Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

RECYCLER virus


  • Please log in to reply

#1
Ranosb

Ranosb

    Member

  • Member
  • PipPip
  • 10 posts
Used many different virus detect programs along with Malwarebytes, Superantivirus and Mcafee Stinger but nothing shows up.

Folder attributes:
Show hidden files & Folders =ON
Hide protected operating system files = Unchecked

The problem is after elapsed time my internet connection is dead and any clicking/attempt to run programs gives me an error msg of
"Windows cannot access the specified device, path, or file. You may not have apropriate permissions to access the item."
I have to reboot and all is well for a while and then it repeats randomly.

The RECYCLED folder on all drives contains this entry which if deleted reappears,
S-1-5-21-2743547572-3469356184-2500808519-1006

Any help appreciated Gents.


OTL logfile created on: 10/30/2011 1:15:34 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\0_TEMP\0 Documents\0 Programs
Windows XP Media Center Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.98 Gb Total Physical Memory | 0.94 Gb Available Physical Memory | 47.59% Memory free
4.37 Gb Paging File | 3.51 Gb Available in Paging File | 80.25% Paging File free
Paging file location(s): D:\pagefile.sys 2600 2600 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 105.92 Gb Total Space | 21.89 Gb Free Space | 20.67% Space Free | Partition Type: NTFS
Drive D: | 5.85 Gb Total Space | 0.11 Gb Free Space | 1.95% Space Free | Partition Type: FAT32
Drive F: | 931.51 Gb Total Space | 226.51 Gb Free Space | 24.32% Space Free | Partition Type: NTFS
Drive G: | 3.69 Gb Total Space | 0.60 Gb Free Space | 16.14% Space Free | Partition Type: FAT

Computer Name: GATEWAY2K | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/10/30 13:15:14 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\0_TEMP\0 Documents\0 Programs\OTL.exe
PRC - [2010/08/08 06:38:29 | 001,406,584 | R--- | M] (eBoostr.com) -- C:\Program Files\eBoostr\eBoostrCP.exe
PRC - [2010/08/08 06:38:29 | 000,634,488 | R--- | M] (eBoostr.com) -- C:\Program Files\eBoostr\EBstrSvc.exe
PRC - [2009/11/11 13:40:38 | 002,957,824 | R--- | M] (RTSoftwares.com) -- C:\Program Files\Turn Off Monitor\TurnOffMona.exe
PRC - [2009/03/27 02:11:02 | 000,307,704 | R--- | M] (Mozilla Corporation) -- C:\Program Files\MozillaFirefox\firefox.exe
PRC - [2008/12/04 19:00:13 | 002,745,776 | R--- | M] (Tonec Inc.) -- C:\Program Files\Internet Download Manager\IDMan.exe
PRC - [2008/10/09 14:25:34 | 000,981,904 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
PRC - [2008/10/09 14:25:32 | 002,405,776 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\system32\ZoneLabs\vsmon.exe
PRC - [2008/02/18 20:01:01 | 000,251,312 | R--- | M] (Tonec Inc.) -- C:\Program Files\Internet Download Manager\IEMonitor.exe
PRC - [2006/01/03 08:41:22 | 000,045,056 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
PRC - [2005/12/27 23:20:14 | 000,413,696 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\stsystra.exe
PRC - [2004/08/11 02:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2003/10/20 13:47:36 | 000,053,248 | ---- | M] (GEAR Software) -- C:\WINDOWS\system32\gearsec.exe


========== Modules (No Company Name) ==========

MOD - [2011/03/13 07:32:11 | 005,971,408 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
MOD - [2010/07/05 04:32:38 | 000,010,752 | ---- | M] () -- C:\Program Files\Unlocker\UnlockerCOM.dll
MOD - [2009/01/23 23:56:30 | 000,511,488 | ---- | M] () -- C:\Program Files\eBoostr\sqlite.dll
MOD - [2007/09/20 17:34:58 | 000,129,024 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2005/08/06 12:01:54 | 000,282,112 | ---- | M] () -- C:\WINDOWS\system32\sbe.dll
MOD - [2005/06/29 15:55:07 | 001,287,680 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2005/01/10 08:26:07 | 001,224,704 | ---- | M] () -- c:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll
MOD - [2005/01/10 08:26:05 | 001,257,472 | ---- | M] () -- c:\windows\assembly\gac\system.web\1.0.5000.0__b03f5f7f11d50a3a\system.web.dll
MOD - [2005/01/10 08:26:03 | 001,339,392 | ---- | M] () -- c:\windows\assembly\gac\system.xml\1.0.5000.0__b77a5c561934e089\system.xml.dll
MOD - [2005/01/10 08:26:03 | 000,372,736 | ---- | M] () -- c:\windows\assembly\gac\system.management\1.0.5000.0__b03f5f7f11d50a3a\system.management.dll
MOD - [2005/01/10 08:26:03 | 000,323,584 | ---- | M] () -- c:\windows\assembly\gac\system.runtime.remoting\1.0.5000.0__b77a5c561934e089\system.runtime.remoting.dll
MOD - [2005/01/10 08:26:02 | 000,466,944 | ---- | M] () -- c:\windows\assembly\gac\system.drawing\1.0.5000.0__b03f5f7f11d50a3a\system.drawing.dll
MOD - [2005/01/10 08:26:01 | 002,052,096 | ---- | M] () -- c:\windows\assembly\gac\system.windows.forms\1.0.5000.0__b77a5c561934e089\system.windows.forms.dll
MOD - [2005/01/10 08:23:29 | 000,007,680 | ---- | M] () -- c:\windows\assembly\gac\accessibility\1.0.5000.0__b03f5f7f11d50a3a\accessibility.dll
MOD - [2004/08/11 02:00:00 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2004/08/11 02:00:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (cnvcqaio)
SRV - [2011/03/13 20:07:25 | 000,172,032 | ---- | M] (New Boundary Technologies, Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS -- (PrismXL)
SRV - [2010/08/08 06:38:29 | 000,634,488 | R--- | M] (eBoostr.com) [Auto | Running] -- C:\Program Files\eBoostr\EBstrSvc.exe -- (EBOOSTRSVC)
SRV - [2008/11/10 03:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Stopped] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/10/09 14:25:32 | 002,405,776 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\WINDOWS\System32\ZoneLabs\vsmon.exe -- (vsmon)
SRV - [2003/10/20 13:47:36 | 000,053,248 | ---- | M] (GEAR Software) [Auto | Running] -- C:\WINDOWS\system32\gearsec.exe -- (GEARSecurity)


========== Driver Services (SafeList) ==========

DRV - [2009/09/28 02:02:44 | 000,014,424 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\PeerBlock-Ver02\pbfilter.sys -- (pbfilter)
DRV - [2009/02/13 11:02:52 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wdcsam.sys -- (WDC_SAM)
DRV - [2009/01/28 18:34:02 | 000,125,544 | ---- | M] (eBoostr.com) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\eBoost.sys -- (eBoost)
DRV - [2008/10/09 14:25:36 | 000,353,680 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\WINDOWS\system32\vsdatant.sys -- (vsdatant)
DRV - [2008/10/06 07:59:26 | 000,064,920 | ---- | M] (SuperSpeed LLC) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\SscRdBus.sys -- (SscRdBus) Virtual bus device (SuperSpeed LLC)
DRV - [2008/04/21 07:19:58 | 000,051,648 | ---- | M] (Check Point Software Technologies LTD) [Kernel | Boot | Running] -- C:\WINDOWS\system32\ZoneLabs\srescan.sys -- (srescan)
DRV - [2007/12/14 09:21:56 | 000,290,816 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21)
DRV - [2007/11/16 15:58:22 | 000,037,504 | ---- | M] (SuperSpeed LLC) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\SscRdCls.sys -- (SscRdCls) RAM Disk (SuperSpeed LLC)
DRV - [2006/06/19 14:37:34 | 000,036,864 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2006/06/16 04:28:04 | 001,179,784 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2006/05/24 08:30:06 | 000,893,952 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\smserial.sys -- (smserial)
DRV - [2006/05/23 20:56:00 | 000,245,248 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2006/04/05 10:58:44 | 001,536,000 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2005/11/03 05:24:24 | 000,424,320 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2005/10/27 14:34:06 | 000,390,849 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbVM303.sys -- (ZSMC303)
DRV - [2005/07/28 08:18:40 | 000,685,056 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\hardlock.sys -- (Hardlock)
DRV - [2004/11/11 08:30:18 | 000,024,832 | ---- | M] (Roxio) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdralw2k.sys -- (Cdralw2k)
DRV - [2004/11/11 08:27:34 | 000,044,288 | ---- | M] (Roxio) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdr4_xp.sys -- (Cdr4_xp)
DRV - [2003/01/11 04:13:04 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2002/04/08 08:20:00 | 000,073,728 | ---- | M] (Rainbow Technologies, Inc.) [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\Drivers\SENTINEL.SYS -- (Sentinel)
DRV - [2001/08/17 20:49:32 | 000,019,968 | ---- | M] (Macronix International Co., Ltd. ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mxnic.sys -- (mxnic)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gateway.c...ys=PTB&M=MX6448
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.gateway.c...ys=PTB&M=MX6448
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.gateway.c...ys=PTB&M=MX6448

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://login.facebook.com/
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.startup.homepage: "https://secure.unite...AMCC,aapl,rimm"
FF - prefs.js..extensions.enabledItems: [email protected]:5.10
FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20110704

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll File not found
FF - HKCU\Software\MozillaPlugins\@yahoo.com/BrowserPlus,version=2.9.8: C:\Documents and Settings\Owner.Gateway2k\Local Settings\Application Data\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Documents and Settings\Owner.Gateway2k\Application Data\IDM\idmmzcc2 [2011/10/30 15:17:45 | 000,000,000 | ---D | M]

[2011/10/30 15:17:38 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner.Gateway2k\Application Data\Mozilla\Extensions
[2011/10/30 15:17:37 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner.Gateway2k\Application Data\Mozilla\Firefox\Profiles\0u3thf58.default\extensions
[2011/10/30 15:17:38 | 000,000,000 | ---D | M] (WOT) -- C:\Documents and Settings\Owner.Gateway2k\Application Data\Mozilla\Firefox\Profiles\0u3thf58.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2011/10/30 15:17:37 | 000,000,000 | ---D | M] (BlockSite) -- C:\Documents and Settings\Owner.Gateway2k\Application Data\Mozilla\Firefox\Profiles\0u3thf58.default\extensions\{dd3d7613-0246-469d-bc65-2a3cc1668adc}
[2011/10/30 15:17:45 | 000,000,000 | ---D | M] (IDM CC) -- C:\DOCUMENTS AND SETTINGS\OWNER.GATEWAY2K\APPLICATION DATA\IDM\IDMMZCC2

O1 HOSTS File: ([2011/10/22 13:12:30 | 000,439,794 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 access.redhawk.org
O1 - Hosts: 127.0.0.1 blackholes.five-ten-sg.com
O1 - Hosts: 127.0.0.1 bl.tiopan.com
O1 - Hosts: 127.0.0.1 rtsoftwares.com
O1 - Hosts: 127.0.0.1 tonec.com
O1 - Hosts: 127.0.0.1 www.tonec.com
O1 - Hosts: 127.0.0.1 www.registeridm.com
O1 - Hosts: 127.0.0.1 www.verisign.com.au
O1 - Hosts: 127.0.0.1 www.verisign.com
O1 - Hosts: 127.0.0.1 www.verisign.be
O1 - Hosts: 127.0.0.1 www.verisign.com.sg/
O1 - Hosts: 127.0.0.1 getmyip.org
O1 - Hosts: 127.0.0.1 getmyip.co.uk
O1 - Hosts: 15128 more lines...
O2 - BHO: (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll (Tonec Inc.)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - No CLSID value found.
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\WINDOWS\system32\bae.dll (Gateway Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (TextAloud) - {F053C368-5458-45B2-9B4D-D8914BDDDBFF} - C:\Program Files\TextAloud\TAForIE.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [ATICCC] C:\Program Files\ATI Technologies\ATI.ACE\cli.exe (ATI Technologies Inc.)
O4 - HKLM..\Run: [BigDog303] C:\WINDOWS\VM303_STI.EXE (Vimicro)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
O4 - HKCU..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe (Tonec Inc.)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\eBoostr Control Panel.lnk = C:\Program Files\eBoostr\eBoostrCP.exe (eBoostr.com)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\EBstrSvc.lnk = C:\Program Files\eBoostr\EBstrSvc.exe (eBoostr.com)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Turn Off Monitor.lnk = C:\Program Files\Turn Off Monitor\TurnOffMon.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WDDMStatus.lnk = C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe (WDC)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WDSmartWare.lnk = C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe (Western Digital)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm ()
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\System32\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\System32\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\System32\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\System32\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\System32\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\System32\idmmbc.dll (Tonec Inc.)
O15 - HKCU\..Trusted Domains: internet ([]about in Internet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_02)
O16 - DPF: {CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_02)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FA3F6A35-F0B0-4324-8A9A-492811986618}: DhcpNameServer = 192.168.0.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\Owner.Gateway2k\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Owner.Gateway2k\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/01/10 08:13:09 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{b25fc363-5150-11e0-a57a-00e0b8b8c265}\Shell - "" = AutoRun
O33 - MountPoints2\{b25fc363-5150-11e0-a57a-00e0b8b8c265}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{b25fc363-5150-11e0-a57a-00e0b8b8c265}\Shell\AutoRun\command - "" = "H:\WD SmartWare.exe" autoplay=true
O33 - MountPoints2\{d228d0cc-4e02-11e0-a578-00e0b8b8c265}\Shell - "" = AutoRun
O33 - MountPoints2\{d228d0cc-4e02-11e0-a578-00e0b8b8c265}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{d228d0cc-4e02-11e0-a578-00e0b8b8c265}\Shell\AutoRun\command - "" = "H:\WD SmartWare.exe" autoplay=true
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/10/30 15:30:20 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$
[2011/10/30 15:30:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\AppPatch
[2011/10/30 15:30:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\addins
[2011/10/30 15:29:44 | 000,000,000 | R-SD | C] -- C:\WINDOWS\assembly
[2011/10/30 15:29:44 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC
[2011/10/30 15:29:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\creator
[2011/10/30 15:29:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard
[2011/10/30 15:29:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\Config
[2011/10/30 15:29:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\CatRoot
[2011/10/30 15:29:43 | 000,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files
[2011/10/30 15:29:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\Debug
[2011/10/30 15:29:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cursors
[2011/10/30 15:29:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache
[2011/10/30 15:29:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\EffectResources
[2011/10/30 15:29:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\ehome
[2011/10/30 15:29:09 | 000,000,000 | R-SD | C] -- C:\WINDOWS\Fonts
[2011/10/30 15:29:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\Help
[2011/10/30 15:27:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\I386
[2011/10/30 15:27:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\ime
[2011/10/30 15:27:23 | 000,000,000 | -H-D | C] -- C:\WINDOWS\inf
[2011/10/30 15:27:16 | 000,000,000 | -HSD | C] -- C:\WINDOWS\Installer
[2011/10/30 15:27:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\java
[2011/10/30 15:27:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\Internet Logs
[2011/10/30 15:27:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\Media
[2011/10/30 15:26:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET
[2011/10/30 15:26:24 | 000,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages
[2011/10/30 15:26:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\mui
[2011/10/30 15:26:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\msapps
[2011/10/30 15:26:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\msagent
[2011/10/30 15:26:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\OPTIONS
[2011/10/30 15:26:12 | 000,000,000 | -H-D | C] -- C:\WINDOWS\PIF
[2011/10/30 15:26:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\PeerNet
[2011/10/30 15:26:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\pchealth
[2011/10/30 15:26:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2011/10/30 15:26:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\Provisioning
[2011/10/30 15:26:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2011/10/30 15:26:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\Registration
[2011/10/30 15:26:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\RegisteredPackages
[2011/10/30 15:26:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\security
[2011/10/30 15:26:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\Resources
[2011/10/30 15:26:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2011/10/30 15:26:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\SMINST
[2011/10/30 15:25:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\system
[2011/10/30 15:25:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun
[2011/10/30 15:25:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\srchasst
[2011/10/30 15:25:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2011/10/30 15:25:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi
[2011/10/30 15:25:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3076
[2011/10/30 15:25:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\2052
[2011/10/30 15:25:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1054
[2011/10/30 15:25:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1042
[2011/10/30 15:25:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1041
[2011/10/30 15:25:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1037
[2011/10/30 15:25:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1033
[2011/10/30 15:25:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1031
[2011/10/30 15:25:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1028
[2011/10/30 15:25:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1025
[2011/10/30 15:25:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot
[2011/10/30 15:25:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Com
[2011/10/30 15:25:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2011/10/30 15:25:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp
[2011/10/30 15:25:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\config
[2011/10/30 15:25:19 | 000,116,224 | ---- | C] (Xerox) -- C:\WINDOWS\System32\dllcache\xrxwiadr.dll
[2011/10/30 15:25:19 | 000,023,040 | ---- | C] (Xerox Corporation) -- C:\WINDOWS\System32\dllcache\xrxwbtmp.dll
[2011/10/30 15:25:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX
[2011/10/30 15:25:14 | 000,099,865 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\xlog.exe
[2011/10/30 15:25:14 | 000,016,970 | ---- | C] (US Robotics MCD (Megahertz)) -- C:\WINDOWS\System32\dllcache\xem336n5.sys
[2011/10/30 15:25:07 | 000,154,624 | ---- | C] (Lucent Technologies) -- C:\WINDOWS\System32\dllcache\wlluc48.sys
[2011/10/30 15:25:06 | 000,771,581 | ---- | C] (Rockwell) -- C:\WINDOWS\System32\dllcache\winacisa.sys
[2011/10/30 15:25:06 | 000,034,890 | ---- | C] (Raytheon Corp.) -- C:\WINDOWS\System32\dllcache\wlandrv2.sys
[2011/10/30 15:25:05 | 000,035,871 | ---- | C] (Winbond Electronics Corp.) -- C:\WINDOWS\System32\dllcache\wbfirdma.sys
[2011/10/30 15:24:57 | 000,604,253 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\vmodem.sys
[2011/10/30 15:24:57 | 000,397,502 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vpctcom.sys
[2011/10/30 15:24:57 | 000,249,402 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\vinwm.sys
[2011/10/30 15:24:57 | 000,064,605 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vvoice.sys
[2011/10/30 15:24:57 | 000,019,528 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w840nd.sys
[2011/10/30 15:24:57 | 000,019,016 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w926nd.sys
[2011/10/30 15:24:57 | 000,016,925 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w940nd.sys
[2011/10/30 15:24:51 | 000,794,399 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806v.sys
[2011/10/30 15:24:51 | 000,793,598 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806.sys
[2011/10/30 15:24:51 | 000,765,884 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usrti.sys
[2011/10/30 15:24:49 | 000,794,654 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1801.sys
[2011/10/30 15:24:49 | 000,216,064 | ---- | C] (UMAX Data Systems Inc.) -- C:\WINDOWS\System32\dllcache\um34scan.dll
[2011/10/30 15:24:49 | 000,211,968 | ---- | C] (UMAX Data Systems Inc.) -- C:\WINDOWS\System32\dllcache\um54scan.dll
[2011/10/30 15:24:49 | 000,050,688 | ---- | C] (UMAX DATA SYSTEMS INC.) -- C:\WINDOWS\System32\dllcache\umaxscan.dll
[2011/10/30 15:24:49 | 000,032,384 | ---- | C] (KLSI USA, Inc.) -- C:\WINDOWS\System32\dllcache\usb101et.sys
[2011/10/30 15:24:48 | 000,525,568 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxp.dll
[2011/10/30 15:24:48 | 000,440,576 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkb.dll
[2011/10/30 15:24:48 | 000,315,520 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3d.dll
[2011/10/30 15:24:48 | 000,222,336 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3dm.sys
[2011/10/30 15:24:48 | 000,166,784 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxpm.sys
[2011/10/30 15:24:48 | 000,159,232 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkbm.sys
[2011/10/30 15:24:47 | 003,374,640 | ---- | C] (Macromedia, Inc.) -- C:\WINDOWS\System32\dllcache\tourW.exe
[2011/10/30 15:24:47 | 000,149,376 | ---- | C] (M-Systems) -- C:\WINDOWS\System32\dllcache\tffsport.sys
[2011/10/30 15:24:47 | 000,138,528 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiulnt5.sys
[2011/10/30 15:24:47 | 000,123,995 | ---- | C] (Tiger Jet Network) -- C:\WINDOWS\System32\dllcache\tjisdn.sys
[2011/10/30 15:24:47 | 000,081,408 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiul50.dll
[2011/10/30 15:24:46 | 000,037,961 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdk100b.sys
[2011/10/30 15:24:46 | 000,017,129 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdkcd31.sys
[2011/10/30 15:24:45 | 000,172,768 | ---- | C] (Number Nine Visual Technology) -- C:\WINDOWS\System32\dllcache\t2r4disp.dll
[2011/10/30 15:24:45 | 000,036,640 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\t2r4mini.sys
[2011/10/30 15:24:44 | 000,285,760 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnata.sys
[2011/10/30 15:24:44 | 000,155,648 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnprop.dll
[2011/10/30 15:24:44 | 000,053,248 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlncoin.dll
[2011/10/30 15:24:44 | 000,048,736 | ---- | C] (3Com) -- C:\WINDOWS\System32\dllcache\srwlnd5.sys
[2011/10/30 15:24:44 | 000,016,896 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\stcusb.sys
[2011/10/30 15:24:43 | 000,736,768 | ---- | C] (Корпорация Майкрософт) -- C:\WINDOWS\System32\dllcache\sprb0419.dll
[2011/10/30 15:24:41 | 000,192,512 | ---- | C] (Корпорация Майкрософт) -- C:\WINDOWS\System32\dllcache\spra0419.dll
[2011/10/30 15:24:40 | 000,019,072 | ---- | C] (Adaptec, Inc.) -- C:\WINDOWS\System32\dllcache\sparrow.sys
[2011/10/30 15:24:39 | 000,147,200 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smidispb.dll
[2011/10/30 15:24:39 | 000,058,368 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smiminib.sys
[2011/10/30 15:24:39 | 000,035,913 | ---- | C] (SMC) -- C:\WINDOWS\System32\dllcache\smcirda.sys
[2011/10/30 15:24:39 | 000,025,034 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smcpwr2n.sys
[2011/10/30 15:24:39 | 000,024,576 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smc8000n.sys
[2011/10/30 15:24:38 | 000,094,698 | ---- | C] (SysKonnect GmbH.) -- C:\WINDOWS\System32\dllcache\sk98xwin.sys
[2011/10/30 15:24:38 | 000,091,294 | ---- | C] (SysKonnect, a business unit of Schneider & Koch & Co. Datensysteme GmbH.) -- C:\WINDOWS\System32\dllcache\skfpwin.sys
[2011/10/30 15:24:38 | 000,063,547 | ---- | C] (Symbol Technologies) -- C:\WINDOWS\System32\dllcache\sla30nd5.sys
[2011/10/30 15:24:38 | 000,032,768 | ---- | C] (SiS Corporation) -- C:\WINDOWS\System32\dllcache\sisnic.sys
[2011/10/30 15:24:37 | 000,386,560 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiul50.dll
[2011/10/30 15:24:37 | 000,161,568 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmusb.sys
[2011/10/30 15:24:37 | 000,098,080 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiulnt5.sys
[2011/10/30 15:24:37 | 000,018,400 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmld.sys
[2011/10/30 15:24:36 | 000,017,280 | ---- | C] (SCM Microsystems) -- C:\WINDOWS\System32\dllcache\scr111.sys
[2011/10/30 15:24:35 | 000,210,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mvirge.dll
[2011/10/30 15:24:35 | 000,198,400 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4.dll
[2011/10/30 15:24:35 | 000,182,272 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.dll
[2011/10/30 15:24:35 | 000,179,264 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3d.dll
[2011/10/30 15:24:35 | 000,166,720 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3m.sys
[2011/10/30 15:24:35 | 000,082,432 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia450.dll
[2011/10/30 15:24:35 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia430.dll
[2011/10/30 15:24:35 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2011/10/30 15:24:35 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2011/10/30 15:24:35 | 000,077,824 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4m.sys
[2011/10/30 15:24:35 | 000,062,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mtrio.dll
[2011/10/30 15:24:35 | 000,061,504 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3dm.sys
[2011/10/30 15:24:35 | 000,041,216 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.sys
[2011/10/30 15:24:35 | 000,026,624 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw450ext.dll
[2011/10/30 15:24:35 | 000,026,624 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll
[2011/10/30 15:24:35 | 000,024,576 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw430ext.dll
[2011/10/30 15:24:35 | 000,023,936 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmusbm.sys
[2011/10/30 15:24:35 | 000,023,936 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmn50m.sys
[2011/10/30 15:24:34 | 000,086,097 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\reslog32.dll
[2011/10/30 15:24:34 | 000,079,104 | ---- | C] (Comtrol Corporation) -- C:\WINDOWS\System32\dllcache\rocket.sys
[2011/10/30 15:24:34 | 000,037,563 | ---- | C] (RadioLAN) -- C:\WINDOWS\System32\dllcache\rlnet5.sys
[2011/10/30 15:24:34 | 000,009,216 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\rsmgrstr.dll
[2011/10/30 15:24:32 | 000,899,146 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdkxga.sys
[2011/10/30 15:24:32 | 000,714,762 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdmkxx.sys
[2011/10/30 15:24:31 | 000,130,942 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlv.sys
[2011/10/30 15:24:31 | 000,128,286 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserli.sys
[2011/10/30 15:24:31 | 000,112,574 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlp.sys
[2011/10/30 15:24:31 | 000,016,128 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\pscr.sys
[2011/10/30 15:24:30 | 000,281,088 | ---- | C] (Cinematronics) -- C:\WINDOWS\System32\dllcache\pinball.exe
[2011/10/30 15:24:30 | 000,086,016 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\pctspk.exe
[2011/10/30 15:24:30 | 000,030,495 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pc100nds.sys
[2011/10/30 15:24:30 | 000,029,502 | ---- | C] (Marconi Communications, Inc.) -- C:\WINDOWS\System32\dllcache\pca200e.sys
[2011/10/30 15:24:30 | 000,026,153 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pcmlm56.sys
[2011/10/30 15:24:29 | 000,054,528 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\opl3sax.sys
[2011/10/30 15:24:29 | 000,054,186 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otcsercb.sys
[2011/10/30 15:24:29 | 000,043,689 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otceth5.sys
[2011/10/30 15:24:29 | 000,027,209 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otc06x5.sys
[2011/10/30 15:24:27 | 000,427,008 | ---- | C] (Корпорация Майкрософт) -- C:\WINDOWS\System32\dllcache\obrb0419.dll
[2011/10/30 15:24:24 | 000,051,552 | ---- | C] (Kensington Technology Group) -- C:\WINDOWS\System32\dllcache\ntgrip.sys
[2011/10/30 15:24:23 | 000,132,695 | ---- | C] (802.11b) -- C:\WINDOWS\System32\dllcache\netwlan5.sys
[2011/10/30 15:24:23 | 000,126,080 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm5a2wdm.sys
[2011/10/30 15:24:23 | 000,087,040 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm6wdm.sys
[2011/10/30 15:24:22 | 000,091,488 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3disp.dll
[2011/10/30 15:24:22 | 000,075,520 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxport.sys
[2011/10/30 15:24:22 | 000,060,480 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.dll
[2011/10/30 15:24:22 | 000,059,104 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.dll
[2011/10/30 15:24:22 | 000,039,264 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.sys
[2011/10/30 15:24:22 | 000,035,392 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.dll
[2011/10/30 15:24:22 | 000,033,088 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.sys
[2011/10/30 15:24:22 | 000,027,936 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3d.sys
[2011/10/30 15:24:22 | 000,021,888 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxcard.sys
[2011/10/30 15:24:22 | 000,019,968 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxicfg.dll
[2011/10/30 15:24:22 | 000,019,968 | ---- | C] (Macronix International Co., Ltd. ) -- C:\WINDOWS\System32\dllcache\mxnic.sys
[2011/10/30 15:24:22 | 000,013,664 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.sys
[2011/10/30 15:24:22 | 000,007,168 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxport.dll
[2011/10/30 15:24:10 | 000,017,280 | ---- | C] (American Megatrends Inc.) -- C:\WINDOWS\System32\dllcache\mraid35x.sys
[2011/10/30 15:24:07 | 000,164,586 | ---- | C] (Madge Networks Ltd) -- C:\WINDOWS\System32\dllcache\mdgndis5.sys
[2011/10/30 15:24:06 | 000,802,683 | ---- | C] (Lucent Technologies) -- C:\WINDOWS\System32\dllcache\ltsm.sys
[2011/10/30 15:24:06 | 000,797,500 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltsmt.sys
[2011/10/30 15:24:06 | 000,727,786 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ltck000c.sys
[2011/10/30 15:24:06 | 000,606,684 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmnt.sys
[2011/10/30 15:24:06 | 000,576,746 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmntl.sys
[2011/10/30 15:24:06 | 000,420,992 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmntt.sys
[2011/10/30 15:24:06 | 000,070,730 | ---- | C] (Linksys Group, Inc.) -- C:\WINDOWS\System32\dllcache\lne100tx.sys
[2011/10/30 15:24:06 | 000,025,065 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\lmndis3.sys
[2011/10/30 15:24:06 | 000,020,573 | ---- | C] (The Linksts Group ) -- C:\WINDOWS\System32\dllcache\lne100.sys
[2011/10/30 15:24:06 | 000,015,744 | ---- | C] (Litronic Industries) -- C:\WINDOWS\System32\dllcache\lit220p.sys
[2011/10/30 15:24:05 | 000,026,442 | ---- | C] (SMSC) -- C:\WINDOWS\System32\dllcache\lanepic5.sys
[2011/10/30 15:24:05 | 000,019,016 | ---- | C] (Kingston Technology Company ) -- C:\WINDOWS\System32\dllcache\ktc111.sys
[2011/10/30 15:24:04 | 000,023,552 | ---- | C] (MKNet Corporation) -- C:\WINDOWS\System32\dllcache\irmk7.sys
[2011/10/30 15:24:01 | 000,372,824 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\iconf32.dll
[2011/10/30 15:23:56 | 000,126,976 | ---- | C] (Hewlett Packard) -- C:\WINDOWS\System32\dllcache\hpgt34tk.dll
[2011/10/30 15:23:56 | 000,068,608 | ---- | C] (Avisioin) -- C:\WINDOWS\System32\dllcache\hpgt53tk.dll
[2011/10/30 15:23:55 | 000,082,304 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grclass.sys
[2011/10/30 15:23:55 | 000,028,288 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grserial.sys
[2011/10/30 15:23:54 | 000,017,408 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\gpr400.sys
[2011/10/30 15:23:53 | 000,455,680 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fus2base.sys
[2011/10/30 15:23:53 | 000,455,296 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fusbbase.sys
[2011/10/30 15:23:53 | 000,454,912 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fxusbase.sys
[2011/10/30 15:23:52 | 000,444,416 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcibase.sys
[2011/10/30 15:23:52 | 000,442,240 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpnpbase.sys
[2011/10/30 15:23:52 | 000,441,728 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcmbase.sys
[2011/10/30 15:23:52 | 000,034,173 | ---- | C] (Marconi Communications, Inc.) -- C:\WINDOWS\System32\dllcache\forehe.sys
[2011/10/30 15:23:52 | 000,024,618 | ---- | C] (NETGEAR) -- C:\WINDOWS\System32\dllcache\fa410nd5.sys
[2011/10/30 15:23:52 | 000,012,362 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xi.sys
[2011/10/30 15:23:52 | 000,011,850 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xj.sys
[2011/10/30 15:23:47 | 000,334,208 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\ds1wdm.sys
[2011/10/30 15:23:46 | 000,952,007 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diwan.sys
[2011/10/30 15:23:46 | 000,236,060 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\ditrace.exe
[2011/10/30 15:23:46 | 000,091,305 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\dimaint.sys
[2011/10/30 15:23:46 | 000,038,985 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvsu.dll
[2011/10/30 15:23:46 | 000,031,305 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvpp.dll
[2011/10/30 15:23:46 | 000,029,696 | ---- | C] (CNet Technology, Inc. ) -- C:\WINDOWS\System32\dllcache\dm9pci5.sys
[2011/10/30 15:23:46 | 000,028,062 | ---- | C] (National Semiconductor Coproration) -- C:\WINDOWS\System32\dllcache\dp83820.sys
[2011/10/30 15:23:46 | 000,026,698 | ---- | C] (D-Link Corporation) -- C:\WINDOWS\System32\dllcache\dlh5xnd5.sys
[2011/10/30 15:23:46 | 000,006,729 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvci.dll
[2011/10/30 15:23:45 | 000,164,923 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diapi2.sys
[2011/10/30 15:23:45 | 000,032,256 | ---- | C] (Eicon Technology Corporation) -- C:\WINDOWS\System32\dllcache\diapi2NT.dll
[2011/10/30 15:23:45 | 000,024,649 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650d.sys
[2011/10/30 15:23:45 | 000,024,648 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650.sys
[2011/10/30 15:23:45 | 000,020,928 | ---- | C] (Digital Networks, LLC) -- C:\WINDOWS\System32\dllcache\defpa.sys
[2011/10/30 15:23:41 | 000,249,856 | ---- | C] (Comtrol� Corporation) -- C:\WINDOWS\System32\dllcache\ctmasetp.dll
[2011/10/30 15:23:41 | 000,216,064 | ---- | C] (COMPAQ Inc.) -- C:\WINDOWS\System32\dllcache\cpscan.dll
[2011/10/30 15:23:41 | 000,111,872 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcspud.sys
[2011/10/30 15:23:41 | 000,093,952 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcwdm.sys
[2011/10/30 15:23:41 | 000,072,832 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbwdm.sys
[2011/10/30 15:23:41 | 000,048,640 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwrwdm.sys
[2011/10/30 15:23:41 | 000,003,584 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcosnt5.sys
[2011/10/30 15:23:41 | 000,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbmidi.sys
[2011/10/30 15:23:41 | 000,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbase.sys
[2011/10/30 15:23:39 | 000,020,736 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\cmbp0wdm.sys
[2011/10/30 15:23:38 | 000,980,034 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\cicap.sys
[2011/10/30 15:23:37 | 000,714,698 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cbmdmkxx.sys
[2011/10/30 15:23:37 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2011/10/30 15:23:37 | 000,049,182 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem56n5.sys
[2011/10/30 15:23:37 | 000,046,108 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cben5.sys
[2011/10/30 15:23:37 | 000,039,680 | ---- | C] (Silicom Ltd.) -- C:\WINDOWS\System32\dllcache\cb325.sys
[2011/10/30 15:23:37 | 000,037,916 | ---- | C] (Fast Ethernet Controller Provider) -- C:\WINDOWS\System32\dllcache\cb102.sys
[2011/10/30 15:23:37 | 000,027,164 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce3n5.sys
[2011/10/30 15:23:37 | 000,022,044 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem33n5.sys
[2011/10/30 15:23:37 | 000,022,044 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem28n5.sys
[2011/10/30 15:23:37 | 000,021,530 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce2n5.sys
[2011/10/30 15:23:36 | 000,871,388 | ---- | C] (BCM) -- C:\WINDOWS\System32\dllcache\bcmdm.sys
[2011/10/30 15:23:36 | 000,060,416 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brserwdm.sys
[2011/10/30 15:23:36 | 000,041,472 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfusb.dll
[2011/10/30 15:23:36 | 000,039,552 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparwdm.sys
[2011/10/30 15:23:36 | 000,032,256 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfrsmg.exe
[2011/10/30 15:23:36 | 000,031,529 | ---- | C] (BreezeCOM) -- C:\WINDOWS\System32\dllcache\brzwlan.sys
[2011/10/30 15:23:36 | 000,029,696 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmflpt.dll
[2011/10/30 15:23:36 | 000,019,456 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brbidiif.dll
[2011/10/30 15:23:36 | 000,015,360 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfbidi.dll
[2011/10/30 15:23:36 | 000,012,800 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brevif.dll
[2011/10/30 15:23:36 | 000,012,160 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltlo.sys
[2011/10/30 15:23:36 | 000,011,008 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbmdm.sys
[2011/10/30 15:23:36 | 000,010,368 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbscn.sys
[2011/10/30 15:23:36 | 000,009,728 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brserif.dll
[2011/10/30 15:23:36 | 000,009,728 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brcoinst.dll
[2011/10/30 15:23:36 | 000,005,120 | ---- | C] (Brother Industries,Ltd.) -- C:\WINDOWS\System32\dllcache\brscnrsm.dll
[2011/10/30 15:23:36 | 000,003,968 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltup.sys
[2011/10/30 15:23:36 | 000,003,168 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparimg.sys
[2011/10/30 15:23:36 | 000,002,944 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brfilt.sys
[2011/10/30 15:23:35 | 000,342,336 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.dll
[2011/10/30 15:23:35 | 000,144,384 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmenum.dll
[2011/10/30 15:23:35 | 000,089,952 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\b1cbase.sys
[2011/10/30 15:23:35 | 000,087,552 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmcoxp.dll
[2011/10/30 15:23:35 | 000,037,568 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmwan.sys
[2011/10/30 15:23:35 | 000,036,992 | ---- | C] (Aztech Systems Ltd) -- C:\WINDOWS\System32\dllcache\aztw2320.sys
[2011/10/30 15:23:35 | 000,036,128 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.sys
[2011/10/30 15:23:33 | 000,097,354 | ---- | C] (Bay Networks, Inc.) -- C:\WINDOWS\System32\dllcache\aspndis3.sys
[2011/10/30 15:23:32 | 000,016,969 | ---- | C] (AmbiCom, Inc.) -- C:\WINDOWS\System32\dllcache\amb8002.sys
[2011/10/30 15:23:31 | 000,747,392 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8830.sys
[2011/10/30 15:23:31 | 000,584,448 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8810.sys
[2011/10/30 15:23:31 | 000,553,984 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8820.sys
[2011/10/30 15:23:31 | 000,046,112 | ---- | C] (Adaptec, Inc ) -- C:\WINDOWS\System32\dllcache\adptsf50.sys
[2011/10/30 15:23:31 | 000,010,880 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\admjoy.sys
[2011/10/30 15:23:30 | 000,689,216 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvs.dll
[2011/10/30 15:23:30 | 000,462,848 | ---- | C] (Aureal Inc.) -- C:\WINDOWS\System32\dllcache\a3dapi.dll
[2011/10/30 15:23:30 | 000,148,352 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvsm.sys
[2011/10/30 15:23:30 | 000,098,304 | ---- | C] (Aureal Semiconductor) -- C:\WINDOWS\System32\dllcache\a3d.dll
[2011/10/30 15:23:30 | 000,061,440 | ---- | C] (Color Flatbed Scanner) -- C:\WINDOWS\System32\dllcache\acerscad.dll
[2011/10/30 15:23:28 | 000,762,780 | ---- | C] (3Com, Inc.) -- C:\WINDOWS\System32\dllcache\3cwmcru.sys
[2011/10/30 15:23:28 | 000,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2011/10/30 15:23:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn
[2011/10/30 15:23:27 | 000,893,952 | ---- | C] (Motorola Inc.) -- C:\WINDOWS\System32\drivers\smserial.sys
[2011/10/30 15:23:27 | 000,390,849 | ---- | C] (Vimicro Corporation) -- C:\WINDOWS\System32\drivers\usbVM303.sys
[2011/10/30 15:23:27 | 000,290,816 | ---- | C] (Texas Instruments) -- C:\WINDOWS\System32\drivers\tifm21.sys
[2011/10/30 15:23:27 | 000,245,248 | ---- | C] (Marvell) -- C:\WINDOWS\System32\drivers\yk51x86.sys
[2011/10/30 15:23:27 | 000,073,728 | ---- | C] (Rainbow Technologies, Inc.) -- C:\WINDOWS\System32\drivers\SENTINEL.SYS
[2011/10/30 15:23:27 | 000,064,920 | ---- | C] (SuperSpeed LLC) -- C:\WINDOWS\System32\drivers\SscRdBus.sys
[2011/10/30 15:23:27 | 000,037,504 | ---- | C] (SuperSpeed LLC) -- C:\WINDOWS\System32\drivers\SscRdCls.sys
[2011/10/30 15:23:27 | 000,011,520 | ---- | C] (Western Digital Technologies) -- C:\WINDOWS\System32\drivers\wdcsam.sys
[2011/10/30 15:23:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc
[2011/10/30 15:23:26 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/10/30 15:23:26 | 000,019,968 | ---- | C] (Macronix International Co., Ltd. ) -- C:\WINDOWS\System32\drivers\mxnic.sys
[2011/10/30 15:23:26 | 000,011,984 | ---- | C] (Elaborate Bytes AG) -- C:\WINDOWS\System32\drivers\RegKill.sys
[2011/10/30 15:23:25 | 000,685,056 | ---- | C] (Aladdin Knowledge Systems Ltd.) -- C:\WINDOWS\System32\drivers\hardlock.sys
[2011/10/30 15:23:24 | 000,125,544 | ---- | C] (eBoostr.com) -- C:\WINDOWS\System32\drivers\eBoost.sys
[2011/10/30 15:23:24 | 000,044,288 | ---- | C] (Roxio) -- C:\WINDOWS\System32\drivers\cdr4_xp.sys
[2011/10/30 15:23:24 | 000,033,664 | ---- | C] (CACE Technologies) -- C:\WINDOWS\System32\drivers\BCMWLNPF.SYS
[2011/10/30 15:23:24 | 000,024,832 | ---- | C] (Roxio) -- C:\WINDOWS\System32\drivers\cdralw2k.sys
[2011/10/30 15:23:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles
[2011/10/30 15:23:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv
[2011/10/30 15:23:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\IME
[2011/10/30 15:23:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml
[2011/10/30 15:23:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ias
[2011/10/30 15:23:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\export
[2011/10/30 15:23:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en
[2011/10/30 15:23:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
[2011/10/30 15:23:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers
[2011/10/30 15:23:20 | 000,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft
[2011/10/30 15:23:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed
[2011/10/30 15:23:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc
[2011/10/30 15:23:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ras
[2011/10/30 15:23:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe
[2011/10/30 15:23:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\npp
[2011/10/30 15:23:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\mui
[2011/10/30 15:23:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\RNBOSENT
[2011/10/30 15:23:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore
[2011/10/30 15:23:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups
[2011/10/30 15:23:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\UNINSTALL
[2011/10/30 15:23:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\spool
[2011/10/30 15:23:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt
[2011/10/30 15:23:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup
[2011/10/30 15:23:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt
[2011/10/30 15:23:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\URTTemp
[2011/10/30 15:23:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wins
[2011/10/30 15:23:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem
[2011/10/30 15:23:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom
[2011/10/30 15:22:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ZoneLabs
[2011/10/30 15:22:46 | 002,129,920 | ---- | C] (BCGSoft Ltd) -- C:\WINDOWS\System32\WLBCGCBPRO731.DLL
[2011/10/30 15:22:44 | 000,225,280 | ---- | C] (VideoSoft) -- C:\WINDOWS\System32\VSFLEX3.OCX
[2011/10/30 15:22:43 | 000,270,421 | ---- | C] (Vimicro) -- C:\WINDOWS\System32\VM303Prp.Ax
[2011/10/30 15:22:43 | 000,081,920 | ---- | C] (VM) -- C:\WINDOWS\System32\VM303STI.dll
[2011/10/30 15:22:43 | 000,049,152 | ---- | C] (XSS (eXtended Software Solutions)) -- C:\WINDOWS\System32\VGASwitch.exe
[2011/10/30 15:22:42 | 000,364,544 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\TwnLib4.dll
[2011/10/30 15:22:42 | 000,106,496 | ---- | C] (Pegasus Software) -- C:\WINDOWS\System32\TwnLib20.dll
[2011/10/30 15:22:41 | 000,081,920 | ---- | C] (Synaptics, Inc.) -- C:\WINDOWS\System32\SynTPCo2.dll
[2011/10/30 15:22:41 | 000,069,722 | ---- | C] (Synaptics, Inc.) -- C:\WINDOWS\System32\SynTPFcs.dll
[2011/10/30 15:22:39 | 000,155,648 | ---- | C] (Motorola Inc.) -- C:\WINDOWS\System32\sm56coin.dll
[2011/10/30 15:22:39 | 000,122,880 | ---- | C] (XSS) -- C:\WINDOWS\System32\ShellvRTF.dll
[2011/10/30 15:22:39 | 000,102,400 | ---- | C] (4Developers LLC) -- C:\WINDOWS\System32\SimpleRegistry.dll
[2011/10/30 15:22:39 | 000,065,864 | ---- | C] (SuperSpeed LLC) -- C:\WINDOWS\System32\SmbMInfo.exe
[2011/10/30 15:22:39 | 000,049,664 | ---- | C] (Rainbow Technologies, Inc.) -- C:\WINDOWS\System32\SNTI386.DLL
[2011/10/30 15:22:36 | 001,044,480 | ---- | C] (eHelp Corporation.) -- C:\WINDOWS\System32\roboex32.dll
[2011/10/30 15:22:36 | 000,174,400 | ---- | C] (SuperSpeed LLC) -- C:\WINDOWS\System32\RdCfg.exe
[2011/10/30 15:22:36 | 000,018,432 | ---- | C] (Rainbow Technologies, Inc.) -- C:\WINDOWS\System32\RNBOVDD.DLL
[2011/10/30 15:22:35 | 000,278,528 | ---- | C] (Real Networks, Inc) -- C:\WINDOWS\System32\pncrt.dll
[2011/10/30 15:22:35 | 000,038,912 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\picn20.dll
[2011/10/30 15:22:34 | 000,212,480 | ---- | C] (Eastman Kodak) -- C:\WINDOWS\System32\PCDLIB32.DLL
[2011/10/30 15:22:27 | 000,155,648 | ---- | C] (Ahead Software Gmbh) -- C:\WINDOWS\System32\NeroCheck.exe
[2011/10/30 15:22:20 | 000,364,544 | ---- | C] (Matthew T. Ashland) -- C:\WINDOWS\System32\MACDll.dll
[2011/10/30 15:22:20 | 000,020,480 | ---- | C] (Gateway) -- C:\WINDOWS\System32\Marker32.exe
[2011/10/30 15:22:17 | 000,054,784 | ---- | C] (Blue Sky Software Corporation.) -- C:\WINDOWS\System32\Inetwh32.dll
[2011/10/30 15:22:17 | 000,049,152 | ---- | C] (XSS) -- C:\WINDOWS\System32\install.dll
[2011/10/30 15:22:16 | 001,568,768 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\ImagX7.dll
[2011/10/30 15:22:16 | 000,476,320 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\ImagXpr7.dll
[2011/10/30 15:22:16 | 000,471,040 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\ImagXRA7.dll
[2011/10/30 15:22:16 | 000,262,144 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\ImagXR7.dll
[2011/10/30 15:22:15 | 000,206,256 | ---- | C] (Tonec Inc.) -- C:\WINDOWS\System32\idmmbc.dll
[2011/10/30 15:22:14 | 002,164,411 | ---- | C] (Aladdin Knowledge Systems Ltd.) -- C:\WINDOWS\System32\haspds_windows.dll
[2011/10/30 15:22:11 | 000,131,072 | ---- | C] (Inner Media, Inc.) -- C:\WINDOWS\System32\dzip32.dll
[2011/10/30 15:22:11 | 000,093,552 | ---- | C] (Elaborate Bytes AG) -- C:\WINDOWS\System32\ElbyCDIO.dll
[2011/10/30 15:22:10 | 000,110,592 | ---- | C] (Inner Media, Inc.) -- C:\WINDOWS\System32\dunzip32.dll
[2011/10/30 15:22:05 | 000,761,856 | ---- | C] (Gracenote) -- C:\WINDOWS\System32\CDDBUIRoxio.dll
[2011/10/30 15:22:05 | 000,528,384 | ---- | C] (Gracenote (formerly CDDB, Inc.)) -- C:\WINDOWS\System32\CDDBControlRoxio.dll
[2011/10/30 15:22:05 | 000,081,920 | ---- | C] (Roxio) -- C:\WINDOWS\System32\cdral.dll
[2011/10/30 15:22:05 | 000,077,824 | ---- | C] (Roxio) -- C:\WINDOWS\System32\cdrtc.dll
[2011/10/30 15:22:05 | 000,069,632 | ---- | C] (CACE Technologies) -- C:\WINDOWS\System32\bcmwlpkt.dll
[2011/10/30 15:22:04 | 000,593,920 | ---- | C] (Babel Technologies SA) -- C:\WINDOWS\System32\BabTts.dll
[2011/10/30 15:22:04 | 000,094,208 | ---- | C] (Gateway Inc.) -- C:\WINDOWS\System32\bae.dll
[2011/10/30 15:21:59 | 000,032,768 | ---- | C] (Acapela Group) -- C:\WINDOWS\System32\acatel_prf.dll
[2011/10/30 15:21:59 | 000,024,576 | ---- | C] (Acapela Group) -- C:\WINDOWS\System32\acatel_msg.dll
[2011/10/30 15:21:59 | 000,010,752 | ---- | C] (Almeida & Andrade Ltda) -- C:\WINDOWS\System32\aamd532.dll
[2011/10/30 15:21:59 | 000,000,000 | --SD | C] -- C:\WINDOWS\Tasks
[2011/10/30 15:21:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\twain_32
[2011/10/30 15:21:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\tiinst
[2011/10/30 15:21:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2011/10/30 15:21:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\system32
[2011/10/30 15:21:52 | 000,000,000 | R--D | C] -- C:\WINDOWS\Web
[2011/10/30 15:21:45 | 000,102,400 | ---- | C] (www.zsmc.com.cn) -- C:\WINDOWS\VM303Cap.exe
[2011/10/30 15:21:45 | 000,061,440 | ---- | C] (Vimicro) -- C:\WINDOWS\VM303_STI.EXE
[2011/10/30 15:21:45 | 000,032,768 | ---- | C] (Vimicro) -- C:\WINDOWS\VMZoom.exe
[2011/10/30 15:21:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\WinSxS
[2011/10/30 15:21:44 | 000,053,248 | ---- | C] (VM) -- C:\WINDOWS\Sti303.exe
[2011/10/30 15:21:44 | 000,013,352 | ---- | C] (BigFix, Inc.) -- C:\WINDOWS\BigFixClientOverride.dll
[2011/10/30 15:21:44 | 000,000,000 | ---D | C] -- C:\WINDOWS
[2011/10/30 15:18:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2011/10/30 15:18:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple
[2011/10/30 15:18:22 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2011/10/30 15:18:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\BlazeVideo
[2011/10/30 15:18:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
[2011/10/30 15:18:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\DVD Shrink
[2011/10/30 15:18:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Doctor Web
[2011/10/30 15:18:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\eboostr
[2011/10/30 15:18:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/10/30 15:18:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2011/10/30 15:18:12 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2011/10/30 15:18:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SlySoft
[2011/10/30 15:18:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\QuickTime
[2011/10/30 15:18:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Pure Networks
[2011/10/30 15:18:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Prism Deploy
[2011/10/30 15:18:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Minnetonka Audio Software
[2011/10/30 15:18:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2011/10/30 15:18:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Yahoo!
[2011/10/30 15:18:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\WildTangent
[2011/10/30 15:18:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Western Digital
[2011/10/30 15:18:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2011/10/30 15:18:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2011/10/30 15:18:01 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Videos
[2011/10/30 15:18:01 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Pictures
[2011/10/30 15:18:01 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Music
[2011/10/30 15:18:01 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents
[2011/10/30 15:18:01 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Administrative Tools
[2011/10/30 15:18:01 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Accessories
[2011/10/30 15:18:01 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\Documents\MCE Logs
[2011/10/30 15:18:01 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\DRM
[2011/10/30 15:18:01 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data
[2011/10/30 15:18:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
[2011/10/30 15:18:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\Recorded TV
[2011/10/30 15:18:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Favorites
[2011/10/30 15:18:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\eBoostr
[2011/10/30 15:18:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\DVD Shrink
[2011/10/30 15:18:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\DVD Audio Extractor
[2011/10/30 15:18:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Desktop
[2011/10/30 15:18:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Combined Community Codec Pack
[2011/10/30 15:18:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Catalyst Control Center
[2011/10/30 15:18:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Broadcom Wireless
[2011/10/30 15:18:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\BitComet
[2011/10/30 15:18:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Auran
[2011/10/30 15:18:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\AT&T Natural Voices 1.4
[2011/10/30 15:18:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\A4 TECH USB PC Camera H
[2011/10/30 15:18:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\7-Zip
[2011/10/30 15:18:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}xxx
[2011/10/30 15:18:00 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Games
[2011/10/30 15:17:58 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Gateway Documentation
[2011/10/30 15:17:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\GOG.com
[2011/10/30 15:17:57 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup
[2011/10/30 15:17:57 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu
[2011/10/30 15:17:57 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Templates
[2011/10/30 15:17:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Zuxxez
[2011/10/30 15:17:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\ZoneAlarm
[2011/10/30 15:17:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Yahoo! Messenger
[2011/10/30 15:17:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\WinRAR
[2011/10/30 15:17:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Digital Media Enhancements
[2011/10/30 15:17:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows
[2011/10/30 15:17:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Western Digital Corporation
[2011/10/30 15:17:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\WD SmartWare
[2011/10/30 15:17:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\VSO
[2011/10/30 15:17:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\ViewSonic
[2011/10/30 15:17:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\VideoReDo
[2011/10/30 15:17:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\TrueCrypt
[2011/10/30 15:17:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\TextAloud
[2011/10/30 15:17:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SuperSpeed
[2011/10/30 15:17:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SpywareBlaster
[2011/10/30 15:17:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Spybot - Search & Destroy
[2011/10/30 15:17:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Sonic Studio
[2011/10/30 15:17:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Solveig Multimedia
[2011/10/30 15:17:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Registry Mechanic
[2011/10/30 15:17:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\REALTEK RTL8187 Wireless LAN Driver and Utility
[2011/10/30 15:17:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Real
[2011/10/30 15:17:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\QuickTime
[2011/10/30 15:17:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Powertoys for Windows XP
[2011/10/30 15:17:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\PhilipsProTECH
[2011/10/30 15:17:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\PeerBlock
[2011/10/30 15:17:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Nomad Factory
[2011/10/30 15:17:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Nero
[2011/10/30 15:17:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Napster Music Service-START 30-day trial
[2011/10/30 15:17:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Music DVD Creator
[2011/10/30 15:17:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\MSN Encarta Plus
[2011/10/30 15:17:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox
[2011/10/30 15:17:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Monkey's Audio
[2011/10/30 15:17:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Minnetonka Audio
[2011/10/30 15:17:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Speech SDK 5.1
[2011/10/30 15:17:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Digital Image Starter Edition 2006
[2011/10/30 15:17:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/10/30 15:17:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Majestic Chess
[2011/10/30 15:17:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\KORG
[2011/10/30 15:17:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\iZotope
[2011/10/30 15:17:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
[2011/10/30 15:17:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\ImgBurn
[2011/10/30 15:17:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\IconChanger
[2011/10/30 15:17:52 | 000,000,000 | --SD | C] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2011/10/30 15:17:52 | 000,000,000 | --SD | C] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2011/10/30 15:17:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\ServiceTest
[2011/10/30 15:17:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2011/10/30 15:17:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2011/10/30 15:17:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple
[2011/10/30 15:17:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.Gateway2k\Application Data\AVG2012
[2011/10/30 15:17:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.Gateway2k\Application Data\AudioGate
[2011/10/30 15:17:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.Gateway2k\Application Data\Audacity
[2011/10/30 15:17:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.Gateway2k\Application Data\ATI
[2011/10/30 15:17:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.Gateway2k\Application Data\Apple Computer
[2011/10/30 15:17:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.Gateway2k\Application Data\AdobeUM
[2011/10/30 15:17:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.Gateway2k\Application Data\Adobe
[2011/10/30 15:17:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.Gateway2k\Application Data\AccurateRip
[2011/10/30 15:17:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.Gateway2k\Application Data\BitComet
[2011/10/30 15:17:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.Gateway2k\Application Data\dvdcss
[2011/10/30 15:17:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.Gateway2k\Application Data\DMCache
[2011/10/30 15:17:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.Gateway2k\Application Data\BitTorrent
[2011/10/30 15:17:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.Gateway2k\Application Data\Identities
[2011/10/30 15:17:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.Gateway2k\Application Data\IconChanger
[2011/10/30 15:17:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.Gateway2k\Application Data\Help
[2011/10/30 15:17:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.Gateway2k\Application Data\foobar2000
[2011/10/30 15:17:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.Gateway2k\Application Data\IDM
[2011/10/30 15:17:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.Gateway2k\Application Data\iZotope
[2011/10/30 15:17:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.Gateway2k\Application Data\ImgBurn
[2011/10/30 15:17:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.Gateway2k\Application Data\Media Player Classic
[2011/10/30 15:17:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.Gateway2k\Application Data\McAfee.com Personal Firewall
[2011/10/30 15:17:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.Gateway2k\Application Data\Malwarebytes
[2011/10/30 15:17:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.Gateway2k\Application Data\Macromedia
[2011/10/30 15:17:38 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Owner.Gateway2k\Application Data\Microsoft
[2011/10/30 15:17:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.Gateway2k\Application Data\mkvtoolnix
[2011/10/30 15:17:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.Gateway2k\Application Data\TrueCrypt
[2011/10/30 15:17:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.Gateway2k\Application Data\SUPERAntiSpyware.com
[2011/10/30 15:17:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.Gateway2k\Application Data\Sun
[2011/10/30 15:17:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.Gateway2k\Application Data\Solveig Multimedia
[2011/10/30 15:17:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.Gateway2k\Application Data\Saracon
[2011/10/30 15:17:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.Gateway2k\Application Data\SampleView
[2011/10/30 15:17:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.Gateway2k\Application Data\rockbox.org
[2011/10/30 15:17:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.Gateway2k\Application Data\Mozilla
[2011/10/30 15:17:35 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Owner.Gateway2k\Application Data\pcouffin.sys
[2011/10/30 15:17:35 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Owner.Gateway2k\Cookies
[2011/10/30 15:17:35 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Owner.Gateway2k\Application Data
[2011/10/30 15:17:35 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner.Gateway2k\Desktop\WebCam
[2011/10/30 15:17:35 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner.Gateway2k\Desktop\Phasor
[2011/10/30 15:17:35 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner.Gateway2k\Desktop\Epson
[2011/10/30 15:17:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.Gateway2k\Application Data\Yahoo!
[2011/10/30 15:17:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.Gateway2k\Application Data\WinRAR
[2011/10/30 15:17:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.Gateway2k\Application Data\Western Digital
[2011/10/30 15:17:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.Gateway2k\Application Data\Vso
[2011/10/30 15:17:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.Gateway2k\Application Data\VideoReDo-TVSuite
[2011/10/30 15:17:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.Gateway2k\Application Data\uTorrent
[2011/10/30 15:17:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.Gateway2k\ChikkaDefault
[2011/10/30 15:17:34 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner.Gateway2k\Favorites
[2011/10/30 15:17:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.Gateway2k\Doctor Web
[2011/10/30 15:17:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.Gateway2k\Desktop
[2011/10/30 15:17:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.Gateway2k\Local Settings\Application Data\Apple
[2011/10/30 15:17:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.Gateway2k\Local Settings\Application Data\Adobe
[2011/10/30 15:17:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.Gateway2k\Local Settings\Application Data\BitTorrent
[2011/10/30 15:17:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.Gateway2k\Local Settings\Application Data\ATI
[2011/10/30 15:17:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.Gateway2k\Local Settings\Application Data\ApplicationHistory
[2011/10/30 15:17:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.Gateway2k\Local Settings\Application Data\Apple Computer
[2011/10/30 15:17:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.Gateway2k\Local Settings\Application Data\Identities
[2011/10/30 15:17:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.Gateway2k\Local Settings\Application Data\Help
[2011/10/30 15:17:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.Gateway2k\Local Settings\Application Data\Downloaded Installations
[2011/10/30 15:17:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.Gateway2k\Local Settings\Application Data\Minnetonka Audio Software
[2011/10/30 15:17:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.Gateway2k\Local Settings\Application Data\Microsoft
[2011/10/30 15:17:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.Gateway2k\Local Settings\Application Data\Yahoo
[2011/10/30 15:17:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.Gateway2k\Local Settings\Application Data\Western_Digital
[2011/10/30 15:17:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.Gateway2k\Local Settings\Application Data\Western Digital
[2011/10/30 15:17:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.Gateway2k\Local Settings\Application Data\uTorrent
[2011/10/30 15:17:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.Gateway2k\Local Settings\Application Data\Mozilla
[2011/10/30 15:17:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.Gateway2k\Local Settings\Application Data\Yahoo!
[2011/10/30 15:17:12 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Owner.Gateway2k\Local Settings
[2011/10/30 15:17:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.Gateway2k\My Documents\Downloads
[2011/10/30 15:17:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.Gateway2k\My Documents\BlazeVideo
[2011/10/30 15:17:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.Gateway2k\My Documents\BBE Sound
[2011/10/30 15:17:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.Gateway2k\My Documents\Anti-Malware
[2011/10/30 15:17:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.Gateway2k\My Documents\Adobe
[2011/10/30 15:17:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.Gateway2k\My Documents\iZotope Ozone 4 Presets
[2011/10/30 15:17:10 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner.Gateway2k\My Documents\My Videos
[2011/10/30 15:17:10 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner.Gateway2k\My Documents\My Pictures
[2011/10/30 15:17:10 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner.Gateway2k\My Documents\My Music
[2011/10/30 15:17:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.Gateway2k\My Documents\my games
[2011/10/30 15:17:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.Gateway2k\My Documents\Licenses
[2011/10/30 15:17:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.Gateway2k\My Documents\iZotope RX 2 Presets
[2011/10/30 15:17:08 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Owner.Gateway2k\SendTo
[2011/10/30 15:17:08 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Owner.Gateway2k\Recent
[2011/10/30 15:17:08 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner.Gateway2k\My Documents
[2011/10/30 15:17:08 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner.Gateway2k\Start Menu\Programs\Administrative Tools
[2011/10/30 15:17:08 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner.Gateway2k\Start Menu\Programs\Accessories
[2011/10/30 15:17:08 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Owner.Gateway2k\PrintHood
[2011/10/30 15:17:08 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Owner.Gateway2k\NetHood
[2011/10/30 15:17:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.Gateway2k\My Documents\WDC
[2011/10/30 15:17:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.Gateway2k\My Documents\PcSetup
[2011/10/30 15:17:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.Gateway2k\My Documents\Nomad Factory
[2011/10/30 15:17:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.Gateway2k\Start Menu\Programs\iZotope
[2011/10/30 15:17:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.Gateway2k\Start Menu\Programs\HiJackThis
[2011/10/30 15:17:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.Gateway2k\Start Menu\Programs\Crown Software
[2011/10/30 15:17:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.Gateway2k\Start Menu\Programs\BrowserPlus
[2011/10/30 15:17:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.Gateway2k\Start Menu\Programs\BBE Sound
[2011/10/30 15:17:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.Gateway2k\Start Menu\Programs\AstroAvenger
[2011/10/30 15:17:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.Gateway2k\Start Menu\Programs\A4 TECH USB PC Camera H
[2011/10/30 15:17:07 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner.Gateway2k\Start Menu\Programs\Startup
[2011/10/30 15:17:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.Gateway2k\Start Menu\Programs\WinRAR
[2011/10/30 15:17:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.Gateway2k\Start Menu\Programs\Windows Media Bonus Pack for Windows XP
[2011/10/30 15:17:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.Gateway2k\Start Menu\Programs\Windows
[2011/10/30 15:17:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.Gateway2k\Start Menu\Programs\Weiss Engineering
[2011/10/30 15:17:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.Gateway2k\Start Menu\Programs\WD Diagnostics
[2011/10/30 15:17:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.Gateway2k\Start Menu\Programs\Voxengo
[2011/10/30 15:17:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.Gateway2k\Start Menu\Programs\Unlocker
[2011/10/30 15:17:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.Gateway2k\Start Menu\Programs\Syntrillium
[2011/10/30 15:17:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.Gateway2k\Start Menu\Programs\SurCode DVD DTS
[2011/10/30 15:17:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.Gateway2k\Start Menu\Programs\SUPERAntiSpyware
[2011/10/30 15:17:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.Gateway2k\Start Menu\Programs\Portforward.com
[2011/10/30 15:17:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.Gateway2k\Start Menu\Programs\Nomad Factory
[2011/10/30 15:17:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.Gateway2k\Start Menu\Programs\MP3Gain
[2011/10/30 15:17:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.Gateway2k\Start Menu\Programs\MediaInfo
[2011/10/30 15:17:06 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Owner.Gateway2k\UserData
[2011/10/30 15:17:06 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner.Gateway2k\Start Menu
[2011/10/30 15:17:06 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Owner.Gateway2k\Templates
[2011/10/30 15:16:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings
[2011/10/30 07:30:33 | 000,000,000 | ---D | C] -- C:\Downloads
[2011/10/29 11:58:03 | 000,000,000 | ---D | C] -- C:\Program Files\Panda Security
[2011/10/29 10:45:22 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee
[2011/10/29 10:43:45 | 007,218,240 | R--- | C] (McAfee Inc.) -- C:\Program Files\stinger10.2.0.351.exe
[2011/10/29 03:18:00 | 000,000,000 | ---D | C] -- C:\Program Files\UnHackMe
[2011/10/29 02:35:21 | 000,000,000 | ---D | C] -- C:\i386
[2011/10/27 09:15:18 | 000,000,000 | ---D | C] -- C:\Program Files\TeaTimer (Spybot - Search & Destroy)
[2011/10/27 09:15:13 | 000,000,000 | ---D | C] -- C:\Program Files\File Scanner Library (Spybot - Search & Destroy)
[2011/10/27 06:35:52 | 000,000,000 | ---D | C] -- C:\Program Files\CanCopy 2.1.0
[2011/10/26 17:38:17 | 000,000,000 | ---D | C] -- C:\Program Files\Hitman Pro 3.5
[2011/10/26 07:22:41 | 000,000,000 | ---D | C] -- C:\Program Files\SHOUTcast
[2011/10/21 18:51:31 | 000,000,000 | ---D | C] -- C:\Program Files\GrantPerms
[2011/10/20 17:42:54 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox 7
[2011/10/19 07:07:17 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2011/10/18 06:51:55 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Doctor Web
[2011/10/18 06:51:11 | 000,000,000 | ---D | C] -- C:\Program Files\DrWeb
[2011/10/17 18:09:26 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2011/10/17 16:37:08 | 007,200,832 | R--- | C] (McAfee Inc.) -- C:\Program Files\stinger10.2.0.325.exe
[2011/10/16 08:21:25 | 000,000,000 | ---D | C] -- C:\Program Files\Registry Mechanic
[2011/10/16 03:15:44 | 000,000,000 | ---D | C] -- C:\Program Files\PeerBlock-Ver02
[2011/10/16 03:14:29 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Download Manager-Bak
[2011/10/15 18:44:56 | 000,000,000 | ---D | C] -- C:\Program Files\BitComet-15Oct2011
[2011/10/15 03:11:18 | 000,000,000 | ---D | C] -- C:\Program Files\PFPortChecker
[2011/10/14 14:03:51 | 000,000,000 | -HSD | C] -- C:\Recycled
[2011/10/13 16:54:20 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Download Manager
[2011/10/13 02:12:49 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011/10/13 00:39:34 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2011/10/12 20:27:35 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2011/10/10 16:48:33 | 000,000,000 | ---D | C] -- C:\Program Files\PeerBlock
[2011/10/10 09:50:54 | 000,000,000 | ---D | C] -- C:\Program Files\BitTorrent
[2011/10/08 09:44:47 | 000,000,000 | ---D | C] -- C:\Program Files\MozillaFirefox 3.0.8 Copy of-2
[2011/10/08 07:25:34 | 000,000,000 | ---D | C] -- C:\00_Temp
[2011/10/08 06:47:22 | 000,000,000 | ---D | C] -- C:\Program Files\Emsisoft Anti-Malware
[2011/10/08 06:01:36 | 000,000,000 | ---D | C] -- C:\Program Files\MozillaFirefox
[2011/10/06 06:40:54 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2011/10/05 05:17:48 | 007,202,624 | ---- | C] (McAfee Inc.) -- C:\Program Files\stinger10.2.0.302.exe
[2011/06/04 19:37:00 | 000,305,664 | ---- | C] (Inekman) -- C:\Program Files\Xtremsplit.exe
[2011/03/13 17:20:19 | 004,411,392 | R--- | C] (Gabest) -- C:\Program Files\MediaPlayer Classic2.exe
[2011/03/13 09:12:17 | 000,201,728 | R--- | C] (Freebyte.com) -- C:\Program Files\hjsplit 3.0.exe
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/10/30 11:15:57 | 000,352,606 | -H-- | M] () -- C:\WINDOWS\System32\vsconfig.xml
[2011/10/30 11:14:13 | 000,000,000 | ---- | M] () -- C:\WINDOWS\TempFile
[2011/10/30 11:14:10 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/10/30 11:11:28 | 000,000,072 | ---- | M] () -- C:\Program Files\stinger10.2.0.325.opt
[2011/10/30 08:54:24 | 000,000,326 | ---- | M] () -- C:\Documents and Settings\Owner.Gateway2k\Desktop\Seeding.lnk
[2011/10/30 08:40:46 | 000,001,170 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/10/30 05:52:19 | 001,364,101 | ---- | M] () -- C:\Program Files\aesetup2.5.zip
[2011/10/29 18:02:47 | 000,000,017 | ---- | M] () -- C:\Program Files\stinger10.2.0.351.opt
[2011/10/29 10:44:47 | 007,218,240 | R--- | M] (McAfee Inc.) -- C:\Program Files\stinger10.2.0.351.exe
[2011/10/29 07:28:17 | 000,000,209 | R--- | M] () -- C:\Boot.ini
[2011/10/28 05:00:15 | 000,000,429 | ---- | M] () -- C:\0txt
[2011/10/23 10:37:36 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2011/10/23 09:54:13 | 000,002,688 | ---- | M] () -- C:\Documents and Settings\Owner.Gateway2k\Application Data\dvdae.config
[2011/10/23 09:24:52 | 000,000,219 | ---- | M] () -- C:\WINDOWS\System32\lsprst7.tgz
[2011/10/23 09:24:52 | 000,000,205 | ---- | M] () -- C:\WINDOWS\System32\lsprst7.dll
[2011/10/23 09:24:52 | 000,000,087 | ---- | M] () -- C:\WINDOWS\System32\ssprs.tgz
[2011/10/23 09:24:52 | 000,000,073 | ---- | M] () -- C:\WINDOWS\System32\ssprs.dll
[2011/10/23 05:22:50 | 000,001,540 | ---- | M] () -- C:\Documents and Settings\Owner.Gateway2k\Desktop\Torrents.lnk
[2011/10/22 19:14:18 | 000,001,143 | ---- | M] () -- C:\Documents and Settings\Owner.Gateway2k\Desktop\z Bookmarks.lnk
[2011/10/22 18:47:02 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/10/22 13:12:30 | 000,439,794 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011/10/22 13:11:52 | 000,439,794 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts-22Oct2011.bak
[2011/10/20 08:10:17 | 000,439,701 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Last hosts.bak
[2011/10/17 16:37:09 | 007,200,832 | R--- | M] (McAfee Inc.) -- C:\Program Files\stinger10.2.0.325.exe
[2011/10/17 06:51:03 | 000,000,440 | RHS- | M] () -- C:\Documents and Settings\All Users\ntuser.pol
[2011/10/16 08:16:28 | 000,000,103 | ---- | M] () -- C:\Program Files\stinger10.2.0.302.opt
[2011/10/14 05:53:44 | 000,005,450 | ---- | M] () -- C:\Documents and Settings\Owner.Gateway2k\My Documents\Randy.theme
[2011/10/14 05:49:39 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\Owner.Gateway2k\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/10/14 05:31:12 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2011/10/13 18:12:36 | 000,000,186 | ---- | M] () -- C:\Documents and Settings\Owner.Gateway2k\My Documents\z SD DISK (G).lnk
[2011/10/13 12:40:58 | 000,002,491 | ---- | M] () -- C:\Documents and Settings\Owner.Gateway2k\Desktop\System Restore.lnk
[2011/10/13 08:16:57 | 000,000,781 | ---- | M] () -- C:\Documents and Settings\Owner.Gateway2k\Desktop\Application Data.lnk
[2011/10/13 00:39:44 | 000,000,326 | RHS- | M] () -- C:\boot.ini.comboFix
[2011/10/09 17:57:54 | 000,001,749 | ---- | M] () -- C:\Documents and Settings\Owner.Gateway2k\Desktop\Weiss Saracon 01.61-27.lnk
[2011/10/09 17:57:28 | 000,001,592 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AudioGate 2.1.0.3.lnk
[2011/10/08 08:34:19 | 000,001,175 | ---- | M] () -- C:\Documents and Settings\Owner.Gateway2k\Desktop\FireFox.lnk
[2011/10/08 06:43:03 | 000,000,261 | ---- | M] () -- C:\Documents and Settings\Owner.Gateway2k\Desktop\G_Bookmarks.lnk
[2011/10/08 06:00:10 | 000,001,552 | ---- | M] () -- C:\Documents and Settings\Owner.Gateway2k\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/10/06 20:25:17 | 000,000,987 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Turn Off Monitor.ini
[2011/10/06 20:17:27 | 000,001,681 | ---- | M] () -- C:\Documents and Settings\Owner.Gateway2k\Desktop\Taskkill.lnk
[2011/10/06 06:54:33 | 000,269,208 | ---- | M] () -- C:\Documents and Settings\Owner.Gateway2k\Local Settings\Application Data\census.cache
[2011/10/06 06:54:09 | 000,204,636 | ---- | M] () -- C:\Documents and Settings\Owner.Gateway2k\Local Settings\Application Data\ars.cache
[2011/10/05 05:17:48 | 007,202,624 | ---- | M] (McAfee Inc.) -- C:\Program Files\stinger10.2.0.302.exe
[2011/10/05 04:57:35 | 000,001,160 | ---- | M] () -- C:\Documents and Settings\Owner.Gateway2k\Desktop\RamDisk (L) (1024Mb).lnk
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/10/30 15:25:31 | 000,059,167 | ---- | C] () -- C:\WINDOWS\System\setup.inf
[2011/10/30 15:25:19 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xrxftplt.exe
[2011/10/30 15:25:19 | 000,017,408 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xrxscnui.dll
[2011/10/30 15:25:13 | 000,240,640 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wstrendr.ax
[2011/10/30 15:25:13 | 000,167,936 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wstpager.ax
[2011/10/30 15:25:06 | 000,040,448 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wiasf.ax
[2011/10/30 15:25:06 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\dllcache\win87em.dll
[2011/10/30 15:24:57 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\dllcache\vwipxspx.exe
[2011/10/30 15:24:56 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\dllcache\vbicodec.ax
[2011/10/30 15:24:49 | 000,279,040 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tshoot.dll
[2011/10/30 15:24:49 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tsd32.dll
[2011/10/30 15:24:45 | 000,383,140 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tahoma.ttf
[2011/10/30 15:24:45 | 000,355,436 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tahomabd.ttf
[2011/10/30 15:24:44 | 000,033,280 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sstub.dll
[2011/10/30 15:24:44 | 000,003,144 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srgb.icm
[2011/10/30 15:24:44 | 000,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf
[2011/10/30 15:24:39 | 000,034,816 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sniffpol.dll
[2011/10/30 15:24:37 | 000,000,882 | ---- | C] () -- C:\WINDOWS\System32\dllcache\share.exe
[2011/10/30 15:24:36 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\dllcache\scriptpw.dll
[2011/10/30 15:24:36 | 000,007,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\secupd.sig
[2011/10/30 15:24:36 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\dllcache\secupd.dat
[2011/10/30 15:24:35 | 001,685,606 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.spd
[2011/10/30 15:24:35 | 000,282,112 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sbe.dll
[2011/10/30 15:24:35 | 000,000,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.sdf
[2011/10/30 15:24:34 | 000,003,338 | ---- | C] () -- C:\WINDOWS\System32\dllcache\redir.exe
[2011/10/30 15:24:32 | 001,287,680 | ---- | C] () -- C:\WINDOWS\System32\dllcache\quartz.dll
[2011/10/30 15:24:32 | 000,605,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa
[2011/10/30 15:24:31 | 000,733,696 | ---- | C] () -- C:\WINDOWS\System32\dllcache\qedwipes.dll
[2011/10/30 15:24:31 | 000,562,176 | ---- | C] () -- C:\WINDOWS\System32\dllcache\qedit.dll
[2011/10/30 15:24:31 | 000,385,024 | ---- | C] () -- C:\WINDOWS\System32\dllcache\qdvd.dll
[2011/10/30 15:24:31 | 000,279,040 | ---- | C] () -- C:\WINDOWS\System32\dllcache\qdv.dll
[2011/10/30 15:24:31 | 000,239,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisdecd.dll
[2011/10/30 15:24:31 | 000,224,256 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisrndr.ax
[2011/10/30 15:24:31 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\dllcache\qcap.dll
[2011/10/30 15:24:31 | 000,035,755 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prncnfg.vbs
[2011/10/30 15:24:31 | 000,032,546 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prnmngr.vbs
[2011/10/30 15:24:31 | 000,029,454 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prnport.vbs
[2011/10/30 15:24:31 | 000,025,415 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prndrvr.vbs
[2011/10/30 15:24:31 | 000,021,527 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prnjobs.vbs
[2011/10/30 15:24:31 | 000,015,860 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prnqctl.vbs
[2011/10/30 15:24:31 | 000,003,708 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pubprn.vbs
[2011/10/30 15:24:30 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2011/10/30 15:24:30 | 000,167,219 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pagefile.vbs
[2011/10/30 15:24:30 | 000,157,696 | ---- | C] () -- C:\WINDOWS\System32\dllcache\paqsp.dll
[2011/10/30 15:24:28 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\dllcache\oembios.bin
[2011/10/30 15:24:28 | 000,007,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\oembios.sig
[2011/10/30 15:24:28 | 000,005,151 | ---- | C] () -- C:\WINDOWS\System32\dllcache\oembios.dat
[2011/10/30 15:24:27 | 000,004,310 | ---- | C] () -- C:\WINDOWS\System32\dllcache\odbcconf.rsp
[2011/10/30 15:24:26 | 000,003,252 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nw16.exe
[2011/10/30 15:24:24 | 000,035,648 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ntio411.sys
[2011/10/30 15:24:24 | 000,035,424 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ntio412.sys
[2011/10/30 15:24:24 | 000,034,560 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ntio804.sys
[2011/10/30 15:24:24 | 000,034,560 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ntio404.sys
[2011/10/30 15:24:24 | 000,033,840 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ntio.sys
[2011/10/30 15:24:24 | 000,029,370 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ntdos411.sys
[2011/10/30 15:24:24 | 000,029,274 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ntdos412.sys
[2011/10/30 15:24:24 | 000,029,146 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ntdos804.sys
[2011/10/30 15:24:24 | 000,029,146 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ntdos404.sys
[2011/10/30 15:24:24 | 000,027,866 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ntdos.sys
[2011/10/30 15:24:23 | 004,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex
[2011/10/30 15:24:23 | 000,007,052 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nlsfunc.exe
[2011/10/30 15:24:18 | 000,376,320 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msinfo.dll
[2011/10/30 15:24:18 | 000,198,736 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msimain.sdb
[2011/10/30 15:24:17 | 000,844,314 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdxm.ocx
[2011/10/30 15:24:17 | 000,058,368 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdvbnp.ax
[2011/10/30 15:24:17 | 000,014,336 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdmo.dll
[2011/10/30 15:24:17 | 000,004,126 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdxmlc.dll
[2011/10/30 15:24:10 | 000,000,817 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mscdexnt.exe
[2011/10/30 15:24:09 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mpg2splt.ax
[2011/10/30 15:24:09 | 000,062,976 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mpg2data.ax
[2011/10/30 15:24:09 | 000,004,639 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.exe
[2011/10/30 15:24:08 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mlang.dat
[2011/10/30 15:24:08 | 000,460,728 | ---- | C] () -- C:\WINDOWS\System32\dllcache\micross.ttf
[2011/10/30 15:24:07 | 000,039,274 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mem.exe
[2011/10/30 15:24:07 | 000,035,328 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mciqtz32.dll
[2011/10/30 15:24:07 | 000,024,124 | ---- | C] () -- C:\WINDOWS\System32\dllcache\marlett.ttf
[2011/10/30 15:24:06 | 000,643,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa
[2011/10/30 15:24:05 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2011/10/30 15:24:05 | 000,042,809 | ---- | C] () -- C:\WINDOWS\System32\dllcache\key01.sys
[2011/10/30 15:24:05 | 000,042,537 | ---- | C] () -- C:\WINDOWS\System32\dllcache\keyboard.sys
[2011/10/30 15:24:03 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2011/10/30 15:24:03 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2011/10/30 15:24:02 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2011/10/30 15:24:01 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ieencode.dll
[2011/10/30 15:23:57 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2011/10/30 15:23:56 | 000,165,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt53.dll
[2011/10/30 15:23:56 | 000,101,376 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt34.dll
[2011/10/30 15:23:56 | 000,093,696 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt42.dll
[2011/10/30 15:23:56 | 000,089,088 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt33.dll
[2011/10/30 15:23:56 | 000,083,968 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt21.dll
[2011/10/30 15:23:55 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2011/10/30 15:23:55 | 000,004,768 | ---- | C] () -- C:\WINDOWS\System32\dllcache\himem.sys
[2011/10/30 15:23:54 | 003,440,660 | ---- | C] () -- C:\WINDOWS\System32\dllcache\gm.dls
[2011/10/30 15:23:52 | 000,152,844 | ---- | C] () -- C:\WINDOWS\System32\dllcache\framdit.ttf
[2011/10/30 15:23:52 | 000,135,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\framd.ttf
[2011/10/30 15:23:52 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fpencode.dll
[2011/10/30 15:23:52 | 000,000,882 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fastopen.exe
[2011/10/30 15:23:51 | 000,097,965 | ---- | C] () -- C:\WINDOWS\System32\dllcache\evtquery.vbs
[2011/10/30 15:23:51 | 000,008,424 | ---- | C] () -- C:\WINDOWS\System32\dllcache\exe2bin.exe
[2011/10/30 15:23:50 | 000,356,352 | ---- | C] () -- C:\WINDOWS\System32\dllcache\encdec.dll
[2011/10/30 15:23:48 | 010,604,352 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ehcir.ird
[2011/10/30 15:23:48 | 000,498,205 | ---- | C] () -- C:\WINDOWS\System32\dllcache\dxmasf.dll
[2011/10/30 15:23:48 | 000,012,642 | ---- | C] () -- C:\WINDOWS\System32\dllcache\edlin.exe
[2011/10/30 15:23:47 | 000,055,296 | ---- | C] () -- C:\WINDOWS\System32\dllcache\dvdplay.exe
[2011/10/30 15:23:47 | 000,009,424 | ---- | C] () -- C:\WINDOWS\System32\dllcache\drvmain.sdb
[2011/10/30 15:23:46 | 000,053,840 | ---- | C] () -- C:\WINDOWS\System32\dllcache\dosx.exe
[2011/10/30 15:23:46 | 000,037,962 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaprop.dll
[2011/10/30 15:23:46 | 000,029,768 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divasu.dll
[2011/10/30 15:23:46 | 000,006,216 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaci.dll
[2011/10/30 15:23:45 | 000,059,904 | ---- | C] () -- C:\WINDOWS\System32\dllcache\devenum.dll
[2011/10/30 15:23:45 | 000,020,634 | ---- | C] () -- C:\WINDOWS\System32\dllcache\debug.exe
[2011/10/30 15:23:41 | 000,027,097 | ---- | C] () -- C:\WINDOWS\System32\dllcache\country.sys
[2011/10/30 15:23:40 | 000,252,928 | ---- | C] () -- C:\WINDOWS\System32\dllcache\compatui.dll
[2011/10/30 15:23:38 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2011/10/30 15:23:34 | 000,049,920 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtcap.sys
[2011/10/30 15:23:34 | 000,046,464 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atibt829.sys
[2011/10/30 15:23:34 | 000,026,880 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtsnd.sys
[2011/10/30 15:23:34 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativxbar.sys
[2011/10/30 15:23:34 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atixbar.sys
[2011/10/30 15:23:34 | 000,019,456 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativttxx.sys
[2011/10/30 15:23:34 | 000,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitvsnd.sys
[2011/10/30 15:23:34 | 000,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitunep.sys
[2011/10/30 15:23:34 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atipcxxx.sys
[2011/10/30 15:23:34 | 000,009,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativmdcd.sys
[2011/10/30 15:23:33 | 000,759,966 | ---- | C] () -- C:\WINDOWS\System32\dllcache\apph_sp.sdb
[2011/10/30 15:23:33 | 000,216,862 | ---- | C] () -- C:\WINDOWS\System32\dllcache\apphelp.sdb
[2011/10/30 15:23:33 | 000,079,996 | ---- | C] () -- C:\WINDOWS\System32\dllcache\apps.chm
[2011/10/30 15:23:33 | 000,012,498 | ---- | C] () -- C:\WINDOWS\System32\dllcache\append.exe
[2011/10/30 15:23:33 | 000,009,029 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ansi.sys
[2011/10/30 15:23:32 | 000,070,656 | ---- | C] () -- C:\WINDOWS\System32\dllcache\amstream.dll
[2011/10/30 15:23:28 | 000,007,116 | ---- | C] () -- C:\WINDOWS\System32\drivers\etc\services
[2011/10/30 15:23:28 | 000,002,233 | ---- | C] () -- C:\WINDOWS\System32\dllcache\12520850.cpx
[2011/10/30 15:23:28 | 000,002,151 | ---- | C] () -- C:\WINDOWS\System32\dllcache\12520437.cpx
[2011/10/30 15:23:28 | 000,000,799 | ---- | C] () -- C:\WINDOWS\System32\drivers\etc\protocol
[2011/10/30 15:23:28 | 000,000,407 | ---- | C] () -- C:\WINDOWS\System32\drivers\etc\networks
[2011/10/30 15:23:27 | 000,439,794 | ---- | C] () -- C:\WINDOWS\System32\drivers\etc\hosts-22Oct2011.bak
[2011/10/30 15:23:27 | 000,439,794 | ---- | C] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011/10/30 15:23:27 | 000,439,701 | ---- | C] () -- C:\WINDOWS\System32\drivers\etc\Last hosts.bak
[2011/10/30 15:23:27 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[2011/10/30 15:23:27 | 000,003,683 | ---- | C] () -- C:\WINDOWS\System32\drivers\etc\lmhosts.sam
[2011/10/30 15:23:27 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\drivers\etc\lmhosts
[2011/10/30 15:23:24 | 003,440,660 | ---- | C] () -- C:\WINDOWS\System32\drivers\gm.dls
[2011/10/30 15:23:23 | 001,114,674 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativcaxx.cpa
[2011/10/30 15:23:23 | 000,058,560 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativckxx.vp
[2011/10/30 15:23:23 | 000,027,952 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativvpxx.vp
[2011/10/30 15:23:23 | 000,000,929 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativcaxx.vp
[2011/10/30 15:22:53 | 000,004,212 | -H-- | C] () -- C:\WINDOWS\System32\zllictbl.dat
[2011/10/30 15:22:52 | 000,240,640 | ---- | C] () -- C:\WINDOWS\System32\wstrenderer.ax
[2011/10/30 15:22:52 | 000,167,936 | ---- | C] () -- C:\WINDOWS\System32\wstpager.ax
[2011/10/30 15:22:51 | 000,001,170 | ---- | C] () -- C:\WINDOWS\System32\wpa.dbl
[2011/10/30 15:22:47 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc
[2011/10/30 15:22:46 | 000,018,944 | ---- | C] () -- C:\WINDOWS\System32\WLTRYSVC.EXE
[2011/10/30 15:22:45 | 001,326,080 | ---- | C] () -- C:\WINDOWS\System32\webfldrs.msi
[2011/10/30 15:22:45 | 000,040,448 | ---- | C] () -- C:\WINDOWS\System32\wiasf.ax
[2011/10/30 15:22:45 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\wdl.trm
[2011/10/30 15:22:44 | 001,309,184 | ---- | C] () -- C:\WINDOWS\System32\wbdbase.deu
[2011/10/30 15:22:44 | 001,095,680 | ---- | C] () -- C:\WINDOWS\System32\wbdbase.nld
[2011/10/30 15:22:44 | 000,957,440 | ---- | C] () -- C:\WINDOWS\System32\wbdbase.enu
[2011/10/30 15:22:44 | 000,937,984 | ---- | C] () -- C:\WINDOWS\System32\wbdbase.sve
[2011/10/30 15:22:44 | 000,867,840 | ---- | C] () -- C:\WINDOWS\System32\wbdbase.ita
[2011/10/30 15:22:44 | 000,786,944 | ---- | C] () -- C:\WINDOWS\System32\wbdbase.fra
[2011/10/30 15:22:44 | 000,750,080 | ---- | C] () -- C:\WINDOWS\System32\wbdbase.esn
[2011/10/30 15:22:44 | 000,065,489 | ---- | C] () -- C:\WINDOWS\System32\wbcache.sve
[2011/10/30 15:22:44 | 000,065,489 | ---- | C] () -- C:\WINDOWS\System32\wbcache.nld
[2011/10/30 15:22:44 | 000,065,489 | ---- | C] () -- C:\WINDOWS\System32\wbcache.ita
[2011/10/30 15:22:44 | 000,065,489 | ---- | C] () -- C:\WINDOWS\System32\wbcache.fra
[2011/10/30 15:22:44 | 000,065,489 | ---- | C] () -- C:\WINDOWS\System32\wbcache.esn
[2011/10/30 15:22:44 | 000,065,489 | ---- | C] () -- C:\WINDOWS\System32\wbcache.enu
[2011/10/30 15:22:44 | 000,065,489 | ---- | C] () -- C:\WINDOWS\System32\wbcache.deu
[2011/10/30 15:22:43 | 000,352,606 | -H-- | C] () -- C:\WINDOWS\System32\vsconfig.xml
[2011/10/30 15:22:43 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\VBICodec.ax
[2011/10/30 15:22:43 | 000,018,832 | ---- | C] () -- C:\WINDOWS\System32\v7vga.rom
[2011/10/30 15:22:43 | 000,001,161 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2011/10/30 15:22:43 | 000,000,872 | ---- | C] () -- C:\WINDOWS\System32\VGASwitcher.lnk
[2011/10/30 15:22:43 | 000,000,145 | ---- | C] () -- C:\WINDOWS\System32\VGASwitch.bat
[2011/10/30 15:22:43 | 000,000,075 | ---- | C] () -- C:\WINDOWS\System32\View Channels.scf
[2011/10/30 15:22:42 | 000,172,032 | R--- | C] () -- C:\WINDOWS\System32\tifmicon.dll
[2011/10/30 15:22:42 | 000,164,864 | ---- | C] () -- C:\WINDOWS\System32\UNWISE.EXE
[2011/10/30 15:22:42 | 000,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h
[2011/10/30 15:22:42 | 000,000,862 | ---- | C] () -- C:\WINDOWS\System32\termcap
[2011/10/30 15:22:41 | 000,003,577 | ---- | C] () -- C:\WINDOWS\System32\sysprtj.sep
[2011/10/30 15:22:41 | 000,003,214 | ---- | C] () -- C:\WINDOWS\System32\sysprint.sep
[2011/10/30 15:22:41 | 000,002,752 | ---- | C] () -- C:\WINDOWS\System32\Status.MPF
[2011/10/30 15:22:41 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\sysprs7.tgz
[2011/10/30 15:22:41 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\sysprs7.dll
[2011/10/30 15:22:41 | 000,000,087 | ---- | C] () -- C:\WINDOWS\System32\ssprs.tgz
[2011/10/30 15:22:41 | 000,000,073 | ---- | C] () -- C:\WINDOWS\System32\ssprs.dll
[2011/10/30 15:22:41 | 000,000,060 | ---- | C] () -- C:\WINDOWS\System32\SYSDRV.DAT
[2011/10/30 15:22:40 | 000,046,133 | ---- | C] () -- C:\WINDOWS\System32\sqlsodbc.chm
[2011/10/30 15:22:37 | 000,240,120 | ---- | C] () -- C:\WINDOWS\System32\setup.bmp
[2011/10/30 15:22:37 | 000,036,364 | ---- | C] () -- C:\WINDOWS\System32\secpol.msc
[2011/10/30 15:22:37 | 000,033,464 | ---- | C] () -- C:\WINDOWS\System32\services.msc
[2011/10/30 15:22:37 | 000,007,208 | ---- | C] () -- C:\WINDOWS\System32\secupd.sig
[2011/10/30 15:22:37 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2011/10/30 15:22:36 | 000,044,451 | ---- | C] () -- C:\WINDOWS\System32\rsop.msc
[2011/10/30 15:22:36 | 000,003,178 | ---- | C] () -- C:\WINDOWS\System32\rsvpcnts.h
[2011/10/30 15:22:36 | 000,003,167 | ---- | C] () -- C:\WINDOWS\System32\rsaci.rat
[2011/10/30 15:22:35 | 000,239,104 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2011/10/30 15:22:35 | 000,224,256 | ---- | C] () -- C:\WINDOWS\System32\psisrndr.ax
[2011/10/30 15:22:35 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\preflib.dll
[2011/10/30 15:22:35 | 000,035,755 | ---- | C] () -- C:\WINDOWS\System32\prncnfg.vbs
[2011/10/30 15:22:35 | 000,032,546 | ---- | C] () -- C:\WINDOWS\System32\prnmngr.vbs
[2011/10/30 15:22:35 | 000,029,454 | ---- | C] () -- C:\WINDOWS\System32\prnport.vbs
[2011/10/30 15:22:35 | 000,025,415 | ---- | C] () -- C:\WINDOWS\System32\prndrvr.vbs
[2011/10/30 15:22:35 | 000,021,527 | ---- | C] () -- C:\WINDOWS\System32\prnjobs.vbs
[2011/10/30 15:22:35 | 000,015,860 | ---- | C] () -- C:\WINDOWS\System32\prnqctl.vbs
[2011/10/30 15:22:35 | 000,003,708 | ---- | C] () -- C:\WINDOWS\System32\pubprn.vbs
[2011/10/30 15:22:35 | 000,003,010 | ---- | C] () -- C:\WINDOWS\System32\pschdcnt.h
[2011/10/30 15:22:35 | 000,001,818 | ---- | C] () -- C:\WINDOWS\System32\rasctrnm.h
[2011/10/30 15:22:35 | 000,000,435 | ---- | C] () -- C:\WINDOWS\System32\perfwci.h
[2011/10/30 15:22:35 | 000,000,051 | ---- | C] () -- C:\WINDOWS\System32\pscript.sep
[2011/10/30 15:22:34 | 000,402,930 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2011/10/30 15:22:34 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2011/10/30 15:22:34 | 000,167,219 | ---- | C] () -- C:\WINDOWS\System32\pagefileconfig.vbs
[2011/10/30 15:22:34 | 000,063,110 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2011/10/30 15:22:34 | 000,058,273 | ---- | C] () -- C:\WINDOWS\System32\perfmon.msc
[2011/10/30 15:22:34 | 000,051,656 | ---- | C] () -- C:\WINDOWS\System32\OEMLOGO.bmp
[2011/10/30 15:22:34 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2011/10/30 15:22:34 | 000,007,208 | ---- | C] () -- C:\WINDOWS\System32\oembios.sig
[2011/10/30 15:22:34 | 000,005,151 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2011/10/30 15:22:34 | 000,001,280 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2011/10/30 15:22:34 | 000,000,427 | ---- | C] () -- C:\WINDOWS\System32\perfci.h
[2011/10/30 15:22:34 | 000,000,140 | ---- | C] () -- C:\WINDOWS\System32\perffilt.h
[2011/10/30 15:22:34 | 000,000,114 | ---- | C] () -- C:\WINDOWS\System32\pcl.sep
[2011/10/30 15:22:30 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2011/10/30 15:22:30 | 000,004,310 | ---- | C] () -- C:\WINDOWS\System32\odbcconf.rsp
[2011/10/30 15:22:29 | 000,048,794 | ---- | C] () -- C:\WINDOWS\System32\ntimage.gif
[2011/10/30 15:22:29 | 000,032,968 | ---- | C] () -- C:\WINDOWS\System32\ntmsoprq.msc
[2011/10/30 15:22:29 | 000,026,209 | ---- | C] () -- C:\WINDOWS\System32\ntmsmgr.msc
[2011/10/30 15:22:28 | 000,149,848 | ---- | C] () -- C:\WINDOWS\System32\noise.deu
[2011/10/30 15:22:28 | 000,049,196 | ---- | C] () -- C:\WINDOWS\System32\noise.fra
[2011/10/30 15:22:28 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2011/10/30 15:22:28 | 000,019,684 | ---- | C] () -- C:\WINDOWS\System32\noise.esn
[2011/10/30 15:22:28 | 000,019,618 | ---- | C] () -- C:\WINDOWS\System32\noise.ita
[2011/10/30 15:22:28 | 000,013,730 | ---- | C] () -- C:\WINDOWS\System32\noise.sve
[2011/10/30 15:22:28 | 000,013,256 | ---- | C] () -- C:\WINDOWS\System32\noise.nld
[2011/10/30 15:22:28 | 000,001,696 | ---- | C] () -- C:\WINDOWS\System32\noise.cht
[2011/10/30 15:22:28 | 000,001,696 | ---- | C] () -- C:\WINDOWS\System32\noise.chs
[2011/10/30 15:22:28 | 000,000,751 | ---- | C] () -- C:\WINDOWS\System32\noise.enu
[2011/10/30 15:22:28 | 000,000,751 | ---- | C] () -- C:\WINDOWS\System32\noise.eng
[2011/10/30 15:22:28 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2011/10/30 15:22:28 | 000,000,697 | ---- | C] () -- C:\WINDOWS\System32\noise.tha
[2011/10/30 15:22:27 | 000,011,452 | ---- | C] () -- C:\WINDOWS\System32\mypixdx.chm
[2011/10/30 15:22:25 | 000,064,512 | ---- | C] () -- C:\WINDOWS\System32\msnp.ax
[2011/10/30 15:22:25 | 000,001,928 | ---- | C] () -- C:\WINDOWS\System32\MSMINI.DLL
[2011/10/30 15:22:23 | 000,844,314 | ---- | C] () -- C:\WINDOWS\System32\msdxm.ocx
[2011/10/30 15:22:23 | 000,058,368 | ---- | C] () -- C:\WINDOWS\System32\Msdvbnp.ax
[2011/10/30 15:22:22 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\mpg2splt.ax
[2011/10/30 15:22:22 | 000,002,755 | ---- | C] () -- C:\WINDOWS\System32\mqprfsym.h
[2011/10/30 15:22:22 | 000,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h
[2011/10/30 15:22:21 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2011/10/30 15:22:21 | 000,062,976 | ---- | C] () -- C:\WINDOWS\System32\mpeg2data.ax
[2011/10/30 15:22:21 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2011/10/30 15:22:21 | 000,001,492 | ---- | C] () -- C:\WINDOWS\System32\mmdriver.inf
[2011/10/30 15:22:19 | 000,042,166 | ---- | C] () -- C:\WINDOWS\System32\lusrmgr.msc
[2011/10/30 15:22:19 | 000,000,487 | ---- | C] () -- C:\WINDOWS\System32\login.cmd
[2011/10/30 15:22:19 | 000,000,219 | ---- | C] () -- C:\WINDOWS\System32\lsprst7.tgz
[2011/10/30 15:22:19 | 000,000,205 | ---- | C] () -- C:\WINDOWS\System32\lsprst7.dll
[2011/10/30 15:22:18 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\jesterss.dll
[2011/10/30 15:22:18 | 000,000,131 | ---- | C] () -- C:\WINDOWS\System32\JSS3E.bat
[2011/10/30 15:22:17 | 000,956,990 | ---- | C] () -- C:\WINDOWS\System32\instcat.sql
[2011/10/30 15:22:15 | 000,352,256 | ---- | C] () -- C:\WINDOWS\System32\HotlineClient.exe
[2011/10/30 15:22:15 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[2011/10/30 15:22:15 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\hdsuinst.exe
[2011/10/30 15:22:15 | 000,023,024 | ---- | C] () -- C:\WINDOWS\System32\ieuinit.inf
[2011/10/30 15:22:15 | 000,000,929 | ---- | C] () -- C:\WINDOWS\System32\homepage.inf
[2011/10/30 15:22:15 | 000,000,897 | ---- | C] () -- C:\WINDOWS\System32\Hotline.lgg
[2011/10/30 15:22:14 | 001,239,209 | ---- | C] () -- C:\WINDOWS\System32\gtw_logo.scr
[2011/10/30 15:22:14 | 000,034,871 | ---- | C] () -- C:\WINDOWS\System32\gpedit.msc
[2011/10/30 15:22:14 | 000,032,760 | ---- | C] () -- C:\WINDOWS\System32\fsmgmt.msc
[2011/10/30 15:22:14 | 000,021,232 | ---- | C] () -- C:\WINDOWS\System32\graphics.pro
[2011/10/30 15:22:14 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\Gateway_MX6448_Rev.1_RL71296110024.MRK
[2011/10/30 15:22:13 | 000,152,384 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/10/30 15:22:13 | 000,097,965 | ---- | C] () -- C:\WINDOWS\System32\eventquery.vbs
[2011/10/30 15:22:13 | 000,056,678 | ---- | C] () -- C:\WINDOWS\System32\eventvwr.msc
[2011/10/30 15:22:13 | 000,006,708 | ---- | C] () -- C:\WINDOWS\System32\esentprf.hxx
[2011/10/30 15:22:11 | 000,127,213 | ---- | C] () -- C:\WINDOWS\System32\ega.cpi
[2011/10/30 15:22:11 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011/10/30 15:22:11 | 000,000,520 | ---- | C] () -- C:\WINDOWS\System32\emver.ini
[2011/10/30 15:22:10 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2011/10/30 15:22:10 | 000,000,081 | ---- | C] () -- C:\WINDOWS\System32\dsound.vxd
[2011/10/30 15:22:09 | 000,041,397 | ---- | C] () -- C:\WINDOWS\System32\dfrg.msc
[2011/10/30 15:22:09 | 000,033,673 | ---- | C] () -- C:\WINDOWS\System32\diskmgmt.msc
[2011/10/30 15:22:09 | 000,033,079 | ---- | C] () -- C:\WINDOWS\System32\devmgmt.msc
[2011/10/30 15:22:09 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2011/10/30 15:22:06 | 000,071,859 | ---- | C] () -- C:\WINDOWS\System32\cliconf.chm
[2011/10/30 15:22:06 | 000,040,505 | ---- | C] () -- C:\WINDOWS\System32\cmdlib.wsc
[2011/10/30 15:22:06 | 000,038,302 | ---- | C] () -- C:\WINDOWS\System32\compmgmt.msc
[2011/10/30 15:22:06 | 000,002,577 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT
[2011/10/30 15:22:06 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\clauth2.dll
[2011/10/30 15:22:06 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\clauth1.dll
[2011/10/30 15:22:06 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\cmos.ram
[2011/10/30 15:22:05 | 000,042,339 | ---- | C] () -- C:\WINDOWS\System32\certmgr.msc
[2011/10/30 15:22:05 | 000,041,762 | ---- | C] () -- C:\WINDOWS\System32\ciadv.msc
[2011/10/30 15:22:05 | 000,028,420 | ---- | C] () -- C:\WINDOWS\System32\bios1.rom
[2011/10/30 15:22:05 | 000,008,191 | ---- | C] () -- C:\WINDOWS\System32\bios4.rom
[2011/10/30 15:22:04 | 000,757,760 | ---- | C] () -- C:\WINDOWS\System32\bcm1xsup.dll
[2011/10/30 15:22:04 | 000,001,688 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2011/10/30 15:22:00 | 000,125,796 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2011/10/30 15:22:00 | 000,006,005 | ---- | C] () -- C:\WINDOWS\System32\atifglpf.xml
[2011/10/30 15:21:59 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2011/10/30 15:21:59 | 000,002,233 | ---- | C] () -- C:\WINDOWS\System32\12520850.cpx
[2011/10/30 15:21:59 | 000,002,151 | ---- | C] () -- C:\WINDOWS\System32\12520437.cpx
[2011/10/30 15:21:59 | 000,000,333 | ---- | C] () -- C:\WINDOWS\System32\$ncsp$.inf
[2011/10/30 15:21:59 | 000,000,284 | ---- | C] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/10/30 15:21:59 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf
[2011/10/30 15:21:45 | 000,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2011/10/30 15:21:45 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2011/10/30 15:21:45 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2011/10/30 15:21:45 | 000,024,576 | ---- | C] () -- C:\WINDOWS\VMPipe.dll
[2011/10/30 15:21:45 | 000,003,930 | ---- | C] () -- C:\WINDOWS\vm303.mid
[2011/10/30 15:21:45 | 000,000,707 | ---- | C] () -- C:\WINDOWS\_default.pif
[2011/10/30 15:21:45 | 000,000,102 | ---- | C] () -- C:\WINDOWS\VSWizard.ini
[2011/10/30 15:21:45 | 000,000,000 | ---- | C] () -- C:\WINDOWS\TempFile
[2011/10/30 15:21:44 | 000,016,360 | ---- | C] () -- C:\WINDOWS\chimes.INI
[2011/10/30 15:21:44 | 000,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2011/10/30 15:21:44 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011/10/30 15:21:44 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011/10/30 15:21:44 | 000,001,355 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2011/10/30 15:21:44 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2011/10/30 15:21:44 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2011/10/30 15:21:44 | 000,000,080 | ---- | C] () -- C:\WINDOWS\explorer.scf
[2011/10/30 15:21:44 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2011/10/30 15:21:44 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2011/10/30 15:21:44 | 000,000,034 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2011/10/30 15:21:44 | 000,000,018 | -H-- | C] () -- C:\WINDOWS\8g5rfft1f4u2p8x
[2011/10/30 15:21:44 | 000,000,018 | -H-- | C] () -- C:\WINDOWS\8g5rf7y1ecv8v5b
[2011/10/30 15:21:44 | 000,000,018 | -H-- | C] () -- C:\WINDOWS\8g5rf5b7x4u2p8x
[2011/10/30 15:21:44 | 000,000,008 | ---- | C] () -- C:\WINDOWS\New.flg
[2011/10/30 15:21:44 | 000,000,004 | ---- | C] () -- C:\WINDOWS\Pix11.dat
[2011/10/30 15:21:44 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2011/10/30 15:21:44 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SMMVSplitter.INI
[2011/10/30 15:18:01 | 000,001,789 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\DiscWelder Chrome 2.0.6.lnk
[2011/10/30 15:18:01 | 000,001,592 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AudioGate 2.1.0.3.lnk
[2011/10/30 15:18:01 | 000,000,987 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Turn Off Monitor.ini
[2011/10/30 15:18:01 | 000,000,645 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\TrueCrypt.lnk
[2011/10/30 15:18:01 | 000,000,040 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\.zreglib
[2011/10/30 15:17:57 | 000,001,830 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Apple Software Update.lnk
[2011/10/30 15:17:57 | 000,001,608 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Turn Off Monitor.lnk
[2011/10/30 15:17:57 | 000,001,123 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WDSmartWare.lnk
[2011/10/30 15:17:57 | 000,001,062 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WDDMStatus.lnk
[2011/10/30 15:17:57 | 000,000,787 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\foobar2000.lnk
[2011/10/30 15:17:57 | 000,000,695 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\eBoostr Control Panel.lnk
[2011/10/30 15:17:57 | 000,000,690 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\EBstrSvc.lnk
[2011/10/30 15:17:57 | 000,000,626 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Wireless SecureEasySetup.lnk
[2011/10/30 15:17:57 | 000,000,440 | RHS- | C] () -- C:\Documents and Settings\All Users\ntuser.pol
[2011/10/30 15:17:39 | 000,001,674 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Application Data\Microsoft\Internet Explorer\Quick Launch\ConvertXtoDvd.lnk
[2011/10/30 15:17:39 | 000,001,552 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/10/30 15:17:39 | 000,001,551 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Application Data\Microsoft\Internet Explorer\Quick Launch\ImgBurn.lnk
[2011/10/30 15:17:39 | 000,001,550 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Application Data\Microsoft\Internet Explorer\Quick Launch\MRU Blaster.lnk
[2011/10/30 15:17:39 | 000,001,483 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Application Data\Microsoft\Internet Explorer\Quick Launch\Media Center.lnk
[2011/10/30 15:17:39 | 000,001,459 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Application Data\Microsoft\Internet Explorer\Quick Launch\Clean.lnk
[2011/10/30 15:17:39 | 000,001,143 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Application Data\Microsoft\Internet Explorer\Quick Launch\RS-2011.lnk
[2011/10/30 15:17:39 | 000,000,850 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Application Data\Microsoft\Internet Explorer\Quick Launch\ConvertXtoDVD 4.lnk
[2011/10/30 15:17:39 | 000,000,825 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2011/10/30 15:17:39 | 000,000,805 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Application Data\Microsoft\Internet Explorer\Quick Launch\iZotope RX.lnk
[2011/10/30 15:17:39 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/10/30 15:17:39 | 000,000,729 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Application Data\Microsoft\Internet Explorer\Quick Launch\foobar2000.lnk
[2011/10/30 15:17:39 | 000,000,693 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Application Data\Microsoft\Internet Explorer\Quick Launch\DVD Shrink.lnk
[2011/10/30 15:17:39 | 000,000,686 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Application Data\Microsoft\Internet Explorer\Quick Launch\WavPack.lnk
[2011/10/30 15:17:39 | 000,000,662 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Application Data\Microsoft\Internet Explorer\Quick Launch\Exact Audio Copy.lnk
[2011/10/30 15:17:39 | 000,000,654 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Application Data\Microsoft\Internet Explorer\Quick Launch\FLAC.lnk
[2011/10/30 15:17:39 | 000,000,079 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2011/10/30 15:17:35 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Application Data\pcouffin.cat
[2011/10/30 15:17:35 | 000,002,688 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Application Data\dvdae.config
[2011/10/30 15:17:35 | 000,002,491 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Desktop\System Restore.lnk
[2011/10/30 15:17:35 | 000,001,830 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Desktop\Surcode mlp 1.0.29.lnk
[2011/10/30 15:17:35 | 000,001,786 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Desktop\YahooMsgr.lnk
[2011/10/30 15:17:35 | 000,001,749 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Desktop\Weiss Saracon 01.61-27.lnk
[2011/10/30 15:17:35 | 000,001,681 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Desktop\Taskkill.lnk
[2011/10/30 15:17:35 | 000,001,673 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Desktop\Windows Media Player.lnk
[2011/10/30 15:17:35 | 000,001,608 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Desktop\Turn Off Monitor.lnk
[2011/10/30 15:17:35 | 000,001,596 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Desktop\WavPack 4.60.1.lnk
[2011/10/30 15:17:35 | 000,001,571 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Desktop\VideoReDo TVSuite.lnk
[2011/10/30 15:17:35 | 000,001,568 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Desktop\Temp-LocalSettings.lnk
[2011/10/30 15:17:35 | 000,001,540 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Desktop\Torrents.lnk
[2011/10/30 15:17:35 | 000,001,517 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Desktop\WinRar 3.71.lnk
[2011/10/30 15:17:35 | 000,001,446 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Desktop\Yahoo Messenger Send.lnk
[2011/10/30 15:17:35 | 000,001,376 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Desktop\Temp Audacity.lnk
[2011/10/30 15:17:35 | 000,001,348 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Desktop\WinTemp.lnk
[2011/10/30 15:17:35 | 000,001,312 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Desktop\Temporary Internet.lnk
[2011/10/30 15:17:35 | 000,001,254 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Desktop\TempAll.lnk
[2011/10/30 15:17:35 | 000,001,233 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Desktop\uTorrent Cache.lnk
[2011/10/30 15:17:35 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Application Data\pcouffin.inf
[2011/10/30 15:17:35 | 000,001,143 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Desktop\z Bookmarks.lnk
[2011/10/30 15:17:35 | 000,000,974 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Desktop\Surcode DvdDTS 1.0.21.lnk
[2011/10/30 15:17:35 | 000,000,903 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Desktop\WMA Lossless Audio Converter.lnk
[2011/10/30 15:17:35 | 000,000,688 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Desktop\tsMuxer 1.10.6.lnk
[2011/10/30 15:17:35 | 000,000,671 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Desktop\VUMeter.lnk
[2011/10/30 15:17:34 | 000,001,955 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Desktop\Nero Burning ROM.lnk
[2011/10/30 15:17:34 | 000,001,935 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Desktop\Jagged Alliance.lnk
[2011/10/30 15:17:34 | 000,001,742 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Desktop\Startup All Users.lnk
[2011/10/30 15:17:34 | 000,001,736 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Desktop\Startup.lnk
[2011/10/30 15:17:34 | 000,001,720 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Desktop\r8brain PRO 1.5.lnk
[2011/10/30 15:17:34 | 000,001,657 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Desktop\AudioChecker.lnk
[2011/10/30 15:17:34 | 000,001,654 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Desktop\Internet Explorer.lnk
[2011/10/30 15:17:34 | 000,001,630 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Desktop\DvdaExplorer 2008.07.21.3.lnk
[2011/10/30 15:17:34 | 000,001,625 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Desktop\Flac-Pass.lnk
[2011/10/30 15:17:34 | 000,001,617 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Desktop\MKVExtract.lnk
[2011/10/30 15:17:34 | 000,001,609 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Desktop\AudioTester 1.6.lnk
[2011/10/30 15:17:34 | 000,001,605 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Desktop\Modem Settings.lnk
[2011/10/30 15:17:34 | 000,001,601 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Desktop\EncWAV AC3.lnk
[2011/10/30 15:17:34 | 000,001,601 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Desktop\Audacity.lnk
[2011/10/30 15:17:34 | 000,001,584 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Desktop\Nomadfactory PDF.lnk
[2011/10/30 15:17:34 | 000,001,576 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Desktop\Lossless.lnk
[2011/10/30 15:17:34 | 000,001,567 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Desktop\MagicISO.lnk
[2011/10/30 15:17:34 | 000,001,565 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Desktop\EasyCapture.lnk
[2011/10/30 15:17:34 | 000,001,554 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Desktop\MkvToolnix 3.30.lnk
[2011/10/30 15:17:34 | 000,001,523 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Desktop\MediaInfo3.lnk
[2011/10/30 15:17:34 | 000,001,523 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Desktop\MediaInfo2.lnk
[2011/10/30 15:17:34 | 000,001,523 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Desktop\MediaInfo.lnk
[2011/10/30 15:17:34 | 000,001,506 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Desktop\Hosts.lnk
[2011/10/30 15:17:34 | 000,001,504 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Desktop\MediaPlayer Classic.lnk
[2011/10/30 15:17:34 | 000,001,477 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Desktop\Audiobooks.lnk
[2011/10/30 15:17:34 | 000,001,471 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Desktop\Recent .lnk
[2011/10/30 15:17:34 | 000,001,471 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Desktop\Programs.lnk
[2011/10/30 15:17:34 | 000,001,467 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Desktop\ DVDA Discs.lnk
[2011/10/30 15:17:34 | 000,001,453 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Desktop\FLAC.lnk
[2011/10/30 15:17:34 | 000,001,425 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Desktop\Ping.lnk
[2011/10/30 15:17:34 | 000,001,407 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Desktop\SACD To Wav.lnk
[2011/10/30 15:17:34 | 000,001,385 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Desktop\ICO Collection.lnk
[2011/10/30 15:17:34 | 000,001,378 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Desktop\MLP.lnk
[2011/10/30 15:17:34 | 000,001,370 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Desktop\IDM Downloads.lnk
[2011/10/30 15:17:34 | 000,001,317 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Desktop\Program Files.lnk
[2011/10/30 15:17:34 | 000,001,241 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Desktop\LinkGrabber.lnk
[2011/10/30 15:17:34 | 000,001,178 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Desktop\Local Disk ©.lnk
[2011/10/30 15:17:34 | 000,001,175 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Desktop\FireFox.lnk
[2011/10/30 15:17:34 | 000,001,160 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Desktop\RamDisk (L) (1024Mb).lnk
[2011/10/30 15:17:34 | 000,001,150 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Desktop\iZOzone4 .pdf.lnk
[2011/10/30 15:17:34 | 000,000,883 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Desktop\BlazeVideo Music DVD Creator 2.0.3.451.lnk
[2011/10/30 15:17:34 | 000,000,876 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Desktop\SolveigMM Video Splitter.lnk
[2011/10/30 15:17:34 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Desktop\iShuffle.lnk
[2011/10/30 15:17:34 | 000,000,787 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Desktop\iZotope RX Advanced 2.00.253.lnk
[2011/10/30 15:17:34 | 000,000,781 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Desktop\Application Data.lnk
[2011/10/30 15:17:34 | 000,000,769 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Desktop\DVD Audio Extractor 5.3.0.lnk
[2011/10/30 15:17:34 | 000,000,711 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Desktop\foobar2000.lnk
[2011/10/30 15:17:34 | 000,000,688 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Desktop\MP3 Gain.lnk
[2011/10/30 15:17:34 | 000,000,687 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Desktop\BitComet.lnk
[2011/10/30 15:17:34 | 000,000,687 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Desktop\Audiograbber.lnk
[2011/10/30 15:17:34 | 000,000,676 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Desktop\MKV_Listing2.lnk
[2011/10/30 15:17:34 | 000,000,676 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Desktop\MKV_Listing1.lnk
[2011/10/30 15:17:34 | 000,000,671 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Desktop\iPod 5th Gen YamiPod.lnk
[2011/10/30 15:17:34 | 000,000,609 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Desktop\GAMES.lnk
[2011/10/30 15:17:34 | 000,000,571 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Desktop\Movies.lnk
[2011/10/30 15:17:34 | 000,000,525 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Desktop\Steinberg VST.lnk
[2011/10/30 15:17:34 | 000,000,438 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Desktop\Shortcut to GatewayBAK.lnk
[2011/10/30 15:17:34 | 000,000,412 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Desktop\Local Area Connection.lnk
[2011/10/30 15:17:34 | 000,000,261 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Desktop\G_Bookmarks.lnk
[2011/10/30 15:17:34 | 000,000,165 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Desktop\0 Eac3to Source_2_Wavs.bat
[2011/10/30 15:17:13 | 000,269,208 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Local Settings\Application Data\census.cache
[2011/10/30 15:17:13 | 000,204,636 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Local Settings\Application Data\ars.cache
[2011/10/30 15:17:13 | 000,001,456 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Local Settings\Application Data\Adobe Save for Web 12.0 Prefs
[2011/10/30 15:17:13 | 000,000,138 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Local Settings\Application Data\fusioncache.dat
[2011/10/30 15:17:08 | 000,005,450 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\My Documents\Randy.theme
[2011/10/30 15:17:08 | 000,000,715 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\My Documents\z (SC) Projects.lnk
[2011/10/30 15:17:08 | 000,000,674 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\My Documents\Z_Movies.lnk
[2011/10/30 15:17:08 | 000,000,614 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\My Documents\z Foobar-Presets.lnk
[2011/10/30 15:17:08 | 000,000,186 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\My Documents\z SD DISK (G).lnk
[2011/10/30 15:17:08 | 000,000,144 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\My Documents\downmix.dwn
[2011/10/30 15:17:08 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\Owner.Gateway2k\My Documents\Default.rdp
[2011/10/30 15:17:07 | 000,001,599 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Start Menu\Programs\Remote Assistance.lnk
[2011/10/30 15:17:07 | 000,000,797 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Start Menu\Programs\Windows Media Player.lnk
[2011/10/30 15:17:07 | 000,000,772 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Start Menu\Programs\Internet Explorer.lnk
[2011/10/30 15:17:07 | 000,000,743 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Start Menu\Programs\Outlook Express.lnk
[2011/10/30 08:54:16 | 000,000,326 | ---- | C] () -- C:\Documents and Settings\Owner.Gateway2k\Desktop\Seeding.lnk
[2011/10/30 05:51:46 | 001,364,101 | ---- | C] () -- C:\Program Files\aesetup2.5.zip
[2011/10/29 11:45:50 | 000,000,017 | ---- | C] () -- C:\Program Files\stinger10.2.0.351.opt
[2011/10/17 18:08:58 | 000,000,072 | ---- | C] () -- C:\Program Files\stinger10.2.0.325.opt
[2011/10/13 00:39:44 | 000,000,209 | ---- | C] () -- C:\Boot.bak
[2011/10/13 00:39:39 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2011/10/11 15:38:53 | 000,000,029 | ---- | C] () -- C:\Fat2NTSC.bat
[2011/10/05 05:27:06 | 000,000,103 | ---- | C] () -- C:\Program Files\stinger10.2.0.302.opt
[2011/05/02 14:57:52 | 000,502,752 | R--- | C] () -- C:\Program Files\Conflicker Removal Tool.exe
[2011/03/13 09:12:12 | 000,090,112 | R--- | C] () -- C:\Program Files\TurnOffMonitor.exe

========== LOP Check ==========

[2011/10/30 15:18:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BlazeVideo
[2011/10/30 15:18:22 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2011/10/30 15:18:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Doctor Web
[2011/10/30 13:21:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\eboostr
[2011/10/30 15:18:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2011/10/30 15:18:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Minnetonka Audio Software
[2011/10/30 15:18:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SlySoft
[2011/10/30 15:18:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2011/10/30 15:18:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Western Digital
[2011/10/30 15:18:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WildTangent
[2011/10/30 15:18:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}xxx
[2011/10/30 15:17:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.Gateway2k\Application Data\Audacity
[2011/10/30 15:17:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.Gateway2k\Application Data\AudioGate
[2011/10/30 15:17:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.Gateway2k\Application Data\AVG2012
[2011/10/30 13:18:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.Gateway2k\Application Data\BitComet
[2011/10/30 15:17:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.Gateway2k\Application Data\BitTorrent
[2011/10/30 13:12:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.Gateway2k\Application Data\DMCache
[2011/10/30 15:17:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.Gateway2k\Application Data\foobar2000
[2011/10/30 15:17:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.Gateway2k\Application Data\IconChanger
[2011/10/30 15:17:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.Gateway2k\Application Data\IDM
[2011/10/30 15:17:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.Gateway2k\Application Data\ImgBurn
[2011/10/30 15:17:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.Gateway2k\Application Data\iZotope
[2011/10/30 15:17:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.Gateway2k\Application Data\mkvtoolnix
[2011/10/30 15:17:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.Gateway2k\Application Data\rockbox.org
[2011/10/30 15:17:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.Gateway2k\Application Data\SampleView
[2011/10/30 15:17:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.Gateway2k\Application Data\Saracon
[2011/10/30 15:17:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.Gateway2k\Application Data\Solveig Multimedia
[2011/10/30 15:17:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.Gateway2k\Application Data\TrueCrypt
[2011/10/30 15:17:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.Gateway2k\Application Data\uTorrent
[2011/10/30 15:17:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.Gateway2k\Application Data\VideoReDo-TVSuite
[2011/10/30 15:17:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.Gateway2k\Application Data\Vso
[2011/10/30 15:17:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.Gateway2k\Application Data\Western Digital

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 188 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:66633281
@Alternate Data Stream - 149 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1
@Alternate Data Stream - 147 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0888F409
@Alternate Data Stream - 101 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34

< End of report >

Edited by Ranosb, 30 October 2011 - 02:12 AM.

  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,898 posts
  • MVP
I would uninstall Zone Alarm, IDM, Spybot S&D, SuperAntiSpyware and ebooster if you can. Then reboot into Safe Mode with Networking.


(Reboot and when you see the maker's logo, hear a beep or it talks about F8, start tapping the F8 key slowly. Keep tapping until the Safe Mode Menu appears and choose Safe Mode with Networking. Login with your usual login.)

Open IE, Tools, Internet Options, then Security. Selected Trusted Sites, Sites. highlight and delete all entries. OTL shows Internet as one of the entries. That should not be there.

Close IE then restart. Are you able to get on line?

Start, All Programs, Accessories, Command Prompt. Type with an Enter after each line in the code box:

ipconfig /flushdns

netsh  winsock  reset catalog


netsh  int ip reset reset.log

notepad  \windows\system32\drivers\etc\hosts

(I use two spaces in the code box so you will be sure to see where 1 space goes.)

In Notepad delete everything except:

127.0.0.1 localhost

File, Save, OK.

Reboot and test. If it still doesn't work:


1. Click "Start," click "Control Panel," click "Network and Internet Connections," and then click "Network Connections."
2. Right-click the network connection that you want to configure (the one you use to connect to the Internet), and then click Properties.
3. On the General tab (for a local area connection), or the Networking tab (for all other connections), click "Internet Protocol (TCP/IP)", and then click "Properties."

4. Click "Use the following DNS server addresses," and then type 8.8.8.8 in the Preferred DNS server and 4.2.2.1 in the Alternate DNS server boxes.

5. Click "OK"

Reboot and test. If it still doesn't work:

(Start) Right click on My Computer, select Manage then Device Manager. Find the Network Adapters and click on the + in front to open up the sub entries. Right click on each sun-entry under Network Adapters and Uninstall. (Doesn't hurt to write down the names in case you need to download the drivers from the PC Maker's website. Normally you don't but with malware you never know.) Reboot and test. If it still doesn't work:

Start, All Programs, Accessories, Command Prompt. Type with an Enter after each line in the code box:

proxycfg  -d
ipconfig  /all
ipconfig  /release
ipconfig  /renew
ipconfig  /all


Report any errors you get and the IP addresses of the last ipconfig /all


ComboFix
:!: If you have a previous version of Combofix.exe, delete it and download a fresh copy. :!:

:!: It must be saved to your desktop, do not run it :!:

:!: Disable your Antivirus software when downloading or running Combofix. If it has Script Blocking features, please disable these as well. See: http://www.bleepingc...opic114351.html


Download and Save this file -- to your Desktop -- from either of these two sources:
http://download.blee...Bs/ComboFix.exe
http://subs.geekstogo.com/ComboFix.exe

Doubleclick on ComboFix to start the program.



* :!: Important: Have no other programs running. Your Task Bar should be clear of any program entries including your Browser.


* A window may open with a series of Disclaimers. Accept the Disclaimers to start the fix. Allow it to install the Recovery Console then Continue. When the scan completes Notepad will open with with your results log open. Do a File, Exit and answer 'Yes' to save changes.


A caution - Do not run Combofix more than once. Do not touch your mouse/keyboard until the scan has completed, as this may cause the process to stall or your computer to lock. The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled. If this occurs, please reboot to restore the desktop. Even when ComboFix appears to be doing nothing, look at your Drive light. If it is flashing, Combofix is still at work.

A file will be created at => C:\Combofix.txt. I'll need to see that in your reply.

Re-activate your anti-virus at this time :!:

IF you are not able to do anything on your PC then create an AVG Rescue disk:
Step 1 at: http://www.geekstogo...ystem-tutorial/

Ron
  • 0

#3
Ranosb

Ranosb

    Member

  • Topic Starter
  • Member
  • PipPip
  • 10 posts
Tried the above, nothing worked. I don't use IE as my browser but Firefox and Bitcomet.
The connection on Bitcomet starts slowly declining after so many hours online until all is 0kbps, and then clicking on any program produces the permissions error above.

Couldn't find any selected Trusted Sites in IE

Tried to run combofix but received a warning message
"ComboFix has detected the following real time scanners to be active" Antivirus: McAfee VirusScan
This may lead to unpredictable results or possible machine damage. Pls disable these scanners before clicking "OK".

I don't have mcAfee on my computer, its not in the program files and I did a scan for "Mcafee*.*" and nothing showed up...

Heres the ipconfig results;
Posted Image
Posted Image

Downloaded and ran this program scanner; Independent scanner, does not install a program.
mcafee mydoomscanner
http://www.mcafee.co...oomscanner.aspx

Inside the box upon startup shows "Your system appears to be infected with the W32.Mydoom virus" in the attached image.

So I ran the Symantec W32.MyDoom removal tool and results show "W32.MyDoom NOT DETECTED"

Posted Image

Edited by Ranosb, 04 November 2011 - 06:26 AM.

  • 0

#4
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,898 posts
  • MVP
Download, Save and Run the McAfee Removal tool:
http://download.mcaf...atches/MCPR.exe
The sorry program never installs itself correctly.

Go ahead and tell Combofix to run even if it thinks McAfee is still there.

Ron
  • 0

#5
Ranosb

Ranosb

    Member

  • Topic Starter
  • Member
  • PipPip
  • 10 posts
Okay used the Mcafee remove cleaner program, found these files below with update of stinger, files aren't identified as any specific virus but noted as 3 files found & deleted.

C:\WINDOWS\_default
C:\WINDOWS\WMSysPr9.prx
C:\WINDOWS\yacs.log

Going to see what happens next, if still the same problems then its ComboFix next...

Thanks Ron

Edited by Ranosb, 05 November 2011 - 12:42 AM.

  • 0

#6
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,898 posts
  • MVP
Go ahead and run Combofix. It's your best hope of getting rid of this thing.

Ron

PS It's midnight here so I'm heading to bed.
  • 0

#7
Ranosb

Ranosb

    Member

  • Topic Starter
  • Member
  • PipPip
  • 10 posts
Sorry for the delay, had to leave the country on short notice!
ran Mcaffe removal tool then combofix.

C:\ComboFix\ComboFix.txt (not located in the root dir)

ComboFix 11-11-30.01 - Owner 11/30/2011 16:14:51.1.2 - x86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.2030.1459 [GMT 7:00]
Running from: C:\0_TEMP\0 Documents\0 Programs\VirusRemoval\ComboFix.exe
FW: ZoneAlarm Pro Firewall *Enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}

I uninstalled ZoneAlarm but the folder C:\WINDOWS\system32\ZoneLabs remains and vsmon.exe continues to load on boot.

While Combofix was running it moved/Quarantined these files ;
C:\Qoobox\Quarantine\C\WINDOWS\system32
lsprst7.dll.vir
ssprs.dll.vir
lmhosts.vir Which was empty

This folder removed
C:\Qoobox\Quarantine\C\WINDOWS\system32\config\systemprofile\WINDOWS Empty as well

REBOOT AND RUNNING SYSTEM WAITING TO SEE IF ANYTHINGS DIFFERENT
  • 0

#8
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,898 posts
  • MVP
Did you not get a Combofix log?
  • 0

#9
Ranosb

Ranosb

    Member

  • Topic Starter
  • Member
  • PipPip
  • 10 posts
None sir...

Ran these files thru an online scanner, nothing detected.
sprst7.dll
ssprs.dll

I renamed C:\WINDOWS\system32\ZoneLabs to another name so vsmon.exe wouldn't load. results?
Bitcomet that normally runs with the green WAN listen port now shows my listen port is blocked and I absolutely cannot connect to
the internet AFTER Bitcomet starts, even if I end bitcomet, with the zoneLabs folder missing.

So I renamed the folder back to ZoneLabs, vsmon.exe is loaded, WAN green again & can connect to internet, So just waiting to see if the symptoms of the connection going to zero with bitcomet and the "You may not have appropriate permissions" message to run programs returns, after comboFix's removal of these two files.

Edited by Ranosb, 30 November 2011 - 04:25 PM.

  • 0

#10
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,898 posts
  • MVP
No log at:
C:\Combofix.txt

or maybe C:\Combofix\Combofix.txt?

With a Combofix log I can remove Zone Alarm.

If you didn't get a log then it didn't run or didn't finish. Try downloading it again (anti-virus off) and this time rename it to george.exe and see if it will run that way.

Ron
  • 0

Advertisements


#11
Ranosb

Ranosb

    Member

  • Topic Starter
  • Member
  • PipPip
  • 10 posts
The below txt is from C:\ComboFix\ComboFix.txt
no combofix log.

ComboFix 11-11-30.01 - Owner 11/30/2011 16:14:51.1.2 - x86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.2030.1459 [GMT 7:00]
Running from: C:\0_TEMP\0 Documents\0 Programs\VirusRemoval\ComboFix.exe
FW: ZoneAlarm Pro Firewall *Enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}

Update: After running combofix the same internet stopping occurs and access to programs is denied. Will try running COmbofix again...
  • 0

#12
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,898 posts
  • MVP
That is the log but it didn't get very far.
  • 0

#13
Ranosb

Ranosb

    Member

  • Topic Starter
  • Member
  • PipPip
  • 10 posts
ComboFix 11-11-30.01 - Owner 12/01/2011 8:23:07.2.2 - x86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.2030.1467 [GMT 7:00]
Running from: C:\0_TEMP\0 Documents\0 Programs\VirusRemoval\ComboFix.exe
FW: ZoneAlarm Pro Firewall *Enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}

Ran combofix again and there is no combofix.LOG only combofix.txt located in the combofix folder and its the same.
Got the "Preparing log report Do not run any programs until combofix has finished."

Then the computer reboots.
Renamed the folder in system32 back to zonelabs, green WAN light ok open port on bitcomet, but the same random, internet stops, access to programs denied again.

Renaming the folder ZoneLabs located in system32 so vsmon.exe does not load and see if the same symptoms occur w/o vsmon.exe running...
  • 0

#14
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,898 posts
  • MVP
Any chance of reinstalling Zone Alarm so you can then uninstall it?
  • 0

#15
Ranosb

Ranosb

    Member

  • Topic Starter
  • Member
  • PipPip
  • 10 posts
Ok reinstalled ZoneAlarm, unistalled it and the windows folder system32\zonelabs is gone! And vsmon.exe is not loaded at start and I still have a Green WAN light with bitcomet. NOW;

Im waiting to see if the same problem occurs...

Edited by Ranosb, 01 December 2011 - 06:07 PM.

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP