Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Google redirect virus and ad pop ups

Started by plywoodhall , Aug 08 2010 12:43 PM

  • This topic is locked This topic is locked

#1
plywoodhall
Posted 08 August 2010 - 12:43 PM

plywoodhall

    Member

  • Member
  • PipPip
  • 18 posts
I've tried every malware removal tool and antivirus, nothing. The virus is a pain, everytime i click google links or even other websites live vimeo it redirects to an ad website, not the website i intended. I did a scan with Hijack this, here is the log file:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:41:48, on 08/08/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.21256)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\LClock\LClock.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\NeoSmart Technologies\ToolTipFixer\ToolTipFixer.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Java\jre6\bin\jucheck.exe
C:\Documents and Settings\Kyle\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Kyle\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Kyle\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Kyle\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Kyle\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ask.com?o=15153&l=dis
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /installquiet
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LClock] C:\Program Files\LClock\LClock.exe
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Kyle\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [LClock] C:\Program Files\LClock\LClock.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm
O9 - Extra button: &Virtual keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ToolTipFixer - NeoSmart Technologies - C:\Program Files\NeoSmart Technologies\ToolTipFixer\ToolTipFixer.exe

--
End of file - 7073 bytes

Thanks

Edited by admin, 08 August 2010 - 05:32 PM.

  • 0

Advertisements

#2
hammerman
Posted 08 August 2010 - 01:00 PM

hammerman

    Member 4k

  • Member
  • PipPipPipPipPipPipPip
  • 4,183 posts
Hello plywoodhall and welcome to GeeksToGo :)
I'm hammerman and I'm going to help you fix your problem.

Before we begin, here are some guidelines which will help us both in fixing your problem.
  • Malware removal is not instantaneous and will take a number of steps to complete. Please continue to carry out the steps requested until I let you know that your computer appears clean.
  • Please do not attach logs or post them in Quote/Code boxes unless requested.
  • I suggest you print or save any instructions I give you for easy reference. We may be using Safe mode and you will not always be able to access this thread. You can copy and paste these instructions into Notepad and then save the text file to your Desktop. If you need any help with this or further clarification, please let me know.
  • When posting logs, please ensure Word Wrap is turned off in Notepad. Open Notepad, select Format on the menu bar and make sure that Word Wrap is unchecked.
  • Please follow the steps exactly in the same order posted. If you can't perform a certain step, or you're unsure on what to do, please stop and let me know.
  • If in doubt about anything, please ask.
Please follow these steps.

-- Step 1 --
  • Download OTL to your desktop.
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • Under the Custom Scan box paste this in


    netsvcs
    drivers32
    %SYSTEMDRIVE%\*.*
    %systemroot%\system32\*.wt
    %systemroot%\system32\*.ruy
    %systemroot%\Fonts\*.com
    %systemroot%\Fonts\*.dll
    %systemroot%\Fonts\*.ini
    %systemroot%\Fonts\*.ini2
    %systemroot%\Fonts\*.exe
    %systemroot%\system32\spool\prtprocs\w32x86\*.*
    %systemroot%\REPAIR\*.bak1
    %systemroot%\REPAIR\*.ini
    %systemroot%\system32\*.jpg
    %systemroot%\*.jpg
    %systemroot%\*.png
    %systemroot%\*.scr
    %systemroot%\*._sy
    %APPDATA%\Adobe\Update\*.*
    %ALLUSERSPROFILE%\Favorites\*.*
    %APPDATA%\Microsoft\*.*
    %PROGRAMFILES%\*.*
    %APPDATA%\Update\*.*
    %ALLUSERSPROFILE%\Application Data\*.
    %ALLUSERSPROFILE%\Application Data\*.exe /s
    %APPDATA%\*.
    %APPDATA%\*.exe /s
    %systemroot%\*. /mp /s
    CREATERESTOREPOINT
    %systemroot%\System32\config\*.sav
    HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs

  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan won't take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply. You may need two posts to fit them all in.
-- Step 2 --

Download the GMER Rootkit Scanner. Unzip it to your Desktop.

Before scanning, make sure all other running programs are closed and no other actions like a scheduled antivirus scan will occur while the scan is being performed. Do not use your computer for anything else during the scan.

Double-click gmer.exe. The program will begin to run.

**Caution**
These types of scans can produce false positives. Do NOT take any action on any "<--- ROOKIT" entries unless advised!

If possible rootkit activity is found, you will be asked if you would like to perform a full scan.
  • Click NO
  • In the right panel, you will see a bunch of boxes that have been checked. UNCHECK the following boxes
    • Sections
    • IAT/EAT
    • Drives/Partition other than System drive (typically C:\)
    • Show all (important)
  • Now click the Scan button.
    Once the scan is complete, you may receive another notice about rootkit activity.
  • Click OK.
  • GMER will produce a log. Click on the [Save..] button, and in the File name area, type in "GMER.txt"
  • Save it where you can easily find it, such as your desktop.
Post the contents of GMER.txt in your next reply.
  • 0

#3
plywoodhall
Posted 08 August 2010 - 01:41 PM

plywoodhall

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts
Here is the OTL file:

OTL logfile created on: 08/08/2010 15:06:27 - Run 1
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Documents and Settings\Kyle\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 68.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 87.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 465.75 Gb Total Space | 455.71 Gb Free Space | 97.84% Space Free | Partition Type: NTFS
Drive D: | 618.51 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: KYLE-76C8D87336
Current User Name: Kyle
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\Kyle\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Java\jre6\bin\jucheck.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe (Kaspersky Lab)
PRC - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtblfs.exe (Kaspersky Lab)
PRC - C:\Program Files\NeoSmart Technologies\ToolTipFixer\ToolTipFixer.exe (NeoSmart Technologies)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\LClock\LClock.exe ()


========== Modules (SafeList) ==========

MOD - C:\Documents and Settings\Kyle\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (AVP) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe (Kaspersky Lab)
SRV - (ToolTipFixer) -- C:\Program Files\NeoSmart Technologies\ToolTipFixer\ToolTipFixer.exe (NeoSmart Technologies)


========== Driver Services (SafeList) ==========

DRV - (KLIF) -- C:\WINDOWS\system32\drivers\klif.sys (Kaspersky Lab)
DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation)
DRV - (MBAMProtector) -- C:\WINDOWS\system32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (klbg) -- C:\WINDOWS\system32\drivers\klbg.sys (Kaspersky Lab)
DRV - (klmouflt) -- C:\WINDOWS\system32\drivers\klmouflt.sys (Kaspersky Lab)
DRV - (klim5) -- C:\WINDOWS\system32\drivers\klim5.sys (Kaspersky Lab)
DRV - (kl1) -- C:\WINDOWS\system32\drivers\kl1.sys (Kaspersky Lab)
DRV - (nvatabus) -- C:\WINDOWS\System32\drivers\nvatabus.sys (NVIDIA Corporation)
DRV - (RTLE8023xp) -- C:\WINDOWS\system32\drivers\Rtenicxp.sys (Realtek Semiconductor Corporation )
DRV - (61883) -- C:\WINDOWS\system32\drivers\61883.sys (Microsoft Corporation)
DRV - (Avc) -- C:\WINDOWS\system32\drivers\avc.sys (Microsoft Corporation)
DRV - (MSTAPE) -- C:\WINDOWS\system32\drivers\mstape.sys (Microsoft Corporation)
DRV - (AVCSTRM) -- C:\WINDOWS\system32\drivers\avcstrm.sys (Microsoft Corporation)
DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows ® Server 2003 DDK provider)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (irsir) -- C:\WINDOWS\system32\drivers\irsir.sys (Microsoft Corporation)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.ask.com?o=15153&l=dis
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "yahoo.com"
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:9.0.0.736
FF - prefs.js..keyword.URL: "http://websearch.ask...=YYYYYYYYUS&q="

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/08/07 20:16:34 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/08/07 20:16:33 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\THBExt [2010/08/04 17:34:48 | 000,000,000 | ---D | M]

[2010/08/04 16:33:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kyle\Application Data\Mozilla\Extensions
[2010/08/08 13:41:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kyle\Application Data\Mozilla\Firefox\Profiles\6h7n2cl4.default\extensions
[2010/08/05 13:21:11 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Kyle\Application Data\Mozilla\Firefox\Profiles\6h7n2cl4.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/08/04 20:31:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kyle\Application Data\Mozilla\Firefox\Profiles\6h7n2cl4.default\extensions\[email protected]
[2010/08/08 01:16:35 | 000,002,567 | ---- | M] () -- C:\Documents and Settings\Kyle\Application Data\Mozilla\Firefox\Profiles\6h7n2cl4.default\searchplugins\askcom.xml
[2010/08/08 13:41:27 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/08/04 17:35:15 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\[email protected]

O1 HOSTS File: ([2001/08/23 05:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll (Kaspersky Lab)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe (Kaspersky Lab)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe ()
O4 - HKLM..\Run: [SkyTel] C:\WINDOWS\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKCU..\Run: [LClock] C:\Program Files\LClock\LClock.exe ()
O4 - HKCU..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm ()
O9 - Extra Button: &Virtual keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab)
O9 - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.109.64.53 213.109.73.74 1.1.1.1
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\mzvkbd3.dll (Kaspersky Lab)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\kloehk.dll (Kaspersky Lab)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\klogon: DllName - C:\WINDOWS\system32\klogon.dll - C:\WINDOWS\system32\klogon.dll (Kaspersky Lab)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/08/04 19:18:10 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [1999/09/16 00:18:24 | 000,000,766 | R--- | M] () - D:\AUTORUN.ICO -- [ CDFS ]
O32 - AutoRun File - [2000/06/22 21:57:20 | 000,000,045 | R--- | M] () - D:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.ffds - C:\Program Files\Combined Community Codec Pack\Filters\FFDShow\ff_vfw.dll ()
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (17746534284132352)

========== Files/Folders - Created Within 30 Days ==========

[2010/08/08 15:04:35 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Kyle\Desktop\OTL.exe
[2010/08/08 14:59:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kyle\Local Settings\Application Data\ApplicationHistory
[2010/08/08 14:59:18 | 000,000,000 | ---D | C] -- C:\Program Files\PhotomatixPro3
[2010/08/08 14:55:32 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2010/08/08 14:46:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Macrovision Shared
[2010/08/08 12:18:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kyle\Local Settings\Application Data\Temp
[2010/08/08 12:17:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kyle\Local Settings\Application Data\Google
[2010/08/07 20:23:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kyle\Application Data\MPEG Streamclip
[2010/08/07 20:17:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kyle\Application Data\Apple Computer
[2010/08/07 20:16:13 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2010/08/07 20:16:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
[2010/08/07 20:16:00 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2010/08/07 20:15:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kyle\Local Settings\Application Data\Apple
[2010/08/07 20:15:35 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2010/08/07 20:15:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple
[2010/08/07 20:15:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kyle\Local Settings\Application Data\Apple Computer
[2010/08/07 00:16:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kyle\Application Data\Publish Providers
[2010/08/07 00:15:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kyle\My Documents\Vegas Movie Studio PE 9.0 Projects
[2010/08/07 00:15:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kyle\Local Settings\Application Data\Sony
[2010/08/07 00:15:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kyle\Application Data\Sony
[2010/08/07 00:13:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kyle\My Documents\videos
[2010/08/06 12:07:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kyle\Local Settings\Application Data\Adobe
[2010/08/06 12:07:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun
[2010/08/05 19:54:37 | 000,265,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\http.sys
[2010/08/05 19:21:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kyle\Application Data\Media Player Classic
[2010/08/05 19:21:18 | 000,000,000 | ---D | C] -- C:\Program Files\MPC HomeCinema
[2010/08/05 18:34:52 | 000,000,000 | ---D | C] -- C:\Program Files\Combined Community Codec Pack
[2010/08/05 18:33:48 | 001,083,904 | ---- | C] (Squared 5) -- C:\Documents and Settings\Kyle\Desktop\MPEG_Streamclip.exe
[2010/08/05 14:12:44 | 000,090,112 | ---- | C] (MindVision Software) -- C:\WINDOWS\unvise32.exe
[2010/08/05 14:12:37 | 000,000,000 | ---D | C] -- C:\Program Files\Magic Bullet Editors 2.0 Vegas
[2010/08/05 14:11:22 | 000,000,000 | ---D | C] -- C:\Program Files\Vstplugins
[2010/08/05 14:11:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sony
[2010/08/05 14:11:16 | 000,000,000 | ---D | C] -- C:\Program Files\Sony
[2010/08/05 14:10:49 | 000,000,000 | ---D | C] -- C:\Program Files\Sony Setup
[2010/08/05 13:30:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kyle\Application Data\vlc
[2010/08/05 13:27:24 | 000,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstee.sys
[2010/08/05 13:27:21 | 000,010,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndisip.sys
[2010/08/05 13:27:20 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipsink.ax
[2010/08/05 13:27:20 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipsink.ax
[2010/08/05 13:27:20 | 000,015,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\streamip.sys
[2010/08/05 13:27:19 | 000,011,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\slip.sys
[2010/08/05 13:27:17 | 000,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wstcodec.sys
[2010/08/05 13:27:15 | 000,085,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nabtsfec.sys
[2010/08/05 13:27:13 | 000,017,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ccdecode.sys
[2010/08/05 13:27:09 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kswdmcap.ax
[2010/08/05 13:27:09 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kswdmcap.ax
[2010/08/05 13:27:09 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kstvtune.ax
[2010/08/05 13:27:09 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kstvtune.ax
[2010/08/05 13:27:09 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vfwwdm32.dll
[2010/08/05 13:27:09 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vfwwdm32.dll
[2010/08/05 13:27:09 | 000,049,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mstape.sys
[2010/08/05 13:27:09 | 000,049,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstape.sys
[2010/08/05 13:27:09 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksxbar.ax
[2010/08/05 13:27:09 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksxbar.ax
[2010/08/05 13:27:09 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vidcap.ax
[2010/08/05 13:27:09 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vidcap.ax
[2010/08/05 13:27:09 | 000,013,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\avcstrm.sys
[2010/08/05 13:27:09 | 000,013,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avcstrm.sys
[2010/08/05 13:27:04 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\avc.sys
[2010/08/05 13:27:04 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avc.sys
[2010/08/05 13:27:00 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\61883.sys
[2010/08/05 13:27:00 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\61883.sys
[2010/08/05 13:26:12 | 000,483,328 | ---- | C] (Paviko) -- C:\Documents and Settings\Kyle\Desktop\HDVSplit.exe
[2010/08/05 10:05:46 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\Kyle\Desktop\HijackThis.exe
[2010/08/04 21:45:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\KB905474
[2010/08/04 21:32:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie7updates
[2010/08/04 21:32:16 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$
[2010/08/04 20:05:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles
[2010/08/04 19:47:33 | 000,026,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbstor.sys
[2010/08/04 19:37:12 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msyuv.dll
[2010/08/04 19:37:04 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iyuv_32.dll
[2010/08/04 19:37:04 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsbyuv.dll
[2010/08/04 19:36:49 | 000,459,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2010/08/04 19:36:49 | 000,268,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2010/08/04 19:36:49 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icardie.dll
[2010/08/04 19:36:49 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2010/08/04 19:36:49 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieudinit.exe
[2010/08/04 19:36:48 | 002,452,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieapfltr.dat
[2010/08/04 19:36:48 | 000,991,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll.mui
[2010/08/04 19:36:48 | 000,380,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieapfltr.dll
[2010/08/04 19:36:47 | 006,071,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2010/08/04 19:35:55 | 000,455,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys
[2010/08/04 19:34:18 | 002,189,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe
[2010/08/04 19:34:18 | 002,146,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe
[2010/08/04 19:34:17 | 002,024,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe
[2010/08/04 19:30:32 | 000,108,800 | R--- | C] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\System32\drivers\Rtenicxp.sys
[2010/08/04 19:30:32 | 000,009,728 | R--- | C] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\System32\RtNicProp32.dll
[2010/08/04 19:30:22 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2010/08/04 19:30:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\OPTIONS
[2010/08/04 19:30:21 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2010/08/04 19:30:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kyle\Application Data\InstallShield
[2010/08/04 19:28:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kyle\Application Data\Identities
[2010/08/04 19:28:15 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Kyle\My Documents\My Pictures
[2010/08/04 19:28:15 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Kyle\My Documents\My Music
[2010/08/04 19:28:15 | 000,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
[2010/08/04 19:27:52 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Kyle\Local Settings\Application Data\Microsoft
[2010/08/04 19:27:52 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Kyle\Application Data\Microsoft
[2010/08/04 19:27:52 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Kyle\SendTo
[2010/08/04 19:27:52 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Kyle\Recent
[2010/08/04 19:27:52 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Kyle\Application Data
[2010/08/04 19:27:52 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Kyle\Start Menu
[2010/08/04 19:27:52 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Kyle\My Documents
[2010/08/04 19:27:52 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Kyle\Favorites
[2010/08/04 19:27:52 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Kyle\Cookies
[2010/08/04 19:27:52 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Kyle\Templates
[2010/08/04 19:27:52 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Kyle\PrintHood
[2010/08/04 19:27:52 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Kyle\NetHood
[2010/08/04 19:27:52 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Kyle\Local Settings
[2010/08/04 19:27:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kyle\Application Data\Sun
[2010/08/04 19:27:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kyle\Desktop
[2010/08/04 19:27:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kyle\7zSC2B.tmp
[2010/08/04 19:27:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kyle\7zSA49.tmp
[2010/08/04 19:27:08 | 000,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft
[2010/08/04 19:27:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2010/08/04 19:26:23 | 000,000,000 | --SD | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2010/08/04 19:26:23 | 000,000,000 | --SD | C] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2010/08/04 19:25:11 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winzm.ime
[2010/08/04 19:25:11 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winsp.ime
[2010/08/04 19:25:11 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winpy.ime
[2010/08/04 19:25:11 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wingb.ime
[2010/08/04 19:25:11 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winime.ime
[2010/08/04 19:25:10 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winar30.ime
[2010/08/04 19:25:10 | 000,041,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.dll
[2010/08/04 19:25:10 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.sys
[2010/08/04 19:25:09 | 000,364,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3svc.dll
[2010/08/04 19:25:09 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wam51.dll
[2010/08/04 19:25:09 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ext.dll
[2010/08/04 19:25:09 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamreg51.dll
[2010/08/04 19:25:09 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamps51.dll
[2010/08/04 19:25:09 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3svapi.dll
[2010/08/04 19:25:09 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ctrs51.dll
[2010/08/04 19:25:08 | 000,426,041 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicepad.dll
[2010/08/04 19:25:08 | 000,086,073 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicesub.dll
[2010/08/04 19:25:08 | 000,048,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32.dll
[2010/08/04 19:25:07 | 000,103,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uihelper.dll
[2010/08/04 19:25:07 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniime.dll
[2010/08/04 19:25:07 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unicdime.ime
[2010/08/04 19:25:06 | 000,571,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlgnt.ime
[2010/08/04 19:25:06 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintsetp.exe
[2010/08/04 19:25:06 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlphr.exe
[2010/08/04 19:25:06 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tools.dll
[2010/08/04 19:25:06 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe
[2010/08/04 19:25:06 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmigrate.dll
[2010/08/04 19:25:05 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\thawbrkr.dll
[2010/08/04 19:25:05 | 000,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdipx.sys
[2010/08/04 19:25:05 | 000,019,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdspx.sys
[2010/08/04 19:25:05 | 000,013,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdasync.sys
[2010/08/04 19:25:04 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusbusd.dll
[2010/08/04 19:25:04 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\svcext51.dll
[2010/08/04 19:25:04 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sspifilt.dll
[2010/08/04 19:25:04 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ssinc51.dll
[2010/08/04 19:25:04 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\status.dll
[2010/08/04 19:25:03 | 000,143,422 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\softkey.dll
[2010/08/04 19:25:02 | 000,456,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpsvc.dll
[2010/08/04 19:25:02 | 000,358,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpincl.dll
[2010/08/04 19:25:02 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpcl.dll
[2010/08/04 19:25:02 | 000,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpsmir.dll
[2010/08/04 19:25:02 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpthrd.dll
[2010/08/04 19:25:02 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmp.exe
[2010/08/04 19:25:02 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpstup.dll
[2010/08/04 19:25:02 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmptrap.exe
[2010/08/04 19:25:02 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll
[2010/08/04 19:25:02 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpmib.dll
[2010/08/04 19:25:01 | 000,236,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smi2smir.exe
[2010/08/04 19:25:01 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm9aw.dll
[2010/08/04 19:25:01 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb6w.dll
[2010/08/04 19:25:01 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma3w.dll
[2010/08/04 19:25:01 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm93w.dll
[2010/08/04 19:25:01 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm92w.dll
[2010/08/04 19:25:01 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm90w.dll
[2010/08/04 19:25:01 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsm.dll
[2010/08/04 19:25:01 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll
[2010/08/04 19:25:01 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpapi.dll
[2010/08/04 19:25:01 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smimsgif.dll
[2010/08/04 19:25:01 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsy.dll
[2010/08/04 19:25:00 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm87w.dll
[2010/08/04 19:25:00 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm81w.dll
[2010/08/04 19:25:00 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8cw.dll
[2010/08/04 19:25:00 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8dw.dll
[2010/08/04 19:25:00 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8aw.dll
[2010/08/04 19:25:00 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm89w.dll
[2010/08/04 19:25:00 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm59w.dll
[2010/08/04 19:25:00 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\simptcp.dll
[2010/08/04 19:24:58 | 000,221,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\seo.dll
[2010/08/04 19:24:58 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_scripto.dll
[2010/08/04 19:24:58 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seos.dll
[2010/08/04 19:24:57 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2010/08/04 19:24:57 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2010/08/04 19:24:57 | 000,029,184 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll
[2010/08/04 19:24:57 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rw001ext.dll
[2010/08/04 19:24:57 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\romanime.ime
[2010/08/04 19:24:57 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rwnh.dll
[2010/08/04 19:24:57 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcref.dll
[2010/08/04 19:24:56 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe
[2010/08/04 19:24:56 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe
[2010/08/04 19:24:55 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quick.ime
[2010/08/04 19:24:55 | 000,020,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ramdisk.sys
[2010/08/04 19:24:55 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quser.exe
[2010/08/04 19:24:55 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe
[2010/08/04 19:24:55 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pwsdata.dll
[2010/08/04 19:24:54 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxviceo.dll
[2010/08/04 19:24:54 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlphr.exe
[2010/08/04 19:24:54 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmigrate.dll
[2010/08/04 19:24:54 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxmcro.dll
[2010/08/04 19:24:54 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxgl.dll
[2010/08/04 19:24:53 | 000,482,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlgnt.ime
[2010/08/04 19:24:53 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phon.ime
[2010/08/04 19:24:53 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlcsd.dll
[2010/08/04 19:24:53 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pagecnt.dll
[2010/08/04 19:24:53 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\permchk.dll
[2010/08/04 19:24:53 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs804.dll
[2010/08/04 19:24:52 | 000,036,927 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs411.dll
[2010/08/04 19:24:52 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs404.dll
[2010/08/04 19:24:52 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs412.dll
[2010/08/04 19:24:51 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nsepm.dll
[2010/08/04 19:24:51 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll
[2010/08/04 19:24:50 | 000,229,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\multibox.dll
[2010/08/04 19:24:50 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nextlink.dll
[2010/08/04 19:24:49 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtstocom.exe
[2010/08/04 19:24:48 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msiregmv.exe
[2010/08/04 19:24:47 | 001,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.lex
[2010/08/04 19:24:47 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.dll
[2010/08/04 19:24:44 | 000,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.sys
[2010/08/04 19:24:44 | 000,092,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.dll
[2010/08/04 19:24:44 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\metada51.dll
[2010/08/04 19:24:44 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migregdb.exe
[2010/08/04 19:24:43 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll
[2010/08/04 19:24:43 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\md5filt.dll
[2010/08/04 19:24:43 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mdsync.dll
[2010/08/04 19:24:43 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lpdsvc.dll
[2010/08/04 19:24:43 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lprmon.dll
[2010/08/04 19:24:43 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lonsint.dll
[2010/08/04 19:24:42 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lmmib2.dll
[2010/08/04 19:24:42 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logscrpt.dll
[2010/08/04 19:24:41 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\korwbrkr.dll
[2010/08/04 19:24:41 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecat.dll
[2010/08/04 19:24:41 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecnt.dll
[2010/08/04 19:24:41 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth3.dll
[2010/08/04 19:24:41 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth2.dll
[2010/08/04 19:24:41 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdvntc.dll
[2010/08/04 19:24:41 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdusa.dll
[2010/08/04 19:24:41 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdurdu.dll
[2010/08/04 19:24:41 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth1.dll
[2010/08/04 19:24:41 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth0.dll
[2010/08/04 19:24:41 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr2.dll
[2010/08/04 19:24:41 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr1.dll
[2010/08/04 19:24:40 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnec95.dll
[2010/08/04 19:24:40 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdibm02.dll
[2010/08/04 19:24:40 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41a.dll
[2010/08/04 19:24:40 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41j.dll
[2010/08/04 19:24:40 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinpun.dll
[2010/08/04 19:24:40 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintel.dll
[2010/08/04 19:24:40 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintam.dll
[2010/08/04 19:24:40 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinmar.dll
[2010/08/04 19:24:40 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinkan.dll
[2010/08/04 19:24:40 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinhin.dll
[2010/08/04 19:24:40 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinguj.dll
[2010/08/04 19:24:40 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdindev.dll
[2010/08/04 19:24:40 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdheb.dll
[2010/08/04 19:24:40 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdfa.dll
[2010/08/04 19:24:40 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgeo.dll
[2010/08/04 19:24:39 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iscomlog.dll
[2010/08/04 19:24:39 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jupiw.dll
[2010/08/04 19:24:39 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iwrps.dll
[2010/08/04 19:24:39 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdax2.dll
[2010/08/04 19:24:39 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd106n.dll
[2010/08/04 19:24:39 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101a.dll
[2010/08/04 19:24:39 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101.dll
[2010/08/04 19:24:39 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv2.dll
[2010/08/04 19:24:39 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv1.dll
[2010/08/04 19:24:39 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda3.dll
[2010/08/04 19:24:39 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda2.dll
[2010/08/04 19:24:39 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda1.dll
[2010/08/04 19:24:39 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarmw.dll
[2010/08/04 19:24:39 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarme.dll
[2010/08/04 19:24:38 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infocomm.dll
[2010/08/04 19:24:38 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iprip.dll
[2010/08/04 19:24:38 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetin51.exe
[2010/08/04 19:24:38 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infoctrs.dll
[2010/08/04 19:24:38 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isapips.dll
[2010/08/04 19:24:37 | 000,471,102 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskdic.dll
[2010/08/04 19:24:37 | 000,315,455 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskf.dll
[2010/08/04 19:24:37 | 000,274,489 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputyc.dll
[2010/08/04 19:24:37 | 000,262,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputy.exe
[2010/08/04 19:24:37 | 000,102,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imlang.dll
[2010/08/04 19:24:37 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imkrinst.exe
[2010/08/04 19:24:37 | 000,045,109 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpuex.exe
[2010/08/04 19:24:36 | 000,716,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcus.dll
[2010/08/04 19:24:36 | 000,368,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcic.dll
[2010/08/04 19:24:36 | 000,307,257 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.exe
[2010/08/04 19:24:36 | 000,233,527 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjprw.exe
[2010/08/04 19:24:36 | 000,208,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpmig.exe
[2010/08/04 19:24:36 | 000,155,705 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdsvr.exe
[2010/08/04 19:24:36 | 000,081,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.dll
[2010/08/04 19:24:36 | 000,057,398 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdadm.exe
[2010/08/04 19:24:35 | 000,811,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81k.dll
[2010/08/04 19:24:35 | 000,340,023 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81.ime
[2010/08/04 19:24:35 | 000,311,359 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsv.exe
[2010/08/04 19:24:35 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrcic.dll
[2010/08/04 19:24:35 | 000,102,463 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsm.dll
[2010/08/04 19:24:35 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekr61.ime
[2010/08/04 19:24:35 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmbx.dll
[2010/08/04 19:24:35 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmig.exe
[2010/08/04 19:24:35 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iissync.exe
[2010/08/04 19:24:35 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iismui.dll
[2010/08/04 19:24:34 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iische51.dll
[2010/08/04 19:24:34 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iislog51.dll
[2010/08/04 19:24:34 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisclex4.dll
[2010/08/04 19:24:34 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisadmin.dll
[2010/08/04 19:24:34 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iiscrmap.dll
[2010/08/04 19:24:34 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisfecnv.dll
[2010/08/04 19:24:31 | 010,129,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxkor.dll
[2010/08/04 19:24:26 | 010,096,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxcht.dll
[2010/08/04 19:24:25 | 000,268,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpext.dll
[2010/08/04 19:24:25 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpod51.dll
[2010/08/04 19:24:25 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hostmib.dll
[2010/08/04 19:24:25 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hanjadic.dll
[2010/08/04 19:24:25 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpmb51.dll
[2010/08/04 19:24:24 | 000,400,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsxp32.dll
[2010/08/04 19:24:24 | 000,192,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxswzrd.dll
[2010/08/04 19:24:24 | 000,154,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsui.dll
[2010/08/04 19:24:24 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gzip.dll
[2010/08/04 19:24:23 | 000,562,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsst.dll
[2010/08/04 19:24:23 | 000,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxstiff.dll
[2010/08/04 19:24:23 | 000,285,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscomex.dll
[2010/08/04 19:24:23 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssvc.exe
[2010/08/04 19:24:23 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxst30.dll
[2010/08/04 19:24:23 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscover.exe
[2010/08/04 19:24:23 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscom.dll
[2010/08/04 19:24:23 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsevent.dll
[2010/08/04 19:24:23 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsroute.dll
[2010/08/04 19:24:23 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsdrv.dll
[2010/08/04 19:24:23 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsmon.dll
[2010/08/04 19:24:23 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsext32.dll
[2010/08/04 19:24:23 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssend.exe
[2010/08/04 19:24:23 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsperf.dll
[2010/08/04 19:24:23 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsres.dll
[2010/08/04 19:24:22 | 000,451,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsapi.dll
[2010/08/04 19:24:22 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclnt.exe
[2010/08/04 19:24:22 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclntr.dll
[2010/08/04 19:24:22 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpsv251.dll
[2010/08/04 19:24:22 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscfgwz.dll
[2010/08/04 19:24:22 | 000,020,541 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmdll.dll
[2010/08/04 19:24:22 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpctrs2.dll
[2010/08/04 19:24:22 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpmib.dll
[2010/08/04 19:24:22 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftlx041e.dll
[2010/08/04 19:24:21 | 000,618,605 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4autl.dll
[2010/08/04 19:24:21 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntwin.exe
[2010/08/04 19:24:21 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll
[2010/08/04 19:24:21 | 000,024,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmcgi.exe
[2010/08/04 19:24:21 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe
[2010/08/04 19:24:21 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\exstrace.dll
[2010/08/04 19:24:21 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\f3ahvoas.dll
[2010/08/04 19:24:20 | 000,514,587 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\edb500.dll
[2010/08/04 19:24:20 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntagnt.dll
[2010/08/04 19:24:20 | 000,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll
[2010/08/04 19:24:20 | 000,045,056 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll
[2010/08/04 19:24:20 | 000,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll
[2010/08/04 19:24:20 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\et4000.sys
[2010/08/04 19:24:20 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntcmd.exe
[2010/08/04 19:24:17 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dayi.ime
[2010/08/04 19:24:17 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\davcdata.exe
[2010/08/04 19:24:17 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cprofile.exe
[2010/08/04 19:24:16 | 000,057,399 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cplexe.exe
[2010/08/04 19:24:16 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\convlog.exe
[2010/08/04 19:24:16 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\controt.dll
[2010/08/04 19:24:16 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\counters.dll
[2010/08/04 19:24:15 | 000,480,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintsetp.exe
[2010/08/04 19:24:15 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\compfilt.dll
[2010/08/04 19:24:15 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintlgnt.ime
[2010/08/04 19:24:14 | 001,677,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chsbrkr.dll
[2010/08/04 19:24:14 | 000,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtbrkr.dll
[2010/08/04 19:24:14 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintime.dll
[2010/08/04 19:24:14 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtmbx.dll
[2010/08/04 19:24:14 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtskdic.dll
[2010/08/04 19:24:13 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chajei.ime
[2010/08/04 19:24:13 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgport.exe
[2010/08/04 19:24:13 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgusr.exe
[2010/08/04 19:24:13 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chglogon.exe
[2010/08/04 19:24:13 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\change.exe
[2010/08/04 19:24:12 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_g18030.dll
[2010/08/04 19:24:12 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2010/08/04 19:24:12 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_iscii.dll
[2010/08/04 19:24:12 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_is2022.dll
[2010/08/04 19:24:08 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\browscap.dll
[2010/08/04 19:24:07 | 000,369,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asp51.dll
[2010/08/04 19:24:07 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asptxn.dll
[2010/08/04 19:24:07 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aspperf.dll
[2010/08/04 19:24:07 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\authfilt.dll
[2010/08/04 19:24:06 | 000,331,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aqueue.dll
[2010/08/04 19:24:06 | 000,108,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\appconf.dll
[2010/08/04 19:24:06 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll
[2010/08/04 19:24:06 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0804.dll
[2010/08/04 19:24:06 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0412.dll
[2010/08/04 19:24:06 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0411.dll
[2010/08/04 19:24:06 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt040d.dll
[2010/08/04 19:24:06 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0404.dll
[2010/08/04 19:24:06 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0401.dll
[2010/08/04 19:24:05 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adrot.dll
[2010/08/04 19:24:05 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admexs.dll
[2010/08/04 19:24:05 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admxprox.dll
[2010/08/04 19:24:05 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll
[2010/08/04 19:24:03 | 000,032,827 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptest.exe
[2010/08/04 19:24:03 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptsat.dll
[2010/08/04 19:24:03 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamregps.dll
[2010/08/04 19:24:02 | 002,134,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpsnap.dll
[2010/08/04 19:24:02 | 000,189,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpadm.dll
[2010/08/04 19:24:02 | 000,020,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.dll
[2010/08/04 19:24:02 | 000,016,437 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.exe
[2010/08/04 19:24:02 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\staxmem.dll
[2010/08/04 19:24:00 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logui.ocx
[2010/08/04 19:24:00 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isatq.dll
[2010/08/04 19:23:59 | 000,829,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmgr.dll
[2010/08/04 19:23:59 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisui.dll
[2010/08/04 19:23:59 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrtl.dll
[2010/08/04 19:23:59 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisext51.dll
[2010/08/04 19:23:59 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iismap.dll
[2010/08/04 19:23:59 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrstas.exe
[2010/08/04 19:23:59 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetsloc.dll
[2010/08/04 19:23:59 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisreset.exe
[2010/08/04 19:23:59 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infoadmn.dll
[2010/08/04 19:23:59 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmgr.exe
[2010/08/04 19:23:59 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrstap.dll
[2010/08/04 19:23:58 | 000,876,653 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4awel.dll
[2010/08/04 19:23:58 | 000,598,071 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmc.dll
[2010/08/04 19:23:58 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmcsat.dll
[2010/08/04 19:23:58 | 000,188,494 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpcount.exe
[2010/08/04 19:23:58 | 000,109,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98swin.exe
[2010/08/04 19:23:58 | 000,020,541 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpexedll.dll
[2010/08/04 19:23:58 | 000,020,538 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpremadm.exe
[2010/08/04 19:23:58 | 000,014,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98sadm.exe
[2010/08/04 19:23:58 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpsapi2.dll
[2010/08/04 19:23:57 | 000,184,435 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4amsft.dll
[2010/08/04 19:23:57 | 000,147,513 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4apws.dll
[2010/08/04 19:23:57 | 000,102,509 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4atxt.dll
[2010/08/04 19:23:57 | 000,082,035 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4anscp.dll
[2010/08/04 19:23:57 | 000,049,212 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4awebs.dll
[2010/08/04 19:23:57 | 000,049,210 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4areg.dll
[2010/08/04 19:23:57 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\coadmin.dll
[2010/08/04 19:23:57 | 000,041,020 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4avnb.dll
[2010/08/04 19:23:57 | 000,032,826 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4avss.dll
[2010/08/04 19:23:56 | 000,290,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adsiis51.dll
[2010/08/04 19:23:56 | 000,275,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\certwiz.ocx
[2010/08/04 19:23:56 | 000,188,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cfgwiz.exe
[2010/08/04 19:23:56 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\certmap.ocx
[2010/08/04 19:23:56 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cnfgprts.ocx
[2010/08/04 19:23:56 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admwprox.dll
[2010/08/04 19:23:56 | 000,020,540 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.dll
[2010/08/04 19:23:56 | 000,016,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.exe
[2010/08/04 19:23:55 | 000,020,540 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.dll
[2010/08/04 19:23:55 | 000,016,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.exe
[2010/08/04 19:23:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom
[2010/08/04 19:23:54 | 000,000,000 | ---D | C] -- C:\Program Files\xerox
[2010/08/04 19:23:54 | 000,000,000 | ---D | C] -- C:\Program Files\microsoft frontpage
[2010/08/04 19:23:34 | 000,000,000 | ---D | C] -- C:\Program Files\NeoSmart Technologies
[2010/08/04 19:23:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Adobe
[2010/08/04 19:23:27 | 000,410,984 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deploytk.dll
[2010/08/04 19:23:27 | 000,148,888 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010/08/04 19:23:27 | 000,144,792 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010/08/04 19:23:27 | 000,144,792 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010/08/04 19:23:27 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010/08/04 19:23:22 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2010/08/04 19:23:13 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2010/08/04 19:22:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2010/08/04 19:22:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2010/08/04 19:22:56 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2010/08/04 19:22:30 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2010/08/04 19:22:23 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2010/08/04 19:20:17 | 000,000,000 | --SD | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2010/08/04 19:20:17 | 000,000,000 | --SD | C] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2010/08/04 19:20:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2010/08/04 19:20:10 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2010/08/04 19:20:09 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2010/08/04 19:20:04 | 000,026,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spupdsvc.exe
[2010/08/04 19:20:04 | 000,017,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2010/08/04 19:18:59 | 000,000,000 | R-SD | C] -- C:\WINDOWS\assembly
[2010/08/04 19:18:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET
[2010/08/04 19:18:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\URTTemp
[2010/08/04 19:18:55 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpssvcs.dll
[2010/08/04 19:18:55 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpssvcs.dll
[2010/08/04 19:18:55 | 000,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpsshhdr.dll
[2010/08/04 19:18:44 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\prntvpt.dll
[2010/08/04 19:18:37 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\printfilterpipelinesvc.exe
[2010/08/04 19:18:37 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\filterpipelineprintproc.dll
[2010/08/04 19:18:11 | 000,000,000 | ---D | C] -- C:\Program Files\LClock
[2010/08/04 19:18:02 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mapi32.dll
[2010/08/04 19:17:38 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\DRM
[2010/08/04 19:17:28 | 000,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate
[2010/08/04 19:17:27 | 000,000,000 | ---D | C] -- C:\Program Files\Online Services
[2010/08/04 19:17:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX
[2010/08/04 19:17:09 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atrace.dll
[2010/08/04 19:17:09 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\atrace.dll
[2010/08/04 19:17:08 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helphost.exe
[2010/08/04 19:17:08 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\notiflag.exe
[2010/08/04 19:17:08 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\brpinfo.dll
[2010/08/04 19:17:08 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hcappres.dll
[2010/08/04 19:17:03 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srdiag.exe
[2010/08/04 19:17:02 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msinfo32.exe
[2010/08/04 19:17:02 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wb32.exe
[2010/08/04 19:17:02 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmevtmsg.dll
[2010/08/04 19:17:02 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmevtmsg.dll
[2010/08/04 19:17:02 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cb32.exe
[2010/08/04 19:17:01 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\acctres.dll
[2010/08/04 19:17:01 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\acctres.dll
[2010/08/04 19:17:01 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Services
[2010/08/04 19:16:59 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwtutor.exe
[2010/08/04 19:16:59 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwres.dll
[2010/08/04 19:16:59 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trialoc.dll
[2010/08/04 19:16:59 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isignup.exe
[2010/08/04 19:16:59 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icfgnt5.dll
[2010/08/04 19:16:59 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icfgnt5.dll
[2010/08/04 19:16:59 | 000,000,000 | --SD | C] -- C:\WINDOWS\Tasks
[2010/08/04 19:16:58 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssoap1.dll
[2010/08/04 19:16:58 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieinfo5.ocx
[2010/08/04 19:16:58 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wisc10.dll
[2010/08/04 19:16:58 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssoapr.dll
[2010/08/04 19:16:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap
[2010/08/04 19:16:56 | 000,726,078 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srchui.dll
[2010/08/04 19:16:56 | 000,058,434 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srchctls.dll
[2010/08/04 19:16:55 | 003,166,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msgr3en.dll
[2010/08/04 19:16:55 | 001,669,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setup_wm.exe
[2010/08/04 19:16:55 | 000,765,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vgx.dll
[2010/08/04 19:16:55 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpband.dll
[2010/08/04 19:16:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\srchasst
[2010/08/04 19:16:54 | 000,786,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migrate.exe
[2010/08/04 19:16:54 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpvis.dll
[2010/08/04 19:16:54 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npdrmv2.dll
[2010/08/04 19:16:54 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpns.dll
[2010/08/04 19:16:54 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmplayer.exe
[2010/08/04 19:16:54 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\custsat.dll
[2010/08/04 19:16:54 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npwmsdrm.dll
[2010/08/04 19:16:53 | 001,929,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaueng.dll
[2010/08/04 19:16:53 | 000,364,544 | ---- | C] (Microsoft Corporation (written by Digital Renaissance Inc.)) -- C:\WINDOWS\System32\dllcache\npdsplay.dll
[2010/08/04 19:16:53 | 000,327,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll
[2010/08/04 19:16:53 | 000,327,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wucltui.dll
[2010/08/04 19:16:53 | 000,217,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaucpl.cpl
[2010/08/04 19:16:53 | 000,209,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuweb.dll
[2010/08/04 19:16:53 | 000,183,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng1.dll
[2010/08/04 19:16:53 | 000,183,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaueng1.dll
[2010/08/04 19:16:53 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauclt1.exe
[2010/08/04 19:16:53 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauclt1.exe
[2010/08/04 19:16:53 | 000,035,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wups.dll
[2010/08/04 19:16:53 | 000,035,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wups.dll
[2010/08/04 19:16:53 | 000,023,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauserv.dll
[2010/08/04 19:16:53 | 000,004,639 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplayer2.exe
[2010/08/04 19:16:52 | 000,575,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll
[2010/08/04 19:16:52 | 000,575,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuapi.dll
[2010/08/04 19:16:52 | 000,409,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qmgr.dll
[2010/08/04 19:16:52 | 000,053,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauclt.exe
[2010/08/04 19:16:52 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qmgrprxy.dll
[2010/08/04 19:16:52 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qmgrprxy.dll
[2010/08/04 19:16:52 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bitsprx2.dll
[2010/08/04 19:16:52 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx2.dll
[2010/08/04 19:16:52 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bitsprx4.dll
[2010/08/04 19:16:52 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx4.dll
[2010/08/04 19:16:52 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bitsprx3.dll
[2010/08/04 19:16:52 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx3.dll
[2010/08/04 19:16:51 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2res2.dll
[2010/08/04 19:16:51 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2eres.dll
[2010/08/04 19:16:50 | 004,256,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2res.dll
[2010/08/04 19:16:50 | 000,502,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2fxa.dll
[2010/08/04 19:16:50 | 000,402,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2filt.dll
[2010/08/04 19:16:50 | 000,325,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2fxb.dll
[2010/08/04 19:16:50 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2ae.dll
[2010/08/04 19:16:50 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2ext.dll
[2010/08/04 19:16:49 | 003,558,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\moviemk.exe
[2010/08/04 19:16:49 | 000,000,000 | ---D | C] -- C:\Program Files\Movie Maker
[2010/08/04 19:16:38 | 000,565,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobmain.dll
[2010/08/04 19:16:38 | 000,122,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobcomm.dll
[2010/08/04 19:16:38 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oobebaln.exe
[2010/08/04 19:16:38 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobshel.dll
[2010/08/04 19:16:38 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoobe.exe
[2010/08/04 19:16:38 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobweb.dll
[2010/08/04 19:16:38 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobdl.dll
[2010/08/04 19:16:36 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uploadm.exe
[2010/08/04 19:16:36 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrslv.dll
[2010/08/04 19:16:36 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\safrslv.dll
[2010/08/04 19:16:36 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrcdlg.dll
[2010/08/04 19:16:36 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\safrcdlg.dll
[2010/08/04 19:16:36 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\racpldlg.dll
[2010/08/04 19:16:36 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\racpldlg.dll
[2010/08/04 19:16:36 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrdm.dll
[2010/08/04 19:16:36 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\safrdm.dll
[2010/08/04 19:16:35 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pchshell.dll
[2010/08/04 19:16:35 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pchsvc.dll
[2010/08/04 19:16:34 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msconfig.exe
[2010/08/04 19:16:34 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hscupd.exe
[2010/08/04 19:16:33 | 000,769,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpctr.exe
[2010/08/04 19:16:33 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe
[2010/08/04 19:16:33 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fltlib.dll
[2010/08/04 19:16:32 | 000,380,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rstrui.exe
[2010/08/04 19:16:32 | 000,239,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srrstr.dll
[2010/08/04 19:16:32 | 000,239,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srrstr.dll
[2010/08/04 19:16:32 | 000,171,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srsvc.dll
[2010/08/04 19:16:32 | 000,129,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fltmgr.sys
[2010/08/04 19:16:32 | 000,073,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sr.sys
[2010/08/04 19:16:32 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srclient.dll
[2010/08/04 19:16:32 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fltMc.exe
[2010/08/04 19:16:32 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fltmc.exe
[2010/08/04 19:16:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore
[2010/08/04 19:16:31 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmas.dll
[2010/08/04 19:16:31 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ils.dll
[2010/08/04 19:16:31 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ils.dll
[2010/08/04 19:16:31 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msconf.dll
[2010/08/04 19:16:31 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msconf.dll
[2010/08/04 19:16:31 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dcap32.dll
[2010/08/04 19:16:31 | 000,034,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mnmdd.dll
[2010/08/04 19:16:31 | 000,034,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mnmdd.dll
[2010/08/04 19:16:31 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mnmsrvc.exe
[2010/08/04 19:16:31 | 000,032,768 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\isrdbg32.dll
[2010/08/04 19:16:31 | 000,032,768 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\isrdbg32.dll
[2010/08/04 19:16:31 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmmkcert.dll
[2010/08/04 19:16:31 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmmkcert.dll
[2010/08/04 19:16:31 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmasnt.dll
[2010/08/04 19:16:30 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\callcont.dll
[2010/08/04 19:16:30 | 000,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mst120.dll
[2010/08/04 19:16:30 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nac.dll
[2010/08/04 19:16:30 | 000,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmwb.dll
[2010/08/04 19:16:30 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmchat.dll
[2010/08/04 19:16:30 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmcom.dll
[2010/08/04 19:16:30 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rrcm.dll
[2010/08/04 19:16:30 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mst123.dll
[2010/08/04 19:16:30 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\h323cc.dll
[2010/08/04 19:16:30 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\confmrsl.dll
[2010/08/04 19:16:29 | 001,032,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\conf.exe
[2010/08/04 19:16:29 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoeacct.dll
[2010/08/04 19:16:29 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoeacct.dll
[2010/08/04 19:16:29 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmoldwb.dll
[2010/08/04 19:16:29 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmft.dll
[2010/08/04 19:16:29 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoert2.dll
[2010/08/04 19:16:29 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoert2.dll
[2010/08/04 19:16:29 | 000,000,000 | ---D | C] -- C:\Program Files\NetMeeting
[2010/08/04 19:16:28 | 000,691,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcomm.dll
[2010/08/04 19:16:28 | 000,510,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab32.dll
[2010/08/04 19:16:28 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab32res.dll
[2010/08/04 19:16:28 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\directdb.dll
[2010/08/04 19:16:28 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wabimp.dll
[2010/08/04 19:16:28 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msimn.exe
[2010/08/04 19:16:28 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetres.dll
[2010/08/04 19:16:28 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetres.dll
[2010/08/04 19:16:28 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab.exe
[2010/08/04 19:16:28 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wabfind.dll
[2010/08/04 19:16:28 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wabmig.exe
[2010/08/04 19:16:27 | 002,479,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoeres.dll
[2010/08/04 19:16:27 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oeimport.dll
[2010/08/04 19:16:27 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oemig50.exe
[2010/08/04 19:16:27 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oemiglib.dll
[2010/08/04 19:16:26 | 000,274,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstask.dll
[2010/08/04 19:16:26 | 000,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcfg.dll
[2010/08/04 19:16:26 | 000,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcfg.dll
[2010/08/04 19:16:26 | 000,192,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\schedsvc.dll
[2010/08/04 19:16:26 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\isign32.dll
[2010/08/04 19:16:26 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isign32.dll
[2010/08/04 19:16:26 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwdial.dll
[2010/08/04 19:16:26 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwdial.dll
[2010/08/04 19:16:26 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setup50.exe
[2010/08/04 19:16:26 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwphbk.dll
[2010/08/04 19:16:26 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwphbk.dll
[2010/08/04 19:16:26 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstinit.exe
[2010/08/04 19:16:26 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstinit.exe
[2010/08/04 19:16:26 | 000,000,000 | ---D | C] -- C:\Program Files\Outlook Express
[2010/08/04 19:16:25 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwconn1.exe
[2010/08/04 19:16:25 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwhelp.dll
[2010/08/04 19:16:25 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwconn2.exe
[2010/08/04 19:16:25 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwconn.dll
[2010/08/04 19:16:25 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwutil.dll
[2010/08/04 19:16:25 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwdl.dll
[2010/08/04 19:16:25 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwrmind.exe
[2010/08/04 19:16:25 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetwiz.exe
[2010/08/04 19:16:24 | 000,554,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dao360.dll
[2010/08/04 19:16:24 | 000,487,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oledb32.dll
[2010/08/04 19:16:24 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sqlxmlx.dll
[2010/08/04 19:16:24 | 000,204,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaps.dll
[2010/08/04 19:16:24 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdatl3.dll
[2010/08/04 19:16:24 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaosp.dll
[2010/08/04 19:16:24 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oledb32r.dll
[2010/08/04 19:16:23 | 000,536,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado15.dll
[2010/08/04 19:16:23 | 000,315,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdasql.dll
[2010/08/04 19:16:23 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaora.dll
[2010/08/04 19:16:23 | 000,200,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadox.dll
[2010/08/04 19:16:23 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadomd.dll
[2010/08/04 19:16:23 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msjro.dll
[2010/08/04 19:16:23 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado27.tlb
[2010/08/04 19:16:23 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado26.tlb
[2010/08/04 19:16:23 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado25.tlb
[2010/08/04 19:16:23 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado21.tlb
[2010/08/04 19:16:23 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado20.tlb
[2010/08/04 19:16:23 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadrh15.dll
[2010/08/04 19:16:23 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msador15.dll
[2010/08/04 19:16:23 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxactps.dll
[2010/08/04 19:16:23 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msader15.dll
[2010/08/04 19:16:23 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdatt.dll
[2010/08/04 19:16:23 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdasqlr.dll
[2010/08/04 19:16:23 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaorar.dll
[2010/08/04 19:16:23 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaurl.dll
[2010/08/04 19:16:23 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdasc.dll
[2010/08/04 19:16:23 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaer.dll
[2010/08/04 19:16:23 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaenum.dll
[2010/08/04 19:16:23 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdadc.dll
[2010/08/04 19:16:22 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadce.dll
[2010/08/04 19:16:22 | 000,200,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaprst.dll
[2010/08/04 19:16:22 | 000,155,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadds.dll
[2010/08/04 19:16:22 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadco.dll
[2010/08/04 19:16:22 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdarem.dll
[2010/08/04 19:16:22 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcf.dll
[2010/08/04 19:16:22 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcs.dll
[2010/08/04 19:16:22 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdfmap.dll
[2010/08/04 19:16:22 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msaddsr.dll
[2010/08/04 19:16:22 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcer.dll
[2010/08/04 19:16:22 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaremr.dll
[2010/08/04 19:16:22 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaprsr.dll
[2010/08/04 19:16:22 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcor.dll
[2010/08/04 19:16:22 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcfr.dll
[2010/08/04 19:16:21 | 000,634,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iexplore.exe
[2010/08/04 19:16:21 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedw.exe
[2010/08/04 19:16:21 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hmmapi.dll
[2010/08/04 19:16:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\System
[2010/08/04 19:16:21 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Explorer
[2010/08/04 19:16:20 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Pictures
[2010/08/04 19:16:03 | 000,000,000 | ---D | C] -- C:\Program Files\ComPlus Applications
[2010/08/04 19:16:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\Registration
[2010/08/04 19:15:58 | 002,887,680 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\libmmd.dll
[2010/08/04 19:15:58 | 000,898,048 | ---- | C] (GNU <www.gnu.org>) -- C:\WINDOWS\System32\libiconv2.dll
[2010/08/04 19:15:58 | 000,101,888 | ---- | C] (GNU <www.gnu.org>) -- C:\WINDOWS\System32\libintl3.dll
[2010/08/04 19:15:57 | 001,872,666 | ---- | C] (Red Hat) -- C:\WINDOWS\System32\cygwin1.dll
[2010/08/04 19:15:57 | 001,003,008 | ---- | C] (The OpenSSL Project, http://www.openssl.org/) -- C:\WINDOWS\System32\libeay32.dll
[2010/08/04 19:15:57 | 000,722,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vb40032.dll
[2010/08/04 19:15:57 | 000,444,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MShflxgd.ocx
[2010/08/04 19:15:57 | 000,416,528 | ---- | C] (Microsoft Corporation ) -- C:\WINDOWS\System32\comct332.ocx
[2010/08/04 19:15:57 | 000,413,696 | ---- | C] (Creative Labs) -- C:\WINDOWS\System32\wrap_oal.dll
[2010/08/04 19:15:57 | 000,398,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\vbrun300.dll
[2010/08/04 19:15:57 | 000,356,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\vbrun200.dll
[2010/08/04 19:15:57 | 000,312,848 | ---- | C] (AutoIt Team) -- C:\WINDOWS\System32\AutoItX3.dll
[2010/08/04 19:15:57 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\atl70.dll
[2010/08/04 19:15:56 | 001,066,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mscomctl32.ocx
[2010/08/04 19:15:56 | 001,017,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc70u.dll
[2010/08/04 19:15:56 | 000,935,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\vb40016.dll
[2010/08/04 19:15:56 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcp71.dll
[2010/08/04 19:15:56 | 000,487,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcp70.dll
[2010/08/04 19:15:56 | 000,344,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcr71.dll
[2010/08/04 19:15:56 | 000,339,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcr70.dll
[2010/08/04 19:15:56 | 000,259,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msflxgrd.ocx
[2010/08/04 19:15:56 | 000,219,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\richtx32.ocx
[2010/08/04 19:15:56 | 000,189,440 | ---- | C] (The OpenSSL Project, http://www.openssl.org/) -- C:\WINDOWS\System32\ssleay32.dll
[2010/08/04 19:15:56 | 000,179,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msmask32.ocx
[2010/08/04 19:15:56 | 000,137,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msinet.ocx
[2010/08/04 19:15:56 | 000,130,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msstdfmt.dll
[2010/08/04 19:15:56 | 000,128,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mswinsck.ocx
[2010/08/04 19:15:56 | 000,108,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msstkprp.dll
[2010/08/04 19:15:56 | 000,101,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\picclp32.ocx
[2010/08/04 19:15:56 | 000,081,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sysinfo.ocx
[2010/08/04 19:15:56 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc70ITA.dll
[2010/08/04 19:15:56 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc70FRA.dll
[2010/08/04 19:15:56 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc70ESP.dll
[2010/08/04 19:15:56 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc70DEU.dll
[2010/08/04 19:15:56 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc70ENU.dll
[2010/08/04 19:15:56 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvci70.dll
[2010/08/04 19:15:56 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc70KOR.dll
[2010/08/04 19:15:56 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc70JPN.dll
[2010/08/04 19:15:56 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc70CHT.dll
[2010/08/04 19:15:56 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc70CHS.dll
[2010/08/04 19:15:56 | 000,032,768 | ---- | C] (Adobe Systems, Inc.) -- C:\WINDOWS\System\PLUGIN.DLL
[2010/08/04 19:15:56 | 000,021,504 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\openal32.dll
[2010/08/04 19:15:55 | 001,070,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mscomctl.ocx
[2010/08/04 19:15:55 | 001,060,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc71.dll
[2010/08/04 19:15:55 | 001,054,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc71u.dll
[2010/08/04 19:15:55 | 000,660,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mscomct2.ocx
[2010/08/04 19:15:55 | 000,616,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comctl32.ocx
[2010/08/04 19:15:55 | 000,279,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdatgrd.ocx
[2010/08/04 19:15:55 | 000,253,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdatlst.ocx
[2010/08/04 19:15:55 | 000,223,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dblist32.ocx
[2010/08/04 19:15:55 | 000,222,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tabctl32.ocx
[2010/08/04 19:15:55 | 000,216,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mci32.ocx
[2010/08/04 19:15:55 | 000,171,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comct232.ocx
[2010/08/04 19:15:55 | 000,157,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comdlg32.ocx
[2010/08/04 19:15:55 | 000,120,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mscomm32.ocx
[2010/08/04 19:15:55 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\atl71.dll
[2010/08/04 19:15:55 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc71DEU.dll
[2010/08/04 19:15:55 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc71ITA.dll
[2010/08/04 19:15:55 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc71FRA.dll
[2010/08/04 19:15:55 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc71ESP.dll
[2010/08/04 19:15:55 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc71ENU.dll
[2010/08/04 19:15:55 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc71KOR.dll
[2010/08/04 19:15:55 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc71JPN.dll
[2010/08/04 19:15:55 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc71CHT.dll
[2010/08/04 19:15:55 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc71CHS.dll
[2010/08/04 19:15:54 | 001,024,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc70.dll
[2010/08/04 19:15:54 | 000,189,440 | ---- | C] (The OpenSSL Project, http://www.openssl.org/) -- C:\WINDOWS\System32\libssl32.dll
[2010/08/04 19:15:53 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Connect 2
[2010/08/04 19:15:52 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Player
[2010/08/04 19:15:51 | 001,817,687 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgres.dll
[2010/08/04 19:15:51 | 000,780,885 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrres.dll
[2010/08/04 19:15:51 | 000,753,236 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvseres.dll
[2010/08/04 19:15:51 | 000,082,501 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckg.dll
[2010/08/04 19:15:51 | 000,048,706 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvse.dll
[2010/08/04 19:15:51 | 000,042,577 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgzm.exe
[2010/08/04 19:15:51 | 000,042,575 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrzm.exe
[2010/08/04 19:15:51 | 000,042,574 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvsezm.exe
[2010/08/04 19:15:51 | 000,042,573 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlzm.exe
[2010/08/04 19:15:51 | 000,040,515 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkr.dll
[2010/08/04 19:15:50 | 002,178,131 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlres.dll
[2010/08/04 19:15:50 | 001,175,635 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzres.dll
[2010/08/04 19:15:50 | 001,039,955 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnresm.dll
[2010/08/04 19:15:50 | 000,066,113 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvl.dll
[2010/08/04 19:15:50 | 000,057,409 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtz.dll
[2010/08/04 19:15:50 | 000,042,573 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzzm.exe
[2010/08/04 19:15:50 | 000,041,029 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zcorem.dll
[2010/08/04 19:15:50 | 000,032,339 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniansi.dll
[2010/08/04 19:15:50 | 000,013,894 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zonelibm.dll
[2010/08/04 19:15:50 | 000,004,677 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zeeverm.dll
[2010/08/04 19:15:49 | 000,217,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnclim.dll
[2010/08/04 19:15:49 | 000,113,222 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zoneclim.dll
[2010/08/04 19:15:49 | 000,036,937 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zclientm.exe
[2010/08/04 19:15:49 | 000,029,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\znetm.dll
[2010/08/04 19:15:49 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\write.exe
[2010/08/04 19:15:49 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\write.exe
[2010/08/04 19:15:49 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Gaming Zone
[2010/08/04 19:15:42 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndvol32.exe
[2010/08/04 19:15:42 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndvol32.exe
[2010/08/04 19:15:42 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avwav.dll
[2010/08/04 19:15:42 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avwav.dll
[2010/08/04 19:15:42 | 000,044,544 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\hticons.dll
[2010/08/04 19:15:42 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avmeter.dll
[2010/08/04 19:15:42 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avmeter.dll
[2010/08/04 19:15:42 | 000,013,312 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\dllcache\htrn_jis.dll
[2010/08/04 19:15:41 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avtapi.dll
[2010/08/04 19:15:41 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avtapi.dll
[2010/08/04 19:15:41 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winchat.exe
[2010/08/04 19:15:41 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winchat.exe
[2010/08/04 19:15:36 | 000,605,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\getuname.dll
[2010/08/04 19:15:36 | 000,605,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\getuname.dll
[2010/08/04 19:15:36 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\calc.exe
[2010/08/04 19:15:36 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\calc.exe
[2010/08/04 19:15:36 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\charmap.exe
[2010/08/04 19:15:36 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\charmap.exe
[2010/08/04 19:15:36 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sol.exe
[2010/08/04 19:15:36 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sol.exe
[2010/08/04 19:15:35 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mshearts.exe
[2010/08/04 19:15:35 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshearts.exe
[2010/08/04 19:15:35 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winmine.exe
[2010/08/04 19:15:35 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmine.exe
[2010/08/04 19:15:35 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\freecell.exe
[2010/08/04 19:15:35 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\freecell.exe
[2010/08/04 19:15:35 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsshutdn.exe
[2010/08/04 19:15:35 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsshutdn.exe
[2010/08/04 19:15:35 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tskill.exe
[2010/08/04 19:15:35 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tskill.exe
[2010/08/04 19:15:35 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rwinsta.exe
[2010/08/04 19:15:35 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rwinsta.exe
[2010/08/04 19:15:35 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsdiscon.exe
[2010/08/04 19:15:35 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsdiscon.exe
[2010/08/04 19:15:35 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscon.exe
[2010/08/04 19:15:35 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscon.exe
[2010/08/04 19:15:35 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\shadow.exe
[2010/08/04 19:15:35 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shadow.exe
[2010/08/04 19:15:35 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\reset.exe
[2010/08/04 19:15:35 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\reset.exe
[2010/08/04 19:15:34 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\regini.exe
[2010/08/04 19:15:34 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\regini.exe
[2010/08/04 19:15:34 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qwinsta.exe
[2010/08/04 19:15:34 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qwinsta.exe
[2010/08/04 19:15:34 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msg.exe
[2010/08/04 19:15:34 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msg.exe
[2010/08/04 19:15:34 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtsadmin.tlb
[2010/08/04 19:15:34 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qappsrv.exe
[2010/08/04 19:15:34 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qappsrv.exe
[2010/08/04 19:15:34 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cdmodem.dll
[2010/08/04 19:15:34 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cdmodem.dll
[2010/08/04 19:15:34 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\logoff.exe
[2010/08/04 19:15:34 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logoff.exe
[2010/08/04 19:15:34 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpcfgex.dll
[2010/08/04 19:15:34 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpcfgex.dll
[2010/08/04 19:15:33 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmi2xml.dll
[2010/08/04 19:15:31 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipicmp.dll
[2010/08/04 19:15:31 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmimsg.dll
[2010/08/04 19:15:31 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemdisp.tlb
[2010/08/04 19:15:31 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmitimep.dll
[2010/08/04 19:15:31 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.tlb
[2010/08/04 19:15:31 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmtr.dll
[2010/08/04 19:15:31 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmt.exe
[2010/08/04 19:15:31 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.dll
[2010/08/04 19:15:30 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msiprov.dll
[2010/08/04 19:15:30 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsprov.dll
[2010/08/04 19:15:30 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\updprov.dll
[2010/08/04 19:15:30 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmplprov.dll
[2010/08/04 19:15:30 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trnsprov.dll
[2010/08/04 19:15:30 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fwdprov.dll
[2010/08/04 19:15:30 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpcons.dll
[2010/08/04 19:15:30 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unsecapp.exe
[2010/08/04 19:15:29 | 000,281,088 | ---- | C] (Cinematronics) -- C:\WINDOWS\System32\dllcache\pinball.exe
[2010/08/04 19:15:29 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\accwiz.exe
[2010/08/04 19:15:29 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\accwiz.exe
[2010/08/04 19:15:29 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndrec32.exe
[2010/08/04 19:15:29 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndrec32.exe
[2010/08/04 19:15:29 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mplay32.exe
[2010/08/04 19:15:29 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplay32.exe
[2010/08/04 19:15:29 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\access.cpl
[2010/08/04 19:15:29 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\access.cpl
[2010/08/04 19:15:28 | 000,539,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dialer.exe
[2010/08/04 19:15:28 | 000,538,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spider.exe
[2010/08/04 19:15:28 | 000,538,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spider.exe
[2010/08/04 19:15:28 | 000,347,136 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\hypertrm.dll
[2010/08/04 19:15:28 | 000,343,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mspaint.exe
[2010/08/04 19:15:28 | 000,343,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspaint.exe
[2010/08/04 19:15:28 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clipbrd.exe
[2010/08/04 19:15:28 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clipbrd.exe
[2010/08/04 19:15:28 | 000,000,000 | ---D | C] -- C:\Program Files\Windows NT
[2010/08/04 19:15:27 | 000,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rhttpaa.dll
[2010/08/04 19:15:27 | 000,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rhttpaa.dll
[2010/08/04 19:15:27 | 000,139,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwd.sys
[2010/08/04 19:15:27 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscfgwmi.dll
[2010/08/04 19:15:27 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscfgwmi.dll
[2010/08/04 19:15:27 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsgqec.dll
[2010/08/04 19:15:27 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsgqec.dll
[2010/08/04 19:15:27 | 000,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdtcp.sys
[2010/08/04 19:15:27 | 000,012,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdpipe.sys
[2010/08/04 19:15:26 | 002,061,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lhmstscx.dll
[2010/08/04 19:15:26 | 000,677,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lhmstsc.exe
[2010/08/04 19:15:26 | 000,141,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sessmgr.exe
[2010/08/04 19:15:26 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aaclient.dll
[2010/08/04 19:15:26 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\aaclient.dll
[2010/08/04 19:15:26 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdshost.exe
[2010/08/04 19:15:26 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdshost.exe
[2010/08/04 19:15:26 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\remotepg.dll
[2010/08/04 19:15:26 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdsaddin.exe
[2010/08/04 19:15:26 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdsaddin.exe
[2010/08/04 19:15:25 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcprx.dll
[2010/08/04 19:15:25 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtcprx.dll
[2010/08/04 19:15:25 | 000,295,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\termsrv.dll
[2010/08/04 19:15:25 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcuiu.dll
[2010/08/04 19:15:25 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtcuiu.dll
[2010/08/04 19:15:25 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdchost.dll
[2010/08/04 19:15:25 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdchost.dll
[2010/08/04 19:15:25 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxoci.dll
[2010/08/04 19:15:25 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxoci.dll
[2010/08/04 19:15:25 | 000,087,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpwsx.dll
[2010/08/04 19:15:25 | 000,087,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwsx.dll
[2010/08/04 19:15:25 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpclip.exe
[2010/08/04 19:15:25 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpclip.exe
[2010/08/04 19:15:25 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cfgbkend.dll
[2010/08/04 19:15:25 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cfgbkend.dll
[2010/08/04 19:15:25 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpsnd.dll
[2010/08/04 19:15:25 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpsnd.dll
[2010/08/04 19:15:25 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qprocess.exe
[2010/08/04 19:15:25 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qprocess.exe
[2010/08/04 19:15:25 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icaapi.dll
[2010/08/04 19:15:25 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icaapi.dll
[2010/08/04 19:15:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc
[2010/08/04 19:15:24 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtctm.dll
[2010/08/04 19:15:24 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtctm.dll
[2010/08/04 19:15:24 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtclog.dll
[2010/08/04 19:15:24 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtclog.dll
[2010/08/04 19:15:24 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xolehlp.dll
[2010/08/04 19:15:24 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xolehlp.dll
[2010/08/04 19:15:24 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrepl.exe
[2010/08/04 19:15:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtc.exe
[2010/08/04 19:15:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dcomcnfg.exe
[2010/08/04 19:15:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dcomcnfg.exe
[2010/08/04 19:15:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrereg.exe
[2010/08/04 19:15:23 | 000,625,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\catsrvut.dll
[2010/08/04 19:15:23 | 000,625,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvut.dll
[2010/08/04 19:15:23 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\catsrv.dll
[2010/08/04 19:15:23 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrv.dll
[2010/08/04 19:15:23 | 000,195,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comadmin.dll
[2010/08/04 19:15:23 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clbcatex.dll
[2010/08/04 19:15:23 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clbcatex.dll
[2010/08/04 19:15:23 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrepl.dll
[2010/08/04 19:15:23 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comrepl.dll
[2010/08/04 19:15:23 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\catsrvps.dll
[2010/08/04 19:15:23 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvps.dll
[2010/08/04 19:15:23 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\colbact.dll
[2010/08/04 19:15:23 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\colbact.dll
[2010/08/04 19:15:23 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\stclient.dll
[2010/08/04 19:15:23 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\stclient.dll
[2010/08/04 19:15:23 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxlegih.dll
[2010/08/04 19:15:23 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxlegih.dll
[2010/08/04 19:15:23 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxdm.dll
[2010/08/04 19:15:23 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxdm.dll
[2010/08/04 19:15:23 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comaddin.dll
[2010/08/04 19:15:23 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comaddin.dll
[2010/08/04 19:15:23 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxex.dll
[2010/08/04 19:15:23 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxex.dll
[2010/08/04 19:15:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Com
[2010/08/04 19:15:22 | 001,267,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comsvcs.dll
[2010/08/04 19:15:22 | 001,267,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsvcs.dll
[2010/08/04 19:15:22 | 000,539,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comuid.dll
[2010/08/04 19:15:22 | 000,539,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comuid.dll
[2010/08/04 19:15:22 | 000,498,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clbcatq.dll
[2010/08/04 19:15:22 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comsnap.dll
[2010/08/04 19:15:22 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsnap.dll
[2010/08/04 19:15:20 | 000,358,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmic.exe
[2010/08/04 19:15:20 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemupgd.dll
[2010/08/04 19:15:20 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiadap.exe
[2010/08/04 19:15:20 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipcima.dll
[2010/08/04 19:15:20 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmisvc.dll
[2010/08/04 19:15:20 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprov.dll
[2010/08/04 19:15:20 | 000,140,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmidcprv.dll
[2010/08/04 19:15:20 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipdskq.dll
[2010/08/04 19:15:20 | 000,126,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiapsrv.exe
[2010/08/04 19:15:20 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemtest.exe
[2010/08/04 19:15:20 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiutils.dll
[2010/08/04 19:15:20 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiaprpl.dll
[2010/08/04 19:15:20 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipjobj.dll
[2010/08/04 19:15:20 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipiprt.dll
[2010/08/04 19:15:20 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmicookr.dll
[2010/08/04 19:15:20 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipsess.dll
[2010/08/04 19:15:20 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiapres.dll
[2010/08/04 19:15:19 | 000,531,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcore.dll
[2010/08/04 19:15:19 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemess.dll
[2010/08/04 19:15:19 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\provthrd.dll
[2010/08/04 19:15:19 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcomn.dll
[2010/08/04 19:15:19 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcntl.dll
[2010/08/04 19:15:19 | 000,178,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemdisp.dll
[2010/08/04 19:15:19 | 000,178,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\repdrvfs.dll
[2010/08/04 19:15:19 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\viewprov.dll
[2010/08/04 19:15:19 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\stdprov.dll
[2010/08/04 19:15:19 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcons.dll
[2010/08/04 19:15:19 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemsvc.dll
[2010/08/04 19:15:19 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scrcons.exe
[2010/08/04 19:15:19 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemprox.dll
[2010/08/04 19:15:18 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\esscli.dll
[2010/08/04 19:15:18 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntevt.dll
[2010/08/04 19:15:18 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\framedyn.dll
[2010/08/04 19:15:18 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mofd.dll
[2010/08/04 19:15:18 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\policman.dll
[2010/08/04 19:15:18 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ncprov.dll
[2010/08/04 19:15:18 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\krnlprov.dll
[2010/08/04 19:15:18 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mofcomp.exe
[2010/08/04 19:15:17 | 001,358,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cimwin32.dll
[2010/08/04 19:15:17 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmprops.dll
[2010/08/04 19:15:17 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmprops.dll
[2010/08/04 19:15:17 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\licwmi.dll
[2010/08/04 19:15:17 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\licwmi.dll
[2010/08/04 19:15:17 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\servdeps.dll
[2010/08/04 19:15:17 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\servdeps.dll
[2010/08/04 19:15:17 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmfutil.dll
[2010/08/04 19:15:17 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mmfutil.dll
[2010/08/04 19:15:15 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Videos
[2010/08/04 17:34:33 | 000,000,000 | ---D | C] -- C:\Program Files\Kaspersky Lab
[2010/08/04 17:34:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
[2010/08/04 17:34:23 | 000,315,408 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klif.sys
[2010/08/04 17:32:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
[2010/08/04 17:29:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kyle\Application Data\Malwarebytes
[2010/08/04 17:29:37 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/08/04 17:29:36 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/08/04 17:29:36 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/08/04 17:29:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/08/04 17:29:04 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010/08/04 17:27:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kyle\My Documents\Downloads
[2010/08/04 17:27:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kyle\Application Data\Macromedia
[2010/08/04 17:27:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kyle\Application Data\Adobe
[2010/08/04 17:27:06 | 000,000,000 | ---D | C] -- C:\Program Files\Ask.com
[2010/08/04 17:26:44 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent
[2010/08/04 17:26:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kyle\Application Data\uTorrent
[2010/08/04 17:02:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NVIDIA Corporation
[2010/08/04 17:02:28 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2010/08/04 17:02:16 | 013,549,568 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvoglnt.dll
[2010/08/04 17:02:16 | 010,604,128 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\drivers\nv4_mini.sys
[2010/08/04 17:02:16 | 010,604,128 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\dllcache\nv4_mini.sys
[2010/08/04 17:02:16 | 000,061,440 | ---- | C] (Khronos Group) -- C:\WINDOWS\System32\OpenCL.dll
[2010/08/04 17:02:15 | 010,260,480 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcompiler.dll
[2010/08/04 17:02:15 | 006,343,040 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nv4_disp.dll
[2010/08/04 17:02:15 | 006,343,040 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\dllcache\nv4_disp.dll
[2010/08/04 17:02:15 | 004,595,712 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcuda.dll
[2010/08/04 17:02:15 | 002,914,408 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcuvid.dll
[2010/08/04 17:02:15 | 002,506,344 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcuvenc.dll
[2010/08/04 17:02:15 | 001,388,544 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvapi.dll
[2010/08/04 17:02:15 | 000,236,136 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcodins.dll
[2010/08/04 17:02:15 | 000,236,136 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcod.dll
[2010/08/04 17:02:08 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2010/08/04 16:34:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kyle\Application Data\WinRAR
[2010/08/04 16:33:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kyle\Local Settings\Application Data\Mozilla
[2010/08/04 16:33:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kyle\Application Data\Mozilla
[2010/08/04 16:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Lang
[2010/08/04 16:32:02 | 000,083,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wdmaud.sys
[2010/08/04 16:32:02 | 000,006,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\splitter.sys
[2010/08/04 16:32:01 | 000,052,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmusic.sys
[2010/08/04 16:32:00 | 000,056,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swmidi.sys
[2010/08/04 16:31:59 | 000,142,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aec.sys
[2010/08/04 16:31:58 | 000,172,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kmixer.sys
[2010/08/04 16:31:58 | 000,002,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmkaud.sys
[2010/08/04 16:31:57 | 000,060,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sysaudio.sys
[2010/08/04 16:31:56 | 000,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mskssrv.sys
[2010/08/04 16:31:55 | 000,004,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspqm.sys
[2010/08/04 16:31:53 | 000,005,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspclock.sys
[2010/08/04 16:31:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\RTCOM
[2010/08/04 16:31:48 | 000,146,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\portcls.sys
[2010/08/04 16:31:48 | 000,146,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\portcls.sys
[2010/08/04 16:31:48 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksproxy.ax
[2010/08/04 16:31:48 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksproxy.ax
[2010/08/04 16:31:48 | 000,060,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmk.sys
[2010/08/04 16:31:48 | 000,060,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmk.sys
[2010/08/04 16:31:48 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksuser.dll
[2010/08/04 16:31:48 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksuser.dll
[2010/08/04 16:31:46 | 001,826,816 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SkyTel.exe
[2010/08/04 16:31:46 | 001,191,936 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RtlUpd.exe
[2010/08/04 16:31:46 | 000,282,624 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\RTSndMgr.cpl
[2010/08/04 16:31:46 | 000,086,016 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SoundMan.exe
[2010/08/04 16:31:45 | 009,715,200 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTLCPL.exe
[2010/08/04 16:31:45 | 004,615,168 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\RtkHDAud.sys
[2010/08/04 16:31:44 | 002,808,832 | ---- | C] (RealTek Semicoductor Corp.) -- C:\WINDOWS\alcwzrd.exe
[2010/08/04 16:31:44 | 002,165,760 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\MicCal.exe
[2010/08/04 16:31:44 | 000,299,008 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\ALSndMgr.cpl
[2010/08/04 16:31:44 | 000,069,632 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\Alcmtr.exe
[2010/08/04 16:31:41 | 000,520,192 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RtlExUpd.dll
[2010/08/04 16:31:41 | 000,315,392 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\HideWin.exe
[2010/08/04 16:31:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2010/08/04 16:30:47 | 000,274,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll
[2010/08/04 16:30:47 | 000,016,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll.mui
[2010/08/04 16:30:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2010/08/04 12:12:35 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irftp.exe
[2010/08/04 12:12:35 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wshirda.dll
[2010/08/04 12:12:34 | 000,018,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\irsir.sys
[2010/08/04 12:12:25 | 000,006,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\enum1394.sys
[2010/08/04 12:11:12 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\usbui.dll
[2010/08/04 12:10:40 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Music
[2010/08/04 12:10:29 | 000,000,000 | -HSD | C] -- C:\WINDOWS\Installer
[2010/08/04 12:10:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC
[2010/08/04 12:10:28 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spcommon.dll
[2010/08/04 12:10:28 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spcplui.dll
[2010/08/04 12:10:27 | 000,774,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spttseng.dll
[2010/08/04 12:10:27 | 000,741,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapi.dll
[2010/08/04 12:10:27 | 000,155,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapi.cpl
[2010/08/04 12:10:27 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapisvr.exe
[2010/08/04 12:10:27 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeechEngines
[2010/08/04 12:10:27 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Shared
[2010/08/04 12:10:26 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0408.dll
[2010/08/04 12:10:26 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt040e.dll
[2010/08/04 12:10:26 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt041f.dll
[2010/08/04 12:10:26 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0419.dll
[2010/08/04 12:10:26 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0415.dll
[2010/08/04 12:10:26 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0405.dll
[2010/08/04 12:10:26 | 000,000,000 | R--D | C] -- C:\Program Files
[2010/08/04 12:10:26 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files
[2010/08/04 12:10:24 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuq.dll
[2010/08/04 12:10:24 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuf.dll
[2010/08/04 12:10:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtuq.dll
[2010/08/04 12:10:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtuf.dll
[2010/08/04 12:10:24 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdazel.dll
[2010/08/04 12:10:24 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdazel.dll
[2010/08/04 12:10:23 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycc.dll
[2010/08/04 12:10:23 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbduzb.dll
[2010/08/04 12:10:23 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdur.dll
[2010/08/04 12:10:23 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtat.dll
[2010/08/04 12:10:23 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru1.dll
[2010/08/04 12:10:23 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru.dll
[2010/08/04 12:10:23 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmon.dll
[2010/08/04 12:10:23 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkyr.dll
[2010/08/04 12:10:23 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkaz.dll
[2010/08/04 12:10:23 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdaze.dll
[2010/08/04 12:10:23 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdycc.dll
[2010/08/04 12:10:23 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbduzb.dll
[2010/08/04 12:10:23 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdur.dll
[2010/08/04 12:10:23 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtat.dll
[2010/08/04 12:10:23 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdru1.dll
[2010/08/04 12:10:23 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdru.dll
[2010/08/04 12:10:23 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdmon.dll
[2010/08/04 12:10:23 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkyr.dll
[2010/08/04 12:10:23 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkaz.dll
[2010/08/04 12:10:23 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdaze.dll
[2010/08/04 12:10:22 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbu.dll
[2010/08/04 12:10:22 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdblr.dll
[2010/08/04 12:10:22 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdbu.dll
[2010/08/04 12:10:22 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdblr.dll
[2010/08/04 12:10:21 | 000,008,192 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhept.dll
[2010/08/04 12:10:21 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhept.dll
[2010/08/04 12:10:21 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela3.dll
[2010/08/04 12:10:21 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhela3.dll
[2010/08/04 12:10:21 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela2.dll
[2010/08/04 12:10:21 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdgkl.dll
[2010/08/04 12:10:21 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhela2.dll
[2010/08/04 12:10:21 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgkl.dll
[2010/08/04 12:10:21 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe319.dll
[2010/08/04 12:10:21 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe220.dll
[2010/08/04 12:10:21 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe.dll
[2010/08/04 12:10:21 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe319.dll
[2010/08/04 12:10:21 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe220.dll
[2010/08/04 12:10:21 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe.dll
[2010/08/04 12:10:20 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv1.dll
[2010/08/04 12:10:20 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv.dll
[2010/08/04 12:10:20 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdest.dll
[2010/08/04 12:10:20 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlv1.dll
[2010/08/04 12:10:20 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlv.dll
[2010/08/04 12:10:20 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdest.dll
[2010/08/04 12:10:20 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt1.dll
[2010/08/04 12:10:20 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt.dll
[2010/08/04 12:10:20 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlt1.dll
[2010/08/04 12:10:20 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlt.dll
[2010/08/04 12:10:19 | 000,007,168 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz.dll
[2010/08/04 12:10:19 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz.dll
[2010/08/04 12:10:19 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl1.dll
[2010/08/04 12:10:19 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl.dll
[2010/08/04 12:10:19 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpl.dll
[2010/08/04 12:10:19 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu.dll
[2010/08/04 12:10:19 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz2.dll
[2010/08/04 12:10:19 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz1.dll
[2010/08/04 12:10:19 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcr.dll
[2010/08/04 12:10:19 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsl1.dll
[2010/08/04 12:10:19 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsl.dll
[2010/08/04 12:10:19 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdpl.dll
[2010/08/04 12:10:19 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhu.dll
[2010/08/04 12:10:19 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz2.dll
[2010/08/04 12:10:19 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz1.dll
[2010/08/04 12:10:19 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcr.dll
[2010/08/04 12:10:19 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdro.dll
[2010/08/04 12:10:19 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpl1.dll
[2010/08/04 12:10:19 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu1.dll
[2010/08/04 12:10:19 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdro.dll
[2010/08/04 12:10:19 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdpl1.dll
[2010/08/04 12:10:19 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhu1.dll
[2010/08/04 12:10:18 | 000,036,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dosapp.fon
[2010/08/04 12:10:18 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycl.dll
[2010/08/04 12:10:18 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\KBDAL.DLL
[2010/08/04 12:10:18 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdycl.dll
[2010/08/04 12:10:18 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdal.dll
[2010/08/04 12:10:15 | 000,176,157 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dllcache\dgrpsetu.dll
[2010/08/04 12:10:15 | 000,176,157 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dgrpsetu.dll
[2010/08/04 12:10:15 | 000,103,424 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\EqnClass.Dll
[2010/08/04 12:10:15 | 000,103,424 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqnclass.dll
[2010/08/04 12:10:15 | 000,085,020 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dllcache\dgsetup.dll
[2010/08/04 12:10:15 | 000,085,020 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dgsetup.dll
[2010/08/04 12:10:15 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\spxcoins.dll
[2010/08/04 12:10:15 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxcoins.dll
[2010/08/04 12:10:15 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irclass.dll
[2010/08/04 12:10:15 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irclass.dll
[2010/08/04 12:10:14 | 000,126,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MSVIDEO.DLL
[2010/08/04 12:10:14 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLECLI.DLL
[2010/08/04 12:10:14 | 000,073,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIAVI.DRV
[2010/08/04 12:10:14 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIWAVE.DRV
[2010/08/04 12:10:14 | 000,025,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCISEQ.DRV
[2010/08/04 12:10:14 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLESVR.DLL
[2010/08/04 12:10:14 | 000,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TAPI.DLL
[2010/08/04 12:10:14 | 000,013,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\WFWNET.DRV
[2010/08/04 12:10:14 | 000,009,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VER.DLL
[2010/08/04 12:10:14 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SHELL.DLL
[2010/08/04 12:10:14 | 000,004,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TIMER.DRV
[2010/08/04 12:10:14 | 000,003,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SYSTEM.DRV
[2010/08/04 12:10:14 | 000,002,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VGA.DRV
[2010/08/04 12:10:14 | 000,002,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MOUSE.DRV
[2010/08/04 12:10:14 | 000,001,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SOUND.DRV
[2010/08/04 12:10:14 | 000,001,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MMTASK.TSK
[2010/08/04 12:10:13 | 000,109,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVIFILE.DLL
[2010/08/04 12:10:13 | 000,069,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVICAP.DLL
[2010/08/04 12:10:13 | 000,032,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\COMMDLG.DLL
[2010/08/04 12:10:13 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\TASKMAN.EXE
[2010/08/04 12:10:13 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\taskman.exe
[2010/08/04 12:10:13 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irenum.sys
[2010/08/04 12:10:13 | 000,009,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\LZEXPAND.DLL
[2010/08/04 12:10:13 | 000,002,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\KEYBOARD.DRV
[2010/08/04 12:10:12 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\WINSPOOL.DRV
[2010/08/04 12:10:12 | 000,068,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MMSYSTEM.DLL
[2010/08/04 12:10:12 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\batt.dll
[2010/08/04 12:10:12 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\batt.dll
[2010/08/04 12:10:11 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\storprop.dll
[2010/08/04 12:10:09 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu
[2010/08/04 12:10:09 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents
[2010/08/04 12:10:09 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Templates
[2010/08/04 12:10:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Favorites
[2010/08/04 12:10:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Desktop
[2010/08/04 12:07:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2010/08/04 12:07:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot
[2010/08/04 12:07:51 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2010/08/04 12:07:51 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\All Users\Application Data
[2010/08/04 12:07:16 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2010/08/04 12:07:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings
[2010/08/04 12:03:58 | 000,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files
[2010/08/04 12:03:58 | 000,000,000 | R-SD | C] -- C:\WINDOWS\Fonts
[2010/08/04 12:03:58 | 000,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2010/08/04 12:03:58 | 000,000,000 | R--D | C] -- C:\WINDOWS\Web
[2010/08/04 12:03:58 | 000,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages
[2010/08/04 12:03:58 | 000,000,000 | -H-D | C] -- C:\WINDOWS\inf
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\WinSxS
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wins
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\UMDF
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\twain_32
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\system32
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\system
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\spool
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\security
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\Resources
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\repair
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ras
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\Provisioning
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\PeerNet
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\pchealth
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\npp
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\Network Diagnostic
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\mui
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\mui
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\msapps
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\msagent
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\Media
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\L2Schemas
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\java
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\IME
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\ime
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ias
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\Help
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\export
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\ehome
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\Debug
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cursors
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\config
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\Config
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\AppPatch
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\addins
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3076
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\2052
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1054
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1042
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1041
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1037
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1033
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1031
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1028
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1025
[2010/07/09 16:24:26 | 000,081,920 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvwddi.dll
[2010/07/09 16:24:18 | 000,277,608 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvmccs.dll
[2010/07/09 16:24:18 | 000,110,696 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvmctray.dll
[2010/07/09 16:24:16 | 013,923,432 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcpl.dll
[2010/07/09 16:24:16 | 000,145,000 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcolor.exe
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\Documents and Settings\Kyle\*.tmp files -> C:\Documents and Settings\Kyle\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/08/08 15:07:17 | 001,572,864 | -H-- | M] () -- C:\Documents and Settings\Kyle\NTUSER.DAT
[2010/08/08 15:04:35 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Kyle\Desktop\OTL.exe
[2010/08/08 15:01:00 | 000,000,232 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2010/08/08 14:59:27 | 000,013,664 | ---- | M] () -- C:\Documents and Settings\Kyle\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/08/08 14:59:20 | 000,001,643 | ---- | M] () -- C:\Documents and Settings\Kyle\Desktop\Photomatix Pro 3.lnk
[2010/08/08 14:58:58 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/08/08 14:23:01 | 000,000,974 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-57989841-562591055-682003330-1004UA.job
[2010/08/08 13:40:36 | 000,000,260 | ---- | M] () -- C:\WINDOWS\tasks\WGASetup.job
[2010/08/08 13:08:23 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/08/08 13:08:18 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/08/08 12:23:01 | 000,000,922 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-57989841-562591055-682003330-1004Core.job
[2010/08/08 12:18:41 | 000,002,277 | ---- | M] () -- C:\Documents and Settings\Kyle\Desktop\Google Chrome.lnk
[2010/08/08 12:18:41 | 000,002,255 | ---- | M] () -- C:\Documents and Settings\Kyle\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/08/07 20:15:51 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/08/07 19:59:39 | 000,001,620 | ---- | M] () -- C:\Documents and Settings\Kyle\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/08/07 19:59:39 | 000,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2010/08/07 01:11:03 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Kyle\ntuser.ini
[2010/08/07 01:10:57 | 003,758,860 | -H-- | M] () -- C:\Documents and Settings\Kyle\Local Settings\Application Data\IconCache.db
[2010/08/06 12:03:50 | 000,441,432 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/08/06 12:03:50 | 000,071,176 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/08/06 12:03:49 | 000,521,942 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/08/06 00:37:53 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/08/05 19:21:19 | 000,000,666 | ---- | M] () -- C:\Documents and Settings\Kyle\Application Data\Microsoft\Internet Explorer\Quick Launch\Media Player Classic - Home Cinema.lnk
[2010/08/05 18:37:47 | 019,461,015 | ---- | M] () -- C:\Documents and Settings\Kyle\My Documents\vlc-1.1.2-win32.exe
[2010/08/05 14:11:24 | 000,001,828 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Vegas Movie Studio Platinum 9.0.lnk
[2010/08/05 10:05:46 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\Kyle\Desktop\HijackThis.exe
[2010/08/05 09:58:26 | 000,098,256 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/08/04 20:17:48 | 000,113,933 | ---- | M] () -- C:\WINDOWS\System32\drivers\klin.dat
[2010/08/04 20:17:48 | 000,097,549 | ---- | M] () -- C:\WINDOWS\System32\drivers\klick.dat
[2010/08/04 19:28:27 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\Kyle\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2010/08/04 19:28:25 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\Kyle\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010/08/04 19:26:26 | 000,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD
[2010/08/04 19:25:27 | 000,000,793 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2010/08/04 19:23:22 | 000,410,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deploytk.dll
[2010/08/04 19:23:22 | 000,148,888 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010/08/04 19:23:22 | 000,144,792 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010/08/04 19:23:22 | 000,144,792 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010/08/04 19:23:22 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010/08/04 19:18:10 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/08/04 19:18:10 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2010/08/04 19:18:10 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/08/04 19:18:10 | 000,000,000 | ---- | M] () -- C:\WINDOWS\control.ini
[2010/08/04 19:18:10 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010/08/04 19:18:10 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010/08/04 19:18:08 | 000,000,507 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/08/04 19:18:05 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2010/08/04 19:18:05 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2010/08/04 19:18:04 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2010/08/04 19:18:01 | 000,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2010/08/04 19:17:33 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\System32\WindowsLogon.manifest
[2010/08/04 19:17:33 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2010/08/04 19:17:31 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2010/08/04 19:17:31 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\WindowsShell.Manifest
[2010/08/04 19:17:31 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2010/08/04 19:17:31 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2010/08/04 19:17:31 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2010/08/04 19:17:31 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2010/08/04 19:16:04 | 000,021,640 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010/08/04 19:16:03 | 000,000,037 | ---- | M] () -- C:\WINDOWS\vbaddin.ini
[2010/08/04 19:16:03 | 000,000,036 | ---- | M] () -- C:\WINDOWS\vb.ini
[2010/08/04 19:14:26 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2010/08/04 17:34:23 | 000,315,408 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klif.sys
[2010/08/04 17:29:39 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/08/04 17:26:44 | 000,000,648 | ---- | M] () -- C:\Documents and Settings\Kyle\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2010/08/04 17:02:33 | 000,232,968 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2010/08/04 17:02:33 | 000,000,001 | ---- | M] () -- C:\WINDOWS\System32\nvdrssel.bin
[2010/08/04 17:02:31 | 000,232,968 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2010/08/04 17:02:31 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\nvdrswr.lk
[2010/08/04 16:33:31 | 000,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2010/08/04 16:33:18 | 000,940,794 | ---- | M] () -- C:\WINDOWS\System32\LoopyMusic.wav
[2010/08/04 16:33:18 | 000,146,650 | ---- | M] () -- C:\WINDOWS\System32\BuzzingBee.wav
[2010/08/04 16:31:41 | 000,315,392 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\HideWin.exe
[2010/08/04 12:10:33 | 000,004,444 | ---- | M] () -- C:\WINDOWS\System32\pid.PNF
[2010/08/04 12:10:26 | 000,000,231 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/07/26 23:30:35 | 008,462,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shell32.dll
[2010/07/09 16:24:26 | 000,081,920 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvwddi.dll
[2010/07/09 16:24:18 | 000,277,608 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvmccs.dll
[2010/07/09 16:24:18 | 000,110,696 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvmctray.dll
[2010/07/09 16:24:16 | 013,923,432 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcpl.dll
[2010/07/09 16:24:16 | 000,145,000 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcolor.exe
[2010/07/09 15:38:00 | 013,549,568 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvoglnt.dll
[2010/07/09 15:38:00 | 010,604,128 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\drivers\nv4_mini.sys
[2010/07/09 15:38:00 | 010,604,128 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\dllcache\nv4_mini.sys
[2010/07/09 15:38:00 | 010,260,480 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcompiler.dll
[2010/07/09 15:38:00 | 006,343,040 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nv4_disp.dll
[2010/07/09 15:38:00 | 006,343,040 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\dllcache\nv4_disp.dll
[2010/07/09 15:38:00 | 004,595,712 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcuda.dll
[2010/07/09 15:38:00 | 002,914,408 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcuvid.dll
[2010/07/09 15:38:00 | 002,506,344 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcuvenc.dll
[2010/07/09 15:38:00 | 002,195,030 | ---- | M] () -- C:\WINDOWS\System32\nvdata.bin
[2010/07/09 15:38:00 | 001,388,544 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvapi.dll
[2010/07/09 15:38:00 | 000,236,136 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcodins.dll
[2010/07/09 15:38:00 | 000,236,136 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcod.dll
[2010/07/09 15:38:00 | 000,061,440 | ---- | M] (Khronos Group) -- C:\WINDOWS\System32\OpenCL.dll
[2010/07/09 15:38:00 | 000,007,959 | ---- | M] () -- C:\WINDOWS\System32\nvinfo.pb
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\Documents and Settings\Kyle\*.tmp files -> C:\Documents and Settings\Kyle\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/08/08 14:59:20 | 000,001,643 | ---- | C] () -- C:\Documents and Settings\Kyle\Desktop\Photomatix Pro 3.lnk
[2010/08/08 12:18:41 | 000,002,277 | ---- | C] () -- C:\Documents and Settings\Kyle\Desktop\Google Chrome.lnk
[2010/08/08 12:18:41 | 000,002,255 | ---- | C] () -- C:\Documents and Settings\Kyle\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/08/08 12:18:03 | 000,000,974 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-57989841-562591055-682003330-1004UA.job
[2010/08/08 12:18:02 | 000,000,922 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-57989841-562591055-682003330-1004Core.job
[2010/08/07 20:15:50 | 000,000,284 | ---- | C] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/08/07 19:59:39 | 000,001,620 | ---- | C] () -- C:\Documents and Settings\Kyle\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/08/05 19:21:19 | 000,000,666 | ---- | C] () -- C:\Documents and Settings\Kyle\Application Data\Microsoft\Internet Explorer\Quick Launch\Media Player Classic - Home Cinema.lnk
[2010/08/05 18:37:15 | 019,461,015 | ---- | C] () -- C:\Documents and Settings\Kyle\My Documents\vlc-1.1.2-win32.exe
[2010/08/05 14:11:24 | 000,001,828 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Vegas Movie Studio Platinum 9.0.lnk
[2010/08/04 21:45:38 | 000,000,260 | ---- | C] () -- C:\WINDOWS\tasks\WGASetup.job
[2010/08/04 19:28:27 | 000,000,079 | ---- | C] () -- C:\Documents and Settings\Kyle\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2010/08/04 19:28:25 | 000,000,815 | ---- | C] () -- C:\Documents and Settings\Kyle\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010/08/04 19:27:55 | 000,032,768 | -H-- | C] () -- C:\Documents and Settings\Kyle\ntuser.dat.LOG
[2010/08/04 19:27:55 | 000,000,178 | -HS- | C] () -- C:\Documents and Settings\Kyle\ntuser.ini
[2010/08/04 19:27:51 | 001,572,864 | -H-- | C] () -- C:\Documents and Settings\Kyle\NTUSER.DAT
[2010/08/04 19:26:26 | 000,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2010/08/04 19:25:27 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010/08/04 19:25:15 | 000,028,288 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xjis.nls
[2010/08/04 19:24:54 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prcp.nls
[2010/08/04 19:24:54 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prc.nls
[2010/08/04 19:24:53 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2010/08/04 19:24:42 | 000,047,066 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ksc.nls
[2010/08/04 19:24:41 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2010/08/04 19:24:37 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2010/08/04 19:24:36 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2010/08/04 19:24:35 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2010/08/04 19:24:28 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2010/08/04 19:24:24 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2010/08/04 19:24:22 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fpencode.dll
[2010/08/04 19:24:14 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2010/08/04 19:24:12 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_864.nls
[2010/08/04 19:24:12 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_862.nls
[2010/08/04 19:24:12 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_858.nls
[2010/08/04 19:24:12 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_720.nls
[2010/08/04 19:24:12 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_870.nls
[2010/08/04 19:24:11 | 000,180,770 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20932.nls
[2010/08/04 19:24:11 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20949.nls
[2010/08/04 19:24:11 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20936.nls
[2010/08/04 19:24:11 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_708.nls
[2010/08/04 19:24:11 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28596.nls
[2010/08/04 19:24:11 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21027.nls
[2010/08/04 19:24:11 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21025.nls
[2010/08/04 19:24:11 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20924.nls
[2010/08/04 19:24:11 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20880.nls
[2010/08/04 19:24:11 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20871.nls
[2010/08/04 19:24:11 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20838.nls
[2010/08/04 19:24:11 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20833.nls
[2010/08/04 19:24:11 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20424.nls
[2010/08/04 19:24:11 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20423.nls
[2010/08/04 19:24:11 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20420.nls
[2010/08/04 19:24:11 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20297.nls
[2010/08/04 19:24:10 | 000,187,938 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20005.nls
[2010/08/04 19:24:10 | 000,186,402 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20001.nls
[2010/08/04 19:24:10 | 000,185,378 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20003.nls
[2010/08/04 19:24:10 | 000,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20004.nls
[2010/08/04 19:24:10 | 000,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20000.nls
[2010/08/04 19:24:10 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20002.nls
[2010/08/04 19:24:10 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20290.nls
[2010/08/04 19:24:10 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20285.nls
[2010/08/04 19:24:10 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20284.nls
[2010/08/04 19:24:10 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20280.nls
[2010/08/04 19:24:10 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20278.nls
[2010/08/04 19:24:10 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20277.nls
[2010/08/04 19:24:10 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20273.nls
[2010/08/04 19:24:10 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20269.nls
[2010/08/04 19:24:10 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20108.nls
[2010/08/04 19:24:10 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20107.nls
[2010/08/04 19:24:10 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20106.nls
[2010/08/04 19:24:10 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20105.nls
[2010/08/04 19:24:09 | 000,189,986 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1361.nls
[2010/08/04 19:24:09 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10008.nls
[2010/08/04 19:24:09 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1149.nls
[2010/08/04 19:24:09 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1148.nls
[2010/08/04 19:24:09 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1147.nls
[2010/08/04 19:24:09 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1146.nls
[2010/08/04 19:24:09 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1145.nls
[2010/08/04 19:24:09 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1144.nls
[2010/08/04 19:24:09 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1143.nls
[2010/08/04 19:24:09 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1142.nls
[2010/08/04 19:24:09 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1141.nls
[2010/08/04 19:24:09 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1140.nls
[2010/08/04 19:24:09 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1047.nls
[2010/08/04 19:24:09 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10021.nls
[2010/08/04 19:24:09 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10005.nls
[2010/08/04 19:24:09 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10004.nls
[2010/08/04 19:24:08 | 000,195,618 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10002.nls
[2010/08/04 19:24:08 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10003.nls
[2010/08/04 19:24:08 | 000,162,850 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10001.nls
[2010/08/04 19:24:08 | 000,082,172 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bopomofo.nls
[2010/08/04 19:24:08 | 000,066,728 | ---- | C] () -- C:\WINDOWS\System32\dllcache\big5.nls
[2010/08/04 19:23:14 | 000,001,602 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2010/08/04 19:18:10 | 000,002,577 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/08/04 19:18:10 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2010/08/04 19:18:10 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2010/08/04 19:18:10 | 000,000,000 | ---- | C] () -- C:\CONFIG.SYS
[2010/08/04 19:18:10 | 000,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT
[2010/08/04 19:18:05 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2010/08/04 19:18:05 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2010/08/04 19:18:04 | 000,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2010/08/04 19:17:33 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\WindowsLogon.manifest
[2010/08/04 19:17:33 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2010/08/04 19:17:31 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2010/08/04 19:17:31 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\WindowsShell.Manifest
[2010/08/04 19:17:31 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2010/08/04 19:17:31 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2010/08/04 19:17:31 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2010/08/04 19:17:31 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2010/08/04 19:17:20 | 004,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex
[2010/08/04 19:17:08 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2010/08/04 19:17:07 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2010/08/04 19:17:03 | 000,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf
[2010/08/04 19:16:34 | 000,376,832 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msinfo.dll
[2010/08/04 19:16:04 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010/08/04 19:15:58 | 000,162,304 | ---- | C] () -- C:\WINDOWS\System32\libpng13.dll
[2010/08/04 19:15:57 | 000,394,752 | ---- | C] () -- C:\WINDOWS\System32\cygwinb19.dll
[2010/08/04 19:15:57 | 000,271,264 | ---- | C] () -- C:\WINDOWS\System\vbrun100.dll
[2010/08/04 19:15:57 | 000,059,904 | ---- | C] () -- C:\WINDOWS\System32\zlib1.dll
[2010/08/04 19:15:56 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System\MSVCRT10.DLL
[2010/08/04 19:15:38 | 000,009,522 | ---- | C] () -- C:\WINDOWS\Zapotec.bmp
[2010/08/04 19:15:37 | 000,093,702 | ---- | C] () -- C:\WINDOWS\System32\subrange.uce
[2010/08/04 19:15:37 | 000,065,978 | ---- | C] () -- C:\WINDOWS\Soap Bubbles.bmp
[2010/08/04 19:15:37 | 000,065,954 | ---- | C] () -- C:\WINDOWS\Prairie Wind.bmp
[2010/08/04 19:15:37 | 000,065,832 | ---- | C] () -- C:\WINDOWS\Santa Fe Stucco.bmp
[2010/08/04 19:15:37 | 000,026,680 | ---- | C] () -- C:\WINDOWS\River Sumida.bmp
[2010/08/04 19:15:37 | 000,026,582 | ---- | C] () -- C:\WINDOWS\Greenstone.bmp
[2010/08/04 19:15:37 | 000,017,362 | ---- | C] () -- C:\WINDOWS\Rhododendron.bmp
[2010/08/04 19:15:37 | 000,017,336 | ---- | C] () -- C:\WINDOWS\Gone Fishing.bmp
[2010/08/04 19:15:37 | 000,017,062 | ---- | C] () -- C:\WINDOWS\Coffee Bean.bmp
[2010/08/04 19:15:37 | 000,016,740 | ---- | C] () -- C:\WINDOWS\System32\shiftjis.uce
[2010/08/04 19:15:37 | 000,016,730 | ---- | C] () -- C:\WINDOWS\FeatherTexture.bmp
[2010/08/04 19:15:37 | 000,001,272 | ---- | C] () -- C:\WINDOWS\Blue Lace 16.bmp
[2010/08/04 19:15:36 | 000,060,458 | ---- | C] () -- C:\WINDOWS\System32\ideograf.uce
[2010/08/04 19:15:36 | 000,024,006 | ---- | C] () -- C:\WINDOWS\System32\gb2312.uce
[2010/08/04 19:15:36 | 000,022,984 | ---- | C] () -- C:\WINDOWS\System32\bopomofo.uce
[2010/08/04 19:15:36 | 000,012,876 | ---- | C] () -- C:\WINDOWS\System32\korean.uce
[2010/08/04 19:15:36 | 000,008,484 | ---- | C] () -- C:\WINDOWS\System32\kanji_2.uce
[2010/08/04 19:15:36 | 000,006,948 | ---- | C] () -- C:\WINDOWS\System32\kanji_1.uce
[2010/08/04 19:15:35 | 000,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h
[2010/08/04 19:15:35 | 000,001,161 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2010/08/04 19:15:34 | 000,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h
[2010/08/04 19:15:30 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc
[2010/08/04 17:35:09 | 000,113,933 | ---- | C] () -- C:\WINDOWS\System32\drivers\klin.dat
[2010/08/04 17:35:09 | 000,097,549 | ---- | C] () -- C:\WINDOWS\System32\drivers\klick.dat
[2010/08/04 17:29:39 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/08/04 17:27:08 | 000,000,232 | ---- | C] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2010/08/04 17:26:44 | 000,000,648 | ---- | C] () -- C:\Documents and Settings\Kyle\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2010/08/04 17:02:33 | 000,232,968 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2010/08/04 17:02:31 | 000,232,968 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2010/08/04 17:02:31 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2010/08/04 17:02:31 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\nvdrswr.lk
[2010/08/04 17:02:16 | 000,007,959 | ---- | C] () -- C:\WINDOWS\System32\nvinfo.pb
[2010/08/04 17:02:15 | 002,195,030 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin
[2010/08/04 16:33:31 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010/08/04 16:33:18 | 000,146,650 | ---- | C] () -- C:\WINDOWS\System32\BuzzingBee.wav
[2010/08/04 16:33:17 | 000,940,794 | ---- | C] () -- C:\WINDOWS\System32\LoopyMusic.wav
[2010/08/04 16:32:03 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2010/08/04 12:10:33 | 000,004,444 | ---- | C] () -- C:\WINDOWS\System32\pid.PNF
[2010/08/04 12:10:32 | 000,001,355 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2010/08/04 12:10:28 | 001,685,606 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.spd
[2010/08/04 12:10:28 | 000,000,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.sdf
[2010/08/04 12:10:27 | 000,643,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa
[2010/08/04 12:10:27 | 000,605,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa
[2010/08/04 12:10:26 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28603.nls
[2010/08/04 12:10:26 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28603.nls
[2010/08/04 12:10:24 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_857.nls
[2010/08/04 12:10:24 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_857.nls
[2010/08/04 12:10:24 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28599.nls
[2010/08/04 12:10:24 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28599.nls
[2010/08/04 12:10:24 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10081.nls
[2010/08/04 12:10:24 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10081.nls
[2010/08/04 12:10:22 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28595.nls
[2010/08/04 12:10:22 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28595.NLS
[2010/08/04 12:10:22 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10017.nls
[2010/08/04 12:10:22 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10017.nls
[2010/08/04 12:10:22 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10007.nls
[2010/08/04 12:10:22 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10007.nls
[2010/08/04 12:10:21 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_869.nls
[2010/08/04 12:10:21 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_869.nls
[2010/08/04 12:10:21 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_737.nls
[2010/08/04 12:10:21 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_737.nls
[2010/08/04 12:10:21 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_875.nls
[2010/08/04 12:10:21 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_875.nls
[2010/08/04 12:10:21 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28597.nls
[2010/08/04 12:10:21 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28597.NLS
[2010/08/04 12:10:21 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10006.nls
[2010/08/04 12:10:21 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10006.nls
[2010/08/04 12:10:20 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_866.nls
[2010/08/04 12:10:20 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_866.nls
[2010/08/04 12:10:20 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_855.nls
[2010/08/04 12:10:20 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_855.nls
[2010/08/04 12:10:20 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28594.nls
[2010/08/04 12:10:20 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28594.NLS
[2010/08/04 12:10:18 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_852.nls
[2010/08/04 12:10:18 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_852.nls
[2010/08/04 12:10:18 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10082.nls
[2010/08/04 12:10:18 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10082.nls
[2010/08/04 12:10:18 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10029.nls
[2010/08/04 12:10:18 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10029.nls
[2010/08/04 12:10:18 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10010.nls
[2010/08/04 12:10:18 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10010.nls
[2010/08/04 12:10:16 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20127.nls
[2010/08/04 12:10:16 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_20127.nls
[2010/08/04 12:10:13 | 000,001,688 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2010/08/04 12:08:05 | 000,144,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\netfx.cat
[2010/08/04 12:08:05 | 000,112,918 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tabletpc.cat
[2010/08/04 12:08:05 | 000,034,747 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mediactr.cat
[2010/08/04 12:08:05 | 000,026,991 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn7.cat
[2010/08/04 12:08:05 | 000,014,433 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn9.cat
[2010/08/04 12:08:05 | 000,010,027 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSTSWEB.CAT
[2010/08/04 12:08:05 | 000,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2010/08/04 12:08:05 | 000,007,382 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2010/08/04 12:08:04 | 002,144,487 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5.CAT
[2010/08/04 12:08:04 | 001,296,669 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP3.CAT
[2010/08/04 12:08:04 | 000,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2010/08/04 12:08:04 | 000,522,220 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5INF.CAT
[2010/08/04 12:08:04 | 000,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2010/08/04 12:08:04 | 000,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2010/08/04 12:08:04 | 000,034,063 | ---- | C] () -- C:\WINDOWS\System32\dllcache\FP4.CAT
[2010/08/04 12:08:04 | 000,016,535 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IMS.CAT
[2010/08/04 12:08:04 | 000,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2010/08/04 12:08:04 | 000,012,363 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSMSGS.CAT
[2010/08/04 12:08:04 | 000,007,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat
[2010/08/04 12:07:15 | 000,098,256 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/08/04 12:06:38 | 000,000,211 | -HS- | C] () -- C:\boot.ini
[2010/08/04 12:06:37 | 000,000,793 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf
[2009/03/12 07:03:58 | 000,000,382 | ---- | C] () -- C:\WINDOWS\System32\Oeminfo.ini
[2001/08/23 05:00:00 | 000,667,136 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.DLL

========== Custom Scans ==========


< >

< %SYSTEMDRIVE%\*.* >
[2010/08/04 19:18:10 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010/08/04 19:14:26 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2010/08/04 19:18:10 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010/08/04 19:18:10 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/08/04 19:18:10 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2008/04/13 13:13:04 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008/04/13 15:01:44 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2010/08/08 13:08:14 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys
[2010/08/04 16:37:10 | 000,031,610 | ---- | M] () -- C:\TDSSKiller.2.4.1.0_04.08.2010_16.35.00_log.txt
[2010/08/04 17:02:02 | 000,031,610 | ---- | M] () -- C:\TDSSKiller.2.4.1.0_04.08.2010_16.37.51_log.txt
[2010/08/04 17:29:02 | 000,031,846 | ---- | M] () -- C:\TDSSKiller.2.4.1.0_04.08.2010_17.28.50_log.txt

< %systemroot%\system32\*.wt >

< %systemroot%\system32\*.ruy >

< %systemroot%\Fonts\*.com >
[2006/04/18 12:39:28 | 000,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2006/06/29 11:53:56 | 000,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006/04/18 12:39:28 | 000,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006/06/29 11:58:52 | 000,030,808 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2010/08/04 19:17:53 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2008/07/06 05:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2008/07/06 03:50:03 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >

< %PROGRAMFILES%\*.* >

< %APPDATA%\Update\*.* >

< %ALLUSERSPROFILE%\Application Data\*. >
[2010/08/08 14:56:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2010/08/07 20:15:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple
[2010/08/07 20:17:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
[2010/08/08 13:08:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
[2010/08/04 17:32:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
[2010/08/04 17:29:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/08/04 19:18:06 | 000,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2010/08/04 17:02:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NVIDIA Corporation
[2010/08/05 14:11:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sony

< %ALLUSERSPROFILE%\Application Data\*.exe /s >
[2009/11/14 06:06:34 | 000,059,992 | ---- | M] (Kaspersky Lab) -- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files\Kaspersky Internet Security 2010 9.0.0.736\English\setup.exe

< %APPDATA%\*. >
[2010/08/08 14:57:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kyle\Application Data\Adobe
[2010/08/07 20:17:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kyle\Application Data\Apple Computer
[2010/08/04 19:28:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kyle\Application Data\Identities
[2010/08/04 19:30:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kyle\Application Data\InstallShield
[2010/08/04 17:27:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kyle\Application Data\Macromedia
[2010/08/04 17:29:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kyle\Application Data\Malwarebytes
[2010/08/05 19:21:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kyle\Application Data\Media Player Classic
[2010/08/08 14:59:25 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Kyle\Application Data\Microsoft
[2010/08/04 16:33:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kyle\Application Data\Mozilla
[2010/08/07 20:23:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kyle\Application Data\MPEG Streamclip
[2010/08/07 00:16:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kyle\Application Data\Publish Providers
[2010/08/07 20:18:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kyle\Application Data\Sony
[2010/08/04 19:23:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kyle\Application Data\Sun
[2010/08/08 15:21:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kyle\Application Data\uTorrent
[2010/08/05 13:30:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kyle\Application Data\vlc
[2010/08/04 16:34:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kyle\Application Data\WinRAR

< %APPDATA%\*.exe /s >

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >
[2010/08/04 12:06:38 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2010/08/04 12:06:38 | 001,089,536 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2010/08/04 12:06:38 | 000,921,600 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2010-08-06 07:37:59
< End of report >
  • 0

#4
plywoodhall
Posted 08 August 2010 - 01:42 PM

plywoodhall

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts
Here is the extras file:

OTL Extras logfile created on: 08/08/2010 15:06:27 - Run 1
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Documents and Settings\Kyle\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 68.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 87.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 465.75 Gb Total Space | 455.71 Gb Free Space | 97.84% Space Free | Partition Type: NTFS
Drive D: | 618.51 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: KYLE-76C8D87336
Current User Name: Kyle
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
"" =

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1" = Media Player Classic - Home Cinema v. 1.3.1249.0
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java™ 6 Update 13
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{54E4B63C-D252-454C-BE4F-468F102B331C}" = Adobe Shockwave Player
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{8B7917E0-AF55-4E8A-9473-017F0AA03AC8}" = QuickTime
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{97E038E1-41AD-4C93-BCDC-6A2394AEE352}" = Vegas Movie Studio Platinum 9.0
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9D8B0949-7C47-476F-9F06-F900D3B078EA}" = Kaspersky Internet Security 2010
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C9B26742-06BE-3B75-B1DE-7B91B5956A04}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30304
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D1BB4446-AE9C-4256-9A7F-4D46604D2462}" = Adobe Setup
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_2ac78060bc5856b0c1cf873bb919b58" = Adobe Photoshop CS3
"Combined Community Codec Pack_is1" = Combined Community Codec Pack 2009-09-09
"InstallWIX_{9D8B0949-7C47-476F-9F06-F900D3B078EA}" = Kaspersky Internet Security 2010
"LClock" = LClock
"Magic Bullet Editors 2.0 Vegas" = Magic Bullet Editors 2.0 Vegas
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8)
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"PhotomatixPro3x32_is1" = Photomatix Pro version 3.2.9
"ToolTipFixer" = ToolTipFixer 2.0
"uTorrent" = µTorrent
"VLC media player" = VLC media player 0.9.8a
"WinRAR archiver" = WinRAR archiver

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 04/08/2010 22:20:17 | Computer Name = KYLE-76C8D87336 | Source = MsiInstaller | ID = 10005
Description = Product: Microsoft .NET Framework 3.0 Service Pack 2 -- Error 2004.
Method SHGetFolderPath failed. HRESULT: 0x80004005.

Error - 04/08/2010 22:20:17 | Computer Name = KYLE-76C8D87336 | Source = MsiInstaller | ID = 10005
Description = Product: Microsoft .NET Framework 3.0 Service Pack 2 -- Error 2004.
Method GetFontCacheDataFolder failed. HRESULT: 0x80004005.

Error - 04/08/2010 22:27:33 | Computer Name = KYLE-76C8D87336 | Source = WinMgmt | ID = 4
Description = Failed to load MOF C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V1.1.4322\ASPNET.MOF
while recovering repository file.

Error - 04/08/2010 22:27:34 | Computer Name = KYLE-76C8D87336 | Source = WinMgmt | ID = 4
Description = Failed to load MOF C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V2.0.50727\CLR.MOF
while recovering repository file.

Error - 04/08/2010 22:27:34 | Computer Name = KYLE-76C8D87336 | Source = WinMgmt | ID = 4
Description = Failed to load MOF C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V2.0.50727\ASPNET.MOF
while recovering repository file.

Error - 04/08/2010 22:27:34 | Computer Name = KYLE-76C8D87336 | Source = WinMgmt | ID = 4
Description = Failed to load MOF C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.0\WINDOWS
COMMUNICATION FOUNDATION\SERVICEMODEL.MOF while recovering repository file.

[ System Events ]
Error - 04/08/2010 22:25:37 | Computer Name = KYLE-76C8D87336 | Source = Setup | ID = 60055
Description = Windows Setup encountered non-fatal errors during installation. Please
check the setuperr.log found in your Windows directory for more informatio

Error - 04/08/2010 23:48:36 | Computer Name = KYLE-76C8D87336 | Source = sr | ID = 1
Description = The System Restore filter encountered the unexpected error '0xC0000001'
while processing the file '' on the volume 'HarddiskVolume1'. It has stopped monitoring
the volume.

Error - 04/08/2010 23:48:37 | Computer Name = KYLE-76C8D87336 | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
nvatabus

Error - 07/08/2010 01:26:30 | Computer Name = KYLE-76C8D87336 | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
nvatabus

Error - 07/08/2010 17:00:23 | Computer Name = KYLE-76C8D87336 | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
nvatabus

Error - 08/08/2010 02:27:52 | Computer Name = KYLE-76C8D87336 | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
nvatabus

Error - 08/08/2010 16:08:48 | Computer Name = KYLE-76C8D87336 | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
nvatabus


< End of report >
  • 0

#5
plywoodhall
Posted 08 August 2010 - 05:03 PM

plywoodhall

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts
GMER:

GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-08-08 18:51:24
Windows 5.1.2600 Service Pack 3
Running: fcv5313i.exe; Driver: C:\DOCUME~1\Kyle\LOCALS~1\Temp\kwtoifow.sys


---- System - GMER 1.0.15 ----

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwAdjustPrivilegesToken [0xB4B0958C]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwClose [0xB4B09E0C]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwConnectPort [0xB4B0A922]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateEvent [0xB4B0AE94]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateFile [0xB4B0A0EE]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateKey [0xB4B08436]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateMutant [0xB4B0AD6C]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateNamedPipeFile [0xB4B09192]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreatePort [0xB4B0AC28]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateSection [0xB4B0934E]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateSemaphore [0xB4B0AFC6]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateSymbolicLinkObject [0xB4B0CC08]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateThread [0xB4B09AAA]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateWaitablePort [0xB4B0ACCA]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwDebugActiveProcess [0xB4B0C5FA]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwDeleteKey [0xB4B089FA]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwDeleteValueKey [0xB4B08D88]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwDeviceIoControlFile [0xB4B0A576]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwDuplicateObject [0xB4B0D5CA]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwEnumerateKey [0xB4B08ECA]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwEnumerateValueKey [0xB4B08F74]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwFsControlFile [0xB4B0A382]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwLoadDriver [0xB4B0C68C]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwLoadKey [0xB4B08412]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwLoadKey2 [0xB4B08424]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwMapViewOfSection [0xB4B0CCBC]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwNotifyChangeKey [0xB4B090C0]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwOpenEvent [0xB4B0AF36]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwOpenFile [0xB4B09E8E]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwOpenKey [0xB4B085DC]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwOpenMutant [0xB4B0AE04]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwOpenProcess [0xB4B09792]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwOpenSection [0xB4B0CC32]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwOpenSemaphore [0xB4B0B068]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwOpenThread [0xB4B096B6]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwQueryKey [0xB4B0901E]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwQueryMultipleValueKey [0xB4B08C46]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwQuerySection [0xB4B0CFD4]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwQueryValueKey [0xB4B08896]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwQueueApcThread [0xB4B0C922]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwRenameKey [0xB4B08B0E]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwReplaceKey [0xB4B082B0]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwReplyPort [0xB4B0B3F2]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwReplyWaitReceivePort [0xB4B0B2B8]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwRequestWaitReplyPort [0xB4B0C39A]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwRestoreKey [0xB4B0FE2C]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwResumeThread [0xB4B0D4AC]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSaveKey [0xB4B08248]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSecureConnectPort [0xB4B0A65C]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSetContextThread [0xB4B09CC8]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSetInformationToken [0xB4B0BC4A]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSetSecurityObject [0xB4B0C786]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSetSystemInformation [0xB4B0D114]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSetValueKey [0xB4B0871E]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSuspendProcess [0xB4B0D1F8]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSuspendThread [0xB4B0D320]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSystemDebugControl [0xB4B0C526]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwTerminateProcess [0xB4B0990A]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwTerminateThread [0xB4B09860]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwUnmapViewOfSection [0xB4B0CE8A]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwWriteVirtualMemory [0xB4B099EA]

Code \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) FsRtlCheckLockForReadAccess
Code \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) IoIsOperationSynchronous

---- Devices - GMER 1.0.15 ----

AttachedDevice \Driver\Tcpip \Device\Ip kl1.sys (Kaspersky Unified Driver/Kaspersky Lab)
AttachedDevice \Driver\Tcpip \Device\Tcp kl1.sys (Kaspersky Unified Driver/Kaspersky Lab)
AttachedDevice \Driver\Tcpip \Device\Udp kl1.sys (Kaspersky Unified Driver/Kaspersky Lab)
AttachedDevice \Driver\Tcpip \Device\RawIp kl1.sys (Kaspersky Unified Driver/Kaspersky Lab)

---- EOF - GMER 1.0.15 ----
  • 0

#6
hammerman
Posted 08 August 2010 - 05:12 PM

hammerman

    Member 4k

  • Member
  • PipPipPipPipPipPipPip
  • 4,183 posts
Hi,

I notice you have run TDSSKiller. Could you please post these logs.

C:\TDSSKiller.2.4.1.0_04.08.2010_16.35.00_log.txt
C:\TDSSKiller.2.4.1.0_04.08.2010_16.37.51_log.txt
C:\TDSSKiller.2.4.1.0_04.08.2010_17.28.50_log.txt


Please download MBRCheck.exe to your desktop.

  • Be sure to disable your security programs
  • Double click on the file to run it (Vista and Windows 7 users will have to confirm the UAC prompt)
  • A black window will open on your desktop
  • If an unknown bootcode is found you will have further options available to you, at this time press N then press Enter twice.
  • If nothing unusual is found just press Enter
  • A .txt file named MBRCheck_mm.dd.yy_hh.mm.ss should appear on your desktop.
  • Please post the contents of that file in your reply.

  • 0

#7
plywoodhall
Posted 08 August 2010 - 05:15 PM

plywoodhall

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts
TDSSKiller.2.4.1.0_04.08.2010_16.35.00_log :


2010/08/04 16:35:00.0125 TDSS rootkit removing tool 2.4.1.0 Aug 4 2010 15:06:41
2010/08/04 16:35:00.0125 ================================================================================
2010/08/04 16:35:00.0125 SystemInfo:
2010/08/04 16:35:00.0125
2010/08/04 16:35:00.0125 OS Version: 5.1.2600 ServicePack: 3.0
2010/08/04 16:35:00.0125 Product type: Workstation
2010/08/04 16:35:00.0125 ComputerName: KYLE-76C8D87336
2010/08/04 16:35:00.0125 UserName: Kyle
2010/08/04 16:35:00.0125 Windows directory: C:\WINDOWS
2010/08/04 16:35:00.0125 System windows directory: C:\WINDOWS
2010/08/04 16:35:00.0125 Processor architecture: Intel x86
2010/08/04 16:35:00.0125 Number of processors: 2
2010/08/04 16:35:00.0125 Page size: 0x1000
2010/08/04 16:35:00.0125 Boot type: Normal boot
2010/08/04 16:35:00.0125 ================================================================================
2010/08/04 16:35:00.0281 Initialize success
2010/08/04 16:35:01.0265 ================================================================================
2010/08/04 16:35:01.0265 Scan started
2010/08/04 16:35:01.0265 Mode: Manual;
2010/08/04 16:35:01.0265 ================================================================================
2010/08/04 16:35:03.0875 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2010/08/04 16:35:04.0500 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
2010/08/04 16:35:06.0015 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2010/08/04 16:35:06.0656 AFD (7618d5218f2a614672ec61a80d854a37) C:\WINDOWS\System32\drivers\afd.sys
2010/08/04 16:35:10.0468 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
2010/08/04 16:35:12.0984 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2010/08/04 16:35:13.0640 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2010/08/04 16:35:14.0906 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2010/08/04 16:35:15.0562 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2010/08/04 16:35:16.0218 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2010/08/04 16:35:16.0890 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2010/08/04 16:35:18.0156 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2010/08/04 16:35:18.0781 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2010/08/04 16:35:19.0421 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2010/08/04 16:35:23.0203 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2010/08/04 16:35:23.0859 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
2010/08/04 16:35:24.0515 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
2010/08/04 16:35:25.0156 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2010/08/04 16:35:25.0796 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2010/08/04 16:35:27.0062 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2010/08/04 16:35:27.0718 exFat (3ef58f2eae3aecab45d682152db2f67d) C:\WINDOWS\system32\drivers\exFat.sys
2010/08/04 16:35:28.0375 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2010/08/04 16:35:29.0015 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
2010/08/04 16:35:29.0656 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
2010/08/04 16:35:30.0296 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
2010/08/04 16:35:30.0953 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
2010/08/04 16:35:31.0593 Fs_Rec (c865b83411d7347627a4beec22543fb1) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2010/08/04 16:35:32.0234 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2010/08/04 16:35:32.0875 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2010/08/04 16:35:33.0500 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
2010/08/04 16:35:34.0156 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2010/08/04 16:35:35.0421 HTTP (f6aacf5bce2893e0c1754afeb672e5c9) C:\WINDOWS\system32\Drivers\HTTP.sys
2010/08/04 16:35:37.0312 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2010/08/04 16:35:37.0968 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2010/08/04 16:35:39.0359 IntcAzAudAddService (c464cf7a58c011a70188602b55c64e99) C:\WINDOWS\system32\drivers\RtkHDAud.sys
2010/08/04 16:35:40.0656 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
2010/08/04 16:35:41.0296 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2010/08/04 16:35:41.0921 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2010/08/04 16:35:42.0562 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2010/08/04 16:35:43.0203 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2010/08/04 16:35:43.0843 irda (aca5e7b54409f9cb5eed97ed0c81120e) C:\WINDOWS\system32\DRIVERS\irda.sys
2010/08/04 16:35:44.0484 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2010/08/04 16:35:45.0125 irsir (0501f0b9ab08425f8c0eacbdcc04aa32) C:\WINDOWS\system32\DRIVERS\irsir.sys
2010/08/04 16:35:45.0750 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2010/08/04 16:35:46.0390 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2010/08/04 16:35:47.0046 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
2010/08/04 16:35:47.0687 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2010/08/04 16:35:48.0312 KSecDD (1705745d900dabf2d89f90ebaddc7517) C:\WINDOWS\system32\drivers\KSecDD.sys
2010/08/04 16:35:49.0593 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2010/08/04 16:35:50.0250 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
2010/08/04 16:35:50.0875 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2010/08/04 16:35:51.0484 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2010/08/04 16:35:52.0093 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2010/08/04 16:35:53.0296 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2010/08/04 16:35:53.0921 MRxSmb (60ae98742484e7ab80c3c1450e708148) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2010/08/04 16:35:54.0546 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2010/08/04 16:35:55.0171 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2010/08/04 16:35:55.0796 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2010/08/04 16:35:56.0406 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2010/08/04 16:35:57.0015 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2010/08/04 16:35:57.0625 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
2010/08/04 16:35:58.0265 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2010/08/04 16:35:58.0875 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2010/08/04 16:35:59.0500 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2010/08/04 16:36:00.0109 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2010/08/04 16:36:00.0734 NDProxy (6215023940cfd3702b46abc304e1d45a) C:\WINDOWS\system32\drivers\NDProxy.sys
2010/08/04 16:36:01.0343 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2010/08/04 16:36:01.0968 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2010/08/04 16:36:02.0609 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
2010/08/04 16:36:03.0234 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2010/08/04 16:36:03.0859 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2010/08/04 16:36:04.0500 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2010/08/04 16:36:05.0109 nvatabus (c03e15101f6d9e82cd9b0e7d715f5de3) C:\WINDOWS\system32\drivers\nvatabus.sys
2010/08/04 16:36:05.0718 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2010/08/04 16:36:06.0343 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2010/08/04 16:36:06.0953 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
2010/08/04 16:36:07.0578 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
2010/08/04 16:36:08.0203 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2010/08/04 16:36:08.0843 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
2010/08/04 16:36:09.0453 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
2010/08/04 16:36:10.0671 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
2010/08/04 16:36:11.0296 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
2010/08/04 16:36:16.0515 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2010/08/04 16:36:17.0375 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys
2010/08/04 16:36:18.0156 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2010/08/04 16:36:18.0796 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2010/08/04 16:36:22.0562 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2010/08/04 16:36:23.0218 Rasirda (0207d26ddf796a193ccd9f83047bb5fc) C:\WINDOWS\system32\DRIVERS\rasirda.sys
2010/08/04 16:36:23.0875 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2010/08/04 16:36:24.0671 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2010/08/04 16:36:25.0343 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2010/08/04 16:36:25.0984 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2010/08/04 16:36:26.0703 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2010/08/04 16:36:27.0375 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
2010/08/04 16:36:28.0046 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
2010/08/04 16:36:28.0765 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
2010/08/04 16:36:29.0437 RTLE8023xp (b52b25f41bf3511071a0e7d10d659c56) C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
2010/08/04 16:36:30.0156 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2010/08/04 16:36:30.0906 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
2010/08/04 16:36:31.0656 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
2010/08/04 16:36:32.0328 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
2010/08/04 16:36:34.0390 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2010/08/04 16:36:35.0031 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
2010/08/04 16:36:35.0687 Srv (3bb03f2ba89d2be417206c373d2af17c) C:\WINDOWS\system32\DRIVERS\srv.sys
2010/08/04 16:36:36.0343 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2010/08/04 16:36:36.0984 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2010/08/04 16:36:40.0203 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2010/08/04 16:36:40.0859 Tcpip (9425b72f40257b45d45d24773273dad0) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2010/08/04 16:36:41.0500 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2010/08/04 16:36:42.0140 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2010/08/04 16:36:42.0796 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2010/08/04 16:36:44.0093 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2010/08/04 16:36:45.0343 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2010/08/04 16:36:46.0015 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2010/08/04 16:36:46.0609 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2010/08/04 16:36:47.0218 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2010/08/04 16:36:47.0812 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
2010/08/04 16:36:48.0437 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2010/08/04 16:36:49.0609 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
2010/08/04 16:36:50.0234 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2010/08/04 16:36:51.0468 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2010/08/04 16:36:52.0156 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2010/08/04 16:36:52.0781 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2010/08/04 16:36:52.0812 ================================================================================
2010/08/04 16:36:52.0812 Scan finished
2010/08/04 16:36:52.0812 ================================================================================
2010/08/04 16:37:10.0515 Deinitialize success

Edited by plywoodhall, 08 August 2010 - 05:36 PM.

  • 0

#8
plywoodhall
Posted 08 August 2010 - 05:16 PM

plywoodhall

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts
TDSSKiller.2.4.1.0_04.08.2010_16.37.51_log


2010/08/04 16:37:51.0593 TDSS rootkit removing tool 2.4.1.0 Aug 4 2010 15:06:41
2010/08/04 16:37:51.0593 ================================================================================
2010/08/04 16:37:51.0593 SystemInfo:
2010/08/04 16:37:51.0593
2010/08/04 16:37:51.0593 OS Version: 5.1.2600 ServicePack: 3.0
2010/08/04 16:37:51.0593 Product type: Workstation
2010/08/04 16:37:51.0593 ComputerName: KYLE-76C8D87336
2010/08/04 16:37:51.0593 UserName: Kyle
2010/08/04 16:37:51.0593 Windows directory: C:\WINDOWS
2010/08/04 16:37:51.0593 System windows directory: C:\WINDOWS
2010/08/04 16:37:51.0593 Processor architecture: Intel x86
2010/08/04 16:37:51.0593 Number of processors: 2
2010/08/04 16:37:51.0593 Page size: 0x1000
2010/08/04 16:37:51.0593 Boot type: Normal boot
2010/08/04 16:37:51.0593 ================================================================================
2010/08/04 16:37:51.0687 Initialize success
2010/08/04 16:37:52.0921 ================================================================================
2010/08/04 16:37:52.0921 Scan started
2010/08/04 16:37:52.0921 Mode: Manual;
2010/08/04 16:37:52.0921 ================================================================================
2010/08/04 16:37:55.0296 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2010/08/04 16:37:55.0937 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
2010/08/04 16:37:57.0437 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2010/08/04 16:37:58.0093 AFD (7618d5218f2a614672ec61a80d854a37) C:\WINDOWS\System32\drivers\afd.sys
2010/08/04 16:38:01.0843 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
2010/08/04 16:38:04.0468 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2010/08/04 16:38:05.0375 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2010/08/04 16:38:06.0640 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2010/08/04 16:38:07.0343 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2010/08/04 16:38:08.0000 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2010/08/04 16:38:08.0640 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2010/08/04 16:38:10.0500 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2010/08/04 16:38:11.0171 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2010/08/04 16:38:11.0921 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2010/08/04 16:38:16.0312 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2010/08/04 16:38:17.0109 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
2010/08/04 16:38:17.0828 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
2010/08/04 16:38:18.0625 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2010/08/04 16:38:20.0359 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2010/08/04 16:38:22.0218 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2010/08/04 16:38:22.0890 exFat (3ef58f2eae3aecab45d682152db2f67d) C:\WINDOWS\system32\drivers\exFat.sys
2010/08/04 16:38:23.0890 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2010/08/04 16:38:24.0546 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
2010/08/04 16:38:25.0203 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
2010/08/04 16:38:26.0125 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
2010/08/04 16:38:26.0765 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
2010/08/04 16:38:27.0421 Fs_Rec (c865b83411d7347627a4beec22543fb1) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2010/08/04 16:38:28.0062 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2010/08/04 16:38:28.0875 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2010/08/04 16:38:29.0812 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
2010/08/04 16:38:30.0578 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2010/08/04 16:38:31.0843 HTTP (f6aacf5bce2893e0c1754afeb672e5c9) C:\WINDOWS\system32\Drivers\HTTP.sys
2010/08/04 16:38:33.0718 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2010/08/04 16:38:34.0578 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2010/08/04 16:38:35.0937 IntcAzAudAddService (c464cf7a58c011a70188602b55c64e99) C:\WINDOWS\system32\drivers\RtkHDAud.sys
2010/08/04 16:38:37.0203 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
2010/08/04 16:38:37.0828 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2010/08/04 16:38:38.0500 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2010/08/04 16:38:39.0234 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2010/08/04 16:38:40.0421 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2010/08/04 16:38:41.0187 irda (aca5e7b54409f9cb5eed97ed0c81120e) C:\WINDOWS\system32\DRIVERS\irda.sys
2010/08/04 16:38:41.0843 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2010/08/04 16:38:42.0609 irsir (0501f0b9ab08425f8c0eacbdcc04aa32) C:\WINDOWS\system32\DRIVERS\irsir.sys
2010/08/04 16:38:43.0406 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2010/08/04 16:38:44.0046 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2010/08/04 16:38:44.0796 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
2010/08/04 16:38:45.0437 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2010/08/04 16:38:46.0093 KSecDD (1705745d900dabf2d89f90ebaddc7517) C:\WINDOWS\system32\drivers\KSecDD.sys
2010/08/04 16:38:47.0406 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2010/08/04 16:38:48.0062 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
2010/08/04 16:38:48.0703 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2010/08/04 16:38:49.0359 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2010/08/04 16:38:50.0000 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2010/08/04 16:38:51.0343 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2010/08/04 16:38:51.0984 MRxSmb (60ae98742484e7ab80c3c1450e708148) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2010/08/04 16:38:52.0703 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2010/08/04 16:38:53.0468 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2010/08/04 16:38:54.0125 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2010/08/04 16:38:54.0765 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2010/08/04 16:38:55.0421 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2010/08/04 16:38:56.0093 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
2010/08/04 16:38:56.0953 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2010/08/04 16:38:57.0796 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2010/08/04 16:38:58.0703 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2010/08/04 16:38:59.0531 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2010/08/04 16:39:00.0359 NDProxy (6215023940cfd3702b46abc304e1d45a) C:\WINDOWS\system32\drivers\NDProxy.sys
2010/08/04 16:39:01.0156 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2010/08/04 16:39:01.0921 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2010/08/04 16:39:02.0656 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
2010/08/04 16:39:03.0437 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2010/08/04 16:39:04.0093 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2010/08/04 16:39:04.0750 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2010/08/04 16:39:05.0531 nvatabus (c03e15101f6d9e82cd9b0e7d715f5de3) C:\WINDOWS\system32\drivers\nvatabus.sys
2010/08/04 16:39:06.0218 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2010/08/04 16:39:07.0031 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2010/08/04 16:39:07.0828 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
2010/08/04 16:39:08.0515 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
2010/08/04 16:39:09.0187 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2010/08/04 16:39:09.0859 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
2010/08/04 16:39:10.0578 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
2010/08/04 16:39:11.0984 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
2010/08/04 16:39:12.0750 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
2010/08/04 16:39:17.0609 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2010/08/04 16:39:18.0359 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys
2010/08/04 16:39:19.0015 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2010/08/04 16:39:19.0796 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2010/08/04 16:39:24.0468 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2010/08/04 16:39:25.0140 Rasirda (0207d26ddf796a193ccd9f83047bb5fc) C:\WINDOWS\system32\DRIVERS\rasirda.sys
2010/08/04 16:39:25.0796 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2010/08/04 16:39:26.0500 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2010/08/04 16:39:27.0156 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2010/08/04 16:39:28.0218 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2010/08/04 16:39:28.0875 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2010/08/04 16:39:29.0500 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
2010/08/04 16:39:30.0171 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
2010/08/04 16:39:30.0828 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
2010/08/04 16:39:31.0515 RTLE8023xp (b52b25f41bf3511071a0e7d10d659c56) C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
2010/08/04 16:39:32.0171 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2010/08/04 16:39:32.0859 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
2010/08/04 16:39:33.0515 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
2010/08/04 16:39:34.0171 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
2010/08/04 16:39:36.0140 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2010/08/04 16:39:36.0796 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
2010/08/04 16:39:37.0468 Srv (3bb03f2ba89d2be417206c373d2af17c) C:\WINDOWS\system32\DRIVERS\srv.sys
2010/08/04 16:39:38.0140 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2010/08/04 16:39:38.0796 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2010/08/04 16:39:41.0984 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2010/08/04 16:39:42.0671 Tcpip (9425b72f40257b45d45d24773273dad0) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2010/08/04 16:39:43.0343 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2010/08/04 16:39:44.0000 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2010/08/04 16:39:44.0656 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2010/08/04 16:39:45.0968 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2010/08/04 16:39:47.0390 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2010/08/04 16:39:48.0062 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2010/08/04 16:39:48.0703 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2010/08/04 16:39:49.0343 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2010/08/04 16:39:50.0000 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
2010/08/04 16:39:50.0671 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2010/08/04 16:39:51.0921 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
2010/08/04 16:39:52.0796 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2010/08/04 16:39:54.0062 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2010/08/04 16:39:54.0750 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2010/08/04 16:39:55.0390 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2010/08/04 16:39:55.0437 ================================================================================
2010/08/04 16:39:55.0437 Scan finished
2010/08/04 16:39:55.0437 ================================================================================
2010/08/04 17:02:02.0203 Deinitialize success

Edited by plywoodhall, 08 August 2010 - 05:37 PM.

  • 0

#9
plywoodhall
Posted 08 August 2010 - 05:17 PM

plywoodhall

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts
TDSSKiller.2.4.1.0_04.08.2010_17.28.50_log :


2010/08/04 17:28:50.0000 TDSS rootkit removing tool 2.4.1.0 Aug 4 2010 15:06:41
2010/08/04 17:28:50.0000 ================================================================================
2010/08/04 17:28:50.0000 SystemInfo:
2010/08/04 17:28:50.0000
2010/08/04 17:28:50.0000 OS Version: 5.1.2600 ServicePack: 3.0
2010/08/04 17:28:50.0015 Product type: Workstation
2010/08/04 17:28:50.0015 ComputerName: KYLE-76C8D87336
2010/08/04 17:28:50.0015 UserName: Kyle
2010/08/04 17:28:50.0015 Windows directory: C:\WINDOWS
2010/08/04 17:28:50.0015 System windows directory: C:\WINDOWS
2010/08/04 17:28:50.0015 Processor architecture: Intel x86
2010/08/04 17:28:50.0015 Number of processors: 2
2010/08/04 17:28:50.0015 Page size: 0x1000
2010/08/04 17:28:50.0015 Boot type: Normal boot
2010/08/04 17:28:50.0015 ================================================================================
2010/08/04 17:28:50.0187 Initialize success
2010/08/04 17:28:52.0046 ================================================================================
2010/08/04 17:28:52.0046 Scan started
2010/08/04 17:28:52.0046 Mode: Manual;
2010/08/04 17:28:52.0046 ================================================================================
2010/08/04 17:28:53.0031 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2010/08/04 17:28:53.0078 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
2010/08/04 17:28:53.0140 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2010/08/04 17:28:53.0187 AFD (7618d5218f2a614672ec61a80d854a37) C:\WINDOWS\System32\drivers\afd.sys
2010/08/04 17:28:53.0265 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
2010/08/04 17:28:53.0312 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2010/08/04 17:28:53.0312 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2010/08/04 17:28:53.0328 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2010/08/04 17:28:53.0359 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2010/08/04 17:28:53.0406 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2010/08/04 17:28:53.0437 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2010/08/04 17:28:53.0453 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2010/08/04 17:28:53.0453 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2010/08/04 17:28:53.0468 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2010/08/04 17:28:53.0546 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2010/08/04 17:28:53.0578 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
2010/08/04 17:28:53.0609 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
2010/08/04 17:28:53.0625 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2010/08/04 17:28:53.0640 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2010/08/04 17:28:53.0671 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2010/08/04 17:28:53.0703 exFat (3ef58f2eae3aecab45d682152db2f67d) C:\WINDOWS\system32\drivers\exFat.sys
2010/08/04 17:28:53.0750 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2010/08/04 17:28:53.0765 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
2010/08/04 17:28:53.0781 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
2010/08/04 17:28:53.0812 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
2010/08/04 17:28:53.0843 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
2010/08/04 17:28:53.0859 Fs_Rec (c865b83411d7347627a4beec22543fb1) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2010/08/04 17:28:53.0875 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2010/08/04 17:28:53.0875 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2010/08/04 17:28:53.0890 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
2010/08/04 17:28:53.0921 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2010/08/04 17:28:53.0968 HTTP (f6aacf5bce2893e0c1754afeb672e5c9) C:\WINDOWS\system32\Drivers\HTTP.sys
2010/08/04 17:28:54.0031 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2010/08/04 17:28:54.0046 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2010/08/04 17:28:54.0171 IntcAzAudAddService (c464cf7a58c011a70188602b55c64e99) C:\WINDOWS\system32\drivers\RtkHDAud.sys
2010/08/04 17:28:54.0234 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
2010/08/04 17:28:54.0265 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2010/08/04 17:28:54.0281 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2010/08/04 17:28:54.0281 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2010/08/04 17:28:54.0312 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2010/08/04 17:28:54.0343 irda (aca5e7b54409f9cb5eed97ed0c81120e) C:\WINDOWS\system32\DRIVERS\irda.sys
2010/08/04 17:28:54.0375 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2010/08/04 17:28:54.0375 irsir (0501f0b9ab08425f8c0eacbdcc04aa32) C:\WINDOWS\system32\DRIVERS\irsir.sys
2010/08/04 17:28:54.0421 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2010/08/04 17:28:54.0437 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2010/08/04 17:28:54.0437 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
2010/08/04 17:28:54.0484 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2010/08/04 17:28:54.0500 KSecDD (1705745d900dabf2d89f90ebaddc7517) C:\WINDOWS\system32\drivers\KSecDD.sys
2010/08/04 17:28:54.0531 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2010/08/04 17:28:54.0562 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
2010/08/04 17:28:54.0578 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2010/08/04 17:28:54.0625 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2010/08/04 17:28:54.0625 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2010/08/04 17:28:54.0640 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2010/08/04 17:28:54.0671 MRxSmb (60ae98742484e7ab80c3c1450e708148) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2010/08/04 17:28:54.0687 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2010/08/04 17:28:54.0718 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2010/08/04 17:28:54.0734 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2010/08/04 17:28:54.0750 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2010/08/04 17:28:54.0765 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2010/08/04 17:28:54.0781 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
2010/08/04 17:28:54.0796 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2010/08/04 17:28:54.0828 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2010/08/04 17:28:54.0828 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2010/08/04 17:28:54.0828 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2010/08/04 17:28:54.0843 NDProxy (6215023940cfd3702b46abc304e1d45a) C:\WINDOWS\system32\drivers\NDProxy.sys
2010/08/04 17:28:54.0859 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2010/08/04 17:28:54.0875 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2010/08/04 17:28:54.0921 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
2010/08/04 17:28:54.0937 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2010/08/04 17:28:54.0953 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2010/08/04 17:28:55.0015 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2010/08/04 17:28:55.0687 nv (ed9816dbaf6689542ea7d022631906a1) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
2010/08/04 17:28:56.0109 nvatabus (c03e15101f6d9e82cd9b0e7d715f5de3) C:\WINDOWS\system32\drivers\nvatabus.sys
2010/08/04 17:28:56.0156 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2010/08/04 17:28:56.0171 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2010/08/04 17:28:56.0203 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
2010/08/04 17:28:56.0234 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
2010/08/04 17:28:56.0250 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2010/08/04 17:28:56.0296 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
2010/08/04 17:28:56.0296 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
2010/08/04 17:28:56.0328 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
2010/08/04 17:28:56.0359 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
2010/08/04 17:28:56.0421 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2010/08/04 17:28:56.0437 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys
2010/08/04 17:28:56.0437 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2010/08/04 17:28:56.0468 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2010/08/04 17:28:56.0500 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2010/08/04 17:28:56.0546 Rasirda (0207d26ddf796a193ccd9f83047bb5fc) C:\WINDOWS\system32\DRIVERS\rasirda.sys
2010/08/04 17:28:56.0546 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2010/08/04 17:28:56.0546 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2010/08/04 17:28:56.0562 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2010/08/04 17:28:56.0578 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2010/08/04 17:28:56.0578 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2010/08/04 17:28:56.0593 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
2010/08/04 17:28:56.0640 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
2010/08/04 17:28:56.0656 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
2010/08/04 17:28:56.0703 RTLE8023xp (b52b25f41bf3511071a0e7d10d659c56) C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
2010/08/04 17:28:56.0718 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2010/08/04 17:28:56.0734 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
2010/08/04 17:28:56.0750 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
2010/08/04 17:28:56.0765 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
2010/08/04 17:28:56.0796 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2010/08/04 17:28:56.0812 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
2010/08/04 17:28:56.0859 Srv (3bb03f2ba89d2be417206c373d2af17c) C:\WINDOWS\system32\DRIVERS\srv.sys
2010/08/04 17:28:56.0875 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2010/08/04 17:28:56.0875 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2010/08/04 17:28:56.0906 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2010/08/04 17:28:56.0921 Tcpip (9425b72f40257b45d45d24773273dad0) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2010/08/04 17:28:56.0953 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2010/08/04 17:28:56.0953 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2010/08/04 17:28:56.0968 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2010/08/04 17:28:57.0000 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2010/08/04 17:28:57.0031 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2010/08/04 17:28:57.0078 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2010/08/04 17:28:57.0093 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2010/08/04 17:28:57.0109 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2010/08/04 17:28:57.0125 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
2010/08/04 17:28:57.0140 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2010/08/04 17:28:57.0171 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
2010/08/04 17:28:57.0187 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2010/08/04 17:28:57.0203 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2010/08/04 17:28:57.0281 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2010/08/04 17:28:57.0296 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2010/08/04 17:28:57.0343 ================================================================================
2010/08/04 17:28:57.0343 Scan finished
2010/08/04 17:28:57.0343 ================================================================================
2010/08/04 17:29:02.0546 Deinitialize success

Edited by plywoodhall, 08 August 2010 - 05:38 PM.

  • 0

#10
plywoodhall
Posted 08 August 2010 - 05:20 PM

plywoodhall

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts
MBR Check:
MBRCheck, version 1.2.3
© 2010, AD

Command-line:
Windows Version: Windows XP Professional
Windows Information: Service Pack 3 (build 2600)
Logical Drives Mask: 0x0000000d

Kernel Drivers (total 129):
0x804D7000 \WINDOWS\system32\ntkrnlpa.exe
0x806E4000 \WINDOWS\system32\hal.dll
0xB85A8000 \WINDOWS\system32\KDCOM.DLL
0xB84B8000 \WINDOWS\system32\BOOTVID.dll
0xB80A8000 klbg.sys
0xB7F79000 ACPI.sys
0xB85AA000 \WINDOWS\system32\DRIVERS\WMILIB.SYS
0xB7F68000 pci.sys
0xB80B8000 isapnp.sys
0xB80C8000 ohci1394.sys
0xB80D8000 \WINDOWS\system32\DRIVERS\1394BUS.SYS
0xB8670000 pciide.sys
0xB8328000 \WINDOWS\system32\DRIVERS\PCIIDEX.SYS
0xB80E8000 MountMgr.sys
0xB7F49000 ftdisk.sys
0xB85AC000 dmload.sys
0xB7F23000 dmio.sys
0xB8330000 PartMgr.sys
0xB80F8000 VolSnap.sys
0xB7F0B000 atapi.sys
0xB8108000 disk.sys
0xB8118000 \WINDOWS\system32\DRIVERS\CLASSPNP.SYS
0xB7ED2000 fltMgr.sys
0xB7EC0000 sr.sys
0xB7EA9000 KSecDD.sys
0xB7E1C000 Ntfs.sys
0xB7DEF000 NDIS.sys
0xB7DD5000 Mup.sys
0xB81D8000 \SystemRoot\system32\DRIVERS\processr.sys
0xB83D0000 \SystemRoot\system32\DRIVERS\fdc.sys
0xB81E8000 \SystemRoot\system32\DRIVERS\serial.sys
0xB8558000 \SystemRoot\system32\DRIVERS\serenum.sys
0xB83E0000 \SystemRoot\system32\DRIVERS\irsir.sys
0xB855C000 \SystemRoot\system32\DRIVERS\irenum.sys
0xB7D79000 \SystemRoot\system32\DRIVERS\parport.sys
0xB83F0000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0xB8400000 \SystemRoot\system32\DRIVERS\usbohci.sys
0xB7D55000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0xB8408000 \SystemRoot\system32\DRIVERS\usbehci.sys
0xB8208000 \SystemRoot\system32\DRIVERS\nic1394.sys
0xB7D2D000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0xB8218000 \SystemRoot\system32\DRIVERS\imapi.sys
0xB8228000 \SystemRoot\system32\DRIVERS\cdrom.sys
0xB8238000 \SystemRoot\system32\DRIVERS\redbook.sys
0xB7D0A000 \SystemRoot\system32\DRIVERS\ks.sys
0xB72ED000 \SystemRoot\system32\DRIVERS\nv4_mini.sys
0xB72D9000 \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
0xB72BE000 \SystemRoot\system32\DRIVERS\Rtenicxp.sys
0xB8248000 \SystemRoot\system32\DRIVERS\klim5.sys
0xB86C1000 \SystemRoot\system32\DRIVERS\audstub.sys
0xB8438000 \SystemRoot\system32\DRIVERS\rasirda.sys
0xB8448000 \SystemRoot\system32\DRIVERS\TDI.SYS
0xB8258000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0xB8584000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0xB72A7000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0xB8268000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0xB8278000 \SystemRoot\system32\DRIVERS\raspptp.sys
0xB71F6000 \SystemRoot\system32\DRIVERS\psched.sys
0xB8288000 \SystemRoot\system32\DRIVERS\msgpc.sys
0xB8468000 \SystemRoot\system32\DRIVERS\ptilink.sys
0xB8478000 \SystemRoot\system32\DRIVERS\raspti.sys
0xB71C6000 \SystemRoot\system32\DRIVERS\rdpdr.sys
0xB8298000 \SystemRoot\system32\DRIVERS\termdd.sys
0xB8488000 \SystemRoot\system32\DRIVERS\mouclass.sys
0xB85BE000 \SystemRoot\system32\DRIVERS\swenum.sys
0xB7140000 \SystemRoot\system32\DRIVERS\update.sys
0xB85A0000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0xB82A8000 \SystemRoot\System32\Drivers\NDProxy.SYS
0xB84A0000 \SystemRoot\system32\DRIVERS\flpydisk.sys
0xB82C8000 \SystemRoot\system32\DRIVERS\usbhub.sys
0xB85CC000 \SystemRoot\system32\DRIVERS\USBD.SYS
0xB4B86000 \SystemRoot\system32\drivers\RtkHDAud.sys
0xB4B62000 \SystemRoot\system32\drivers\portcls.sys
0xB82D8000 \SystemRoot\system32\drivers\drmk.sys
0xB4AE9000 \SystemRoot\system32\DRIVERS\klif.sys
0xB71C2000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0xB876D000 \SystemRoot\System32\Drivers\Null.SYS
0xB85D4000 \SystemRoot\System32\Drivers\Beep.SYS
0xB82E8000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0xB83A0000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0xB83A8000 \SystemRoot\System32\drivers\vga.sys
0xB85D8000 \SystemRoot\System32\Drivers\mnmdd.SYS
0xB85DC000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0xB83B8000 \SystemRoot\System32\Drivers\Msfs.SYS
0xB83C8000 \SystemRoot\System32\Drivers\Npfs.SYS
0xB71B2000 \SystemRoot\system32\DRIVERS\rasacd.sys
0xB45A9000 \??\C:\WINDOWS\system32\drivers\kl1.sys
0xB4596000 \SystemRoot\system32\DRIVERS\ipsec.sys
0xB4515000 \SystemRoot\system32\DRIVERS\tcpip.sys
0xB44C5000 \SystemRoot\system32\DRIVERS\netbt.sys
0xB449F000 \SystemRoot\system32\DRIVERS\ipnat.sys
0xB8308000 \SystemRoot\system32\DRIVERS\wanarp.sys
0xB447D000 \SystemRoot\System32\drivers\afd.sys
0xB8318000 \SystemRoot\system32\DRIVERS\arp1394.sys
0xB8148000 \SystemRoot\system32\DRIVERS\netbios.sys
0xB4452000 \SystemRoot\system32\DRIVERS\rdbss.sys
0xB43E2000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0xB8158000 \SystemRoot\System32\Drivers\Fips.SYS
0xB8430000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0xB4B4A000 \SystemRoot\system32\DRIVERS\hidusb.sys
0xB8198000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0xB4B42000 \SystemRoot\system32\DRIVERS\mouhid.sys
0xB81A8000 \SystemRoot\system32\DRIVERS\klmouflt.sys
0xB4B3A000 \SystemRoot\system32\DRIVERS\kbdhid.sys
0xB81B8000 \SystemRoot\System32\Drivers\Cdfs.SYS
0xB432A000 \SystemRoot\System32\Drivers\dump_atapi.sys
0xB85E4000 \SystemRoot\System32\Drivers\dump_WMILIB.SYS
0xBF800000 \SystemRoot\System32\win32k.sys
0xB4586000 \SystemRoot\System32\drivers\Dxapi.sys
0xB8470000 \SystemRoot\System32\watchdog.sys
0xBD000000 \SystemRoot\System32\drivers\dxg.sys
0xB87CA000 \SystemRoot\System32\drivers\dxgthk.sys
0xBD012000 \SystemRoot\System32\nv4_disp.dll
0xBFFA0000 \SystemRoot\System32\ATMFD.DLL
0xB404E000 \??\C:\WINDOWS\system32\drivers\mbam.sys
0xB3E94000 \SystemRoot\system32\DRIVERS\irda.sys
0xB3F1A000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0xB3BD7000 \SystemRoot\system32\drivers\wdmaud.sys
0xB3CE4000 \SystemRoot\system32\drivers\sysaudio.sys
0xB8398000 \SystemRoot\System32\Drivers\TDTCP.SYS
0xB39D4000 \SystemRoot\System32\Drivers\RDPWD.SYS
0xB3907000 \SystemRoot\system32\DRIVERS\mrxdav.sys
0xB864C000 \SystemRoot\System32\Drivers\ParVdm.SYS
0xB3658000 \SystemRoot\system32\DRIVERS\srv.sys
0xB32A7000 \SystemRoot\System32\Drivers\HTTP.sys
0xB35E0000 \SystemRoot\system32\DRIVERS\ipfltdrv.sys
0xB2612000 \??\C:\DOCUME~1\Kyle\LOCALS~1\Temp\kwtoifow.sys
0xB25E7000 \SystemRoot\system32\drivers\kmixer.sys
0x7C900000 \WINDOWS\system32\ntdll.dll

Processes (total 31):
0 System Idle Process
4 System
1072 C:\WINDOWS\system32\smss.exe
1128 csrss.exe
1152 C:\WINDOWS\system32\winlogon.exe
1216 C:\WINDOWS\system32\services.exe
1228 C:\WINDOWS\system32\lsass.exe
1416 C:\WINDOWS\system32\nvsvc32.exe
1508 C:\WINDOWS\system32\svchost.exe
1604 svchost.exe
1736 C:\WINDOWS\system32\svchost.exe
1884 svchost.exe
168 svchost.exe
504 C:\WINDOWS\system32\spoolsv.exe
732 C:\WINDOWS\explorer.exe
1060 C:\Program Files\Java\jre6\bin\jusched.exe
1080 C:\WINDOWS\RTHDCPL.exe
1652 svchost.exe
1804 C:\WINDOWS\system32\rundll32.exe
1864 C:\Program Files\Bonjour\mDNSResponder.exe
1964 C:\Program Files\Java\jre6\bin\jqs.exe
772 C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
856 C:\WINDOWS\system32\ctfmon.exe
872 C:\Program Files\LClock\LClock.exe
1004 C:\Program Files\NeoSmart Technologies\ToolTipFixer\ToolTipFixer.exe
2396 alg.exe
2996 C:\WINDOWS\system32\svchost.exe
1264 C:\WINDOWS\system32\wuauclt.exe
3220 C:\WINDOWS\system32\wscntfy.exe
548 C:\WINDOWS\system32\notepad.exe
1048 C:\Documents and Settings\Kyle\Desktop\MBRCheck.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`00007e00 (NTFS)

PhysicalDrive0 Model Number: SAMSUNGHD502IJ, Rev: 1AA01112

Size Device Name MBR Status
--------------------------------------------
465 GB \\.\PhysicalDrive0 Windows XP MBR code detected
SHA1: DA38B874B7713D1B51CBC449F4EF809B0DEC644A


Done!
  • 0

Advertisements

#11
hammerman
Posted 08 August 2010 - 05:59 PM

hammerman

    Member 4k

  • Member
  • PipPipPipPipPipPipPip
  • 4,183 posts
Hi,

Do you connect to the internet using a router? If so, we need to reset your router. Please follow these steps.

Disconnect your system from the internet, and your router.

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.109.64.53 213.109.73.74 1.1.1.1

:Services

:Reg

:Files

:Commands
[purity]
[emptytemp]
[emptyflash]
[start explorer]
[Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot when it is done
  • This fix will produce a report. Please add this to your reply.

Run Malwarebytes' Anti-Malware.
  • Select the Scanner tab, select "Perform Quick Scan", then click Scan
  • The scan may take some time to finish, so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.

Now reset your router.

To reset your router, insert something tiny like a paper clip end or pencil tip into a small hole labeled "reset" located on the back of the router.
Press and hold down the small button inside until the lights on the front of the router blink off and then on again (usually about 10 seconds).
If you don’t know the router's default password, you can look it up. HERE
You also need to reconfigure any security settings you had in place prior to the reset.
You may also need to consult with your Internet service provider to find out which DNS servers your network should be using.

Reconnect your system to your router and internet.

Run OTL and select Minimal Output. Use the Quick Scan button to start a scan.
Please post the OTL report in your reply.
  • 0

#12
plywoodhall
Posted 08 August 2010 - 08:01 PM

plywoodhall

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts
OTL process kill log:

All processes killed
========== OTL ==========
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\\DhcpNameServer| /E : value set successfully!
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Kyle
->Temp folder emptied: 90835674 bytes
->Temporary Internet Files folder emptied: 146808 bytes
->Java cache emptied: 7000 bytes
->FireFox cache emptied: 47199376 bytes
->Google Chrome cache emptied: 171643368 bytes
->Flash cache emptied: 3302 bytes

User: LocalService
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2402797 bytes
%systemroot%\System32 .tmp files removed: 2577 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 4153866 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 30410592 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 331.00 mb


[EMPTYFLASH]

User: All Users

User: Default User

User: Kyle
->Flash cache emptied: 0 bytes

User: LocalService

User: NetworkService

Total Flash Files Cleaned = 0.00 mb


OTL by OldTimer - Version 3.2.9.1 log created on 08082010_220749

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

Edited by plywoodhall, 08 August 2010 - 08:19 PM.

  • 0

#13
plywoodhall
Posted 08 August 2010 - 08:19 PM

plywoodhall

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts
MBAM log:

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4052

Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13

08/08/2010 22:14:12
mbam-log-2010-08-08 (22-14-12).txt

Scan type: Quick scan
Objects scanned: 107911
Time elapsed: 3 minute(s), 44 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
  • 0

#14
plywoodhall
Posted 08 August 2010 - 08:35 PM

plywoodhall

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts
OTL after router reset log:

OTL logfile created on: 08/08/2010 22:20:19 - Run 2
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Documents and Settings\Kyle\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 78.00% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 91.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 465.75 Gb Total Space | 456.07 Gb Free Space | 97.92% Space Free | Partition Type: NTFS
Drive D: | 618.51 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: KYLE-76C8D87336
Current User Name: Kyle
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Minimal
Quick Scan

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\Kyle\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe (Kaspersky Lab)
PRC - C:\Program Files\NeoSmart Technologies\ToolTipFixer\ToolTipFixer.exe (NeoSmart Technologies)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\LClock\LClock.exe ()


========== Modules (SafeList) ==========

MOD - C:\Documents and Settings\Kyle\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\mzvkbd3.dll (Kaspersky Lab)
MOD - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\kloehk.dll (Kaspersky Lab)
MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (AVP) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe (Kaspersky Lab)
SRV - (ToolTipFixer) -- C:\Program Files\NeoSmart Technologies\ToolTipFixer\ToolTipFixer.exe (NeoSmart Technologies)


========== Driver Services (SafeList) ==========

DRV - (KLIF) -- C:\WINDOWS\system32\drivers\klif.sys (Kaspersky Lab)
DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation)
DRV - (MBAMProtector) -- C:\WINDOWS\system32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (klbg) -- C:\WINDOWS\system32\drivers\klbg.sys (Kaspersky Lab)
DRV - (klmouflt) -- C:\WINDOWS\system32\drivers\klmouflt.sys (Kaspersky Lab)
DRV - (klim5) -- C:\WINDOWS\system32\drivers\klim5.sys (Kaspersky Lab)
DRV - (kl1) -- C:\WINDOWS\system32\drivers\kl1.sys (Kaspersky Lab)
DRV - (nvatabus) -- C:\WINDOWS\System32\drivers\nvatabus.sys (NVIDIA Corporation)
DRV - (RTLE8023xp) -- C:\WINDOWS\system32\drivers\Rtenicxp.sys (Realtek Semiconductor Corporation )
DRV - (61883) -- C:\WINDOWS\system32\drivers\61883.sys (Microsoft Corporation)
DRV - (Avc) -- C:\WINDOWS\system32\drivers\avc.sys (Microsoft Corporation)
DRV - (MSTAPE) -- C:\WINDOWS\system32\drivers\mstape.sys (Microsoft Corporation)
DRV - (AVCSTRM) -- C:\WINDOWS\system32\drivers\avcstrm.sys (Microsoft Corporation)
DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows ® Server 2003 DDK provider)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (irsir) -- C:\WINDOWS\system32\drivers\irsir.sys (Microsoft Corporation)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.ask.com?o=15153&l=dis
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "yahoo.com"
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:9.0.0.736
FF - prefs.js..keyword.URL: "http://websearch.ask...=YYYYYYYYUS&q="

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/08/07 20:16:34 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/08/07 20:16:33 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\THBExt [2010/08/04 17:34:48 | 000,000,000 | ---D | M]

[2010/08/04 16:33:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kyle\Application Data\Mozilla\Extensions
[2010/08/08 13:41:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kyle\Application Data\Mozilla\Firefox\Profiles\6h7n2cl4.default\extensions
[2010/08/05 13:21:11 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Kyle\Application Data\Mozilla\Firefox\Profiles\6h7n2cl4.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/08/04 20:31:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kyle\Application Data\Mozilla\Firefox\Profiles\6h7n2cl4.default\extensions\[email protected]
[2010/08/08 01:16:35 | 000,002,567 | ---- | M] () -- C:\Documents and Settings\Kyle\Application Data\Mozilla\Firefox\Profiles\6h7n2cl4.default\searchplugins\askcom.xml
[2010/08/08 13:41:27 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/08/04 17:35:15 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\[email protected]

O1 HOSTS File: ([2001/08/23 05:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll (Kaspersky Lab)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe (Kaspersky Lab)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe ()
O4 - HKLM..\Run: [SkyTel] C:\WINDOWS\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKCU..\Run: [LClock] C:\Program Files\LClock\LClock.exe ()
O4 - HKCU..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm ()
O9 - Extra Button: &Virtual keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab)
O9 - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 167.206.254.1 167.206.254.2
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\mzvkbd3.dll (Kaspersky Lab)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\kloehk.dll (Kaspersky Lab)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\klogon: DllName - C:\WINDOWS\system32\klogon.dll - C:\WINDOWS\system32\klogon.dll (Kaspersky Lab)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/08/04 19:18:10 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [1999/09/16 00:18:24 | 000,000,766 | R--- | M] () - D:\AUTORUN.ICO -- [ CDFS ]
O32 - AutoRun File - [2000/06/22 21:57:20 | 000,000,045 | R--- | M] () - D:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 90 Days ==========

[2010/08/08 21:53:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2010/08/08 20:06:57 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/08/08 15:04:35 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Kyle\Desktop\OTL.exe
[2010/08/08 14:59:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kyle\Local Settings\Application Data\ApplicationHistory
[2010/08/08 14:59:18 | 000,000,000 | ---D | C] -- C:\Program Files\PhotomatixPro3
[2010/08/08 14:55:32 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2010/08/08 14:46:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Macrovision Shared
[2010/08/08 12:18:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kyle\Local Settings\Application Data\Temp
[2010/08/08 12:17:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kyle\Local Settings\Application Data\Google
[2010/08/07 20:23:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kyle\Application Data\MPEG Streamclip
[2010/08/07 20:17:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kyle\Application Data\Apple Computer
[2010/08/07 20:16:13 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2010/08/07 20:16:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
[2010/08/07 20:16:00 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2010/08/07 20:15:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kyle\Local Settings\Application Data\Apple
[2010/08/07 20:15:35 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2010/08/07 20:15:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple
[2010/08/07 20:15:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kyle\Local Settings\Application Data\Apple Computer
[2010/08/07 00:16:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kyle\Application Data\Publish Providers
[2010/08/07 00:15:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kyle\My Documents\Vegas Movie Studio PE 9.0 Projects
[2010/08/07 00:15:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kyle\Local Settings\Application Data\Sony
[2010/08/07 00:15:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kyle\Application Data\Sony
[2010/08/07 00:13:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kyle\My Documents\videos
[2010/08/06 12:07:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kyle\Local Settings\Application Data\Adobe
[2010/08/06 12:07:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun
[2010/08/05 19:21:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kyle\Application Data\Media Player Classic
[2010/08/05 19:21:18 | 000,000,000 | ---D | C] -- C:\Program Files\MPC HomeCinema
[2010/08/05 18:34:52 | 000,000,000 | ---D | C] -- C:\Program Files\Combined Community Codec Pack
[2010/08/05 18:33:48 | 001,083,904 | ---- | C] (Squared 5) -- C:\Documents and Settings\Kyle\Desktop\MPEG_Streamclip.exe
[2010/08/05 14:12:44 | 000,090,112 | ---- | C] (MindVision Software) -- C:\WINDOWS\unvise32.exe
[2010/08/05 14:12:37 | 000,000,000 | ---D | C] -- C:\Program Files\Magic Bullet Editors 2.0 Vegas
[2010/08/05 14:11:22 | 000,000,000 | ---D | C] -- C:\Program Files\Vstplugins
[2010/08/05 14:11:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sony
[2010/08/05 14:11:16 | 000,000,000 | ---D | C] -- C:\Program Files\Sony
[2010/08/05 14:10:49 | 000,000,000 | ---D | C] -- C:\Program Files\Sony Setup
[2010/08/05 13:30:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kyle\Application Data\vlc
[2010/08/05 13:26:12 | 000,483,328 | ---- | C] (Paviko) -- C:\Documents and Settings\Kyle\Desktop\HDVSplit.exe
[2010/08/05 10:05:46 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\Kyle\Desktop\HijackThis.exe
[2010/08/04 21:45:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\KB905474
[2010/08/04 21:32:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie7updates
[2010/08/04 21:32:16 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$
[2010/08/04 20:05:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles
[2010/08/04 19:30:32 | 000,108,800 | R--- | C] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\System32\drivers\Rtenicxp.sys
[2010/08/04 19:30:32 | 000,009,728 | R--- | C] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\System32\RtNicProp32.dll
[2010/08/04 19:30:22 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2010/08/04 19:30:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\OPTIONS
[2010/08/04 19:30:21 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2010/08/04 19:30:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kyle\Application Data\InstallShield
[2010/08/04 19:28:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kyle\Application Data\Identities
[2010/08/04 19:28:15 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Kyle\My Documents\My Pictures
[2010/08/04 19:28:15 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Kyle\My Documents\My Music
[2010/08/04 19:28:15 | 000,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
[2010/08/04 19:27:52 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Kyle\Local Settings\Application Data\Microsoft
[2010/08/04 19:27:52 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Kyle\Application Data\Microsoft
[2010/08/04 19:27:52 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Kyle\SendTo
[2010/08/04 19:27:52 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Kyle\Recent
[2010/08/04 19:27:52 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Kyle\Application Data
[2010/08/04 19:27:52 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Kyle\Start Menu
[2010/08/04 19:27:52 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Kyle\My Documents
[2010/08/04 19:27:52 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Kyle\Favorites
[2010/08/04 19:27:52 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Kyle\Cookies
[2010/08/04 19:27:52 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Kyle\Templates
[2010/08/04 19:27:52 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Kyle\PrintHood
[2010/08/04 19:27:52 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Kyle\NetHood
[2010/08/04 19:27:52 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Kyle\Local Settings
[2010/08/04 19:27:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kyle\Application Data\Sun
[2010/08/04 19:27:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kyle\Desktop
[2010/08/04 19:27:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kyle\7zSC2B.tmp
[2010/08/04 19:27:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kyle\7zSA49.tmp
[2010/08/04 19:27:08 | 000,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft
[2010/08/04 19:27:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2010/08/04 19:26:23 | 000,000,000 | --SD | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2010/08/04 19:26:23 | 000,000,000 | --SD | C] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2010/08/04 19:24:57 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2010/08/04 19:24:57 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2010/08/04 19:24:57 | 000,029,184 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll
[2010/08/04 19:24:12 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2010/08/04 19:23:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom
[2010/08/04 19:23:54 | 000,000,000 | ---D | C] -- C:\Program Files\xerox
[2010/08/04 19:23:54 | 000,000,000 | ---D | C] -- C:\Program Files\microsoft frontpage
[2010/08/04 19:23:34 | 000,000,000 | ---D | C] -- C:\Program Files\NeoSmart Technologies
[2010/08/04 19:23:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Adobe
[2010/08/04 19:23:22 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2010/08/04 19:23:13 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2010/08/04 19:22:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2010/08/04 19:22:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2010/08/04 19:22:56 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2010/08/04 19:22:30 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2010/08/04 19:22:23 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2010/08/04 19:20:17 | 000,000,000 | --SD | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2010/08/04 19:20:17 | 000,000,000 | --SD | C] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2010/08/04 19:20:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2010/08/04 19:20:10 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2010/08/04 19:20:09 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2010/08/04 19:18:59 | 000,000,000 | R-SD | C] -- C:\WINDOWS\assembly
[2010/08/04 19:18:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET
[2010/08/04 19:18:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\URTTemp
[2010/08/04 19:18:11 | 000,000,000 | ---D | C] -- C:\Program Files\LClock
[2010/08/04 19:17:38 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\DRM
[2010/08/04 19:17:28 | 000,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate
[2010/08/04 19:17:27 | 000,000,000 | ---D | C] -- C:\Program Files\Online Services
[2010/08/04 19:17:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX
[2010/08/04 19:17:01 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Services
[2010/08/04 19:16:59 | 000,000,000 | --SD | C] -- C:\WINDOWS\Tasks
[2010/08/04 19:16:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap
[2010/08/04 19:16:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\srchasst
[2010/08/04 19:16:49 | 000,000,000 | ---D | C] -- C:\Program Files\Movie Maker
[2010/08/04 19:16:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore
[2010/08/04 19:16:29 | 000,000,000 | ---D | C] -- C:\Program Files\NetMeeting
[2010/08/04 19:16:26 | 000,000,000 | ---D | C] -- C:\Program Files\Outlook Express
[2010/08/04 19:16:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\System
[2010/08/04 19:16:21 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Explorer
[2010/08/04 19:16:20 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Pictures
[2010/08/04 19:16:03 | 000,000,000 | ---D | C] -- C:\Program Files\ComPlus Applications
[2010/08/04 19:16:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\Registration
[2010/08/04 19:15:58 | 000,898,048 | ---- | C] (GNU <www.gnu.org>) -- C:\WINDOWS\System32\libiconv2.dll
[2010/08/04 19:15:58 | 000,101,888 | ---- | C] (GNU <www.gnu.org>) -- C:\WINDOWS\System32\libintl3.dll
[2010/08/04 19:15:57 | 001,872,666 | ---- | C] (Red Hat) -- C:\WINDOWS\System32\cygwin1.dll
[2010/08/04 19:15:57 | 001,003,008 | ---- | C] (The OpenSSL Project, http://www.openssl.org/) -- C:\WINDOWS\System32\libeay32.dll
[2010/08/04 19:15:57 | 000,413,696 | ---- | C] (Creative Labs) -- C:\WINDOWS\System32\wrap_oal.dll
[2010/08/04 19:15:57 | 000,312,848 | ---- | C] (AutoIt Team) -- C:\WINDOWS\System32\AutoItX3.dll
[2010/08/04 19:15:56 | 000,189,440 | ---- | C] (The OpenSSL Project, http://www.openssl.org/) -- C:\WINDOWS\System32\ssleay32.dll
[2010/08/04 19:15:54 | 000,189,440 | ---- | C] (The OpenSSL Project, http://www.openssl.org/) -- C:\WINDOWS\System32\libssl32.dll
[2010/08/04 19:15:53 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Connect 2
[2010/08/04 19:15:52 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Player
[2010/08/04 19:15:49 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Gaming Zone
[2010/08/04 19:15:29 | 000,281,088 | ---- | C] (Cinematronics) -- C:\WINDOWS\System32\dllcache\pinball.exe
[2010/08/04 19:15:28 | 000,000,000 | ---D | C] -- C:\Program Files\Windows NT
[2010/08/04 19:15:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc
[2010/08/04 19:15:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Com
[2010/08/04 19:15:15 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Videos
[2010/08/04 17:34:33 | 000,000,000 | ---D | C] -- C:\Program Files\Kaspersky Lab
[2010/08/04 17:34:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
[2010/08/04 17:34:23 | 000,315,408 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klif.sys
[2010/08/04 17:32:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
[2010/08/04 17:29:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kyle\Application Data\Malwarebytes
[2010/08/04 17:29:37 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/08/04 17:29:36 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/08/04 17:29:36 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/08/04 17:29:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/08/04 17:29:04 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010/08/04 17:27:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kyle\My Documents\Downloads
[2010/08/04 17:27:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kyle\Application Data\Macromedia
[2010/08/04 17:27:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kyle\Application Data\Adobe
[2010/08/04 17:27:06 | 000,000,000 | ---D | C] -- C:\Program Files\Ask.com
[2010/08/04 17:26:44 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent
[2010/08/04 17:26:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kyle\Application Data\uTorrent
[2010/08/04 17:02:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NVIDIA Corporation
[2010/08/04 17:02:28 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2010/08/04 17:02:16 | 000,061,440 | ---- | C] (Khronos Group) -- C:\WINDOWS\System32\OpenCL.dll
[2010/08/04 17:02:08 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2010/08/04 16:34:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kyle\Application Data\WinRAR
[2010/08/04 16:33:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kyle\Local Settings\Application Data\Mozilla
[2010/08/04 16:33:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kyle\Application Data\Mozilla
[2010/08/04 16:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Lang
[2010/08/04 16:31:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\RTCOM
[2010/08/04 16:31:44 | 002,808,832 | ---- | C] (RealTek Semicoductor Corp.) -- C:\WINDOWS\alcwzrd.exe
[2010/08/04 16:31:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2010/08/04 16:30:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2010/08/04 12:10:40 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Music
[2010/08/04 12:10:29 | 000,000,000 | -HSD | C] -- C:\WINDOWS\Installer
[2010/08/04 12:10:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC
[2010/08/04 12:10:27 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeechEngines
[2010/08/04 12:10:27 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Shared
[2010/08/04 12:10:26 | 000,000,000 | R--D | C] -- C:\Program Files
[2010/08/04 12:10:26 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files
[2010/08/04 12:10:09 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu
[2010/08/04 12:10:09 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents
[2010/08/04 12:10:09 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Templates
[2010/08/04 12:10:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Favorites
[2010/08/04 12:10:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Desktop
[2010/08/04 12:07:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2010/08/04 12:07:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot
[2010/08/04 12:07:51 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2010/08/04 12:07:51 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\All Users\Application Data
[2010/08/04 12:07:16 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2010/08/04 12:07:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings
[2010/08/04 12:03:58 | 000,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files
[2010/08/04 12:03:58 | 000,000,000 | R-SD | C] -- C:\WINDOWS\Fonts
[2010/08/04 12:03:58 | 000,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2010/08/04 12:03:58 | 000,000,000 | R--D | C] -- C:\WINDOWS\Web
[2010/08/04 12:03:58 | 000,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages
[2010/08/04 12:03:58 | 000,000,000 | -H-D | C] -- C:\WINDOWS\inf
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\WinSxS
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wins
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\UMDF
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\twain_32
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\system32
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\system
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\spool
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\security
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\Resources
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\repair
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ras
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\Provisioning
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\PeerNet
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\pchealth
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\npp
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\Network Diagnostic
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\mui
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\mui
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\msapps
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\msagent
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\Media
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\L2Schemas
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\java
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\IME
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\ime
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ias
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\Help
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\export
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\ehome
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\Debug
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cursors
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\config
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\Config
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\AppPatch
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\addins
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3076
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\2052
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1054
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1042
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1041
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1037
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1033
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1031
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1028
[2010/08/04 12:03:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1025
[2 C:\Documents and Settings\Kyle\*.tmp files -> C:\Documents and Settings\Kyle\*.tmp -> ]

========== Files - Modified Within 90 Days ==========

[2010/08/08 22:23:01 | 000,000,974 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-57989841-562591055-682003330-1004UA.job
[2010/08/08 22:09:41 | 000,000,260 | ---- | M] () -- C:\WINDOWS\tasks\WGASetup.job
[2010/08/08 22:09:08 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/08/08 22:09:05 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/08/08 22:08:10 | 001,572,864 | -H-- | M] () -- C:\Documents and Settings\Kyle\NTUSER.DAT
[2010/08/08 22:08:10 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Kyle\ntuser.ini
[2010/08/08 22:01:01 | 000,000,232 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2010/08/08 19:18:19 | 000,080,384 | ---- | M] () -- C:\Documents and Settings\Kyle\Desktop\MBRCheck.exe
[2010/08/08 18:14:13 | 002,656,656 | -H-- | M] () -- C:\Documents and Settings\Kyle\Local Settings\Application Data\IconCache.db
[2010/08/08 15:57:37 | 001,396,880 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/08/08 15:53:19 | 000,293,376 | ---- | M] () -- C:\Documents and Settings\Kyle\Desktop\fcv5313i.exe
[2010/08/08 15:04:35 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Kyle\Desktop\OTL.exe
[2010/08/08 14:59:27 | 000,013,664 | ---- | M] () -- C:\Documents and Settings\Kyle\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/08/08 14:58:58 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/08/08 12:23:01 | 000,000,922 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-57989841-562591055-682003330-1004Core.job
[2010/08/08 12:18:41 | 000,002,255 | ---- | M] () -- C:\Documents and Settings\Kyle\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/08/07 20:15:51 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/08/07 19:59:39 | 000,001,620 | ---- | M] () -- C:\Documents and Settings\Kyle\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/08/07 19:59:39 | 000,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2010/08/06 12:03:50 | 000,441,432 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/08/06 12:03:50 | 000,071,176 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/08/06 12:03:49 | 000,521,942 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/08/06 00:37:53 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/08/05 19:21:19 | 000,000,666 | ---- | M] () -- C:\Documents and Settings\Kyle\Application Data\Microsoft\Internet Explorer\Quick Launch\Media Player Classic - Home Cinema.lnk
[2010/08/05 18:37:47 | 019,461,015 | ---- | M] () -- C:\Documents and Settings\Kyle\My Documents\vlc-1.1.2-win32.exe
[2010/08/05 14:11:24 | 000,001,828 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Vegas Movie Studio Platinum 9.0.lnk
[2010/08/05 10:05:46 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\Kyle\Desktop\HijackThis.exe
[2010/08/04 20:17:48 | 000,113,933 | ---- | M] () -- C:\WINDOWS\System32\drivers\klin.dat
[2010/08/04 20:17:48 | 000,097,549 | ---- | M] () -- C:\WINDOWS\System32\drivers\klick.dat
[2010/08/04 19:28:27 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\Kyle\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2010/08/04 19:28:25 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\Kyle\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010/08/04 19:26:26 | 000,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD
[2010/08/04 19:25:27 | 000,000,793 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2010/08/04 19:18:10 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/08/04 19:18:10 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2010/08/04 19:18:10 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/08/04 19:18:10 | 000,000,000 | ---- | M] () -- C:\WINDOWS\control.ini
[2010/08/04 19:18:10 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010/08/04 19:18:10 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010/08/04 19:18:08 | 000,000,507 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/08/04 19:18:05 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2010/08/04 19:18:05 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2010/08/04 19:18:04 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2010/08/04 19:18:01 | 000,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2010/08/04 19:17:33 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\System32\WindowsLogon.manifest
[2010/08/04 19:17:33 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2010/08/04 19:17:31 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2010/08/04 19:17:31 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\WindowsShell.Manifest
[2010/08/04 19:17:31 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2010/08/04 19:17:31 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2010/08/04 19:17:31 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2010/08/04 19:17:31 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2010/08/04 19:16:04 | 000,021,640 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010/08/04 19:16:03 | 000,000,037 | ---- | M] () -- C:\WINDOWS\vbaddin.ini
[2010/08/04 19:16:03 | 000,000,036 | ---- | M] () -- C:\WINDOWS\vb.ini
[2010/08/04 19:14:26 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2010/08/04 17:34:23 | 000,315,408 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klif.sys
[2010/08/04 17:29:39 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/08/04 17:26:44 | 000,000,648 | ---- | M] () -- C:\Documents and Settings\Kyle\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2010/08/04 17:02:33 | 000,232,968 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2010/08/04 17:02:33 | 000,000,001 | ---- | M] () -- C:\WINDOWS\System32\nvdrssel.bin
[2010/08/04 17:02:31 | 000,232,968 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2010/08/04 17:02:31 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\nvdrswr.lk
[2010/08/04 16:33:31 | 000,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2010/08/04 16:33:18 | 000,940,794 | ---- | M] () -- C:\WINDOWS\System32\LoopyMusic.wav
[2010/08/04 16:33:18 | 000,146,650 | ---- | M] () -- C:\WINDOWS\System32\BuzzingBee.wav
[2010/08/04 12:10:33 | 000,004,444 | ---- | M] () -- C:\WINDOWS\System32\pid.PNF
[2010/08/04 12:10:26 | 000,000,231 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/07/09 15:38:00 | 002,195,030 | ---- | M] () -- C:\WINDOWS\System32\nvdata.bin
[2010/07/09 15:38:00 | 000,061,440 | ---- | M] (Khronos Group) -- C:\WINDOWS\System32\OpenCL.dll
[2010/07/09 15:38:00 | 000,007,959 | ---- | M] () -- C:\WINDOWS\System32\nvinfo.pb
[2 C:\Documents and Settings\Kyle\*.tmp files -> C:\Documents and Settings\Kyle\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/08/08 19:18:18 | 000,080,384 | ---- | C] () -- C:\Documents and Settings\Kyle\Desktop\MBRCheck.exe
[2010/08/08 15:53:19 | 000,293,376 | ---- | C] () -- C:\Documents and Settings\Kyle\Desktop\fcv5313i.exe
[2010/08/08 12:18:41 | 000,002,255 | ---- | C] () -- C:\Documents and Settings\Kyle\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/08/08 12:18:03 | 000,000,974 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-57989841-562591055-682003330-1004UA.job
[2010/08/08 12:18:02 | 000,000,922 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-57989841-562591055-682003330-1004Core.job
[2010/08/07 20:15:50 | 000,000,284 | ---- | C] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/08/07 19:59:39 | 000,001,620 | ---- | C] () -- C:\Documents and Settings\Kyle\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/08/05 19:21:19 | 000,000,666 | ---- | C] () -- C:\Documents and Settings\Kyle\Application Data\Microsoft\Internet Explorer\Quick Launch\Media Player Classic - Home Cinema.lnk
[2010/08/05 18:37:15 | 019,461,015 | ---- | C] () -- C:\Documents and Settings\Kyle\My Documents\vlc-1.1.2-win32.exe
[2010/08/05 14:11:24 | 000,001,828 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Vegas Movie Studio Platinum 9.0.lnk
[2010/08/04 21:45:38 | 000,000,260 | ---- | C] () -- C:\WINDOWS\tasks\WGASetup.job
[2010/08/04 19:28:27 | 000,000,079 | ---- | C] () -- C:\Documents and Settings\Kyle\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2010/08/04 19:28:25 | 000,000,815 | ---- | C] () -- C:\Documents and Settings\Kyle\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010/08/04 19:27:55 | 000,001,024 | -H-- | C] () -- C:\Documents and Settings\Kyle\ntuser.dat.LOG
[2010/08/04 19:27:55 | 000,000,178 | -HS- | C] () -- C:\Documents and Settings\Kyle\ntuser.ini
[2010/08/04 19:27:51 | 001,572,864 | -H-- | C] () -- C:\Documents and Settings\Kyle\NTUSER.DAT
[2010/08/04 19:26:26 | 000,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2010/08/04 19:25:27 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010/08/04 19:25:15 | 000,028,288 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xjis.nls
[2010/08/04 19:24:54 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prcp.nls
[2010/08/04 19:24:54 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prc.nls
[2010/08/04 19:24:53 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2010/08/04 19:24:42 | 000,047,066 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ksc.nls
[2010/08/04 19:24:41 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2010/08/04 19:24:37 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2010/08/04 19:24:36 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2010/08/04 19:24:35 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2010/08/04 19:24:28 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2010/08/04 19:24:24 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2010/08/04 19:24:22 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fpencode.dll
[2010/08/04 19:24:14 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2010/08/04 19:24:12 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_864.nls
[2010/08/04 19:24:12 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_862.nls
[2010/08/04 19:24:12 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_858.nls
[2010/08/04 19:24:12 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_720.nls
[2010/08/04 19:24:12 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_870.nls
[2010/08/04 19:24:11 | 000,180,770 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20932.nls
[2010/08/04 19:24:11 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20949.nls
[2010/08/04 19:24:11 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20936.nls
[2010/08/04 19:24:11 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_708.nls
[2010/08/04 19:24:11 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28596.nls
[2010/08/04 19:24:11 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21027.nls
[2010/08/04 19:24:11 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21025.nls
[2010/08/04 19:24:11 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20924.nls
[2010/08/04 19:24:11 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20880.nls
[2010/08/04 19:24:11 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20871.nls
[2010/08/04 19:24:11 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20838.nls
[2010/08/04 19:24:11 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20833.nls
[2010/08/04 19:24:11 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20424.nls
[2010/08/04 19:24:11 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20423.nls
[2010/08/04 19:24:11 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20420.nls
[2010/08/04 19:24:11 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20297.nls
[2010/08/04 19:24:10 | 000,187,938 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20005.nls
[2010/08/04 19:24:10 | 000,186,402 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20001.nls
[2010/08/04 19:24:10 | 000,185,378 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20003.nls
[2010/08/04 19:24:10 | 000,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20004.nls
[2010/08/04 19:24:10 | 000,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20000.nls
[2010/08/04 19:24:10 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20002.nls
[2010/08/04 19:24:10 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20290.nls
[2010/08/04 19:24:10 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20285.nls
[2010/08/04 19:24:10 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20284.nls
[2010/08/04 19:24:10 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20280.nls
[2010/08/04 19:24:10 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20278.nls
[2010/08/04 19:24:10 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20277.nls
[2010/08/04 19:24:10 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20273.nls
[2010/08/04 19:24:10 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20269.nls
[2010/08/04 19:24:10 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20108.nls
[2010/08/04 19:24:10 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20107.nls
[2010/08/04 19:24:10 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20106.nls
[2010/08/04 19:24:10 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20105.nls
[2010/08/04 19:24:09 | 000,189,986 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1361.nls
[2010/08/04 19:24:09 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10008.nls
[2010/08/04 19:24:09 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1149.nls
[2010/08/04 19:24:09 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1148.nls
[2010/08/04 19:24:09 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1147.nls
[2010/08/04 19:24:09 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1146.nls
[2010/08/04 19:24:09 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1145.nls
[2010/08/04 19:24:09 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1144.nls
[2010/08/04 19:24:09 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1143.nls
[2010/08/04 19:24:09 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1142.nls
[2010/08/04 19:24:09 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1141.nls
[2010/08/04 19:24:09 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1140.nls
[2010/08/04 19:24:09 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1047.nls
[2010/08/04 19:24:09 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10021.nls
[2010/08/04 19:24:09 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10005.nls
[2010/08/04 19:24:09 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10004.nls
[2010/08/04 19:24:08 | 000,195,618 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10002.nls
[2010/08/04 19:24:08 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10003.nls
[2010/08/04 19:24:08 | 000,162,850 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10001.nls
[2010/08/04 19:24:08 | 000,082,172 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bopomofo.nls
[2010/08/04 19:24:08 | 000,066,728 | ---- | C] () -- C:\WINDOWS\System32\dllcache\big5.nls
[2010/08/04 19:23:14 | 000,001,602 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2010/08/04 19:18:10 | 000,002,577 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/08/04 19:18:10 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2010/08/04 19:18:10 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2010/08/04 19:18:10 | 000,000,000 | ---- | C] () -- C:\CONFIG.SYS
[2010/08/04 19:18:10 | 000,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT
[2010/08/04 19:18:05 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2010/08/04 19:18:05 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2010/08/04 19:18:04 | 000,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2010/08/04 19:17:33 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\WindowsLogon.manifest
[2010/08/04 19:17:33 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2010/08/04 19:17:31 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2010/08/04 19:17:31 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\WindowsShell.Manifest
[2010/08/04 19:17:31 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2010/08/04 19:17:31 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2010/08/04 19:17:31 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2010/08/04 19:17:31 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2010/08/04 19:17:20 | 004,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex
[2010/08/04 19:17:08 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2010/08/04 19:17:07 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2010/08/04 19:17:03 | 000,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf
[2010/08/04 19:16:34 | 000,376,832 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msinfo.dll
[2010/08/04 19:16:04 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010/08/04 19:15:58 | 000,162,304 | ---- | C] () -- C:\WINDOWS\System32\libpng13.dll
[2010/08/04 19:15:57 | 000,394,752 | ---- | C] () -- C:\WINDOWS\System32\cygwinb19.dll
[2010/08/04 19:15:57 | 000,271,264 | ---- | C] () -- C:\WINDOWS\System\vbrun100.dll
[2010/08/04 19:15:57 | 000,059,904 | ---- | C] () -- C:\WINDOWS\System32\zlib1.dll
[2010/08/04 19:15:56 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System\MSVCRT10.DLL
[2010/08/04 19:15:38 | 000,009,522 | ---- | C] () -- C:\WINDOWS\Zapotec.bmp
[2010/08/04 19:15:37 | 000,093,702 | ---- | C] () -- C:\WINDOWS\System32\subrange.uce
[2010/08/04 19:15:37 | 000,065,978 | ---- | C] () -- C:\WINDOWS\Soap Bubbles.bmp
[2010/08/04 19:15:37 | 000,065,954 | ---- | C] () -- C:\WINDOWS\Prairie Wind.bmp
[2010/08/04 19:15:37 | 000,065,832 | ---- | C] () -- C:\WINDOWS\Santa Fe Stucco.bmp
[2010/08/04 19:15:37 | 000,026,680 | ---- | C] () -- C:\WINDOWS\River Sumida.bmp
[2010/08/04 19:15:37 | 000,026,582 | ---- | C] () -- C:\WINDOWS\Greenstone.bmp
[2010/08/04 19:15:37 | 000,017,362 | ---- | C] () -- C:\WINDOWS\Rhododendron.bmp
[2010/08/04 19:15:37 | 000,017,336 | ---- | C] () -- C:\WINDOWS\Gone Fishing.bmp
[2010/08/04 19:15:37 | 000,017,062 | ---- | C] () -- C:\WINDOWS\Coffee Bean.bmp
[2010/08/04 19:15:37 | 000,016,740 | ---- | C] () -- C:\WINDOWS\System32\shiftjis.uce
[2010/08/04 19:15:37 | 000,016,730 | ---- | C] () -- C:\WINDOWS\FeatherTexture.bmp
[2010/08/04 19:15:37 | 000,001,272 | ---- | C] () -- C:\WINDOWS\Blue Lace 16.bmp
[2010/08/04 19:15:36 | 000,060,458 | ---- | C] () -- C:\WINDOWS\System32\ideograf.uce
[2010/08/04 19:15:36 | 000,024,006 | ---- | C] () -- C:\WINDOWS\System32\gb2312.uce
[2010/08/04 19:15:36 | 000,022,984 | ---- | C] () -- C:\WINDOWS\System32\bopomofo.uce
[2010/08/04 19:15:36 | 000,012,876 | ---- | C] () -- C:\WINDOWS\System32\korean.uce
[2010/08/04 19:15:36 | 000,008,484 | ---- | C] () -- C:\WINDOWS\System32\kanji_2.uce
[2010/08/04 19:15:36 | 000,006,948 | ---- | C] () -- C:\WINDOWS\System32\kanji_1.uce
[2010/08/04 19:15:35 | 000,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h
[2010/08/04 19:15:35 | 000,001,161 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2010/08/04 19:15:34 | 000,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h
[2010/08/04 19:15:30 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc
[2010/08/04 17:35:09 | 000,113,933 | ---- | C] () -- C:\WINDOWS\System32\drivers\klin.dat
[2010/08/04 17:35:09 | 000,097,549 | ---- | C] () -- C:\WINDOWS\System32\drivers\klick.dat
[2010/08/04 17:29:39 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/08/04 17:27:08 | 000,000,232 | ---- | C] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2010/08/04 17:26:44 | 000,000,648 | ---- | C] () -- C:\Documents and Settings\Kyle\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2010/08/04 17:02:33 | 000,232,968 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2010/08/04 17:02:31 | 000,232,968 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2010/08/04 17:02:31 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2010/08/04 17:02:31 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\nvdrswr.lk
[2010/08/04 17:02:16 | 000,007,959 | ---- | C] () -- C:\WINDOWS\System32\nvinfo.pb
[2010/08/04 17:02:15 | 002,195,030 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin
[2010/08/04 16:33:31 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010/08/04 16:33:18 | 000,146,650 | ---- | C] () -- C:\WINDOWS\System32\BuzzingBee.wav
[2010/08/04 16:33:17 | 000,940,794 | ---- | C] () -- C:\WINDOWS\System32\LoopyMusic.wav
[2010/08/04 16:32:03 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2010/08/04 12:10:33 | 000,004,444 | ---- | C] () -- C:\WINDOWS\System32\pid.PNF
[2010/08/04 12:10:32 | 000,001,355 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2010/08/04 12:10:28 | 001,685,606 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.spd
[2010/08/04 12:10:28 | 000,000,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.sdf
[2010/08/04 12:10:27 | 000,643,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa
[2010/08/04 12:10:27 | 000,605,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa
[2010/08/04 12:10:26 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28603.nls
[2010/08/04 12:10:26 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28603.nls
[2010/08/04 12:10:24 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_857.nls
[2010/08/04 12:10:24 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_857.nls
[2010/08/04 12:10:24 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28599.nls
[2010/08/04 12:10:24 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28599.nls
[2010/08/04 12:10:24 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10081.nls
[2010/08/04 12:10:24 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10081.nls
[2010/08/04 12:10:22 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28595.nls
[2010/08/04 12:10:22 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28595.NLS
[2010/08/04 12:10:22 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10017.nls
[2010/08/04 12:10:22 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10017.nls
[2010/08/04 12:10:22 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10007.nls
[2010/08/04 12:10:22 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10007.nls
[2010/08/04 12:10:21 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_869.nls
[2010/08/04 12:10:21 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_869.nls
[2010/08/04 12:10:21 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_737.nls
[2010/08/04 12:10:21 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_737.nls
[2010/08/04 12:10:21 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_875.nls
[2010/08/04 12:10:21 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_875.nls
[2010/08/04 12:10:21 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28597.nls
[2010/08/04 12:10:21 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28597.NLS
[2010/08/04 12:10:21 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10006.nls
[2010/08/04 12:10:21 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10006.nls
[2010/08/04 12:10:20 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_866.nls
[2010/08/04 12:10:20 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_866.nls
[2010/08/04 12:10:20 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_855.nls
[2010/08/04 12:10:20 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_855.nls
[2010/08/04 12:10:20 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28594.nls
[2010/08/04 12:10:20 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28594.NLS
[2010/08/04 12:10:18 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_852.nls
[2010/08/04 12:10:18 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_852.nls
[2010/08/04 12:10:18 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10082.nls
[2010/08/04 12:10:18 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10082.nls
[2010/08/04 12:10:18 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10029.nls
[2010/08/04 12:10:18 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10029.nls
[2010/08/04 12:10:18 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10010.nls
[2010/08/04 12:10:18 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10010.nls
[2010/08/04 12:10:16 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20127.nls
[2010/08/04 12:10:16 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_20127.nls
[2010/08/04 12:10:13 | 000,001,688 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2010/08/04 12:08:05 | 000,144,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\netfx.cat
[2010/08/04 12:08:05 | 000,112,918 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tabletpc.cat
[2010/08/04 12:08:05 | 000,034,747 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mediactr.cat
[2010/08/04 12:08:05 | 000,026,991 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn7.cat
[2010/08/04 12:08:05 | 000,014,433 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn9.cat
[2010/08/04 12:08:05 | 000,010,027 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSTSWEB.CAT
[2010/08/04 12:08:05 | 000,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2010/08/04 12:08:05 | 000,007,382 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2010/08/04 12:08:04 | 002,144,487 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5.CAT
[2010/08/04 12:08:04 | 001,296,669 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP3.CAT
[2010/08/04 12:08:04 | 000,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2010/08/04 12:08:04 | 000,522,220 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5INF.CAT
[2010/08/04 12:08:04 | 000,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2010/08/04 12:08:04 | 000,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2010/08/04 12:08:04 | 000,034,063 | ---- | C] () -- C:\WINDOWS\System32\dllcache\FP4.CAT
[2010/08/04 12:08:04 | 000,016,535 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IMS.CAT
[2010/08/04 12:08:04 | 000,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2010/08/04 12:08:04 | 000,012,363 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSMSGS.CAT
[2010/08/04 12:08:04 | 000,007,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat
[2010/08/04 12:07:15 | 001,396,880 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/08/04 12:06:38 | 000,000,211 | -HS- | C] () -- C:\boot.ini
[2010/08/04 12:06:37 | 000,000,793 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf
[2009/03/12 07:03:58 | 000,000,382 | ---- | C] () -- C:\WINDOWS\System32\Oeminfo.ini
[2001/08/23 05:00:00 | 000,667,136 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.DLL

========== LOP Check ==========

[2010/08/05 14:11:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sony
[2010/08/07 20:23:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kyle\Application Data\MPEG Streamclip
[2010/08/07 00:16:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kyle\Application Data\Publish Providers
[2010/08/07 20:18:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kyle\Application Data\Sony
[2010/08/08 22:33:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kyle\Application Data\uTorrent
[2010/08/08 22:01:01 | 000,000,232 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
[2010/08/08 22:09:41 | 000,000,260 | ---- | M] () -- C:\WINDOWS\Tasks\WGASetup.job

========== Purity Check ==========


< End of report >
  • 0

#15
hammerman
Posted 08 August 2010 - 11:47 PM

hammerman

    Member 4k

  • Member
  • PipPipPipPipPipPipPip
  • 4,183 posts
Hi,

Nice work :)

Can you give me an update on how your computer's running. Any more redirects/ads ?

  • Download the latest version of Java Runtime Environment (JRE) 6 Update 21.
  • Click the "Download JRE" button to the right.
  • Select your Platform and check the box that says: "I agree to the Java SE Runtime Environment 6 License Agreement.".
  • Click on Continue.
  • Click on the link to download Windows Offline Installation (jre-6u21-windows-i586.exe) and save it to your desktop. Do NOT use the Sun Download Manager..
  • Close any programs you may have running - especially your web browser.
  • Go to Start > Control Panel, double-click on Add/Remove programs and remove all older versions of Java.
  • Check any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button.
  • Repeat as many times as necessary to remove each Java version.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on the download to install the newest version.(Vista users, right click on the jre-6u21-windows-i586.exe and select "Run as an Administrator.")

  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP