Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

my hd full of trojansand malware plz help [Closed] [Solved]


  • This topic is locked This topic is locked

#1
hardan

hardan

    Member

  • Member
  • PipPip
  • 21 posts
sorry i,m newbie here and mistakenly post in wrong forum link is " http://www.geekstogo...29#entry2089329 " they polietly direct me to post here.


TheKiller v0.2 by maliprog
Log file created on 11/30/2011
Operating system: Windows 2000/XP Service Pack 2
-------------------------------

File associations resetted
HKCU\...\CurrentVersion\Winlogon: Shell -> Removed

-------------------------------
All Done!


Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 7622

Windows 5.1.2600 Service Pack 2
Internet Explorer 6.0.2900.2180

11/20/2011 11:59:43 AM
mbam-log-2011-11-20 (11-59-43).txt

Scan type: Quick scan
Objects scanned: 144322
Time elapsed: 3 minute(s), 22 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 2
Registry Values Infected: 0
Registry Data Items Infected: 3
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AMSINT32 (Virus.Sality) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\amsint32 (Virus.Sality) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
c:\sgtmnn.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.
BUTTTTTTTTTT same warning and log again and again means malware stil there


OTL logfile created on: 11/30/2011 11:37:20 AM - Run 1
OTL by OldTimer - Version 3.2.31.0
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.25 Gb Total Physical Memory | 0.71 Gb Available Physical Memory | 56.76% Memory free
2.98 Gb Paging File | 2.58 Gb Available in Paging File | 86.63% Paging File free
Paging file location(s): C:\pagefile.sys 1920 3840 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 19.53 Gb Total Space | 11.94 Gb Free Space | 61.15% Space Free | Partition Type: NTFS
Drive D: | 19.53 Gb Total Space | 7.14 Gb Free Space | 36.55% Space Free | Partition Type: NTFS
Drive E: | 19.53 Gb Total Space | 2.34 Gb Free Space | 11.97% Space Free | Partition Type: NTFS
Drive F: | 19.53 Gb Total Space | 4.70 Gb Free Space | 24.06% Space Free | Partition Type: NTFS
Drive G: | 15.93 Gb Total Space | 9.28 Gb Free Space | 58.28% Space Free | Partition Type: NTFS
Drive H: | 17.73 Gb Total Space | 6.07 Gb Free Space | 34.23% Space Free | Partition Type: NTFS

Computer Name: ABC-5087E28CAFD | User Name: akko baby | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 90 Days
  • 0

Advertisements


#2
hardan

hardan

    Member

  • Topic Starter
  • Member
  • PipPip
  • 21 posts
OTL logfile created on: 11/30/2011 11:45:24 AM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = G:\New Folder
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.25 Gb Total Physical Memory | 0.64 Gb Available Physical Memory | 51.59% Memory free
2.98 Gb Paging File | 2.51 Gb Available in Paging File | 84.31% Paging File free
Paging file location(s): C:\pagefile.sys 1920 3840 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 19.53 Gb Total Space | 11.92 Gb Free Space | 61.01% Space Free | Partition Type: NTFS
Drive D: | 19.53 Gb Total Space | 7.14 Gb Free Space | 36.55% Space Free | Partition Type: NTFS
Drive E: | 19.53 Gb Total Space | 2.34 Gb Free Space | 11.97% Space Free | Partition Type: NTFS
Drive F: | 19.53 Gb Total Space | 4.70 Gb Free Space | 24.06% Space Free | Partition Type: NTFS
Drive G: | 15.93 Gb Total Space | 9.28 Gb Free Space | 58.28% Space Free | Partition Type: NTFS
Drive H: | 17.73 Gb Total Space | 6.07 Gb Free Space | 34.23% Space Free | Partition Type: NTFS

Computer Name: ABC-5087E28CAFD | User Name: akko baby | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/11/30 11:36:47 | 000,584,192 | ---- | M] (OldTimer Tools) -- G:\New Folder\OTL.exe
PRC - [2011/11/30 11:22:15 | 000,086,016 | RHS- | M] () -- C:\WINDOWS\aadrive32.exe
PRC - [2011/10/24 22:48:40 | 003,507,608 | ---- | M] (Tonec Inc.) -- C:\Program Files\Internet Download Manager\IDMan.exe
PRC - [2011/09/28 22:53:40 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/05/25 06:28:58 | 000,345,520 | ---- | M] (Tonec Inc.) -- C:\Program Files\Internet Download Manager\IEMonitor.exe
PRC - [2004/08/03 16:56:50 | 001,032,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (No Company Name) ==========

MOD - [2011/11/30 11:22:15 | 000,086,016 | RHS- | M] () -- C:\WINDOWS\aadrive32.exe
MOD - [2011/11/19 08:38:29 | 008,522,400 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
MOD - [2011/09/28 22:53:40 | 001,833,944 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2010/11/17 13:16:56 | 000,067,872 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2008/05/16 14:01:00 | 000,466,944 | ---- | M] () -- C:\WINDOWS\system32\nvshell.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (MSDTC)
SRV - [2011/11/30 11:39:48 | 000,120,083 | ---- | M] () [Auto | Running] -- C:\WINDOWS\Fonts\uninstall_.exe -- (Windows Hosts Controller)
SRV - [2011/08/31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2005/04/17 12:30:42 | 000,124,608 | ---- | M] (symantec) [Disabled | Stopped] -- C:\Program Files\Symantec AntiVirus\SavRoam.exe -- (SavRoam)
SRV - [2005/04/17 12:30:40 | 001,706,176 | ---- | M] (Symantec Corporation) [Disabled | Stopped] -- C:\Program Files\Symantec AntiVirus\Rtvscan.exe -- (Symantec AntiVirus)
SRV - [2005/04/17 12:30:32 | 000,019,648 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Symantec AntiVirus\DefWatch.exe -- (DefWatch)
SRV - [2005/04/08 15:54:52 | 000,161,392 | ---- | M] (Symantec Corporation) [Disabled | Stopped] -- C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe -- (ccSetMgr)
SRV - [2005/04/08 15:54:50 | 000,157,296 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe -- (ccPwdSvc)
SRV - [2005/04/08 15:52:32 | 000,185,968 | ---- | M] (Symantec Corporation) [Disabled | Stopped] -- C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe -- (ccEvtMgr)
SRV - [2005/04/05 11:17:22 | 000,284,376 | ---- | M] (Symantec Corporation) [Disabled | Stopped] -- C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe -- (SNDSrvc)
SRV - [2005/03/30 21:48:22 | 000,992,864 | ---- | M] (Symantec Corporation) [Disabled | Stopped] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe -- (SPBBCSvc)
SRV - [2002/09/20 16:50:10 | 000,114,688 | ---- | M] (Analog Devices, Inc.) [Auto | Stopped] -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- (SoundMAX Agent Service (default))


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | System | Running] -- -- (SAVRT)
DRV - File not found [Kernel | Unknown | Running] -- -- (amsint32)
DRV - [2011/11/19 12:35:37 | 000,017,984 | ---- | M] () [File_System | Auto | Running] -- C:\WINDOWS\System32\WinFLdrv.sys -- (WinFLdrv)
DRV - [2011/08/31 17:00:50 | 000,022,216 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011/07/06 07:14:42 | 000,101,616 | ---- | M] (Tonec Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\DRIVERS\idmtdi.sys -- (IDMTDI)
DRV - [2007/11/29 17:35:44 | 000,163,328 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DRIVERS\b57xp32.sys -- (b57w2k)
DRV - [2005/04/12 01:00:00 | 000,631,040 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20050412.023\navex15.sys -- (NAVEX15)
DRV - [2005/04/12 01:00:00 | 000,073,728 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20050412.023\naveng.sys -- (NAVENG)
DRV - [2005/04/05 11:17:02 | 000,267,192 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\SYMTDI.SYS -- (SYMTDI)
DRV - [2005/04/05 11:17:00 | 000,017,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV)
DRV - [2005/04/01 20:36:04 | 000,123,200 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Symantec\SYMEVENT.SYS -- (SymEvent)
DRV - [2005/03/30 21:48:20 | 000,372,832 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV - [2005/02/04 20:14:32 | 000,053,896 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Symantec AntiVirus\Savrtpel.sys -- (SAVRTPEL)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..network.proxy.type: 0

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/11/20 09:19:53 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Documents and Settings\akko baby\Application Data\IDM\idmmzcc5 [2011/11/19 08:37:42 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\[email protected]: C:\Documents and Settings\akko baby\Application Data\IDM\idmmzcc5 [2011/11/19 08:37:42 | 000,000,000 | ---D | M]

[2011/11/19 08:36:05 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\akko baby\Application Data\Mozilla\Extensions
[2011/11/19 08:35:20 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/11/19 08:37:42 | 000,000,000 | ---D | M] (IDM CC) -- C:\DOCUMENTS AND SETTINGS\AKKO BABY\APPLICATION DATA\IDM\IDMMZCC5
[2011/09/28 22:53:40 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/09/28 16:26:50 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml

O1 HOSTS File: ([2001/08/23 06:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Microsoft Driver Setup] C:\WINDOWS\aadrive32.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [SetRefresh] C:\Program Files\COMPAQ\SetRefresh\\SetRefresh.exe ()
O4 - HKCU..\Run: [AntiFreeze] D:\AntiFreeze\AntiFreeze.exe (Resplendence Software Projects Sp.)
O4 - HKCU..\Run: [Ohmkmy] C:\Documents and Settings\akko baby\Application Data\Ohmkmy.exe File not found
O4 - HKCU..\Run: [zaber0] C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-1830\zaberg.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFavoritesMenu = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyDocs = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuMyMusic = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsNetHood = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSimpleStartMenu = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: Microsoft Driver Setup = C:\WINDOWS\aadrive32.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFavoritesMenu = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyDocs = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuMyMusic = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsNetHood = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoUserNameInStartMenu = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuPinnedList = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceStartMenuLogoff = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSharedDocuments = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 0
O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm ()
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.101.10.5 10.101.10.10
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0CFEB2CA-46AE-4EE2-8AA9-6A2B88F02BE0}: NameServer = 10.101.10.5 10.101.10.10
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2FFC5A46-4D7B-4A52-BF69-11A3FADB0762}: DhcpNameServer = 10.101.10.5 10.101.10.10
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: TaskMan - (C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-1830\zaberg.exe) -C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-1830\zaberg.exe ()
O20 - HKCU Winlogon: Shell - (explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKCU Winlogon: Shell - (C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-1830\zaberg.exe) -C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-1830\zaberg.exe ()
O20 - Winlogon\Notify\NavLogon: DllName - (C:\WINDOWS\system32\NavLogon.dll) - C:\WINDOWS\system32\NavLogon.dll (Symantec Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\web\wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\web\wallpaper\Bliss.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/11/19 16:53:56 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2011/11/19 18:09:55 | 000,000,260 | RHS- | M] () - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2011/11/08 00:33:21 | 000,000,366 | RHS- | M] () - D:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2011/11/08 00:33:20 | 000,000,247 | RHS- | M] () - E:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2011/11/11 12:35:04 | 000,000,000 | -HS- | M] () - F:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2011/11/16 02:04:48 | 000,000,000 | -HS- | M] () - G:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2011/11/16 02:04:48 | 000,000,000 | -HS- | M] () - H:\autorun.inf -- [ NTFS ]
O33 - MountPoints2\{efc4cfd3-1254-11e1-9a79-806d6172696f}\Shell\AUToplaY\ComMand - "" = C:\sgtmnn.exe -- [2011/11/29 20:49:09 | 000,103,140 | ---- | M] ()
O33 - MountPoints2\{efc4cfd3-1254-11e1-9a79-806d6172696f}\Shell\AutoRun\command - "" = C:\sgtmnn.exe -- [2011/11/29 20:49:09 | 000,103,140 | ---- | M] ()
O33 - MountPoints2\{efc4cfd3-1254-11e1-9a79-806d6172696f}\Shell\explore\comManD - "" = C:\sgtmnn.exe -- [2011/11/29 20:49:09 | 000,103,140 | ---- | M] ()
O33 - MountPoints2\{efc4cfd3-1254-11e1-9a79-806d6172696f}\Shell\OPen\command - "" = C:\sgtmnn.exe -- [2011/11/29 20:49:09 | 000,103,140 | ---- | M] ()
O33 - MountPoints2\{efc4cfd4-1254-11e1-9a79-806d6172696f}\Shell\AuToplay\CommANd - "" = E:\ebuog.pif -- [2011/11/29 20:50:30 | 000,103,140 | ---- | M] ()
O33 - MountPoints2\{efc4cfd4-1254-11e1-9a79-806d6172696f}\Shell\AutoRun\command - "" = E:\ebuog.pif -- [2011/11/29 20:50:30 | 000,103,140 | ---- | M] ()
O33 - MountPoints2\{efc4cfd4-1254-11e1-9a79-806d6172696f}\Shell\exploRE\cOMMaNd - "" = E:\ebuog.pif -- [2011/11/29 20:50:30 | 000,103,140 | ---- | M] ()
O33 - MountPoints2\{efc4cfd4-1254-11e1-9a79-806d6172696f}\Shell\OPen\cOmmAnd - "" = E:\ebuog.pif -- [2011/11/29 20:50:30 | 000,103,140 | ---- | M] ()
O33 - MountPoints2\{efc4cfd7-1254-11e1-9a79-806d6172696f}\Shell\AuToPlaY\coMmand - "" = D:\olgljp.exe -- [2011/11/29 11:47:24 | 000,103,140 | ---- | M] ()
O33 - MountPoints2\{efc4cfd7-1254-11e1-9a79-806d6172696f}\Shell\AutoRun\command - "" = D:\olgljp.exe -- [2011/11/29 11:47:24 | 000,103,140 | ---- | M] ()
O33 - MountPoints2\{efc4cfd7-1254-11e1-9a79-806d6172696f}\Shell\eXplOrE\ComMAnd - "" = D:\olgljp.exe -- [2011/11/29 11:47:24 | 000,103,140 | ---- | M] ()
O33 - MountPoints2\{efc4cfd7-1254-11e1-9a79-806d6172696f}\Shell\oPeN\cOmmand - "" = D:\olgljp.exe -- [2011/11/29 11:47:24 | 000,103,140 | ---- | M] ()
O33 - MountPoints2\Z\Shell\AUToPLaY\cOMmaNd - "" = Z:\ovjd.exe
O33 - MountPoints2\Z\Shell\AutoRun\command - "" = Z:\ovjd.exe
O33 - MountPoints2\Z\Shell\EXplore\coMManD - "" = Z:\ovjd.exe
O33 - MountPoints2\Z\Shell\OpEn\coMmAnd - "" = Z:\ovjd.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/11/30 11:23:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2011/11/30 11:21:50 | 000,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate
[2011/11/30 09:54:05 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\akko baby\Recent
[2011/11/26 12:41:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\akko baby\Start Menu\Programs\Farm Mania
[2011/11/26 12:41:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\Farm Mania
[2011/11/25 15:21:57 | 000,000,000 | ---D | C] -- C:\Program Files\Folder Lock 6
[2011/11/25 07:57:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\akko baby\Local Settings\Application Data\Identities
[2011/11/23 08:11:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\akko baby\Application Data\BumpkinBrothers
[2011/11/22 08:00:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\akko baby\Desktop\Recover My Files 4.5.2.608.+crack
[2011/11/22 07:56:01 | 000,000,000 | -H-D | C] -- C:\WINDOWS\PIF
[2011/11/22 07:54:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\akko baby\Desktop\Magic.Uneraser.3.1
[2011/11/22 07:09:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\akko baby\Application Data\ValuSoft
[2011/11/22 05:49:18 | 000,000,000 | R--D | C] -- C:\Documents and Settings\akko baby\Desktop\YourUnintaller.7.4.2011.12.0311
[2011/11/22 05:41:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\akko baby\Application Data\URSoft
[2011/11/22 03:00:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\akko baby\Application Data\Nero
[2011/11/22 03:00:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\LightScribe
[2011/11/22 02:41:19 | 000,802,816 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\imagXRA7.dll
[2011/11/22 02:41:19 | 000,497,296 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\imagXpr7.dll
[2011/11/22 02:41:19 | 000,368,640 | ---- | C] (Pegasus Imaging Corporation) -- C:\WINDOWS\System32\TwnLib4.dll
[2011/11/22 02:41:19 | 000,258,048 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\imagXR7.dll
[2011/11/22 02:41:18 | 001,757,184 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\imagX7.dll
[2011/11/22 02:41:17 | 000,000,000 | ---D | C] -- C:\Program Files\Nero
[2011/11/22 02:41:17 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nero
[2011/11/22 02:41:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Nero
[2011/11/22 02:35:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\akko baby\Desktop\Symantec.Antivirus.Corporate.Edition.v10.1.9.9000_Vn-Zoom.Com
[2011/11/22 02:16:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\akko baby\Desktop\window install
[2011/11/20 18:41:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2011/11/20 18:41:15 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$
[2011/11/20 16:01:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\Internet Logs
[2011/11/20 11:38:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\akko baby\Application Data\Malwarebytes
[2011/11/20 11:37:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/11/20 11:37:37 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/11/20 11:37:37 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/11/20 09:20:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\akko baby\Application Data\Apple Computer
[2011/11/20 09:19:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\QuickTime
[2011/11/20 09:19:26 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2011/11/20 09:19:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
[2011/11/20 09:19:05 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2011/11/20 09:18:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\akko baby\Local Settings\Application Data\Apple
[2011/11/20 09:18:54 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2011/11/20 09:18:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple
[2011/11/20 09:18:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\akko baby\Local Settings\Application Data\Apple Computer
[2011/11/20 09:15:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ErrorEND
[2011/11/20 03:28:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sandlot Games
[2011/11/20 03:15:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\PlayfulAge
[2011/11/20 03:14:46 | 000,000,000 | ---D | C] -- C:\Games
[2011/11/20 03:03:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Kristanix Games
[2011/11/20 03:02:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\akko baby\My Documents\Dotar Games
[2011/11/20 03:01:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\akko baby\Application Data\Artifex Mundi
[2011/11/20 02:57:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\GameHouse
[2011/11/20 02:57:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\akko baby\Application Data\GameHouse
[2011/11/20 02:55:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\akko baby\Application Data\ShinyTales
[2011/11/20 02:40:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\akko baby\Application Data\Sahmon Games
[2011/11/20 02:31:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\akko baby\My Documents\Total Overdose
[2011/11/20 01:49:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\akko baby\My Documents\My Cheat Tables
[2011/11/20 01:45:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PlayFirst
[2011/11/20 01:45:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\akko baby\Application Data\PlayFirst
[2011/11/20 01:28:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\akko baby\Local Settings\Application Data\MLS2
[2011/11/19 22:19:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\akko baby\Application Data\CyberLink
[2011/11/19 22:13:11 | 000,000,000 | ---D | C] -- C:\Program Files\Broadcom
[2011/11/19 22:12:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\LightScribe Direct Disc Labeling
[2011/11/19 22:12:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\LightScribe
[2011/11/19 22:11:43 | 000,000,000 | ---D | C] -- C:\Program Files\COMPAQ
[2011/11/19 22:09:28 | 000,049,152 | ---- | C] (SoundMAX) -- C:\WINDOWS\System32\S11thk32.dll
[2011/11/19 22:09:28 | 000,040,820 | ---- | C] (SoundMAX) -- C:\WINDOWS\System32\Syncor11.dll
[2011/11/19 22:09:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SoundMAX
[2011/11/19 22:09:27 | 000,045,056 | ---- | C] (adi) -- C:\WINDOWS\System32\CleanUp.exe
[2011/11/19 22:09:27 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2011/11/19 22:09:27 | 000,000,000 | ---D | C] -- C:\Program Files\Analog Devices
[2011/11/19 22:09:16 | 000,000,000 | ---D | C] -- C:\swsetup
[2011/11/19 22:08:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\nview
[2011/11/19 22:07:43 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2011/11/19 22:07:15 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2011/11/19 22:06:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups
[2011/11/19 22:06:37 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\WINDOWS\System32\CSVer.dll
[2011/11/19 22:06:37 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2011/11/19 22:06:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
[2011/11/19 22:05:58 | 000,000,000 | ---D | C] -- C:\Intel
[2011/11/19 22:03:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\WinRAR
[2011/11/19 22:03:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\akko baby\Start Menu\Programs\WinRAR
[2011/11/19 22:03:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\akko baby\Application Data\WinRAR
[2011/11/19 22:03:42 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2011/11/19 21:51:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\akko baby\Application Data\Adobe
[2011/11/19 21:48:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\akko baby\Local Settings\Application Data\Adobe
[2011/11/19 21:48:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2011/11/19 21:48:22 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2011/11/19 21:48:22 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2011/11/19 17:02:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\akko baby\Local Settings\Application Data\Symantec
[2011/11/19 17:02:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Symantec Client Security
[2011/11/19 17:01:58 | 000,123,200 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2011/11/19 17:01:58 | 000,091,856 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\S32EVNT1.DLL
[2011/11/19 17:01:53 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2011/11/19 17:01:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2011/11/19 17:01:46 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec AntiVirus
[2011/11/19 17:01:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Symantec
[2011/11/19 16:59:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\akko baby\Application Data\Identities
[2011/11/19 16:59:15 | 000,000,000 | R--D | C] -- C:\Documents and Settings\akko baby\My Documents\My Music
[2011/11/19 16:59:14 | 000,000,000 | R--D | C] -- C:\Documents and Settings\akko baby\My Documents\My Pictures
[2011/11/19 16:59:12 | 000,000,000 | --SD | C] -- C:\Documents and Settings\akko baby\Application Data\Microsoft
[2011/11/19 16:59:12 | 000,000,000 | --SD | C] -- C:\Documents and Settings\akko baby\Cookies
[2011/11/19 16:59:12 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\akko baby\Application Data
[2011/11/19 16:59:12 | 000,000,000 | R--D | C] -- C:\Documents and Settings\akko baby\Favorites
[2011/11/19 16:59:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\akko baby\Desktop
[2011/11/19 16:59:11 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\akko baby\SendTo
[2011/11/19 16:59:11 | 000,000,000 | R--D | C] -- C:\Documents and Settings\akko baby\Start Menu\Programs\Startup
[2011/11/19 16:59:11 | 000,000,000 | R--D | C] -- C:\Documents and Settings\akko baby\Start Menu
[2011/11/19 16:59:11 | 000,000,000 | R--D | C] -- C:\Documents and Settings\akko baby\My Documents
[2011/11/19 16:59:11 | 000,000,000 | R--D | C] -- C:\Documents and Settings\akko baby\Start Menu\Programs\Accessories
[2011/11/19 16:59:11 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\akko baby\Templates
[2011/11/19 16:59:11 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\akko baby\PrintHood
[2011/11/19 16:59:11 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\akko baby\NetHood
[2011/11/19 16:59:11 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\akko baby\Local Settings
[2011/11/19 16:59:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\akko baby\Local Settings\Application Data\Microsoft
[2011/11/19 16:58:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2011/11/19 16:58:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2011/11/19 16:58:29 | 000,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft
[2011/11/19 16:58:28 | 000,000,000 | --SD | C] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2011/11/19 16:58:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2011/11/19 16:58:20 | 000,000,000 | --SD | C] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2011/11/19 16:58:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2011/11/19 16:55:53 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2011/11/19 16:55:53 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2011/11/19 16:55:52 | 000,026,624 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll
[2011/11/19 16:54:44 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2011/11/19 16:54:16 | 000,000,000 | ---D | C] -- C:\Program Files\xerox
[2011/11/19 16:54:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom
[2011/11/19 16:54:15 | 000,000,000 | ---D | C] -- C:\Program Files\microsoft frontpage
[2011/11/19 16:52:56 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\DRM
[2011/11/19 16:52:47 | 000,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files
[2011/11/19 16:52:47 | 000,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages
[2011/11/19 16:52:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX
[2011/11/19 16:51:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Services
[2011/11/19 16:51:55 | 000,000,000 | --SD | C] -- C:\WINDOWS\Tasks
[2011/11/19 16:51:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap
[2011/11/19 16:51:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\srchasst
[2011/11/19 16:51:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed
[2011/11/19 16:51:44 | 000,000,000 | ---D | C] -- C:\Program Files\Movie Maker
[2011/11/19 16:51:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore
[2011/11/19 16:51:35 | 000,000,000 | ---D | C] -- C:\Program Files\NetMeeting
[2011/11/19 16:51:33 | 000,000,000 | ---D | C] -- C:\Program Files\Outlook Express
[2011/11/19 16:51:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\System
[2011/11/19 16:51:28 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Explorer
[2011/11/19 16:51:27 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Pictures
[2011/11/19 16:51:05 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Games
[2011/11/19 16:50:48 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Administrative Tools
[2011/11/19 16:50:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\Registration
[2011/11/19 16:50:42 | 000,000,000 | ---D | C] -- C:\Program Files\Online Services
[2011/11/19 16:50:41 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Music
[2011/11/19 16:50:41 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Player
[2011/11/19 16:50:37 | 000,000,000 | ---D | C] -- C:\Program Files\Messenger
[2011/11/19 16:50:34 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Gaming Zone
[2011/11/19 16:50:06 | 000,281,088 | ---- | C] (Cinematronics) -- C:\WINDOWS\System32\dllcache\pinball.exe
[2011/11/19 16:50:06 | 000,000,000 | ---D | C] -- C:\Program Files\MSN
[2011/11/19 16:50:05 | 000,000,000 | ---D | C] -- C:\Program Files\Windows NT
[2011/11/19 16:50:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc
[2011/11/19 16:50:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Com
[2011/11/19 16:49:47 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Videos
[2011/11/19 16:49:30 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Accessories
[2011/11/19 15:59:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Norton Installer
[2011/11/19 15:56:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2011/11/19 15:55:44 | 000,000,000 | ---D | C] -- C:\Program Files\Norton Utilities 15
[2011/11/19 14:59:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\akko baby\Local Settings\Application Data\Thinstall
[2011/11/19 14:59:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\akko baby\Application Data\Thinstall
[2011/11/19 14:32:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\akko baby\Desktop\New Folder
[2011/11/19 12:52:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\akko baby\Start Menu\Programs\Folder Lock 6
[2011/11/19 12:33:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\akko baby\Desktop\Folder.Lock.6.5.0
[2011/11/19 09:52:31 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2011/11/19 09:11:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2011/11/19 09:01:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\akko baby\Application Data\Macromedia
[2011/11/19 08:56:34 | 000,000,000 | RHSD | C] -- C:\RECYCLER
[2011/11/19 08:48:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\akko baby\My Documents\DriverGenius
[2011/11/19 08:37:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\akko baby\Application Data\IDM
[2011/11/19 08:37:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\akko baby\My Documents\Downloads
[2011/11/19 08:37:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\akko baby\Application Data\DMCache
[2011/11/19 08:37:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Internet Download Manager
[2011/11/19 08:37:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\akko baby\Start Menu\Programs\Internet Download Manager
[2011/11/19 08:37:34 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Download Manager
[2011/11/19 08:35:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\akko baby\Local Settings\Application Data\Mozilla
[2011/11/19 08:35:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\akko baby\Application Data\Mozilla
[2011/11/19 08:35:18 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2011/11/19 08:31:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\akko baby\Local Settings\Application Data\NextUp
[2011/11/19 08:23:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2011/11/18 18:44:01 | 000,000,000 | -HSD | C] -- C:\WINDOWS\Installer
[2011/11/18 18:44:00 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC
[2011/11/18 18:43:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeechEngines
[2011/11/18 18:43:57 | 000,000,000 | R--D | C] -- C:\Program Files
[2011/11/18 18:43:57 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Shared
[2011/11/18 18:43:57 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files
[2011/11/18 18:43:37 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup
[2011/11/18 18:43:37 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu
[2011/11/18 18:43:37 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents
[2011/11/18 18:43:37 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Templates
[2011/11/18 18:43:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Favorites
[2011/11/18 18:43:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Desktop
[2011/11/18 18:43:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2011/11/18 18:43:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot
[2011/11/18 18:43:19 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2011/11/18 18:43:19 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\All Users\Application Data
[2011/11/18 18:42:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings
[2011/11/18 18:36:23 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2011/11/18 18:30:11 | 000,000,000 | R-SD | C] -- C:\WINDOWS\Fonts
[2011/11/18 18:30:11 | 000,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2011/11/18 18:30:11 | 000,000,000 | R--D | C] -- C:\WINDOWS\Web
[2011/11/18 18:30:11 | 000,000,000 | -H-D | C] -- C:\WINDOWS\inf
[2011/11/18 18:30:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\WinSxS
[2011/11/18 18:30:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wins
[2011/11/18 18:30:11 | 000,000,000 | ---D | C] -- C:\WINDOWS
[2011/11/18 18:30:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem
[2011/11/18 18:30:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt
[2011/11/18 18:30:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\twain_32
[2011/11/18 18:30:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2011/11/18 18:30:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\system32
[2011/11/18 18:30:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\system
[2011/11/18 18:30:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\spool
[2011/11/18 18:30:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt
[2011/11/18 18:30:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup
[2011/11/18 18:30:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\security
[2011/11/18 18:30:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\Resources
[2011/11/18 18:30:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\repair
[2011/11/18 18:30:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ras
[2011/11/18 18:30:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\Provisioning
[2011/11/18 18:30:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\PeerNet
[2011/11/18 18:30:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\pchealth
[2011/11/18 18:30:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe
[2011/11/18 18:30:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\npp
[2011/11/18 18:30:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\mui
[2011/11/18 18:30:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\mui
[2011/11/18 18:30:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\msapps
[2011/11/18 18:30:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\msagent
[2011/11/18 18:30:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\Media
[2011/11/18 18:30:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\java
[2011/11/18 18:30:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv
[2011/11/18 18:30:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\IME
[2011/11/18 18:30:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\ime
[2011/11/18 18:30:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml
[2011/11/18 18:30:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ias
[2011/11/18 18:30:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\Help
[2011/11/18 18:30:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\export
[2011/11/18 18:30:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc
[2011/11/18 18:30:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\ehome
[2011/11/18 18:30:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers
[2011/11/18 18:30:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache
[2011/11/18 18:30:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn
[2011/11/18 18:30:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp
[2011/11/18 18:30:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\Debug
[2011/11/18 18:30:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cursors
[2011/11/18 18:30:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard
[2011/11/18 18:30:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\config
[2011/11/18 18:30:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\Config
[2011/11/18 18:30:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\AppPatch
[2011/11/18 18:30:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\addins
[2011/11/18 18:30:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi
[2011/11/18 18:30:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3076
[2011/11/18 18:30:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\2052
[2011/11/18 18:30:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1054
[2011/11/18 18:30:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1042
[2011/11/18 18:30:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1041
[2011/11/18 18:30:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1037
[2011/11/18 18:30:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1033
[2011/11/18 18:30:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1031
[2011/11/18 18:30:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1028
[2011/11/18 18:30:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1025
[21 C:\Documents and Settings\akko baby\Application Data\*.tmp files -> C:\Documents and Settings\akko baby\Application Data\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/11/30 11:59:36 | 000,041,272 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/11/30 11:49:42 | 000,045,568 | ---- | M] () -- C:\WINDOWS\System32\30.exe
[2011/11/30 11:48:35 | 000,045,568 | ---- | M] () -- C:\WINDOWS\System32\12.exe
[2011/11/30 11:39:45 | 000,000,080 | ---- | M] () -- C:\WINDOWS\System32\asr_vpilc
[2011/11/30 11:22:15 | 000,159,744 | RHS- | M] () -- C:\WINDOWS\aadrive32.exe
[2011/11/30 11:14:16 | 000,045,568 | ---- | M] () -- C:\WINDOWS\System32\71.exe
[2011/11/30 11:11:26 | 000,054,016 | ---- | M] () -- C:\WINDOWS\System32\drivers\gttnlqc.sys
[2011/11/30 11:05:17 | 000,000,446 | ---- | M] () -- C:\WINDOWS\tasks\RegCure Program Check.job
[2011/11/30 11:05:16 | 000,000,104 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2011/11/30 11:05:08 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/11/30 11:05:04 | 1341,706,240 | -HS- | M] () -- C:\hiberfil.sys
[2011/11/30 08:04:36 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2011/11/29 20:49:09 | 000,103,140 | ---- | M] () -- C:\sgtmnn.exe
[2011/11/29 14:07:54 | 000,000,726 | ---- | M] () -- C:\Documents and Settings\akko baby\Application Data\Microsoft\Internet Explorer\Quick Launch\Folder Lock 6.lnk
[2011/11/29 14:07:54 | 000,000,708 | ---- | M] () -- C:\Documents and Settings\akko baby\Desktop\Folder Lock 6.lnk
[2011/11/28 21:29:53 | 000,003,584 | ---- | M] () -- C:\Documents and Settings\akko baby\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/11/28 17:58:37 | 000,090,296 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/11/28 12:15:17 | 000,045,568 | ---- | M] () -- C:\WINDOWS\System32\51.exe
[2011/11/28 12:14:15 | 000,045,568 | ---- | M] () -- C:\WINDOWS\System32\45.exe
[2011/11/28 12:08:50 | 000,045,568 | ---- | M] () -- C:\WINDOWS\System32\88.exe
[2011/11/28 12:04:11 | 000,045,568 | ---- | M] () -- C:\WINDOWS\System32\31.exe
[2011/11/28 12:04:08 | 000,045,568 | ---- | M] () -- C:\WINDOWS\System32\42.exe
[2011/11/28 11:57:49 | 000,045,568 | ---- | M] () -- C:\WINDOWS\System32\70.exe
[2011/11/28 11:45:12 | 000,093,184 | ---- | M] () -- C:\Documents and Settings\akko baby\ndghd.exe
[2011/11/28 11:29:18 | 000,045,568 | ---- | M] () -- C:\WINDOWS\System32\60.exe
[2011/11/28 11:25:14 | 000,045,568 | ---- | M] () -- C:\WINDOWS\System32\03.exe
[2011/11/28 11:23:42 | 000,045,568 | ---- | M] () -- C:\WINDOWS\System32\85.exe
[2011/11/28 04:29:54 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/11/28 04:22:23 | 000,045,568 | ---- | M] () -- C:\WINDOWS\System32\57.exe
[2011/11/28 04:20:32 | 000,045,568 | ---- | M] () -- C:\WINDOWS\System32\64.exe
[2011/11/28 04:02:07 | 000,045,568 | ---- | M] () -- C:\WINDOWS\System32\82.exe
[2011/11/28 03:42:06 | 000,045,568 | ---- | M] () -- C:\WINDOWS\System32\23.exe
[2011/11/28 03:32:01 | 000,045,568 | ---- | M] () -- C:\WINDOWS\System32\33.exe
[2011/11/28 03:31:29 | 000,045,568 | ---- | M] () -- C:\WINDOWS\System32\01.exe
[2011/11/28 03:30:31 | 000,045,568 | ---- | M] () -- C:\WINDOWS\System32\56.exe
[2011/11/28 03:21:27 | 000,045,568 | ---- | M] () -- C:\WINDOWS\System32\00.exe
[2011/11/28 02:36:22 | 000,045,568 | ---- | M] () -- C:\WINDOWS\System32\22.exe
[2011/11/27 03:13:22 | 000,000,390 | ---- | M] () -- C:\WINDOWS\tasks\ErrorEND.job
[2011/11/26 12:41:50 | 000,000,655 | ---- | M] () -- C:\Documents and Settings\akko baby\Desktop\Farm Mania.lnk
[2011/11/25 15:25:01 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2011/11/25 15:23:30 | 005,242,880 | ---- | M] () -- C:\Documents and Settings\akko baby\My Documents\Locker01.flk
[2011/11/25 07:58:10 | 000,000,556 | ---- | M] () -- C:\Documents and Settings\akko baby\Desktop\Shortcut to Garden_Dash.lnk
[2011/11/24 03:47:12 | 000,000,380 | ---- | M] () -- C:\WINDOWS\tasks\RegCure.job
[2011/11/22 02:41:30 | 000,001,603 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Nero Express.lnk
[2011/11/20 15:53:55 | 000,082,432 | ---- | M] () -- C:\WINDOWS\System32\WinFLsrv.exe
[2011/11/20 15:47:05 | 000,004,212 | -H-- | M] () -- C:\WINDOWS\System32\zllictbl.dat
[2011/11/20 13:43:51 | 000,120,083 | ---- | M] () -- C:\WINDOWS\System32\asr_38747.exe
[2011/11/20 13:43:47 | 000,000,081 | ---- | M] () -- C:\WINDOWS\System32\asr_oplzr
[2011/11/20 13:27:52 | 000,184,320 | ---- | M] () -- C:\WINDOWS\System32\asr_70648.exe
[2011/11/20 13:27:48 | 000,000,080 | ---- | M] () -- C:\WINDOWS\System32\asr_oyjvb
[2011/11/20 12:48:34 | 000,000,081 | ---- | M] () -- C:\WINDOWS\System32\asr_yisblc
[2011/11/20 11:48:04 | 000,000,546 | ---- | M] () -- C:\Documents and Settings\akko baby\Desktop\Shortcut to Connect Blue.lnk
[2011/11/20 11:37:43 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/11/20 09:19:44 | 000,001,604 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2011/11/20 01:49:28 | 000,000,514 | ---- | M] () -- C:\Documents and Settings\akko baby\Desktop\Shortcut to Cheat Engine.lnk
[2011/11/20 01:27:05 | 000,000,356 | ---- | M] () -- C:\Documents and Settings\akko baby\Desktop\Shortcut to GAME dsktop.lnk
[2011/11/19 22:09:27 | 000,000,044 | ---- | M] () -- C:\WINDOWS\System32\msssc.dll
[2011/11/19 21:48:40 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2011/11/19 21:47:52 | 000,000,000 | ---- | M] () -- C:\WINDOWS\VPC32.INI
[2011/11/19 18:09:55 | 000,000,260 | RHS- | M] () -- C:\autorun.inf
[2011/11/19 16:59:58 | 000,311,934 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/11/19 16:59:58 | 000,040,196 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/11/19 16:59:29 | 000,000,779 | ---- | M] () -- C:\Documents and Settings\akko baby\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/11/19 16:59:28 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\akko baby\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2011/11/19 16:58:23 | 000,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD
[2011/11/19 16:56:38 | 000,000,261 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2011/11/19 16:53:56 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011/11/19 16:53:56 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2011/11/19 16:53:56 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2011/11/19 16:53:56 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2011/11/19 16:53:56 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2011/11/19 16:53:47 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2011/11/19 16:53:47 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2011/11/19 16:53:47 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2011/11/19 16:53:36 | 000,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2011/11/19 16:51:03 | 000,021,640 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011/11/19 16:49:09 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2011/11/19 12:35:38 | 000,180,224 | ---- | M] () -- C:\WINDOWS\System32\WinVd32.sys
[2011/11/19 12:35:37 | 000,078,336 | ---- | M] () -- C:\WINDOWS\System32\WinFLsrv.exe.XXX
[2011/11/19 11:43:09 | 000,000,708 | ---- | M] () -- C:\Documents and Settings\akko baby\Desktop\Internet Download Manager.lnk
[2011/11/19 09:21:32 | 000,000,733 | ---- | M] () -- C:\Documents and Settings\akko baby\Desktop\Shortcut to RecoverMyFiles.lnk
[2011/11/19 09:11:40 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/11/19 09:04:18 | 000,120,083 | ---- | M] () -- C:\WINDOWS\System32\asr_77507.exe.XXX
[2011/11/19 09:04:14 | 000,000,081 | ---- | M] () -- C:\WINDOWS\System32\asr_zlcte
[2011/11/19 09:00:04 | 000,000,081 | ---- | M] () -- C:\WINDOWS\System32\asr_erthp
[2011/11/19 08:35:22 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\akko baby\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/11/19 08:35:22 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2011/11/19 08:32:39 | 000,000,593 | ---- | M] () -- C:\Documents and Settings\akko baby\Desktop\Shortcut to TextAloudMP3.lnk
[2011/11/19 08:29:47 | 000,000,616 | ---- | M] () -- C:\Documents and Settings\akko baby\Desktop\Shortcut to KMPlayer.lnk
[2011/11/19 08:29:23 | 000,000,576 | ---- | M] () -- C:\Documents and Settings\akko baby\Desktop\Shortcut to PowerISO.lnk
[21 C:\Documents and Settings\akko baby\Application Data\*.tmp files -> C:\Documents and Settings\akko baby\Application Data\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/11/30 11:39:45 | 000,000,080 | ---- | C] () -- C:\WINDOWS\System32\asr_vpilc
[2011/11/30 11:14:15 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\71.exe
[2011/11/30 11:12:34 | 000,086,016 | RHS- | C] () -- C:\WINDOWS\aadrive32.exe
[2011/11/30 11:11:26 | 000,054,016 | ---- | C] () -- C:\WINDOWS\System32\drivers\gttnlqc.sys
[2011/11/29 20:49:09 | 000,103,140 | ---- | C] () -- C:\sgtmnn.exe
[2011/11/29 14:07:54 | 000,000,726 | ---- | C] () -- C:\Documents and Settings\akko baby\Application Data\Microsoft\Internet Explorer\Quick Launch\Folder Lock 6.lnk
[2011/11/29 14:07:54 | 000,000,708 | ---- | C] () -- C:\Documents and Settings\akko baby\Desktop\Folder Lock 6.lnk
[2011/11/28 21:29:57 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2011/11/28 21:29:53 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\akko baby\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/11/28 12:15:17 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\51.exe
[2011/11/28 12:14:15 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\45.exe
[2011/11/28 12:08:36 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\88.exe
[2011/11/28 12:04:04 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\42.exe
[2011/11/28 11:57:44 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\70.exe
[2011/11/28 11:29:18 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\60.exe
[2011/11/28 11:28:35 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\31.exe
[2011/11/28 11:25:08 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\03.exe
[2011/11/28 11:23:39 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\85.exe
[2011/11/28 11:19:45 | 000,093,184 | ---- | C] () -- C:\Documents and Settings\akko baby\ndghd.exe
[2011/11/28 07:53:00 | 000,090,296 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/11/28 04:28:48 | 000,001,393 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2011/11/28 04:22:23 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\57.exe
[2011/11/28 04:20:32 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\64.exe
[2011/11/28 03:42:06 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\23.exe
[2011/11/28 03:32:01 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\33.exe
[2011/11/28 03:31:29 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\01.exe
[2011/11/28 03:30:43 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\82.exe
[2011/11/28 03:30:10 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\56.exe
[2011/11/28 03:21:24 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\00.exe
[2011/11/28 02:36:16 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\22.exe
[2011/11/26 12:41:50 | 000,000,655 | ---- | C] () -- C:\Documents and Settings\akko baby\Desktop\Farm Mania.lnk
[2011/11/25 15:23:29 | 005,242,880 | ---- | C] () -- C:\Documents and Settings\akko baby\My Documents\Locker01.flk
[2011/11/25 07:58:10 | 000,000,556 | ---- | C] () -- C:\Documents and Settings\akko baby\Desktop\Shortcut to Garden_Dash.lnk
[2011/11/22 02:41:30 | 000,001,603 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Nero Express.lnk
[2011/11/20 15:53:55 | 000,082,432 | ---- | C] () -- C:\WINDOWS\System32\WinFLsrv.exe
[2011/11/20 15:47:05 | 000,004,212 | -H-- | C] () -- C:\WINDOWS\System32\zllictbl.dat
[2011/11/20 13:43:49 | 000,120,083 | ---- | C] () -- C:\WINDOWS\System32\asr_38747.exe
[2011/11/20 13:43:47 | 000,000,081 | ---- | C] () -- C:\WINDOWS\System32\asr_oplzr
[2011/11/20 13:27:54 | 000,120,083 | ---- | C] () -- C:\WINDOWS\Fonts\uninstall_.exe
[2011/11/20 13:27:52 | 000,184,320 | ---- | C] () -- C:\WINDOWS\System32\asr_70648.exe
[2011/11/20 13:27:48 | 000,000,080 | ---- | C] () -- C:\WINDOWS\System32\asr_oyjvb
[2011/11/20 12:48:34 | 000,000,081 | ---- | C] () -- C:\WINDOWS\System32\asr_yisblc
[2011/11/20 11:47:53 | 000,005,791 | ---- | C] () -- C:\WINDOWS\System32\instcm.inf
[2011/11/20 11:37:43 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/11/20 09:19:44 | 000,001,604 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2011/11/20 09:18:55 | 000,001,830 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Apple Software Update.lnk
[2011/11/20 09:15:02 | 000,000,390 | ---- | C] () -- C:\WINDOWS\tasks\ErrorEND.job
[2011/11/20 09:11:31 | 000,000,446 | ---- | C] () -- C:\WINDOWS\tasks\RegCure Program Check.job
[2011/11/20 09:11:31 | 000,000,380 | ---- | C] () -- C:\WINDOWS\tasks\RegCure.job
[2011/11/20 01:49:28 | 000,000,514 | ---- | C] () -- C:\Documents and Settings\akko baby\Desktop\Shortcut to Cheat Engine.lnk
[2011/11/20 01:27:05 | 000,000,356 | ---- | C] () -- C:\Documents and Settings\akko baby\Desktop\Shortcut to GAME dsktop.lnk
[2011/11/19 22:20:35 | 000,000,546 | ---- | C] () -- C:\Documents and Settings\akko baby\Desktop\Shortcut to Connect Blue.lnk
[2011/11/19 22:11:44 | 000,002,070 | ---- | C] () -- C:\Documents and Settings\akko baby\Start Menu\Programs\SetRefresh.lnk
[2011/11/19 22:09:27 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\msssc.dll
[2011/11/19 22:08:20 | 000,000,104 | ---- | C] () -- C:\WINDOWS\System32\nvapps.xml
[2011/11/19 22:08:09 | 000,018,070 | ---- | C] () -- C:\WINDOWS\System32\nvdisp.nvu
[2011/11/19 21:48:40 | 000,001,804 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader 9.lnk
[2011/11/19 21:48:40 | 000,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2011/11/19 21:47:52 | 000,000,000 | ---- | C] () -- C:\WINDOWS\VPC32.INI
[2011/11/19 18:09:09 | 000,000,260 | RHS- | C] () -- C:\autorun.inf
[2011/11/19 16:59:28 | 000,000,079 | ---- | C] () -- C:\Documents and Settings\akko baby\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2011/11/19 16:59:20 | 000,000,738 | ---- | C] () -- C:\Documents and Settings\akko baby\Start Menu\Programs\Outlook Express.lnk
[2011/11/19 16:59:18 | 000,000,779 | ---- | C] () -- C:\Documents and Settings\akko baby\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/11/19 16:59:18 | 000,000,767 | ---- | C] () -- C:\Documents and Settings\akko baby\Start Menu\Programs\Internet Explorer.lnk
[2011/11/19 16:59:12 | 000,001,599 | ---- | C] () -- C:\Documents and Settings\akko baby\Start Menu\Programs\Remote Assistance.lnk
[2011/11/19 16:59:12 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\akko baby\Start Menu\Programs\Windows Media Player.lnk
[2011/11/19 16:59:10 | 1341,706,240 | -HS- | C] () -- C:\hiberfil.sys
[2011/11/19 16:58:23 | 000,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2011/11/19 16:56:38 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011/11/19 16:55:39 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2011/11/19 16:55:22 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2011/11/19 16:55:16 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2011/11/19 16:55:15 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2011/11/19 16:55:13 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2011/11/19 16:55:04 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2011/11/19 16:55:00 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2011/11/19 16:54:57 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fpencode.dll
[2011/11/19 16:54:47 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2011/11/19 16:53:56 | 000,002,577 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT
[2011/11/19 16:53:56 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2011/11/19 16:53:56 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2011/11/19 16:53:56 | 000,000,000 | ---- | C] () -- C:\CONFIG.SYS
[2011/11/19 16:53:56 | 000,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT
[2011/11/19 16:53:47 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2011/11/19 16:53:47 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2011/11/19 16:53:46 | 000,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2011/11/19 16:52:35 | 000,000,786 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Movie Maker.lnk
[2011/11/19 16:52:25 | 004,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex
[2011/11/19 16:52:03 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2011/11/19 16:52:03 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2011/11/19 16:51:58 | 000,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf
[2011/11/19 16:51:49 | 000,004,639 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.exe
[2011/11/19 16:51:40 | 000,376,320 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msinfo.dll
[2011/11/19 16:51:05 | 000,000,609 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Messenger.lnk
[2011/11/19 16:51:03 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011/11/19 16:50:42 | 000,001,986 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\MSN.lnk
[2011/11/19 16:50:23 | 000,065,954 | ---- | C] () -- C:\WINDOWS\Prairie Wind.bmp
[2011/11/19 16:50:23 | 000,065,832 | ---- | C] () -- C:\WINDOWS\Santa Fe Stucco.bmp
[2011/11/19 16:50:23 | 000,026,680 | ---- | C] () -- C:\WINDOWS\River Sumida.bmp
[2011/11/19 16:50:23 | 000,026,582 | ---- | C] () -- C:\WINDOWS\Greenstone.bmp
[2011/11/19 16:50:23 | 000,017,362 | ---- | C] () -- C:\WINDOWS\Rhododendron.bmp
[2011/11/19 16:50:23 | 000,017,336 | ---- | C] () -- C:\WINDOWS\Gone Fishing.bmp
[2011/11/19 16:50:23 | 000,017,062 | ---- | C] () -- C:\WINDOWS\Coffee Bean.bmp
[2011/11/19 16:50:23 | 000,016,730 | ---- | C] () -- C:\WINDOWS\FeatherTexture.bmp
[2011/11/19 16:50:23 | 000,009,522 | ---- | C] () -- C:\WINDOWS\Zapotec.bmp
[2011/11/19 16:50:22 | 000,065,978 | ---- | C] () -- C:\WINDOWS\Soap Bubbles.bmp
[2011/11/19 16:50:22 | 000,001,272 | ---- | C] () -- C:\WINDOWS\Blue Lace 16.bmp
[2011/11/19 16:50:20 | 000,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h
[2011/11/19 16:50:20 | 000,001,161 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2011/11/19 16:50:20 | 000,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h
[2011/11/19 16:50:15 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc
[2011/11/19 12:35:38 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\WinVd32.sys
[2011/11/19 12:35:37 | 000,078,336 | ---- | C] () -- C:\WINDOWS\System32\WinFLsrv.exe.XXX
[2011/11/19 11:43:09 | 000,000,708 | ---- | C] () -- C:\Documents and Settings\akko baby\Desktop\Internet Download Manager.lnk
[2011/11/19 09:52:37 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2011/11/19 09:21:32 | 000,000,733 | ---- | C] () -- C:\Documents and Settings\akko baby\Desktop\Shortcut to RecoverMyFiles.lnk
[2011/11/19 09:04:16 | 000,120,083 | ---- | C] () -- C:\WINDOWS\System32\asr_77507.exe.XXX
[2011/11/19 09:04:14 | 000,000,081 | ---- | C] () -- C:\WINDOWS\System32\asr_zlcte
[2011/11/19 09:00:04 | 000,000,081 | ---- | C] () -- C:\WINDOWS\System32\asr_erthp
[2011/11/19 08:35:22 | 000,000,742 | ---- | C] () -- C:\Documents and Settings\akko baby\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/11/19 08:35:22 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
[2011/11/19 08:35:22 | 000,000,724 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2011/11/19 08:32:39 | 000,000,593 | ---- | C] () -- C:\Documents and Settings\akko baby\Desktop\Shortcut to TextAloudMP3.lnk
[2011/11/19 08:29:47 | 000,000,616 | ---- | C] () -- C:\Documents and Settings\akko baby\Desktop\Shortcut to KMPlayer.lnk
[2011/11/19 08:29:23 | 000,000,576 | ---- | C] () -- C:\Documents and Settings\akko baby\Desktop\Shortcut to PowerISO.lnk
[2011/11/18 18:44:00 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011/11/18 18:43:58 | 001,685,606 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.spd
[2011/11/18 18:43:58 | 000,643,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa
[2011/11/18 18:43:58 | 000,605,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa
[2011/11/18 18:43:58 | 000,000,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.sdf
[2011/11/18 18:43:46 | 000,001,688 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2011/11/18 18:43:37 | 000,141,702 | ---- | C] () -- C:\WINDOWS\System32\dllcache\netfx.cat
[2011/11/18 18:43:37 | 000,024,209 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn7.cat
[2011/11/18 18:43:37 | 000,011,651 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn9.cat
[2011/11/18 18:43:36 | 001,042,903 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP2.CAT
[2011/11/18 18:43:36 | 000,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2011/11/18 18:43:36 | 000,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2011/11/18 18:43:36 | 000,110,116 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tabletpc.cat
[2011/11/18 18:43:36 | 000,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2011/11/18 18:43:36 | 000,031,965 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mediactr.cat
[2011/11/18 18:43:36 | 000,031,281 | ---- | C] () -- C:\WINDOWS\System32\dllcache\FP4.CAT
[2011/11/18 18:43:36 | 000,013,753 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IMS.CAT
[2011/11/18 18:43:36 | 000,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2011/11/18 18:43:36 | 000,009,581 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSMSGS.CAT
[2011/11/18 18:43:36 | 000,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2011/11/18 18:43:36 | 000,007,382 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2011/11/18 18:43:36 | 000,007,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat
[2011/11/18 18:43:36 | 000,007,245 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSTSWEB.CAT
[2011/11/18 18:43:35 | 002,012,670 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5.CAT
[2011/11/18 18:43:35 | 000,502,724 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5INF.CAT
[2011/11/18 18:41:12 | 000,000,211 | -HS- | C] () -- C:\boot.ini
[2011/11/18 18:41:08 | 000,000,261 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf
[2008/05/16 14:01:00 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2008/05/16 14:01:00 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2008/05/16 14:01:00 | 001,486,848 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2008/05/16 14:01:00 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2008/05/16 14:01:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2008/05/16 14:01:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008/05/16 14:01:00 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2008/05/16 14:01:00 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2008/05/16 14:01:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2004/08/03 17:07:22 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2004/08/03 16:56:44 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[2004/08/02 06:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/07/17 03:36:38 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[2001/08/23 06:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001/08/23 06:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001/08/23 06:00:00 | 000,311,934 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001/08/23 06:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001/08/23 06:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001/08/23 06:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001/08/23 06:00:00 | 000,040,196 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001/08/23 06:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001/08/23 06:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001/08/23 06:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat

========== LOP Check ==========

[2011/11/20 03:01:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\akko baby\Application Data\Artifex Mundi
[2011/11/23 08:11:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\akko baby\Application Data\BumpkinBrothers
[2011/11/30 12:00:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\akko baby\Application Data\DMCache
[2011/11/20 02:57:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\akko baby\Application Data\GameHouse
[2011/11/30 09:51:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\akko baby\Application Data\IDM
[2011/11/25 07:40:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\akko baby\Application Data\PlayFirst
[2011/11/20 02:40:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\akko baby\Application Data\Sahmon Games
[2011/11/20 02:55:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\akko baby\Application Data\ShinyTales
[2011/11/19 14:59:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\akko baby\Application Data\Thinstall
[2011/11/22 05:41:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\akko baby\Application Data\URSoft
[2011/11/22 07:09:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\akko baby\Application Data\ValuSoft
[2011/11/20 09:15:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ErrorEND
[2011/11/20 02:57:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GameHouse
[2011/11/20 03:03:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Kristanix Games
[2011/11/22 03:00:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LightScribe
[2011/11/25 07:40:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PlayFirst
[2011/11/21 07:13:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sandlot Games
[2011/11/23 08:11:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2011/11/27 03:13:22 | 000,000,390 | ---- | M] () -- C:\WINDOWS\Tasks\ErrorEND.job
[2011/11/30 11:05:17 | 000,000,446 | ---- | M] () -- C:\WINDOWS\Tasks\RegCure Program Check.job
[2011/11/24 03:47:12 | 000,000,380 | ---- | M] () -- C:\WINDOWS\Tasks\RegCure.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 174 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1CE11B51
@Alternate Data Stream - 136 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:371A321E
@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:737EACFF
@Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D3A96964
@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D36E068F
@Alternate Data Stream - 108 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D287FACF

< End of report >
  • 0

#3
hardan

hardan

    Member

  • Topic Starter
  • Member
  • PipPip
  • 21 posts
OTL Extras logfile created on: 11/30/2011 11:45:24 AM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = G:\New Folder
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.25 Gb Total Physical Memory | 0.64 Gb Available Physical Memory | 51.59% Memory free
2.98 Gb Paging File | 2.51 Gb Available in Paging File | 84.31% Paging File free
Paging file location(s): C:\pagefile.sys 1920 3840 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 19.53 Gb Total Space | 11.92 Gb Free Space | 61.01% Space Free | Partition Type: NTFS
Drive D: | 19.53 Gb Total Space | 7.14 Gb Free Space | 36.55% Space Free | Partition Type: NTFS
Drive E: | 19.53 Gb Total Space | 2.34 Gb Free Space | 11.97% Space Free | Partition Type: NTFS
Drive F: | 19.53 Gb Total Space | 4.70 Gb Free Space | 24.06% Space Free | Partition Type: NTFS
Drive G: | 15.93 Gb Total Space | 9.28 Gb Free Space | 58.28% Space Free | Partition Type: NTFS
Drive H: | 17.73 Gb Total Space | 6.07 Gb Free Space | 34.23% Space Free | Partition Type: NTFS

Computer Name: ABC-5087E28CAFD | User Name: akko baby | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hta [@ = ] -- Reg Error: Key error. File not found
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 1
"UpdatesDisableNotify" = 1
"AntiVirusOverride" = 1
"FirewallOverride" = 1
"UacDisableNotify" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 1
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 1
"FirewallOverride" = 1
"UpdatesDisableNotify" = 1
"UacDisableNotify" = 1

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"51278:TCP" = 51278:TCP:*:Disabled:FD
"9579:TCP" = 9579:TCP:*:Enabled:wnggpq

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"uninstall_.exe" = uninstall_.exe:*:Enabled:SYSTEM

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winpxbn.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winpxbn.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\wamd.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\wamd.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winnndv.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winnndv.exe:*:Enabled:ipsec
"C:\Documents and Settings\akko baby\Application Data\69.tmp" = C:\Documents and Settings\akko baby\Application Data\69.tmp:*:C:\WINDOWS\aadrive32.exe
"D:\olgljp.exe" = D:\olgljp.exe:*:Disabled:ipsec -- ()
"C:\WINDOWS\Explorer.EXE" = C:\WINDOWS\Explorer.EXE:*:Enabled:ipsec -- (Microsoft Corporation)
"C:\Program Files\Symantec AntiVirus\VPC32.exe" = C:\Program Files\Symantec AntiVirus\VPC32.exe:*:Disabled:ipsec -- (Symantec Corporation)
"C:\Documents and Settings\akko baby\Local Settings\Temp\pnfw.exe" = C:\Documents and Settings\akko baby\Local Settings\Temp\pnfw.exe:*:Disabled:ipsec
"C:\Documents and Settings\akko baby\Application Data\36.tmp" = C:\Documents and Settings\akko baby\Application Data\36.tmp:*:C:\WINDOWS\aadrive32.exe -- ()
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winnjbfk.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winnjbfk.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winsmaxdg.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winsmaxdg.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\nqqsn.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\nqqsn.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\dgnkrn.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\dgnkrn.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winnwar.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winnwar.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winpajb.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winpajb.exe:*:Enabled:ipsec
"C:\Program Files\Internet Download Manager\IDMan.exe" = C:\Program Files\Internet Download Manager\IDMan.exe:*:Enabled:ipsec -- (Tonec Inc.)
"C:\Documents and Settings\akko baby\Local Settings\Temp\bmgxuj.exe" = C:\Documents and Settings\akko baby\Local Settings\Temp\bmgxuj.exe:*:Disabled:ipsec
"C:\Documents and Settings\akko baby\Application Data\Microsoft\Network\Connections\Cm\CONNECTB\IEXPLORE.EXE" = C:\Documents and Settings\akko baby\Application Data\Microsoft\Network\Connections\Cm\CONNECTB\IEXPLORE.EXE:*:Disabled:ipsec -- (Microsoft Corporation)
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\nbeuro.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\nbeuro.exe:*:Enabled:ipsec
"uninstall_.exe" = uninstall_.exe:*:Enabled:SYSTEM
"C:\Program Files\Norton Utilities 15\Tools\Disk Doctor\DiskDoctorSrv.exe" = C:\Program Files\Norton Utilities 15\Tools\Disk Doctor\DiskDoctorSrv.exe:*:Disabled:ipsec
"C:\Program Files\Internet Download Manager\IEMonitor.exe" = C:\Program Files\Internet Download Manager\IEMonitor.exe:*:Enabled:ipsec -- (Tonec Inc.)
"C:\Program Files\Analog Devices\SoundMAX\SMTray.exe" = C:\Program Files\Analog Devices\SoundMAX\SMTray.exe:*:Disabled:ipsec -- (Analog Devices, Inc.)
"C:\Documents and Settings\akko baby\Local Settings\Temp\skeh.exe" = C:\Documents and Settings\akko baby\Local Settings\Temp\skeh.exe:*:Disabled:ipsec
"D:\AntiFreeze\AntiFreeze.exe" = D:\AntiFreeze\AntiFreeze.exe:*:Enabled:ipsec -- (Resplendence Software Projects Sp.)
"C:\WINDOWS\SynCor.exe" = C:\WINDOWS\SynCor.exe:*:Enabled:ipsec -- (Analog Devices, Inc.)
"C:\WINDOWS\aadrive32.exe" = C:\WINDOWS\aadrive32.exe:*:Enabled:ipsec -- ()
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\cktyjt.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\cktyjt.exe:*:Enabled:ipsec
"C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" = C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe:*:Enabled:ipsec -- (Malwarebytes Corporation)
"C:\Program Files\Common Files\Symantec Shared\ccApp.exe" = C:\Program Files\Common Files\Symantec Shared\ccApp.exe:*:Enabled:ipsec -- (Symantec Corporation)
"C:\Documents and Settings\akko baby\Local Settings\Temp\winhbruta.exe" = C:\Documents and Settings\akko baby\Local Settings\Temp\winhbruta.exe:*:Disabled:ipsec
"C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" = C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe:*:Enabled:ipsec -- (Malwarebytes Corporation)
"C:\Program Files\CheckPoint\Install\Install.exe" = C:\Program Files\CheckPoint\Install\Install.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\elisx.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\elisx.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\euhrs.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\euhrs.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\mfqq.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\mfqq.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\wingwnk.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\wingwnk.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\bcnr.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\bcnr.exe:*:Enabled:ipsec
"C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.exe" = C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.exe:*:Enabled:ipsec -- (Adobe Systems Incorporated)
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winrctu.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winrctu.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winimbbvy.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winimbbvy.exe:*:Enabled:ipsec
"C:\WINDOWS\system32\userinit.exe" = C:\WINDOWS\system32\userinit.exe:*:Enabled:ipsec -- (Microsoft Corporation)
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winpluh.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winpluh.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winkjnm.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winkjnm.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winkuwbp.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winkuwbp.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winskvxm.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winskvxm.exe:*:Enabled:ipsec
"C:\Documents and Settings\akko baby\Application Data\3.tmp" = C:\Documents and Settings\akko baby\Application Data\3.tmp:*:C:\WINDOWS\aadrive32.exe -- ()
"C:\Documents and Settings\akko baby\Application Data\C.tmp" = C:\Documents and Settings\akko baby\Application Data\C.tmp:*:C:\WINDOWS\aadrive32.exe -- ()
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\adwci.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\adwci.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winebxbex.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winebxbex.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\exyrnh.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\exyrnh.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\kkudl.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\kkudl.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\ecop.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\ecop.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winbxal.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winbxal.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\qujuu.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\qujuu.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winruuja.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winruuja.exe:*:Enabled:ipsec
"C:\Documents and Settings\akko baby\Application Data\8.tmp" = C:\Documents and Settings\akko baby\Application Data\8.tmp:*:C:\WINDOWS\aadrive32.exe -- ()
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winwqwk.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winwqwk.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\sqded.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\sqded.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winijucfq.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winijucfq.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winirocok.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winirocok.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winikhk.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winikhk.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\myekuk.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\myekuk.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winbiouy.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winbiouy.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winwjeefo.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winwjeefo.exe:*:Enabled:ipsec
"C:\Documents and Settings\akko baby\Application Data\1A.tmp" = C:\Documents and Settings\akko baby\Application Data\1A.tmp:*:C:\WINDOWS\aadrive32.exe
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winivia.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winivia.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winpjnni.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winpjnni.exe:*:Enabled:ipsec
"C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-1830\zaberg.exe" = C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-1830\zaberg.exe:*:Enabled:ipsec -- ()
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\jqimmg.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\jqimmg.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winryspkc.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winryspkc.exe:*:Enabled:ipsec
"C:\Documents and Settings\akko baby\Application Data\11.tmp" = C:\Documents and Settings\akko baby\Application Data\11.tmp:*:C:\WINDOWS\aadrive32.exe
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\gvjy.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\gvjy.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winjscgbj.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winjscgbj.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winlhvxfa.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winlhvxfa.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winkpysq.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winkpysq.exe:*:Enabled:ipsec
"C:\Documents and Settings\akko baby\Application Data\10.tmp" = C:\Documents and Settings\akko baby\Application Data\10.tmp:*:C:\WINDOWS\aadrive32.exe -- ()
"C:\Documents and Settings\akko baby\Application Data\40.tmp" = C:\Documents and Settings\akko baby\Application Data\40.tmp:*:C:\WINDOWS\aadrive32.exe -- ()
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winofyks.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winofyks.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winbrfyp.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winbrfyp.exe:*:Enabled:ipsec


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{AC76BA86-7AD7-1033-7B44-A90000000001}" = Adobe Reader 9
"{DA9DAC64-C947-47BA-B411-8A1959B177CF}" = LightScribe System Software 1.14.25.1
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F5242227-2051-4158-AC42-0F2BAA3CD3D6}" = HP SetRefresh
"{FC57FC53-104C-415C-98D7-B05E659461A9}" = Broadcom NetXtreme Ethernet Controller
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"CCleaner" = CCleaner
"Connection Manager" = Microsoft Connection Manager
"Farm Mania1.0" = Farm Mania
"Internet Download Manager" = Internet Download Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.2.1300
"Mozilla Firefox 7.0.1 (x86 en-US)" = Mozilla Firefox 7.0.1 (x86 en-US)
"Nero8Lite_is1" = Nero 8 Micro 8.3.6.0
"NVIDIA Drivers" = NVIDIA Drivers
"WinRAR archiver" = WinRAR 4.01 (32-bit)

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"FolderLock6" = Folder Lock

< End of report >
  • 0

#4
ali.B

ali.B

    Trusted Helper

  • Malware Removal
  • 3,086 posts
hi

Step 1

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL
    MOD - [2011/11/30 11:22:15 | 000,086,016 | RHS- | M] () -- C:\WINDOWS\aadrive32.exe
    MOD - [2011/09/28 22:53:40 | 001,833,944 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
    SRV - File not found [On_Demand | Stopped] -- -- (MSDTC)
    SRV - [2011/11/30 11:39:48 | 000,120,083 | ---- | M] () [Auto | Running] -- C:\WINDOWS\Fonts\uninstall_.exe -- (Windows Hosts Controller)
    DRV - File not found [Kernel | System | Running] -- -- (SAVRT)
    DRV - File not found [Kernel | Unknown | Running] -- -- (amsint32)
    O4 - HKLM..\Run: [Microsoft Driver Setup] C:\WINDOWS\aadrive32.exe ()
    O4 - HKCU..\Run: [Ohmkmy] C:\Documents and Settings\akko baby\Application Data\Ohmkmy.exe File not found
    O4 - HKCU..\Run: [zaber0] C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-1830\zaberg.exe ()
    O20 - HKLM Winlogon: TaskMan - (C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-1830\zaberg.exe) -C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-1830\zaberg.exe ()
    O20 - HKCU Winlogon: Shell - (C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-1830\zaberg.exe) -C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-1830\zaberg.exe ()
    O33 - MountPoints2\{efc4cfd3-1254-11e1-9a79-806d6172696f}\Shell\AUToplaY\ComMand - "" = C:\sgtmnn.exe -- [2011/11/29 20:49:09 | 000,103,140 | ---- | M] ()
    O33 - MountPoints2\{efc4cfd3-1254-11e1-9a79-806d6172696f}\Shell\AutoRun\command - "" = C:\sgtmnn.exe -- [2011/11/29 20:49:09 | 000,103,140 | ---- | M] ()
    O33 - MountPoints2\{efc4cfd3-1254-11e1-9a79-806d6172696f}\Shell\explore\comManD - "" = C:\sgtmnn.exe -- [2011/11/29 20:49:09 | 000,103,140 | ---- | M] ()
    O33 - MountPoints2\{efc4cfd3-1254-11e1-9a79-806d6172696f}\Shell\OPen\command - "" = C:\sgtmnn.exe -- [2011/11/29 20:49:09 | 000,103,140 | ---- | M] ()
    O33 - MountPoints2\{efc4cfd4-1254-11e1-9a79-806d6172696f}\Shell\AuToplay\CommANd - "" = E:\ebuog.pif -- [2011/11/29 20:50:30 | 000,103,140 | ---- | M] ()
    O33 - MountPoints2\{efc4cfd4-1254-11e1-9a79-806d6172696f}\Shell\AutoRun\command - "" = E:\ebuog.pif -- [2011/11/29 20:50:30 | 000,103,140 | ---- | M] ()
    O33 - MountPoints2\{efc4cfd4-1254-11e1-9a79-806d6172696f}\Shell\exploRE\cOMMaNd - "" = E:\ebuog.pif -- [2011/11/29 20:50:30 | 000,103,140 | ---- | M] ()
    O33 - MountPoints2\{efc4cfd4-1254-11e1-9a79-806d6172696f}\Shell\OPen\cOmmAnd - "" = E:\ebuog.pif -- [2011/11/29 20:50:30 | 000,103,140 | ---- | M] ()
    O33 - MountPoints2\{efc4cfd7-1254-11e1-9a79-806d6172696f}\Shell\AuToPlaY\coMmand - "" = D:\olgljp.exe -- [2011/11/29 11:47:24 | 000,103,140 | ---- | M] ()
    O33 - MountPoints2\{efc4cfd7-1254-11e1-9a79-806d6172696f}\Shell\AutoRun\command - "" = D:\olgljp.exe -- [2011/11/29 11:47:24 | 000,103,140 | ---- | M] ()
    O33 - MountPoints2\{efc4cfd7-1254-11e1-9a79-806d6172696f}\Shell\eXplOrE\ComMAnd - "" = D:\olgljp.exe -- [2011/11/29 11:47:24 | 000,103,140 | ---- | M] ()
    O33 - MountPoints2\{efc4cfd7-1254-11e1-9a79-806d6172696f}\Shell\oPeN\cOmmand - "" = D:\olgljp.exe -- [2011/11/29 11:47:24 | 000,103,140 | ---- | M] ()
    O33 - MountPoints2\Z\Shell\AUToPLaY\cOMmaNd - "" = Z:\ovjd.exe
    O33 - MountPoints2\Z\Shell\AutoRun\command - "" = Z:\ovjd.exe
    O33 - MountPoints2\Z\Shell\EXplore\coMManD - "" = Z:\ovjd.exe
    O33 - MountPoints2\Z\Shell\OpEn\coMmAnd - "" = Z:\ovjd.exe
    [2011/11/30 11:49:42 | 000,045,568 | ---- | M] () -- C:\WINDOWS\System32\30.exe
    [2011/11/30 11:48:35 | 000,045,568 | ---- | M] () -- C:\WINDOWS\System32\12.exe
    [2011/11/30 11:22:15 | 000,159,744 | RHS- | M] () -- C:\WINDOWS\aadrive32.exe
    [2011/11/30 11:14:16 | 000,045,568 | ---- | M] () -- C:\WINDOWS\System32\71.exe
    [2011/11/30 11:11:26 | 000,054,016 | ---- | M] () -- C:\WINDOWS\System32\drivers\gttnlqc.sys
    [2011/11/28 12:15:17 | 000,045,568 | ---- | M] () -- C:\WINDOWS\System32\51.exe
    [2011/11/28 12:14:15 | 000,045,568 | ---- | M] () -- C:\WINDOWS\System32\45.exe
    [2011/11/28 12:08:50 | 000,045,568 | ---- | M] () -- C:\WINDOWS\System32\88.exe
    [2011/11/28 12:04:11 | 000,045,568 | ---- | M] () -- C:\WINDOWS\System32\31.exe
    [2011/11/28 12:04:08 | 000,045,568 | ---- | M] () -- C:\WINDOWS\System32\42.exe
    [2011/11/28 11:57:49 | 000,045,568 | ---- | M] () -- C:\WINDOWS\System32\70.exe
    [2011/11/28 11:45:12 | 000,093,184 | ---- | M] () -- C:\Documents and Settings\akko baby\ndghd.exe
    [2011/11/28 11:29:18 | 000,045,568 | ---- | M] () -- C:\WINDOWS\System32\60.exe
    [2011/11/28 11:25:14 | 000,045,568 | ---- | M] () -- C:\WINDOWS\System32\03.exe
    [2011/11/28 11:23:42 | 000,045,568 | ---- | M] () -- C:\WINDOWS\System32\85.exe
    [2011/11/28 04:29:54 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
    [2011/11/28 04:22:23 | 000,045,568 | ---- | M] () -- C:\WINDOWS\System32\57.exe
    [2011/11/28 04:20:32 | 000,045,568 | ---- | M] () -- C:\WINDOWS\System32\64.exe
    [2011/11/28 04:02:07 | 000,045,568 | ---- | M] () -- C:\WINDOWS\System32\82.exe
    [2011/11/28 03:42:06 | 000,045,568 | ---- | M] () -- C:\WINDOWS\System32\23.exe
    [2011/11/28 03:32:01 | 000,045,568 | ---- | M] () -- C:\WINDOWS\System32\33.exe
    [2011/11/28 03:31:29 | 000,045,568 | ---- | M] () -- C:\WINDOWS\System32\01.exe
    [2011/11/28 03:30:31 | 000,045,568 | ---- | M] () -- C:\WINDOWS\System32\56.exe
    [2011/11/28 03:21:27 | 000,045,568 | ---- | M] () -- C:\WINDOWS\System32\00.exe
    [2011/11/28 02:36:22 | 000,045,568 | ---- | M] () -- C:\WINDOWS\System32\22.exe
    [2011/11/20 15:53:55 | 000,082,432 | ---- | M] () -- C:\WINDOWS\System32\WinFLsrv.exe
    [2011/11/20 15:47:05 | 000,004,212 | -H-- | M] () -- C:\WINDOWS\System32\zllictbl.dat
    [2011/11/20 13:43:51 | 000,120,083 | ---- | M] () -- C:\WINDOWS\System32\asr_38747.exe
    [2011/11/20 13:43:47 | 000,000,081 | ---- | M] () -- C:\WINDOWS\System32\asr_oplzr
    [2011/11/20 13:27:52 | 000,184,320 | ---- | M] () -- C:\WINDOWS\System32\asr_70648.exe
    [2011/11/20 13:27:48 | 000,000,080 | ---- | M] () -- C:\WINDOWS\System32\asr_oyjvb
    [2011/11/20 12:48:34 | 000,000,081 | ---- | M] () -- C:\WINDOWS\System32\asr_yisblc
    [2011/11/19 12:35:38 | 000,180,224 | ---- | M] () -- C:\WINDOWS\System32\WinVd32.sys
    [2011/11/19 12:35:37 | 000,078,336 | ---- | M] () -- C:\WINDOWS\System32\WinFLsrv.exe.XXX
    [2011/11/19 09:04:18 | 000,120,083 | ---- | M] () -- C:\WINDOWS\System32\asr_77507.exe.XXX
    [2011/11/19 09:04:14 | 000,000,081 | ---- | M] () -- C:\WINDOWS\System32\asr_zlcte
    [2011/11/19 09:00:04 | 000,000,081 | ---- | M] () -- C:\WINDOWS\System32\asr_erthp
    [2011/11/19 16:52:03 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
    [2011/11/19 16:52:03 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
    
    :Files
    ipconfig /flushdns /c
    
    :Commands
    [purity]
    [resethosts]
    [emptytemp]
    [EMPTYFLASH]
    [Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

Step 2

Download ComboFix here :

Link 1
Link 2


* IMPORTANT !!! Save ComboFix.exe to your Desktop


  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. Here is a guide on how to disable them

    Click me

  • Double click on ComboFix.exe & follow the prompts.

  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.

  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.


Posted Image



Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Posted Image


Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt log in your next reply.


Things I would like to see in your reply:
  • OTL log
  • Combofix.txt

  • 0

#5
hardan

hardan

    Member

  • Topic Starter
  • Member
  • PipPip
  • 21 posts
Under the Custom Scans/Fixes box i paste the text or commands you gave but after that otl just hangup.its almost 3hr but no result or log file create task manager shows its not responding.can you guide me plz how much time it take?and may i do the same process again but unplug my net cable first?
  • 0

#6
ali.B

ali.B

    Trusted Helper

  • Malware Removal
  • 3,086 posts
hi

try to perform the first step again with your pc disconnected.
  • 0

#7
hardan

hardan

    Member

  • Topic Starter
  • Member
  • PipPip
  • 21 posts
i tried all this even after disconnect my net cable but nothing happen.OTL not working system just hang up.any guidence what to do now?or i formate my whole disk and reinstall window?but i need some good softwear to complete wipe my hard disk as i want to remove uninstall files also so nothing remain there....plzzzz guide me thanks in advance
  • 0

#8
hardan

hardan

    Member

  • Topic Starter
  • Member
  • PipPip
  • 21 posts
ComboFix 11-11-30.03 - akko baby 12/03/2011 13:41:48.1.1 - x86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1279.829 [GMT -8:00]
Running from: c:\documents and settings\akko baby\Desktop\ComboFix.exe
AV: Symantec AntiVirus Corporate Edition *Enabled/Outdated* {FB06448E-52B8-493A-90F3-E43226D3305C}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\autorun.inf
c:\documents and settings\akko baby\Application Data\Ohmkmy.exe
c:\documents and settings\All Users\Application Data\TEMP
c:\windows\Fonts\uninstall_.exe
c:\windows\system32\00.exe
c:\windows\system32\01.exe
c:\windows\system32\03.exe
c:\windows\system32\12.exe
c:\windows\system32\22.exe
c:\windows\system32\23.exe
c:\windows\system32\30.exe
c:\windows\system32\31.exe
c:\windows\system32\33.exe
c:\windows\system32\42.exe
c:\windows\system32\45.exe
c:\windows\system32\51.exe
c:\windows\system32\56.exe
c:\windows\system32\57.exe
c:\windows\system32\60.exe
c:\windows\system32\64.exe
c:\windows\system32\70.exe
c:\windows\system32\71.exe
c:\windows\system32\82.exe
c:\windows\system32\85.exe
c:\windows\system32\88.exe
c:\windows\system32\msssc.dll
D:\autorun.inf
E:\Autorun.inf
E:\ebuog.pif
F:\autorun.inf
G:\autorun.inf
H:\Autorun.inf
.
.
((((((((((((((((((((((((( Files Created from 2011-11-03 to 2011-12-03 )))))))))))))))))))))))))))))))
.
.
2011-12-01 19:37 . 2011-12-01 19:44 -------- d-----w- C:\fixwareout
2011-11-20 11:14 . 2011-11-20 11:14 -------- d-----w- C:\Games
2011-11-20 06:09 . 2011-11-20 06:12 -------- d-----w- C:\swsetup
2011-11-20 06:07 . 2011-11-20 06:07 -------- d-----w- C:\NVIDIA
2011-11-20 06:05 . 2011-11-20 06:05 -------- d-----w- C:\Intel
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-12-03 21:48 . 2011-12-03 21:48 103140 --sh--r- C:\dysna.pif
2011-11-19 16:55 . 2004-08-03 23:14 359040 ------w- c:\windows\system32\drivers\tcpip.sys
2011-09-29 06:53 . 2011-11-19 16:35 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2011-11-19 . 3BB4B08619C111C7BE8BDA07AA0DE6A2 . 359040 . . [5.1.2600.2180] . . c:\windows\system32\drivers\tcpip.sys
[-] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\SoftwareDistribution\Download\ad744bdeedce85bf37a096f34577ff3a\sp3qfe\tcpip.sys
[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\SoftwareDistribution\Download\ad744bdeedce85bf37a096f34577ff3a\sp3gdr\tcpip.sys
[-] 2008-06-20 . 2A5554FC5B1E04E131230E3CE035C3F9 . 360320 . . [5.1.2600.3394] . . c:\windows\SoftwareDistribution\Download\ad744bdeedce85bf37a096f34577ff3a\sp2gdr\tcpip.sys
[-] 2008-06-20 . 744E57C99232201AE98C49168B918F48 . 360960 . . [5.1.2600.3394] . . c:\windows\SoftwareDistribution\Download\ad744bdeedce85bf37a096f34577ff3a\sp2qfe\tcpip.sys
[7] 2004-08-03 . 9F4B36614A0FC234525BA224957DE55C . 359040 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\tcpip.sys
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension]
@="{CDC95B92-E27C-4745-A8C5-64A52A78855D}"
[HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}]
2011-05-30 16:50 21864 ----a-w- c:\program files\Internet Download Manager\IDMShellExt.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-08-22 2433024]
"AntiFreeze"="d:\antifreeze\AntiFreeze.exe" [2007-12-16 217600]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SetRefresh"="c:\program files\COMPAQ\SetRefresh\\SetRefresh.exe" [2003-11-21 525824]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-09-01 449608]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-16 13529088]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoSMMyPictures"= 0 (0x0)
"NoStartMenuMyMusic"= 0 (0x0)
"NoRecentDocsNetHood"= 0 (0x0)
"NoSimpleStartMenu"= 0 (0x0)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSMMyPictures"= 0 (0x0)
"NoStartMenuMyMusic"= 0 (0x0)
"NoRecentDocsNetHood"= 0 (0x0)
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Microsoft Driver Setup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2008-06-12 10:38 108400 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DrvLsnr]
2003-05-08 19:34 143360 ------w- c:\program files\Analog Devices\SoundMAX\DrvLsnr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2008-05-16 22:01 13529088 ----a-w- c:\windows\system32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2008-05-16 22:01 86016 ----a-w- c:\windows\system32\nvmctray.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2008-05-16 22:01 1703936 ----a-w- c:\windows\system32\nwiz.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-11-30 01:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
"AntiVirusDisableNotify"=dword:00000001
"FirewallDisableNotify"=dword:00000001
"FirewallOverride"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
"UacDisableNotify"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableNotifications"= 1 (0x1)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"d:\\olgljp.exe"=
"c:\\Program Files\\Symantec AntiVirus\\VPC32.exe"=
"c:\\Program Files\\Common Files\\LightScribe\\LightScribeControlPanel.exe"=
"c:\\Program Files\\Internet Download Manager\\IDMan.exe"=
"c:\\Documents and Settings\\akko baby\\Application Data\\Microsoft\\Network\\Connections\\Cm\\CONNECTB\\IEXPLORE.EXE"=
"c:\\Program Files\\Internet Download Manager\\IEMonitor.exe"=
"c:\\Program Files\\Analog Devices\\SoundMAX\\SMTray.exe"=
"d:\\AntiFreeze\\AntiFreeze.exe"=
"c:\\WINDOWS\\SynCor.exe"=
"c:\\Program Files\\Mozilla Firefox\\plugin-container.exe"=
"c:\\Program Files\\Malwarebytes' Anti-Malware\\mbam.exe"=
"c:\\Program Files\\Common Files\\Symantec Shared\\ccApp.exe"=
"c:\\Program Files\\Malwarebytes' Anti-Malware\\mbamgui.exe"=
"c:\\Program Files\\Adobe\\Reader 9.0\\Reader\\AcroRd32.exe"=
"c:\\Program Files\\Common Files\\LightScribe\\LSSrvc.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Analog Devices\\SoundMAX\\SMAgent.exe"=
"d:\\Portable VLC media player 1.1.11 Portabled by Atalay\\VLC media player.exe"=
.
R1 IDMTDI;IDMTDI;c:\windows\system32\drivers\idmtdi.sys [10/25/2011 12:22 AM 101616]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [11/20/2011 11:37 AM 366152]
R2 WinFLdrv;WinFLdrv;c:\windows\system32\WinFLdrv.sys [11/19/2011 12:35 PM 17984]
R3 amsint32;amsint32;\??\c:\windows\system32\drivers\nkmhfn.sys --> c:\windows\system32\drivers\nkmhfn.sys [?]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [11/20/2011 11:37 AM 22216]
S2 xcrlvpinb;Config Server;c:\windows\system32\svchost.exe -k netsvcs [8/3/2004 4:56 PM 14336]
S2 yxxqek;Monitor Update;c:\windows\system32\svchost.exe -k netsvcs [8/3/2004 4:56 PM 14336]
S4 SavRoam;SAVRoam;c:\program files\Symantec AntiVirus\SavRoam.exe [4/17/2005 12:30 PM 124608]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - AMSINT32
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
yxxqek
xcrlvpinb
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-08-22 22:11 529696 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Contents of the 'Scheduled Tasks' folder
.
2011-12-01 c:\windows\Tasks\ErrorEND.job
- h:\program files\ErrorEND\ErrorEND.exe [2011-03-09 12:23]
.
2011-12-03 c:\windows\Tasks\RegCure Program Check.job
- e:\program files\RegCure\RegCure.exe [2007-08-02 21:20]
.
2011-12-01 c:\windows\Tasks\RegCure.job
- e:\program files\RegCure\RegCure.exe [2007-08-02 21:20]
.
.
------- Supplementary Scan -------
.
uStart Page = about:blank

FF - ProfilePath - c:\documents and settings\akko baby\Application Data\Mozilla\Firefox\Profiles\9hzdiw44.default\
FF - prefs.js: network.proxy.type - 0
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-12-03 13:48
Windows 5.1.2600 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
AntiFreeze = d:\antifreeze\AntiFreeze.exe /splash?????????????????????????????????????????????????????????????????????????????????????????????
.
scanning hidden files ...
.
.
c:\documents and settings\akko baby\Application Data\systemfl.$dk 990 bytes
c:\windows\system32\WinFLdrv.sys 17984 bytes executable
c:\windows\system32\sys_drv.dat 12048 bytes
c:\windows\system32\sys_drv_2.dat 8032 bytes
.
scan completed successfully
hidden files: 4
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\xcrlvpinb]
"ServiceDll"="c:\windows\system32\oqhsnfc.dll"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{050c86e2-abc1-48d4-88e8-b4f5473f1c75}]
@Denied: (Full) (Everyone)
"Model"=dword:00000150
"Therad"=dword:0000000f
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):bb,bb,94,10,2c,d0,12,79,98,5d,56,70,8a,91,0d,21,c4,ed,68,c5,f2,
55,e2,03,8c,64,08,56,b9,50,78,46,d9,ae,3e,a5,8b,26,48,c1,00,00,00,00,00,00,\
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'Explorer.EXE'(1636)
c:\program files\Internet Download Manager\IDMShellExt.dll
c:\program files\Internet Download Manager\IDMNetMon.DLL
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\windows\system32\nvsvc32.exe
c:\program files\Analog Devices\SoundMAX\SMAgent.exe
.
**************************************************************************
.
Completion time: 2011-12-03 13:53:03 - machine was rebooted
ComboFix-quarantined-files.txt 2011-12-03 21:53
.
Pre-Run: 11,572,338,688 bytes free
Post-Run: 11,532,111,872 bytes free
.
WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - B47F06E469548D658688C4552C115723

Edited by hardan, 04 December 2011 - 08:31 AM.

  • 0

#9
hardan

hardan

    Member

  • Topic Starter
  • Member
  • PipPip
  • 21 posts
aswMBR version 0.9.8.986 Copyright© 2011 AVAST Software
Run date: 2011-12-03 14:40:36
-----------------------------
14:40:36.937 OS Version: Windows 5.1.2600 Service Pack 2
14:40:36.937 Number of processors: 1 586 0x207
14:40:36.937 ComputerName: ABC-5087E28CAFD UserName: akko baby
14:40:38.906 Initialize success
14:42:35.359 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-3
14:42:35.359 Disk 0 Vendor: ST380011A 3.06 Size: 76319MB BusType: 3
14:42:35.359 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP3T1L0-1b
14:42:35.359 Disk 1 Vendor: WDC_WD400BB-60DGA0 05.03E05 Size: 38166MB BusType: 3
14:42:37.390 Disk 0 MBR read successfully
14:42:37.390 Disk 0 MBR scan
14:42:37.390 Disk 0 Windows XP default MBR code
14:42:37.390 Disk 0 scanning sectors +156280320
14:42:37.484 Disk 0 scanning C:\WINDOWS\system32\drivers
14:42:50.546 Service scanning
14:42:51.625 Modules scanning
14:43:51.937 Scan finished successfully
14:45:15.796 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\akko baby\Desktop\MBR.dat"
14:45:15.812 The log file has been saved successfully to "C:\Documents and Settings\akko baby\Desktop\aswMBR.txt"
  • 0

#10
ali.B

ali.B

    Trusted Helper

  • Malware Removal
  • 3,086 posts
hi

1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

3. Open notepad and copy/paste the text in the quotebox below into it:

KillAll::

FCopy::
c:\windows\system32\dllcache\tcpip.sys | c:\windows\system32\drivers\tcpip.sys
c:\windows\system32\dllcache\tcpip.sys | c:\windows\SoftwareDistribution\Download\ad744bdeedce85bf37a096f34577ff3a\sp3qfe\tcpip.sys
c:\windows\system32\dllcache\tcpip.sys | c:\windows\SoftwareDistribution\Download\ad744bdeedce85bf37a096f34577ff3a\sp3gdr\tcpip.sys
c:\windows\system32\dllcache\tcpip.sys | c:\windows\SoftwareDistribution\Download\ad744bdeedce85bf37a096f34577ff3a\sp2gdr\tcpip.sys
c:\windows\system32\dllcache\tcpip.sys | c:\windows\SoftwareDistribution\Download\ad744bdeedce85bf37a096f34577ff3a\sp2qfe\tcpip.sys

NetSvc::
yxxqek
xcrlvpinb

Registry::
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ SharedAccess\ Parameters\FirewallPolicy\StandardProfile\ AuthorizedApplications\List]
"d:\\olgljp.exe"=-

Driver::
amsint32
WinFLdrv
xcrlvpinb
yxxqek

Rootkit::
c:\windows\system32\WinFLdrv.sys

File::
c:\documents and settings\akko baby\Application Data\systemfl.$dk
c:\windows\system32\sys_drv.dat
c:\windows\system32\sys_drv_2.dat


Save this as CFScript.txt, in the same location as ComboFix.exe


Posted Image

Refering to the picture above, drag CFScript into ComboFix.exe

When finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply.
  • 0

Advertisements


#11
hardan

hardan

    Member

  • Topic Starter
  • Member
  • PipPip
  • 21 posts
ComboFix 11-12-04.02 - akko baby 12/04/2011 7:43.3.1 - x86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1279.911 [GMT -8:00]
Running from: c:\documents and settings\akko baby\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\akko baby\Desktop\CFScript.txt
AV: Symantec AntiVirus Corporate Edition *Enabled/Outdated* {FB06448E-52B8-493A-90F3-E43226D3305C}
.
FILE ::
"c:\documents and settings\akko baby\Application Data\systemfl.$dk"
"c:\windows\system32\sys_drv.dat"
"c:\windows\system32\sys_drv_2.dat"
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\autorun.inf
C:\jnar.pif
D:\autorun.inf
D:\mdvgr.exe
E:\Autorun.inf
F:\Autorun.inf
F:\rkmpvh.pif
G:\Autorun.inf
G:\htpq.pif
H:\autorun.inf
.
---- Previous Run -------
.
C:\Autorun.inf
c:\documents and settings\akko baby\Application Data\systemfl.$dk
C:\dysna.pif
c:\windows\system32\sys_drv.dat
c:\windows\system32\sys_drv_2.dat
D:\Autorun.inf
D:\jkjm.pif
E:\autorun.inf
F:\Autorun.inf
G:\Autorun.inf
G:\lhoq.exe
H:\autorun.inf
.
.
--------------- FCopy ---------------
.
c:\windows\system32\dllcache\tcpip.sys --> c:\windows\system32\drivers\tcpip.sys
c:\windows\system32\dllcache\tcpip.sys --> c:\windows\SoftwareDistribution\Download\ad744bdeedce85bf37a096f34577ff3a\sp3qfe\tcpip.sys
c:\windows\system32\dllcache\tcpip.sys --> c:\windows\SoftwareDistribution\Download\ad744bdeedce85bf37a096f34577ff3a\sp3gdr\tcpip.sys
c:\windows\system32\dllcache\tcpip.sys --> c:\windows\SoftwareDistribution\Download\ad744bdeedce85bf37a096f34577ff3a\sp2gdr\tcpip.sys
c:\windows\system32\dllcache\tcpip.sys --> c:\windows\SoftwareDistribution\Download\ad744bdeedce85bf37a096f34577ff3a\sp2qfe\tcpip.sys
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_WINFLDRV
-------\Legacy_XCRLVPINB
-------\Legacy_YXXQEK
-------\Service_WinFLdrv
-------\Service_xcrlvpinb
-------\Service_yxxqek
-------\Legacy_AMSINT32
-------\Legacy_WINFLDRV
-------\Legacy_XCRLVPINB
-------\Legacy_YXXQEK
-------\Service_amsint32
.
.
((((((((((((((((((((((((( Files Created from 2011-11-04 to 2011-12-04 )))))))))))))))))))))))))))))))
.
.
2011-12-04 15:52 . 2011-12-04 15:52 103140 --sh--r- C:\ahdd.pif
2011-12-03 23:11 . 2011-12-03 23:11 -------- d-----w- C:\_OTL
2011-12-01 19:37 . 2011-12-01 19:44 -------- d-----w- C:\fixwareout
2011-11-20 11:14 . 2011-11-20 11:14 -------- d-----w- C:\Games
2011-11-20 06:09 . 2011-11-20 06:12 -------- d-----w- C:\swsetup
2011-11-20 06:07 . 2011-11-20 06:07 -------- d-----w- C:\NVIDIA
2011-11-20 06:05 . 2011-11-20 06:05 -------- d-----w- C:\Intel
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-12-04 15:52 . 2011-12-04 15:52 103140 --sh--r- C:\xbaglr.exe
2011-09-29 06:53 . 2011-11-19 16:35 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((( [email protected]_21.48.28 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-06-29 07:42 . 2009-06-29 07:42 91656 c:\windows\WinSxS\x86_Microsoft.MSXML2R_6bd6b9abf345378f_4.1.1.0_x-ww_2a41bceb\msxml4r.dll
+ 2004-08-04 00:56 . 2009-06-25 08:44 59392 c:\windows\system32\wdigest.dll
+ 2004-08-04 00:56 . 2009-06-12 11:50 80896 c:\windows\system32\tlntsess.exe
+ 2004-08-04 00:56 . 2009-06-12 11:50 76288 c:\windows\system32\telnet.exe
+ 2011-11-21 02:41 . 2009-01-08 02:21 26144 c:\windows\system32\spupdsvc.exe
+ 2011-11-20 06:11 . 2009-01-08 02:20 16928 c:\windows\system32\spmsg.dll
+ 2004-08-04 00:56 . 2009-06-25 08:44 56320 c:\windows\system32\secur32.dll
+ 2001-08-23 14:00 . 2009-02-06 16:54 35328 c:\windows\system32\sc.exe
+ 2004-08-04 00:56 . 2009-10-12 13:54 69632 c:\windows\system32\raschap.dll
- 2004-08-04 00:56 . 2004-08-04 00:56 69632 c:\windows\system32\raschap.dll
+ 2004-08-04 00:56 . 2009-03-08 12:31 46592 c:\windows\system32\pngfilt.dll
+ 2001-08-23 14:00 . 2011-12-04 09:04 40196 c:\windows\system32\perfc009.dat
- 2001-08-23 14:00 . 2011-11-20 00:59 40196 c:\windows\system32\perfc009.dat
+ 2009-01-08 02:20 . 2009-01-08 02:20 23552 c:\windows\system32\normaliz.dll
+ 2009-01-08 02:20 . 2009-01-08 02:20 24576 c:\windows\system32\nlsdl.dll
+ 2011-11-20 00:50 . 2008-06-12 14:16 91648 c:\windows\system32\mtxoci.dll
+ 2004-08-04 00:56 . 2008-06-12 14:16 66560 c:\windows\system32\mtxclu.dll
- 2004-08-04 00:56 . 2004-08-04 00:56 66560 c:\windows\system32\mtxclu.dll
+ 2004-08-04 00:56 . 2009-11-27 17:33 17920 c:\windows\system32\msyuv.dll
+ 2001-08-23 14:00 . 2009-11-27 16:37 28672 c:\windows\system32\msvidc32.dll
+ 2004-08-04 00:56 . 2009-11-27 16:37 11264 c:\windows\system32\msrle32.dll
- 2004-08-04 00:56 . 2004-08-04 00:56 11264 c:\windows\system32\msrle32.dll
+ 2004-08-04 00:56 . 2009-03-08 12:31 48128 c:\windows\system32\mshtmler.dll
+ 2004-08-04 00:56 . 2009-03-08 12:31 66560 c:\windows\system32\mshtmled.dll
+ 2004-08-04 00:56 . 2009-03-08 12:31 45568 c:\windows\system32\mshta.exe
+ 2009-03-08 12:31 . 2009-03-08 12:31 13312 c:\windows\system32\msfeedssync.exe
+ 2009-03-08 12:31 . 2010-05-06 10:41 55296 c:\windows\system32\msfeedsbs.dll
- 2011-11-20 00:50 . 2004-08-04 00:56 58880 c:\windows\system32\msdtclog.dll
+ 2011-11-20 00:50 . 2008-06-12 14:16 58880 c:\windows\system32\msdtclog.dll
+ 2004-08-04 00:56 . 2008-06-24 16:23 74240 c:\windows\system32\mscms.dll
+ 2004-08-04 00:56 . 2009-09-04 20:45 58880 c:\windows\system32\msasn1.dll
+ 2004-08-04 00:56 . 2009-06-25 18:36 48640 c:\windows\system32\mqupgrd.dll
- 2004-08-04 00:56 . 2004-08-04 00:56 48640 c:\windows\system32\mqupgrd.dll
- 2004-08-04 00:56 . 2004-08-04 00:56 95744 c:\windows\system32\mqsec.dll
+ 2004-08-04 00:56 . 2009-06-25 18:36 95744 c:\windows\system32\mqsec.dll
+ 2004-08-04 00:56 . 2009-06-25 18:36 16896 c:\windows\system32\mqise.dll
- 2004-08-04 00:56 . 2004-08-04 00:56 16896 c:\windows\system32\mqise.dll
- 2004-08-04 00:56 . 2004-08-04 00:56 47104 c:\windows\system32\mqdscli.dll
+ 2004-08-04 00:56 . 2009-06-25 18:36 47104 c:\windows\system32\mqdscli.dll
- 2004-08-04 00:56 . 2004-08-04 00:56 19968 c:\windows\system32\mqbkup.exe
+ 2004-08-04 00:56 . 2009-06-22 11:49 19968 c:\windows\system32\mqbkup.exe
+ 2004-08-04 00:56 . 2009-03-08 12:34 43008 c:\windows\system32\licmgr10.dll
+ 2004-08-04 00:56 . 2010-05-06 10:41 25600 c:\windows\system32\jsproxy.dll
+ 2004-08-04 00:56 . 2009-11-27 16:37 48128 c:\windows\system32\iyuv_32.dll
+ 2004-08-04 00:56 . 2009-03-08 12:32 94720 c:\windows\system32\inseng.dll
+ 2004-08-04 00:56 . 2009-03-08 12:31 34816 c:\windows\system32\imgutil.dll
+ 2009-03-08 12:32 . 2009-03-08 12:32 36864 c:\windows\system32\ieudinit.exe
+ 2004-08-04 00:56 . 2009-03-08 12:32 71680 c:\windows\system32\iesetup.dll
+ 2004-08-04 00:56 . 2009-03-08 12:32 55808 c:\windows\system32\iernonce.dll
+ 2009-01-08 02:20 . 2009-01-08 02:20 26112 c:\windows\system32\idndl.dll
+ 2009-03-08 12:31 . 2009-03-08 12:31 59904 c:\windows\system32\icardie.dll
+ 2001-08-23 14:00 . 2009-10-15 17:21 82432 c:\windows\system32\fontsub.dll
- 2011-12-01 07:53 . 2011-12-01 07:53 90296 c:\windows\system32\FNTCACHE.DAT
+ 2011-12-01 07:53 . 2011-12-04 07:42 90296 c:\windows\system32\FNTCACHE.DAT
- 2004-08-04 00:56 . 2004-08-04 00:56 55808 c:\windows\system32\extmgr.dll
+ 2004-08-04 00:56 . 2010-04-16 15:36 55808 c:\windows\system32\extmgr.dll
+ 2004-08-03 22:58 . 2009-06-22 11:48 91776 c:\windows\system32\drivers\mqac.sys
+ 2004-08-03 22:59 . 2009-06-22 11:34 92544 c:\windows\system32\drivers\ksecdd.sys
+ 2011-12-04 14:40 . 2010-05-06 10:41 12800 c:\windows\system32\dllcache\xpshims.dll
+ 2004-08-04 00:56 . 2009-06-25 08:44 59392 c:\windows\system32\dllcache\wdigest.dll
+ 2004-08-04 00:56 . 2009-06-12 11:50 80896 c:\windows\system32\dllcache\tlntsess.exe
+ 2004-08-04 00:56 . 2009-06-12 11:50 76288 c:\windows\system32\dllcache\telnet.exe
+ 2004-08-04 00:56 . 2009-06-25 08:44 56320 c:\windows\system32\dllcache\secur32.dll
+ 2001-08-23 14:00 . 2009-02-06 16:54 35328 c:\windows\system32\dllcache\sc.exe
+ 2004-08-04 00:56 . 2009-10-12 13:54 69632 c:\windows\system32\dllcache\raschap.dll
- 2004-08-04 00:56 . 2004-08-04 00:56 69632 c:\windows\system32\dllcache\raschap.dll
+ 2004-08-04 00:56 . 2009-03-08 12:31 46592 c:\windows\system32\dllcache\pngfilt.dll
+ 2011-11-20 00:50 . 2008-06-12 14:16 91648 c:\windows\system32\dllcache\mtxoci.dll
+ 2004-08-04 00:56 . 2008-06-12 14:16 66560 c:\windows\system32\dllcache\mtxclu.dll
- 2004-08-04 00:56 . 2004-08-04 00:56 66560 c:\windows\system32\dllcache\mtxclu.dll
+ 2009-11-27 17:33 . 2009-11-27 17:33 17920 c:\windows\system32\dllcache\msyuv.dll
+ 2001-08-23 14:00 . 2009-11-27 16:37 28672 c:\windows\system32\dllcache\msvidc32.dll
+ 2004-08-04 00:56 . 2009-11-27 16:37 11264 c:\windows\system32\dllcache\msrle32.dll
- 2004-08-04 00:56 . 2004-08-04 00:56 11264 c:\windows\system32\dllcache\msrle32.dll
+ 2004-08-04 00:56 . 2009-03-08 12:31 48128 c:\windows\system32\dllcache\mshtmler.dll
+ 2004-08-04 00:56 . 2009-03-08 12:31 66560 c:\windows\system32\dllcache\mshtmled.dll
+ 2004-08-04 00:56 . 2009-03-08 12:31 45568 c:\windows\system32\dllcache\mshta.exe
+ 2011-12-04 14:40 . 2010-05-06 10:41 55296 c:\windows\system32\dllcache\msfeedsbs.dll
- 2011-11-20 00:50 . 2004-08-04 00:56 58880 c:\windows\system32\dllcache\msdtclog.dll
+ 2011-11-20 00:50 . 2008-06-12 14:16 58880 c:\windows\system32\dllcache\msdtclog.dll
+ 2004-08-04 00:56 . 2008-06-24 16:23 74240 c:\windows\system32\dllcache\mscms.dll
+ 2004-08-04 00:56 . 2009-09-04 20:45 58880 c:\windows\system32\dllcache\msasn1.dll
+ 2004-08-04 00:56 . 2009-06-25 18:36 48640 c:\windows\system32\dllcache\mqupgrd.dll
- 2004-08-04 00:56 . 2004-08-04 00:56 48640 c:\windows\system32\dllcache\mqupgrd.dll
- 2004-08-04 00:56 . 2004-08-04 00:56 95744 c:\windows\system32\dllcache\mqsec.dll
+ 2004-08-04 00:56 . 2009-06-25 18:36 95744 c:\windows\system32\dllcache\mqsec.dll
+ 2004-08-04 00:56 . 2009-06-25 18:36 16896 c:\windows\system32\dllcache\mqise.dll
- 2004-08-04 00:56 . 2004-08-04 00:56 16896 c:\windows\system32\dllcache\mqise.dll
+ 2004-08-04 00:56 . 2009-06-25 18:36 47104 c:\windows\system32\dllcache\mqdscli.dll
- 2004-08-04 00:56 . 2004-08-04 00:56 47104 c:\windows\system32\dllcache\mqdscli.dll
+ 2004-08-04 00:56 . 2009-06-22 11:49 19968 c:\windows\system32\dllcache\mqbkup.exe
- 2004-08-04 00:56 . 2004-08-04 00:56 19968 c:\windows\system32\dllcache\mqbkup.exe
+ 2004-08-03 22:58 . 2009-06-22 11:48 91776 c:\windows\system32\dllcache\mqac.sys
+ 2004-08-04 00:56 . 2009-03-08 12:34 43008 c:\windows\system32\dllcache\licmgr10.dll
+ 2004-08-03 22:59 . 2009-06-22 11:34 92544 c:\windows\system32\dllcache\ksecdd.sys
+ 2004-08-04 00:56 . 2010-05-06 10:41 25600 c:\windows\system32\dllcache\jsproxy.dll
+ 2009-11-27 16:37 . 2009-11-27 16:37 48128 c:\windows\system32\dllcache\iyuv_32.dll
+ 2004-08-04 00:56 . 2009-03-08 12:32 94720 c:\windows\system32\dllcache\inseng.dll
+ 2004-08-04 00:56 . 2009-03-08 12:31 34816 c:\windows\system32\dllcache\imgutil.dll
+ 2004-08-04 00:56 . 2009-03-08 12:32 71680 c:\windows\system32\dllcache\iesetup.dll
+ 2004-08-04 00:56 . 2009-03-08 12:32 55808 c:\windows\system32\dllcache\iernonce.dll
+ 2011-11-20 00:51 . 2010-04-16 13:36 18432 c:\windows\system32\dllcache\iedw.exe
- 2011-11-20 00:51 . 2004-08-04 00:56 18432 c:\windows\system32\dllcache\iedw.exe
+ 2011-11-20 00:51 . 2009-03-08 12:24 68608 c:\windows\system32\dllcache\hmmapi.dll
+ 2001-08-23 14:00 . 2009-10-15 17:21 82432 c:\windows\system32\dllcache\fontsub.dll
- 2004-08-04 00:56 . 2004-08-04 00:56 55808 c:\windows\system32\dllcache\extmgr.dll
+ 2004-08-04 00:56 . 2010-04-16 15:36 55808 c:\windows\system32\dllcache\extmgr.dll
+ 2004-08-04 00:56 . 2009-12-14 07:35 33280 c:\windows\system32\dllcache\csrsrv.dll
+ 2004-08-04 00:56 . 2009-03-08 12:33 18944 c:\windows\system32\dllcache\corpol.dll
+ 2011-11-20 00:50 . 2005-07-26 04:39 60416 c:\windows\system32\dllcache\colbact.dll
- 2004-08-04 00:56 . 2004-08-04 00:56 84992 c:\windows\system32\dllcache\avifil32.dll
+ 2004-08-04 00:56 . 2009-11-27 16:37 84992 c:\windows\system32\dllcache\avifil32.dll
+ 2004-08-04 00:56 . 2009-07-17 18:55 58880 c:\windows\system32\dllcache\atl.dll
- 2004-08-04 00:56 . 2004-08-04 00:56 58880 c:\windows\system32\dllcache\atl.dll
+ 2004-08-04 00:56 . 2010-03-05 14:57 65536 c:\windows\system32\dllcache\asycfilt.dll
+ 2004-08-04 00:56 . 2009-03-08 12:32 72704 c:\windows\system32\dllcache\admparse.dll
+ 2004-08-04 00:56 . 2009-12-14 07:35 33280 c:\windows\system32\csrsrv.dll
+ 2004-08-04 00:56 . 2009-03-08 12:33 18944 c:\windows\system32\corpol.dll
+ 2011-11-20 00:50 . 2005-07-26 04:39 60416 c:\windows\system32\colbact.dll
- 2004-08-04 00:56 . 2004-08-04 00:56 84992 c:\windows\system32\avifil32.dll
+ 2004-08-04 00:56 . 2009-11-27 16:37 84992 c:\windows\system32\avifil32.dll
- 2004-08-04 00:56 . 2004-08-04 00:56 58880 c:\windows\system32\atl.dll
+ 2004-08-04 00:56 . 2009-07-17 18:55 58880 c:\windows\system32\atl.dll
+ 2004-08-04 00:56 . 2010-03-05 14:57 65536 c:\windows\system32\asycfilt.dll
+ 2004-08-04 00:56 . 2009-03-08 12:32 72704 c:\windows\system32\admparse.dll
+ 2011-12-03 22:15 . 2011-12-03 22:15 32768 c:\windows\Installer\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}\icon.exe
+ 2011-12-04 14:40 . 2009-03-08 12:33 12288 c:\windows\ie8updates\KB982381-IE8\xpshims.dll
+ 2011-12-04 14:40 . 2009-03-08 12:31 55296 c:\windows\ie8updates\KB982381-IE8\msfeedsbs.dll
+ 2011-12-04 14:40 . 2009-03-08 12:33 25600 c:\windows\ie8updates\KB982381-IE8\jsproxy.dll
+ 2011-12-04 14:38 . 2004-08-04 00:56 37888 c:\windows\ie8\url.dll
+ 2011-12-04 14:39 . 2009-03-08 22:23 58464 c:\windows\ie8\spuninst\iecustom.dll
+ 2011-12-04 14:38 . 2010-04-16 15:36 39424 c:\windows\ie8\pngfilt.dll
+ 2011-12-04 14:38 . 2004-08-04 00:56 96256 c:\windows\ie8\occache.dll
+ 2011-12-04 14:38 . 2004-08-04 00:56 56832 c:\windows\ie8\mshtmler.dll
+ 2011-12-04 14:38 . 2004-08-04 00:56 29184 c:\windows\ie8\mshta.exe
+ 2011-12-04 14:38 . 2004-08-04 00:56 22016 c:\windows\ie8\licmgr10.dll
+ 2011-12-04 14:38 . 2010-04-16 15:36 16384 c:\windows\ie8\jsproxy.dll
+ 2011-12-04 14:38 . 2010-04-16 15:36 96256 c:\windows\ie8\inseng.dll
+ 2011-12-04 14:38 . 2004-08-04 00:56 35840 c:\windows\ie8\imgutil.dll
+ 2011-12-04 14:38 . 2004-08-04 00:56 93184 c:\windows\ie8\iexplore.exe
+ 2011-12-04 14:38 . 2004-08-04 00:56 62976 c:\windows\ie8\iesetup.dll
+ 2011-12-04 14:38 . 2004-08-04 00:56 48640 c:\windows\ie8\iernonce.dll
+ 2011-12-04 14:38 . 2010-04-16 15:36 81920 c:\windows\ie8\ieencode.dll
+ 2011-12-04 14:38 . 2004-08-04 00:56 34304 c:\windows\ie8\ie4uinit.exe
+ 2011-12-04 14:38 . 2004-08-04 00:56 38912 c:\windows\ie8\hmmapi.dll
+ 2011-12-04 14:38 . 2004-08-04 00:56 35328 c:\windows\ie8\corpol.dll
+ 2011-12-04 14:38 . 2004-08-04 00:56 99840 c:\windows\ie8\advpack.dll
+ 2011-12-04 14:38 . 2004-08-04 00:56 61440 c:\windows\ie8\admparse.dll
+ 2009-11-27 17:33 . 2009-11-27 17:33 17920 c:\windows\Driver Cache\i386\msyuv.dll
+ 2009-11-27 16:37 . 2009-11-27 16:37 48128 c:\windows\Driver Cache\i386\iyuv_32.dll
+ 2001-08-17 22:36 . 2009-11-27 16:37 8704 c:\windows\system32\tsbyuv.dll
+ 2004-08-04 00:56 . 2009-06-22 11:49 4608 c:\windows\system32\mqsvc.exe
- 2004-08-04 00:56 . 2004-08-04 00:56 4608 c:\windows\system32\mqsvc.exe
+ 2009-11-27 16:37 . 2009-11-27 16:37 8704 c:\windows\system32\dllcache\tsbyuv.dll
+ 2004-08-04 00:56 . 2009-06-22 11:49 4608 c:\windows\system32\dllcache\mqsvc.exe
- 2004-08-04 00:56 . 2004-08-04 00:56 4608 c:\windows\system32\dllcache\mqsvc.exe
+ 2009-11-27 16:37 . 2009-11-27 16:37 8704 c:\windows\Driver Cache\i386\tsbyuv.dll
+ 2011-12-03 22:41 . 2010-04-16 13:21 352768 c:\windows\system32\xpsp3res.dll
+ 2009-01-08 02:21 . 2009-01-08 02:21 121856 c:\windows\system32\xmllite.dll
+ 2004-08-04 00:56 . 2009-04-03 20:15 485376 c:\windows\system32\wmspdmod.dll
- 2004-08-04 00:56 . 2004-08-04 00:56 233472 c:\windows\system32\wmpdxm.dll
+ 2004-08-04 00:56 . 2009-07-13 10:18 233472 c:\windows\system32\wmpdxm.dll
+ 2004-08-04 00:56 . 2009-06-10 06:32 132096 c:\windows\system32\wkssvc.dll
- 2004-08-04 00:56 . 2004-08-04 00:56 132096 c:\windows\system32\wkssvc.dll
+ 2004-08-04 00:56 . 2010-05-06 10:41 916480 c:\windows\system32\wininet.dll
+ 2004-08-04 00:56 . 2008-12-16 12:47 351232 c:\windows\system32\winhttp.dll
- 2004-08-04 00:56 . 2004-08-04 00:56 351232 c:\windows\system32\winhttp.dll
+ 2009-03-08 12:34 . 2009-03-08 12:34 208384 c:\windows\system32\WinFXDocObj.exe
+ 2004-08-04 00:56 . 2009-03-08 12:34 236544 c:\windows\system32\webcheck.dll
+ 2011-11-20 00:49 . 2009-02-06 16:39 227840 c:\windows\system32\wbem\wmiprvse.exe
+ 2011-11-20 00:49 . 2009-02-09 10:20 453120 c:\windows\system32\wbem\wmiprvsd.dll
+ 2011-11-20 00:49 . 2009-02-09 10:20 473088 c:\windows\system32\wbem\fastprox.dll
+ 2004-08-04 00:56 . 2009-03-08 12:33 420352 c:\windows\system32\vbscript.dll
+ 2004-08-04 00:56 . 2009-03-08 12:34 105984 c:\windows\system32\url.dll
+ 2004-08-04 00:56 . 2009-10-16 06:51 119808 c:\windows\system32\t2embed.dll
+ 2004-08-04 00:56 . 2009-08-26 08:16 247326 c:\windows\system32\strmdll.dll
+ 2004-08-04 00:56 . 2010-04-16 15:36 474112 c:\windows\system32\shlwapi.dll
+ 2004-08-04 00:56 . 2009-06-25 18:36 169472 c:\windows\system32\Setup\msmqocm.dll
+ 2004-08-04 00:56 . 2009-02-06 17:14 110592 c:\windows\system32\services.exe
+ 2004-08-04 00:56 . 2009-06-25 08:44 168448 c:\windows\system32\schannel.dll
+ 2004-08-04 00:56 . 2009-02-09 10:20 399360 c:\windows\system32\rpcss.dll
+ 2004-08-04 00:56 . 2009-04-15 15:11 584192 c:\windows\system32\rpcrt4.dll
- 2004-08-04 00:56 . 2004-08-04 00:56 112128 c:\windows\system32\rastls.dll
+ 2004-08-04 00:56 . 2009-10-12 13:54 112128 c:\windows\system32\rastls.dll
- 2001-08-23 14:00 . 2011-11-20 00:59 311934 c:\windows\system32\perfh009.dat
+ 2001-08-23 14:00 . 2011-12-04 09:04 311934 c:\windows\system32\perfh009.dat
- 2004-08-04 00:56 . 2004-08-04 00:56 283648 c:\windows\system32\pdh.dll
+ 2004-08-04 00:56 . 2009-03-06 14:44 283648 c:\windows\system32\pdh.dll
+ 2004-08-04 00:56 . 2010-05-06 10:41 206848 c:\windows\system32\occache.dll
+ 2004-08-04 00:56 . 2009-10-13 10:53 266752 c:\windows\system32\oakley.dll
- 2004-08-04 00:56 . 2004-08-04 00:56 266752 c:\windows\system32\oakley.dll
+ 2004-08-04 00:56 . 2009-02-09 10:20 714752 c:\windows\system32\ntdll.dll
+ 2004-08-04 00:56 . 2008-06-20 17:41 245248 c:\windows\system32\mswsock.dll
- 2004-08-04 00:56 . 2004-08-04 00:56 245248 c:\windows\system32\mswsock.dll
+ 2004-08-04 00:56 . 2009-08-05 09:11 204800 c:\windows\system32\mswebdvd.dll
+ 2004-08-04 00:56 . 2009-09-11 14:33 133632 c:\windows\system32\msv1_0.dll
+ 2011-11-20 00:50 . 2009-06-05 07:42 655872 c:\windows\system32\mstscax.dll
+ 2004-08-04 00:56 . 2010-05-06 10:41 611840 c:\windows\system32\mstime.dll
+ 2004-08-04 00:56 . 2009-03-08 12:34 193536 c:\windows\system32\msrating.dll
+ 2011-11-20 00:50 . 2009-12-16 12:58 343040 c:\windows\system32\mspaint.exe
- 2011-11-20 00:50 . 2004-08-04 00:56 343040 c:\windows\system32\mspaint.exe
+ 2001-08-23 14:00 . 2009-03-08 12:22 156160 c:\windows\system32\msls31.dll
+ 2009-03-08 12:32 . 2010-05-06 10:41 599040 c:\windows\system32\msfeeds.dll
+ 2011-11-20 00:50 . 2008-06-12 14:16 161792 c:\windows\system32\msdtcuiu.dll
+ 2011-11-20 00:50 . 2008-06-12 14:16 956928 c:\windows\system32\msdtctm.dll
+ 2011-11-20 00:50 . 2008-06-12 14:16 428032 c:\windows\system32\msdtcprx.dll
+ 2009-01-08 02:20 . 2009-01-08 02:20 265720 c:\windows\system32\msdbg2.dll
+ 2004-08-04 00:56 . 2009-06-25 18:36 471552 c:\windows\system32\mqutil.dll
- 2004-08-04 00:56 . 2004-08-04 00:56 471552 c:\windows\system32\mqutil.dll
- 2004-08-04 00:56 . 2004-08-04 00:56 186880 c:\windows\system32\mqtrig.dll
+ 2004-08-04 00:56 . 2009-06-25 18:36 186880 c:\windows\system32\mqtrig.dll
+ 2004-08-04 00:56 . 2009-06-22 11:49 117248 c:\windows\system32\mqtgsvc.exe
- 2004-08-04 00:56 . 2004-08-04 00:56 117248 c:\windows\system32\mqtgsvc.exe
+ 2004-08-04 00:56 . 2009-06-25 18:36 517120 c:\windows\system32\mqsnap.dll
- 2004-08-04 00:56 . 2004-08-04 00:56 123392 c:\windows\system32\mqrtdep.dll
+ 2004-08-04 00:56 . 2009-06-25 18:36 123392 c:\windows\system32\mqrtdep.dll
- 2004-08-04 00:56 . 2004-08-04 00:56 177152 c:\windows\system32\mqrt.dll
+ 2004-08-04 00:56 . 2009-06-25 18:36 177152 c:\windows\system32\mqrt.dll
+ 2004-08-04 00:56 . 2009-06-25 18:36 661504 c:\windows\system32\mqqm.dll
+ 2004-08-04 00:56 . 2009-06-25 18:36 225280 c:\windows\system32\mqoa.dll
- 2004-08-04 00:56 . 2004-08-04 00:56 225280 c:\windows\system32\mqoa.dll
- 2004-08-04 00:56 . 2004-08-04 00:56 138240 c:\windows\system32\mqad.dll
+ 2004-08-04 00:56 . 2009-06-25 18:36 138240 c:\windows\system32\mqad.dll
+ 2004-08-04 00:56 . 2009-06-25 08:44 724480 c:\windows\system32\lsasrv.dll
+ 2004-08-04 00:56 . 2008-06-10 09:31 103936 c:\windows\system32\logagent.exe
- 2004-08-04 00:56 . 2004-08-04 00:56 103936 c:\windows\system32\logagent.exe
+ 2004-08-04 00:56 . 2009-05-07 15:44 344064 c:\windows\system32\localspl.dll
+ 2004-08-04 00:56 . 2009-03-21 14:18 986112 c:\windows\system32\kernel32.dll
+ 2004-08-04 00:56 . 2009-06-25 08:44 298496 c:\windows\system32\kerberos.dll
+ 2011-12-04 11:01 . 2009-03-11 06:18 453512 c:\windows\system32\KB905474\wgasetup.exe
+ 2004-08-04 00:56 . 2009-03-08 12:33 726528 c:\windows\system32\jscript.dll
+ 2011-11-20 00:51 . 2010-01-29 15:08 683520 c:\windows\system32\inetcomm.dll
+ 2009-03-08 12:22 . 2009-03-08 12:22 164352 c:\windows\system32\ieui.dll
+ 2004-08-04 00:56 . 2010-05-06 10:41 184320 c:\windows\system32\iepeers.dll
+ 2004-08-04 00:56 . 2010-05-06 10:41 387584 c:\windows\system32\iedkcs32.dll
+ 2009-03-08 12:11 . 2009-03-08 12:11 445952 c:\windows\system32\ieapfltr.dll
+ 2001-08-23 14:00 . 2009-03-08 12:32 163840 c:\windows\system32\ieakui.dll
+ 2004-08-04 00:56 . 2009-03-08 12:33 229376 c:\windows\system32\ieaksie.dll
+ 2004-08-04 00:56 . 2009-03-08 12:33 125952 c:\windows\system32\ieakeng.dll
+ 2004-08-04 00:56 . 2010-05-05 13:30 173056 c:\windows\system32\ie4uinit.exe
+ 2004-08-04 00:56 . 2008-10-23 13:01 283648 c:\windows\system32\gdi32.dll
+ 2004-08-04 00:56 . 2008-07-07 20:32 253952 c:\windows\system32\es.dll
+ 2004-08-04 00:56 . 2009-03-08 12:31 216064 c:\windows\system32\dxtrans.dll
+ 2004-08-04 00:56 . 2009-03-08 12:31 348160 c:\windows\system32\dxtmsft.dll
+ 2004-08-03 23:07 . 2010-02-11 12:01 226880 c:\windows\system32\drivers\tcpip6.sys
+ 2004-08-03 23:14 . 2009-12-31 16:14 352640 c:\windows\system32\drivers\srv.sys
+ 2004-08-03 23:15 . 2010-02-24 12:31 454016 c:\windows\system32\drivers\mrxsmb.sys
+ 2011-12-03 22:50 . 2008-06-13 13:10 272128 c:\windows\system32\drivers\bthport.sys
+ 2004-08-03 23:14 . 2008-08-14 09:51 138368 c:\windows\system32\drivers\afd.sys
+ 2004-08-04 00:56 . 2008-06-20 17:41 148992 c:\windows\system32\dnsapi.dll
+ 2011-11-20 00:50 . 2008-04-21 10:02 215552 c:\windows\system32\dllcache\wordpad.exe
+ 2004-08-04 00:56 . 2009-04-03 20:15 485376 c:\windows\system32\dllcache\wmspdmod.dll
- 2004-08-04 00:56 . 2004-08-04 00:56 233472 c:\windows\system32\dllcache\wmpdxm.dll
+ 2004-08-04 00:56 . 2009-07-13 10:18 233472 c:\windows\system32\dllcache\wmpdxm.dll
+ 2011-11-20 00:49 . 2009-02-06 16:39 227840 c:\windows\system32\dllcache\wmiprvse.exe
+ 2011-11-20 00:49 . 2009-02-09 10:20 453120 c:\windows\system32\dllcache\wmiprvsd.dll
+ 2004-08-04 00:56 . 2009-06-10 06:32 132096 c:\windows\system32\dllcache\wkssvc.dll
- 2004-08-04 00:56 . 2004-08-04 00:56 132096 c:\windows\system32\dllcache\wkssvc.dll
+ 2004-08-04 00:56 . 2010-05-06 10:41 916480 c:\windows\system32\dllcache\wininet.dll
- 2004-08-04 00:56 . 2004-08-04 00:56 351232 c:\windows\system32\dllcache\winhttp.dll
+ 2004-08-04 00:56 . 2008-12-16 12:47 351232 c:\windows\system32\dllcache\winhttp.dll
+ 2004-08-04 00:56 . 2009-03-08 12:34 236544 c:\windows\system32\dllcache\webcheck.dll
+ 2011-11-20 00:51 . 2009-03-08 12:33 759296 c:\windows\system32\dllcache\VGX.dll
+ 2004-08-04 00:56 . 2009-03-08 12:33 420352 c:\windows\system32\dllcache\vbscript.dll
+ 2004-08-04 00:56 . 2009-03-08 12:34 105984 c:\windows\system32\dllcache\url.dll
+ 2011-11-20 00:51 . 2009-06-21 22:04 153088 c:\windows\system32\dllcache\triedit.dll
- 2011-11-20 00:51 . 2004-08-04 00:56 153088 c:\windows\system32\dllcache\triedit.dll
+ 2004-08-03 23:07 . 2010-02-11 12:01 226880 c:\windows\system32\dllcache\tcpip6.sys
+ 2004-08-03 23:14 . 2008-06-20 10:45 360320 c:\windows\system32\dllcache\tcpip.sys
+ 2004-08-04 00:56 . 2009-10-16 06:51 119808 c:\windows\system32\dllcache\t2embed.dll
+ 2004-08-04 00:56 . 2009-08-26 08:16 247326 c:\windows\system32\dllcache\strmdll.dll
+ 2004-08-03 23:14 . 2009-12-31 16:14 352640 c:\windows\system32\dllcache\srv.sys
+ 2009-01-08 02:20 . 2009-01-08 02:20 134144 c:\windows\system32\dllcache\sqmapi.dll
+ 2004-08-04 00:56 . 2010-04-16 15:36 474112 c:\windows\system32\dllcache\shlwapi.dll
+ 2004-08-04 00:56 . 2009-02-06 17:14 110592 c:\windows\system32\dllcache\services.exe
+ 2004-08-04 00:56 . 2009-06-25 08:44 168448 c:\windows\system32\dllcache\schannel.dll
+ 2004-08-04 00:56 . 2009-02-09 10:20 399360 c:\windows\system32\dllcache\rpcss.dll
+ 2004-08-04 00:56 . 2009-04-15 15:11 584192 c:\windows\system32\dllcache\rpcrt4.dll
- 2004-08-04 00:56 . 2004-08-04 00:56 112128 c:\windows\system32\dllcache\rastls.dll
+ 2004-08-04 00:56 . 2009-10-12 13:54 112128 c:\windows\system32\dllcache\rastls.dll
+ 2004-08-04 00:56 . 2009-03-06 14:44 283648 c:\windows\system32\dllcache\pdh.dll
- 2004-08-04 00:56 . 2004-08-04 00:56 283648 c:\windows\system32\dllcache\pdh.dll
+ 2004-08-04 00:56 . 2010-05-06 10:41 206848 c:\windows\system32\dllcache\occache.dll
- 2004-08-04 00:56 . 2004-08-04 00:56 266752 c:\windows\system32\dllcache\oakley.dll
+ 2004-08-04 00:56 . 2009-10-13 10:53 266752 c:\windows\system32\dllcache\oakley.dll
+ 2004-08-04 00:56 . 2009-02-09 10:20 714752 c:\windows\system32\dllcache\ntdll.dll
+ 2004-08-04 00:56 . 2008-06-20 17:41 245248 c:\windows\system32\dllcache\mswsock.dll
- 2004-08-04 00:56 . 2004-08-04 00:56 245248 c:\windows\system32\dllcache\mswsock.dll
+ 2004-08-04 00:56 . 2009-08-05 09:11 204800 c:\windows\system32\dllcache\mswebdvd.dll
+ 2004-08-04 00:56 . 2009-09-11 14:33 133632 c:\windows\system32\dllcache\msv1_0.dll
+ 2011-11-20 00:50 . 2009-06-05 07:42 655872 c:\windows\system32\dllcache\mstscax.dll
+ 2004-08-04 00:56 . 2010-05-06 10:41 611840 c:\windows\system32\dllcache\mstime.dll
+ 2004-08-04 00:56 . 2009-03-08 12:34 193536 c:\windows\system32\dllcache\msrating.dll
+ 2011-11-20 00:50 . 2009-12-16 12:58 343040 c:\windows\system32\dllcache\mspaint.exe
- 2011-11-20 00:50 . 2004-08-04 00:56 343040 c:\windows\system32\dllcache\mspaint.exe
+ 2004-08-04 00:56 . 2009-06-25 18:36 169472 c:\windows\system32\dllcache\msmqocm.dll
+ 2001-08-23 14:00 . 2009-03-08 12:22 156160 c:\windows\system32\dllcache\msls31.dll
+ 2011-12-04 14:40 . 2010-05-06 10:41 599040 c:\windows\system32\dllcache\msfeeds.dll
+ 2011-11-20 00:50 . 2008-06-12 14:16 161792 c:\windows\system32\dllcache\msdtcuiu.dll
+ 2011-11-20 00:50 . 2008-06-12 14:16 956928 c:\windows\system32\dllcache\msdtctm.dll
+ 2011-11-20 00:50 . 2008-06-12 14:16 428032 c:\windows\system32\dllcache\msdtcprx.dll
+ 2011-12-03 22:40 . 2010-02-24 12:31 454016 c:\windows\system32\dllcache\mrxsmb.sys
- 2004-08-04 00:56 . 2004-08-04 00:56 471552 c:\windows\system32\dllcache\mqutil.dll
+ 2004-08-04 00:56 . 2009-06-25 18:36 471552 c:\windows\system32\dllcache\mqutil.dll
+ 2004-08-04 00:56 . 2009-06-25 18:36 186880 c:\windows\system32\dllcache\mqtrig.dll
- 2004-08-04 00:56 . 2004-08-04 00:56 186880 c:\windows\system32\dllcache\mqtrig.dll
- 2004-08-04 00:56 . 2004-08-04 00:56 117248 c:\windows\system32\dllcache\mqtgsvc.exe
+ 2004-08-04 00:56 . 2009-06-22 11:49 117248 c:\windows\system32\dllcache\mqtgsvc.exe
+ 2004-08-04 00:56 . 2009-06-25 18:36 517120 c:\windows\system32\dllcache\mqsnap.dll
+ 2004-08-04 00:56 . 2009-06-25 18:36 123392 c:\windows\system32\dllcache\mqrtdep.dll
- 2004-08-04 00:56 . 2004-08-04 00:56 123392 c:\windows\system32\dllcache\mqrtdep.dll
- 2004-08-04 00:56 . 2004-08-04 00:56 177152 c:\windows\system32\dllcache\mqrt.dll
+ 2004-08-04 00:56 . 2009-06-25 18:36 177152 c:\windows\system32\dllcache\mqrt.dll
+ 2004-08-04 00:56 . 2009-06-25 18:36 661504 c:\windows\system32\dllcache\mqqm.dll
+ 2004-08-04 00:56 . 2009-06-25 18:36 225280 c:\windows\system32\dllcache\mqoa.dll
- 2004-08-04 00:56 . 2004-08-04 00:56 225280 c:\windows\system32\dllcache\mqoa.dll
+ 2004-08-04 00:56 . 2009-06-25 18:36 138240 c:\windows\system32\dllcache\mqad.dll
- 2004-08-04 00:56 . 2004-08-04 00:56 138240 c:\windows\system32\dllcache\mqad.dll
+ 2004-08-04 00:56 . 2009-06-25 08:44 724480 c:\windows\system32\dllcache\lsasrv.dll
- 2004-08-04 00:56 . 2004-08-04 00:56 103936 c:\windows\system32\dllcache\logagent.exe
+ 2004-08-04 00:56 . 2008-06-10 09:31 103936 c:\windows\system32\dllcache\logagent.exe
+ 2004-08-04 00:56 . 2009-05-07 15:44 344064 c:\windows\system32\dllcache\localspl.dll
+ 2004-08-04 00:56 . 2009-03-21 14:18 986112 c:\windows\system32\dllcache\kernel32.dll
+ 2004-08-04 00:56 . 2009-06-25 08:44 298496 c:\windows\system32\dllcache\kerberos.dll
+ 2004-08-04 00:56 . 2009-03-08 12:33 726528 c:\windows\system32\dllcache\jscript.dll
+ 2011-11-20 00:51 . 2010-01-29 15:08 683520 c:\windows\system32\dllcache\inetcomm.dll
+ 2011-11-20 00:51 . 2009-03-08 22:09 638816 c:\windows\system32\dllcache\iexplore.exe
+ 2011-12-04 14:40 . 2010-05-06 10:41 247808 c:\windows\system32\dllcache\ieproxy.dll
+ 2004-08-04 00:56 . 2010-05-06 10:41 184320 c:\windows\system32\dllcache\iepeers.dll
+ 2011-12-04 14:40 . 2010-05-06 10:41 743424 c:\windows\system32\dllcache\iedvtool.dll
+ 2004-08-04 00:56 . 2010-05-06 10:41 387584 c:\windows\system32\dllcache\iedkcs32.dll
+ 2001-08-23 14:00 . 2009-03-08 12:32 163840 c:\windows\system32\dllcache\ieakui.dll
+ 2004-08-04 00:56 . 2009-03-08 12:33 229376 c:\windows\system32\dllcache\ieaksie.dll
+ 2004-08-04 00:56 . 2009-03-08 12:33 125952 c:\windows\system32\dllcache\ieakeng.dll
+ 2004-08-04 00:56 . 2010-05-05 13:30 173056 c:\windows\system32\dllcache\ie4uinit.exe
- 2011-11-20 00:51 . 2004-08-04 00:56 743936 c:\windows\system32\dllcache\helpsvc.exe
+ 2011-11-20 00:51 . 2010-06-14 14:30 743936 c:\windows\system32\dllcache\helpsvc.exe
+ 2004-08-04 00:56 . 2008-10-23 13:01 283648 c:\windows\system32\dllcache\gdi32.dll
+ 2011-11-20 00:49 . 2009-02-09 10:20 473088 c:\windows\system32\dllcache\fastprox.dll
+ 2004-08-04 00:56 . 2008-07-07 20:32 253952 c:\windows\system32\dllcache\es.dll
+ 2004-08-04 00:56 . 2009-03-08 12:31 216064 c:\windows\system32\dllcache\dxtrans.dll
+ 2004-08-04 00:56 . 2009-03-08 12:31 348160 c:\windows\system32\dllcache\dxtmsft.dll
+ 2004-08-04 00:56 . 2008-06-20 17:41 148992 c:\windows\system32\dllcache\dnsapi.dll
+ 2004-08-04 00:56 . 2010-04-16 15:36 151040 c:\windows\system32\dllcache\cdfview.dll
+ 2011-12-03 22:50 . 2008-06-13 13:10 272128 c:\windows\system32\dllcache\bthport.sys
- 2004-08-04 00:56 . 2004-08-04 00:56 285696 c:\windows\system32\dllcache\atmfd.dll
+ 2004-08-04 00:56 . 2010-04-20 05:51 285696 c:\windows\system32\dllcache\atmfd.dll
+ 2004-08-03 23:14 . 2008-08-14 09:51 138368 c:\windows\system32\dllcache\afd.sys
+ 2004-08-04 00:56 . 2009-03-08 12:32 128512 c:\windows\system32\dllcache\advpack.dll
+ 2004-08-04 00:56 . 2009-02-09 10:20 616960 c:\windows\system32\dllcache\advapi32.dll
- 2004-08-04 00:56 . 2004-08-04 00:56 616960 c:\windows\system32\dllcache\advapi32.dll
+ 2004-08-04 00:56 . 2009-11-21 16:36 470528 c:\windows\system32\dllcache\aclayers.dll
+ 2004-08-04 00:56 . 2010-02-12 04:47 100864 c:\windows\system32\dllcache\6to4svc.dll
+ 2004-08-04 00:56 . 2010-04-16 15:36 151040 c:\windows\system32\cdfview.dll
+ 2004-08-04 00:56 . 2010-04-20 05:51 285696 c:\windows\system32\atmfd.dll
- 2004-08-04 00:56 . 2004-08-04 00:56 285696 c:\windows\system32\atmfd.dll
+ 2004-08-04 00:56 . 2009-03-08 12:32 128512 c:\windows\system32\advpack.dll
+ 2004-08-04 00:56 . 2009-02-09 10:20 616960 c:\windows\system32\advapi32.dll
- 2004-08-04 00:56 . 2004-08-04 00:56 616960 c:\windows\system32\advapi32.dll
+ 2004-08-04 00:56 . 2010-02-12 04:47 100864 c:\windows\system32\6to4svc.dll
+ 2011-11-20 00:51 . 2010-06-14 14:30 743936 c:\windows\pchealth\helpctr\binaries\helpsvc.exe
- 2011-11-20 00:51 . 2004-08-04 00:56 743936 c:\windows\pchealth\helpctr\binaries\HelpSvc.exe
+ 2011-12-03 22:15 . 2011-12-03 22:15 429568 c:\windows\Installer\190c45.msi
+ 2011-12-04 14:40 . 2009-03-08 12:34 914944 c:\windows\ie8updates\KB982381-IE8\wininet.dll
+ 2011-12-04 14:40 . 2010-02-22 14:23 382840 c:\windows\ie8updates\KB982381-IE8\spuninst\updspapi.dll
+ 2011-12-04 14:40 . 2008-07-08 13:02 231288 c:\windows\ie8updates\KB982381-IE8\spuninst\spuninst.exe
+ 2011-12-04 14:40 . 2009-03-08 12:34 109568 c:\windows\ie8updates\KB982381-IE8\occache.dll
+ 2011-12-04 14:40 . 2009-03-08 12:32 611840 c:\windows\ie8updates\KB982381-IE8\mstime.dll
+ 2011-12-04 14:40 . 2009-03-08 12:32 594432 c:\windows\ie8updates\KB982381-IE8\msfeeds.dll
+ 2011-12-04 14:40 . 2009-03-08 12:33 246784 c:\windows\ie8updates\KB982381-IE8\ieproxy.dll
+ 2011-12-04 14:40 . 2009-03-08 12:31 183808 c:\windows\ie8updates\KB982381-IE8\iepeers.dll
+ 2011-12-04 14:40 . 2009-03-08 12:35 742912 c:\windows\ie8updates\KB982381-IE8\iedvtool.dll
+ 2011-12-04 14:40 . 2009-03-08 22:09 391536 c:\windows\ie8updates\KB982381-IE8\iedkcs32.dll
+ 2011-12-04 14:40 . 2009-03-08 12:32 173056 c:\windows\ie8updates\KB982381-IE8\ie4uinit.exe
+ 2011-12-04 14:38 . 2010-04-16 15:36 662016 c:\windows\ie8\wininet.dll
+ 2011-12-04 14:38 . 2004-08-04 00:56 276480 c:\windows\ie8\webcheck.dll
+ 2011-12-04 14:38 . 2004-08-04 00:56 848384 c:\windows\ie8\vgx.dll
+ 2011-12-04 14:38 . 2010-03-10 08:02 417792 c:\windows\ie8\vbscript.dll
+ 2011-12-04 14:38 . 2010-04-16 15:36 624640 c:\windows\ie8\urlmon.dll
+ 2011-12-04 14:39 . 2009-01-08 02:21 382496 c:\windows\ie8\spuninst\updspapi.dll
+ 2011-12-04 14:39 . 2009-01-08 02:20 231456 c:\windows\ie8\spuninst\spuninst.exe
+ 2011-12-04 14:38 . 2010-04-16 15:36 532480 c:\windows\ie8\mstime.dll
+ 2011-12-04 14:38 . 2010-04-16 15:36 146432 c:\windows\ie8\msrating.dll
+ 2011-12-04 14:38 . 2001-08-23 14:00 146432 c:\windows\ie8\msls31.dll
+ 2011-12-04 14:38 . 2010-04-16 15:36 449024 c:\windows\ie8\mshtmled.dll
+ 2011-12-04 14:38 . 2009-08-21 09:46 450560 c:\windows\ie8\jscript.dll
+ 2011-12-04 14:38 . 2010-04-16 15:36 251392 c:\windows\ie8\iepeers.dll
+ 2011-12-04 14:38 . 2004-08-04 00:56 323584 c:\windows\ie8\iedkcs32.dll
+ 2011-12-04 14:38 . 2001-08-23 14:00 221184 c:\windows\ie8\ieakui.dll
+ 2011-12-04 14:38 . 2004-08-04 00:56 216576 c:\windows\ie8\ieaksie.dll
+ 2011-12-04 14:38 . 2004-08-04 00:56 139264 c:\windows\ie8\ieakeng.dll
+ 2011-12-04 14:38 . 2010-04-16 15:36 205312 c:\windows\ie8\dxtrans.dll
+ 2011-12-04 14:38 . 2010-04-16 15:36 357888 c:\windows\ie8\dxtmsft.dll
+ 2011-12-03 22:40 . 2010-02-24 12:31 454016 c:\windows\Driver Cache\i386\mrxsmb.sys
+ 2011-12-03 22:50 . 2008-06-13 13:10 272128 c:\windows\Driver Cache\i386\bthport.sys
+ 2004-08-04 00:56 . 2009-11-21 16:36 470528 c:\windows\AppPatch\aclayers.dll
+ 2011-12-03 22:42 . 2009-08-13 13:55 1748992 c:\windows\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\GdiPlus.dll
+ 2009-07-21 08:03 . 2009-07-21 08:03 1348432 c:\windows\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9876.0_x-ww_a621d1d5\msxml4.dll
+ 2004-08-04 00:57 . 2010-04-08 21:53 2113536 c:\windows\system32\WMVCore.dll
+ 2004-08-04 00:56 . 2010-02-16 15:27 4734976 c:\windows\system32\wmp.dll
+ 2004-08-04 00:56 . 2008-06-11 02:18 1053696 c:\windows\system32\WMNetmgr.dll
+ 2004-08-03 23:17 . 2010-05-02 05:56 1850880 c:\windows\system32\win32k.sys
+ 2004-08-04 00:56 . 2010-05-06 10:41 1209344 c:\windows\system32\urlmon.dll
+ 2004-08-04 00:56 . 2008-07-03 13:16 8454656 c:\windows\system32\shell32.dll
+ 2004-08-04 00:56 . 2010-04-16 15:36 1506304 c:\windows\system32\shdocvw.dll
+ 2004-08-04 00:56 . 2009-07-17 16:27 1435648 c:\windows\system32\query.dll
- 2004-08-04 00:56 . 2004-08-04 00:56 1435648 c:\windows\system32\query.dll
+ 2004-08-04 00:56 . 2010-02-05 18:40 1291264 c:\windows\system32\quartz.dll
+ 2004-08-03 23:20 . 2010-02-16 13:19 2181376 c:\windows\system32\ntoskrnl.exe
+ 2004-08-03 22:59 . 2010-02-16 12:39 2058368 c:\windows\system32\ntkrnlpa.exe
+ 2009-07-21 08:05 . 2009-07-21 08:05 1348432 c:\windows\system32\msxml4.dll
+ 2004-08-04 00:56 . 2010-05-06 10:41 5950976 c:\windows\system32\mshtml.dll
+ 2011-12-04 11:01 . 2009-03-11 06:26 1403264 c:\windows\system32\KB905474\wganotifypackageinner.exe
+ 2009-03-08 12:32 . 2010-05-06 10:41 1985536 c:\windows\system32\iertutil.dll
+ 2009-02-07 05:07 . 2009-02-07 05:07 3698584 c:\windows\system32\ieapfltr.dat
+ 2004-08-04 00:57 . 2010-04-08 21:53 2113536 c:\windows\system32\dllcache\WMVCore.dll
+ 2004-08-04 00:56 . 2010-02-16 15:27 4734976 c:\windows\system32\dllcache\wmp.dll
+ 2004-08-04 00:56 . 2008-06-11 02:18 1053696 c:\windows\system32\dllcache\WMNetmgr.dll
+ 2004-08-03 23:17 . 2010-05-02 05:56 1850880 c:\windows\system32\dllcache\win32k.sys
+ 2004-08-04 00:56 . 2010-05-06 10:41 1209344 c:\windows\system32\dllcache\urlmon.dll
+ 2004-08-04 00:56 . 2008-07-03 13:16 8454656 c:\windows\system32\dllcache\shell32.dll
+ 2004-08-04 00:56 . 2010-04-16 15:36 1506304 c:\windows\system32\dllcache\shdocvw.dll
+ 2004-08-04 00:56 . 2009-07-17 16:27 1435648 c:\windows\system32\dllcache\query.dll
- 2004-08-04 00:56 . 2004-08-04 00:56 1435648 c:\windows\system32\dllcache\query.dll
+ 2004-08-04 00:56 . 2010-02-05 18:40 1291264 c:\windows\system32\dllcache\quartz.dll
+ 2011-12-04 00:49 . 2010-02-16 13:19 2181376 c:\windows\system32\dllcache\ntoskrnl.exe
+ 2011-12-04 00:49 . 2010-02-16 12:39 2016768 c:\windows\system32\dllcache\ntkrpamp.exe
+ 2011-12-04 00:49 . 2010-02-16 12:39 2058368 c:\windows\system32\dllcache\ntkrnlpa.exe
+ 2011-12-04 00:49 . 2010-02-16 13:17 2137088 c:\windows\system32\dllcache\ntkrnlmp.exe
+ 2011-11-20 00:51 . 2010-01-29 15:08 1315840 c:\windows\system32\dllcache\msoe.dll
+ 2004-08-04 00:56 . 2010-05-06 10:41 5950976 c:\windows\system32\dllcache\mshtml.dll
- 2011-11-20 00:51 . 2004-08-04 00:56 3555328 c:\windows\system32\dllcache\moviemk.exe
+ 2011-11-20 00:51 . 2009-10-23 14:27 3555328 c:\windows\system32\dllcache\moviemk.exe
+ 2011-12-04 14:40 . 2010-05-06 10:41 1985536 c:\windows\system32\dllcache\iertutil.dll
+ 2004-08-04 00:56 . 2010-04-16 15:36 1054208 c:\windows\system32\dllcache\danim.dll
+ 2004-08-04 00:56 . 2010-04-16 15:36 1023488 c:\windows\system32\dllcache\browseui.dll
+ 2004-08-04 00:56 . 2010-04-16 15:36 1054208 c:\windows\system32\danim.dll
+ 2004-08-04 00:56 . 2010-04-16 15:36 1023488 c:\windows\system32\browseui.dll
+ 2011-12-04 14:40 . 2009-03-08 12:34 1206784 c:\windows\ie8updates\KB982381-IE8\urlmon.dll
+ 2011-12-04 14:40 . 2009-03-08 12:41 5937152 c:\windows\ie8updates\KB982381-IE8\mshtml.dll
+ 2011-12-04 14:40 . 2009-03-08 12:32 1985024 c:\windows\ie8updates\KB982381-IE8\iertutil.dll
+ 2011-12-04 14:38 . 2010-04-16 15:36 3065344 c:\windows\ie8\mshtml.dll
+ 2011-12-04 00:49 . 2010-02-16 13:19 2181376 c:\windows\Driver Cache\i386\ntoskrnl.exe
+ 2011-12-04 00:49 . 2010-02-16 12:39 2016768 c:\windows\Driver Cache\i386\ntkrpamp.exe
+ 2011-12-04 00:49 . 2010-02-16 12:39 2058368 c:\windows\Driver Cache\i386\ntkrnlpa.exe
+ 2011-12-04 00:49 . 2010-02-16 13:17 2137088 c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2011-12-04 14:19 . 2011-10-28 06:04 50295240 c:\windows\system32\MRT.exe
+ 2009-03-08 12:39 . 2010-05-06 10:41 11076096 c:\windows\system32\ieframe.dll
+ 2011-12-04 14:40 . 2010-05-06 10:41 11076096 c:\windows\system32\dllcache\ieframe.dll
+ 2011-12-04 14:40 . 2009-03-08 12:39 11063808 c:\windows\ie8updates\KB982381-IE8\ieframe.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension]
@="{CDC95B92-E27C-4745-A8C5-64A52A78855D}"
[HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}]
2011-05-30 16:50 21864 ----a-w- c:\program files\Internet Download Manager\IDMShellExt.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-08-22 2433024]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SetRefresh"="c:\program files\COMPAQ\SetRefresh\\SetRefresh.exe" [2003-11-21 525824]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-09-01 449608]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-16 13529088]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoSMMyPictures"= 0 (0x0)
"NoStartMenuMyMusic"= 0 (0x0)
"NoRecentDocsNetHood"= 0 (0x0)
"NoSimpleStartMenu"= 0 (0x0)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSMMyPictures"= 0 (0x0)
"NoStartMenuMyMusic"= 0 (0x0)
"NoRecentDocsNetHood"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2008-06-12 10:38 108400 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DrvLsnr]
2003-05-08 19:34 143360 ------w- c:\program files\Analog Devices\SoundMAX\DrvLsnr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2008-05-16 22:01 13529088 ----a-w- c:\windows\system32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2008-05-16 22:01 86016 ----a-w- c:\windows\system32\nvmctray.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2008-05-16 22:01 1703936 ----a-w- c:\windows\system32\nwiz.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-11-30 01:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
"AntiVirusDisableNotify"=dword:00000001
"FirewallDisableNotify"=dword:00000001
"FirewallOverride"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
"UacDisableNotify"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableNotifications"= 1 (0x1)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Program Files\\Symantec AntiVirus\\VPC32.exe"=
"c:\\Program Files\\Common Files\\LightScribe\\LightScribeControlPanel.exe"=
"c:\\Program Files\\Internet Download Manager\\IDMan.exe"=
"c:\\Documents and Settings\\akko baby\\Application Data\\Microsoft\\Network\\Connections\\Cm\\CONNECTB\\IEXPLORE.EXE"=
"c:\\Program Files\\Internet Download Manager\\IEMonitor.exe"=
"c:\\Program Files\\Analog Devices\\SoundMAX\\SMTray.exe"=
"c:\\WINDOWS\\SynCor.exe"=
"c:\\Program Files\\Mozilla Firefox\\plugin-container.exe"=
"c:\\Program Files\\Malwarebytes' Anti-Malware\\mbam.exe"=
"c:\\Program Files\\Common Files\\Symantec Shared\\ccApp.exe"=
"c:\\Program Files\\Malwarebytes' Anti-Malware\\mbamgui.exe"=
"c:\\Program Files\\Adobe\\Reader 9.0\\Reader\\AcroRd32.exe"=
"c:\\Program Files\\Common Files\\LightScribe\\LSSrvc.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Analog Devices\\SoundMAX\\SMAgent.exe"=
"d:\\Portable VLC media player 1.1.11 Portabled by Atalay\\VLC media player.exe"=
"c:\\Program Files\\BitTorrent\\BitTorrent.exe"=
.
R1 IDMTDI;IDMTDI;c:\windows\system32\drivers\idmtdi.sys [10/25/2011 12:22 AM 101616]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [11/20/2011 11:37 AM 366152]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [11/20/2011 11:37 AM 22216]
S3 MBAMSwissArmy;MBAMSwissArmy;\??\c:\windows\system32\drivers\mbamswissarmy.sys --> c:\windows\system32\drivers\mbamswissarmy.sys [?]
S4 SavRoam;SAVRoam;c:\program files\Symantec AntiVirus\SavRoam.exe [4/17/2005 12:30 PM 124608]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - AMSINT32
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-08-22 22:11 529696 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Contents of the 'Scheduled Tasks' folder
.
2011-12-04 c:\windows\Tasks\ErrorEND.job
- h:\program files\ErrorEND\ErrorEND.exe [2011-03-09 12:23]
.
2011-12-04 c:\windows\Tasks\RegCure Program Check.job
- e:\program files\RegCure\RegCure.exe [2007-08-02 21:20]
.
2011-12-01 c:\windows\Tasks\RegCure.job
- e:\program files\RegCure\RegCure.exe [2007-08-02 21:20]
.
2011-12-04 c:\windows\Tasks\WGASetup.job
- c:\windows\system32\KB905474\wgasetup.exe [2011-12-04 06:18]
.
.
------- Supplementary Scan -------
.
uStart Page = about:blank
uInternet Connection Wizard,ShellNext = hxxp://go.connect.net.pk/
IE: Download all links with IDM - c:\program files\Internet Download Manager\IEGetAll.htm
IE: Download with IDM - c:\program files\Internet Download Manager\IEExt.htm
FF - ProfilePath - c:\documents and settings\akko baby\Application Data\Mozilla\Firefox\Profiles\9hzdiw44.default\
FF - prefs.js: network.proxy.type - 0
.
- - - - ORPHANS REMOVED - - - -
.
HKCU-Run-AntiFreeze - d:\antifreeze\AntiFreeze.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-12-04 07:51
Windows 5.1.2600 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{050c86e2-abc1-48d4-88e8-b4f5473f1c75}]
@Denied: (Full) (Everyone)
"Model"=dword:00000151
"Therad"=dword:00000010
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):bb,bb,94,10,2c,d0,12,79,98,5d,56,70,8a,91,0d,21,c4,ed,68,c5,f2,
55,e2,03,8c,64,08,56,b9,50,78,46,d9,ae,3e,a5,8b,26,48,c1,00,00,00,00,00,00,\
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'explorer.exe'(3424)
c:\windows\system32\WININET.dll
c:\program files\Internet Download Manager\IDMShellExt.dll
c:\program files\Internet Download Manager\IDMNetMon.DLL
c:\windows\system32\webcheck.dll
c:\windows\system32\IEFRAME.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\windows\system32\nvsvc32.exe
c:\program files\Analog Devices\SoundMAX\SMAgent.exe
c:\windows\system32\imapi.exe
.
**************************************************************************
.
Completion time: 2011-12-04 07:56:24 - machine was rebooted
ComboFix-quarantined-files.txt 2011-12-04 15:56
ComboFix2.txt 2011-12-03 21:53
.
Pre-Run: 7,115,165,696 bytes free
Post-Run: 7,030,685,696 bytes free
.
- - End Of File - - EDB8FF2F246891D7B9852E5CE632C0A6
  • 0

#12
ali.B

ali.B

    Trusted Helper

  • Malware Removal
  • 3,086 posts
hi

Please download This file to your desktop

double click to run it, it will ask you for administrative rights to continue.

When the Scan is done click File > Save log.

attach the log file in your next post
  • 0

#13
ali.B

ali.B

    Trusted Helper

  • Malware Removal
  • 3,086 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0

#14
hardan

hardan

    Member

  • Topic Starter
  • Member
  • PipPip
  • 21 posts
my window was crashed again sorryyy for late reply now my otl is

OTL logfile created on: 12/17/2011 11:25:05 AM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\akko baby\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.25 Gb Total Physical Memory | 0.63 Gb Available Physical Memory | 50.69% Memory free
1.11 Gb Paging File | 0.64 Gb Available in Paging File | 57.54% Paging File free
Paging file location(s): [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 19.53 Gb Total Space | 11.84 Gb Free Space | 60.60% Space Free | Partition Type: NTFS
Drive D: | 19.53 Gb Total Space | 1.80 Gb Free Space | 9.21% Space Free | Partition Type: NTFS
Drive E: | 19.53 Gb Total Space | 2.54 Gb Free Space | 13.00% Space Free | Partition Type: NTFS
Drive F: | 19.53 Gb Total Space | 3.39 Gb Free Space | 17.33% Space Free | Partition Type: NTFS
Drive G: | 15.93 Gb Total Space | 1.48 Gb Free Space | 9.31% Space Free | Partition Type: NTFS
Drive H: | 17.73 Gb Total Space | 8.60 Gb Free Space | 48.52% Space Free | Partition Type: NTFS

Computer Name: ABC-6473F0BBD5D | User Name: akko baby | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/12/17 11:22:23 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\akko baby\Desktop\OTL.exe
PRC - [2011/12/17 11:10:13 | 000,012,970 | ---- | M] () -- C:\Documents and Settings\akko baby\Local Settings\Temp\winxvjmqq.exe
PRC - [2011/10/25 01:48:40 | 003,507,608 | ---- | M] (Tonec Inc.) -- C:\Program Files\Internet Download Manager\IDMan.exe
PRC - [2011/09/28 22:53:40 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/08/31 17:00:48 | 000,449,608 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011/08/31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2010/05/25 06:28:58 | 000,337,328 | ---- | M] (Tonec Inc.) -- C:\Program Files\Internet Download Manager\IEMonitor.exe
PRC - [2004/08/03 16:56:50 | 001,032,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2004/08/03 16:56:50 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cmmon32.exe
PRC - [2003/05/08 11:34:32 | 000,139,264 | ---- | M] (adi) -- C:\Program Files\Analog Devices\SoundMAX\DrvLsnr.exe
PRC - [2003/05/05 08:57:30 | 000,217,088 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
PRC - [2002/09/20 16:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe


========== Modules (No Company Name) ==========

MOD - [2011/12/17 11:10:13 | 000,012,970 | ---- | M] () -- C:\Documents and Settings\akko baby\Local Settings\Temp\winxvjmqq.exe
MOD - [2011/12/15 11:53:21 | 008,527,008 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
MOD - [2011/09/28 22:53:40 | 001,833,944 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2007/08/14 13:59:54 | 006,365,184 | ---- | M] () -- C:\Program Files\Common Files\LightScribe\QtGui4.dll
MOD - [2007/07/12 13:55:52 | 000,131,072 | ---- | M] () -- C:\Program Files\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
MOD - [2007/07/12 13:55:28 | 001,581,056 | ---- | M] () -- C:\Program Files\Common Files\LightScribe\QtCore4.dll


========== Win32 Services (SafeList) ==========

SRV - [2011/08/31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2002/09/20 16:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) [Auto | Running] -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- (SoundMAX Agent Service (default))


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | Unknown | Running] -- -- (amsint32)
DRV - [2011/12/15 13:37:33 | 000,035,363 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\windrvNT.sys -- (windrvNT)
DRV - [2011/08/31 17:00:50 | 000,022,216 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011/07/06 07:14:42 | 000,101,616 | ---- | M] (Tonec Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\idmtdi.sys -- (IDMTDI)
DRV - [2007/11/29 17:35:44 | 000,163,328 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/12/15 11:20:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Documents and Settings\akko baby\Application Data\IDM\idmmzcc5 [2011/12/15 08:58:17 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\[email protected]: C:\Documents and Settings\akko baby\Application Data\IDM\idmmzcc5 [2011/12/15 08:58:17 | 000,000,000 | ---D | M]

[2011/12/15 11:20:42 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\akko baby\Application Data\Mozilla\Extensions
[2011/12/15 11:20:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/12/15 08:58:17 | 000,000,000 | ---D | M] (IDM CC) -- C:\DOCUMENTS AND SETTINGS\AKKO BABY\APPLICATION DATA\IDM\IDMMZCC5
[2011/09/28 22:53:40 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/09/28 16:26:50 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml

O1 HOSTS File: ([2001/08/23 06:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
O4 - HKLM..\Run: [DrvLsnr] C:\Program Files\Analog Devices\SoundMAX\DrvLsnr.exe (adi)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [SetRefresh] C:\Program Files\COMPAQ\SetRefresh\\SetRefresh.exe ()
O4 - HKLM..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe (Analog Devices, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm ()
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{06812BF4-424E-438C-A5C1-02C6CC71E821}: DhcpNameServer = 10.101.10.5 10.101.10.10
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A1660D44-1BE6-4678-B238-5C54409C9523}: NameServer = 10.101.10.10 10.101.10.5
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/12/15 06:32:31 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2011/12/15 06:40:05 | 000,000,206 | RHS- | M] () - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2011/12/04 07:52:40 | 000,000,239 | RHS- | M] () - D:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2011/12/04 07:52:40 | 000,000,296 | RHS- | M] () - E:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2011/12/04 07:52:40 | 000,000,372 | RHS- | M] () - F:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2011/12/04 07:52:40 | 000,000,261 | RHS- | M] () - G:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2011/12/04 07:52:40 | 000,000,274 | RHS- | M] () - H:\autorun.inf -- [ NTFS ]
O33 - MountPoints2\{48687ad4-26e4-11e1-831c-806d6172696f}\Shell\AutopLaY\commaNd - "" = E:\dken.pif -- [2011/12/17 11:09:28 | 000,103,140 | ---- | M] ()
O33 - MountPoints2\{48687ad4-26e4-11e1-831c-806d6172696f}\Shell\AutoRun\command - "" = E:\dken.pif -- [2011/12/17 11:09:28 | 000,103,140 | ---- | M] ()
O33 - MountPoints2\{48687ad4-26e4-11e1-831c-806d6172696f}\Shell\exPLORE\CommanD - "" = E:\dken.pif -- [2011/12/17 11:09:28 | 000,103,140 | ---- | M] ()
O33 - MountPoints2\{48687ad4-26e4-11e1-831c-806d6172696f}\Shell\opeN\ComMaNd - "" = E:\dken.pif -- [2011/12/17 11:09:28 | 000,103,140 | ---- | M] ()
O33 - MountPoints2\{48687ad5-26e4-11e1-831c-806d6172696f}\Shell\AUtopLAy\commAnd - "" = F:\uxfya.exe -- [2011/12/17 11:09:28 | 000,103,140 | ---- | M] ()
O33 - MountPoints2\{48687ad5-26e4-11e1-831c-806d6172696f}\Shell\AutoRun\command - "" = F:\uxfya.exe -- [2011/12/17 11:09:28 | 000,103,140 | ---- | M] ()
O33 - MountPoints2\{48687ad5-26e4-11e1-831c-806d6172696f}\Shell\ExpLoRE\cOmmaNd - "" = F:\uxfya.exe -- [2011/12/17 11:09:28 | 000,103,140 | ---- | M] ()
O33 - MountPoints2\{48687ad5-26e4-11e1-831c-806d6172696f}\Shell\oPeN\comMANd - "" = F:\uxfya.exe -- [2011/12/17 11:09:28 | 000,103,140 | ---- | M] ()
O33 - MountPoints2\{48687ad6-26e4-11e1-831c-806d6172696f}\Shell\AuToplay\comMand - "" = G:\llypt.pif -- [2011/12/17 11:09:28 | 000,103,140 | ---- | M] ()
O33 - MountPoints2\{48687ad6-26e4-11e1-831c-806d6172696f}\Shell\AutoRun\command - "" = G:\llypt.pif -- [2011/12/17 11:09:28 | 000,103,140 | ---- | M] ()
O33 - MountPoints2\{48687ad6-26e4-11e1-831c-806d6172696f}\Shell\eXplOrE\ComMAnD - "" = G:\llypt.pif -- [2011/12/17 11:09:28 | 000,103,140 | ---- | M] ()
O33 - MountPoints2\{48687ad6-26e4-11e1-831c-806d6172696f}\Shell\open\commanD - "" = G:\llypt.pif -- [2011/12/17 11:09:28 | 000,103,140 | ---- | M] ()
O33 - MountPoints2\{48687ad7-26e4-11e1-831c-806d6172696f}\Shell\autopLaY\comMAnD - "" = D:\mjydh.exe -- [2011/12/17 11:09:28 | 000,103,140 | ---- | M] ()
O33 - MountPoints2\{48687ad7-26e4-11e1-831c-806d6172696f}\Shell\AutoRun\command - "" = D:\mjydh.exe -- [2011/12/17 11:09:28 | 000,103,140 | ---- | M] ()
O33 - MountPoints2\{48687ad7-26e4-11e1-831c-806d6172696f}\Shell\eXpLORe\CoMmAnD - "" = D:\mjydh.exe -- [2011/12/17 11:09:28 | 000,103,140 | ---- | M] ()
O33 - MountPoints2\{48687ad7-26e4-11e1-831c-806d6172696f}\Shell\open\Command - "" = D:\mjydh.exe -- [2011/12/17 11:09:28 | 000,103,140 | ---- | M] ()
O33 - MountPoints2\{48687ad8-26e4-11e1-831c-806d6172696f}\Shell\AutOPlaY\CoMMAnd - "" = H:\cara.exe -- [2011/12/17 11:09:28 | 000,103,140 | ---- | M] ()
O33 - MountPoints2\{48687ad8-26e4-11e1-831c-806d6172696f}\Shell\AutoRun\command - "" = H:\cara.exe -- [2011/12/17 11:09:28 | 000,103,140 | ---- | M] ()
O33 - MountPoints2\{48687ad8-26e4-11e1-831c-806d6172696f}\Shell\expLoRe\COmMAND - "" = H:\cara.exe -- [2011/12/17 11:09:28 | 000,103,140 | ---- | M] ()
O33 - MountPoints2\{48687ad8-26e4-11e1-831c-806d6172696f}\Shell\opEn\comMAnd - "" = H:\cara.exe -- [2011/12/17 11:09:28 | 000,103,140 | ---- | M] ()
O33 - MountPoints2\{48687ada-26e4-11e1-831c-806d6172696f}\Shell\AutoPlAy\comMand - "" = C:\frof.pif -- [2011/12/17 11:13:04 | 000,103,140 | ---- | M] ()
O33 - MountPoints2\{48687ada-26e4-11e1-831c-806d6172696f}\Shell\AutoRun\command - "" = C:\frof.pif -- [2011/12/17 11:13:04 | 000,103,140 | ---- | M] ()
O33 - MountPoints2\{48687ada-26e4-11e1-831c-806d6172696f}\Shell\EXPloRe\CommaNd - "" = C:\frof.pif -- [2011/12/17 11:13:04 | 000,103,140 | ---- | M] ()
O33 - MountPoints2\{48687ada-26e4-11e1-831c-806d6172696f}\Shell\open\command - "" = C:\frof.pif -- [2011/12/17 11:13:04 | 000,103,140 | ---- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: vyogrhq - C:\WINDOWS\system32\jcpknkyk.dll ()

Drivers32: MIDI1 - C:\WINDOWS\System32\Syncor11.dll (SoundMAX)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2011/12/17 11:22:11 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\akko baby\Desktop\OTL.exe
[2011/12/17 04:17:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\freshgames
[2011/12/17 04:17:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\akko baby\Application Data\freshgames
[2011/12/17 04:12:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\akko baby\Application Data\A2 Entertainment
[2011/12/17 02:58:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\HipSoft
[2011/12/16 14:33:38 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\akko baby\Recent
[2011/12/16 13:28:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\akko baby\My Documents\My Cheat Tables
[2011/12/16 13:23:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\akko baby\Application Data\Farm Mania 2.1
[2011/12/16 12:23:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\akko baby\Application Data\Meridian93
[2011/12/16 09:38:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Knowledge Adventure
[2011/12/16 06:43:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\akko baby\Application Data\LestaStudio
[2011/12/16 06:37:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Cateia Games
[2011/12/16 06:34:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\akko baby\Desktop\Nightmare Realm Collector's Edition
[2011/12/16 06:31:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\akko baby\Desktop\GAME dsktop
[2011/12/16 06:16:38 | 000,000,000 | ---D | C] -- C:\Program Files\BitTorrent
[2011/12/16 06:16:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\akko baby\Application Data\BitTorrent
[2011/12/15 14:08:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\akko baby\Desktop\EmsisoftEmergencyKit
[2011/12/15 13:53:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\akko baby\Application Data\Macromedia
[2011/12/15 13:53:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\akko baby\Application Data\Adobe
[2011/12/15 13:37:32 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\akko baby\Application Data\.#
[2011/12/15 13:28:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2011/12/15 13:25:56 | 000,000,000 | ---D | C] -- C:\Avenger
[2011/12/15 13:10:54 | 014,962,688 | ---- | C] (NETGATE Technologies s.r.o.) -- C:\Documents and Settings\akko baby\Desktop\RegistryCleaner.exe
[2011/12/15 12:04:26 | 067,784,216 | ---- | C] (PC Tools ) -- C:\Documents and Settings\akko baby\Desktop\avinstall_dl.exe
[2011/12/15 11:53:21 | 000,414,368 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2011/12/15 11:20:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\akko baby\Local Settings\Application Data\Mozilla
[2011/12/15 11:20:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\akko baby\Application Data\Mozilla
[2011/12/15 11:20:00 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2011/12/15 11:14:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2011/12/15 09:06:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\CCleaner
[2011/12/15 09:06:35 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2011/12/15 08:58:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\akko baby\Application Data\IDM
[2011/12/15 08:58:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\akko baby\My Documents\Downloads
[2011/12/15 08:58:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\akko baby\Application Data\DMCache
[2011/12/15 08:58:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Internet Download Manager
[2011/12/15 08:58:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\akko baby\Start Menu\Programs\Internet Download Manager
[2011/12/15 08:58:10 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Download Manager
[2011/12/15 08:54:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\QuickTime
[2011/12/15 08:54:09 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2011/12/15 08:54:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
[2011/12/15 08:53:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2011/12/15 08:53:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\akko baby\Local Settings\Application Data\Apple
[2011/12/15 08:53:26 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2011/12/15 08:53:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple
[2011/12/15 08:53:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\akko baby\Local Settings\Application Data\Apple Computer
[2011/12/15 08:50:04 | 000,163,328 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\drivers\b57xp32.sys
[2011/12/15 08:50:04 | 000,163,328 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\dllcache\b57xp32.sys
[2011/12/15 08:50:03 | 000,000,000 | ---D | C] -- C:\Program Files\Broadcom
[2011/12/15 08:49:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\LightScribe Direct Disc Labeling
[2011/12/15 08:49:31 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\LightScribe
[2011/12/15 08:49:17 | 000,000,000 | ---D | C] -- C:\Program Files\COMPAQ
[2011/12/15 08:48:52 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2011/12/15 08:48:50 | 000,050,520 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\SP32387.SYS
[2011/12/15 08:47:52 | 000,006,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\splitter.sys
[2011/12/15 08:47:51 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wdmaud.sys
[2011/12/15 08:47:49 | 000,052,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmusic.sys
[2011/12/15 08:47:48 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swmidi.sys
[2011/12/15 08:47:47 | 000,142,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aec.sys
[2011/12/15 08:47:46 | 000,171,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kmixer.sys
[2011/12/15 08:47:45 | 000,002,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmkaud.sys
[2011/12/15 08:47:44 | 000,060,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sysaudio.sys
[2011/12/15 08:47:42 | 000,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mskssrv.sys
[2011/12/15 08:47:41 | 000,004,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspqm.sys
[2011/12/15 08:47:40 | 000,050,520 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\SP27432.SYS
[2011/12/15 08:47:38 | 000,005,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspclock.sys
[2011/12/15 08:47:33 | 000,145,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\portcls.sys
[2011/12/15 08:47:33 | 000,145,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\portcls.sys
[2011/12/15 08:47:33 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksproxy.ax
[2011/12/15 08:47:33 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksproxy.ax
[2011/12/15 08:47:33 | 000,060,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmk.sys
[2011/12/15 08:47:33 | 000,060,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmk.sys
[2011/12/15 08:47:33 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksuser.dll
[2011/12/15 08:47:33 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksuser.dll
[2011/12/15 08:47:30 | 001,285,632 | ---- | C] (Analog Devices) -- C:\WINDOWS\System32\SMMedia.dll
[2011/12/15 08:47:30 | 000,030,208 | ---- | C] (Analog Devices Inc.) -- C:\WINDOWS\System32\wdmioctl.dll
[2011/12/15 08:47:30 | 000,003,744 | ---- | C] (Analog Devices, Inc.) -- C:\WINDOWS\System32\drivers\smsens.sys
[2011/12/15 08:47:29 | 000,978,944 | ---- | C] (Analog Devices, Inc.) -- C:\WINDOWS\SynthCoreA.Dll
[2011/12/15 08:47:29 | 000,720,896 | ---- | C] (Sensaura Ltd) -- C:\WINDOWS\System32\dllcache\a3d.dll
[2011/12/15 08:47:29 | 000,720,896 | ---- | C] (Sensaura Ltd) -- C:\WINDOWS\System32\a3d.dll
[2011/12/15 08:47:29 | 000,380,928 | ---- | C] (Analog Devices, Inc.) -- C:\WINDOWS\SynCor.exe
[2011/12/15 08:47:29 | 000,049,152 | ---- | C] (SoundMAX) -- C:\WINDOWS\System32\S11thk32.dll
[2011/12/15 08:47:29 | 000,045,056 | ---- | C] (Analog Devices, Inc.) -- C:\WINDOWS\System32\SynthCore11Resources.dll
[2011/12/15 08:47:29 | 000,040,820 | ---- | C] (SoundMAX) -- C:\WINDOWS\System32\Syncor11.dll
[2011/12/15 08:47:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SoundMAX
[2011/12/15 08:47:28 | 000,131,072 | ---- | C] (Analog Devices Inc.) -- C:\WINDOWS\System32\DSndUp.exe
[2011/12/15 08:47:28 | 000,126,976 | ---- | C] (adi) -- C:\WINDOWS\System32\CleanUp.exe
[2011/12/15 08:47:28 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2011/12/15 08:47:28 | 000,000,000 | ---D | C] -- C:\Program Files\Analog Devices
[2011/12/15 08:47:17 | 000,000,000 | ---D | C] -- C:\swsetup
[2011/12/15 08:46:59 | 000,446,464 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvudisp.exe
[2011/12/15 08:46:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\nview
[2011/12/15 08:46:45 | 000,446,464 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NVUNINST.EXE
[2011/12/15 08:46:35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2011/12/15 08:46:18 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2011/12/15 08:45:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups
[2011/12/15 08:45:55 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\WINDOWS\System32\CSVer.dll
[2011/12/15 08:45:55 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2011/12/15 08:45:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
[2011/12/15 08:45:46 | 000,000,000 | ---D | C] -- C:\Intel
[2011/12/15 07:20:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\akko baby\Local Settings\Application Data\Thinstall
[2011/12/15 07:20:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\akko baby\Application Data\Thinstall
[2011/12/15 06:52:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\akko baby\Application Data\Nero
[2011/12/15 06:51:13 | 001,757,184 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\imagX7.dll
[2011/12/15 06:51:13 | 000,802,816 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\imagXRA7.dll
[2011/12/15 06:51:13 | 000,497,296 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\imagXpr7.dll
[2011/12/15 06:51:13 | 000,368,640 | ---- | C] (Pegasus Imaging Corporation) -- C:\WINDOWS\System32\TwnLib4.dll
[2011/12/15 06:51:13 | 000,258,048 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\imagXR7.dll
[2011/12/15 06:51:12 | 000,000,000 | ---D | C] -- C:\Program Files\Nero
[2011/12/15 06:51:12 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nero
[2011/12/15 06:51:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Nero
[2011/12/15 06:42:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\akko baby\Application Data\Malwarebytes
[2011/12/15 06:42:16 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011/12/15 06:41:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/12/15 06:41:30 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/12/15 06:41:30 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/12/15 06:40:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\WinRAR
[2011/12/15 06:40:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\akko baby\Start Menu\Programs\WinRAR
[2011/12/15 06:40:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\akko baby\Application Data\WinRAR
[2011/12/15 06:40:14 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2011/12/15 06:37:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\akko baby\Application Data\Identities
[2011/12/15 06:37:52 | 000,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
[2011/12/15 06:37:48 | 000,000,000 | R--D | C] -- C:\Documents and Settings\akko baby\My Documents\My Pictures
[2011/12/15 06:37:48 | 000,000,000 | R--D | C] -- C:\Documents and Settings\akko baby\My Documents\My Music
[2011/12/15 06:37:45 | 000,000,000 | --SD | C] -- C:\Documents and Settings\akko baby\Application Data\Microsoft
[2011/12/15 06:37:45 | 000,000,000 | --SD | C] -- C:\Documents and Settings\akko baby\Cookies
[2011/12/15 06:37:45 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\akko baby\SendTo
[2011/12/15 06:37:45 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\akko baby\Application Data
[2011/12/15 06:37:45 | 000,000,000 | R--D | C] -- C:\Documents and Settings\akko baby\Start Menu\Programs\Startup
[2011/12/15 06:37:45 | 000,000,000 | R--D | C] -- C:\Documents and Settings\akko baby\Start Menu
[2011/12/15 06:37:45 | 000,000,000 | R--D | C] -- C:\Documents and Settings\akko baby\My Documents
[2011/12/15 06:37:45 | 000,000,000 | R--D | C] -- C:\Documents and Settings\akko baby\Favorites
[2011/12/15 06:37:45 | 000,000,000 | R--D | C] -- C:\Documents and Settings\akko baby\Start Menu\Programs\Accessories
[2011/12/15 06:37:45 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\akko baby\Templates
[2011/12/15 06:37:45 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\akko baby\PrintHood
[2011/12/15 06:37:45 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\akko baby\NetHood
[2011/12/15 06:37:45 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\akko baby\Local Settings
[2011/12/15 06:37:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\akko baby\Local Settings\Application Data\Microsoft
[2011/12/15 06:37:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\akko baby\Desktop
[2011/12/15 06:36:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2011/12/15 06:36:50 | 000,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft
[2011/12/15 06:36:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2011/12/15 06:36:49 | 000,000,000 | --SD | C] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2011/12/15 06:36:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2011/12/15 06:36:41 | 000,000,000 | --SD | C] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2011/12/15 06:36:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2011/12/15 06:34:41 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winzm.ime
[2011/12/15 06:34:41 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winsp.ime
[2011/12/15 06:34:40 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winpy.ime
[2011/12/15 06:34:40 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winime.ime
[2011/12/15 06:34:39 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winar30.ime
[2011/12/15 06:34:39 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wingb.ime
[2011/12/15 06:34:39 | 000,041,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.dll
[2011/12/15 06:34:39 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.sys
[2011/12/15 06:34:38 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamreg51.dll
[2011/12/15 06:34:38 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamps51.dll
[2011/12/15 06:34:37 | 000,363,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3svc.dll
[2011/12/15 06:34:37 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wam51.dll
[2011/12/15 06:34:37 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ext.dll
[2011/12/15 06:34:37 | 000,048,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32.dll
[2011/12/15 06:34:37 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3svapi.dll
[2011/12/15 06:34:37 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ctrs51.dll
[2011/12/15 06:34:36 | 000,426,041 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicepad.dll
[2011/12/15 06:34:36 | 000,086,073 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicesub.dll
[2011/12/15 06:34:35 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniime.dll
[2011/12/15 06:34:35 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unicdime.ime
[2011/12/15 06:34:34 | 000,103,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uihelper.dll
[2011/12/15 06:34:34 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe
[2011/12/15 06:34:33 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tools.dll
[2011/12/15 06:34:33 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmigrate.dll
[2011/12/15 06:34:32 | 000,571,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlgnt.ime
[2011/12/15 06:34:32 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintsetp.exe
[2011/12/15 06:34:32 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\thawbrkr.dll
[2011/12/15 06:34:32 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlphr.exe
[2011/12/15 06:34:31 | 000,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdipx.sys
[2011/12/15 06:34:31 | 000,019,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdspx.sys
[2011/12/15 06:34:31 | 000,013,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdasync.sys
[2011/12/15 06:34:30 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\svcext51.dll
[2011/12/15 06:34:30 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\status.dll
[2011/12/15 06:34:29 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusbusd.dll
[2011/12/15 06:34:29 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sspifilt.dll
[2011/12/15 06:34:29 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ssinc51.dll
[2011/12/15 06:34:28 | 000,143,422 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\softkey.dll
[2011/12/15 06:34:27 | 000,358,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpincl.dll
[2011/12/15 06:34:27 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpcl.dll
[2011/12/15 06:34:27 | 000,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpsmir.dll
[2011/12/15 06:34:27 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpthrd.dll
[2011/12/15 06:34:27 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmp.exe
[2011/12/15 06:34:27 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpstup.dll
[2011/12/15 06:34:27 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmptrap.exe
[2011/12/15 06:34:27 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll
[2011/12/15 06:34:27 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpmib.dll
[2011/12/15 06:34:26 | 000,456,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpsvc.dll
[2011/12/15 06:34:26 | 000,236,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smi2smir.exe
[2011/12/15 06:34:26 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsm.dll
[2011/12/15 06:34:26 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll
[2011/12/15 06:34:26 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpapi.dll
[2011/12/15 06:34:26 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smimsgif.dll
[2011/12/15 06:34:26 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsy.dll
[2011/12/15 06:34:25 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm9aw.dll
[2011/12/15 06:34:25 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb6w.dll
[2011/12/15 06:34:25 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma3w.dll
[2011/12/15 06:34:25 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm87w.dll
[2011/12/15 06:34:25 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm81w.dll
[2011/12/15 06:34:25 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8cw.dll
[2011/12/15 06:34:25 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm93w.dll
[2011/12/15 06:34:25 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm92w.dll
[2011/12/15 06:34:25 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm90w.dll
[2011/12/15 06:34:25 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8dw.dll
[2011/12/15 06:34:25 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8aw.dll
[2011/12/15 06:34:25 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm89w.dll
[2011/12/15 06:34:24 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm59w.dll
[2011/12/15 06:34:24 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\simptcp.dll
[2011/12/15 06:34:22 | 000,221,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\seo.dll
[2011/12/15 06:34:22 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seos.dll
[2011/12/15 06:34:21 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_scripto.dll
[2011/12/15 06:34:20 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2011/12/15 06:34:20 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2011/12/15 06:34:20 | 000,026,624 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll
[2011/12/15 06:34:20 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rw001ext.dll
[2011/12/15 06:34:20 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rwnh.dll
[2011/12/15 06:34:19 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\romanime.ime
[2011/12/15 06:34:19 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe
[2011/12/15 06:34:19 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe
[2011/12/15 06:34:19 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcref.dll
[2011/12/15 06:34:17 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quick.ime
[2011/12/15 06:34:17 | 000,020,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ramdisk.sys
[2011/12/15 06:34:17 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quser.exe
[2011/12/15 06:34:17 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe
[2011/12/15 06:34:16 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pwsdata.dll
[2011/12/15 06:34:15 | 000,482,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlgnt.ime
[2011/12/15 06:34:15 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxviceo.dll
[2011/12/15 06:34:15 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlphr.exe
[2011/12/15 06:34:15 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmigrate.dll
[2011/12/15 06:34:15 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxmcro.dll
[2011/12/15 06:34:15 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxgl.dll
[2011/12/15 06:34:14 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phon.ime
[2011/12/15 06:34:14 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlcsd.dll
[2011/12/15 06:34:14 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\permchk.dll
[2011/12/15 06:34:13 | 000,036,927 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs411.dll
[2011/12/15 06:34:13 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pagecnt.dll
[2011/12/15 06:34:13 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs404.dll
[2011/12/15 06:34:13 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs804.dll
[2011/12/15 06:34:13 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs412.dll
[2011/12/15 06:34:11 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nsepm.dll
[2011/12/15 06:34:11 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll
[2011/12/15 06:34:10 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nextlink.dll
[2011/12/15 06:34:08 | 000,229,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\multibox.dll
[2011/12/15 06:34:08 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtstocom.exe
[2011/12/15 06:34:06 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msiregmv.exe
[2011/12/15 06:34:05 | 001,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.lex
[2011/12/15 06:34:05 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.dll
[2011/12/15 06:34:01 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migregdb.exe
[2011/12/15 06:34:00 | 000,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.sys
[2011/12/15 06:34:00 | 000,092,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.dll
[2011/12/15 06:34:00 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\metada51.dll
[2011/12/15 06:34:00 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\md5filt.dll
[2011/12/15 06:34:00 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mdsync.dll
[2011/12/15 06:33:59 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll
[2011/12/15 06:33:59 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lprmon.dll
[2011/12/15 06:33:58 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lmmib2.dll
[2011/12/15 06:33:58 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lpdsvc.dll
[2011/12/15 06:33:58 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logscrpt.dll
[2011/12/15 06:33:58 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lonsint.dll
[2011/12/15 06:33:57 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\korwbrkr.dll
[2011/12/15 06:33:57 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdvntc.dll
[2011/12/15 06:33:56 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecat.dll
[2011/12/15 06:33:56 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecnt.dll
[2011/12/15 06:33:56 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnec95.dll
[2011/12/15 06:33:56 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth3.dll
[2011/12/15 06:33:56 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth2.dll
[2011/12/15 06:33:56 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdusa.dll
[2011/12/15 06:33:56 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdurdu.dll
[2011/12/15 06:33:56 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth1.dll
[2011/12/15 06:33:56 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth0.dll
[2011/12/15 06:33:56 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr2.dll
[2011/12/15 06:33:56 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr1.dll
[2011/12/15 06:33:55 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdibm02.dll
[2011/12/15 06:33:55 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41a.dll
[2011/12/15 06:33:55 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41j.dll
[2011/12/15 06:33:55 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinpun.dll
[2011/12/15 06:33:55 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintel.dll
[2011/12/15 06:33:55 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintam.dll
[2011/12/15 06:33:55 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinmar.dll
[2011/12/15 06:33:55 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinkan.dll
[2011/12/15 06:33:55 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinhin.dll
[2011/12/15 06:33:55 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinguj.dll
[2011/12/15 06:33:55 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdindev.dll
[2011/12/15 06:33:54 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdax2.dll
[2011/12/15 06:33:54 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdheb.dll
[2011/12/15 06:33:54 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdfa.dll
[2011/12/15 06:33:54 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv2.dll
[2011/12/15 06:33:54 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv1.dll
[2011/12/15 06:33:54 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda3.dll
[2011/12/15 06:33:54 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda2.dll
[2011/12/15 06:33:54 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgeo.dll
[2011/12/15 06:33:54 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarmw.dll
[2011/12/15 06:33:54 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarme.dll
[2011/12/15 06:33:53 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iscomlog.dll
[2011/12/15 06:33:53 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jupiw.dll
[2011/12/15 06:33:53 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iwrps.dll
[2011/12/15 06:33:53 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isapips.dll
[2011/12/15 06:33:53 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd106n.dll
[2011/12/15 06:33:53 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101a.dll
[2011/12/15 06:33:53 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101.dll
[2011/12/15 06:33:53 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda1.dll
[2011/12/15 06:33:52 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infocomm.dll
[2011/12/15 06:33:52 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iprip.dll
[2011/12/15 06:33:52 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetin51.exe
[2011/12/15 06:33:52 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infoctrs.dll
[2011/12/15 06:33:51 | 000,471,102 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskdic.dll
[2011/12/15 06:33:51 | 000,315,452 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskf.dll
[2011/12/15 06:33:51 | 000,274,489 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputyc.dll
[2011/12/15 06:33:51 | 000,102,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imlang.dll
[2011/12/15 06:33:51 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imkrinst.exe
[2011/12/15 06:33:50 | 000,307,257 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.exe
[2011/12/15 06:33:50 | 000,262,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputy.exe
[2011/12/15 06:33:50 | 000,233,527 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjprw.exe
[2011/12/15 06:33:50 | 000,208,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpmig.exe
[2011/12/15 06:33:50 | 000,155,705 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdsvr.exe
[2011/12/15 06:33:50 | 000,081,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.dll
[2011/12/15 06:33:50 | 000,057,398 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdadm.exe
[2011/12/15 06:33:50 | 000,045,109 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpuex.exe
[2011/12/15 06:33:49 | 000,811,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81k.dll
[2011/12/15 06:33:49 | 000,716,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcus.dll
[2011/12/15 06:33:49 | 000,368,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcic.dll
[2011/12/15 06:33:49 | 000,340,023 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81.ime
[2011/12/15 06:33:49 | 000,311,359 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsv.exe
[2011/12/15 06:33:49 | 000,102,463 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsm.dll
[2011/12/15 06:33:49 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmig.exe
[2011/12/15 06:33:48 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrcic.dll
[2011/12/15 06:33:48 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekr61.ime
[2011/12/15 06:33:48 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmbx.dll
[2011/12/15 06:33:48 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iislog51.dll
[2011/12/15 06:33:48 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iiscrmap.dll
[2011/12/15 06:33:48 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisfecnv.dll
[2011/12/15 06:33:48 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iissync.exe
[2011/12/15 06:33:48 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iismui.dll
[2011/12/15 06:33:47 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iische51.dll
[2011/12/15 06:33:47 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisclex4.dll
[2011/12/15 06:33:47 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisadmin.dll
[2011/12/15 06:33:43 | 010,129,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxkor.dll
[2011/12/15 06:33:36 | 010,096,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxcht.dll
[2011/12/15 06:33:36 | 000,268,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpext.dll
[2011/12/15 06:33:36 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpod51.dll
[2011/12/15 06:33:36 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hostmib.dll
[2011/12/15 06:33:36 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpmb51.dll
[2011/12/15 06:33:35 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hanjadic.dll
[2011/12/15 06:33:35 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gzip.dll
[2011/12/15 06:33:34 | 000,400,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsxp32.dll
[2011/12/15 06:33:34 | 000,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxstiff.dll
[2011/12/15 06:33:34 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxst30.dll
[2011/12/15 06:33:34 | 000,192,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxswzrd.dll
[2011/12/15 06:33:34 | 000,154,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsui.dll
[2011/12/15 06:33:33 | 000,562,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsst.dll
[2011/12/15 06:33:33 | 000,285,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscomex.dll
[2011/12/15 06:33:33 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssvc.exe
[2011/12/15 06:33:33 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscover.exe
[2011/12/15 06:33:33 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsevent.dll
[2011/12/15 06:33:33 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsroute.dll
[2011/12/15 06:33:33 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsdrv.dll
[2011/12/15 06:33:33 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsmon.dll
[2011/12/15 06:33:33 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsext32.dll
[2011/12/15 06:33:33 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssend.exe
[2011/12/15 06:33:33 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsperf.dll
[2011/12/15 06:33:33 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsres.dll
[2011/12/15 06:33:32 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsapi.dll
[2011/12/15 06:33:32 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclnt.exe
[2011/12/15 06:33:32 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclntr.dll
[2011/12/15 06:33:32 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpsv251.dll
[2011/12/15 06:33:32 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscfgwz.dll
[2011/12/15 06:33:32 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscom.dll
[2011/12/15 06:33:32 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpctrs2.dll
[2011/12/15 06:33:32 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpmib.dll
[2011/12/15 06:33:32 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftlx041e.dll
[2011/12/15 06:33:31 | 000,618,605 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4autl.dll
[2011/12/15 06:33:31 | 000,024,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmcgi.exe
[2011/12/15 06:33:31 | 000,020,541 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmdll.dll
[2011/12/15 06:33:31 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe
[2011/12/15 06:33:30 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntagnt.dll
[2011/12/15 06:33:30 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntwin.exe
[2011/12/15 06:33:30 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll
[2011/12/15 06:33:30 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntcmd.exe
[2011/12/15 06:33:30 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\exstrace.dll
[2011/12/15 06:33:30 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\f3ahvoas.dll
[2011/12/15 06:33:29 | 000,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll
[2011/12/15 06:33:29 | 000,045,056 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll
[2011/12/15 06:33:29 | 000,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll
[2011/12/15 06:33:29 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\et4000.sys
[2011/12/15 06:33:28 | 000,514,587 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\edb500.dll
[2011/12/15 06:33:25 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dayi.ime
[2011/12/15 06:33:25 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\davcdata.exe
[2011/12/15 06:33:23 | 000,057,399 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cplexe.exe
[2011/12/15 06:33:23 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\convlog.exe
[2011/12/15 06:33:23 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\controt.dll
[2011/12/15 06:33:23 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\counters.dll
[2011/12/15 06:33:23 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cprofile.exe
[2011/12/15 06:33:22 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\compfilt.dll
[2011/12/15 06:33:21 | 000,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtbrkr.dll
[2011/12/15 06:33:21 | 000,480,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintsetp.exe
[2011/12/15 06:33:21 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintime.dll
[2011/12/15 06:33:21 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtmbx.dll
[2011/12/15 06:33:21 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtskdic.dll
[2011/12/15 06:33:21 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintlgnt.ime
[2011/12/15 06:33:20 | 001,677,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chsbrkr.dll
[2011/12/15 06:33:20 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chajei.ime
[2011/12/15 06:33:20 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgport.exe
[2011/12/15 06:33:20 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgusr.exe
[2011/12/15 06:33:20 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chglogon.exe
[2011/12/15 06:33:20 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\change.exe
[2011/12/15 06:33:19 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_g18030.dll
[2011/12/15 06:33:19 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2011/12/15 06:33:19 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_iscii.dll
[2011/12/15 06:33:19 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_is2022.dll
[2011/12/15 06:33:13 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\browscap.dll
[2011/12/15 06:33:12 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\authfilt.dll
[2011/12/15 06:33:11 | 000,369,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asp51.dll
[2011/12/15 06:33:11 | 000,331,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aqueue.dll
[2011/12/15 06:33:11 | 000,108,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\appconf.dll
[2011/12/15 06:33:11 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll
[2011/12/15 06:33:11 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asptxn.dll
[2011/12/15 06:33:11 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aspperf.dll
[2011/12/15 06:33:10 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0804.dll
[2011/12/15 06:33:10 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0412.dll
[2011/12/15 06:33:10 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0411.dll
[2011/12/15 06:33:10 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt040d.dll
[2011/12/15 06:33:10 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0404.dll
[2011/12/15 06:33:10 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0401.dll
[2011/12/15 06:33:09 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adrot.dll
[2011/12/15 06:33:09 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admexs.dll
[2011/12/15 06:33:09 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admxprox.dll
[2011/12/15 06:33:09 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll
[2011/12/15 06:33:06 | 000,032,827 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptest.exe
[2011/12/15 06:33:06 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptsat.dll
[2011/12/15 06:33:06 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\staxmem.dll
[2011/12/15 06:33:06 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamregps.dll
[2011/12/15 06:33:05 | 002,134,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpsnap.dll
[2011/12/15 06:33:05 | 000,189,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpadm.dll
[2011/12/15 06:33:05 | 000,020,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.dll
[2011/12/15 06:33:05 | 000,016,437 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.exe
[2011/12/15 06:33:00 | 000,829,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmgr.dll
[2011/12/15 06:33:00 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logui.ocx
[2011/12/15 06:33:00 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isatq.dll
[2011/12/15 06:33:00 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetsloc.dll
[2011/12/15 06:33:00 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infoadmn.dll
[2011/12/15 06:33:00 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmgr.exe
[2011/12/15 06:32:59 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisui.dll
[2011/12/15 06:32:59 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrtl.dll
[2011/12/15 06:32:59 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisext51.dll
[2011/12/15 06:32:59 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iismap.dll
[2011/12/15 06:32:59 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrstas.exe
[2011/12/15 06:32:59 | 000,020,538 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpremadm.exe
[2011/12/15 06:32:59 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisreset.exe
[2011/12/15 06:32:59 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpsapi2.dll
[2011/12/15 06:32:59 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrstap.dll
[2011/12/15 06:32:58 | 000,598,071 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmc.dll
[2011/12/15 06:32:58 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmcsat.dll
[2011/12/15 06:32:58 | 000,188,494 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpcount.exe
[2011/12/15 06:32:58 | 000,109,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98swin.exe
[2011/12/15 06:32:58 | 000,020,541 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpexedll.dll
[2011/12/15 06:32:58 | 000,014,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98sadm.exe
[2011/12/15 06:32:57 | 000,876,653 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4awel.dll
[2011/12/15 06:32:57 | 000,184,435 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4amsft.dll
[2011/12/15 06:32:57 | 000,147,513 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4apws.dll
[2011/12/15 06:32:57 | 000,102,509 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4atxt.dll
[2011/12/15 06:32:57 | 000,082,035 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4anscp.dll
[2011/12/15 06:32:57 | 000,049,212 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4awebs.dll
[2011/12/15 06:32:57 | 000,049,210 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4areg.dll
[2011/12/15 06:32:57 | 000,041,020 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4avnb.dll
[2011/12/15 06:32:57 | 000,032,826 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4avss.dll
[2011/12/15 06:32:56 | 000,275,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\certwiz.ocx
[2011/12/15 06:32:56 | 000,188,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cfgwiz.exe
[2011/12/15 06:32:56 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\certmap.ocx
[2011/12/15 06:32:56 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cnfgprts.ocx
[2011/12/15 06:32:56 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\coadmin.dll
[2011/12/15 06:32:55 | 000,290,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adsiis51.dll
[2011/12/15 06:32:55 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admwprox.dll
[2011/12/15 06:32:55 | 000,020,540 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.dll
[2011/12/15 06:32:55 | 000,016,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.exe
[2011/12/15 06:32:55 | 000,016,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.exe
[2011/12/15 06:32:54 | 000,020,540 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.dll
[2011/12/15 06:32:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom
[2011/12/15 06:32:50 | 000,000,000 | ---D | C] -- C:\Program Files\xerox
[2011/12/15 06:32:50 | 000,000,000 | ---D | C] -- C:\Program Files\microsoft frontpage
[2011/12/15 06:32:10 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mapi32.dll
[2011/12/15 06:31:30 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\DRM
[2011/12/15 06:31:21 | 000,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files
[2011/12/15 06:31:21 | 000,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages
[2011/12/15 06:31:10 | 000,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate
[2011/12/15 06:30:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX
[2011/12/15 06:30:41 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoobe.exe
[2011/12/15 06:30:40 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helphost.exe
[2011/12/15 06:30:40 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\notiflag.exe
[2011/12/15 06:30:40 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\brpinfo.dll
[2011/12/15 06:30:40 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atrace.dll
[2011/12/15 06:30:40 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\atrace.dll
[2011/12/15 06:30:40 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hcappres.dll
[2011/12/15 06:30:34 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srdiag.exe
[2011/12/15 06:30:34 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmevtmsg.dll
[2011/12/15 06:30:34 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmevtmsg.dll
[2011/12/15 06:30:33 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\acctres.dll
[2011/12/15 06:30:33 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\acctres.dll
[2011/12/15 06:30:33 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msinfo32.exe
[2011/12/15 06:30:33 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wb32.exe
[2011/12/15 06:30:33 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cb32.exe
[2011/12/15 06:30:32 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Services
[2011/12/15 06:30:30 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssoap1.dll
[2011/12/15 06:30:30 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwtutor.exe
[2011/12/15 06:30:30 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwres.dll
[2011/12/15 06:30:30 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trialoc.dll
[2011/12/15 06:30:30 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wisc10.dll
[2011/12/15 06:30:30 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssoapr.dll
[2011/12/15 06:30:30 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isignup.exe
[2011/12/15 06:30:30 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icfgnt5.dll
[2011/12/15 06:30:30 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icfgnt5.dll
[2011/12/15 06:30:30 | 000,000,000 | --SD | C] -- C:\WINDOWS\Tasks
[2011/12/15 06:30:30 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap
[2011/12/15 06:30:29 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieinfo5.ocx
[2011/12/15 06:30:28 | 000,725,566 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srchui.dll
[2011/12/15 06:30:27 | 003,166,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msgr3en.dll
[2011/12/15 06:30:27 | 000,848,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vgx.dll
[2011/12/15 06:30:27 | 000,058,434 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srchctls.dll
[2011/12/15 06:30:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\srchasst
[2011/12/15 06:30:26 | 000,774,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setup_wm.exe
[2011/12/15 06:30:26 | 000,368,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpvis.dll
[2011/12/15 06:30:26 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpband.dll
[2011/12/15 06:30:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed
[2011/12/15 06:30:25 | 000,786,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migrate.exe
[2011/12/15 06:30:25 | 000,364,544 | ---- | C] (Microsoft Corporation (written by Digital Renaissance Inc.)) -- C:\WINDOWS\System32\dllcache\npdsplay.dll
[2011/12/15 06:30:25 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npdrmv2.dll
[2011/12/15 06:30:25 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpns.dll
[2011/12/15 06:30:25 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmplayer.exe
[2011/12/15 06:30:25 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\custsat.dll
[2011/12/15 06:30:25 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npwmsdrm.dll
[2011/12/15 06:30:24 | 001,929,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaueng.dll
[2011/12/15 06:30:24 | 000,575,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll
[2011/12/15 06:30:24 | 000,575,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuapi.dll
[2011/12/15 06:30:24 | 000,327,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll
[2011/12/15 06:30:24 | 000,327,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wucltui.dll
[2011/12/15 06:30:24 | 000,217,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaucpl.cpl
[2011/12/15 06:30:24 | 000,209,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuweb.dll
[2011/12/15 06:30:24 | 000,183,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng1.dll
[2011/12/15 06:30:24 | 000,183,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaueng1.dll
[2011/12/15 06:30:24 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauclt1.exe
[2011/12/15 06:30:24 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauclt1.exe
[2011/12/15 06:30:24 | 000,053,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauclt.exe
[2011/12/15 06:30:24 | 000,035,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wups.dll
[2011/12/15 06:30:24 | 000,035,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wups.dll
[2011/12/15 06:30:24 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauserv.dll
[2011/12/15 06:30:23 | 000,382,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qmgr.dll
[2011/12/15 06:30:23 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qmgrprxy.dll
[2011/12/15 06:30:23 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qmgrprxy.dll
[2011/12/15 06:30:23 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bitsprx2.dll
[2011/12/15 06:30:23 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx2.dll
[2011/12/15 06:30:23 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bitsprx3.dll
[2011/12/15 06:30:23 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx3.dll
[2011/12/15 06:30:22 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2res2.dll
[2011/12/15 06:30:22 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2eres.dll
[2011/12/15 06:30:21 | 004,256,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2res.dll
[2011/12/15 06:30:21 | 000,502,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2fxa.dll
[2011/12/15 06:30:21 | 000,402,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2filt.dll
[2011/12/15 06:30:21 | 000,325,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2fxb.dll
[2011/12/15 06:30:21 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2ae.dll
[2011/12/15 06:30:21 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2ext.dll
[2011/12/15 06:30:20 | 003,555,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\moviemk.exe
[2011/12/15 06:30:20 | 000,000,000 | ---D | C] -- C:\Program Files\Movie Maker
[2011/12/15 06:30:19 | 000,561,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobmain.dll
[2011/12/15 06:30:19 | 000,122,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobcomm.dll
[2011/12/15 06:30:19 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oobebaln.exe
[2011/12/15 06:30:19 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobshel.dll
[2011/12/15 06:30:19 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobweb.dll
[2011/12/15 06:30:19 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobdl.dll
[2011/12/15 06:30:18 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uploadm.exe
[2011/12/15 06:30:18 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrslv.dll
[2011/12/15 06:30:18 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\safrslv.dll
[2011/12/15 06:30:18 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrcdlg.dll
[2011/12/15 06:30:18 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\safrcdlg.dll
[2011/12/15 06:30:18 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrdm.dll
[2011/12/15 06:30:18 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\safrdm.dll
[2011/12/15 06:30:17 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pchshell.dll
[2011/12/15 06:30:17 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\racpldlg.dll
[2011/12/15 06:30:17 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\racpldlg.dll
[2011/12/15 06:30:17 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pchsvc.dll
[2011/12/15 06:30:16 | 000,158,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msconfig.exe
[2011/12/15 06:30:16 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hscupd.exe
[2011/12/15 06:30:15 | 000,768,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpctr.exe
[2011/12/15 06:30:15 | 000,743,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe
[2011/12/15 06:30:15 | 000,380,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rstrui.exe
[2011/12/15 06:30:15 | 000,124,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fltmgr.sys
[2011/12/15 06:30:15 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fltMc.exe
[2011/12/15 06:30:15 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fltmc.exe
[2011/12/15 06:30:15 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fltlib.dll
[2011/12/15 06:30:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore
[2011/12/15 06:30:14 | 000,239,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srrstr.dll
[2011/12/15 06:30:14 | 000,239,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srrstr.dll
[2011/12/15 06:30:14 | 000,170,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srsvc.dll
[2011/12/15 06:30:14 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ils.dll
[2011/12/15 06:30:14 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ils.dll
[2011/12/15 06:30:14 | 000,073,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sr.sys
[2011/12/15 06:30:14 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srclient.dll
[2011/12/15 06:30:14 | 000,034,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mnmdd.dll
[2011/12/15 06:30:14 | 000,034,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mnmdd.dll
[2011/12/15 06:30:14 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mnmsrvc.exe
[2011/12/15 06:30:14 | 000,032,768 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\isrdbg32.dll
[2011/12/15 06:30:14 | 000,032,768 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\isrdbg32.dll
[2011/12/15 06:30:14 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmmkcert.dll
[2011/12/15 06:30:14 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmmkcert.dll
[2011/12/15 06:30:13 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\callcont.dll
[2011/12/15 06:30:13 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmas.dll
[2011/12/15 06:30:13 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nac.dll
[2011/12/15 06:30:13 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msconf.dll
[2011/12/15 06:30:13 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msconf.dll
[2011/12/15 06:30:13 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rrcm.dll
[2011/12/15 06:30:13 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\h323cc.dll
[2011/12/15 06:30:13 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\confmrsl.dll
[2011/12/15 06:30:13 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dcap32.dll
[2011/12/15 06:30:13 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmasnt.dll
[2011/12/15 06:30:12 | 001,032,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\conf.exe
[2011/12/15 06:30:12 | 000,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mst120.dll
[2011/12/15 06:30:12 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoeacct.dll
[2011/12/15 06:30:12 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoeacct.dll
[2011/12/15 06:30:12 | 000,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmwb.dll
[2011/12/15 06:30:12 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmoldwb.dll
[2011/12/15 06:30:12 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmft.dll
[2011/12/15 06:30:12 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoert2.dll
[2011/12/15 06:30:12 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoert2.dll
[2011/12/15 06:30:12 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmchat.dll
[2011/12/15 06:30:12 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmcom.dll
[2011/12/15 06:30:12 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mst123.dll
[2011/12/15 06:30:12 | 000,000,000 | ---D | C] -- C:\Program Files\NetMeeting
[2011/12/15 06:30:11 | 000,678,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcomm.dll
[2011/12/15 06:30:11 | 000,504,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab32.dll
[2011/12/15 06:30:11 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab32res.dll
[2011/12/15 06:30:11 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wabimp.dll
[2011/12/15 06:30:11 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\directdb.dll
[2011/12/15 06:30:11 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msimn.exe
[2011/12/15 06:30:11 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetres.dll
[2011/12/15 06:30:11 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetres.dll
[2011/12/15 06:30:11 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab.exe
[2011/12/15 06:30:11 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wabfind.dll
[2011/12/15 06:30:11 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wabmig.exe
[2011/12/15 06:30:10 | 002,479,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoeres.dll
[2011/12/15 06:30:10 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oeimport.dll
[2011/12/15 06:30:10 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oemiglib.dll
[2011/12/15 06:30:09 | 000,274,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstask.dll
[2011/12/15 06:30:09 | 000,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcfg.dll
[2011/12/15 06:30:09 | 000,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcfg.dll
[2011/12/15 06:30:09 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\schedsvc.dll
[2011/12/15 06:30:09 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\isign32.dll
[2011/12/15 06:30:09 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isign32.dll
[2011/12/15 06:30:09 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwdial.dll
[2011/12/15 06:30:09 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwdial.dll
[2011/12/15 06:30:09 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setup50.exe
[2011/12/15 06:30:09 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwphbk.dll
[2011/12/15 06:30:09 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwphbk.dll
[2011/12/15 06:30:09 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oemig50.exe
[2011/12/15 06:30:09 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstinit.exe
[2011/12/15 06:30:09 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstinit.exe
[2011/12/15 06:30:09 | 000,000,000 | ---D | C] -- C:\Program Files\Outlook Express
[2011/12/15 06:30:08 | 000,561,179 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dao360.dll
[2011/12/15 06:30:08 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwconn1.exe
[2011/12/15 06:30:08 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwhelp.dll
[2011/12/15 06:30:08 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwconn2.exe
[2011/12/15 06:30:08 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwconn.dll
[2011/12/15 06:30:08 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwutil.dll
[2011/12/15 06:30:08 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwdl.dll
[2011/12/15 06:30:08 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwrmind.exe
[2011/12/15 06:30:08 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetwiz.exe
[2011/12/15 06:30:07 | 000,487,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oledb32.dll
[2011/12/15 06:30:07 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sqlxmlx.dll
[2011/12/15 06:30:07 | 000,204,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaps.dll
[2011/12/15 06:30:07 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdatl3.dll
[2011/12/15 06:30:07 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaosp.dll
[2011/12/15 06:30:07 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oledb32r.dll
[2011/12/15 06:30:07 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxactps.dll
[2011/12/15 06:30:07 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdatt.dll
[2011/12/15 06:30:07 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdasqlr.dll
[2011/12/15 06:30:07 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaurl.dll
[2011/12/15 06:30:06 | 000,536,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado15.dll
[2011/12/15 06:30:06 | 000,315,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdasql.dll
[2011/12/15 06:30:06 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaora.dll
[2011/12/15 06:30:06 | 000,200,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadox.dll
[2011/12/15 06:30:06 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadomd.dll
[2011/12/15 06:30:06 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdarem.dll
[2011/12/15 06:30:06 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msjro.dll
[2011/12/15 06:30:06 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado27.tlb
[2011/12/15 06:30:06 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado26.tlb
[2011/12/15 06:30:06 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado25.tlb
[2011/12/15 06:30:06 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado21.tlb
[2011/12/15 06:30:06 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado20.tlb
[2011/12/15 06:30:06 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadrh15.dll
[2011/12/15 06:30:06 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msador15.dll
[2011/12/15 06:30:06 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msader15.dll
[2011/12/15 06:30:06 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaorar.dll
[2011/12/15 06:30:06 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdasc.dll
[2011/12/15 06:30:06 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaer.dll
[2011/12/15 06:30:06 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaenum.dll
[2011/12/15 06:30:06 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdadc.dll
[2011/12/15 06:30:05 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadce.dll
[2011/12/15 06:30:05 | 000,200,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaprst.dll
[2011/12/15 06:30:05 | 000,155,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadds.dll
[2011/12/15 06:30:05 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadco.dll
[2011/12/15 06:30:05 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcf.dll
[2011/12/15 06:30:05 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcs.dll
[2011/12/15 06:30:05 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdfmap.dll
[2011/12/15 06:30:05 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msaddsr.dll
[2011/12/15 06:30:05 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcer.dll
[2011/12/15 06:30:05 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaremr.dll
[2011/12/15 06:30:05 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaprsr.dll
[2011/12/15 06:30:05 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcor.dll
[2011/12/15 06:30:05 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcfr.dll
[2011/12/15 06:30:05 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\System
[2011/12/15 06:30:04 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iexplore.exe
[2011/12/15 06:30:04 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hmmapi.dll
[2011/12/15 06:30:04 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedw.exe
[2011/12/15 06:30:04 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Explorer
[2011/12/15 06:30:03 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Pictures
[2011/12/15 06:29:41 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Games
[2011/12/15 06:29:31 | 000,000,000 | ---D | C] -- C:\Program Files\ComPlus Applications
[2011/12/15 06:29:25 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Administrative Tools
[2011/12/15 06:29:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\Registration
[2011/12/15 06:29:18 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Music
[2011/12/15 06:29:18 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Player
[2011/12/15 06:29:18 | 000,000,000 | ---D | C] -- C:\Program Files\Online Services
[2011/12/15 06:29:13 | 000,042,577 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgzm.exe
[2011/12/15 06:29:13 | 000,000,000 | ---D | C] -- C:\Program Files\Messenger
[2011/12/15 06:29:12 | 002,178,131 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlres.dll
[2011/12/15 06:29:12 | 001,817,687 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgres.dll
[2011/12/15 06:29:12 | 000,780,885 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrres.dll
[2011/12/15 06:29:12 | 000,753,236 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvseres.dll
[2011/12/15 06:29:12 | 000,082,501 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckg.dll
[2011/12/15 06:29:12 | 000,066,113 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvl.dll
[2011/12/15 06:29:12 | 000,048,706 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvse.dll
[2011/12/15 06:29:12 | 000,042,575 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrzm.exe
[2011/12/15 06:29:12 | 000,042,574 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvsezm.exe
[2011/12/15 06:29:12 | 000,042,573 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlzm.exe
[2011/12/15 06:29:12 | 000,042,573 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzzm.exe
[2011/12/15 06:29:12 | 000,040,515 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkr.dll
[2011/12/15 06:29:11 | 001,175,635 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzres.dll
[2011/12/15 06:29:11 | 001,039,955 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnresm.dll
[2011/12/15 06:29:11 | 000,113,222 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zoneclim.dll
[2011/12/15 06:29:11 | 000,057,409 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtz.dll
[2011/12/15 06:29:11 | 000,041,029 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zcorem.dll
[2011/12/15 06:29:11 | 000,032,339 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniansi.dll
[2011/12/15 06:29:11 | 000,013,894 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zonelibm.dll
[2011/12/15 06:29:11 | 000,004,677 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zeeverm.dll
[2011/12/15 06:29:10 | 000,217,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnclim.dll
[2011/12/15 06:29:10 | 000,036,937 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zclientm.exe
[2011/12/15 06:29:10 | 000,029,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\znetm.dll
[2011/12/15 06:29:10 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\write.exe
[2011/12/15 06:29:10 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\write.exe
[2011/12/15 06:29:10 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Gaming Zone
[2011/12/15 06:29:03 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avtapi.dll
[2011/12/15 06:29:03 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avtapi.dll
[2011/12/15 06:29:03 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndvol32.exe
[2011/12/15 06:29:03 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndvol32.exe
[2011/12/15 06:29:03 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avwav.dll
[2011/12/15 06:29:03 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avwav.dll
[2011/12/15 06:29:03 | 000,044,544 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\hticons.dll
[2011/12/15 06:29:03 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winchat.exe
[2011/12/15 06:29:03 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winchat.exe
[2011/12/15 06:29:03 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avmeter.dll
[2011/12/15 06:29:03 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avmeter.dll
[2011/12/15 06:29:03 | 000,013,312 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\dllcache\htrn_jis.dll
[2011/12/15 06:28:58 | 000,605,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\getuname.dll
[2011/12/15 06:28:58 | 000,605,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\getuname.dll
[2011/12/15 06:28:58 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\calc.exe
[2011/12/15 06:28:58 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\calc.exe
[2011/12/15 06:28:58 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\charmap.exe
[2011/12/15 06:28:58 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\charmap.exe
[2011/12/15 06:28:57 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mshearts.exe
[2011/12/15 06:28:57 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshearts.exe
[2011/12/15 06:28:57 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winmine.exe
[2011/12/15 06:28:57 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmine.exe
[2011/12/15 06:28:57 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sol.exe
[2011/12/15 06:28:57 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sol.exe
[2011/12/15 06:28:57 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\freecell.exe
[2011/12/15 06:28:57 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\freecell.exe
[2011/12/15 06:28:57 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsshutdn.exe
[2011/12/15 06:28:57 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsshutdn.exe
[2011/12/15 06:28:57 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tskill.exe
[2011/12/15 06:28:57 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tskill.exe
[2011/12/15 06:28:57 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsdiscon.exe
[2011/12/15 06:28:57 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsdiscon.exe
[2011/12/15 06:28:57 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscon.exe
[2011/12/15 06:28:57 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscon.exe
[2011/12/15 06:28:57 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\reset.exe
[2011/12/15 06:28:57 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\reset.exe
[2011/12/15 06:28:56 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\regini.exe
[2011/12/15 06:28:56 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\regini.exe
[2011/12/15 06:28:56 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qwinsta.exe
[2011/12/15 06:28:56 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qwinsta.exe
[2011/12/15 06:28:56 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msg.exe
[2011/12/15 06:28:56 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msg.exe
[2011/12/15 06:28:56 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtsadmin.tlb
[2011/12/15 06:28:56 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qappsrv.exe
[2011/12/15 06:28:56 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qappsrv.exe
[2011/12/15 06:28:56 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rwinsta.exe
[2011/12/15 06:28:56 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rwinsta.exe
[2011/12/15 06:28:56 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cdmodem.dll
[2011/12/15 06:28:56 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cdmodem.dll
[2011/12/15 06:28:56 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\logoff.exe
[2011/12/15 06:28:56 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logoff.exe
[2011/12/15 06:28:56 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\shadow.exe
[2011/12/15 06:28:56 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shadow.exe
[2011/12/15 06:28:56 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrereg.exe
[2011/12/15 06:28:56 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpcfgex.dll
[2011/12/15 06:28:56 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpcfgex.dll
[2011/12/15 06:28:55 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comsnap.dll
[2011/12/15 06:28:55 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsnap.dll
[2011/12/15 06:28:55 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrepl.dll
[2011/12/15 06:28:55 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comrepl.dll
[2011/12/15 06:28:55 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\stclient.dll
[2011/12/15 06:28:55 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\stclient.dll
[2011/12/15 06:28:55 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmi2xml.dll
[2011/12/15 06:28:55 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comaddin.dll
[2011/12/15 06:28:55 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comaddin.dll
[2011/12/15 06:28:55 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxlegih.dll
[2011/12/15 06:28:55 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxlegih.dll
[2011/12/15 06:28:55 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxdm.dll
[2011/12/15 06:28:55 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxdm.dll
[2011/12/15 06:28:55 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dcomcnfg.exe
[2011/12/15 06:28:55 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dcomcnfg.exe
[2011/12/15 06:28:55 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxex.dll
[2011/12/15 06:28:55 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxex.dll
[2011/12/15 06:28:53 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipicmp.dll
[2011/12/15 06:28:53 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmimsg.dll
[2011/12/15 06:28:53 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmitimep.dll
[2011/12/15 06:28:52 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msiprov.dll
[2011/12/15 06:28:52 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsprov.dll
[2011/12/15 06:28:52 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\updprov.dll
[2011/12/15 06:28:52 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmplprov.dll
[2011/12/15 06:28:52 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemdisp.tlb
[2011/12/15 06:28:52 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trnsprov.dll
[2011/12/15 06:28:52 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fwdprov.dll
[2011/12/15 06:28:52 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpcons.dll
[2011/12/15 06:28:52 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.tlb
[2011/12/15 06:28:52 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unsecapp.exe
[2011/12/15 06:28:52 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmtr.dll
[2011/12/15 06:28:52 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmt.exe
[2011/12/15 06:28:52 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.dll
[2011/12/15 06:28:43 | 000,281,088 | ---- | C] (Cinematronics) -- C:\WINDOWS\System32\dllcache\pinball.exe
[2011/12/15 06:28:43 | 000,000,000 | ---D | C] -- C:\Program Files\MSN
[2011/12/15 06:28:42 | 000,539,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dialer.exe
[2011/12/15 06:28:42 | 000,345,088 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\hypertrm.dll
[2011/12/15 06:28:42 | 000,343,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mspaint.exe
[2011/12/15 06:28:42 | 000,343,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspaint.exe
[2011/12/15 06:28:42 | 000,183,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\accwiz.exe
[2011/12/15 06:28:42 | 000,183,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\accwiz.exe
[2011/12/15 06:28:42 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndrec32.exe
[2011/12/15 06:28:42 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndrec32.exe
[2011/12/15 06:28:42 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mplay32.exe
[2011/12/15 06:28:42 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplay32.exe
[2011/12/15 06:28:42 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clipbrd.exe
[2011/12/15 06:28:42 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clipbrd.exe
[2011/12/15 06:28:42 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\access.cpl
[2011/12/15 06:28:42 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\access.cpl
[2011/12/15 06:28:42 | 000,000,000 | ---D | C] -- C:\Program Files\Windows NT
[2011/12/15 06:28:41 | 000,655,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstscax.dll
[2011/12/15 06:28:41 | 000,538,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spider.exe
[2011/12/15 06:28:41 | 000,538,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spider.exe
[2011/12/15 06:28:41 | 000,407,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstsc.exe
[2011/12/15 06:28:41 | 000,139,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwd.sys
[2011/12/15 06:28:41 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscfgwmi.dll
[2011/12/15 06:28:41 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscfgwmi.dll
[2011/12/15 06:28:41 | 000,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdtcp.sys
[2011/12/15 06:28:41 | 000,012,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdpipe.sys
[2011/12/15 06:28:40 | 000,295,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\termsrv.dll
[2011/12/15 06:28:40 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdchost.dll
[2011/12/15 06:28:40 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdchost.dll
[2011/12/15 06:28:40 | 000,140,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sessmgr.exe
[2011/12/15 06:28:40 | 000,087,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpwsx.dll
[2011/12/15 06:28:40 | 000,087,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwsx.dll
[2011/12/15 06:28:40 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdshost.exe
[2011/12/15 06:28:40 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdshost.exe
[2011/12/15 06:28:40 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpclip.exe
[2011/12/15 06:28:40 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpclip.exe
[2011/12/15 06:28:40 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\remotepg.dll
[2011/12/15 06:28:40 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscupgrd.exe
[2011/12/15 06:28:40 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscupgrd.exe
[2011/12/15 06:28:40 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cfgbkend.dll
[2011/12/15 06:28:40 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cfgbkend.dll
[2011/12/15 06:28:40 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qprocess.exe
[2011/12/15 06:28:40 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qprocess.exe
[2011/12/15 06:28:40 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpsnd.dll
[2011/12/15 06:28:40 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpsnd.dll
[2011/12/15 06:28:40 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdsaddin.exe
[2011/12/15 06:28:40 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdsaddin.exe
[2011/12/15 06:28:40 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icaapi.dll
[2011/12/15 06:28:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc
[2011/12/15 06:28:39 | 000,949,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtctm.dll
[2011/12/15 06:28:39 | 000,949,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtctm.dll
[2011/12/15 06:28:39 | 000,425,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcprx.dll
[2011/12/15 06:28:39 | 000,425,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtcprx.dll
[2011/12/15 06:28:39 | 000,161,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcuiu.dll
[2011/12/15 06:28:39 | 000,161,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtcuiu.dll
[2011/12/15 06:28:39 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxoci.dll
[2011/12/15 06:28:39 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtclog.dll
[2011/12/15 06:28:39 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtclog.dll
[2011/12/15 06:28:39 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xolehlp.dll
[2011/12/15 06:28:39 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xolehlp.dll
[2011/12/15 06:28:39 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtc.exe
[2011/12/15 06:28:38 | 000,628,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\catsrvut.dll
[2011/12/15 06:28:38 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\catsrv.dll
[2011/12/15 06:28:38 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comadmin.dll
[2011/12/15 06:28:38 | 000,110,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clbcatex.dll
[2011/12/15 06:28:38 | 000,110,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clbcatex.dll
[2011/12/15 06:28:38 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\catsrvps.dll
[2011/12/15 06:28:38 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvps.dll
[2011/12/15 06:28:38 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\colbact.dll
[2011/12/15 06:28:38 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrepl.exe
[2011/12/15 06:28:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Com
[2011/12/15 06:28:37 | 001,251,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comsvcs.dll
[2011/12/15 06:28:37 | 000,540,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comuid.dll
[2011/12/15 06:28:37 | 000,540,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comuid.dll
[2011/12/15 06:28:37 | 000,501,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clbcatq.dll
[2011/12/15 06:28:36 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmisvc.dll
[2011/12/15 06:28:36 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprov.dll
[2011/12/15 06:28:36 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiutils.dll
[2011/12/15 06:28:36 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipsess.dll
[2011/12/15 06:28:35 | 000,530,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcore.dll
[2011/12/15 06:28:35 | 000,358,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmic.exe
[2011/12/15 06:28:35 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemess.dll
[2011/12/15 06:28:35 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcomn.dll
[2011/12/15 06:28:35 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemupgd.dll
[2011/12/15 06:28:35 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiadap.exe
[2011/12/15 06:28:35 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcntl.dll
[2011/12/15 06:28:35 | 000,178,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemdisp.dll
[2011/12/15 06:28:35 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipcima.dll
[2011/12/15 06:28:35 | 000,140,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmidcprv.dll
[2011/12/15 06:28:35 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipdskq.dll
[2011/12/15 06:28:35 | 000,126,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiapsrv.exe
[2011/12/15 06:28:35 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemtest.exe
[2011/12/15 06:28:35 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiaprpl.dll
[2011/12/15 06:28:35 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcons.dll
[2011/12/15 06:28:35 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipjobj.dll
[2011/12/15 06:28:35 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipiprt.dll
[2011/12/15 06:28:35 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmicookr.dll
[2011/12/15 06:28:35 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemsvc.dll
[2011/12/15 06:28:35 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemprox.dll
[2011/12/15 06:28:35 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiapres.dll
[2011/12/15 06:28:34 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\provthrd.dll
[2011/12/15 06:28:34 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntevt.dll
[2011/12/15 06:28:34 | 000,177,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\repdrvfs.dll
[2011/12/15 06:28:34 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\viewprov.dll
[2011/12/15 06:28:34 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mofd.dll
[2011/12/15 06:28:34 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\policman.dll
[2011/12/15 06:28:34 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\stdprov.dll
[2011/12/15 06:28:34 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ncprov.dll
[2011/12/15 06:28:34 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scrcons.exe
[2011/12/15 06:28:34 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\krnlprov.dll
[2011/12/15 06:28:34 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mofcomp.exe
[2011/12/15 06:28:33 | 001,352,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cimwin32.dll
[2011/12/15 06:28:33 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\esscli.dll
[2011/12/15 06:28:33 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\framedyn.dll
[2011/12/15 06:28:33 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\servdeps.dll
[2011/12/15 06:28:33 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\servdeps.dll
[2011/12/15 06:28:32 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmprops.dll
[2011/12/15 06:28:32 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmprops.dll
[2011/12/15 06:28:32 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\licwmi.dll
[2011/12/15 06:28:32 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\licwmi.dll
[2011/12/15 06:28:32 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmfutil.dll
[2011/12/15 06:28:32 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mmfutil.dll
[2011/12/15 06:28:28 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Videos
[2011/12/15 06:28:11 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Accessories
[2011/12/14 22:24:56 | 006,557,408 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\dllcache\nv4_mini.sys
[2011/12/14 22:24:56 | 006,108,928 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nv4_disp.dll
[2011/12/14 22:24:49 | 000,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\intelide.sys
[2011/12/14 22:24:45 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\usbui.dll
[2011/12/14 22:24:45 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbui.dll
[2011/12/14 22:24:43 | 000,042,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agp440.sys
[2011/12/14 22:23:39 | 000,000,000 | -HSD | C] -- C:\WINDOWS\Installer
[2011/12/14 22:23:38 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC
[2011/12/14 22:23:37 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spcommon.dll
[2011/12/14 22:23:37 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spcplui.dll
[2011/12/14 22:23:36 | 000,774,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spttseng.dll
[2011/12/14 22:23:35 | 000,741,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapi.dll
[2011/12/14 22:23:35 | 000,155,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapi.cpl
[2011/12/14 22:23:35 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapisvr.exe
[2011/12/14 22:23:35 | 000,000,000 | R--D | C] -- C:\Program Files
[2011/12/14 22:23:35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeechEngines
[2011/12/14 22:23:35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Shared
[2011/12/14 22:23:35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files
[2011/12/14 22:23:34 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt041f.dll
[2011/12/14 22:23:33 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuq.dll
[2011/12/14 22:23:33 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuf.dll
[2011/12/14 22:23:33 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtuq.dll
[2011/12/14 22:23:33 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtuf.dll
[2011/12/14 22:23:33 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdazel.dll
[2011/12/14 22:23:33 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdazel.dll
[2011/12/14 22:23:32 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0419.dll
[2011/12/14 22:23:31 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0408.dll
[2011/12/14 22:23:31 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycc.dll
[2011/12/14 22:23:31 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbduzb.dll
[2011/12/14 22:23:31 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdur.dll
[2011/12/14 22:23:31 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtat.dll
[2011/12/14 22:23:31 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru1.dll
[2011/12/14 22:23:31 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru.dll
[2011/12/14 22:23:31 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmon.dll
[2011/12/14 22:23:31 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkyr.dll
[2011/12/14 22:23:31 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkaz.dll
[2011/12/14 22:23:31 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbu.dll
[2011/12/14 22:23:31 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdblr.dll
[2011/12/14 22:23:31 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdaze.dll
[2011/12/14 22:23:31 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdycc.dll
[2011/12/14 22:23:31 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbduzb.dll
[2011/12/14 22:23:31 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdur.dll
[2011/12/14 22:23:31 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtat.dll
[2011/12/14 22:23:31 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdru1.dll
[2011/12/14 22:23:31 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdru.dll
[2011/12/14 22:23:31 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdmon.dll
[2011/12/14 22:23:31 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkyr.dll
[2011/12/14 22:23:31 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkaz.dll
[2011/12/14 22:23:31 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdbu.dll
[2011/12/14 22:23:31 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdblr.dll
[2011/12/14 22:23:31 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdaze.dll
[2011/12/14 22:23:30 | 000,008,192 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhept.dll
[2011/12/14 22:23:30 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhept.dll
[2011/12/14 22:23:30 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela3.dll
[2011/12/14 22:23:30 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhela3.dll
[2011/12/14 22:23:30 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela2.dll
[2011/12/14 22:23:30 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdgkl.dll
[2011/12/14 22:23:30 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhela2.dll
[2011/12/14 22:23:30 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgkl.dll
[2011/12/14 22:23:30 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe319.dll
[2011/12/14 22:23:30 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe220.dll
[2011/12/14 22:23:30 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe.dll
[2011/12/14 22:23:30 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe319.dll
[2011/12/14 22:23:30 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe220.dll
[2011/12/14 22:23:30 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe.dll
[2011/12/14 22:23:29 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv1.dll
[2011/12/14 22:23:29 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv.dll
[2011/12/14 22:23:29 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdest.dll
[2011/12/14 22:23:29 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlv1.dll
[2011/12/14 22:23:29 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlv.dll
[2011/12/14 22:23:29 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdest.dll
[2011/12/14 22:23:29 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt1.dll
[2011/12/14 22:23:29 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt.dll
[2011/12/14 22:23:29 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlt1.dll
[2011/12/14 22:23:29 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlt.dll
[2011/12/14 22:23:28 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt040e.dll
[2011/12/14 22:23:28 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0415.dll
[2011/12/14 22:23:28 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0405.dll
[2011/12/14 22:23:27 | 000,007,168 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz.dll
[2011/12/14 22:23:27 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz.dll
[2011/12/14 22:23:27 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycl.dll
[2011/12/14 22:23:27 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl1.dll
[2011/12/14 22:23:27 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl.dll
[2011/12/14 22:23:27 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpl.dll
[2011/12/14 22:23:27 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu.dll
[2011/12/14 22:23:27 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz2.dll
[2011/12/14 22:23:27 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz1.dll
[2011/12/14 22:23:27 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcr.dll
[2011/12/14 22:23:27 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\KBDAL.DLL
[2011/12/14 22:23:27 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdycl.dll
[2011/12/14 22:23:27 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsl1.dll
[2011/12/14 22:23:27 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsl.dll
[2011/12/14 22:23:27 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdpl.dll
[2011/12/14 22:23:27 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhu.dll
[2011/12/14 22:23:27 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz2.dll
[2011/12/14 22:23:27 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz1.dll
[2011/12/14 22:23:27 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcr.dll
[2011/12/14 22:23:27 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdal.dll
[2011/12/14 22:23:27 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdro.dll
[2011/12/14 22:23:27 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpl1.dll
[2011/12/14 22:23:27 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu1.dll
[2011/12/14 22:23:27 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdro.dll
[2011/12/14 22:23:27 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdpl1.dll
[2011/12/14 22:23:27 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhu1.dll
[2011/12/14 22:23:25 | 000,176,157 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dllcache\dgrpsetu.dll
[2011/12/14 22:23:25 | 000,176,157 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dgrpsetu.dll
[2011/12/14 22:23:25 | 000,103,424 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\EqnClass.Dll
[2011/12/14 22:23:25 | 000,103,424 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqnclass.dll
[2011/12/14 22:23:25 | 000,085,020 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dllcache\dgsetup.dll
[2011/12/14 22:23:25 | 000,085,020 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dgsetup.dll
[2011/12/14 22:23:25 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\spxcoins.dll
[2011/12/14 22:23:25 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxcoins.dll
[2011/12/14 22:23:25 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irclass.dll
[2011/12/14 22:23:25 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irclass.dll
[2011/12/14 22:23:24 | 000,126,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MSVIDEO.DLL
[2011/12/14 22:23:24 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLECLI.DLL
[2011/12/14 22:23:24 | 000,073,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIAVI.DRV
[2011/12/14 22:23:24 | 000,032,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\COMMDLG.DLL
[2011/12/14 22:23:24 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIWAVE.DRV
[2011/12/14 22:23:24 | 000,025,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCISEQ.DRV
[2011/12/14 22:23:24 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLESVR.DLL
[2011/12/14 22:23:24 | 000,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TAPI.DLL
[2011/12/14 22:23:24 | 000,013,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\WFWNET.DRV
[2011/12/14 22:23:24 | 000,009,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\LZEXPAND.DLL
[2011/12/14 22:23:24 | 000,009,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VER.DLL
[2011/12/14 22:23:24 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SHELL.DLL
[2011/12/14 22:23:24 | 000,004,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TIMER.DRV
[2011/12/14 22:23:24 | 000,003,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SYSTEM.DRV
[2011/12/14 22:23:24 | 000,002,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VGA.DRV
[2011/12/14 22:23:24 | 000,002,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MOUSE.DRV
[2011/12/14 22:23:24 | 000,002,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\KEYBOARD.DRV
[2011/12/14 22:23:24 | 000,001,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SOUND.DRV
[2011/12/14 22:23:24 | 000,001,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MMTASK.TSK
[2011/12/14 22:23:23 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\WINSPOOL.DRV
[2011/12/14 22:23:23 | 000,109,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVIFILE.DLL
[2011/12/14 22:23:23 | 000,069,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVICAP.DLL
[2011/12/14 22:23:23 | 000,068,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MMSYSTEM.DLL
[2011/12/14 22:23:23 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\TASKMAN.EXE
[2011/12/14 22:23:23 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\taskman.exe
[2011/12/14 22:23:23 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irenum.sys
[2011/12/14 22:23:23 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\batt.dll
[2011/12/14 22:23:23 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\batt.dll
[2011/12/14 22:23:22 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\storprop.dll
[2011/12/14 22:23:14 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup
[2011/12/14 22:23:14 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu
[2011/12/14 22:23:14 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents
[2011/12/14 22:23:14 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Templates
[2011/12/14 22:23:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Favorites
[2011/12/14 22:23:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Desktop
[2011/12/14 22:23:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2011/12/14 22:23:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot
[2011/12/14 22:22:56 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2011/12/14 22:22:56 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\All Users\Application Data
[2011/12/14 22:22:38 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2011/12/14 22:22:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings
[2011/12/14 22:17:37 | 000,000,000 | R-SD | C] -- C:\WINDOWS\Fonts
[2011/12/14 22:17:37 | 000,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2011/12/14 22:17:37 | 000,000,000 | R--D | C] -- C:\WINDOWS\Web
[2011/12/14 22:17:37 | 000,000,000 | -H-D | C] -- C:\WINDOWS\inf
[2011/12/14 22:17:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\WinSxS
[2011/12/14 22:17:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wins
[2011/12/14 22:17:37 | 000,000,000 | ---D | C] -- C:\WINDOWS
[2011/12/14 22:17:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem
[2011/12/14 22:17:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt
[2011/12/14 22:17:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\twain_32
[2011/12/14 22:17:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2011/12/14 22:17:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\system32
[2011/12/14 22:17:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\system
[2011/12/14 22:17:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\spool
[2011/12/14 22:17:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt
[2011/12/14 22:17:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup
[2011/12/14 22:17:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\security
[2011/12/14 22:17:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\Resources
[2011/12/14 22:17:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\repair
[2011/12/14 22:17:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ras
[2011/12/14 22:17:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\Provisioning
[2011/12/14 22:17:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\PeerNet
[2011/12/14 22:17:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\pchealth
[2011/12/14 22:17:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe
[2011/12/14 22:17:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\npp
[2011/12/14 22:17:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\mui
[2011/12/14 22:17:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\mui
[2011/12/14 22:17:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\msapps
[2011/12/14 22:17:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\msagent
[2011/12/14 22:17:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\Media
[2011/12/14 22:17:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\java
[2011/12/14 22:17:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv
[2011/12/14 22:17:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\IME
[2011/12/14 22:17:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\ime
[2011/12/14 22:17:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml
[2011/12/14 22:17:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ias
[2011/12/14 22:17:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\Help
[2011/12/14 22:17:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\export
[2011/12/14 22:17:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc
[2011/12/14 22:17:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\ehome
[2011/12/14 22:17:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers
[2011/12/14 22:17:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache
[2011/12/14 22:17:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn
[2011/12/14 22:17:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp
[2011/12/14 22:17:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\Debug
[2011/12/14 22:17:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cursors
[2011/12/14 22:17:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard
[2011/12/14 22:17:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\config
[2011/12/14 22:17:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\Config
[2011/12/14 22:17:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\AppPatch
[2011/12/14 22:17:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\addins
[2011/12/14 22:17:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi
[2011/12/14 22:17:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3076
[2011/12/14 22:17:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\2052
[2011/12/14 22:17:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1054
[2011/12/14 22:17:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1042
[2011/12/14 22:17:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1041
[2011/12/14 22:17:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1037
[2011/12/14 22:17:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1033
[2011/12/14 22:17:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1031
[2011/12/14 22:17:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1028
[2011/12/14 22:17:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1025
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/12/17 11:22:23 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\akko baby\Desktop\OTL.exe
[2011/12/17 11:13:06 | 000,054,016 | ---- | M] () -- C:\WINDOWS\System32\drivers\vpjdg.sys
[2011/12/17 11:13:06 | 000,000,574 | ---- | M] () -- C:\WINDOWS\System32\atqwa
[2011/12/17 11:13:04 | 000,103,140 | ---- | M] () -- C:\frof.pif
[2011/12/17 11:09:45 | 000,054,016 | ---- | M] () -- C:\WINDOWS\System32\drivers\tvoa.sys
[2011/12/17 11:06:32 | 000,000,446 | ---- | M] () -- C:\WINDOWS\tasks\RegCure Program Check.job
[2011/12/17 11:06:30 | 000,000,104 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2011/12/17 11:06:26 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/12/17 11:06:24 | 1341,706,240 | -HS- | M] () -- C:\hiberfil.sys
[2011/12/17 08:37:27 | 000,000,650 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\BitTorrent.lnk
[2011/12/16 13:22:13 | 000,000,769 | ---- | M] () -- C:\Documents and Settings\akko baby\Desktop\Farm Mania-Hot Vacation.lnk
[2011/12/16 12:31:45 | 000,000,570 | ---- | M] () -- C:\Documents and Settings\akko baby\Desktop\Shortcut to Em4.lnk
[2011/12/16 12:30:34 | 000,000,492 | ---- | M] () -- C:\Documents and Settings\akko baby\Desktop\Shortcut to SummerRush.lnk
[2011/12/16 09:38:35 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2011/12/16 09:38:32 | 000,003,584 | ---- | M] () -- C:\Documents and Settings\akko baby\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/12/16 09:28:23 | 000,000,804 | ---- | M] () -- C:\Documents and Settings\akko baby\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2011/12/16 06:43:14 | 000,000,619 | ---- | M] () -- C:\Documents and Settings\akko baby\Desktop\Legion.lnk
[2011/12/16 06:30:26 | 000,000,708 | ---- | M] () -- C:\Documents and Settings\akko baby\Desktop\VLC media player.lnk
[2011/12/15 13:43:41 | 000,000,600 | ---- | M] () -- C:\Documents and Settings\akko baby\Desktop\Shortcut to Folder Lock.lnk
[2011/12/15 13:37:33 | 000,053,248 | ---- | M] () -- C:\WINDOWS\System32\suppdll.dll
[2011/12/15 13:37:33 | 000,035,363 | ---- | M] () -- C:\WINDOWS\System32\windrvNT.sys
[2011/12/15 12:03:59 | 000,000,081 | ---- | M] () -- C:\WINDOWS\System32\asr_jdftr
[2011/12/15 11:53:21 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2011/12/15 11:20:03 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\akko baby\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/12/15 11:20:03 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2011/12/15 11:10:29 | 000,000,546 | ---- | M] () -- C:\Documents and Settings\akko baby\Desktop\Connect Blue.lnk
[2011/12/15 09:06:36 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2011/12/15 09:04:36 | 000,000,380 | ---- | M] () -- C:\WINDOWS\tasks\RegCure.job
[2011/12/15 09:01:31 | 000,000,001 | ---- | M] () -- C:\Documents and Settings\akko baby\Local Settings\Application Data\llftool.4.12.agreement
[2011/12/15 08:58:43 | 000,000,708 | ---- | M] () -- C:\Documents and Settings\akko baby\Desktop\Internet Download Manager.lnk
[2011/12/15 08:54:22 | 000,001,604 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2011/12/15 08:47:28 | 000,000,044 | ---- | M] () -- C:\WINDOWS\System32\msssc.dll
[2011/12/15 08:39:24 | 000,012,592 | ---- | M] () -- C:\Documents and Settings\akko baby\Desktop\ISO1_DVDhalf.nri
[2011/12/15 07:36:47 | 000,106,247 | ---- | M] () -- C:\Documents and Settings\akko baby\Desktop\ISO1_DVDbackup 2011.nri
[2011/12/15 06:51:19 | 000,001,603 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Nero Express.lnk
[2011/12/15 06:41:33 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/12/15 06:40:05 | 000,000,206 | RHS- | M] () -- C:\autorun.inf
[2011/12/15 06:38:26 | 000,311,934 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/12/15 06:38:26 | 000,040,196 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/12/15 06:38:02 | 000,000,779 | ---- | M] () -- C:\Documents and Settings\akko baby\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/12/15 06:38:01 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\akko baby\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2011/12/15 06:37:44 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/12/15 06:36:44 | 000,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD
[2011/12/15 06:36:32 | 000,090,296 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/12/15 06:34:59 | 000,000,261 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2011/12/15 06:32:31 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011/12/15 06:32:31 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2011/12/15 06:32:31 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2011/12/15 06:32:31 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2011/12/15 06:32:31 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2011/12/15 06:32:22 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2011/12/15 06:32:21 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2011/12/15 06:32:21 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2011/12/15 06:32:10 | 000,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2011/12/15 06:29:40 | 000,021,640 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011/12/15 06:27:52 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/12/17 11:13:06 | 000,054,016 | ---- | C] () -- C:\WINDOWS\System32\drivers\vpjdg.sys
[2011/12/17 11:13:06 | 000,000,574 | ---- | C] () -- C:\WINDOWS\System32\atqwa
[2011/12/17 11:09:45 | 000,054,016 | ---- | C] () -- C:\WINDOWS\System32\drivers\tvoa.sys
[2011/12/17 11:09:28 | 000,103,140 | ---- | C] () -- C:\frof.pif
[2011/12/17 08:37:27 | 000,000,650 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\BitTorrent.lnk
[2011/12/16 13:22:13 | 000,000,769 | ---- | C] () -- C:\Documents and Settings\akko baby\Desktop\Farm Mania-Hot Vacation.lnk
[2011/12/16 12:31:45 | 000,000,570 | ---- | C] () -- C:\Documents and Settings\akko baby\Desktop\Shortcut to Em4.lnk
[2011/12/16 12:30:34 | 000,000,492 | ---- | C] () -- C:\Documents and Settings\akko baby\Desktop\Shortcut to SummerRush.lnk
[2011/12/16 09:38:32 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\akko baby\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/12/16 09:28:25 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2011/12/16 09:28:23 | 000,000,804 | ---- | C] () -- C:\Documents and Settings\akko baby\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2011/12/16 06:43:14 | 000,000,619 | ---- | C] () -- C:\Documents and Settings\akko baby\Desktop\Legion.lnk
[2011/12/16 06:30:26 | 000,000,708 | ---- | C] () -- C:\Documents and Settings\akko baby\Desktop\VLC media player.lnk
[2011/12/15 13:43:41 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\akko baby\Desktop\Shortcut to Folder Lock.lnk
[2011/12/15 13:37:33 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\suppdll.dll
[2011/12/15 13:37:33 | 000,035,363 | ---- | C] () -- C:\WINDOWS\System32\windrvNT.sys
[2011/12/15 12:03:59 | 000,120,083 | RHS- | C] () -- C:\WINDOWS\Fonts\uninstall_.exe
[2011/12/15 12:03:59 | 000,000,081 | ---- | C] () -- C:\WINDOWS\System32\asr_jdftr
[2011/12/15 11:20:03 | 000,000,742 | ---- | C] () -- C:\Documents and Settings\akko baby\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/12/15 11:20:03 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
[2011/12/15 11:20:03 | 000,000,724 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2011/12/15 11:10:29 | 000,000,546 | ---- | C] () -- C:\Documents and Settings\akko baby\Desktop\Connect Blue.lnk
[2011/12/15 11:10:25 | 000,005,791 | ---- | C] () -- C:\WINDOWS\System32\instcm.inf
[2011/12/15 09:06:36 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2011/12/15 09:04:35 | 000,000,446 | ---- | C] () -- C:\WINDOWS\tasks\RegCure Program Check.job
[2011/12/15 09:04:34 | 000,000,380 | ---- | C] () -- C:\WINDOWS\tasks\RegCure.job
[2011/12/15 09:01:31 | 000,000,001 | ---- | C] () -- C:\Documents and Settings\akko baby\Local Settings\Application Data\llftool.4.12.agreement
[2011/12/15 08:58:43 | 000,000,708 | ---- | C] () -- C:\Documents and Settings\akko baby\Desktop\Internet Download Manager.lnk
[2011/12/15 08:54:22 | 000,001,604 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2011/12/15 08:53:27 | 000,001,830 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Apple Software Update.lnk
[2011/12/15 08:49:17 | 000,002,070 | ---- | C] () -- C:\Documents and Settings\akko baby\Start Menu\Programs\SetRefresh.lnk
[2011/12/15 08:47:28 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\msssc.dll
[2011/12/15 08:47:05 | 000,000,104 | ---- | C] () -- C:\WINDOWS\System32\nvapps.xml
[2011/12/15 08:46:59 | 000,018,070 | ---- | C] () -- C:\WINDOWS\System32\nvdisp.nvu
[2011/12/15 08:39:24 | 000,012,592 | ---- | C] () -- C:\Documents and Settings\akko baby\Desktop\ISO1_DVDhalf.nri
[2011/12/15 07:36:47 | 000,106,247 | ---- | C] () -- C:\Documents and Settings\akko baby\Desktop\ISO1_DVDbackup 2011.nri
[2011/12/15 06:51:19 | 000,001,603 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Nero Express.lnk
[2011/12/15 06:41:33 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/12/15 06:40:21 | 000,000,206 | RHS- | C] () -- C:\autorun.inf
[2011/12/15 06:38:01 | 000,000,079 | ---- | C] () -- C:\Documents and Settings\akko baby\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2011/12/15 06:37:54 | 000,000,738 | ---- | C] () -- C:\Documents and Settings\akko baby\Start Menu\Programs\Outlook Express.lnk
[2011/12/15 06:37:52 | 000,000,767 | ---- | C] () -- C:\Documents and Settings\akko baby\Start Menu\Programs\Internet Explorer.lnk
[2011/12/15 06:37:51 | 000,000,779 | ---- | C] () -- C:\Documents and Settings\akko baby\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/12/15 06:37:45 | 000,001,599 | ---- | C] () -- C:\Documents and Settings\akko baby\Start Menu\Programs\Remote Assistance.lnk
[2011/12/15 06:37:45 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\akko baby\Start Menu\Programs\Windows Media Player.lnk
[2011/12/15 06:37:43 | 1341,706,240 | -HS- | C] () -- C:\hiberfil.sys
[2011/12/15 06:36:44 | 000,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2011/12/15 06:34:59 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011/12/15 06:34:14 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2011/12/15 06:33:57 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2011/12/15 06:33:51 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2011/12/15 06:33:50 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2011/12/15 06:33:48 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2011/12/15 06:33:39 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2011/12/15 06:33:35 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2011/12/15 06:33:31 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fpencode.dll
[2011/12/15 06:33:21 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2011/12/15 06:32:31 | 000,002,577 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT
[2011/12/15 06:32:31 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2011/12/15 06:32:31 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2011/12/15 06:32:31 | 000,000,000 | ---- | C] () -- C:\CONFIG.SYS
[2011/12/15 06:32:31 | 000,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT
[2011/12/15 06:32:21 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2011/12/15 06:32:21 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2011/12/15 06:32:20 | 000,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2011/12/15 06:31:10 | 000,000,786 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Movie Maker.lnk
[2011/12/15 06:31:00 | 004,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex
[2011/12/15 06:30:38 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2011/12/15 06:30:38 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2011/12/15 06:30:34 | 000,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf
[2011/12/15 06:30:25 | 000,004,639 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.exe
[2011/12/15 06:30:16 | 000,376,320 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msinfo.dll
[2011/12/15 06:29:42 | 000,000,609 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Messenger.lnk
[2011/12/15 06:29:40 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011/12/15 06:29:18 | 000,001,986 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\MSN.lnk
[2011/12/15 06:28:59 | 000,065,978 | ---- | C] () -- C:\WINDOWS\Soap Bubbles.bmp
[2011/12/15 06:28:59 | 000,065,954 | ---- | C] () -- C:\WINDOWS\Prairie Wind.bmp
[2011/12/15 06:28:59 | 000,065,832 | ---- | C] () -- C:\WINDOWS\Santa Fe Stucco.bmp
[2011/12/15 06:28:59 | 000,026,680 | ---- | C] () -- C:\WINDOWS\River Sumida.bmp
[2011/12/15 06:28:59 | 000,026,582 | ---- | C] () -- C:\WINDOWS\Greenstone.bmp
[2011/12/15 06:28:59 | 000,017,362 | ---- | C] () -- C:\WINDOWS\Rhododendron.bmp
[2011/12/15 06:28:59 | 000,017,336 | ---- | C] () -- C:\WINDOWS\Gone Fishing.bmp
[2011/12/15 06:28:59 | 000,017,062 | ---- | C] () -- C:\WINDOWS\Coffee Bean.bmp
[2011/12/15 06:28:59 | 000,016,730 | ---- | C] () -- C:\WINDOWS\FeatherTexture.bmp
[2011/12/15 06:28:59 | 000,009,522 | ---- | C] () -- C:\WINDOWS\Zapotec.bmp
[2011/12/15 06:28:59 | 000,001,272 | ---- | C] () -- C:\WINDOWS\Blue Lace 16.bmp
[2011/12/15 06:28:57 | 000,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h
[2011/12/15 06:28:57 | 000,001,161 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2011/12/15 06:28:56 | 000,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h
[2011/12/15 06:28:51 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc
[2011/12/14 22:23:38 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011/12/14 22:23:36 | 001,685,606 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.spd
[2011/12/14 22:23:36 | 000,605,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa
[2011/12/14 22:23:36 | 000,000,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.sdf
[2011/12/14 22:23:35 | 000,643,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa
[2011/12/14 22:23:23 | 000,001,688 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2011/12/14 22:23:14 | 000,141,702 | ---- | C] () -- C:\WINDOWS\System32\dllcache\netfx.cat
[2011/12/14 22:23:14 | 000,011,651 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn9.cat
[2011/12/14 22:23:13 | 001,042,903 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP2.CAT
[2011/12/14 22:23:13 | 000,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2011/12/14 22:23:13 | 000,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2011/12/14 22:23:13 | 000,110,116 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tabletpc.cat
[2011/12/14 22:23:13 | 000,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2011/12/14 22:23:13 | 000,031,965 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mediactr.cat
[2011/12/14 22:23:13 | 000,031,281 | ---- | C] () -- C:\WINDOWS\System32\dllcache\FP4.CAT
[2011/12/14 22:23:13 | 000,024,209 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn7.cat
[2011/12/14 22:23:13 | 000,013,753 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IMS.CAT
[2011/12/14 22:23:13 | 000,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2011/12/14 22:23:13 | 000,009,581 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSMSGS.CAT
[2011/12/14 22:23:13 | 000,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2011/12/14 22:23:13 | 000,007,382 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2011/12/14 22:23:13 | 000,007,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat
[2011/12/14 22:23:13 | 000,007,245 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSTSWEB.CAT
[2011/12/14 22:23:12 | 002,012,670 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5.CAT
[2011/12/14 22:23:12 | 000,502,724 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5INF.CAT
[2011/12/14 22:22:37 | 000,090,296 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/12/14 22:21:05 | 000,000,211 | -HS- | C] () -- C:\boot.ini
[2011/12/14 22:21:01 | 000,000,261 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf
[2008/05/16 14:01:00 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2008/05/16 14:01:00 | 001,699,840 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2008/05/16 14:01:00 | 001,486,848 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2008/05/16 14:01:00 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2008/05/16 14:01:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2008/05/16 14:01:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008/05/16 14:01:00 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2008/05/16 14:01:00 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2008/05/16 14:01:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2004/08/03 17:07:22 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2004/08/03 16:56:44 | 000,164,975 | RHS- | C] () -- C:\WINDOWS\System32\jcpknkyk.dll
[2004/08/03 16:56:44 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[2004/08/02 06:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/07/17 03:36:38 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[2001/08/23 06:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001/08/23 06:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001/08/23 06:00:00 | 000,311,934 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001/08/23 06:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001/08/23 06:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001/08/23 06:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001/08/23 06:00:00 | 000,040,196 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001/08/23 06:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001/08/23 06:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001/08/23 06:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat

========== LOP Check ==========

[2011/12/15 13:49:55 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\akko baby\Application Data\.#
[2011/12/17 04:12:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\akko baby\Application Data\A2 Entertainment
[2011/12/17 09:57:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\akko baby\Application Data\BitTorrent
[2011/12/17 11:31:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\akko baby\Application Data\DMCache
[2011/12/17 09:08:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\akko baby\Application Data\Farm Mania 2.1
[2011/12/17 04:17:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\akko baby\Application Data\freshgames
[2011/12/17 07:42:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\akko baby\Application Data\IDM
[2011/12/16 06:43:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\akko baby\Application Data\LestaStudio
[2011/12/16 12:23:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\akko baby\Application Data\Meridian93
[2011/12/15 07:20:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\akko baby\Application Data\Thinstall
[2011/12/16 06:37:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Cateia Games
[2011/12/17 04:17:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\freshgames
[2011/12/17 02:58:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HipSoft
[2011/12/17 02:21:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2011/12/17 11:06:32 | 000,000,446 | ---- | M] () -- C:\WINDOWS\Tasks\RegCure Program Check.job
[2011/12/15 09:04:36 | 000,000,380 | ---- | M] () -- C:\WINDOWS\Tasks\RegCure.job

========== Purity Check ==========



========== Custom Scans ==========



< MD5 for: EXPLORER.EXE >
[2004/08/03 16:56:50 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\explorer.exe
[2004/08/03 16:56:50 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\system32\dllcache\explorer.exe

< MD5 for: SVCHOST.EXE >
[2004/08/03 16:56:58 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2004/08/03 16:56:58 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\system32\svchost.exe

< MD5 for: USERINIT.EXE >
[2004/08/03 16:56:58 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\system32\dllcache\userinit.exe
[2004/08/03 16:56:58 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2004/08/03 16:56:58 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2004/08/03 16:56:58 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\system32\winlogon.exe

< %SYSTEMDRIVE%\*.exe >

< %systemroot%\Fonts\*.com >

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2011/12/15 06:31:59 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >
[2011/12/15 12:03:59 | 000,120,083 | RHS- | M] () -- C:\WINDOWS\Fonts\uninstall_.exe

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >

< %PROGRAMFILES%\*.* >

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >
[2011/12/14 22:21:04 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2011/12/14 22:21:04 | 000,659,456 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2011/12/14 22:21:04 | 000,888,832 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >
[2011/12/15 06:32:36 | 000,000,294 | -HS- | M] () -- C:\Documents and Settings\All Users\Start Menu\desktop.ini

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2011/12/15 06:38:02 | 000,000,119 | -HS- | M] () -- C:\Documents and Settings\akko baby\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop.ini
[2011/12/15 06:38:01 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\akko baby\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf

< %USERPROFILE%\Desktop\*.exe >
[2011/05/10 23:14:59 | 067,784,216 | ---- | M] (PC Tools ) -- C:\Documents and Settings\akko baby\Desktop\avinstall_dl.exe
[2011/12/17 11:22:23 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\akko baby\Desktop\OTL.exe
[2010/11/24 17:13:15 | 014,962,688 | ---- | M] (NETGATE Technologies s.r.o.) -- C:\Documents and Settings\akko baby\Desktop\RegistryCleaner.exe

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\*.src >

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >

< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32\test\*.* >

< %systemroot%\system32\Rundll32\*.* >

< %systemroot%\AppPatch\Custom\*.* >

< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >

< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >

< %PROGRAMFILES%\Internet Explorer\*.tmp >

< %PROGRAMFILES%\Internet Explorer\*.dat >

< %USERPROFILE%\My Documents\*.exe >

< %USERPROFILE%\*.exe >

< %systemroot%\ADDINS\*.* >

< %systemroot%\assembly\*.bak2 >

< %systemroot%\Config\*.* >

< %systemroot%\REPAIR\*.bak2 >

< %systemroot%\SECURITY\Database\*.sdb /x >

< %systemroot%\SYSTEM\*.bak2 >

< %systemroot%\Web\*.bak2 >

< %systemroot%\Driver Cache\*.* >

< %PROGRAMFILES%\Mozilla Firefox\0*.exe >

< %ProgramFiles%\Microsoft Common\*.* >

< %ProgramFiles%\TinyProxy. >

< %USERPROFILE%\Favorites\*.url /x >
[2011/12/15 06:38:01 | 000,000,122 | -HS- | M] () -- C:\Documents and Settings\akko baby\Favorites\Desktop.ini

< %systemroot%\system32\*.bk >

< %systemroot%\*.te >

< %systemroot%\system32\system32\*.* >

< %ALLUSERSPROFILE%\*.dat /x >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >

========== Alternate Data Streams ==========

@Alternate Data Stream - 128 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4EC7F009
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:114C90CA

< End of report >

andddddddddddddddddddddd


OTL Extras logfile created on: 12/17/2011 11:25:05 AM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\akko baby\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.25 Gb Total Physical Memory | 0.63 Gb Available Physical Memory | 50.69% Memory free
1.11 Gb Paging File | 0.64 Gb Available in Paging File | 57.54% Paging File free
Paging file location(s): [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 19.53 Gb Total Space | 11.84 Gb Free Space | 60.60% Space Free | Partition Type: NTFS
Drive D: | 19.53 Gb Total Space | 1.80 Gb Free Space | 9.21% Space Free | Partition Type: NTFS
Drive E: | 19.53 Gb Total Space | 2.54 Gb Free Space | 13.00% Space Free | Partition Type: NTFS
Drive F: | 19.53 Gb Total Space | 3.39 Gb Free Space | 17.33% Space Free | Partition Type: NTFS
Drive G: | 15.93 Gb Total Space | 1.48 Gb Free Space | 9.31% Space Free | Partition Type: NTFS
Drive H: | 17.73 Gb Total Space | 8.60 Gb Free Space | 48.52% Space Free | Partition Type: NTFS

Computer Name: ABC-6473F0BBD5D | User Name: akko baby | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 1
"UpdatesDisableNotify" = 1
"AntiVirusOverride" = 1
"FirewallOverride" = 1
"UacDisableNotify" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 1
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 1
"FirewallOverride" = 1
"UpdatesDisableNotify" = 1
"UacDisableNotify" = 1

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"uninstall_.exe" = uninstall_.exe:*:Enabled:SYSTEM

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"G:\llypt.pif" = G:\llypt.pif:*:Enabled:ipsec -- ()
"C:\WINDOWS\Explorer.EXE" = C:\WINDOWS\Explorer.EXE:*:Enabled:ipsec -- (Microsoft Corporation)
"C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" = C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe:*:Enabled:ipsec -- (Malwarebytes Corporation)
"C:\WINDOWS\system32\userinit.exe" = C:\WINDOWS\system32\userinit.exe:*:Enabled:ipsec -- (Microsoft Corporation)
"C:\Program Files\Analog Devices\SoundMAX\DrvLsnr.exe" = C:\Program Files\Analog Devices\SoundMAX\DrvLsnr.exe:*:Enabled:ipsec -- (adi)
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winhssml.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winhssml.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\wintdkrp.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\wintdkrp.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\rvaxxi.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\rvaxxi.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\raqyy.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\raqyy.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\ivgseh.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\ivgseh.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winvfsiv.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winvfsiv.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\nrstl.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\nrstl.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winkuyf.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winkuyf.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winbpdu.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winbpdu.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\mldbn.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\mldbn.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winebshoc.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winebshoc.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\xgjdng.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\xgjdng.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winfjipki.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winfjipki.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\hoaat.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\hoaat.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\bwfjsi.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\bwfjsi.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\kvixes.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\kvixes.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\hyaxo.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\hyaxo.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\roblw.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\roblw.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winfokfx.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winfokfx.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winxaigs.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winxaigs.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\bjrhah.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\bjrhah.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winbxhlfq.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winbxhlfq.exe:*:Enabled:ipsec
"C:\Program Files\Internet Download Manager\IDMan.exe" = C:\Program Files\Internet Download Manager\IDMan.exe:*:Enabled:ipsec -- (Tonec Inc.)
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winetjy.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winetjy.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\wincfhgk.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\wincfhgk.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winehny.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winehny.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\jxuuk.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\jxuuk.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\tsibkt.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\tsibkt.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winbcxpr.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winbcxpr.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\wnqh.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\wnqh.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winuuufx.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winuuufx.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winwdalcb.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winwdalcb.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\anas.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\anas.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winmtkhu.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winmtkhu.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\dtyp.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\dtyp.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\yqqam.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\yqqam.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\slkhs.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\slkhs.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\lhpu.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\lhpu.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\myvf.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\myvf.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winhhufpx.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winhhufpx.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winygcwt.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winygcwt.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winbtwbf.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winbtwbf.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winrqxy.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winrqxy.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winshfmlc.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winshfmlc.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\fexj.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\fexj.exe:*:Enabled:ipsec
"D:\dec2011\BitTorrent-7.6.exe" = D:\dec2011\BitTorrent-7.6.exe:*:Enabled:ipsec -- (BitTorrent, Inc.)
"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:ipsec -- (Mozilla Corporation)
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\vbdsx.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\vbdsx.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winkwlvom.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winkwlvom.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\tcts.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\tcts.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winjsfjkc.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winjsfjkc.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\tvkki.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\tvkki.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winfvot.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winfvot.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\wingdrt.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\wingdrt.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\gxsxl.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\gxsxl.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\vlby.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\vlby.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\ebovp.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\ebovp.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winjuvx.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winjuvx.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\tksag.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\tksag.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winonidme.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winonidme.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\spsdvi.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\spsdvi.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\wincfbj.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\wincfbj.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\usgyg.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\usgyg.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winwjkr.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winwjkr.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\windadfas.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\windadfas.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\wingaapw.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\wingaapw.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winkrmit.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winkrmit.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winllsqx.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winllsqx.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winytge.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winytge.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winyipoid.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winyipoid.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winywkmsk.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winywkmsk.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winavim.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winavim.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\ijgsg.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\ijgsg.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winmomkqr.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winmomkqr.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\jyim.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\jyim.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\smjw.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\smjw.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winolcf.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winolcf.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winfjei.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winfjei.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\ulxe.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\ulxe.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winffih.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winffih.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\kiet.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\kiet.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winjkit.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winjkit.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winrjiike.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winrjiike.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\ggquyo.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\ggquyo.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\moeix.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\moeix.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\qnxeqq.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\qnxeqq.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\jdsjp.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\jdsjp.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winkqnvv.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winkqnvv.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winhkpbr.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winhkpbr.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\gxowbw.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\gxowbw.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winnbba.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winnbba.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winwdxe.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winwdxe.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winqexcoh.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winqexcoh.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\lobqvn.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\lobqvn.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\gumdc.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\gumdc.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winrsgty.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winrsgty.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winjlpymu.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winjlpymu.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winhcju.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winhcju.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winlohh.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winlohh.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winplpq.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winplpq.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\yficy.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\yficy.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\vmja.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\vmja.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\ikkf.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\ikkf.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\xidl.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\xidl.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\rbtg.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\rbtg.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winymjin.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winymjin.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\rirus.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\rirus.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\wintqmdqt.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\wintqmdqt.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\wvxid.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\wvxid.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\vscadc.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\vscadc.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\wingpkbin.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\wingpkbin.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\xfyqf.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\xfyqf.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winicupi.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winicupi.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winlhhd.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winlhhd.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\xvcokt.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\xvcokt.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winscet.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winscet.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\djlqdu.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\djlqdu.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winkpqkma.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winkpqkma.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\pvbbu.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\pvbbu.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\hcch.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\hcch.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\aihrw.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\aihrw.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\pncfc.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\pncfc.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\wingiskf.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\wingiskf.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winbpgdlj.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winbpgdlj.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winqmkdd.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winqmkdd.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\njwf.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\njwf.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\jbfqcf.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\jbfqcf.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winglwwtg.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winglwwtg.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\jprv.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\jprv.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winpywjhn.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winpywjhn.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\bruq.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\bruq.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winkgee.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winkgee.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winrgghed.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winrgghed.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\yalnu.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\yalnu.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winxjdioc.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winxjdioc.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winugsq.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winugsq.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winoxnuj.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winoxnuj.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winmwnjc.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winmwnjc.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winscxusm.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winscxusm.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\sxxuys.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\sxxuys.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winqfotsv.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winqfotsv.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winwnfug.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winwnfug.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\clnwbv.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\clnwbv.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\wingnkye.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\wingnkye.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\cfoxj.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\cfoxj.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winxdtku.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winxdtku.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\wpccve.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\wpccve.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\xvhe.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\xvhe.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winrqhflx.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winrqhflx.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\gvfyy.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\gvfyy.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winhlobu.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winhlobu.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\wingave.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\wingave.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\hcem.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\hcem.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winhibp.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winhibp.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winenxfs.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winenxfs.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winbvvq.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winbvvq.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winghkgf.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winghkgf.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winletyx.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winletyx.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\poxyxf.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\poxyxf.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\kpnmb.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\kpnmb.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\mrfd.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\mrfd.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winnrqp.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winnrqp.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winxvjmqq.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\winxvjmqq.exe:*:Enabled:ipsec -- ()
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\ktwd.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\ktwd.exe:*:Enabled:ipsec
"C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\windqfrbf.exe" = C:\DOCUME~1\AKKOBA~1\LOCALS~1\Temp\windqfrbf.exe:*:Enabled:ipsec


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{DA9DAC64-C947-47BA-B411-8A1959B177CF}" = LightScribe System Software 1.14.25.1
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F5242227-2051-4158-AC42-0F2BAA3CD3D6}" = HP SetRefresh
"{FC57FC53-104C-415C-98D7-B05E659461A9}" = Broadcom NetXtreme Ethernet Controller
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"BitTorrent" = BitTorrent
"CCleaner" = CCleaner
"Connection Manager" = Microsoft Connection Manager
"Farm Mania-Hot Vacation" = Farm Mania-Hot Vacation
"Internet Download Manager" = Internet Download Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.2.1300
"Mozilla Firefox 7.0.1 (x86 en-US)" = Mozilla Firefox 7.0.1 (x86 en-US)
"Nero8Lite_is1" = Nero 8 Micro 8.3.6.0
"NVIDIA Drivers" = NVIDIA Drivers
"WinRAR archiver" = WinRAR 4.01 (32-bit)

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 12/16/2011 10:16:52 AM | Computer Name = ABC-6473F0BBD5D | Source = Application Error | ID = 1000
Description = Faulting application bittorrent.exe, version 7.1.0.22001, faulting
module bittorrent.exe, version 7.1.0.22001, fault address 0x003d011c.

Error - 12/16/2011 1:14:05 PM | Computer Name = ABC-6473F0BBD5D | Source = Application Hang | ID = 1002
Description = Hanging application Kids Games 2.exe, version 7.5.1004.0, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 12/16/2011 1:43:58 PM | Computer Name = ABC-6473F0BBD5D | Source = Application Hang | ID = 1002
Description = Hanging application Kids Games 2.exe, version 7.5.1004.0, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 12/16/2011 1:45:12 PM | Computer Name = ABC-6473F0BBD5D | Source = Application Hang | ID = 1002
Description = Hanging application Kids Games 2.exe, version 7.5.1004.0, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 12/16/2011 1:55:09 PM | Computer Name = ABC-6473F0BBD5D | Source = Application Hang | ID = 1002
Description = Hanging application Kids Games 2.exe, version 7.5.1004.0, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 12/17/2011 5:18:17 AM | Computer Name = ABC-6473F0BBD5D | Source = Application Error | ID = 1000
Description = Faulting application bittorrent.exe, version 7.6.0.26595, faulting
module bittorrent.exe, version 7.6.0.26595, fault address 0x006f611b.

Error - 12/17/2011 5:19:20 AM | Computer Name = ABC-6473F0BBD5D | Source = Application Error | ID = 1000
Description = Faulting application bittorrent.exe, version 7.6.0.26595, faulting
module bittorrent.exe, version 7.6.0.26595, fault address 0x006f611b.

Error - 12/17/2011 10:55:49 AM | Computer Name = ABC-6473F0BBD5D | Source = Application Hang | ID = 1002
Description = Hanging application Kids Games 2.exe, version 7.5.1004.0, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

[ System Events ]
Error - 12/17/2011 1:53:45 PM | Computer Name = ABC-6473F0BBD5D | Source = SideBySide | ID = 16842811
Description = Generate Activation Context failed for C:\Program Files\VideoLAN\VLC\vlc.exe.
Reference
error message: The operation completed successfully. .

Error - 12/17/2011 1:53:45 PM | Computer Name = ABC-6473F0BBD5D | Source = SideBySide | ID = 16842811
Description = Resolve Partial Assembly failed for Microsoft.Windows.Common-Controls.
Reference
error message: The system cannot find the path specified. .

Error - 12/17/2011 1:53:45 PM | Computer Name = ABC-6473F0BBD5D | Source = SideBySide | ID = 16842811
Description = Generate Activation Context failed for C:\Program Files\VideoLAN\VLC\vlc.exe.
Reference
error message: The operation completed successfully. .

Error - 12/17/2011 1:53:45 PM | Computer Name = ABC-6473F0BBD5D | Source = SideBySide | ID = 16842811
Description = Resolve Partial Assembly failed for Microsoft.Windows.Common-Controls.
Reference
error message: The system cannot find the path specified. .

Error - 12/17/2011 1:53:45 PM | Computer Name = ABC-6473F0BBD5D | Source = SideBySide | ID = 16842811
Description = Generate Activation Context failed for C:\Program Files\VideoLAN\VLC\vlc.exe.
Reference
error message: The operation completed successfully. .

Error - 12/17/2011 3:06:46 PM | Computer Name = ABC-6473F0BBD5D | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume F:.

Error - 12/17/2011 3:06:46 PM | Computer Name = ABC-6473F0BBD5D | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume F:.

Error - 12/17/2011 3:07:41 PM | Computer Name = ABC-6473F0BBD5D | Source = Service Control Manager | ID = 7023
Description = The System Center service terminated with the following error: %%1114

Error - 12/17/2011 3:11:36 PM | Computer Name = ABC-6473F0BBD5D | Source = Service Control Manager | ID = 7023
Description = The Computer Browser service terminated with the following error:
%%1460

Error - 12/17/2011 3:12:09 PM | Computer Name = ABC-6473F0BBD5D | Source = PlugPlayManager | ID = 11
Description = The device Root\LEGACY_AMSINT32\0000 disappeared from the system without
first being prepared for removal.


< End of report >
  • 0

#15
hardan

hardan

    Member

  • Topic Starter
  • Member
  • PipPip
  • 21 posts
i,m sorry to send to again otl log file but i think may be every thing will start from bigining so i give log file.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP