b126fa2b-1fbe-11de-8c01-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{b126fa2b-1fbe-11de-8c01-806d6172696f}\Shell\Open\command - "" = E:\RECYCLER\S-2-8-54-100027608-100009675-100016926-2744.com -- [2009/04/25 20:16:58 | 00,023,040 | RHS- | M] ()
O33 - MountPoints2\C\Shell - "" = Autorun
O33 - MountPoints2\C\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\C\Shell\Open\command - "" = C:\RECYCLER\S-5-9-91-100027804-100014472-100027542-7614.com -- File not found
O33 - MountPoints2\D\Shell - "" = Autorun
O33 - MountPoints2\D\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\D\Shell\Open\command - "" = D:\RECYCLER\S-5-9-91-100027804-100014472-100027542-7614.com -- [2009/04/25 20:16:58 | 00,023,040 | RHS- | M] ()
O33 - MountPoints2\E\Shell - "" = Autorun
O33 - MountPoints2\E\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\E\Shell\Open\command - "" = E:\RECYCLER\S-5-9-91-100027804-100014472-100027542-7614.com -- [2009/04/25 20:16:58 | 00,023,040 | RHS- | M] ()
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found

========== Files/Folders - Created Within 30 Days ==========

[1 C:\WINDOWS\System32\*.tmp files]
[30 C:\WINDOWS\*.tmp files]
[2009/04/29 20:59:51 | 00,501,248 | ---- | C] (OldTimer Tools) -- C:\DOCUME~1\Bernie\Desktop\OTListIt2.exe
[2009/04/29 20:53:13 | 00,000,000 | ---D | C] -- C:\Rooter$
[2009/04/29 19:56:15 | 00,001,734 | ---- | C] () -- C:\DOCUME~1\Bernie\Desktop\HijackThis.lnk
[2009/04/29 19:56:15 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009/04/29 18:59:32 | 00,015,504 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/04/29 18:59:32 | 00,000,696 | ---- | C] () -- C:\DOCUME~1\ALLUSE~1\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/04/29 18:59:30 | 00,038,496 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/04/29 18:59:29 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/04/29 18:59:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/04/29 18:45:07 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2009/04/29 18:44:43 | 00,000,611 | ---- | C] () -- C:\DOCUME~1\Bernie\Desktop\NTREGOPT.lnk
[2009/04/29 18:44:43 | 00,000,592 | ---- | C] () -- C:\DOCUME~1\Bernie\Desktop\ERUNT.lnk
[2009/04/29 18:44:43 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2009/04/29 18:26:51 | 00,000,498 | ---- | C] () -- C:\WINDOWS\tasks\AdwareAlert Scheduled Scan.job
[2009/04/29 18:26:51 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Bernie\Application Data\AdwareAlert
[2009/04/29 18:14:34 | 00,000,000 | ---D | C] -- C:\Program Files\XoftSpySE
[2009/04/29 18:06:28 | 01,413,120 | ---- | C] (Option^Explicit Software Solutions) -- C:\DOCUME~1\Bernie\Desktop\winsockfix.exe
[2009/04/29 18:06:04 | 00,000,000 | ---D | C] -- C:\ERDNT
[2009/04/28 12:40:22 | 00,000,000 | -HSD | C] -- C:\WINDOWS\CSC
[2009/04/26 14:23:29 | 00,000,000 | ---D | C] -- C:\DOCUME~1\Bernie\My Documents\Downloaded FLV
[2009/04/26 13:49:17 | 00,001,804 | ---- | C] () -- C:\DOCUME~1\ALLUSE~1\Desktop\iTunes.lnk
[2009/04/26 13:49:04 | 00,000,000 | ---D | C] -- C:\Program Files\iPod
[2009/04/26 13:49:02 | 00,000,000 | ---D | C] -- C:\Program Files\iTunes
[2009/04/26 13:49:02 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2009/04/24 20:57:26 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Bernie\Application Data\Moyea
[2009/04/24 20:57:24 | 00,000,000 | ---D | C] -- C:\Program Files\Moyea
[2009/04/24 16:49:09 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Bernie\Local Settings\Application Data\WMTools Downloaded Files
[2009/04/24 15:19:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Bernie\Local Settings\Application Data\Adobe
[2009/04/24 15:19:23 | 00,000,734 | ---- | C] () -- C:\DOCUME~1\ALLUSE~1\Desktop\Acrobat.com.lnk
[2009/04/24 15:19:07 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2009/04/24 15:18:32 | 00,001,729 | ---- | C] () -- C:\DOCUME~1\ALLUSE~1\Desktop\Adobe Reader 9.lnk
[2009/04/20 19:14:30 | 00,000,000 | ---D | C] -- C:\DOCUME~1\Bernie\My Documents\My Demo
[2009/04/20 19:14:25 | 00,000,000 | ---D | C] -- C:\DOCUME~1\Bernie\My Documents\DemoCreator
[2009/04/20 19:14:25 | 00,000,000 | ---D | C] -- C:\DOCUME~1\Bernie\My Documents\AudioToolsX Log Files
[2009/04/20 19:12:23 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Bernie\Application Data\DemoCreator
[2009/04/16 17:02:00 | 00,000,349 | ---- | C] () -- C:\DOCUME~1\ALLUSE~1\Documents\PCLECHAL.INI
[2009/04/15 09:20:13 | 00,473,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fastprox.dll
[2009/04/15 09:20:13 | 00,401,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcss.dll
[2009/04/15 09:20:13 | 00,284,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pdh.dll
[2009/04/15 09:20:13 | 00,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\services.exe
[2009/04/15 09:20:12 | 00,729,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lsasrv.dll
[2009/04/15 09:20:12 | 00,714,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntdll.dll
[2009/04/15 09:20:12 | 00,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\advapi32.dll
[2009/04/15 09:20:12 | 00,453,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprvsd.dll
[2009/04/15 09:20:12 | 00,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprvse.exe
[2009/04/15 09:19:17 | 01,203,922 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sysmain.sdb
[2009/04/15 09:19:17 | 00,215,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wordpad.exe
[2009/04/15 09:19:17 | 00,002,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsp4res.dll
[2009/04/14 13:48:07 | 00,000,000 | ---D | C] -- C:\Program Files\Dziobas Rar Player
[2009/04/14 10:07:53 | 00,000,897 | ---- | C] () -- C:\DOCUME~1\ALLUSE~1\Desktop\RealPlayer.lnk
[2009/04/14 10:07:53 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared
[2009/04/14 10:07:46 | 00,278,528 | ---- | C] (Real Networks, Inc) -- C:\WINDOWS\System32\pncrt.dll
[2009/04/14 10:07:46 | 00,000,000 | ---D | C] -- C:\Program Files\Real
[2009/04/14 10:07:44 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Real
[2009/04/14 10:07:43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Bernie\Application Data\Real
[2009/04/13 13:09:50 | 00,000,000 | ---D | C] -- C:\Program Files\Norton Security Scan
[2009/04/13 10:08:29 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Adobe
[2009/04/13 08:59:54 | 00,000,000 | ---D | C] -- C:\Program Files\GForce
[2009/04/13 08:50:09 | 00,000,000 | ---D | C] -- C:\DOCUME~1\Bernie\My Documents\ArtsAcoustic Reverb
[2009/04/13 08:50:06 | 00,000,000 | ---D | C] -- C:\Program Files\ArtsAcoustic Reverb
[2009/04/13 08:50:06 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ArtsAcoustic
[2009/04/13 08:46:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Cakewalk
[2009/04/13 08:46:23 | 00,000,000 | ---D | C] -- C:\Program Files\z3ta+
[2009/04/13 08:44:09 | 00,017,408 | ---- | C] () -- C:\WINDOWS\System32\minimp3.exe
[2009/04/12 15:05:04 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2009/04/12 10:12:25 | 00,001,619 | ---- | C] () -- C:\DOCUME~1\ALLUSE~1\Desktop\WS_FTP Pro.lnk
[2009/04/12 10:12:19 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Bernie\Application Data\Ipswitch
[2009/04/12 10:12:16 | 00,000,000 | ---D | C] -- C:\Program Files\Ipswitch
[2009/04/12 09:38:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Bernie\Application Data\Media Player Classic
[2009/04/12 09:27:09 | 00,000,000 | ---D | C] -- C:\Program Files\Combined Community Codec Pack
[2009/04/11 17:44:25 | 00,001,807 | ---- | C] () -- C:\DOCUME~1\ALLUSE~1\Desktop\Macromedia Dreamweaver 8.lnk
[2009/04/11 17:43:16 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Macromedia
[2009/04/11 17:43:04 | 00,000,000 | ---D | C] -- C:\Program Files\Macromedia
[2009/04/11 17:43:04 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Macromedia
[2009/04/11 12:06:59 | 00,000,000 | ---D | C] -- C:\Program Files\Antares
[2009/04/10 17:38:24 | 00,000,000 | ---D | C] -- C:\Program Files\Eraser
[2009/04/09 08:46:05 | 00,000,000 | ---D | C] -- C:\DOCUME~1\Bernie\My Documents\NeroVision
[2009/04/08 20:12:43 | 00,000,606 | ---- | C] () -- C:\DOCUME~1\Bernie\Desktop\WinISO.lnk
[2009/04/08 20:12:43 | 00,000,000 | ---D | C] -- C:\Program Files\WinISO
[2009/04/07 13:48:56 | 00,000,898 | ---- | C] () -- C:\DOCUME~1\Bernie\Desktop\Shortcut to TubeHunter.lnk
[2009/04/05 22:05:00 | 00,013,646 | ---- | C] () -- C:\WINDOWS\System32\wpa.bak
[2009/04/05 19:16:23 | 00,043,062 | ---- | C] () -- C:\DOCUME~1\Bernie\My Documents\UserImages.bmp
[2009/04/05 19:03:25 | 00,000,104 | ---- | C] () -- C:\DOCUME~1\Bernie\Desktop\My Computer.lnk
[2009/04/05 13:14:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Syncrosoft
[2009/04/05 13:13:15 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Steinberg
[2009/04/05 13:13:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Steinberg
[2009/04/05 12:34:12 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Bernie\Application Data\VST3 Presets
[2009/04/05 00:03:10 | 00,060,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\USBAUDIO.sys
[2009/04/05 00:03:10 | 00,060,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbaudio.sys
[2009/04/05 00:01:22 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Bernie\Local Settings\Application Data\Spectrasonics
[2009/04/04 18:59:35 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Bernie\Application Data\Waves
[2009/04/04 18:57:19 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Bernie\Application Data\Waves Preferences
[2009/04/04 18:53:33 | 00,000,712 | ---- | C] () -- C:\DOCUME~1\Bernie\Desktop\WaveLab.lnk
[2009/04/04 18:53:10 | 00,611,840 | ---- | C] (VOB Computersysteme GmbH) -- C:\WINDOWS\System32\vobhw.dll
[2009/04/04 18:53:10 | 00,153,088 | ---- | C] () -- C:\WINDOWS\System32\IWUninstall.exe
[2009/04/04 18:53:10 | 00,019,456 | ---- | C] (VoB Computersysteme GmbH) -- C:\WINDOWS\System32\asapi.dll
[2009/04/04 18:53:10 | 00,011,264 | ---- | C] (VOB Computersysteme GmbH) -- C:\WINDOWS\System32\drivers\asapi.sys
[2009/04/04 18:53:10 | 00,000,000 | ---D | C] -- C:\Program Files\VOB
[2009/04/04 18:42:04 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Bernie\Application Data\FabFilter
[2009/04/04 18:42:04 | 00,000,000 | ---D | C] -- C:\DOCUME~1\Bernie\My Documents\FabFilter
[2009/04/04 18:41:13 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\VST3
[2009/04/04 18:41:12 | 00,000,000 | ---D | C] -- C:\Program Files\FabFilter
[2009/04/04 18:40:20 | 00,001,454 | ---- | C] () -- C:\DOCUME~1\ALLUSE~1\Desktop\GTR 3.lnk
[2009/04/04 18:39:17 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Bernie\Application Data\Waves Audio
[2009/04/04 18:38:39 | 00,499,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcp71.dll
[2009/04/04 18:38:38 | 01,060,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MFC71.dll
[2009/04/04 18:36:04 | 00,002,756 | ---- | C] () -- C:\WINDOWS\System32\ssolefw.dll
[2009/04/04 18:36:04 | 00,002,756 | ---- | C] () -- C:\WINDOWS\System32\sslibtth.dll
[2009/04/04 18:36:04 | 00,002,756 | ---- | C] () -- C:\WINDOWS\System32\sslibsd.dll
[2009/04/04 18:36:04 | 00,002,756 | ---- | C] () -- C:\WINDOWS\System32\sslibram.dll
[2009/04/04 18:36:04 | 00,002,756 | ---- | C] () -- C:\WINDOWS\System32\sslibqqe.dll
[2009/04/04 18:36:04 | 00,002,756 | ---- | C] () -- C:\WINDOWS\System32\sslibmmn.dll
[2009/04/04 18:36:04 | 00,002,756 | ---- | C] () -- C:\WINDOWS\System32\sslibgs.dll
[2009/04/04 18:36:04 | 00,002,756 | ---- | C] () -- C:\WINDOWS\System32\sslibff.dll
[2009/04/04 18:36:04 | 00,002,756 | ---- | C] () -- C:\WINDOWS\System32\sslibddf.dll
[2009/04/04 18:36:04 | 00,002,756 | ---- | C] () -- C:\WINDOWS\System32\solekuy.dll
[2009/04/04 18:36:04 | 00,002,756 | ---- | C] () -- C:\WINDOWS\System32\solegeh.dll
[2009/04/04 18:36:04 | 00,002,756 | ---- | C] () -- C:\WINDOWS\System32\slibeh.dll
[2009/04/04 18:35:53 | 00,678,746 | ---- | C] () -- C:\WINDOWS\unins000.exe
[2009/04/04 18:35:53 | 00,025,148 | ---- | C] () -- C:\WINDOWS\unins000.dat
[2009/04/04 18:35:53 | 00,000,000 | ---D | C] -- C:\Program Files\Sonalksis
[2009/04/04 18:34:37 | 00,000,000 | ---D | C] -- C:\Program Files\Sonnox
[2009/04/04 18:33:51 | 00,000,000 | ---D | C] -- C:\Program Files\Antares Audio Technologies
[2009/04/04 18:31:05 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Bernie\Application Data\iZotope
[2009/04/04 18:31:04 | 00,000,000 | ---D | C] -- C:\DOCUME~1\Bernie\My Documents\iZotope Ozone 4 Presets
[2009/04/04 18:31:03 | 00,000,000 | ---D | C] -- C:\Program Files\iZotope
[2009/04/04 17:05:29 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Digidesign
[2009/04/04 17:05:25 | 00,000,000 | ---D | C] -- C:\Program Files\Spectrasonics
[2009/04/04 16:55:23 | 80,486,400 | ---- | C] (Spectrasonics) -- C:\Program Files\Omnisphere.dll
[2009/04/04 16:10:32 | 00,000,000 | R--D | C] -- C:\DOCUME~1\Bernie\My Documents\My Videos
[2009/04/04 15:43:57 | 00,000,000 | ---D | C] -- C:\Program Files\Waves
[2009/04/04 15:33:48 | 01,777,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\gdiplus.dll
[2009/04/04 13:16:52 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[2009/04/04 13:16:30 | 00,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2009/04/04 13:09:28 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Bernie\Application Data\Apple Computer
[2009/04/04 13:08:51 | 00,001,604 | ---- | C] () -- C:\DOCUME~1\ALLUSE~1\Desktop\QuickTime Player.lnk
[2009/04/04 13:08:35 | 00,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2009/04/04 13:08:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
[2009/04/04 13:08:29 | 00,000,284 | ---- | C] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/04/04 13:08:28 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Bernie\Local Settings\Application Data\Apple
[2009/04/04 13:08:25 | 00,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2009/04/04 13:08:22 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
[2009/04/04 13:08:04 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2009/04/04 13:08:03 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple
[2009/04/04 13:07:43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Bernie\Local Settings\Application Data\Apple Computer
[2009/04/04 08:57:13 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ptpusb.dll
[2009/04/04 08:57:12 | 00,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbscan.sys
[2009/04/04 08:57:12 | 00,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbscan.sys
[2009/04/04 08:57:10 | 00,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ptpusd.dll
[2009/04/03 20:43:33 | 00,348,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcr71.dll
[2009/04/03 19:47:57 | 00,000,000 | ---D | C] -- C:\Program Files\Pinnacle
[2009/04/03 19:46:06 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Pinnacle
[2009/04/03 19:45:42 | 00,017,784 | ---- | C] (Syncrosoft Hard- und Software GmbH) -- C:\WINDOWS\System32\drivers\NSynas32.sys
[2009/04/03 19:18:06 | 00,147,425 | ---- | C] () -- C:\WINDOWS\System32\SYNSOACC-Aide.chm
[2009/04/03 19:18:06 | 00,120,468 | ---- | C] () -- C:\WINDOWS\System32\SYNSOACC-Hilfe.chm
[2009/04/03 19:18:06 | 00,114,279 | ---- | C] () -- C:\WINDOWS\System32\SYNSOACC-Help.chm
[2009/04/03 19:18:06 | 00,023,288 | ---- | C] (SIA Syncrosoft) -- C:\WINDOWS\System32\drivers\synasUSB.sys
[2009/04/03 19:17:52 | 00,045,056 | ---- | C] (SIA Syncrosoft) -- C:\WINDOWS\System32\Synsopos.exe
[2009/04/03 19:17:51 | 00,765,952 | ---- | C] (SIA Syncrosoft) -- C:\WINDOWS\System32\SYNSOACC.dll
[2009/04/03 19:17:51 | 00,147,456 | ---- | C] (SIA Syncrosoft) -- C:\WINDOWS\System32\SynsoLChk.dll
[2009/04/03 19:17:51 | 00,000,000 | ---D | C] -- C:\Program Files\Syncrosoft
[2009/04/03 19:17:44 | 00,001,821 | ---- | C] () -- C:\DOCUME~1\Bernie\Desktop\Cubase 4.lnk
[2009/04/03 19:16:54 | 00,000,000 | ---D | C] -- C:\Program Files\Steinberg
[2009/04/03 19:16:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Bernie\Application Data\Steinberg
[2009/04/03 16:39:25 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009/04/03 16:39:20 | 00,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mdimon.dll
[2009/04/03 16:38:40 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\L&H
[2009/04/03 16:38:34 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2009/04/03 16:38:29 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft ActiveSync
[2009/04/03 16:38:10 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2009/04/03 16:38:07 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Works
[2009/04/03 16:38:00 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio
[2009/04/03 16:37:49 | 00,000,000 | ---D | C] -- C:\WINDOWS\SHELLNEW
[2009/04/03 16:37:44 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2009/04/03 16:31:26 | 00,155,136 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\d347bus.sys
[2009/04/03 16:31:26 | 00,005,248 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\d347prt.sys
[2009/04/03 16:31:26 | 00,000,685 | ---- | C] () -- C:\DOCUME~1\ALLUSE~1\Desktop\DAEMON Tools.lnk
[2009/04/03 16:31:25 | 00,000,000 | ---D | C] -- C:\Program Files\D-Tools
[2009/04/03 16:27:27 | 00,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2009/04/03 16:24:08 | 00,000,000 | ---D | C] -- C:\WINDOWS\Downloaded Installations
[2009/04/03 16:20:15 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting
[2009/04/03 16:20:15 | 00,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2009/04/03 16:20:14 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\en
[2009/04/03 16:20:14 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2009/04/03 16:18:50 | 00,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2009/04/03 16:16:15 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2009/04/03 13:33:53 | 00,025,088 | ---- | C] () -- C:\Documents and Settings\Bernie\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/04/03 13:21:42 | 00,000,000 | ---D | C] -- C:\Downloads
[2009/04/03 12:04:39 | 00,000,000 | ---D | C] -- C:\Program Files\FlashGet
[2009/04/03 11:59:14 | 00,000,688 | ---- | C] () -- C:\DOCUME~1\Bernie\Desktop\Shortcut to hjsplit.lnk
[2009/04/03 01:50:04 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Bernie\Application Data\WinRAR
[2009/04/03 01:24:10 | 00,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009/04/03 00:07:15 | 00,000,000 | -HSD | C] -- C:\RECYCLER
[2009/04/03 00:06:37 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Bernie\Local Settings\Application Data\Ahead
[2009/04/03 00:05:12 | 00,002,327 | ---- | C] () -- C:\DOCUME~1\ALLUSE~1\Desktop\Nero StartSmart.lnk
[2009/04/03 00:02:16 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Bernie\Application Data\Ahead
[2009/04/03 00:01:45 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Ahead
[2009/04/02 23:52:28 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Bernie\Application Data\Nero
[2009/04/02 23:51:19 | 00,000,000 | ---D | C] -- C:\Program Files\Nero
[2009/04/02 23:51:13 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Nero
[2009/04/02 23:51:13 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Nero
[2009/04/02 23:46:15 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
[2009/04/02 23:32:55 | 00,001,690 | ---- | C] () -- C:\DOCUME~1\Bernie\Desktop\PerfectTablePlan 4.0.3.lnk
[2009/04/02 23:32:54 | 00,000,000 | ---D | C] -- C:\DOCUME~1\Bernie\My Documents\tableplans
[2009/04/02 23:32:53 | 00,000,000 | ---D | C] -- C:\Program Files\PerfectTablePlan
[2009/04/02 23:30:04 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Bernie\Application Data\Skype
[2009/04/02 23:29:54 | 00,001,878 | ---- | C] () -- C:\DOCUME~1\ALLUSE~1\Desktop\Skype.lnk
[2009/04/02 23:29:52 | 00,000,000 | R--D | C] -- C:\Program Files\Skype
[2009/04/02 23:29:50 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Skype
[2009/04/02 23:29:14 | 00,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2009/04/02 23:27:27 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Bernie\Local Settings\Application Data\Google
[2009/04/02 23:27:27 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Bernie\Application Data\Google
[2009/04/02 23:27:26 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Bernie\Local Settings\Application Data\WinZip
[2009/04/02 23:27:07 | 00,001,732 | ---- | C] () -- C:\DOCUME~1\ALLUSE~1\Desktop\WinZip.lnk
[2009/04/02 23:27:07 | 00,001,660 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WinZip Quick Pick.lnk
[2009/04/02 23:26:58 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2009/04/02 23:26:56 | 00,000,000 | ---D | C] -- C:\Program Files\WinZip
[2009/04/02 23:26:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Google
[2009/04/02 23:26:28 | 00,000,000 | ---D | C] -- C:\Program Files\Google
[2009/04/02 23:23:57 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2009/04/02 23:21:22 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Macrovision
[2009/04/02 23:21:20 | 00,001,918 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
[2009/04/02 23:21:20 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe Systems Shared
[2009/04/02 23:20:24 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2009/04/02 23:20:14 | 00,000,000 | ---D | C] -- C:\Program Files\Adobe
[2009/04/02 23:05:28 | 00,000,000 | ---D | C] -- C:\WINDOWS\ie7updates
[2009/04/02 23:05:24 | 06,066,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2009/04/02 23:05:24 | 02,455,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieapfltr.dat
[2009/04/02 23:05:24 | 00,991,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll.mui
[2009/04/02 23:05:24 | 00,459,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2009/04/02 23:05:24 | 00,383,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieapfltr.dll
[2009/04/02 23:05:24 | 00,268,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2009/04/02 23:05:24 | 00,063,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icardie.dll
[2009/04/02 23:05:24 | 00,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2009/04/02 23:05:24 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieudinit.exe
[2009/04/02 23:05:18 | 00,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2009/04/02 23:05:17 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US
[2009/04/02 23:05:05 | 00,000,000 | -H-D | C] -- C:\WINDOWS\ie7
[2009/04/02 23:04:58 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
[2009/04/02 23:04:46 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
[2009/04/02 23:04:32 | 00,121,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xmllite.dll
[2009/04/02 23:04:05 | 00,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2009/04/02 23:00:03 | 24,921,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe
[2009/04/02 21:39:37 | 00,276,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmphoto.dll
[2009/04/02 21:39:36 | 00,712,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\windowscodecs.dll
[2009/04/02 21:39:36 | 00,346,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\windowscodecsext.dll
[2009/04/02 21:39:36 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wlanapi.dll
[2009/04/02 21:39:35 | 00,014,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\wacompen.sys
[2009/04/02 21:39:34 | 00,121,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbvideo.sys
[2009/04/02 21:39:34 | 00,042,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\viaagp.sys
[2009/04/02 21:39:34 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vidcap.ax
[2009/04/02 21:39:34 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\verclsid.exe
[2009/04/02 21:39:33 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usb8023x.sys
[2009/04/02 21:39:32 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsgqec.dll
[2009/04/02 21:39:32 | 00,050,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tspkg.dll
[2009/04/02 21:39:32 | 00,044,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\uagp35.sys
[2009/04/02 21:39:29 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spupdwxp.exe
[2009/04/02 21:39:29 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spdwnwxp.exe
[2009/04/02 21:39:29 | 00,005,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\smbali.sys
[2009/04/02 21:39:28 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\setupn.exe
[2009/04/02 21:39:28 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sffp_mmc.sys
[2009/04/02 21:39:26 | 00,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rhttpaa.dll
[2009/04/02 21:39:26 | 00,059,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rfcomm.sys
[2009/04/02 21:39:26 | 00,030,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rndismpx.sys
[2009/04/02 21:39:25 | 00,291,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qagentrt.dll
[2009/04/02 21:39:25 | 00,150,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qagent.dll
[2009/04/02 21:39:25 | 00,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qutil.dll
[2009/04/02 21:39:25 | 00,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qcliprov.dll
[2009/04/02 21:39:25 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rasqec.dll
[2009/04/02 21:39:24 | 00,412,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\photometadatahandler.dll
[2009/04/02 21:39:23 | 00,144,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\onex.dll
[2009/04/02 21:39:21 | 00,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img
[2009/04/02 21:39:20 | 01,307,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml6.dll
[2009/04/02 21:39:20 | 01,307,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6.dll
[2009/04/02 21:39:20 | 00,193,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napmontr.dll
[2009/04/02 21:39:20 | 00,176,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napstat.exe
[2009/04/02 21:39:20 | 00,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml6r.dll
[2009/04/02 21:39:20 | 00,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6r.dll
[2009/04/02 21:39:20 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napipsec.dll
[2009/04/02 21:39:20 | 00,012,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mutohpen.sys
[2009/04/02 21:39:19 | 00,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mssha.dll
[2009/04/02 21:39:19 | 00,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msshavmsg.dll
[2009/04/02 21:39:15 | 00,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcex.dll
[2009/04/02 21:39:15 | 00,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\microsoft.managementconsole.dll
[2009/04/02 21:39:15 | 00,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcfxcommon.dll
[2009/04/02 21:39:15 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcperf.exe
[2009/04/02 21:39:12 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kmsvc.dll
[2009/04/02 21:39:12 | 00,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\l2gpstore.dll
[2009/04/02 21:39:11 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpash.dll
[2009/04/02 21:39:11 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdnepr.dll
[2009/04/02 21:39:11 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdiultn.dll
[2009/04/02 21:39:11 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbhc.dll
[2009/04/02 21:39:09 | 00,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\smtpapi.dll
[2009/04/02 21:39:08 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rwnh.dll
[2009/04/02 21:39:08 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsdupd.exe
[2009/04/02 21:39:08 | 00,000,974 | ---- | C] () -- C:\WINDOWS\System32\pid.inf
[2009/04/02 21:39:06 | 00,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\hidbth.sys
[2009/04/02 21:39:05 | 00,046,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\gagp30kx.sys
[2009/04/02 21:39:04 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\faxpatch.exe
[2009/04/02 21:39:03 | 00,184,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapp3hst.dll
[2009/04/02 21:39:03 | 00,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapphost.dll
[2009/04/02 21:39:03 | 00,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappcfg.dll
[2009/04/02 21:39:03 | 00,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappgnui.dll
[2009/04/02 21:39:03 | 00,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapqec.dll
[2009/04/02 21:39:03 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappprxy.dll
[2009/04/02 21:39:03 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapsvc.dll
[2009/04/02 21:39:03 | 00,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapolqec.dll
[2009/04/02 21:39:02 | 00,650,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3ui.dll
[2009/04/02 21:39:02 | 00,132,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3svc.dll
[2009/04/02 21:39:02 | 00,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3cfg.dll
[2009/04/02 21:39:02 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3msm.dll
[2009/04/02 21:39:02 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3gpclnt.dll
[2009/04/02 21:39:02 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3api.dll
[2009/04/02 21:39:02 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3dlg.dll
[2009/04/02 21:39:01 | 00,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dhcpqec.dll
[2009/04/02 21:39:01 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dimsroam.dll
[2009/04/02 21:39:01 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dimsntfy.dll
[2009/04/02 21:39:00 | 00,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty
[2009/04/02 21:39:00 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\credssp.dll
[2009/04/02 21:38:58 | 00,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\azroles.dll
[2009/04/02 21:38:58 | 00,101,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthpan.sys
[2009/04/02 21:38:58 | 00,037,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthmodem.sys
[2009/04/02 21:38:58 | 00,036,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthprint.sys
[2009/04/02 21:38:58 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthusb.sys
[2009/04/02 21:38:58 | 00,017,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthenum.sys
[2009/04/02 21:38:58 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx4.dll
[2009/04/02 21:38:57 | 00,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod
[2009/04/02 21:38:56 | 00,042,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\alim1541.sys
[2009/04/02 21:38:55 | 00,044,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\agpcpq.sys
[2009/04/02 21:38:55 | 00,042,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\agp440.sys
[2009/04/02 21:38:54 | 00,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\aaclient.dll
[2009/04/02 21:26:48 | 00,010,253 | ---- | C] () -- C:\WINDOWS\System32\Config.MPF
[2009/04/02 21:21:58 | 00,000,671 | ---- | C] () -- C:\DOCUME~1\ALLUSE~1\Desktop\McAfee Security Center.lnk
[2009/04/02 21:21:02 | 00,079,880 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfeavfk.sys
[2009/04/02 21:21:02 | 00,040,552 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfesmfk.sys
[2009/04/02 21:21:02 | 00,035,272 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfebopk.sys
[2009/04/02 21:21:01 | 00,120,136 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\Mpfp.sys
[2009/04/02 21:20:56 | 00,000,342 | ---- | C] () -- C:\WINDOWS\tasks\McDefragTask.job
[2009/04/02 21:20:55 | 00,000,334 | ---- | C] () -- C:\WINDOWS\tasks\McQcTask.job
[2009/04/02 21:20:51 | 00,000,000 | ---D | C] -- C:\Program Files\McAfee.com
[2009/04/02 21:20:51 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\McAfee
[2009/04/02 21:20:49 | 00,000,000 | ---D | C] -- C:\Program Files\McAfee
[2009/04/02 21:20:27 | 00,034,216 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mferkdk.sys
[2009/04/02 21:07:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2009/04/02 21:06:35 | 00,065,656 | ---- | C] () -- C:\Documents and Settings\Bernie\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009/04/02 21:03:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Bernie\Local Settings\Application Data\Identities
[2009/04/02 20:55:39 | 00,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\audstub.sys
[2009/04/02 20:55:21 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\hidserv.dll
[2009/04/02 20:55:12 | 00,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbprint.sys
[2009/04/02 20:54:58 | 00,057,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\redbook.sys
[2009/04/02 20:54:26 | 00,006,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\enum1394.sys
[2009/04/02 20:54:03 | 00,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\usbui.dll
[2009/04/02 20:53:02 | 00,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2009/04/02 20:53:00 | 00,000,000 | -HSD | C] -- C:\WINDOWS\Installer
[2009/04/02 20:52:59 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spcommon.dll
[2009/04/02 20:52:59 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spcplui.dll
[2009/04/02 20:52:59 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC
[2009/04/02 20:52:58 | 01,685,606 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.spd
[2009/04/02 20:52:58 | 00,774,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spttseng.dll
[2009/04/02 20:52:58 | 00,605,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa
[2009/04/02 20:52:58 | 00,000,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.sdf
[2009/04/02 20:52:57 | 00,643,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa
[2009/04/02 20:52:57 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapisvr.exe
[2009/04/02 20:52:57 | 00,000,000 | R--D | C] -- C:\Program Files
[2009/04/02 20:52:57 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeechEngines
[2009/04/02 20:52:57 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Shared
[2009/04/02 20:52:57 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files
[2009/04/02 20:52:56 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28603.nls
[2009/04/02 20:52:56 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28603.nls
[2009/04/02 20:52:55 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_857.nls
[2009/04/02 20:52:55 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_857.nls
[2009/04/02 20:52:55 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28599.nls
[2009/04/02 20:52:55 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10081.nls
[2009/04/02 20:52:55 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28599.nls
[2009/04/02 20:52:55 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10081.nls
[2009/04/02 20:52:55 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuq.dll
[2009/04/02 20:52:55 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuf.dll
[2009/04/02 20:52:55 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtuq.dll
[2009/04/02 20:52:55 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtuf.dll
[2009/04/02 20:52:55 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdazel.dll
[2009/04/02 20:52:55 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdazel.dll
[2009/04/02 20:52:54 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28595.nls
[2009/04/02 20:52:54 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10017.nls
[2009/04/02 20:52:54 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10007.nls
[2009/04/02 20:52:54 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28595.NLS
[2009/04/02 20:52:54 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10017.nls
[2009/04/02 20:52:54 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10007.nls
[2009/04/02 20:52:54 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycc.dll
[2009/04/02 20:52:54 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbduzb.dll
[2009/04/02 20:52:54 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdur.dll
[2009/04/02 20:52:54 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtat.dll
[2009/04/02 20:52:54 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru1.dll
[2009/04/02 20:52:54 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru.dll
[2009/04/02 20:52:54 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmon.dll
[2009/04/02 20:52:54 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkyr.dll
[2009/04/02 20:52:54 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkaz.dll
[2009/04/02 20:52:54 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbu.dll
[2009/04/02 20:52:54 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdblr.dll
[2009/04/02 20:52:54 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdaze.dll
[2009/04/02 20:52:54 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdycc.dll
[2009/04/02 20:52:54 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbduzb.dll
[2009/04/02 20:52:54 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdur.dll
[2009/04/02 20:52:54 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtat.dll
[2009/04/02 20:52:54 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdru1.dll
[2009/04/02 20:52:54 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdru.dll
[2009/04/02 20:52:54 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdmon.dll
[2009/04/02 20:52:54 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkyr.dll
[2009/04/02 20:52:54 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkaz.dll
[2009/04/02 20:52:54 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdbu.dll
[2009/04/02 20:52:54 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdblr.dll
[2009/04/02 20:52:54 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdaze.dll
[2009/04/02 20:52:52 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_869.nls
[2009/04/02 20:52:52 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_737.nls
[2009/04/02 20:52:52 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_869.nls
[2009/04/02 20:52:52 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_737.nls
[2009/04/02 20:52:52 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_875.nls
[2009/04/02 20:52:52 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28597.nls
[2009/04/02 20:52:52 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10006.nls
[2009/04/02 20:52:52 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_875.nls
[2009/04/02 20:52:52 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28597.NLS
[2009/04/02 20:52:52 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10006.nls
[2009/04/02 20:52:52 | 00,008,192 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhept.dll
[2009/04/02 20:52:52 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhept.dll
[2009/04/02 20:52:52 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela3.dll
[2009/04/02 20:52:52 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhela3.dll
[2009/04/02 20:52:52 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela2.dll
[2009/04/02 20:52:52 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdgkl.dll
[2009/04/02 20:52:52 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhela2.dll
[2009/04/02 20:52:52 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgkl.dll
[2009/04/02 20:52:52 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe319.dll
[2009/04/02 20:52:52 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe220.dll
[2009/04/02 20:52:52 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe.dll
[2009/04/02 20:52:52 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe319.dll
[2009/04/02 20:52:52 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe220.dll
[2009/04/02 20:52:52 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe.dll
[2009/04/02 20:52:51 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_866.nls
[2009/04/02 20:52:51 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_855.nls
[2009/04/02 20:52:51 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_866.nls
[2009/04/02 20:52:51 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_855.nls
[2009/04/02 20:52:51 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28594.nls
[2009/04/02 20:52:51 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28594.NLS
[2009/04/02 20:52:51 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv1.dll
[2009/04/02 20:52:51 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv.dll
[2009/04/02 20:52:51 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdest.dll
[2009/04/02 20:52:51 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlv1.dll
[2009/04/02 20:52:51 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlv.dll
[2009/04/02 20:52:51 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdest.dll
[2009/04/02 20:52:51 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt1.dll
[2009/04/02 20:52:51 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt.dll
[2009/04/02 20:52:51 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlt1.dll
[2009/04/02 20:52:51 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlt.dll
[2009/04/02 20:52:50 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_852.nls
[2009/04/02 20:52:50 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_852.nls
[2009/04/02 20:52:50 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10082.nls
[2009/04/02 20:52:50 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10029.nls
[2009/04/02 20:52:50 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10010.nls
[2009/04/02 20:52:50 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10082.nls
[2009/04/02 20:52:50 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10029.nls
[2009/04/02 20:52:50 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10010.nls
[2009/04/02 20:52:50 | 00,007,168 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz.dll
[2009/04/02 20:52:50 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz.dll
[2009/04/02 20:52:50 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycl.dll
[2009/04/02 20:52:50 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl1.dll
[2009/04/02 20:52:50 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl.dll
[2009/04/02 20:52:50 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpl.dll
[2009/04/02 20:52:50 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu.dll
[2009/04/02 20:52:50 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz2.dll
[2009/04/02 20:52:50 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz1.dll
[2009/04/02 20:52:50 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcr.dll
[2009/04/02 20:52:50 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\KBDAL.DLL
[2009/04/02 20:52:50 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdycl.dll
[2009/04/02 20:52:50 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsl1.dll
[2009/04/02 20:52:50 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsl.dll
[2009/04/02 20:52:50 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdpl.dll
[2009/04/02 20:52:50 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhu.dll
[2009/04/02 20:52:50 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz2.dll
[2009/04/02 20:52:50 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz1.dll
[2009/04/02 20:52:50 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcr.dll
[2009/04/02 20:52:50 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdal.dll
[2009/04/02 20:52:50 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdro.dll
[2009/04/02 20:52:50 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpl1.dll
[2009/04/02 20:52:50 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu1.dll
[2009/04/02 20:52:50 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdro.dll
[2009/04/02 20:52:50 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdpl1.dll
[2009/04/02 20:52:50 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhu1.dll
[2009/04/02 20:52:49 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20127.nls
[2009/04/02 20:52:49 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_20127.nls
[2009/04/02 20:52:48 | 00,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\spxcoins.dll
[2009/04/02 20:52:48 | 00,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxcoins.dll
[2009/04/02 20:52:48 | 00,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TAPI.DLL
[2009/04/02 20:52:48 | 00,013,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\WFWNET.DRV
[2009/04/02 20:52:48 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irclass.dll
[2009/04/02 20:52:48 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irclass.dll
[2009/04/02 20:52:48 | 00,009,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VER.DLL
[2009/04/02 20:52:48 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SHELL.DLL
[2009/04/02 20:52:48 | 00,004,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TIMER.DRV
[2009/04/02 20:52:48 | 00,003,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SYSTEM.DRV
[2009/04/02 20:52:48 | 00,002,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VGA.DRV
[2009/04/02 20:52:48 | 00,001,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SOUND.DRV
[2009/04/02 20:52:47 | 00,126,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MSVIDEO.DLL
[2009/04/02 20:52:47 | 00,109,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVIFILE.DLL
[2009/04/02 20:52:47 | 00,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLECLI.DLL
[2009/04/02 20:52:47 | 00,073,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIAVI.DRV
[2009/04/02 20:52:47 | 00,069,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVICAP.DLL
[2009/04/02 20:52:47 | 00,032,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\COMMDLG.DLL
[2009/04/02 20:52:47 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIWAVE.DRV
[2009/04/02 20:52:47 | 00,025,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCISEQ.DRV
[2009/04/02 20:52:47 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLESVR.DLL
[2009/04/02 20:52:47 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\TASKMAN.EXE
[2009/04/02 20:52:47 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\taskman.exe
[2009/04/02 20:52:47 | 00,009,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\LZEXPAND.DLL
[2009/04/02 20:52:47 | 00,002,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MOUSE.DRV
[2009/04/02 20:52:47 | 00,002,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\KEYBOARD.DRV
[2009/04/02 20:52:47 | 00,001,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MMTASK.TSK
[2009/04/02 20:52:46 | 00,146,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\winspool.drv
[2009/04/02 20:52:46 | 00,074,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\storprop.dll
[2009/04/02 20:52:46 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\notepad.exe
[2009/04/02 20:52:46 | 00,068,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MMSYSTEM.DLL
[2009/04/02 20:52:46 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\irenum.sys
[2009/04/02 20:52:46 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\batt.dll
[2009/04/02 20:52:46 | 00,001,688 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2009/04/02 20:52:40 | 00,000,084 | -HS- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\desktop.ini
[2009/04/02 20:52:40 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\desktop.ini
[2009/04/02 20:52:40 | 00,000,062 | -HS- | C] () -- C:\DOCUME~1\ALLUSE~1\Documents\desktop.ini
[2009/04/02 20:52:37 | 00,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2009/04/02 20:52:37 | 00,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2009/04/02 20:52:37 | 00,106,147 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP2.CAT
[2009/04/02 20:52:37 | 00,077,881 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plus.cat
[2009/04/02 20:52:37 | 00,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2009/04/02 20:52:37 | 00,017,916 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sonic.cat
[2009/04/02 20:52:37 | 00,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2009/04/02 20:52:37 | 00,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2009/04/02 20:52:37 | 00,007,382 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2009/04/02 20:52:37 | 00,007,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat
[2009/04/02 20:52:28 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2009/04/02 20:52:28 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot
[2009/04/02 20:52:22 | 00,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2009/04/02 20:52:04 | 00,245,512 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/04/02 20:52:04 | 00,000,000 | -HSD | C] -- C:\System Volume Information
[2009/04/02 20:52:04 | 00,000,000 | ---D | C] -- C:\Documents and Settings
[2009/04/02 20:51:06 | 00,000,209 | -HS- | C] () -- C:\boot.ini
[2009/04/02 20:51:03 | 00,000,261 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf
[2009/04/02 20:46:47 | 00,000,000 | R-SD | C] -- C:\WINDOWS\Fonts
[2009/04/02 20:46:47 | 00,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2009/04/02 20:46:47 | 00,000,000 | R--D | C] -- C:\WINDOWS\Web
[2009/04/02 20:46:47 | 00,000,000 | -H-D | C] -- C:\WINDOWS\inf
[2009/04/02 20:46:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\WinSxS
[2009/04/02 20:46:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\twain_32
[2009/04/02 20:46:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2009/04/02 20:46:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\wins
[2009/04/02 20:46:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem
[2009/04/02 20:46:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt
[2009/04/02 20:46:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\spool
[2009/04/02 20:46:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt
[2009/04/02 20:46:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup
[2009/04/02 20:46:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ras
[2009/04/02 20:46:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe
[2009/04/02 20:46:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\npp
[2009/04/02 20:46:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\mui
[2009/04/02 20:46:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv
[2009/04/02 20:46:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\IME
[2009/04/02 20:46:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml
[2009/04/02 20:46:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ias
[2009/04/02 20:46:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\export
[2009/04/02 20:46:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc
[2009/04/02 20:46:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn
[2009/04/02 20:46:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers
[2009/04/02 20:46:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp
[2009/04/02 20:46:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\config
[2009/04/02 20:46:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi
[2009/04/02 20:46:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\3076
[2009/04/02 20:46:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\2052
[2009/04/02 20:46:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1054
[2009/04/02 20:46:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1042
[2009/04/02 20:46:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1041
[2009/04/02 20:46:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1037
[2009/04/02 20:46:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1033
[2009/04/02 20:46:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1031
[2009/04/02 20:46:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1028
[2009/04/02 20:46:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1025
[2009/04/02 20:46:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\system32
[2009/04/02 20:46:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\system
[2009/04/02 20:46:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\security
[2009/04/02 20:46:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\Resources
[2009/04/02 20:46:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\repair
[2009/04/02 20:46:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\Provisioning
[2009/04/02 20:46:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\PeerNet
[2009/04/02 20:46:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\pchealth
[2009/04/02 20:46:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\mui
[2009/04/02 20:46:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\msapps
[2009/04/02 20:46:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\msagent
[2009/04/02 20:46:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\Media
[2009/04/02 20:46:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\java
[2009/04/02 20:46:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\ime
[2009/04/02 20:46:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\Help
[2009/04/02 20:46:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\ehome
[2009/04/02 20:46:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache
[2009/04/02 20:46:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\Debug
[2009/04/02 20:46:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\Cursors
[2009/04/02 20:46:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard
[2009/04/02 20:46:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\Config
[2009/04/02 20:46:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\AppPatch
[2009/04/02 20:46:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\addins
[2009/04/02 20:46:47 | 00,000,000 | ---D | C] -- C:\WINDOWS
[2009/04/02 20:44:45 | 00,272,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthport.sys
[2009/04/02 20:44:45 | 00,272,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthport.sys
[2009/04/02 20:41:38 | 02,189,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe
[2009/04/02 20:41:38 | 02,145,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe
[2009/04/02 20:41:38 | 02,023,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe
[2009/04/02 20:41:37 | 02,066,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlpa.exe
[2009/04/02 20:41:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Bernie\Application Data\Macromedia
[2009/04/02 20:41:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Bernie\Application Data\Adobe
[2009/04/02 20:38:37 | 00,203,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rmcast.sys
[2009/04/02 20:38:32 | 00,455,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys
[2009/04/02 20:37:56 | 00,333,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srv.sys
[2009/04/02 20:35:14 | 00,691,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcomm.dll
[2009/04/02 20:34:10 | 00,000,000 | ---D | C] -- C:\Program Files\NEC DISPLAY SOLUTIONS
[2009/04/02 20:16:52 | 00,026,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spupdsvc.exe
[2009/04/02 20:16:52 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2009/04/02 20:10:20 | 00,000,152 | ---- | C] () -- C:\WINDOWS\CoolPlay.ini
[2009/04/02 20:07:25 | 00,337,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netapi32.dll
[2009/04/02 20:04:55 | 00,064,988 | ---- | C] () -- C:\WINDOWS\System32\DVCState-{00000007-00000000-0000000A-00001102-00000005-00231102}.rfx
[2009/04/02 20:04:55 | 00,055,432 | ---- | C] () -- C:\WINDOWS\System32\BMXStateBkp-{00000007-00000000-0000000A-00001102-00000005-00231102}.rfx
[2009/04/02 20:04:55 | 00,055,432 | ---- | C] () -- C:\WINDOWS\System32\BMXState-{00000007-00000000-0000000A-00001102-00000005-00231102}.rfx
[2009/04/02 20:04:55 | 00,001,080 | ---- | C] () -- C:\WINDOWS\System32\settingsbkup.sfm
[2009/04/02 20:04:55 | 00,001,080 | ---- | C] () -- C:\WINDOWS\System32\settings.sfm
[2009/04/02 20:04:04 | 00,647,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\Mscomct2.ocx
[2009/04/02 20:03:23 | 00,233,472 | ---- | C] (Creative Labs) -- C:\WINDOWS\System32\wrap_oal.dll
[2009/04/02 20:03:22 | 00,006,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\splitter.sys
[2009/04/02 20:03:21 | 00,083,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\wdmaud.sys
[2009/04/02 20:03:21 | 00,052,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\dmusic.sys
[2009/04/02 20:03:18 | 00,142,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\aec.sys
[2009/04/02 20:03:18 | 00,056,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\swmidi.sys
[2009/04/02 20:03:17 | 00,172,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\kmixer.sys
[2009/04/02 20:03:17 | 00,002,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmkaud.sys
[2009/04/02 20:03:16 | 00,060,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sysaudio.sys
[2009/04/02 20:03:15 | 00,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mskssrv.sys
[2009/04/02 20:03:15 | 00,004,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mspqm.sys
[2009/04/02 20:03:14 | 00,005,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mspclock.sys
[2009/04/02 20:03:10 | 00,003,128 | R--- | C] () -- C:\WINDOWS\System32\XFi.bmp
[2009/04/02 20:03:10 | 00,000,766 | R--- | C] () -- C:\WINDOWS\System32\SBXFi.ico
[2009/04/02 20:03:09 | 00,146,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\portcls.sys
[2009/04/02 20:03:09 | 00,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksproxy.ax
[2009/04/02 20:03:09 | 00,060,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmk.sys
[2009/04/02 20:03:09 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksuser.dll
[2009/04/02 20:02:39 | 00,068,135 | R--- | C] () -- C:\WINDOWS\System32\instwdm.ini
[2009/04/02 20:02:39 | 00,011,776 | ---- | C] (Creative Technology Limited) -- C:\WINDOWS\INRES.DLL
[2009/04/02 20:02:39 | 00,003,072 | ---- | C] () -- C:\WINDOWS\CTXFIRES.DLL
[2009/04/02 20:02:39 | 00,000,191 | R--- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2009/04/02 20:02:39 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Data
[2009/04/02 20:01:55 | 07,572,224 | ---- | C] () -- C:\WINDOWS\System32\CT8MGM.SF2
[2009/04/02 20:01:54 | 04,174,814 | ---- | C] () -- C:\WINDOWS\System32\CT4MGM.SF2
[2009/04/02 20:01:54 | 02,167,684 | ---- | C] () -- C:\WINDOWS\System32\CT2MGM.SF2
[2009/04/02 20:01:03 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Creative
[2009/04/02 20:00:53 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Bernie\Application Data\Creative
[2009/04/02 19:59:54 | 00,000,000 | ---D | C] -- C:\WINDOWS\RegisteredPackages
[2009/04/02 19:59:49 | 00,000,000 | ---D | C] -- C:\Program Files\Creative
[2009/04/02 19:42:57 | 00,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2009/04/02 19:42:39 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\WinFast
[2009/04/02 19:42:38 | 00,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2009/04/02 19:42:12 | 00,009,600 | ---- | C] (Leadtek Research Inc.) -- C:\WINDOWS\System32\drivers\WINFOXIO.sys
[2009/04/02 19:42:12 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\WinFox
[2009/04/02 19:40:50 | 00,286,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gdi32.dll
[2009/04/02 19:39:01 | 00,000,008 | ---- | C] () -- C:\WINDOWS\System32\nvModes.dat
[2009/04/02 19:38:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\nView_Profiles
[2009/04/02 19:20:41 | 00,060,282 | ---- | C] () -- C:\WINDOWS\System32\nvapps.nvb
[2009/04/02 19:20:32 | 00,181,020 | ---- | C] () -- C:\WINDOWS\System32\nvapps.xml
[2009/04/02 19:20:32 | 00,016,960 | ---- | C] () -- C:\WINDOWS\System32\nvdisp.nvu
[2009/04/02 19:20:32 | 00,000,000 | ---D | C] -- C:\WINDOWS\nview
[2009/04/02 19:17:45 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups
[2009/04/02 19:17:44 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2009/04/02 19:17:38 | 00,003,903 | ---- | C] () -- C:\WINDOWS\System32\nvnrm.nvu
[2009/04/02 19:17:37 | 00,001,864 | ---- | C] () -- C:\WINDOWS\System32\nvsmb.nvu
[2009/04/02 19:17:36 | 00,001,570 | ---- | C] () -- C:\WINDOWS\System32\nvide.nvu
[2009/04/02 19:17:18 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2009/04/02 19:17:15 | 00,000,000 | ---D | C] -- C:\NVIDIA
[2009/04/02 19:15:56 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Bernie\Application Data\Identities
[2009/04/02 19:15:54 | 00,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
[2009/04/02 19:15:53 | 00,000,077 | -HS- | C] () -- C:\DOCUME~1\Bernie\My Documents\desktop.ini
[2009/04/02 19:15:53 | 00,000,000 | R--D | C] -- C:\DOCUME~1\Bernie\My Documents\My Pictures
[2009/04/02 19:15:53 | 00,000,000 | R--D | C] -- C:\DOCUME~1\Bernie\My Documents\My Music
[2009/04/02 19:15:50 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\Bernie\Application Data\desktop.ini
[2009/04/02 19:15:49 | 00,000,084 | -HS- | C] () -- C:\Documents and Settings\Bernie\Start Menu\Programs\Startup\desktop.ini
[2009/04/02 19:15:49 | 00,000,000 | --SD | C] -- C:\Documents and Settings\Bernie\Application Data\Microsoft
[2009/04/02 19:15:49 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Bernie\Local Settings\Application Data\Microsoft
[2009/04/02 19:15:02 | 00,000,000 | ---D | C] -- C:\DOCUME~1\ALLUSE~1\Documents\Recorded TV
[2009/04/02 19:14:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2009/04/02 19:14:53 | 00,000,006 | -H-- | C] () -- C:\WINDOWS\tasks\SA.DAT
[2009/04/02 19:14:53 | 00,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft
[2009/04/02 19:11:44 | 00,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2009/04/02 19:10:47 | 00,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009/04/02 19:10:40 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehresja.dll
[2009/04/02 19:10:40 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehresko.dll
[2009/04/02 19:10:40 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehresfr.dll
[2009/04/02 19:10:40 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehresde.dll
[2009/04/02 19:10:32 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehreschs.dll
[2009/04/02 19:10:29 | 00,028,288 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xjis.nls
[2009/04/02 19:10:28 | 00,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpns.dll
[2009/04/02 19:10:26 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winzm.ime
[2009/04/02 19:10:26 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winsp.ime
[2009/04/02 19:10:26 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winpy.ime
[2009/04/02 19:10:26 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winime.ime
[2009/04/02 19:10:25 | 00,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winar30.ime
[2009/04/02 19:10:25 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wingb.ime
[2009/04/02 19:10:25 | 00,041,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.dll
[2009/04/02 19:10:25 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.sys
[2009/04/02 19:10:24 | 00,426,041 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicepad.dll
[2009/04/02 19:10:24 | 00,086,073 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicesub.dll
[2009/04/02 19:10:24 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ext.dll
[2009/04/02 19:10:24 | 00,048,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32.dll
[2009/04/02 19:10:24 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamps51.dll
[2009/04/02 19:10:24 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3svapi.dll
[2009/04/02 19:10:24 | 00,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ctrs51.dll
[2009/04/02 19:10:23 | 00,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniime.dll
[2009/04/02 19:10:23 | 00,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unicdime.ime
[2009/04/02 19:10:22 | 00,571,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlgnt.ime
[2009/04/02 19:10:22 | 00,455,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintsetp.exe
[2009/04/02 19:10:22 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlphr.exe
[2009/04/02 19:10:22 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe
[2009/04/02 19:10:22 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmigrate.dll
[2009/04/02 19:10:21 | 00,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\thawbrkr.dll
[2009/04/02 19:10:21 | 00,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdipx.sys
[2009/04/02 19:10:21 | 00,019,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdspx.sys
[2009/04/02 19:10:21 | 00,013,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdasync.sys
[2009/04/02 19:10:20 | 00,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusbusd.dll
[2009/04/02 19:10:20 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\status.dll
[2009/04/02 19:10:19 | 00,143,422 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\softkey.dll
[2009/04/02 19:10:19 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpstup.dll
[2009/04/02 19:10:19 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll
[2009/04/02 19:10:18 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsm.dll
[2009/04/02 19:10:18 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll
[2009/04/02 19:10:18 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smimsgif.dll
[2009/04/02 19:10:18 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsy.dll
[2009/04/02 19:10:17 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm9aw.dll
[2009/04/02 19:10:17 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb6w.dll
[2009/04/02 19:10:17 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma3w.dll
[2009/04/02 19:10:17 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm87w.dll
[2009/04/02 19:10:17 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm81w.dll
[2009/04/02 19:10:17 | 00,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8cw.dll
[2009/04/02 19:10:17 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm93w.dll
[2009/04/02 19:10:17 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm92w.dll
[2009/04/02 19:10:17 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm90w.dll
[2009/04/02 19:10:17 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8dw.dll
[2009/04/02 19:10:17 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8aw.dll
[2009/04/02 19:10:17 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm89w.dll
[2009/04/02 19:10:17 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm59w.dll
[2009/04/02 19:10:17 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\simptcp.dll
[2009/04/02 19:10:15 | 00,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_scripto.dll
[2009/04/02 19:10:15 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seos.dll
[2009/04/02 19:10:14 | 00,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2009/04/02 19:10:14 | 00,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2009/04/02 19:10:14 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\romanime.ime
[2009/04/02 19:10:13 | 00,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe
[2009/04/02 19:10:13 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quser.exe
[2009/04/02 19:10:13 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe
[2009/04/02 19:10:12 | 00,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prcp.nls
[2009/04/02 19:10:12 | 00,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prc.nls
[2009/04/02 19:10:12 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quick.ime
[2009/04/02 19:10:12 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe
[2009/04/02 19:10:11 | 00,482,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlgnt.ime
[2009/04/02 19:10:11 | 00,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2009/04/02 19:10:11 | 00,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxviceo.dll
[2009/04/02 19:10:11 | 00,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlphr.exe
[2009/04/02 19:10:11 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmigrate.dll
[2009/04/02 19:10:11 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlcsd.dll
[2009/04/02 19:10:11 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxmcro.dll
[2009/04/02 19:10:11 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxgl.dll
[2009/04/02 19:10:10 | 00,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phon.ime
[2009/04/02 19:10:10 | 00,036,927 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs411.dll
[2009/04/02 19:10:10 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pagecnt.dll
[2009/04/02 19:10:10 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\permchk.dll
[2009/04/02 19:10:10 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs404.dll
[2009/04/02 19:10:10 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs804.dll
[2009/04/02 19:10:10 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs412.dll
[2009/04/02 19:10:09 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll
[2009/04/02 19:10:08 | 00,226,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npdrmv2.dll
[2009/04/02 19:10:08 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nextlink.dll
[2009/04/02 19:10:07 | 00,229,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\multibox.dll
[2009/04/02 19:10:05 | 01,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.lex
[2009/04/02 19:10:05 | 00,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.dll
[2009/04/02 19:10:03 | 00,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.sys
[2009/04/02 19:10:03 | 00,092,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.dll
[2009/04/02 19:10:02 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll
[2009/04/02 19:10:02 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mdsync.dll
[2009/04/02 19:10:01 | 01,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2009/04/02 19:10:01 | 00,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\korwbrkr.dll
[2009/04/02 19:10:01 | 00,047,066 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ksc.nls
[2009/04/02 19:10:01 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logscrpt.dll
[2009/04/02 19:10:00 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecat.dll
[2009/04/02 19:10:00 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecnt.dll
[2009/04/02 19:10:00 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnec95.dll
[2009/04/02 19:10:00 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth3.dll
[2009/04/02 19:10:00 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth2.dll
[2009/04/02 19:10:00 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdvntc.dll
[2009/04/02 19:10:00 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdusa.dll
[2009/04/02 19:10:00 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdurdu.dll
[2009/04/02 19:10:00 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth1.dll
[2009/04/02 19:10:00 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth0.dll
[2009/04/02 19:10:00 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr2.dll
[2009/04/02 19:10:00 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr1.dll
[2009/04/02 19:09:59 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinpun.dll
[2009/04/02 19:09:59 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintel.dll
[2009/04/02 19:09:59 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintam.dll
[2009/04/02 19:09:59 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinmar.dll
[2009/04/02 19:09:59 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinkan.dll
[2009/04/02 19:09:59 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinhin.dll
[2009/04/02 19:09:59 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinguj.dll
[2009/04/02 19:09:59 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdindev.dll
[2009/04/02 19:09:59 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdheb.dll
[2009/04/02 19:09:59 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdfa.dll
[2009/04/02 19:09:59 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv2.dll
[2009/04/02 19:09:59 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv1.dll
[2009/04/02 19:09:59 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda3.dll
[2009/04/02 19:09:59 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgeo.dll
[2009/04/02 19:09:59 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarmw.dll
[2009/04/02 19:09:59 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarme.dll
[2009/04/02 19:09:58 | 00,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jupiw.dll
[2009/04/02 19:09:58 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iwrps.dll
[2009/04/02 19:09:58 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isapips.dll
[2009/04/02 19:09:58 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101a.dll
[2009/04/02 19:09:58 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda2.dll
[2009/04/02 19:09:58 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda1.dll
[2009/04/02 19:09:57 | 00,471,102 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskdic.dll
[2009/04/02 19:09:57 | 00,315,455 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskf.dll
[2009/04/02 19:09:57 | 00,102,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imlang.dll
[2009/04/02 19:09:57 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imkrinst.exe
[2009/04/02 19:09:57 | 00,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2009/04/02 19:09:57 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infoctrs.dll
[2009/04/02 19:09:56 | 00,716,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcus.dll
[2009/04/02 19:09:56 | 00,368,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcic.dll
[2009/04/02 19:09:56 | 00,307,257 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.exe
[2009/04/02 19:09:56 | 00,274,489 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputyc.dll
[2009/04/02 19:09:56 | 00,262,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputy.exe
[2009/04/02 19:09:56 | 00,233,527 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjprw.exe
[2009/04/02 19:09:56 | 00,208,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpmig.exe
[2009/04/02 19:09:56 | 00,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2009/04/02 19:09:56 | 00,155,705 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdsvr.exe
[2009/04/02 19:09:56 | 00,081,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.dll
[2009/04/02 19:09:56 | 00,057,398 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdadm.exe
[2009/04/02 19:09:56 | 00,045,109 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpuex.exe
[2009/04/02 19:09:55 | 00,811,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81k.dll
[2009/04/02 19:09:55 | 00,340,023 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81.ime
[2009/04/02 19:09:55 | 00,311,359 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsv.exe
[2009/04/02 19:09:55 | 00,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2009/04/02 19:09:55 | 00,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrcic.dll
[2009/04/02 19:09:55 | 00,102,463 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsm.dll
[2009/04/02 19:09:55 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekr61.ime
[2009/04/02 19:09:55 | 00,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmbx.dll
[2009/04/02 19:09:55 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmig.exe
[2009/04/02 19:09:55 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iissync.exe
[2009/04/02 19:09:55 | 00,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iismui.dll
[2009/04/02 19:09:54 | 00,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisclex4.dll
[2009/04/02 19:09:54 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iiscrmap.dll
[2009/04/02 19:09:52 | 10,129,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxkor.dll
[2009/04/02 19:09:49 | 13,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2009/04/02 19:09:47 | 10,096,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxcht.dll
[2009/04/02 19:09:46 | 00,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2009/04/02 19:09:46 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hanjadic.dll
[2009/04/02 19:09:44 | 00,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclntr.dll
[2009/04/02 19:09:44 | 00,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscfgwz.dll
[2009/04/02 19:09:44 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsroute.dll
[2009/04/02 19:09:44 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssend.exe
[2009/04/02 19:09:43 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe
[2009/04/02 19:09:43 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpctrs2.dll
[2009/04/02 19:09:43 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftlx041e.dll
[2009/04/02 19:09:42 | 00,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll
[2009/04/02 19:09:42 | 00,045,056 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll
[2009/04/02 19:09:42 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll
[2009/04/02 19:09:42 | 00,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll
[2009/04/02 19:09:42 | 00,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\et4000.sys
[2009/04/02 19:09:41 | 00,514,587 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\edb500.dll
[2009/04/02 19:09:39 | 00,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dayi.ime
[2009/04/02 19:09:38 | 00,057,399 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cplexe.exe
[2009/04/02 19:09:38 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\convlog.exe
[2009/04/02 19:09:38 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\controt.dll
[2009/04/02 19:09:38 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\counters.dll
[2009/04/02 19:09:38 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cprofile.exe
[2009/04/02 19:09:37 | 00,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtbrkr.dll
[2009/04/02 19:09:37 | 00,480,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintsetp.exe
[2009/04/02 19:09:37 | 00,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintime.dll
[2009/04/02 19:09:37 | 00,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2009/04/02 19:09:37 | 00,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtmbx.dll
[2009/04/02 19:09:37 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtskdic.dll
[2009/04/02 19:09:37 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintlgnt.ime
[2009/04/02 19:09:36 | 01,677,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chsbrkr.dll
[2009/04/02 19:09:36 | 00,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chajei.ime
[2009/04/02 19:09:36 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgport.exe
[2009/04/02 19:09:36 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgusr.exe
[2009/04/02 19:09:36 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chglogon.exe
[2009/04/02 19:09:36 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\change.exe
[2009/04/02 19:09:35 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_864.nls
[2009/04/02 19:09:35 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_862.nls
[2009/04/02 19:09:35 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_858.nls
[2009/04/02 19:09:35 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_720.nls
[2009/04/02 19:09:35 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_870.nls
[2009/04/02 19:09:35 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_708.nls
[2009/04/02 19:09:35 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28596.nls
[2009/04/02 19:09:35 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21027.nls
[2009/04/02 19:09:35 | 00,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2009/04/02 19:09:35 | 00,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_iscii.dll
[2009/04/02 19:09:35 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_is2022.dll
[2009/04/02 19:09:34 | 00,180,770 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20932.nls
[2009/04/02 19:09:34 | 00,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20949.nls
[2009/04/02 19:09:34 | 00,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20936.nls
[2009/04/02 19:09:34 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21025.nls
[2009/04/02 19:09:34 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20924.nls
[2009/04/02 19:09:34 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20880.nls
[2009/04/02 19:09:34 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20871.nls
[2009/04/02 19:09:34 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20838.nls
[2009/04/02 19:09:34 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20833.nls
[2009/04/02 19:09:34 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20424.nls
[2009/04/02 19:09:34 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20423.nls
[2009/04/02 19:09:34 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20420.nls
[2009/04/02 19:09:34 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20297.nls
[2009/04/02 19:09:34 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20290.nls
[2009/04/02 19:09:34 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20285.nls
[2009/04/02 19:09:34 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20284.nls
[2009/04/02 19:09:34 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20280.nls
[2009/04/02 19:09:34 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20278.nls
[2009/04/02 19:09:34 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20277.nls
[2009/04/02 19:09:33 | 00,189,986 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1361.nls
[2009/04/02 19:09:33 | 00,187,938 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20005.nls
[2009/04/02 19:09:33 | 00,186,402 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20001.nls
[2009/04/02 19:09:33 | 00,185,378 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20003.nls
[2009/04/02 19:09:33 | 00,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20004.nls
[2009/04/02 19:09:33 | 00,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20000.nls
[2009/04/02 19:09:33 | 00,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20002.nls
[2009/04/02 19:09:33 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20273.nls
[2009/04/02 19:09:33 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20269.nls
[2009/04/02 19:09:33 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20108.nls
[2009/04/02 19:09:33 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20107.nls
[2009/04/02 19:09:33 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20106.nls
[2009/04/02 19:09:33 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20105.nls
[2009/04/02 19:09:33 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1149.nls
[2009/04/02 19:09:33 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1148.nls
[2009/04/02 19:09:33 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1147.nls
[2009/04/02 19:09:32 | 00,195,618 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10002.nls
[2009/04/02 19:09:32 | 00,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10003.nls
[2009/04/02 19:09:32 | 00,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10008.nls
[2009/04/02 19:09:32 | 00,162,850 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10001.nls
[2009/04/02 19:09:32 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1146.nls
[2009/04/02 19:09:32 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1145.nls
[2009/04/02 19:09:32 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1144.nls
[2009/04/02 19:09:32 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1143.nls
[2009/04/02 19:09:32 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1142.nls
[2009/04/02 19:09:32 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1141.nls
[2009/04/02 19:09:32 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1140.nls
[2009/04/02 19:09:32 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1047.nls
[2009/04/02 19:09:32 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10021.nls
[2009/04/02 19:09:32 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10005.nls
[2009/04/02 19:09:32 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10004.nls
[2009/04/02 19:09:31 | 00,082,172 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bopomofo.nls
[2009/04/02 19:09:31 | 00,066,728 | ---- | C] () -- C:\WINDOWS\System32\dllcache\big5.nls
[2009/04/02 19:09:31 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\browscap.dll
[2009/04/02 19:09:31 | 00,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asptxn.dll
[2009/04/02 19:09:31 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aspperf.dll
[2009/04/02 19:09:31 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\authfilt.dll
[2009/04/02 19:09:30 | 00,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll
[2009/04/02 19:09:29 | 00,049,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adrot.dll
[2009/04/02 19:09:29 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admxprox.dll
[2009/04/02 19:09:29 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll
[2009/04/02 19:09:28 | 00,364,544 | ---- | C] (Microsoft Corporation (written by Digital Renaissance Inc.)) -- C:\WINDOWS\System32\dllcache\npdsplay.dll
[2009/04/02 19:09:28 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npwmsdrm.dll
[2009/04/02 19:09:28 | 00,004,639 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplayer2.exe
[2009/04/02 19:09:27 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamregps.dll
[2009/04/02 19:09:24 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetsloc.dll
[2009/04/02 19:09:24 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmgr.exe
[2009/04/02 19:09:23 | 00,169,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisui.dll
[2009/04/02 19:09:23 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisreset.exe
[2009/04/02 19:09:23 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpsapi2.dll
[2009/04/02 19:09:23 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrstap.dll
[2009/04/02 19:09:21 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\certmap.ocx
[2009/04/02 19:09:19 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom
[2009/04/02 19:09:19 | 00,000,000 | ---D | C] -- C:\Program Files\xerox
[2009/04/02 19:09:19 | 00,000,000 | ---D | C] -- C:\Program Files\microsoft frontpage
[2009/04/02 19:08:35 | 00,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\irbus.sys
[2009/04/02 19:08:35 | 00,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\hidir.sys
[2009/04/02 19:07:41 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$
[2009/04/02 19:07:36 | 00,017,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2009/04/02 19:07:34 | 00,689,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsp3res.dll
[2009/04/02 19:07:22 | 00,002,577 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT
[2009/04/02 19:07:22 | 00,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2009/04/02 19:07:22 | 00,000,000 | RHS- | C] () -- C:\IO.SYS
[2009/04/02 19:07:22 | 00,000,000 | ---- | C] () -- C:\CONFIG.SYS
[2009/04/02 19:07:22 | 00,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT
[2009/04/02 19:07:18 | 00,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2009/04/02 19:07:18 | 00,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2009/04/02 19:07:18 | 00,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2009/04/02 19:07:11 | 00,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mapi32.dll
[2009/04/02 19:06:24 | 00,000,488 | RH-- | C] () -- C:\WINDOWS\System32\WindowsLogon.manifest
[2009/04/02 19:06:24 | 00,000,488 | RH-- | C] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2009/04/02 19:06:24 | 00,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files
[2009/04/02 19:06:24 | 00,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages
[2009/04/02 19:06:20 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\WindowsShell.Manifest
[2009/04/02 19:06:20 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2009/04/02 19:06:20 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2009/04/02 19:06:20 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2009/04/02 19:06:20 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2009/04/02 19:06:20 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2009/04/02 19:06:17 | 00,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate
[2009/04/02 19:06:08 | 04,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex
[2009/04/02 19:06:03 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX
[2009/04/02 19:05:49 | 00,099,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helphost.exe
[2009/04/02 19:05:49 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\notiflag.exe
[2009/04/02 19:05:49 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\brpinfo.dll
[2009/04/02 19:05:49 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atrace.dll
[2009/04/02 19:05:49 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\atrace.dll
[2009/04/02 19:05:49 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hcappres.dll
[2009/04/02 19:05:47 | 00,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2009/04/02 19:05:47 | 00,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2009/04/02 19:05:43 | 00,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srdiag.exe
[2009/04/02 19:05:43 | 00,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf
[2009/04/02 19:05:42 | 00,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msg723.acm
[2009/04/02 19:05:42 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msinfo32.exe
[2009/04/02 19:05:42 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmevtmsg.dll
[2009/04/02 19:05:42 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wb32.exe
[2009/04/02 19:05:42 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmevtmsg.dll
[2009/04/02 19:05:42 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cb32.exe
[2009/04/02 19:05:41 | 00,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\acctres.dll
[2009/04/02 19:05:41 | 00,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\acctres.dll
[2009/04/02 19:05:41 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Services
[2009/04/02 19:05:39 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwtutor.exe
[2009/04/02 19:05:39 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwres.dll
[2009/04/02 19:05:39 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trialoc.dll
[2009/04/02 19:05:39 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wisc10.dll
[2009/04/02 19:05:39 | 00,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssoapr.dll
[2009/04/02 19:05:39 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icfgnt5.dll
[2009/04/02 19:05:39 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isignup.exe
[2009/04/02 19:05:39 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icfgnt5.dll
[2009/04/02 19:05:39 | 00,000,065 | RH-- | C] () -- C:\WINDOWS\tasks\desktop.ini
[2009/04/02 19:05:39 | 00,000,000 | --SD | C] -- C:\WINDOWS\Tasks
[2009/04/02 19:05:38 | 00,235,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssoap1.dll
[2009/04/02 19:05:38 | 00,093,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieinfo5.ocx
[2009/04/02 19:05:38 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap
[2009/04/02 19:05:36 | 00,765,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vgx.dll
[2009/04/02 19:05:36 | 00,000,000 | ---D | C] -- C:\WINDOWS\srchasst
[2009/04/02 19:05:35 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed
[2009/04/02 19:05:34 | 00,991,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migrate.exe
[2009/04/02 19:05:34 | 00,819,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setup_wm.exe
[2009/04/02 19:05:34 | 00,356,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpvis.dll
[2009/04/02 19:05:34 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpband.dll
[2009/04/02 19:05:34 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmplayer.exe
[2009/04/02 19:05:33 | 01,809,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng.dll
[2009/04/02 19:05:33 | 01,809,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaueng.dll
[2009/04/02 19:05:33 | 00,561,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll
[2009/04/02 19:05:33 | 00,561,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuapi.dll
[2009/04/02 19:05:33 | 00,323,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll
[2009/04/02 19:05:33 | 00,323,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wucltui.dll
[2009/04/02 19:05:33 | 00,213,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaucpl.cpl
[2009/04/02 19:05:33 | 00,213,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaucpl.cpl
[2009/04/02 19:05:33 | 00,202,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuweb.dll
[2009/04/02 19:05:33 | 00,202,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuweb.dll
[2009/04/02 19:05:33 | 00,183,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng1.dll
[2009/04/02 19:05:33 | 00,165,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauclt1.exe
[2009/04/02 19:05:33 | 00,051,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauclt.exe
[2009/04/02 19:05:33 | 00,051,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauclt.exe
[2009/04/02 19:05:33 | 00,034,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wups.dll
[2009/04/02 19:05:33 | 00,034,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wups.dll
[2009/04/02 19:05:33 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauserv.dll
[2009/04/02 19:05:32 | 00,409,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qmgr.dll
[2009/04/02 19:05:32 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qmgrprxy.dll
[2009/04/02 19:05:32 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx2.dll
[2009/04/02 19:05:32 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx3.dll
[2009/04/02 19:05:26 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrslv.dll
[2009/04/02 19:05:26 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrcdlg.dll
[2009/04/02 19:05:26 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\racpldlg.dll
[2009/04/02 19:05:26 | 00,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrdm.dll
[2009/04/02 19:05:24 | 00,239,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srrstr.dll
[2009/04/02 19:05:24 | 00,129,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\fltmgr.sys
[2009/04/02 19:05:24 | 00,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fltmc.exe
[2009/04/02 19:05:24 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fltlib.dll
[2009/04/02 19:05:24 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore
[2009/04/02 19:05:23 | 00,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msh261.drv
[2009/04/02 19:05:23 | 00,171,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srsvc.dll
[2009/04/02 19:05:23 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ils.dll
[2009/04/02 19:05:23 | 00,073,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sr.sys
[2009/04/02 19:05:23 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srclient.dll
[2009/04/02 19:05:23 | 00,034,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mnmdd.dll
[2009/04/02 19:05:23 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mnmsrvc.exe
[2009/04/02 19:05:23 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmmkcert.dll
[2009/04/02 19:05:22 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msconf.dll
[2009/04/02 19:05:21 | 00,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoeacct.dll
[2009/04/02 19:05:21 | 00,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoert2.dll
[2009/04/02 19:05:21 | 00,000,000 | ---D | C] -- C:\Program Files\NetMeeting
[2009/04/02 19:05:20 | 00,691,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcomm.dll
[2009/04/02 19:05:20 | 00,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetres.dll
[2009/04/02 19:05:19 | 00,192,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\schedsvc.dll
[2009/04/02 19:05:19 | 00,000,000 | ---D | C] -- C:\Program Files\Outlook Express
[2009/04/02 19:05:18 | 00,274,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstask.dll
[2009/04/02 19:05:18 | 00,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcfg.dll
[2009/04/02 19:05:18 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\isign32.dll
[2009/04/02 19:05:18 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwdial.dll
[2009/04/02 19:05:18 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwphbk.dll
[2009/04/02 19:05:18 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstinit.exe
[2009/04/02 19:05:14 | 00,331,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadce.dll
[2009/04/02 19:05:14 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\System
[2009/04/02 19:05:13 | 00,636,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iexplore.exe
[2009/04/02 19:05:13 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedw.exe
[2009/04/02 19:05:13 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hmmapi.dll
[2009/04/02 19:05:10 | 00,000,000 | ---D | C] -- C:\Program Files\Internet Explorer
[2009/04/02 19:05:09 | 00,000,000 | R--D | C] -- C:\DOCUME~1\ALLUSE~1\Documents\My Music
[2009/04/02 19:04:42 | 00,000,000 | R-SD | C] -- C:\WINDOWS\assembly
[2009/04/02 19:04:28 | 00,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009/04/02 19:04:21 | 00,000,000 | ---D | C] -- C:\Program Files\ComPlus Applications
[2009/04/02 19:04:16 | 00,000,000 | ---D | C] -- C:\WINDOWS\Registration
[2009/04/02 19:04:11 | 00,000,000 | ---D | C] -- C:\Program Files\Online Services
[2009/04/02 19:04:03 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\netfxperf.dll
[2009/04/02 19:04:01 | 00,131,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mscoree.dll
[2009/04/02 19:03:59 | 00,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET
[2009/04/02 19:03:57 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Media Player
[2009/04/02 19:03:46 | 01,742,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mypixdx.scr
[2009/04/02 19:03:46 | 00,011,452 | ---- | C] () -- C:\WINDOWS\System32\mypixdx.chm
[2009/04/02 19:03:46 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Plus
[2009/04/02 19:03:45 | 07,093,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\space.scr
[2009/04/02 19:03:44 | 04,396,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wpgldfsh.scr
[2009/04/02 19:03:43 | 05,068,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\davinci.scr
[2009/04/02 19:03:43 | 03,343,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nature.scr
[2009/04/02 19:03:40 | 00,011,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mhndrv.sys
[2009/04/02 19:03:40 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\igdetect.dll
[2009/04/02 19:03:39 | 00,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mhn.dll
[2009/04/02 19:03:38 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2ext.dll
[2009/04/02 19:03:38 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2eres.dll
[2009/04/02 19:03:38 | 00,000,000 | ---D | C] -- C:\Program Files\Movie Maker
[2009/04/02 19:03:11 | 00,462,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehsqqp20.dll
[2009/04/02 19:03:11 | 00,151,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehsqdb20.dll
[2009/04/02 19:03:11 | 00,111,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bdatunepia.dll
[2009/04/02 19:03:11 | 00,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehsqse20.dll
[2009/04/02 19:03:10 | 00,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\medctrro.exe
[2009/04/02 19:03:10 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehmsas.exe
[2009/04/02 19:03:10 | 00,000,000 | R--D | C] -- C:\DOCUME~1\ALLUSE~1\Documents\My Pictures
[2009/04/02 19:03:07 | 10,604,352 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ehcir.ird
[2009/04/02 19:03:07 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehiuserxp.dll
[2009/04/02 19:03:06 | 02,883,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehshell.exe
[2009/04/02 19:03:06 | 01,740,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehcm.dll
[2009/04/02 19:03:06 | 01,370,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehchsime.dll
[2009/04/02 19:03:06 | 00,398,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehui.dll
[2009/04/02 19:03:06 | 00,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehcommon.dll
[2009/04/02 19:03:06 | 00,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehdrop.dll
[2009/04/02 19:03:06 | 00,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehsched.exe
[2009/04/02 19:03:06 | 00,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehrec.exe
[2009/04/02 19:03:06 | 00,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehtray.exe
[2009/04/02 19:03:06 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehjpnime.dll
[2009/04/02 19:03:06 | 00,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehentt.dll
[2009/04/02 19:03:06 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehdebug.dll
[2009/04/02 19:03:03 | 10,488,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehres.dll
[2009/04/02 19:03:03 | 01,351,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehuihlp.dll
[2009/04/02 19:03:03 | 00,811,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehepg.dll
[2009/04/02 19:03:03 | 00,348,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehiproxy.dll
[2009/04/02 19:03:03 | 00,331,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehrecobj.dll
[2009/04/02 19:03:03 | 00,269,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehglid.dll
[2009/04/02 19:03:03 | 00,258,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehividctl.dll
[2009/04/02 19:03:03 | 00,207,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehplayer.dll
[2009/04/02 19:03:03 | 00,152,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\debugsvc.dll
[2009/04/02 19:03:03 | 00,139,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehiplay.dll
[2009/04/02 19:03:03 | 00,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehepgdat.dll
[2009/04/02 19:03:03 | 00,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehcir.dll
[2009/04/02 19:03:03 | 00,093,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehproxy.dll
[2009/04/02 19:03:03 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehepgdec.dll
[2009/04/02 19:03:03 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehepgnet.dll
[2009/04/02 19:03:02 | 00,122,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehiwmp.dll
[2009/04/02 19:03:02 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehiextens.dll
[2009/04/02 19:03:00 | 01,817,687 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgres.dll
[2009/04/02 19:03:00 | 00,082,501 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckg.dll
[2009/04/02 19:03:00 | 00,042,577 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgzm.exe
[2009/04/02 19:03:00 | 00,000,000 | ---D | C] -- C:\Program Files\Messenger
[2009/04/02 19:02:59 | 02,178,131 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlres.dll
[2009/04/02 19:02:59 | 01,175,635 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzres.dll
[2009/04/02 19:02:59 | 00,780,885 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrres.dll
[2009/04/02 19:02:59 | 00,753,236 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvseres.dll
[2009/04/02 19:02:59 | 00,066,113 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvl.dll
[2009/04/02 19:02:59 | 00,057,409 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtz.dll
[2009/04/02 19:02:59 | 00,048,706 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvse.dll
[2009/04/02 19:02:59 | 00,042,575 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrzm.exe
[2009/04/02 19:02:59 | 00,042,574 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvsezm.exe
[2009/04/02 19:02:59 | 00,042,573 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlzm.exe
[2009/04/02 19:02:59 | 00,042,573 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzzm.exe
[2009/04/02 19:02:59 | 00,040,515 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkr.dll
[2009/04/02 19:02:59 | 00,032,339 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniansi.dll
[2009/04/02 19:02:59 | 00,004,677 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zeeverm.dll
[2009/04/02 19:02:58 | 01,039,955 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnresm.dll
[2009/04/02 19:02:58 | 00,217,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnclim.dll
[2009/04/02 19:02:58 | 00,113,222 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zoneclim.dll
[2009/04/02 19:02:58 | 00,041,029 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zcorem.dll
[2009/04/02 19:02:58 | 00,036,937 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zclientm.exe
[2009/04/02 19:02:58 | 00,029,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\znetm.dll
[2009/04/02 19:02:58 | 00,013,894 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zonelibm.dll
[2009/04/02 19:02:58 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\write.exe
[2009/04/02 19:02:58 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\write.exe
[2009/04/02 19:02:58 | 00,000,000 | ---D | C] -- C:\Program Files\MSN Gaming Zone
[2009/04/02 19:02:51 | 00,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avtapi.dll
[2009/04/02 19:02:51 | 00,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avtapi.dll
[2009/04/02 19:02:51 | 00,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndvol32.exe
[2009/04/02 19:02:51 | 00,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndvol32.exe
[2009/04/02 19:02:51 | 00,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avwav.dll
[2009/04/02 19:02:51 | 00,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avwav.dll
[2009/04/02 19:02:51 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winchat.exe
[2009/04/02 19:02:51 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winchat.exe
[2009/04/02 19:02:51 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avmeter.dll
[2009/04/02 19:02:51 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avmeter.dll
[2009/04/02 19:02:47 | 00,093,702 | ---- | C] () -- C:\WINDOWS\System32\subrange.uce
[2009/04/02 19:02:47 | 00,065,978 | ---- | C] () -- C:\WINDOWS\Soap Bubbles.bmp
[2009/04/02 19:02:47 | 00,065,954 | ---- | C] () -- C:\WINDOWS\Prairie Wind.bmp
[2009/04/02 19:02:47 | 00,065,832 | ---- | C] () -- C:\WINDOWS\Santa Fe Stucco.bmp
[2009/04/02 19:02:47 | 00,026,680 | ---- | C] () -- C:\WINDOWS\River Sumida.bmp
[2009/04/02 19:02:47 | 00,026,582 | ---- | C] () -- C:\WINDOWS\Greenstone.bmp
[2009/04/02 19:02:47 | 00,017,362 | ---- | C] () -- C:\WINDOWS\Rhododendron.bmp
[2009/04/02 19:02:47 | 00,017,336 | ---- | C] () -- C:\WINDOWS\Gone Fishing.bmp
[2009/04/02 19:02:47 | 00,017,062 | ---- | C] () -- C:\WINDOWS\Coffee Bean.bmp
[2009/04/02 19:02:47 | 00,016,730 | ---- | C] () -- C:\WINDOWS\FeatherTexture.bmp
[2009/04/02 19:02:47 | 00,009,522 | ---- | C] () -- C:\WINDOWS\Zapotec.bmp
[2009/04/02 19:02:47 | 00,001,272 | ---- | C] () -- C:\WINDOWS\Blue Lace 16.bmp
[2009/04/02 19:02:46 | 00,605,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\getuname.dll
[2009/04/02 19:02:46 | 00,605,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\getuname.dll
[2009/04/02 19:02:46 | 00,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\calc.exe
[2009/04/02 19:02:46 | 00,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\calc.exe
[2009/04/02 19:02:46 | 00,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\charmap.exe
[2009/04/02 19:02:46 | 00,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\charmap.exe
[2009/04/02 19:02:46 | 00,060,458 | ---- | C] () -- C:\WINDOWS\System32\ideograf.uce
[2009/04/02 19:02:46 | 00,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sol.exe
[2009/04/02 19:02:46 | 00,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sol.exe
[2009/04/02 19:02:46 | 00,024,006 | ---- | C] () -- C:\WINDOWS\System32\gb2312.uce
[2009/04/02 19:02:46 | 00,022,984 | ---- | C] () -- C:\WINDOWS\System32\bopomofo.uce
[2009/04/02 19:02:46 | 00,016,740 | ---- | C] () -- C:\WINDOWS\System32\shiftjis.uce
[2009/04/02 19:02:46 | 00,012,876 | ---- | C] () -- C:\WINDOWS\System32\korean.uce
[2009/04/02 19:02:46 | 00,008,484 | ---- | C] () -- C:\WINDOWS\System32\kanji_2.uce
[2009/04/02 19:02:46 | 00,006,948 | ---- | C] () -- C:\WINDOWS\System32\kanji_1.uce
[2009/04/02 19:02:45 | 00,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mshearts.exe
[2009/04/02 19:02:45 | 00,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshearts.exe
[2009/04/02 19:02:45 | 00,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winmine.exe
[2009/04/02 19:02:45 | 00,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmine.exe
[2009/04/02 19:02:45 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\freecell.exe
[2009/04/02 19:02:45 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\freecell.exe
[2009/04/02 19:02:45 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\regini.exe
[2009/04/02 19:02:45 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\regini.exe
[2009/04/02 19:02:45 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsshutdn.exe
[2009/04/02 19:02:45 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsshutdn.exe
[2009/04/02 19:02:45 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tskill.exe
[2009/04/02 19:02:45 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tskill.exe
[2009/04/02 19:02:45 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rwinsta.exe
[2009/04/02 19:02:45 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rwinsta.exe
[2009/04/02 19:02:45 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsdiscon.exe
[2009/04/02 19:02:45 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscon.exe
[2009/04/02 19:02:45 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\shadow.exe
[2009/04/02 19:02:45 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsdiscon.exe
[2009/04/02 19:02:45 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscon.exe
[2009/04/02 19:02:45 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shadow.exe
[2009/04/02 19:02:45 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\reset.exe
[2009/04/02 19:02:45 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\reset.exe
[2009/04/02 19:02:45 | 00,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h
[2009/04/02 19:02:45 | 00,001,161 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2009/04/02 19:02:44 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qwinsta.exe
[2009/04/02 19:02:44 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qwinsta.exe
[2009/04/02 19:02:44 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msg.exe
[2009/04/02 19:02:44 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msg.exe
[2009/04/02 19:02:44 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtsadmin.tlb
[2009/04/02 19:02:44 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qappsrv.exe
[2009/04/02 19:02:44 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qappsrv.exe
[2009/04/02 19:02:44 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cdmodem.dll
[2009/04/02 19:02:44 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cdmodem.dll
[2009/04/02 19:02:44 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\logoff.exe
[2009/04/02 19:02:44 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logoff.exe
[2009/04/02 19:02:44 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpcfgex.dll
[2009/04/02 19:02:44 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpcfgex.dll
[2009/04/02 19:02:44 | 00,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h
[2009/04/02 19:02:43 | 00,167,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsnap.dll
[2009/04/02 19:02:43 | 00,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comrepl.dll
[2009/04/02 19:02:43 | 00,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\stclient.dll
[2009/04/02 19:02:43 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmi2xml.dll
[2009/04/02 19:02:43 | 00,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxlegih.dll
[2009/04/02 19:02:43 | 00,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxdm.dll
[2009/04/02 19:02:43 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comaddin.dll
[2009/04/02 19:02:43 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dcomcnfg.exe
[2009/04/02 19:02:43 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxex.dll
[2009/04/02 19:02:41 | 00,075,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipicmp.dll
[2009/04/02 19:02:41 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmimsg.dll
[2009/04/02 19:02:41 | 00,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmitimep.dll
[2009/04/02 19:02:40 | 00,273,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msiprov.dll
[2009/04/02 19:02:40 | 00,120,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsprov.dll
[2009/04/02 19:02:40 | 00,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\updprov.dll
[2009/04/02 19:02:40 | 00,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc
[2009/04/02 19:02:40 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmplprov.dll
[2009/04/02 19:02:40 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemdisp.tlb
[2009/04/02 19:02:40 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trnsprov.dll
[2009/04/02 19:02:40 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fwdprov.dll
[2009/04/02 19:02:40 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpcons.dll
[2009/04/02 19:02:40 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.tlb
[2009/04/02 19:02:40 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unsecapp.exe
[2009/04/02 19:02:40 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmtr.dll
[2009/04/02 19:02:40 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmt.exe
[2009/04/02 19:02:40 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.dll
[2009/04/02 19:02:32 | 00,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\accwiz.exe
[2009/04/02 19:02:32 | 00,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\access.cpl
[2009/04/02 19:02:32 | 00,000,000 | ---D | C] -- C:\Program Files\MSN
[2009/04/02 19:02:31 | 00,343,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mspaint.exe
[2009/04/02 19:02:31 | 00,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndrec32.exe
[2009/04/02 19:02:31 | 00,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mplay32.exe
[2009/04/02 19:02:31 | 00,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplay32.exe
[2009/04/02 19:02:31 | 00,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clipbrd.exe
[2009/04/02 19:02:31 | 00,000,000 | ---D | C] -- C:\Program Files\Windows NT
[2009/04/02 19:02:30 | 02,061,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstscax.dll
[2009/04/02 19:02:30 | 00,677,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstsc.exe
[2009/04/02 19:02:30 | 00,655,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstscax.dll
[2009/04/02 19:02:30 | 00,538,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spider.exe
[2009/04/02 19:02:30 | 00,407,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstsc.exe
[2009/04/02 19:02:30 | 00,139,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rdpwd.sys
[2009/04/02 19:02:30 | 00,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscfgwmi.dll
[2009/04/02 19:02:30 | 00,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tdtcp.sys
[2009/04/02 19:02:30 | 00,012,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tdpipe.sys
[2009/04/02 19:02:29 | 00,295,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\termsrv.dll
[2009/04/02 19:02:29 | 00,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdchost.dll
[2009/04/02 19:02:29 | 00,141,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sessmgr.exe
[2009/04/02 19:02:29 | 00,087,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpwsx.dll
[2009/04/02 19:02:29 | 00,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdshost.exe
[2009/04/02 19:02:29 | 00,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpclip.exe
[2009/04/02 19:02:29 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\remotepg.dll
[2009/04/02 19:02:29 | 00,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscupgrd.exe
[2009/04/02 19:02:29 | 00,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscupgrd.exe
[2009/04/02 19:02:29 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cfgbkend.dll
[2009/04/02 19:02:29 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpsnd.dll
[2009/04/02 19:02:29 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qprocess.exe
[2009/04/02 19:02:29 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdsaddin.exe
[2009/04/02 19:02:29 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icaapi.dll
[2009/04/02 19:02:28 | 00,956,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtctm.dll
[2009/04/02 19:02:28 | 00,428,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcprx.dll
[2009/04/02 19:02:28 | 00,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcuiu.dll
[2009/04/02 19:02:28 | 00,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxoci.dll
[2009/04/02 19:02:28 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtclog.dll
[2009/04/02 19:02:28 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xolehlp.dll
[2009/04/02 19:02:28 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtc.exe
[2009/04/02 19:02:28 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc
[2009/04/02 19:02:27 | 01,267,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsvcs.dll
[2009/04/02 19:02:27 | 00,625,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvut.dll
[2009/04/02 19:02:27 | 00,539,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comuid.dll
[2009/04/02 19:02:27 | 00,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrv.dll
[2009/04/02 19:02:27 | 00,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clbcatex.dll
[2009/04/02 19:02:27 | 00,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvps.dll
[2009/04/02 19:02:27 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\colbact.dll
[2009/04/02 19:02:27 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Com
[2009/04/02 19:02:26 | 00,498,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clbcatq.dll
[2009/04/02 19:02:23 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\servdeps.dll
[2009/04/02 19:02:22 | 00,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmprops.dll
[2009/04/02 19:02:22 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\licwmi.dll
[2009/04/02 19:02:22 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmfutil.dll
[2009/04/02 19:02:19 | 00,040,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\termdd.sys
[2009/04/02 19:02:18 | 00,196,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rdpdr.sys
[2009/04/02 19:02:17 | 00,000,000 | R--D | C] -- C:\DOCUME~1\ALLUSE~1\Documents\My Videos
[2008/05/16 14:01:00 | 01,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2008/05/16 14:01:00 | 01,466,368 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2008/05/16 14:01:00 | 01,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2008/05/16 14:01:00 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008/05/16 14:01:00 | 00,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2005/08/07 23:19:00 | 00,038,400 | ---- | C] () -- C:\WINDOWS\System32\CTBURST.DLL
[2005/08/07 23:13:46 | 00,033,792 | R--- | C] ( ) -- C:\WINDOWS\System32\a3d.dll
[2005/06/07 14:10:50 | 00,070,656 | ---- | C] () -- C:\WINDOWS\System32\CTMMACTL.DLL
[2004/08/22 17:04:56 | 00,069,120 | ---- | C] () -- C:\WINDOWS\daemon.dll
[2004/08/10 13:00:00 | 00,000,573 | ---- | C] () -- C:\WINDOWS\win.ini
[2004/08/10 13:00:00 | 00,000,231 | ---- | C] () -- C:\WINDOWS\system.ini
[2003/03/21 10:56:12 | 00,000,194 | ---- | C] () -- C:\WINDOWS\System32\KILL.INI
[2003/01/07 15:05:08 | 00,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI

========== Files - Modified Within 30 Days ==========

[1 C:\WINDOWS\System32\*.tmp files]
[30 C:\WINDOWS\*.tmp files]
[2009/04/29 21:00:00 | 00,501,248 | ---- | M] (OldTimer Tools) -- C:\DOCUME~1\Bernie\Desktop\OTListIt2.exe
[2009/04/29 20:32:22 | 00,418,662 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/04/29 20:32:22 | 00,366,946 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/04/29 20:32:22 | 00,046,368 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/04/29 20:28:37 | 00,010,253 | ---- | M] () -- C:\WINDOWS\System32\Config.MPF
[2009/04/29 20:28:09 | 00,181,020 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2009/04/29 20:28:07 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/04/29 20:28:06 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/04/29 19:58:55 | 00,064,988 | ---- | M] () -- C:\WINDOWS\System32\DVCState-{00000007-00000000-0000000A-00001102-00000005-00231102}.rfx
[2009/04/29 19:58:55 | 00,055,432 | ---- | M] () -- C:\WINDOWS\System32\BMXStateBkp-{00000007-00000000-0000000A-00001102-00000005-00231102}.rfx
[2009/04/29 19:58:55 | 00,055,432 | ---- | M] () -- C:\WINDOWS\System32\BMXState-{00000007-00000000-0000000A-00001102-00000005-00231102}.rfx
[2009/04/29 19:58:55 | 00,001,080 | ---- | M] () -- C:\WINDOWS\System32\settingsbkup.sfm
[2009/04/29 19:58:55 | 00,001,080 | ---- | M] () -- C:\WINDOWS\System32\settings.sfm
[2009/04/29 19:56:15 | 00,001,734 | ---- | M] () -- C:\DOCUME~1\Bernie\Desktop\HijackThis.lnk
[2009/04/29 18:59:32 | 00,000,696 | ---- | M] () -- C:\DOCUME~1\ALLUSE~1\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/04/29 18:44:43 | 00,000,611 | ---- | M] () -- C:\DOCUME~1\Bernie\Desktop\NTREGOPT.lnk
[2009/04/29 18:44:43 | 00,000,592 | ---- | M] () -- C:\DOCUME~1\Bernie\Desktop\ERUNT.lnk
[2009/04/29 18:26:52 | 00,000,498 | ---- | M] () -- C:\WINDOWS\tasks\AdwareAlert Scheduled Scan.job
[2009/04/29 18:06:30 | 00,000,736 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2009/04/29 18:01:16 | 01,413,120 | ---- | M] (Option^Explicit Software Solutions) -- C:\DOCUME~1\Bernie\Desktop\winsockfix.exe
[2009/04/28 00:59:01 | 00,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2009/04/26 13:49:17 | 00,001,804 | ---- | M] () -- C:\DOCUME~1\ALLUSE~1\Desktop\iTunes.lnk
[2009/04/26 13:37:19 | 00,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/04/25 22:05:01 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/04/24 22:01:28 | 00,025,088 | ---- | M] () -- C:\Documents and Settings\Bernie\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/04/24 15:19:23 | 00,000,734 | ---- | M] () -- C:\DOCUME~1\ALLUSE~1\Desktop\Acrobat.com.lnk
[2009/04/24 15:18:32 | 00,001,729 | ---- | M] () -- C:\DOCUME~1\ALLUSE~1\Desktop\Adobe Reader 9.lnk
[2009/04/16 17:02:00 | 00,000,349 | ---- | M] () -- C:\DOCUME~1\ALLUSE~1\Documents\PCLECHAL.INI
[2009/04/15 15:50:53 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/04/15 01:35:30 | 00,000,342 | ---- | M] () -- C:\WINDOWS\tasks\McDefragTask.job
[2009/04/14 10:07:53 | 00,000,897 | ---- | M] () -- C:\DOCUME~1\ALLUSE~1\Desktop\RealPlayer.lnk
[2009/04/14 10:07:46 | 00,499,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcp71.dll
[2009/04/14 10:07:46 | 00,348,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcr71.dll
[2009/04/14 10:07:46 | 00,278,528 | ---- | M] (Real Networks, Inc) -- C:\WINDOWS\System32\pncrt.dll
[2009/04/12 10:12:25 | 00,001,619 | ---- | M] () -- C:\DOCUME~1\ALLUSE~1\Desktop\WS_FTP Pro.lnk
[2009/04/12 01:02:08 | 00,245,512 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/04/11 23:56:41 | 00,065,656 | ---- | M] () -- C:\Documents and Settings\Bernie\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009/04/11 17:44:25 | 00,001,807 | ---- | M] () -- C:\DOCUME~1\ALLUSE~1\Desktop\Macromedia Dreamweaver 8.lnk
[2009/04/08 20:12:43 | 00,000,606 | ---- | M] () -- C:\DOCUME~1\Bernie\Desktop\WinISO.lnk
[2009/04/07 13:48:56 | 00,000,898 | ---- | M] () -- C:\DOCUME~1\Bernie\Desktop\Shortcut to TubeHunter.lnk
[2009/04/06 15:57:24 | 24,921,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe
[2009/04/06 15:32:54 | 00,038,496 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/04/06 15:32:46 | 00,015,504 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/04/05 22:04:59 | 00,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.bak
[2009/04/05 19:16:23 | 00,043,062 | ---- | M] () -- C:\DOCUME~1\Bernie\My Documents\UserImages.bmp
[2009/04/05 19:03:25 | 00,000,104 | ---- | M] () -- C:\DOCUME~1\Bernie\Desktop\My Computer.lnk
[2009/04/05 13:08:11 | 00,001,821 | ---- | M] () -- C:\DOCUME~1\Bernie\Desktop\Cubase 4.lnk
[2009/04/04 18:53:33 | 00,000,712 | ---- | M] () -- C:\DOCUME~1\Bernie\Desktop\WaveLab.lnk
[2009/04/04 18:40:20 | 00,001,454 | ---- | M] () -- C:\DOCUME~1\ALLUSE~1\Desktop\GTR 3.lnk
[2009/04/04 18:36:04 | 00,025,148 | ---- | M] () -- C:\WINDOWS\unins000.dat
[2009/04/04 18:36:04 | 00,002,756 | ---- | M] () -- C:\WINDOWS\System32\ssolefw.dll
[2009/04/04 18:36:04 | 00,002,756 | ---- | M] () -- C:\WINDOWS\System32\sslibsd.dll
[2009/04/04 18:36:04 | 00,002,756 | ---- | M] () -- C:\WINDOWS\System32\sslibram.dll
[2009/04/04 18:36:04 | 00,002,756 | ---- | M] () -- C:\WINDOWS\System32\sslibqqe.dll
[2009/04/04 18:36:04 | 00,002,756 | ---- | M] () -- C:\WINDOWS\System32\sslibmmn.dll
[2009/04/04 18:36:04 | 00,002,756 | ---- | M] () -- C:\WINDOWS\System32\sslibgs.dll
[2009/04/04 18:36:04 | 00,002,756 | ---- | M] () -- C:\WINDOWS\System32\sslibddf.dll
[2009/04/04 18:36:04 | 00,002,756 | ---- | M] () -- C:\WINDOWS\System32\solekuy.dll
[2009/04/04 18:36:04 | 00,002,756 | ---- | M] () -- C:\WINDOWS\System32\solegeh.dll
[2009/04/04 18:35:40 | 00,678,746 | ---- | M] () -- C:\WINDOWS\unins000.exe
[2009/04/04 13:08:51 | 00,001,604 | ---- | M] () -- C:\DOCUME~1\ALLUSE~1\Desktop\QuickTime Player.lnk
[2009/04/03 16:39:25 | 00,000,376 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2009/04/03 16:39:11 | 00,000,573 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/04/03 16:31:26 | 00,000,685 | ---- | M] () -- C:\DOCUME~1\ALLUSE~1\Desktop\DAEMON Tools.lnk
[2009/04/03 16:29:13 | 00,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2009/04/03 16:17:38 | 00,250,048 | RHS- | M] () -- C:\ntldr
[2009/04/03 11:59:14 | 00,000,688 | ---- | M] () -- C:\DOCUME~1\Bernie\Desktop\Shortcut to hjsplit.lnk
[2009/04/03 00:11:00 | 00,001,690 | ---- | M] () -- C:\DOCUME~1\Bernie\Desktop\PerfectTablePlan 4.0.3.lnk
[2009/04/03 00:05:12 | 00,002,327 | ---- | M] () -- C:\DOCUME~1\ALLUSE~1\Desktop\Nero StartSmart.lnk
[2009/04/02 23:29:54 | 00,001,878 | ---- | M] () -- C:\DOCUME~1\ALLUSE~1\Desktop\Skype.lnk
[2009/04/02 23:27:07 | 00,001,732 | ---- | M] () -- C:\DOCUME~1\ALLUSE~1\Desktop\WinZip.lnk
[2009/04/02 23:27:07 | 00,001,660 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WinZip Quick Pick.lnk
[2009/04/02 23:21:20 | 00,001,918 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
[2009/04/02 23:07:37 | 00,000,077 | -HS- | M] () -- C:\DOCUME~1\Bernie\My Documents\desktop.ini
[2009/04/02 21:21:58 | 00,000,671 | ---- | M] () -- C:\DOCUME~1\ALLUSE~1\Desktop\McAfee Security Center.lnk
[2009/04/02 21:20:56 | 00,000,334 | ---- | M] () -- C:\WINDOWS\tasks\McQcTask.job
[2009/04/02 20:56:41 | 00,000,231 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/04/02 20:52:40 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\Bernie\Application Data\desktop.ini
[2009/04/02 20:52:40 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\desktop.ini
[2009/04/02 20:52:40 | 00,000,062 | -HS- | M] () -- C:\DOCUME~1\ALLUSE~1\Documents\desktop.ini
[2009/04/02 20:46:47 | 00,002,756 | ---- | M] () -- C:\WINDOWS\System32\sslibtth.dll
[2009/04/02 20:46:47 | 00,002,756 | ---- | M] () -- C:\WINDOWS\System32\sslibff.dll
[2009/04/02 20:46:47 | 00,002,756 | ---- | M] () -- C:\WINDOWS\System32\slibeh.dll
[2009/04/02 20:10:20 | 00,000,152 | ---- | M] () -- C:\WINDOWS\CoolPlay.ini
[2009/04/02 20:03:23 | 00,233,472 | ---- | M] (Creative Labs) -- C:\WINDOWS\System32\wrap_oal.dll
[2009/04/02 19:39:34 | 00,000,008 | ---- | M] () -- C:\WINDOWS\System32\nvModes.dat
[2009/04/02 19:11:44 | 00,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD
[2009/04/02 19:10:47 | 00,000,261 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2009/04/02 19:07:27 | 00,000,084 | -HS- | M] () -- C:\Documents and Settings\Bernie\Start Menu\Programs\Startup\desktop.ini
[2009/04/02 19:07:27 | 00,000,084 | -HS- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\desktop.ini
[2009/04/02 19:07:22 | 00,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2009/04/02 19:07:22 | 00,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2009/04/02 19:07:22 | 00,000,000 | RHS- | M] () -- C:\IO.SYS
[2009/04/02 19:07:22 | 00,000,000 | ---- | M] () -- C:\WINDOWS\control.ini
[2009/04/02 19:07:22 | 00,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2009/04/02 19:07:22 | 00,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2009/04/02 19:07:18 | 00,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2009/04/02 19:07:18 | 00,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2009/04/02 19:07:11 | 00,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2009/04/02 19:06:24 | 00,000,488 | RH-- | M] () -- C:\WINDOWS\System32\WindowsLogon.manifest
[2009/04/02 19:06:24 | 00,000,488 | RH-- | M] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2009/04/02 19:06:20 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\WindowsShell.Manifest
[2009/04/02 19:06:20 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2009/04/02 19:06:20 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2009/04/02 19:06:20 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2009/04/02 19:06:20 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2009/04/02 19:06:20 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2009/04/02 19:04:28 | 00,021,640 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009/04/02 19:04:19 | 00,000,037 | ---- | M] () -- C:\WINDOWS\vbaddin.ini
[2009/04/02 19:04:19 | 00,000,036 | ---- | M] () -- C:\WINDOWS\vb.ini
[2009/04/02 19:02:17 | 00,000,209 | -HS- | M] () -- C:\boot.ini
< End of report >



OTListIt Extras logfile created on: 29/04/2009 21:00:14 - Run 1
OTListIt2 by OldTimer - Version 2.0.14.0 Folder = C:\Documents and Settings\Bernie\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 100.00% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 239.56 Gb Total Space | 137.66 Gb Free Space | 57.46% Space Free | Partition Type: NTFS
Drive D: | 465.76 Gb Total Space | 40.94 Gb Free Space | 8.79% Space Free | Partition Type: NTFS
Drive E: | 226.20 Gb Total Space | 143.29 Gb Free Space | 63.35% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: DADS
Current User Name: Bernie
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 1
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"EnableFirewall" = 1

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe:*:Enabled:McAfee Network Agent (McAfee, Inc.)
%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 (Microsoft Corporation)
C:\Program Files\FlashGet\flashget.exe:*:Enabled:Flashget File not found
C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour (Apple Inc.)
C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype (Skype Technologies S.A.)
C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes (Apple Inc.)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{0837A661-FEC3-48B3-876C-91E7D32048A9}" = Macromedia Dreamweaver 8
"{18F11181-EA1A-42AE-AF89-4867C7F7A6FA}" = Sound Blaster X-Fi
"{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}" = QuickTime
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}" = Skype™ 4.0
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3DED3A72-61A8-4B87-98A5-EF0BC8038AA0}" = DAEMON Tools
"{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}" = Macromedia Extension Manager
"{5EFCBB42-36AB-4FF9-B90C-E78C7B9EE7B3}" = iTunes
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{84B2CF01-194D-2284-B313-F2E0D78D1033}" = Nero 7 Demo
"{865D9ED1-EAC2-436D-AFA7-0B750EB5AAAB}" = Steinberg HALionOne Studio Drum Set
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{AC76BA86-7AD7-1033-7B44-A90000000001}" = Adobe Reader 9
"{AC997F93-0757-4ED4-A701-F40C2D654D09}" = Steinberg HALionOne GM Drum Set
"{AD88355B-A4E0-4DA1-BAC3-EA4FEA930691}" = Ipswitch WS_FTP Pro
"{AFA20D47-69C3-4030-8DF8-D37466E70F13}" = Apple Mobile Device Support
"{b1adf008-e898-4fe2-8a1f-690d9a06acaf}" = DolbyFiles
"{b2ec4a38-b545-4a00-8214-13fe0e915e6d}" = Advertising Center
"{B737AB46-D37D-427B-9BF5-CBFF170BD200}_is1" = PerfectTablePlan 4.0.3
"{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}" = Nero ControlCenter
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240B7}" = WinZip 12.0
"{D23CBFDA-C46B-4920-BA70-FC7878A3F05A}" = Steinberg HALionOne Studio Set
"{D82CDA0D-C182-42C8-8FF2-5649C98D6003}" = Steinberg HALionOne Pro Set
"{E70E7159-93B1-470D-9FBD-D8E9EF34B538}" = Steinberg HALionOne
"{e8a80433-302b-4ff1-815d-fcc8eac482ff}" = Nero Installer
"{EFB21DE7-8C19-4A88-BB28-A766E16493BC}" = Adobe Photoshop CS
"{F057965A-D974-4C64-ADB1-4381CD4B8956}" = Steinberg HALionOne GM Set
"{f4041dce-3fe1-4e18-8a9e-9de65231ee36}" = Nero ControlCenter
"{F69FD33C-8815-46BF-9134-A643DE68F3C0}" = WinFast® Display Driver
"{FED7C046-6E28-4492-87F6-EF1BA20E1EC5}" = Steinberg Cubase 4
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Antares Autotune VST RTAS TDM_is1" = Antares Autotune VST RTAS TDM v5.08
"Antares Kantos v1.0" = Antares Kantos v1.0
"ArtsAcoustic Reverb" = ArtsAcoustic Reverb 1.2.0
"ASAPI Update" = ASAPI Update
"Cakewalk RgcAudio z3ta Plus v1.5.2 VSTi DXi" = Cakewalk RgcAudio z3ta Plus v1.5.2 VSTi DXi
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Combined Community Codec Pack_is1" = Combined Community Codec Pack 2008-09-21 16:18
"Creative Media Toolbox" = Creative Media Toolbox
"Dziobas Rar Player_is1" = Dziobas Rar Player 0.009.39
"Eraser_is1" = Eraser
"ERUNT_is1" = ERUNT 1.1j
"FabFilter Volcano VST RTAS_is1" = FabFilter Volcano VST RTAS v2.02
"GForce impOSCar v1.10 VSTi RTAS" = GForce impOSCar v1.10 VSTi RTAS
"HijackThis" = HijackThis 2.0.2
"Hypersonic" = Hypersonic
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"iZotope Ozone 4_is1" = iZotope Ozone 4
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MSC" = McAfee SecurityCenter
"NEC DISPLAY SOLUTIONS Drivers" = NEC DISPLAY SOLUTIONS: Monitor Installer
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Pro-sounds.Virus.Dream.Bank1" = Pro-sounds.Virus.Dream.Bank1
"RealPlayer 6.0" = RealPlayer
"reFX Vanguard_is1" = reFX Vanguard VSTi RTAS v1.8.0
"Sonalksis Plug-Ins for Windows_is1" = Sonalksis Plug-Ins for Windows 3.00
"Sonnox Oxford Inflator Native VST_is1" = Sonnox Oxford Inflator Native VST v1.5.1
"Sonnox Oxford Limiter Native VST_is1" = Sonnox Oxford Limiter Native VST v1.1.1
"Sonnox Oxford R3 Dynamics Native VST_is1" = Sonnox Oxford R3 Dynamics Native VST v1.3.1
"Sonnox Oxford R3 EQ Native VST_is1" = Sonnox Oxford R3 EQ Native VST v1.6.1
"Sonnox Oxford Reverb Native VST_is1" = Sonnox Oxford Reverb Native VST v1.0
"Sonnox Oxford TransMod Native VST_is1" = Sonnox Oxford TransMod Native VST v1.3.1
"Steinberg HALion 3 Demo" = Steinberg HALion 3 Demo
"Steinberg WaveLab 5.01b" = Steinberg WaveLab 5.01b
"Syncrosoft License Control" = Syncrosoft License Control
"SysInfo" = Creative System Information
"Waves GTR 3" = Waves GTR 3
"Waves Mercury Bundle" = Waves Mercury Bundle
"Waves SSL Collection v1.2" = Waves SSL Collection v1.2
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinISO_is1" = WinISO 5.3
"WinRAR archiver" = WinRAR archiver

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 29/04/2009 14:22:00 | Computer Name = DADS | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: This network connection does not exist.

Error - 29/04/2009 14:22:00 | Computer Name = DADS | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: This network connection does not exist.

Error - 29/04/2009 14:22:00 | Computer Name = DADS | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: This network connection does not exist.

Error - 29/04/2009 14:22:00 | Computer Name = DADS | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: This network connection does not exist.

Error - 29/04/2009 14:22:00 | Computer Name = DADS | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: This network connection does not exist.

Error - 29/04/2009 14:22:00 | Computer Name = DADS | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: This network connection does not exist.

Error - 29/04/2009 14:22:00 | Computer Name = DADS | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: This network connection does not exist.

Error - 29/04/2009 14:22:00 | Computer Name = DADS | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: This network connection does not exist.

Error - 29/04/2009 14:26:06 | Computer Name = DADS | Source = PerfNet | ID = 2004
Description = Unable to open the Server service. Server performance data will not
be returned. Error code returned is in data DWORD 0.

Error - 29/04/2009 14:26:06 | Computer Name = DADS | Source = PerfNet | ID = 2002
Description = Unable to open the Redirector service. Redirector performance data
will
not be returned. Error code returned is in data DWORD 0.

[ System Events ]
Error - 28/04/2009 17:50:24 | Computer Name = DADS | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk0\D.

Error - 28/04/2009 17:50:24 | Computer Name = DADS | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk0\D.

Error - 28/04/2009 17:50:24 | Computer Name = DADS | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk0\D.

Error - 28/04/2009 17:50:24 | Computer Name = DADS | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk0\D.

Error - 28/04/2009 17:50:24 | Computer Name = DADS | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk0\D.

Error - 28/04/2009 17:50:24 | Computer Name = DADS | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk0\D.

Error - 28/04/2009 17:50:24 | Computer Name = DADS | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk0\D.

Error - 28/04/2009 17:50:24 | Computer Name = DADS | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk0\D.

Error - 28/04/2009 17:50:24 | Computer Name = DADS | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk0\D.

Error - 28/04/2009 17:50:24 | Computer Name = DADS | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk0\D.


< End of report >


The following is the output from my HiJack This file:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:03:10, on 29/04/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE
C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe
C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe
C:\WINDOWS\CTHELPER.EXE
C:\WINDOWS\system32\CTXFIHLP.EXE
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Eraser\eraser.exe
C:\WINDOWS\SYSTEM32\CTXFISPI.EXE
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Creative\ShareDLL\CADI\NotiMan.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
c:\PROGRA~1\mcafee\VIRUSS~1\mcvsshld.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Bernie\Desktop\OTListIt2.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Ipswitch.WsftpBrowserHelper - {601ED020-FB6C-11D3-87D8-0050DA59922B} - C:\Program Files\Ipswitch\WS_FTP Pro\wsbho2k0.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [CTDVDDET] "C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE"
O4 - HKLM\..\Run: [RCSystem] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" RCSystem * -Startup
O4 - HKLM\..\Run: [AudioDrvEmulator] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll"
O4 - HKLM\..\Run: [VolPanel] "C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe" /r
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Eraser] C:\Program Files\Eraser\eraser.exe -hide
O4 - HKCU\..\Run: [AdwareAlert] C:\Program Files\AdwareAlert\AdwareAlert.exe -boot
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: WinFast® Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 8891 bytes


I hope this is enough for someone to start helping? Many thanks
  • 0

Advertisements

#2
bd7447
Posted 30 April 2009 - 11:09 AM

bd7447

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts
Thanks guys, I think I have managed to fix the problem (with a little help from the previous advice of you great guys on previous threads.

I disabled my anti-virus and ran 'Combofix'. This cleared a lot of junk, including root infections. Afterwards I was able to run Malwarebytes, which cleaned a couple of other things.

Everything seems to be back to normal at the moment.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP