[code] OTScanIt2 logfile created on: 12/25/2008 2:47:40 PM - Run 1 OTScanIt2 by OldTimer - Version 1.0.4.0 Folder = C:\Documents and Settings\Adam\Desktop\OTScanIt2 Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 1014.07 Mb Total Physical Memory | 662.99 Mb Available Physical Memory | 65.38% Memory free 2.39 Gb Paging File | 2.13 Gb Available in Paging File | 89.34% Paging File free Paging file location(s): C:\pagefile.sys 1524 3048; %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 37.24 Gb Total Space | 15.15 Gb Free Space | 40.69% Space Free | Partition Type: NTFS Drive D: | 671.15 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS Drive E: | 111.75 Gb Total Space | 111.68 Gb Free Space | 99.94% Space Free | Partition Type: NTFS F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: COMPUTER Current User Name: Adam Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Whitelist: On File Age = 30 Days [Processes - Safe List] ashdisp.exe -> %ProgramFiles%\Alwil Software\Avast4\ashDisp.exe -> [2008/11/26 09:18:51 | 00,081,000 | ---- | M] (ALWIL Software) ashmaisv.exe -> %ProgramFiles%\Alwil Software\Avast4\ashMaiSv.exe -> [2008/11/26 09:18:32 | 00,254,040 | ---- | M] (ALWIL Software) ashserv.exe -> %ProgramFiles%\Alwil Software\Avast4\ashServ.exe -> [2008/11/26 09:18:46 | 00,155,160 | ---- | M] (ALWIL Software) ashwebsv.exe -> %ProgramFiles%\Alwil Software\Avast4\ashWebSv.exe -> [2008/11/26 09:16:23 | 00,352,920 | ---- | M] (ALWIL Software) aswupdsv.exe -> %ProgramFiles%\Alwil Software\Avast4\aswUpdSv.exe -> [2008/11/26 09:12:08 | 00,018,752 | ---- | M] (ALWIL Software) btdna.exe -> %ProgramFiles%\DNA\btdna.exe -> [2008/12/21 09:51:43 | 00,342,848 | ---- | M] (BitTorrent, Inc.) daemon.exe -> %ProgramFiles%\DAEMON Tools Lite\daemon.exe -> [2008/12/10 01:02:30 | 00,216,520 | ---- | M] (DT Soft Ltd) googleupdaterservice.exe -> %ProgramFiles%\Google\Common\Google Updater\GoogleUpdaterService.exe -> [2008/12/21 22:58:04 | 00,168,432 | ---- | M] (Google) groovemonitor.exe -> %ProgramFiles%\Microsoft Office\Office12\GrooveMonitor.exe -> [2006/10/27 00:47:42 | 00,031,016 | ---- | M] (Microsoft Corporation) hkcmd.exe -> %SystemRoot%\system32\hkcmd.exe -> [2005/04/05 21:19:18 | 00,077,824 | ---- | M] (Intel Corporation) igfxpers.exe -> %SystemRoot%\system32\igfxpers.exe -> [2005/04/05 21:23:14 | 00,114,688 | ---- | M] (Intel Corporation) lexbces.exe -> %SystemRoot%\system32\LEXBCES.EXE -> [2003/02/28 01:28:34 | 00,303,104 | ---- | M] (Lexmark International, Inc.) lexpps.exe -> %SystemRoot%\system32\LEXPPS.EXE -> [2003/02/28 01:26:00 | 00,174,592 | ---- | M] (Lexmark International, Inc.) lxbabmgr.exe -> %ProgramFiles%\Lexmark X5100 Series\lxbabmgr.exe -> [2003/03/04 07:49:22 | 00,086,100 | ---- | M] (Lexmark International, Inc.) lxbabmon.exe -> %ProgramFiles%\Lexmark X5100 Series\lxbabmon.exe -> [2003/03/04 08:04:40 | 00,049,152 | ---- | M] (Lexmark International, Inc.) onenotem.exe -> %ProgramFiles%\Microsoft Office\Office12\ONENOTEM.EXE -> [2006/10/26 20:24:54 | 00,098,632 | ---- | M] (Microsoft Corporation) otscanit2.exe -> %UserProfile%\Desktop\OTScanIt2\OTScanIt2.exe -> [2008/12/21 18:43:24 | 00,477,184 | ---- | M] (OldTimer Tools) smax4pnp.exe -> %ProgramFiles%\Analog Devices\Core\smax4pnp.exe -> [2004/10/14 14:42:54 | 01,404,928 | ---- | M] (Analog Devices, Inc.) wuauclt.exe -> %SystemRoot%\system32\wuauclt.exe -> [2008/10/16 14:09:44 | 00,051,224 | ---- | M] (Microsoft Corporation) [Win32 Services - Safe List] (aswUpdSv) avast! iAVS4 Control Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Alwil Software\Avast4\aswUpdSv.exe -> [2008/11/26 09:12:08 | 00,018,752 | ---- | M] (ALWIL Software) (avast! Antivirus) avast! Antivirus [Win32_Own | Auto | Running] -> %ProgramFiles%\Alwil Software\Avast4\ashServ.exe -> [2008/11/26 09:18:46 | 00,155,160 | ---- | M] (ALWIL Software) (avast! Mail Scanner) avast! Mail Scanner [Win32_Own | On_Demand | Running] -> %ProgramFiles%\Alwil Software\Avast4\ashMaiSv.exe -> [2008/11/26 09:18:32 | 00,254,040 | ---- | M] (ALWIL Software) (avast! Web Scanner) avast! Web Scanner [Win32_Own | On_Demand | Running] -> %ProgramFiles%\Alwil Software\Avast4\ashWebSv.exe -> [2008/11/26 09:16:23 | 00,352,920 | ---- | M] (ALWIL Software) (gusvc) Google Updater Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Google\Common\Google Updater\GoogleUpdaterService.exe -> [2008/12/21 22:58:04 | 00,168,432 | ---- | M] (Google) (helpsvc) Help and Support [Win32_Shared | Auto | Running] -> %SystemRoot%\pchealth\helpctr\binaries\pchsvc.dll -> [2004/08/04 02:00:00 | 00,038,912 | ---- | M] (Microsoft Corporation) (LexBceS) LexBce Server [Win32_Own | Auto | Running] -> %SystemRoot%\system32\LEXBCES.EXE -> [2003/02/28 01:28:34 | 00,303,104 | ---- | M] (Lexmark International, Inc.) (Microsoft Office Groove Audit Service) Microsoft Office Groove Audit Service [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Microsoft Office\Office12\GrooveAuditService.exe -> [2006/10/27 00:47:54 | 00,065,824 | ---- | M] (Microsoft Corporation) (odserv) Microsoft Office Diagnostics Service [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Microsoft Shared\OFFICE12\ODSERV.EXE -> [2006/10/26 19:49:34 | 00,441,136 | ---- | M] (Microsoft Corporation) (ose) Office Source Engine [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Microsoft Shared\Source Engine\OSE.EXE -> [2006/10/26 14:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) [Driver Services - Safe List] (Aavmker4) avast! Asynchronous Virus Monitor [Kernel | System | Running] -> %SystemRoot%\System32\drivers\aavmker4.sys -> [2008/11/26 09:15:35 | 00,026,944 | ---- | M] (ALWIL Software) (Aavmker4) avast! Asynchronous Virus Monitor [Kernel | System | Running] -> %SystemRoot%\System32\drivers\aavmker4.sys -> [2008/11/26 09:15:35 | 00,026,944 | ---- | M] (ALWIL Software) (aswFsBlk) aswFsBlk [File_System | Auto | Running] -> %SystemRoot%\system32\drivers\aswFsBlk.sys -> [2008/11/26 09:17:25 | 00,020,560 | ---- | M] (ALWIL Software) (aswFsBlk) aswFsBlk [File_System | Auto | Running] -> %SystemRoot%\system32\drivers\aswFsBlk.sys -> [2008/11/26 09:17:25 | 00,020,560 | ---- | M] (ALWIL Software) (aswMon2) avast! Standard Shield Support [File_System | Auto | Running] -> %SystemRoot%\System32\drivers\aswmon2.sys -> [2008/11/26 09:18:18 | 00,094,032 | ---- | M] (ALWIL Software) (aswMon2) avast! Standard Shield Support [File_System | Auto | Running] -> %SystemRoot%\System32\drivers\aswmon2.sys -> [2008/11/26 09:18:18 | 00,094,032 | ---- | M] (ALWIL Software) (aswRdr) aswRdr [Kernel | On_Demand | Running] -> %SystemRoot%\System32\drivers\aswRdr.sys -> [2008/11/26 09:16:29 | 00,023,152 | ---- | M] (ALWIL Software) (aswRdr) aswRdr [Kernel | On_Demand | Running] -> %SystemRoot%\System32\drivers\aswRdr.sys -> [2008/11/26 09:16:29 | 00,023,152 | ---- | M] (ALWIL Software) (aswSP) avast! Self Protection [Kernel | System | Running] -> %SystemRoot%\System32\drivers\aswSP.sys -> [2008/11/26 09:17:36 | 00,111,184 | ---- | M] (ALWIL Software) (aswSP) avast! Self Protection [Kernel | System | Running] -> %SystemRoot%\System32\drivers\aswSP.sys -> [2008/11/26 09:17:36 | 00,111,184 | ---- | M] (ALWIL Software) (aswTdi) avast! Network Shield Support [Kernel | System | Running] -> %SystemRoot%\System32\drivers\aswTdi.sys -> [2008/11/26 09:16:38 | 00,050,864 | ---- | M] (ALWIL Software) (aswTdi) avast! Network Shield Support [Kernel | System | Running] -> %SystemRoot%\System32\drivers\aswTdi.sys -> [2008/11/26 09:16:38 | 00,050,864 | ---- | M] (ALWIL Software) (b57w2k) Broadcom NetXtreme 57xx Gigabit Controller [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\b57xp32.sys -> [2005/03/17 16:30:10 | 00,132,608 | R--- | M] (Broadcom Corporation) (b57w2k) Broadcom NetXtreme 57xx Gigabit Controller [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\b57xp32.sys -> [2005/03/17 16:30:10 | 00,132,608 | R--- | M] (Broadcom Corporation) (cercsr6) cercsr6 [Kernel | Boot | Stopped] -> %SystemRoot%\System32\drivers\cercsr6.sys -> [2004/12/13 13:14:00 | 00,039,904 | ---- | M] (Adaptec, Inc.) (cercsr6) cercsr6 [Kernel | Boot | Stopped] -> %SystemRoot%\System32\drivers\cercsr6.sys -> [2004/12/13 13:14:00 | 00,039,904 | ---- | M] (Adaptec, Inc.) (ialm) ialm [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\ialmnt5.sys -> [2005/04/05 21:46:28 | 00,830,684 | ---- | M] (Intel Corporation) (ialm) ialm [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\ialmnt5.sys -> [2005/04/05 21:46:28 | 00,830,684 | ---- | M] (Intel Corporation) (kbdhid) Keyboard HID Driver [Kernel | System | Running] -> %SystemRoot%\system32\drivers\kbdhid.sys -> [2004/08/04 02:00:00 | 00,014,848 | ---- | M] (Microsoft Corporation) (kbdhid) Keyboard HID Driver [Kernel | System | Running] -> %SystemRoot%\system32\drivers\kbdhid.sys -> [2004/08/04 02:00:00 | 00,014,848 | ---- | M] (Microsoft Corporation) (Ptilink) Direct Parallel Link Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\ptilink.sys -> [2004/08/04 02:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) (Ptilink) Direct Parallel Link Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\ptilink.sys -> [2004/08/04 02:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) (PxHelp20) PxHelp20 [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\PxHelp20.sys -> [2008/11/21 13:47:48 | 00,043,528 | ---- | M] (Sonic Solutions) (PxHelp20) PxHelp20 [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\PxHelp20.sys -> [2008/11/21 13:47:48 | 00,043,528 | ---- | M] (Sonic Solutions) (Secdrv) Secdrv [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\secdrv.sys -> [2008/12/23 09:23:43 | 00,011,973 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) (Secdrv) Secdrv [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\secdrv.sys -> [2008/12/23 09:23:43 | 00,011,973 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) (senfilt) senfilt [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\senfilt.sys -> [2004/09/17 09:02:54 | 00,732,928 | ---- | M] (Creative Technology Ltd.) (senfilt) senfilt [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\senfilt.sys -> [2004/09/17 09:02:54 | 00,732,928 | ---- | M] (Creative Technology Ltd.) (smwdm) smwdm [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\smwdm.sys -> [2005/01/27 15:31:06 | 00,260,352 | ---- | M] (Analog Devices, Inc.) (smwdm) smwdm [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\smwdm.sys -> [2005/01/27 15:31:06 | 00,260,352 | ---- | M] (Analog Devices, Inc.) (sptd) sptd [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\sptd.sys -> [2008/12/21 09:52:19 | 00,717,296 | ---- | M] () (sptd) sptd [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\sptd.sys -> [2008/12/21 09:52:19 | 00,717,296 | ---- | M] () [Registry - Safe List] < Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> HKEY_LOCAL_MACHINE\: Main\\"Default_Page_URL" -> http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome -> HKEY_LOCAL_MACHINE\: Main\\"Default_Search_URL" -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKEY_LOCAL_MACHINE\: Main\\"Local Page" -> %SystemRoot%\system32\blank.htm -> HKEY_LOCAL_MACHINE\: Main\\"Search Page" -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKEY_LOCAL_MACHINE\: Main\\"Start Page" -> http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home -> HKEY_LOCAL_MACHINE\: Search\\"CustomizeSearch" -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm -> HKEY_LOCAL_MACHINE\: Search\\"SearchAssistant" -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm -> < Internet Explorer Settings [HKEY_CURRENT_USER\] > -> -> HKEY_CURRENT_USER\: Main\\"Local Page" -> C:\WINDOWS\system32\blank.htm -> HKEY_CURRENT_USER\: Main\\"Search Page" -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKEY_CURRENT_USER\: Main\\"Start Page" -> http://www.ask.com/?o=101760&l=dis -> HKEY_CURRENT_USER\: SearchURL\\"provider" -> -> HKEY_CURRENT_USER\: "ProxyEnable" -> 0 -> < Internet Explorer Settings [HKEY_USERS\.DEFAULT\] > -> -> HKEY_USERS\.DEFAULT\: "ProxyEnable" -> 0 -> < Internet Explorer Settings [HKEY_USERS\S-1-5-18\] > -> -> HKEY_USERS\S-1-5-18\: "ProxyEnable" -> 0 -> < Internet Explorer Settings [HKEY_USERS\S-1-5-19\] > -> -> < Internet Explorer Settings [HKEY_USERS\S-1-5-20\] > -> -> < Internet Explorer Settings [HKEY_USERS\S-1-5-21-2975499195-2408609035-1089515966-1007\] > -> -> HKEY_USERS\S-1-5-21-2975499195-2408609035-1089515966-1007\: Main\\"Local Page" -> C:\WINDOWS\system32\blank.htm -> HKEY_USERS\S-1-5-21-2975499195-2408609035-1089515966-1007\: Main\\"Search Page" -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKEY_USERS\S-1-5-21-2975499195-2408609035-1089515966-1007\: Main\\"Start Page" -> http://www.ask.com/?o=101760&l=dis -> HKEY_USERS\S-1-5-21-2975499195-2408609035-1089515966-1007\: SearchURL\\"provider" -> -> HKEY_USERS\S-1-5-21-2975499195-2408609035-1089515966-1007\: "ProxyEnable" -> 0 -> < FireFox Settings [Default Profile] > -> C:\Documents and Settings\Adam\Application Data\Mozilla\FireFox\Profiles\eekxoddu.default\prefs.js -> browser.search.defaultenginename -> "Ask" -> browser.search.selectedEngine -> "Google" -> browser.startup.homepage -> "www.yahoo.com" -> browser.startup.homepage_override.mstone -> "rv:1.9.0.5" -> extensions.enabledItems -> {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.5 -> < HOSTS File > (734 bytes and 19 lines) -> C:\WINDOWS\System32\drivers\etc\Hosts -> 127.0.0.1 localhost < BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} [HKLM] -> %CommonProgramFiles%\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [Adobe PDF Link Helper] -> [2008/06/11 22:33:16 | 00,075,128 | ---- | M] (Adobe Systems Incorporated) {201f27d4-3704-41d6-89c1-aa35e39143ed} [HKLM] -> %ProgramFiles%\AskBarDis\bar\bin\askBar.dll [AskBar BHO] -> [2008/09/29 17:24:28 | 00,325,000 | ---- | M] (Ask.com) {72853161-30C5-4D22-B7F9-0BBC1D38A37E} [HKLM] -> %ProgramFiles%\Microsoft Office\Office12\GrooveShellExtensions.dll [Groove GFS Browser Helper] -> [2006/10/27 00:48:42 | 02,210,608 | ---- | M] (Microsoft Corporation) {AA58ED58-01DD-4d91-8333-CF10577473F7} [HKLM] -> %ProgramFiles%\Google\Google Toolbar\GoogleToolbar.dll [Google Toolbar Helper] -> [2008/12/21 22:58:31 | 00,251,504 | ---- | M] () {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} [HKLM] -> %ProgramFiles%\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll [Google Toolbar Notifier BHO] -> [2008/12/21 22:58:10 | 00,657,904 | ---- | M] (Google Inc.) {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} [HKLM] -> %ProgramFiles%\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll [Google Dictionary Compression sdch] -> [2008/12/21 22:58:29 | 00,522,224 | ---- | M] (Google Inc.) < Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar -> "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" [HKLM] -> %ProgramFiles%\Google\Google Toolbar\GoogleToolbar.dll [&Google Toolbar] -> [2008/12/21 22:58:31 | 00,251,504 | ---- | M] () "{3041d03e-fd4b-44e0-b742-2d9b88305f98}" [HKLM] -> %ProgramFiles%\AskBarDis\bar\bin\askBar.dll [Ask Toolbar] -> [2008/09/29 17:24:28 | 00,325,000 | ---- | M] (Ask.com) "{32099AAC-C132-4136-9E9A-4E364A424E17}" [HKLM] -> %ProgramFiles%\DAEMON Tools Toolbar\DTToolbar.dll [DAEMON Tools Toolbar] -> [2008/12/10 00:19:12 | 00,929,224 | ---- | M] () < Internet Explorer ToolBars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ -> WebBrowser\\"{3041D03E-FD4B-44E0-B742-2D9B88305F98}" [HKLM] -> %ProgramFiles%\AskBarDis\bar\bin\askBar.dll [Ask Toolbar] -> [2008/09/29 17:24:28 | 00,325,000 | ---- | M] (Ask.com) WebBrowser\\"{32099AAC-C132-4136-9E9A-4E364A424E17}" [HKLM] -> %ProgramFiles%\DAEMON Tools Toolbar\DTToolbar.dll [DAEMON Tools Toolbar] -> [2008/12/10 00:19:12 | 00,929,224 | ---- | M] () < Internet Explorer ToolBars [HKEY_USERS\S-1-5-21-2975499195-2408609035-1089515966-1007\] > -> HKEY_USERS\S-1-5-21-2975499195-2408609035-1089515966-1007\Software\Microsoft\Internet Explorer\Toolbar\ -> WebBrowser\\"{3041D03E-FD4B-44E0-B742-2D9B88305F98}" [HKLM] -> %ProgramFiles%\AskBarDis\bar\bin\askBar.dll [Ask Toolbar] -> [2008/09/29 17:24:28 | 00,325,000 | ---- | M] (Ask.com) WebBrowser\\"{32099AAC-C132-4136-9E9A-4E364A424E17}" [HKLM] -> %ProgramFiles%\DAEMON Tools Toolbar\DTToolbar.dll [DAEMON Tools Toolbar] -> [2008/12/10 00:19:12 | 00,929,224 | ---- | M] () < Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "Adobe Reader Speed Launcher" -> %ProgramFiles%\Adobe\Reader 9.0\Reader\reader_sl.exe ["C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"] -> [2008/06/12 02:38:00 | 00,034,672 | ---- | M] (Adobe Systems Incorporated) "avast!" -> %ProgramFiles%\Alwil Software\Avast4\ashDisp.exe [C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe] -> [2008/11/26 09:18:51 | 00,081,000 | ---- | M] (ALWIL Software) "GrooveMonitor" -> %ProgramFiles%\Microsoft Office\Office12\GrooveMonitor.exe ["C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"] -> [2006/10/27 00:47:42 | 00,031,016 | ---- | M] (Microsoft Corporation) "HotKeysCmds" -> %SystemRoot%\system32\hkcmd.exe [C:\WINDOWS\system32\hkcmd.exe] -> [2005/04/05 21:19:18 | 00,077,824 | ---- | M] (Intel Corporation) "IgfxTray" -> %SystemRoot%\system32\igfxtray.exe [C:\WINDOWS\system32\igfxtray.exe] -> [2005/04/05 21:22:32 | 00,094,208 | ---- | M] (Intel Corporation) "Lexmark X5100 Series" -> %ProgramFiles%\Lexmark X5100 Series\lxbabmgr.exe ["C:\Program Files\Lexmark X5100 Series\lxbabmgr.exe"] -> [2003/03/04 07:49:22 | 00,086,100 | ---- | M] (Lexmark International, Inc.) "Persistence" -> %SystemRoot%\system32\igfxpers.exe [C:\WINDOWS\system32\igfxpers.exe] -> [2005/04/05 21:23:14 | 00,114,688 | ---- | M] (Intel Corporation) "SoundMAXPnP" -> %ProgramFiles%\Analog Devices\Core\smax4pnp.exe [C:\Program Files\Analog Devices\Core\smax4pnp.exe] -> [2004/10/14 14:42:54 | 01,404,928 | ---- | M] (Analog Devices, Inc.) < RunOnceEx [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx -> "Flags" -> [] -> File not found "Title" -> [UnHackMe Rootkit Check] -> File not found < Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "BitTorrent DNA" -> %ProgramFiles%\DNA\btdna.exe ["C:\Program Files\DNA\btdna.exe"] -> [2008/12/21 09:51:43 | 00,342,848 | ---- | M] (BitTorrent, Inc.) "DAEMON Tools Lite" -> %ProgramFiles%\DAEMON Tools Lite\daemon.exe ["C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun] -> [2008/12/10 01:02:30 | 00,216,520 | ---- | M] (DT Soft Ltd) < Run [HKEY_USERS\S-1-5-21-2975499195-2408609035-1089515966-1007\] > -> HKEY_USERS\S-1-5-21-2975499195-2408609035-1089515966-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "BitTorrent DNA" -> %ProgramFiles%\DNA\btdna.exe ["C:\Program Files\DNA\btdna.exe"] -> [2008/12/21 09:51:43 | 00,342,848 | ---- | M] (BitTorrent, Inc.) "DAEMON Tools Lite" -> %ProgramFiles%\DAEMON Tools Lite\daemon.exe ["C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun] -> [2008/12/10 01:02:30 | 00,216,520 | ---- | M] (DT Soft Ltd) < Adam Startup Folder > -> C:\Documents and Settings\Adam\Start Menu\Programs\Startup -> %UserProfile%\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk -> %ProgramFiles%\Microsoft Office\Office12\ONENOTEM.EXE -> [2006/10/26 20:24:54 | 00,098,632 | ---- | M] (Microsoft Corporation) < All Users Startup Folder > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup -> < Cheryl Startup Folder > -> C:\Documents and Settings\Cheryl\Start Menu\Programs\Startup -> %SystemDrive%\Documents and Settings\Cheryl\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk -> %ProgramFiles%\Microsoft Office\Office12\ONENOTEM.EXE -> [2006/10/26 20:24:54 | 00,098,632 | ---- | M] (Microsoft Corporation) < Default User Startup Folder > -> C:\Documents and Settings\Default User\Start Menu\Programs\Startup -> < CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System \\"dontdisplaylastusername" -> [0] -> File not found \\"legalnoticecaption" -> [] -> File not found \\"legalnoticetext" -> [] -> File not found \\"shutdownwithoutlogon" -> [1] -> File not found \\"undockwithoutlogon" -> [1] -> File not found < CurrentVersion Policy Settings - Explorer [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDriveTypeAutoRun" -> [145] -> File not found < CurrentVersion Policy Settings - System [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> < CurrentVersion Policy Settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDriveTypeAutoRun" -> [145] -> File not found < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDriveTypeAutoRun" -> [145] -> File not found < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-19] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDriveTypeAutoRun" -> [145] -> File not found < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-20] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDriveTypeAutoRun" -> [145] -> File not found < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-2975499195-2408609035-1089515966-1007] > -> HKEY_USERS\S-1-5-21-2975499195-2408609035-1089515966-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_USERS\S-1-5-21-2975499195-2408609035-1089515966-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDriveTypeAutoRun" -> [145] -> File not found < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-2975499195-2408609035-1089515966-1007] > -> HKEY_USERS\S-1-5-21-2975499195-2408609035-1089515966-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> < Internet Explorer Menu Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ -> E&xport to Microsoft Excel -> %ProgramFiles%\Microsoft Office\Office12\EXCEL.EXE [res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000] -> [2006/10/27 15:07:36 | 17,891,112 | ---- | M] (Microsoft Corporation) < Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-21-2975499195-2408609035-1089515966-1007\] > -> HKEY_USERS\S-1-5-21-2975499195-2408609035-1089515966-1007\Software\Microsoft\Internet Explorer\MenuExt\ -> E&xport to Microsoft Excel -> %ProgramFiles%\Microsoft Office\Office12\EXCEL.EXE [res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000] -> [2006/10/27 15:07:36 | 17,891,112 | ---- | M] (Microsoft Corporation) < Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> {2670000A-7350-4f3c-8081-5663EE0C6C49}:{48E73304-E1D6-4330-914C-F5F514E3486C} [HKLM] -> %ProgramFiles%\Microsoft Office\Office12\ONBttnIE.dll [Button: Send to OneNote] -> [2006/10/26 20:32:42 | 00,604,000 | ---- | M] (Microsoft Corporation) {2670000A-7350-4f3c-8081-5663EE0C6C49}:{48E73304-E1D6-4330-914C-F5F514E3486C} [HKLM] -> %ProgramFiles%\Microsoft Office\Office12\ONBttnIE.dll [Menu: S&end to OneNote] -> [2006/10/26 20:32:42 | 00,604,000 | ---- | M] (Microsoft Corporation) {92780B25-18CC-41C8-B9BE-3C9C571A8263}:{FF059E31-CC5A-4E2E-BF3B-96E929D65503} [HKLM] -> %ProgramFiles%\Microsoft Office\Office12\REFIEBAR.DLL [Button: Research] -> [2006/10/26 20:12:22 | 00,040,424 | ---- | M] (Microsoft Corporation) {FB5F1910-F110-11d2-BB9E-00C04F795683}:Exec [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Button: Messenger] -> [2004/08/04 01:06:34 | 01,667,584 | ---- | M] (Microsoft Corporation) {FB5F1910-F110-11d2-BB9E-00C04F795683}:Exec [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Menu: Windows Messenger] -> [2004/08/04 01:06:34 | 01,667,584 | ---- | M] (Microsoft Corporation) < Internet Explorer Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\ -> CmdMapping\\"{2670000A-7350-4f3c-8081-5663EE0C6C49}" [HKLM] -> %ProgramFiles%\Microsoft Office\Office12\ONBttnIE.dll [Send to OneNote] -> [2006/10/26 20:32:42 | 00,604,000 | ---- | M] (Microsoft Corporation) CmdMapping\\"{92780B25-18CC-41C8-B9BE-3C9C571A8263}" [HKLM] -> %ProgramFiles%\Microsoft Office\Office12\REFIEBAR.DLL [Research] -> [2006/10/26 20:12:22 | 00,040,424 | ---- | M] (Microsoft Corporation) CmdMapping\\"{FB5F1910-F110-11d2-BB9E-00C04F795683}" [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2004/08/04 01:06:34 | 01,667,584 | ---- | M] (Microsoft Corporation) < Internet Explorer Extensions [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Extensions\ -> CmdMapping\\"{FB5F1910-F110-11d2-BB9E-00C04F795683}" [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2004/08/04 01:06:34 | 01,667,584 | ---- | M] (Microsoft Corporation) < Internet Explorer Extensions [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Extensions\ -> CmdMapping\\"{FB5F1910-F110-11d2-BB9E-00C04F795683}" [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2004/08/04 01:06:34 | 01,667,584 | ---- | M] (Microsoft Corporation) < Internet Explorer Extensions [HKEY_USERS\S-1-5-21-2975499195-2408609035-1089515966-1007\] > -> HKEY_USERS\S-1-5-21-2975499195-2408609035-1089515966-1007\Software\Microsoft\Internet Explorer\Extensions\ -> CmdMapping\\"{2670000A-7350-4f3c-8081-5663EE0C6C49}" [HKLM] -> %ProgramFiles%\Microsoft Office\Office12\ONBttnIE.dll [Send to OneNote] -> [2006/10/26 20:32:42 | 00,604,000 | ---- | M] (Microsoft Corporation) CmdMapping\\"{92780B25-18CC-41C8-B9BE-3C9C571A8263}" [HKLM] -> %ProgramFiles%\Microsoft Office\Office12\REFIEBAR.DLL [Research] -> [2006/10/26 20:12:22 | 00,040,424 | ---- | M] (Microsoft Corporation) CmdMapping\\"{FB5F1910-F110-11d2-BB9E-00C04F795683}" [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2004/08/04 01:06:34 | 01,667,584 | ---- | M] (Microsoft Corporation) < Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> PluginsPageFriendlyName -> Microsoft ActiveX Gallery -> PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s -> < Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix "" -> http:// < Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1 domain(s) found. -> 1 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-21-2975499195-2408609035-1089515966-1007\] > -> HKEY_USERS\S-1-5-21-2975499195-2408609035-1089515966-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-21-2975499195-2408609035-1089515966-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-21-2975499195-2408609035-1089515966-1007\] > -> HKEY_USERS\S-1-5-21-2975499195-2408609035-1089515966-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-21-2975499195-2408609035-1089515966-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < DNS Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> {9D588DFB-A1E5-4A1C-A473-22834842560B} -> (Broadcom NetXtreme 57xx Gigabit Controller) -> < Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ -> igfxcui -> %SystemRoot%\system32\igfxdev.dll -> [2005/04/05 21:18:22 | 00,131,072 | ---- | M] (Intel Corporation) < ShellExecuteHooks [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks -> "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}" [HKLM] -> %ProgramFiles%\Microsoft Office\Office12\GrooveShellExtensions.dll [Groove GFS Stub Execution Hook] -> [2006/10/27 00:48:42 | 02,210,608 | ---- | M] (Microsoft Corporation) < Domain Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List -> "%windir%\system32\sessmgr.exe" -> C:\WINDOWS\system32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> [2004/08/04 02:00:00 | 00,140,800 | ---- | M] (Microsoft Corporation) < Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List -> "%windir%\system32\sessmgr.exe" -> C:\WINDOWS\system32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> [2004/08/04 02:00:00 | 00,140,800 | ---- | M] (Microsoft Corporation) "C:\Program Files\BitTorrent\bittorrent.exe" -> C:\Program Files\BitTorrent\bittorrent.exe [C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent] -> [2008/12/08 17:08:04 | 00,637,232 | ---- | M] (BitTorrent, Inc.) "C:\Program Files\DNA\btdna.exe" -> C:\Program Files\DNA\btdna.exe [C:\Program Files\DNA\btdna.exe:*:Enabled:DNA] -> [2008/12/21 09:51:43 | 00,342,848 | ---- | M] (BitTorrent, Inc.) "C:\Program Files\Microsoft Office\Office12\GROOVE.EXE" -> C:\Program Files\Microsoft Office\Office12\GROOVE.EXE [C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove] -> [2006/10/27 15:37:44 | 00,338,216 | ---- | M] (Microsoft Corporation) "C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" -> C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE [C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote] -> [2006/10/27 15:03:04 | 01,018,664 | ---- | M] (Microsoft Corporation) "C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" -> C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE [C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook] -> [2006/10/27 15:16:48 | 12,813,096 | ---- | M] (Microsoft Corporation) "C:\Program Files\Warcraft III\Warcraft III.exe" -> C:\Program Files\Warcraft III\Warcraft III.exe [C:\Program Files\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III] -> [2008/12/20 19:40:29 | 00,274,432 | ---- | M] (Blizzard Entertainment) "C:\WINDOWS\system32\mmc.exe" -> C:\WINDOWS\system32\mmc.exe [C:\WINDOWS\system32\mmc.exe:*:Enabled:Microsoft Management Console] -> [2004/08/04 02:00:00 | 00,815,104 | ---- | M] (Microsoft Corporation) < SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot -> "AlternateShell" -> cmd.exe -> < CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom -> "AutoRun" -> 1 -> "DisplayName" -> CD-ROM Driver -> "ImagePath" -> %SystemRoot%\system32\drivers\cdrom.sys [system32\DRIVERS\cdrom.sys] -> [2004/08/04 02:00:00 | 00,049,536 | ---- | M] (Microsoft Corporation) < Drives with AutoRun files > -> -> C:\AUTOEXEC.BAT [] -> %SystemDrive%\AUTOEXEC.BAT [ NTFS ] -> [2008/12/01 17:47:50 | 00,000,000 | ---- | M] () C:\autorun.inf [[autorun] | ;zmgrrtgiujfqddiridlxmxghiwdrwb | shellexecute="resycled\boot.com c:" | ;tkjbvhzorknhbrzhiwegznugdsxuvtscvw | shell\Open\command="resycled\boot.com c:" | ;knmgecbzoitsnqtzdnurogrckivehiswbcnvsxilksgwsyxzd | shell=Open | ;lyvzyffhcofbltttliozizmmwrzwt | ] -> %SystemDrive%\autorun.inf [ NTFS ] -> [2008/12/21 14:48:07 | 00,000,255 | RHS- | M] () D:\autoplay.exe [MZ | ] -> D:\autoplay.exe [ CDFS ] -> [2003/10/14 07:06:53 | 00,061,440 | R--- | M] () D:\autorun.inf [[autorun] | open=autoplay.exe | icon=war3.ico | | ] -> D:\autorun.inf [ CDFS ] -> [2002/06/11 08:13:52 | 00,000,047 | R--- | M] () E:\autorun.inf [[autorun] | ;byyklgznhhcdbheynmxcmnvjbfimzrbfholuyspcxugrvsb | shellexecute="resycled\boot.com e:" | ;nchamhvaowljxkqskiggvffkenxamkxshnykzclitsqectamgtdaktuachnqzzypseedh | shell\Open\command="resycled\boot.com e:" | ;qqemcuqhawpbozrzrvfehulpdlwhgozetxuqtduya | ] -> E:\autorun.inf [ NTFS ] -> [2008/12/21 14:48:07 | 00,000,255 | RHS- | M] () < MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 -> \{9790124e-cf20-11dd-ad85-00123f65a786} HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9790124e-cf20-11dd-ad85-00123f65a786}\Shell \{9790124e-cf20-11dd-ad85-00123f65a786}\Shell\\"" -> [Autorun] -> File not found HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9790124e-cf20-11dd-ad85-00123f65a786}\Shell\AutoRun \{9790124e-cf20-11dd-ad85-00123f65a786}\Shell\AutoRun\\"" -> [Auto&Play] -> File not found HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9790124e-cf20-11dd-ad85-00123f65a786}\Shell\Open\command \{9790124e-cf20-11dd-ad85-00123f65a786}\Shell\Open\command\\"" -> F:\resycled\boot.com [F:\resycled\boot.com f:] -> File not found [Files/Folders - Created Within 30 Days] 1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> 5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> OTScanIt2 -> %UserProfile%\Desktop\OTScanIt2 -> [2008/12/25 14:46:20 | 00,000,000 | ---D | C] OTScanIt2.exe -> %UserProfile%\Desktop\OTScanIt2.exe -> [2008/12/25 14:41:17 | 00,648,118 | ---- | C] () vtmb.ini -> %SystemRoot%\vtmb.ini -> [2008/12/23 09:23:02 | 00,000,292 | ---- | C] () aswTdi.sys -> %SystemRoot%\System32\drivers\aswTdi.sys -> [2008/12/22 02:56:03 | 00,050,864 | ---- | C] (ALWIL Software) aswRdr.sys -> %SystemRoot%\System32\drivers\aswRdr.sys -> [2008/12/22 02:56:03 | 00,023,152 | ---- | C] (ALWIL Software) avast! Antivirus.lnk -> %AllUsersProfile%\Desktop\avast! Antivirus.lnk -> [2008/12/22 02:56:03 | 00,001,709 | ---- | C] () aavmker4.sys -> %SystemRoot%\System32\drivers\aavmker4.sys -> [2008/12/22 02:56:02 | 00,026,944 | ---- | C] (ALWIL Software) AvastSS.scr -> %SystemRoot%\System32\AvastSS.scr -> [2008/12/22 02:56:01 | 00,097,480 | ---- | C] (ALWIL Software) aswSP.sys -> %SystemRoot%\System32\drivers\aswSP.sys -> [2008/12/22 02:56:00 | 00,111,184 | ---- | C] (ALWIL Software) aswmon2.sys -> %SystemRoot%\System32\drivers\aswmon2.sys -> [2008/12/22 02:56:00 | 00,094,032 | ---- | C] (ALWIL Software) aswmon.sys -> %SystemRoot%\System32\drivers\aswmon.sys -> [2008/12/22 02:56:00 | 00,093,296 | ---- | C] (ALWIL Software) aswFsBlk.sys -> %SystemRoot%\System32\drivers\aswFsBlk.sys -> [2008/12/22 02:56:00 | 00,020,560 | ---- | C] (ALWIL Software) aswBoot.exe -> %SystemRoot%\System32\aswBoot.exe -> [2008/12/22 02:55:46 | 01,236,208 | ---- | C] (ALWIL Software) actskin4.ocx -> %SystemRoot%\System32\actskin4.ocx -> [2008/12/22 02:55:46 | 00,380,928 | ---- | C] () Alwil Software -> %ProgramFiles%\Alwil Software -> [2008/12/22 02:55:44 | 00,000,000 | ---D | C] LogFiles -> %SystemRoot%\System32\LogFiles -> [2008/12/22 02:34:18 | 00,000,000 | ---D | C] Help -> %UserProfile%\Local Settings\Application Data\Help -> [2008/12/22 02:12:43 | 00,000,000 | ---D | C] Help -> %AppData%\Help -> [2008/12/22 02:12:43 | 00,000,000 | ---D | C] winstart.bat -> %SystemRoot%\winstart.bat -> [2008/12/22 02:11:27 | 00,000,002 | RHS- | C] () RegRun2 -> %UserProfile%\My Documents\RegRun2 -> [2008/12/22 02:11:09 | 00,000,000 | ---D | C] UnHackMe -> %ProgramFiles%\UnHackMe -> [2008/12/22 02:11:01 | 00,000,000 | ---D | C] Download Manager -> %CommonProgramFiles%\Download Manager -> [2008/12/22 02:08:27 | 00,000,000 | ---D | C] TEMP -> %AllUsersProfile%\Application Data\TEMP -> [2008/12/21 23:05:41 | 00,000,000 | ---D | C] Symantec Shared -> %CommonProgramFiles%\Symantec Shared -> [2008/12/21 23:00:37 | 00,000,000 | ---D | C] Norton Security Scan for Adam.job -> %SystemRoot%\tasks\Norton Security Scan for Adam.job -> [2008/12/21 23:00:32 | 00,000,406 | ---- | C] () Norton Security Scan -> %ProgramFiles%\Norton Security Scan -> [2008/12/21 23:00:22 | 00,000,000 | ---D | C] Picasa2 -> %ProgramFiles%\Picasa2 -> [2008/12/21 22:59:36 | 00,000,000 | ---D | C] Google -> %AllUsersProfile%\Application Data\Google -> [2008/12/21 22:58:23 | 00,000,000 | ---D | C] Google Updater -> %AllUsersProfile%\Application Data\Google Updater -> [2008/12/21 22:58:07 | 00,000,000 | ---D | C] Google -> %ProgramFiles%\Google -> [2008/12/21 22:58:04 | 00,000,000 | ---D | C] Google Updater.exe -> %UserProfile%\Desktop\Google Updater.exe -> [2008/12/21 22:57:21 | 01,034,320 | ---- | C] () Malwarebytes -> %AppData%\Malwarebytes -> [2008/12/21 22:52:35 | 00,000,000 | ---D | C] mbam.sys -> %SystemRoot%\System32\drivers\mbam.sys -> [2008/12/21 22:52:33 | 00,015,504 | ---- | C] (Malwarebytes Corporation) Malwarebytes' Anti-Malware.lnk -> %AllUsersProfile%\Desktop\Malwarebytes' Anti-Malware.lnk -> [2008/12/21 22:52:33 | 00,000,696 | ---- | C] () mbamswissarmy.sys -> %SystemRoot%\System32\drivers\mbamswissarmy.sys -> [2008/12/21 22:52:31 | 00,038,496 | ---- | C] (Malwarebytes Corporation) Malwarebytes -> %AllUsersProfile%\Application Data\Malwarebytes -> [2008/12/21 22:52:30 | 00,000,000 | ---D | C] Malwarebytes' Anti-Malware -> %ProgramFiles%\Malwarebytes' Anti-Malware -> [2008/12/21 22:52:29 | 00,000,000 | ---D | C] mbam-setup.exe -> %UserProfile%\Desktop\mbam-setup.exe -> [2008/12/21 22:51:22 | 02,539,400 | ---- | C] (Malwarebytes Corporation ) OneNote Notebooks -> %UserProfile%\My Documents\OneNote Notebooks -> [2008/12/21 21:47:51 | 00,000,000 | ---D | C] OneNote 2007 Screen Clipper and Launcher.lnk -> %UserProfile%\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk -> [2008/12/21 21:47:50 | 00,000,947 | ---- | C] () msonpmon.dll -> %SystemRoot%\System32\msonpmon.dll -> [2008/12/21 21:45:06 | 00,032,592 | ---- | C] (Microsoft Corporation) Microsoft Works -> %ProgramFiles%\Microsoft Works -> [2008/12/21 21:44:14 | 00,000,000 | ---D | C] MSBuild -> %ProgramFiles%\MSBuild -> [2008/12/21 21:44:04 | 00,000,000 | ---D | C] Microsoft Visual Studio -> %ProgramFiles%\Microsoft Visual Studio -> [2008/12/21 21:43:35 | 00,000,000 | ---D | C] DESIGNER -> %CommonProgramFiles%\DESIGNER -> [2008/12/21 21:43:35 | 00,000,000 | ---D | C] SHELLNEW -> %SystemRoot%\SHELLNEW -> [2008/12/21 21:39:50 | 00,000,000 | ---D | C] Microsoft Help -> %UserProfile%\Local Settings\Application Data\Microsoft Help -> [2008/12/21 21:38:59 | 00,000,000 | ---D | C] Microsoft Office -> %ProgramFiles%\Microsoft Office -> [2008/12/21 21:38:48 | 00,000,000 | ---D | C] Microsoft Help -> %AllUsersProfile%\Application Data\Microsoft Help -> [2008/12/21 21:38:47 | 00,000,000 | ---D | C] MSOCache -> %SystemDrive%\MSOCache -> [2008/12/21 21:38:03 | 00,000,000 | RH-D | C] MagicISO.lnk -> %UserProfile%\Desktop\MagicISO.lnk -> [2008/12/21 21:07:13 | 00,001,486 | ---- | C] () MagicISO -> %ProgramFiles%\MagicISO -> [2008/12/21 21:07:12 | 00,000,000 | ---D | C] DOSBox 0.72.lnk -> %UserProfile%\Desktop\DOSBox 0.72.lnk -> [2008/12/21 15:23:00 | 00,001,659 | ---- | C] () DOSBox-0.72 -> %ProgramFiles%\DOSBox-0.72 -> [2008/12/21 15:23:00 | 00,000,000 | ---D | C] XANTH -> %SystemDrive%\XANTH -> [2008/12/21 14:58:47 | 00,000,000 | ---D | C] DAEMON Tools Pro -> %AppData%\DAEMON Tools Pro -> [2008/12/21 14:55:23 | 00,000,000 | ---D | C] DAEMON Tools -> %AppData%\DAEMON Tools -> [2008/12/21 14:55:23 | 00,000,000 | ---D | C] Lexmark X5100 Series All-In-One Center.lnk -> %AllUsersProfile%\Desktop\Lexmark X5100 Series All-In-One Center.lnk -> [2008/12/21 14:54:26 | 00,000,770 | ---- | C] () LEXSTAT.INI -> %SystemRoot%\LEXSTAT.INI -> [2008/12/21 14:50:47 | 00,000,250 | ---- | C] () usbscan.sys -> %SystemRoot%\System32\drivers\usbscan.sys -> [2008/12/21 14:50:14 | 00,015,104 | ---- | C] (Microsoft Corporation) usbscan.sys -> %SystemRoot%\System32\dllcache\usbscan.sys -> [2008/12/21 14:50:14 | 00,015,104 | ---- | C] (Microsoft Corporation) wiafbdrv.dll -> %SystemRoot%\System32\wiafbdrv.dll -> [2008/12/21 14:50:11 | 00,087,040 | ---- | C] (Microsoft Corporation) wiafbdrv.dll -> %SystemRoot%\System32\dllcache\wiafbdrv.dll -> [2008/12/21 14:50:11 | 00,087,040 | ---- | C] (Microsoft Corporation) lxbacoin.ini -> %SystemRoot%\System32\lxbacoin.ini -> [2008/12/21 14:50:08 | 00,000,188 | ---- | C] () LXBALPA.HLP -> %SystemRoot%\System32\LXBALPA.HLP -> [2008/12/21 14:50:07 | 01,076,882 | ---- | C] () LXBAJSWR.DLL -> %SystemRoot%\System32\LXBAJSWR.DLL -> [2008/12/21 14:50:07 | 00,466,944 | ---- | C] (Lexmark International Inc.) LXBADRV.HLP -> %SystemRoot%\System32\LXBADRV.HLP -> [2008/12/21 14:50:07 | 00,275,848 | ---- | C] () LXBAIH.EXE -> %SystemRoot%\System32\LXBAIH.EXE -> [2008/12/21 14:50:07 | 00,086,016 | ---- | C] () LXBADRV.CNT -> %SystemRoot%\System32\LXBADRV.CNT -> [2008/12/21 14:50:07 | 00,002,190 | ---- | C] () LXBALPA.CNT -> %SystemRoot%\System32\LXBALPA.CNT -> [2008/12/21 14:50:07 | 00,001,954 | ---- | C] () LXBA.LOC -> %SystemRoot%\System32\LXBA.LOC -> [2008/12/21 14:50:07 | 00,000,448 | ---- | C] () LXBAMA.CNT -> %SystemRoot%\System32\LXBAMA.CNT -> [2008/12/21 14:50:07 | 00,000,249 | ---- | C] () Lexmark X5100 Series -> %ProgramFiles%\Lexmark X5100 Series -> [2008/12/21 14:50:07 | 00,000,000 | ---D | C] LXBAGF.DLL -> %SystemRoot%\System32\LXBAGF.DLL -> [2008/12/21 14:50:06 | 00,983,083 | ---- | C] (Microsoft Corporation) LXBAUTIL.DLL -> %SystemRoot%\System32\LXBAUTIL.DLL -> [2008/12/21 14:50:06 | 00,294,912 | ---- | C] (Lexmark International Inc.) LXBACUR.DLL -> %SystemRoot%\System32\LXBACUR.DLL -> [2008/12/21 14:50:06 | 00,090,112 | ---- | C] (Lexmark International Inc.) LXBALCNP.DLL -> %SystemRoot%\System32\LXBALCNP.DLL -> [2008/12/21 14:50:06 | 00,077,824 | ---- | C] () LXBACU.DLL -> %SystemRoot%\System32\LXBACU.DLL -> [2008/12/21 14:50:06 | 00,069,632 | ---- | C] (Lexmark International Inc.) INSTMON.EXE -> %SystemRoot%\System32\INSTMON.EXE -> [2008/12/21 14:50:06 | 00,040,960 | ---- | C] () usbprint.sys -> %SystemRoot%\System32\drivers\usbprint.sys -> [2008/12/21 14:49:40 | 00,025,856 | ---- | C] (Microsoft Corporation) usbprint.sys -> %SystemRoot%\System32\dllcache\usbprint.sys -> [2008/12/21 14:49:40 | 00,025,856 | ---- | C] (Microsoft Corporation) uninst.exe -> %SystemRoot%\uninst.exe -> [2008/12/21 14:47:21 | 00,299,520 | ---- | C] (InstallShield Corporation, Inc.) WINDOWS -> %UserProfile%\WINDOWS -> [2008/12/21 14:47:20 | 00,000,000 | ---D | C] Lxkx5150 -> %SystemDrive%\Lxkx5150 -> [2008/12/21 14:47:08 | 00,000,000 | ---D | C] CJXP5150LE.exe -> %UserProfile%\Desktop\CJXP5150LE.exe -> [2008/12/21 14:43:47 | 29,125,120 | ---- | C] () Downloads -> %UserProfile%\My Documents\Downloads -> [2008/12/21 10:24:38 | 00,000,000 | ---D | C] msqpdxippixvki.sys -> %SystemRoot%\System32\drivers\msqpdxippixvki.sys -> [2008/12/21 10:04:54 | 00,077,312 | ---- | C] () Adobe -> %UserProfile%\Local Settings\Application Data\Adobe -> [2008/12/21 09:58:17 | 00,000,000 | ---D | C] DAEMON Tools Lite -> %AllUsersProfile%\Application Data\DAEMON Tools Lite -> [2008/12/21 09:54:28 | 00,000,000 | ---D | C] DAEMON Tools Toolbar -> %ProgramFiles%\DAEMON Tools Toolbar -> [2008/12/21 09:54:19 | 00,000,000 | ---D | C] DAEMON Tools Lite.lnk -> %AllUsersProfile%\Desktop\DAEMON Tools Lite.lnk -> [2008/12/21 09:54:17 | 00,001,613 | ---- | C] () DAEMON Tools Lite -> %ProgramFiles%\DAEMON Tools Lite -> [2008/12/21 09:54:15 | 00,000,000 | ---D | C] sptd.sys -> %SystemRoot%\System32\drivers\sptd.sys -> [2008/12/21 09:52:19 | 00,717,296 | ---- | C] () DAEMON Tools Lite -> %AppData%\DAEMON Tools Lite -> [2008/12/21 09:52:18 | 00,000,000 | ---D | C] BitTorrent -> %AppData%\BitTorrent -> [2008/12/21 09:51:53 | 00,000,000 | ---D | C] DNA -> %UserProfile%\Local Settings\Application Data\DNA -> [2008/12/21 09:51:43 | 00,000,000 | ---D | C] DNA -> %ProgramFiles%\DNA -> [2008/12/21 09:51:43 | 00,000,000 | ---D | C] DNA -> %AppData%\DNA -> [2008/12/21 09:51:43 | 00,000,000 | ---D | C] BitTorrent -> %ProgramFiles%\BitTorrent -> [2008/12/21 09:51:43 | 00,000,000 | ---D | C] AskSearch -> %ProgramFiles%\AskSearch -> [2008/12/21 09:51:41 | 00,000,000 | ---D | C] AskBarDis -> %ProgramFiles%\AskBarDis -> [2008/12/21 09:51:41 | 00,000,000 | ---D | C] msqpdxtqptbrfw.sys -> %SystemRoot%\System32\drivers\msqpdxtqptbrfw.sys -> [2008/12/21 09:47:19 | 00,076,800 | ---- | C] () msqpdxvymovhpq.dll -> %SystemRoot%\System32\msqpdxvymovhpq.dll -> [2008/12/21 09:47:19 | 00,056,832 | ---- | C] () autorun.inf -> %SystemDrive%\autorun.inf -> [2008/12/21 09:47:17 | 00,000,255 | RHS- | C] () Activision -> %ProgramFiles%\Activision -> [2008/12/21 09:41:02 | 00,000,000 | ---D | C] vlc -> %AppData%\vlc -> [2008/12/21 09:21:52 | 00,000,000 | ---D | C] VLC media player.lnk -> %AllUsersProfile%\Desktop\VLC media player.lnk -> [2008/12/21 09:20:56 | 00,000,719 | ---- | C] () VideoLAN -> %ProgramFiles%\VideoLAN -> [2008/12/21 09:20:47 | 00,000,000 | ---D | C] vlc-0.8.6d-win32.exe -> %UserProfile%\Desktop\vlc-0.8.6d-win32.exe -> [2008/12/21 09:19:26 | 09,733,451 | ---- | C] () DivX -> %AppData%\DivX -> [2008/12/21 09:03:51 | 00,000,000 | ---D | C] My Videos -> %UserProfile%\My Documents\My Videos -> [2008/12/21 08:58:56 | 00,000,000 | R--D | C] DivX -> %ProgramFiles%\DivX -> [2008/12/21 08:58:56 | 00,000,000 | ---D | C] RadLight Company -> %AppData%\RadLight Company -> [2008/12/21 08:53:15 | 00,000,000 | ---D | C] RadLight Company -> %ProgramFiles%\RadLight Company -> [2008/12/21 08:53:12 | 00,000,000 | ---D | C] Macromedia -> %AppData%\Macromedia -> [2008/12/21 08:50:53 | 00,000,000 | ---D | C] Adobe -> %AppData%\Adobe -> [2008/12/21 08:50:53 | 00,000,000 | ---D | C] DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> %UserProfile%\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [2008/12/21 08:49:16 | 00,031,232 | ---- | C] () Adobe AIR -> %CommonProgramFiles%\Adobe AIR -> [2008/12/21 00:36:42 | 00,000,000 | ---D | C] Adobe Reader 9.lnk -> %AllUsersProfile%\Desktop\Adobe Reader 9.lnk -> [2008/12/21 00:32:55 | 00,001,729 | ---- | C] () Adobe -> %AllUsersProfile%\Application Data\Adobe -> [2008/12/21 00:31:12 | 00,000,000 | ---D | C] Adobe -> %CommonProgramFiles%\Adobe -> [2008/12/21 00:29:21 | 00,000,000 | ---D | C] Adobe -> %ProgramFiles%\Adobe -> [2008/12/21 00:29:20 | 00,000,000 | ---D | C] NOS -> %ProgramFiles%\NOS -> [2008/12/21 00:13:20 | 00,000,000 | ---D | C] NOS -> %AllUsersProfile%\Application Data\NOS -> [2008/12/21 00:13:20 | 00,000,000 | ---D | C] appmgmt -> %SystemRoot%\System32\appmgmt -> [2008/12/20 23:04:19 | 00,000,000 | ---D | C] media player classic -> %ProgramFiles%\media player classic -> [2008/12/20 22:03:39 | 00,000,000 | ---D | C] GDIPFONTCACHEV1.DAT -> %UserProfile%\Local Settings\Application Data\GDIPFONTCACHEV1.DAT -> [2008/12/20 21:03:10 | 00,068,456 | ---- | C] () IconCache.db -> %UserProfile%\Local Settings\Application Data\IconCache.db -> [2008/12/20 20:08:04 | 01,577,480 | -H-- | C] () Warcraft III.lnk -> %UserProfile%\Desktop\Warcraft III.lnk -> [2008/12/20 19:49:35 | 00,001,612 | ---- | C] () War3Unin.dat -> %SystemRoot%\War3Unin.dat -> [2008/12/20 19:49:23 | 00,018,091 | ---- | C] () War3Unin.pif -> %SystemRoot%\War3Unin.pif -> [2008/12/20 19:49:22 | 00,002,829 | ---- | C] () War3Unin.exe -> %SystemRoot%\War3Unin.exe -> [2008/12/20 19:49:21 | 00,126,976 | ---- | C] (Blizzard Entertainment) mplayerc.exe -> %UserProfile%\Desktop\mplayerc.exe -> [2008/12/20 19:47:41 | 05,689,344 | ---- | C] (Gabest) Media Player Classic -> %AppData%\Media Player Classic -> [2008/12/20 19:47:31 | 00,000,000 | ---D | C] Warcraft III -> %ProgramFiles%\Warcraft III -> [2008/12/20 19:38:44 | 00,000,000 | ---D | C] nsreg.dat -> %SystemRoot%\nsreg.dat -> [2008/12/20 19:34:44 | 00,000,000 | ---- | C] () Mozilla -> %UserProfile%\Local Settings\Application Data\Mozilla -> [2008/12/20 19:34:41 | 00,000,000 | ---D | C] Mozilla -> %AppData%\Mozilla -> [2008/12/20 19:34:41 | 00,000,000 | ---D | C] Mozilla Firefox.lnk -> %AllUsersProfile%\Desktop\Mozilla Firefox.lnk -> [2008/12/20 19:34:30 | 00,001,602 | ---- | C] () Mozilla Firefox -> %ProgramFiles%\Mozilla Firefox -> [2008/12/20 19:34:27 | 00,000,000 | ---D | C] Firefox Setup 3.0.5.exe -> %UserProfile%\Desktop\Firefox Setup 3.0.5.exe -> [2008/12/20 19:30:58 | 07,518,240 | ---- | C] (Mozilla) CatRoot_bak -> %SystemRoot%\System32\CatRoot_bak -> [2008/12/20 19:27:30 | 00,000,000 | ---D | C] bthport.sys -> %SystemRoot%\System32\drivers\bthport.sys -> [2008/12/20 19:23:21 | 00,272,128 | ---- | C] (Microsoft Corporation) bthport.sys -> %SystemRoot%\System32\dllcache\bthport.sys -> [2008/12/20 19:23:21 | 00,272,128 | ---- | C] (Microsoft Corporation) afd.sys -> %SystemRoot%\System32\dllcache\afd.sys -> [2008/12/20 19:23:00 | 00,138,368 | ---- | C] (Microsoft Corporation) win32k.sys -> %SystemRoot%\System32\dllcache\win32k.sys -> [2008/12/20 19:22:54 | 01,846,016 | ---- | C] (Microsoft Corporation) mshtml.dll -> %SystemRoot%\System32\dllcache\mshtml.dll -> [2008/12/20 19:22:35 | 03,060,224 | ---- | C] (Microsoft Corporation) rmcast.sys -> %SystemRoot%\System32\dllcache\rmcast.sys -> [2008/12/20 19:22:13 | 00,202,752 | ---- | C] (Microsoft Corporation) msadce.dll -> %SystemRoot%\System32\dllcache\msadce.dll -> [2008/12/20 19:22:07 | 00,331,776 | ---- | C] (Microsoft Corporation) srv.sys -> %SystemRoot%\System32\dllcache\srv.sys -> [2008/12/20 19:20:26 | 00,333,056 | ---- | C] (Microsoft Corporation) ntoskrnl.exe -> %SystemRoot%\System32\dllcache\ntoskrnl.exe -> [2008/12/20 19:20:15 | 02,185,984 | ---- | C] (Microsoft Corporation) ntkrnlmp.exe -> %SystemRoot%\System32\dllcache\ntkrnlmp.exe -> [2008/12/20 19:20:15 | 02,142,720 | ---- | C] (Microsoft Corporation) ntkrpamp.exe -> %SystemRoot%\System32\dllcache\ntkrpamp.exe -> [2008/12/20 19:20:15 | 02,020,864 | ---- | C] (Microsoft Corporation) ntkrnlpa.exe -> %SystemRoot%\System32\dllcache\ntkrnlpa.exe -> [2008/12/20 19:20:14 | 02,062,976 | ---- | C] (Microsoft Corporation) mrxsmb.sys -> %SystemRoot%\System32\dllcache\mrxsmb.sys -> [2008/12/20 19:19:37 | 00,453,632 | ---- | C] (Microsoft Corporation) wininet.dll -> %SystemRoot%\System32\dllcache\wininet.dll -> [2008/12/20 19:19:20 | 00,659,456 | ---- | C] (Microsoft Corporation) mshtmled.dll -> %SystemRoot%\System32\dllcache\mshtmled.dll -> [2008/12/20 19:19:20 | 00,449,024 | ---- | C] (Microsoft Corporation) dxtmsft.dll -> %SystemRoot%\System32\dllcache\dxtmsft.dll -> [2008/12/20 19:19:20 | 00,357,888 | ---- | C] (Microsoft Corporation) iepeers.dll -> %SystemRoot%\System32\dllcache\iepeers.dll -> [2008/12/20 19:19:20 | 00,251,392 | ---- | C] (Microsoft Corporation) dxtrans.dll -> %SystemRoot%\System32\dllcache\dxtrans.dll -> [2008/12/20 19:19:20 | 00,205,312 | ---- | C] (Microsoft Corporation) msrating.dll -> %SystemRoot%\System32\dllcache\msrating.dll -> [2008/12/20 19:19:20 | 00,146,432 | ---- | C] (Microsoft Corporation) inseng.dll -> %SystemRoot%\System32\dllcache\inseng.dll -> [2008/12/20 19:19:20 | 00,096,256 | ---- | C] (Microsoft Corporation) extmgr.dll -> %SystemRoot%\System32\dllcache\extmgr.dll -> [2008/12/20 19:19:20 | 00,055,808 | ---- | C] (Microsoft Corporation) iedw.exe -> %SystemRoot%\System32\dllcache\iedw.exe -> [2008/12/20 19:19:20 | 00,018,432 | ---- | C] (Microsoft Corporation) jsproxy.dll -> %SystemRoot%\System32\dllcache\jsproxy.dll -> [2008/12/20 19:19:20 | 00,016,384 | ---- | C] (Microsoft Corporation) shdocvw.dll -> %SystemRoot%\System32\dllcache\shdocvw.dll -> [2008/12/20 19:19:19 | 01,494,528 | ---- | C] (Microsoft Corporation) danim.dll -> %SystemRoot%\System32\dllcache\danim.dll -> [2008/12/20 19:19:19 | 01,054,208 | ---- | C] (Microsoft Corporation) browseui.dll -> %SystemRoot%\System32\dllcache\browseui.dll -> [2008/12/20 19:19:19 | 01,023,488 | ---- | C] (Microsoft Corporation) urlmon.dll -> %SystemRoot%\System32\dllcache\urlmon.dll -> [2008/12/20 19:19:19 | 00,615,936 | ---- | C] (Microsoft Corporation) mstime.dll -> %SystemRoot%\System32\dllcache\mstime.dll -> [2008/12/20 19:19:19 | 00,532,480 | ---- | C] (Microsoft Corporation) shlwapi.dll -> %SystemRoot%\System32\dllcache\shlwapi.dll -> [2008/12/20 19:19:19 | 00,474,112 | ---- | C] (Microsoft Corporation) cdfview.dll -> %SystemRoot%\System32\dllcache\cdfview.dll -> [2008/12/20 19:19:19 | 00,151,040 | ---- | C] (Microsoft Corporation) pngfilt.dll -> %SystemRoot%\System32\dllcache\pngfilt.dll -> [2008/12/20 19:19:19 | 00,039,424 | ---- | C] (Microsoft Corporation) inetcomm.dll -> %SystemRoot%\System32\dllcache\inetcomm.dll -> [2008/12/20 19:16:16 | 00,683,520 | ---- | C] (Microsoft Corporation) strmdll.dll -> %SystemRoot%\System32\dllcache\strmdll.dll -> [2008/12/20 19:15:53 | 00,247,326 | ---- | C] (Microsoft Corporation) netapi32.dll -> %SystemRoot%\System32\dllcache\netapi32.dll -> [2008/12/20 19:15:46 | 00,332,800 | ---- | C] (Microsoft Corporation) msxml3.dll -> %SystemRoot%\System32\dllcache\msxml3.dll -> [2008/12/20 19:15:38 | 01,106,944 | ---- | C] (Microsoft Corporation) PreInstall -> %SystemRoot%\System32\PreInstall -> [2008/12/20 19:12:45 | 00,000,000 | ---D | C] spupdsvc.exe -> %SystemRoot%\System32\spupdsvc.exe -> [2008/12/20 19:12:44 | 00,022,752 | ---- | C] (Microsoft Corporation) Windows Media Player.lnk -> %UserProfile%\Desktop\Windows Media Player.lnk -> [2008/12/20 19:07:11 | 00,000,786 | ---- | C] () Identities -> %AppData%\Identities -> [2008/12/20 19:07:11 | 00,000,000 | ---D | C] desktop.ini -> %UserProfile%\My Documents\desktop.ini -> [2008/12/20 19:07:09 | 00,000,075 | -HS- | C] () My Pictures -> %UserProfile%\My Documents\My Pictures -> [2008/12/20 19:07:09 | 00,000,000 | R--D | C] My Music -> %UserProfile%\My Documents\My Music -> [2008/12/20 19:07:09 | 00,000,000 | R--D | C] ntuser.ini -> %UserProfile%\ntuser.ini -> [2008/12/20 19:07:08 | 00,000,178 | -HS- | C] () NTUSER.DAT -> %UserProfile%\NTUSER.DAT -> [2008/12/20 19:07:07 | 01,572,864 | -H-- | C] () desktop.ini -> %UserProfile%\Start Menu\Programs\Startup\desktop.ini -> [2008/12/20 19:07:07 | 00,000,084 | -HS- | C] () desktop.ini -> %AppData%\desktop.ini -> [2008/12/20 19:07:07 | 00,000,062 | -HS- | C] () Microsoft -> %AppData%\Microsoft -> [2008/12/20 19:07:07 | 00,000,000 | --SD | C] Cookies -> %UserProfile%\Cookies -> [2008/12/20 19:07:07 | 00,000,000 | --SD | C] SendTo -> %UserProfile%\SendTo -> [2008/12/20 19:07:07 | 00,000,000 | RH-D | C] Recent -> %UserProfile%\Recent -> [2008/12/20 19:07:07 | 00,000,000 | RH-D | C] Application Data -> %AppData% -> [2008/12/20 19:07:07 | 00,000,000 | RH-D | C] Start Menu -> %UserProfile%\Start Menu -> [2008/12/20 19:07:07 | 00,000,000 | R--D | C] My Documents -> %UserProfile%\My Documents -> [2008/12/20 19:07:07 | 00,000,000 | R--D | C] Favorites -> %UserProfile%\Favorites -> [2008/12/20 19:07:07 | 00,000,000 | R--D | C] Templates -> %UserProfile%\Templates -> [2008/12/20 19:07:07 | 00,000,000 | -H-D | C] PrintHood -> %UserProfile%\PrintHood -> [2008/12/20 19:07:07 | 00,000,000 | -H-D | C] NetHood -> %UserProfile%\NetHood -> [2008/12/20 19:07:07 | 00,000,000 | -H-D | C] Local Settings -> %UserProfile%\Local Settings -> [2008/12/20 19:07:07 | 00,000,000 | -H-D | C] Microsoft -> %UserProfile%\Local Settings\Application Data\Microsoft -> [2008/12/20 19:07:07 | 00,000,000 | ---D | C] Desktop -> %UserProfile%\Desktop -> [2008/12/20 19:07:07 | 00,000,000 | ---D | C] NTUSER.DAT -> %AllUsersProfile%\NTUSER.DAT -> [2008/12/20 18:48:27 | 00,262,144 | ---- | C] () wpa.bak -> %SystemRoot%\System32\wpa.bak -> [2008/12/20 18:47:46 | 00,012,636 | ---- | C] () SoftwareDistribution -> %SystemRoot%\System32\SoftwareDistribution -> [2008/12/20 18:46:25 | 00,000,000 | ---D | C] smscfg.ini -> %SystemRoot%\smscfg.ini -> [2008/12/01 18:26:05 | 00,000,061 | ---- | C] () $ncsp$.inf -> %SystemRoot%\System32\$ncsp$.inf -> [2008/12/01 18:26:03 | 00,000,333 | ---- | C] () RECYCLER -> %SystemDrive%\RECYCLER -> [2008/12/01 18:11:43 | 00,000,000 | -HSD | C] splitter.sys -> %SystemRoot%\System32\drivers\splitter.sys -> [2008/12/01 18:09:05 | 00,006,400 | ---- | C] (Microsoft Corporation) wdmaud.sys -> %SystemRoot%\System32\drivers\wdmaud.sys -> [2008/12/01 18:09:04 | 00,082,944 | ---- | C] (Microsoft Corporation) DMusic.sys -> %SystemRoot%\System32\drivers\DMusic.sys -> [2008/12/01 18:09:03 | 00,052,864 | ---- | C] (Microsoft Corporation) swmidi.sys -> %SystemRoot%\System32\drivers\swmidi.sys -> [2008/12/01 18:08:59 | 00,054,272 | ---- | C] (Microsoft Corporation) aec.sys -> %SystemRoot%\System32\drivers\aec.sys -> [2008/12/01 18:08:58 | 00,142,464 | ---- | C] (Microsoft Corporation) kmixer.sys -> %SystemRoot%\System32\drivers\kmixer.sys -> [2008/12/01 18:08:57 | 00,171,776 | ---- | C] (Microsoft Corporation) drmkaud.sys -> %SystemRoot%\System32\drivers\drmkaud.sys -> [2008/12/01 18:08:56 | 00,002,944 | ---- | C] (Microsoft Corporation) sysaudio.sys -> %SystemRoot%\System32\drivers\sysaudio.sys -> [2008/12/01 18:08:55 | 00,060,800 | ---- | C] (Microsoft Corporation) MSKSSRV.sys -> %SystemRoot%\System32\drivers\MSKSSRV.sys -> [2008/12/01 18:08:54 | 00,007,552 | ---- | C] (Microsoft Corporation) MSPQM.sys -> %SystemRoot%\System32\drivers\MSPQM.sys -> [2008/12/01 18:08:53 | 00,004,992 | ---- | C] (Microsoft Corporation) MSPCLOCK.sys -> %SystemRoot%\System32\drivers\MSPCLOCK.sys -> [2008/12/01 18:08:51 | 00,005,376 | ---- | C] (Microsoft Corporation) portcls.sys -> %SystemRoot%\System32\drivers\portcls.sys -> [2008/12/01 18:08:47 | 00,145,792 | ---- | C] (Microsoft Corporation) ksproxy.ax -> %SystemRoot%\System32\ksproxy.ax -> [2008/12/01 18:08:47 | 00,130,048 | ---- | C] (Microsoft Corporation) drmk.sys -> %SystemRoot%\System32\drivers\drmk.sys -> [2008/12/01 18:08:47 | 00,060,288 | ---- | C] (Microsoft Corporation) ksuser.dll -> %SystemRoot%\System32\ksuser.dll -> [2008/12/01 18:08:47 | 00,004,096 | ---- | C] (Microsoft Corporation) virtear.dll -> %SystemRoot%\System32\virtear.dll -> [2008/12/01 18:08:45 | 00,991,232 | ---- | C] (Sensaura) DSndUp.exe -> %SystemRoot%\System32\DSndUp.exe -> [2008/12/01 18:08:45 | 00,049,152 | ---- | C] (Analog Devices Inc.) CleanUp.exe -> %SystemRoot%\System32\CleanUp.exe -> [2008/12/01 18:08:45 | 00,045,056 | ---- | C] (adi) InstallShield Installation Information -> %ProgramFiles%\InstallShield Installation Information -> [2008/12/01 18:08:45 | 00,000,000 | -H-D | C] VirtualEar -> %SystemRoot%\VirtualEar -> [2008/12/01 18:08:45 | 00,000,000 | ---D | C] Analog Devices -> %ProgramFiles%\Analog Devices -> [2008/12/01 18:08:45 | 00,000,000 | ---D | C] Edcrypt.dll -> %SystemRoot%\System32\Edcrypt.dll -> [2008/12/01 18:08:39 | 00,311,296 | ---- | C] (Analog Devices Incorporated) ReinstallBackups -> %SystemRoot%\System32\ReinstallBackups -> [2008/12/01 18:07:35 | 00,000,000 | ---D | C] Intel -> %ProgramFiles%\Intel -> [2008/12/01 18:07:34 | 00,000,000 | ---D | C] Broadcom -> %ProgramFiles%\Broadcom -> [2008/12/01 18:07:28 | 00,000,000 | ---D | C] setupapi.dll -> %SystemRoot%\System32\dllcache\setupapi.dll -> [2008/12/01 18:06:59 | 00,985,088 | ---- | C] (Microsoft Corporation) Dell -> %ProgramFiles%\Dell -> [2008/12/01 18:06:54 | 00,000,000 | ---D | C] InstallShield -> %CommonProgramFiles%\InstallShield -> [2008/12/01 18:06:51 | 00,000,000 | ---D | C] USBSTOR.SYS -> %SystemRoot%\System32\drivers\USBSTOR.SYS -> [2008/12/01 18:06:08 | 00,026,496 | ---- | C] (Microsoft Corporation) Uninstall Information -> %ProgramFiles%\Uninstall Information -> [2008/12/01 18:05:32 | 00,000,000 | -H-D | C] SoftwareDistribution -> %SystemRoot%\SoftwareDistribution -> [2008/12/01 18:04:30 | 00,000,000 | ---D | C] SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [2008/12/01 18:04:28 | 00,000,006 | -H-- | C] () Microsoft -> %SystemRoot%\System32\Microsoft -> [2008/12/01 18:04:28 | 00,000,000 | --SD | C] Prefetch -> %SystemRoot%\Prefetch -> [2008/12/01 18:04:28 | 00,000,000 | ---D | C] REGLOCS.OLD -> %SystemRoot%\REGLOCS.OLD -> [2008/12/01 17:49:35 | 00,008,192 | ---- | C] () bootstat.dat -> %SystemRoot%\bootstat.dat -> [2008/12/01 17:48:53 | 00,002,048 | --S- | C] () xircom -> %SystemRoot%\System32\xircom -> [2008/12/01 17:48:23 | 00,000,000 | ---D | C] xerox -> %ProgramFiles%\xerox -> [2008/12/01 17:48:23 | 00,000,000 | ---D | C] microsoft frontpage -> %ProgramFiles%\microsoft frontpage -> [2008/12/01 17:48:23 | 00,000,000 | ---D | C] DELL -> %SystemDrive%\DELL -> [2008/12/01 17:48:13 | 00,000,000 | ---D | C] spmsg.dll -> %SystemRoot%\System32\spmsg.dll -> [2008/12/01 17:48:04 | 00,017,272 | ---- | C] (Microsoft Corporation) $hf_mig$ -> %SystemRoot%\$hf_mig$ -> [2008/12/01 17:48:03 | 00,000,000 | -H-D | C] xpsp3res.dll -> %SystemRoot%\System32\xpsp3res.dll -> [2008/12/01 17:48:02 | 00,351,744 | ---- | C] (Microsoft Corporation) CONFIG.NT -> %SystemRoot%\System32\CONFIG.NT -> [2008/12/01 17:47:50 | 00,002,626 | ---- | C] () MSDOS.SYS -> %SystemDrive%\MSDOS.SYS -> [2008/12/01 17:47:50 | 00,000,000 | RHS- | C] () IO.SYS -> %SystemDrive%\IO.SYS -> [2008/12/01 17:47:50 | 00,000,000 | RHS- | C] () control.ini -> %SystemRoot%\control.ini -> [2008/12/01 17:47:50 | 00,000,000 | ---- | C] () CONFIG.SYS -> %SystemDrive%\CONFIG.SYS -> [2008/12/01 17:47:50 | 00,000,000 | ---- | C] () AUTOEXEC.BAT -> %SystemDrive%\AUTOEXEC.BAT -> [2008/12/01 17:47:50 | 00,000,000 | ---- | C] () nscompat.tlb -> %SystemRoot%\System32\nscompat.tlb -> [2008/12/01 17:47:46 | 00,023,392 | ---- | C] () amcompat.tlb -> %SystemRoot%\System32\amcompat.tlb -> [2008/12/01 17:47:46 | 00,016,832 | ---- | C] () WMSysPr9.prx -> %SystemRoot%\WMSysPr9.prx -> [2008/12/01 17:47:45 | 00,316,640 | ---- | C] () mapi32.dll -> %SystemRoot%\System32\mapi32.dll -> [2008/12/01 17:47:36 | 00,112,128 | ---- | C] (Microsoft Corporation) DRM -> %AllUsersProfile%\DRM -> [2008/12/01 17:46:55 | 00,000,000 | -HSD | C] WindowsLogon.manifest -> %SystemRoot%\System32\WindowsLogon.manifest -> [2008/12/01 17:46:46 | 00,000,488 | RH-- | C] () logonui.exe.manifest -> %SystemRoot%\System32\logonui.exe.manifest -> [2008/12/01 17:46:46 | 00,000,488 | RH-- | C] () Downloaded Program Files -> %SystemRoot%\Downloaded Program Files -> [2008/12/01 17:46:46 | 00,000,000 | --SD | C] Offline Web Pages -> %SystemRoot%\Offline Web Pages -> [2008/12/01 17:46:46 | 00,000,000 | R--D | C] wuaucpl.cpl.manifest -> %SystemRoot%\System32\wuaucpl.cpl.manifest -> [2008/12/01 17:46:41 | 00,000,749 | RH-- | C] () WindowsShell.Manifest -> %SystemRoot%\WindowsShell.Manifest -> [2008/12/01 17:46:41 | 00,000,749 | RH-- | C] () sapi.cpl.manifest -> %SystemRoot%\System32\sapi.cpl.manifest -> [2008/12/01 17:46:41 | 00,000,749 | RH-- | C] () nwc.cpl.manifest -> %SystemRoot%\System32\nwc.cpl.manifest -> [2008/12/01 17:46:41 | 00,000,749 | RH-- | C] () ncpa.cpl.manifest -> %SystemRoot%\System32\ncpa.cpl.manifest -> [2008/12/01 17:46:41 | 00,000,749 | RH-- | C] () cdplayer.exe.manifest -> %SystemRoot%\System32\cdplayer.exe.manifest -> [2008/12/01 17:46:41 | 00,000,749 | RH-- | C] () WindowsUpdate -> %ProgramFiles%\WindowsUpdate -> [2008/12/01 17:46:37 | 00,000,000 | -H-D | C] DirectX -> %SystemRoot%\System32\DirectX -> [2008/12/01 17:46:18 | 00,000,000 | ---D | C] atrace.dll -> %SystemRoot%\System32\atrace.dll -> [2008/12/01 17:45:56 | 00,011,264 | ---- | C] (Microsoft Corporation) winnt256.bmp -> %SystemRoot%\winnt256.bmp -> [2008/12/01 17:45:54 | 00,048,680 | -HS- | C] () winnt.bmp -> %SystemRoot%\winnt.bmp -> [2008/12/01 17:45:54 | 00,048,680 | -HS- | C] () desktop.ini -> %SystemRoot%\System32\desktop.ini -> [2008/12/01 17:45:54 | 00,000,002 | ---- | C] () desktop.ini -> %SystemRoot%\desktop.ini -> [2008/12/01 17:45:54 | 00,000,002 | ---- | C] () msg723.acm -> %SystemRoot%\System32\msg723.acm -> [2008/12/01 17:45:47 | 00,118,784 | ---- | C] (Microsoft Corporation) nmevtmsg.dll -> %SystemRoot%\System32\nmevtmsg.dll -> [2008/12/01 17:45:47 | 00,012,288 | ---- | C] (Microsoft Corporation) acctres.dll -> %SystemRoot%\System32\acctres.dll -> [2008/12/01 17:45:45 | 00,064,512 | ---- | C] (Microsoft Corporation) Services -> %CommonProgramFiles%\Services -> [2008/12/01 17:45:45 | 00,000,000 | ---D | C] icfgnt5.dll -> %SystemRoot%\System32\icfgnt5.dll -> [2008/12/01 17:45:42 | 00,016,384 | ---- | C] (Microsoft Corporation) desktop.ini -> %SystemRoot%\tasks\desktop.ini -> [2008/12/01 17:45:42 | 00,000,065 | RH-- | C] () Tasks -> %SystemRoot%\Tasks -> [2008/12/01 17:45:42 | 00,000,000 | --SD | C] MSSoap -> %CommonProgramFiles%\MSSoap -> [2008/12/01 17:45:41 | 00,000,000 | ---D | C] srchasst -> %SystemRoot%\srchasst -> [2008/12/01 17:45:37 | 00,000,000 | ---D | C] Macromed -> %SystemRoot%\System32\Macromed -> [2008/12/01 17:45:36 | 00,000,000 | ---D | C] wuaueng.dll -> %SystemRoot%\System32\wuaueng.dll -> [2008/12/01 17:45:33 | 01,809,944 | ---- | C] (Microsoft Corporation) wuapi.dll -> %SystemRoot%\System32\wuapi.dll -> [2008/12/01 17:45:33 | 00,561,688 | ---- | C] (Microsoft Corporation) wucltui.dll -> %SystemRoot%\System32\wucltui.dll -> [2008/12/01 17:45:33 | 00,323,608 | ---- | C] (Microsoft Corporation) wuaucpl.cpl -> %SystemRoot%\System32\wuaucpl.cpl -> [2008/12/01 17:45:33 | 00,213,528 | ---- | C] (Microsoft Corporation) wuweb.dll -> %SystemRoot%\System32\wuweb.dll -> [2008/12/01 17:45:33 | 00,202,776 | ---- | C] (Microsoft Corporation) wuaueng1.dll -> %SystemRoot%\System32\wuaueng1.dll -> [2008/12/01 17:45:33 | 00,183,296 | ---- | C] (Microsoft Corporation) wuauclt1.exe -> %SystemRoot%\System32\wuauclt1.exe -> [2008/12/01 17:45:33 | 00,165,888 | ---- | C] (Microsoft Corporation) wuauclt.exe -> %SystemRoot%\System32\wuauclt.exe -> [2008/12/01 17:45:33 | 00,051,224 | ---- | C] (Microsoft Corporation) wups.dll -> %SystemRoot%\System32\wups.dll -> [2008/12/01 17:45:33 | 00,034,328 | ---- | C] (Microsoft Corporation) wups.dll -> %SystemRoot%\System32\dllcache\wups.dll -> [2008/12/01 17:45:33 | 00,034,328 | ---- | C] (Microsoft Corporation) wuauserv.dll -> %SystemRoot%\System32\wuauserv.dll -> [2008/12/01 17:45:33 | 00,006,656 | ---- | C] (Microsoft Corporation) qmgr.dll -> %SystemRoot%\System32\qmgr.dll -> [2008/12/01 17:45:32 | 00,382,464 | ---- | C] (Microsoft Corporation) qmgrprxy.dll -> %SystemRoot%\System32\qmgrprxy.dll -> [2008/12/01 17:45:32 | 00,018,944 | ---- | C] (Microsoft Corporation) bitsprx2.dll -> %SystemRoot%\System32\bitsprx2.dll -> [2008/12/01 17:45:32 | 00,008,192 | ---- | C] (Microsoft Corporation) bitsprx3.dll -> %SystemRoot%\System32\bitsprx3.dll -> [2008/12/01 17:45:32 | 00,007,168 | ---- | C] (Microsoft Corporation) Movie Maker -> %ProgramFiles%\Movie Maker -> [2008/12/01 17:45:29 | 00,000,000 | ---D | C] safrslv.dll -> %SystemRoot%\System32\safrslv.dll -> [2008/12/01 17:45:24 | 00,045,568 | ---- | C] (Microsoft Corporation) safrcdlg.dll -> %SystemRoot%\System32\safrcdlg.dll -> [2008/12/01 17:45:24 | 00,043,520 | ---- | C] (Microsoft Corporation) racpldlg.dll -> %SystemRoot%\System32\racpldlg.dll -> [2008/12/01 17:45:24 | 00,043,520 | ---- | C] (Microsoft Corporation) safrdm.dll -> %SystemRoot%\System32\safrdm.dll -> [2008/12/01 17:45:24 | 00,029,696 | ---- | C] (Microsoft Corporation) fltMgr.sys -> %SystemRoot%\System32\drivers\fltMgr.sys -> [2008/12/01 17:45:21 | 00,124,800 | ---- | C] (Microsoft Corporation) fltMc.exe -> %SystemRoot%\System32\fltMc.exe -> [2008/12/01 17:45:21 | 00,022,528 | ---- | C] (Microsoft Corporation) fltlib.dll -> %SystemRoot%\System32\fltlib.dll -> [2008/12/01 17:45:21 | 00,016,896 | ---- | C] (Microsoft Corporation) srrstr.dll -> %SystemRoot%\System32\srrstr.dll -> [2008/12/01 17:45:20 | 00,239,104 | ---- | C] (Microsoft Corporation) srsvc.dll -> %SystemRoot%\System32\srsvc.dll -> [2008/12/01 17:45:20 | 00,170,496 | ---- | C] (Microsoft Corporation) ils.dll -> %SystemRoot%\System32\ils.dll -> [2008/12/01 17:45:20 | 00,081,920 | ---- | C] (Microsoft Corporation) sr.sys -> %SystemRoot%\System32\drivers\sr.sys -> [2008/12/01 17:45:20 | 00,073,472 | ---- | C] (Microsoft Corporation) srclient.dll -> %SystemRoot%\System32\srclient.dll -> [2008/12/01 17:45:20 | 00,067,584 | ---- | C] (Microsoft Corporation) Restore -> %SystemRoot%\System32\Restore -> [2008/12/01 17:45:20 | 00,000,000 | ---D | C] msh261.drv -> %SystemRoot%\System32\msh261.drv -> [2008/12/01 17:45:19 | 00,188,416 | ---- | C] (Microsoft Corporation) msconf.dll -> %SystemRoot%\System32\msconf.dll -> [2008/12/01 17:45:19 | 00,069,632 | ---- | C] (Microsoft Corporation) mnmdd.dll -> %SystemRoot%\System32\mnmdd.dll -> [2008/12/01 17:45:19 | 00,034,560 | ---- | C] (Microsoft Corporation) mnmsrvc.exe -> %SystemRoot%\System32\mnmsrvc.exe -> [2008/12/01 17:45:19 | 00,032,768 | ---- | C] (Microsoft Corporation) nmmkcert.dll -> %SystemRoot%\System32\nmmkcert.dll -> [2008/12/01 17:45:19 | 00,028,672 | ---- | C] (Microsoft Corporation) msoeacct.dll -> %SystemRoot%\System32\msoeacct.dll -> [2008/12/01 17:45:16 | 00,252,928 | ---- | C] (Microsoft Corporation) msoert2.dll -> %SystemRoot%\System32\msoert2.dll -> [2008/12/01 17:45:16 | 00,105,984 | ---- | C] (Microsoft Corporation) NetMeeting -> %ProgramFiles%\NetMeeting -> [2008/12/01 17:45:16 | 00,000,000 | ---D | C] inetcomm.dll -> %SystemRoot%\System32\inetcomm.dll -> [2008/12/01 17:45:15 | 00,683,520 | ---- | C] (Microsoft Corporation) inetres.dll -> %SystemRoot%\System32\inetres.dll -> [2008/12/01 17:45:15 | 00,048,128 | ---- | C] (Microsoft Corporation) mstask.dll -> %SystemRoot%\System32\mstask.dll -> [2008/12/01 17:45:13 | 00,274,944 | ---- | C] (Microsoft Corporation) schedsvc.dll -> %SystemRoot%\System32\schedsvc.dll -> [2008/12/01 17:45:13 | 00,190,976 | ---- | C] (Microsoft Corporation) icwdial.dll -> %SystemRoot%\System32\icwdial.dll -> [2008/12/01 17:45:13 | 00,073,728 | ---- | C] (Microsoft Corporation) icwphbk.dll -> %SystemRoot%\System32\icwphbk.dll -> [2008/12/01 17:45:13 | 00,065,536 | ---- | C] (Microsoft Corporation) mstinit.exe -> %SystemRoot%\System32\mstinit.exe -> [2008/12/01 17:45:13 | 00,012,288 | ---- | C] (Microsoft Corporation) Outlook Express -> %ProgramFiles%\Outlook Express -> [2008/12/01 17:45:13 | 00,000,000 | ---D | C] inetcfg.dll -> %SystemRoot%\System32\inetcfg.dll -> [2008/12/01 17:45:12 | 00,274,432 | ---- | C] (Microsoft Corporation) isign32.dll -> %SystemRoot%\System32\isign32.dll -> [2008/12/01 17:45:12 | 00,081,920 | ---- | C] (Microsoft Corporation) System -> %CommonProgramFiles%\System -> [2008/12/01 17:45:06 | 00,000,000 | ---D | C] Internet Explorer -> %ProgramFiles%\Internet Explorer -> [2008/12/01 17:45:03 | 00,000,000 | ---D | C] My Pictures -> %AllUsersProfile%\Documents\My Pictures -> [2008/12/01 17:45:02 | 00,000,000 | R--D | C] emptyregdb.dat -> %SystemRoot%\System32\emptyregdb.dat -> [2008/12/01 17:44:43 | 00,021,640 | ---- | C] () ComPlus Applications -> %ProgramFiles%\ComPlus Applications -> [2008/12/01 17:44:35 | 00,000,000 | ---D | C] vbaddin.ini -> %SystemRoot%\vbaddin.ini -> [2008/12/01 17:44:33 | 00,000,037 | ---- | C] () vb.ini -> %SystemRoot%\vb.ini -> [2008/12/01 17:44:33 | 00,000,036 | ---- | C] () Registration -> %SystemRoot%\Registration -> [2008/12/01 17:44:29 | 00,000,000 | ---D | C] Online Services -> %ProgramFiles%\Online Services -> [2008/12/01 17:44:22 | 00,000,000 | ---D | C] My Music -> %AllUsersProfile%\Documents\My Music -> [2008/12/01 17:44:21 | 00,000,000 | R--D | C] Windows Media Player -> %ProgramFiles%\Windows Media Player -> [2008/12/01 17:44:21 | 00,000,000 | ---D | C] Messenger -> %ProgramFiles%\Messenger -> [2008/12/01 17:44:16 | 00,000,000 | ---D | C] write.exe -> %SystemRoot%\System32\write.exe -> [2008/12/01 17:44:13 | 00,005,632 | ---- | C] (Microsoft Corporation) MSN Gaming Zone -> %ProgramFiles%\MSN Gaming Zone -> [2008/12/01 17:44:13 | 00,000,000 | ---D | C] sndvol32.exe -> %SystemRoot%\System32\sndvol32.exe -> [2008/12/01 17:44:02 | 00,138,752 | ---- | C] (Microsoft Corporation) avwav.dll -> %SystemRoot%\System32\avwav.dll -> [2008/12/01 17:44:02 | 00,073,216 | ---- | C] (Microsoft Corporation) avtapi.dll -> %SystemRoot%\System32\avtapi.dll -> [2008/12/01 17:44:01 | 00,227,840 | ---- | C] (Microsoft Corporation) winchat.exe -> %SystemRoot%\System32\winchat.exe -> [2008/12/01 17:44:01 | 00,035,328 | ---- | C] (Microsoft Corporation) avmeter.dll -> %SystemRoot%\System32\avmeter.dll -> [2008/12/01 17:44:01 | 00,016,384 | ---- | C] (Microsoft Corporation) Prairie Wind.bmp -> %SystemRoot%\Prairie Wind.bmp -> [2008/12/01 17:43:55 | 00,065,954 | ---- | C] () Santa Fe Stucco.bmp -> %SystemRoot%\Santa Fe Stucco.bmp -> [2008/12/01 17:43:55 | 00,065,832 | ---- | C] () River Sumida.bmp -> %SystemRoot%\River Sumida.bmp -> [2008/12/01 17:43:55 | 00,026,680 | ---- | C] () Greenstone.bmp -> %SystemRoot%\Greenstone.bmp -> [2008/12/01 17:43:55 | 00,026,582 | ---- | C] () Rhododendron.bmp -> %SystemRoot%\Rhododendron.bmp -> [2008/12/01 17:43:55 | 00,017,362 | ---- | C] () Gone Fishing.bmp -> %SystemRoot%\Gone Fishing.bmp -> [2008/12/01 17:43:55 | 00,017,336 | ---- | C] () FeatherTexture.bmp -> %SystemRoot%\FeatherTexture.bmp -> [2008/12/01 17:43:55 | 00,016,730 | ---- | C] () Zapotec.bmp -> %SystemRoot%\Zapotec.bmp -> [2008/12/01 17:43:55 | 00,009,522 | ---- | C] () subrange.uce -> %SystemRoot%\System32\subrange.uce -> [2008/12/01 17:43:54 | 00,093,702 | ---- | C] () Soap Bubbles.bmp -> %SystemRoot%\Soap Bubbles.bmp -> [2008/12/01 17:43:54 | 00,065,978 | ---- | C] () Coffee Bean.bmp -> %SystemRoot%\Coffee Bean.bmp -> [2008/12/01 17:43:54 | 00,017,062 | ---- | C] () shiftjis.uce -> %SystemRoot%\System32\shiftjis.uce -> [2008/12/01 17:43:54 | 00,016,740 | ---- | C] () korean.uce -> %SystemRoot%\System32\korean.uce -> [2008/12/01 17:43:54 | 00,012,876 | ---- | C] () kanji_2.uce -> %SystemRoot%\System32\kanji_2.uce -> [2008/12/01 17:43:54 | 00,008,484 | ---- | C] () kanji_1.uce -> %SystemRoot%\System32\kanji_1.uce -> [2008/12/01 17:43:54 | 00,006,948 | ---- | C] () Blue Lace 16.bmp -> %SystemRoot%\Blue Lace 16.bmp -> [2008/12/01 17:43:54 | 00,001,272 | ---- | C] () getuname.dll -> %SystemRoot%\System32\getuname.dll -> [2008/12/01 17:43:53 | 00,605,696 | ---- | C] (Microsoft Corporation) calc.exe -> %SystemRoot%\System32\calc.exe -> [2008/12/01 17:43:53 | 00,114,688 | ---- | C] (Microsoft Corporation) charmap.exe -> %SystemRoot%\System32\charmap.exe -> [2008/12/01 17:43:53 | 00,080,384 | ---- | C] (Microsoft Corporation) ideograf.uce -> %SystemRoot%\System32\ideograf.uce -> [2008/12/01 17:43:53 | 00,060,458 | ---- | C] () gb2312.uce -> %SystemRoot%\System32\gb2312.uce -> [2008/12/01 17:43:53 | 00,024,006 | ---- | C] () bopomofo.uce -> %SystemRoot%\System32\bopomofo.uce -> [2008/12/01 17:43:53 | 00,022,984 | ---- | C] () mshearts.exe -> %SystemRoot%\System32\mshearts.exe -> [2008/12/01 17:43:52 | 00,126,976 | ---- | C] (Microsoft Corporation) winmine.exe -> %SystemRoot%\System32\winmine.exe -> [2008/12/01 17:43:52 | 00,119,808 | ---- | C] (Microsoft Corporation) sol.exe -> %SystemRoot%\System32\sol.exe -> [2008/12/01 17:43:52 | 00,056,832 | ---- | C] (Microsoft Corporation) freecell.exe -> %SystemRoot%\System32\freecell.exe -> [2008/12/01 17:43:52 | 00,055,296 | ---- | C] (Microsoft Corporation) regini.exe -> %SystemRoot%\System32\regini.exe -> [2008/12/01 17:43:51 | 00,033,792 | ---- | C] (Microsoft Corporation) qwinsta.exe -> %SystemRoot%\System32\qwinsta.exe -> [2008/12/01 17:43:51 | 00,022,016 | ---- | C] (Microsoft Corporation) tsshutdn.exe -> %SystemRoot%\System32\tsshutdn.exe -> [2008/12/01 17:43:51 | 00,016,896 | ---- | C] (Microsoft Corporation) tskill.exe -> %SystemRoot%\System32\tskill.exe -> [2008/12/01 17:43:51 | 00,016,384 | ---- | C] (Microsoft Corporation) rwinsta.exe -> %SystemRoot%\System32\rwinsta.exe -> [2008/12/01 17:43:51 | 00,015,872 | ---- | C] (Microsoft Corporation) tsdiscon.exe -> %SystemRoot%\System32\tsdiscon.exe -> [2008/12/01 17:43:51 | 00,014,848 | ---- | C] (Microsoft Corporation) tscon.exe -> %SystemRoot%\System32\tscon.exe -> [2008/12/01 17:43:51 | 00,014,848 | ---- | C] (Microsoft Corporation) shadow.exe -> %SystemRoot%\System32\shadow.exe -> [2008/12/01 17:43:51 | 00,014,848 | ---- | C] (Microsoft Corporation) tslabels.ini -> %SystemRoot%\System32\tslabels.ini -> [2008/12/01 17:43:51 | 00,013,223 | ---- | C] () reset.exe -> %SystemRoot%\System32\reset.exe -> [2008/12/01 17:43:51 | 00,009,728 | ---- | C] (Microsoft Corporation) rdpcfgex.dll -> %SystemRoot%\System32\rdpcfgex.dll -> [2008/12/01 17:43:51 | 00,004,096 | ---- | C] (Microsoft Corporation) tslabels.h -> %SystemRoot%\System32\tslabels.h -> [2008/12/01 17:43:51 | 00,003,286 | ---- | C] () usrlogon.cmd -> %SystemRoot%\System32\usrlogon.cmd -> [2008/12/01 17:43:51 | 00,001,161 | ---- | C] () msg.exe -> %SystemRoot%\System32\msg.exe -> [2008/12/01 17:43:50 | 00,020,992 | ---- | C] (Microsoft Corporation) qappsrv.exe -> %SystemRoot%\System32\qappsrv.exe -> [2008/12/01 17:43:50 | 00,016,896 | ---- | C] (Microsoft Corporation) cdmodem.dll -> %SystemRoot%\System32\cdmodem.dll -> [2008/12/01 17:43:50 | 00,015,872 | ---- | C] (Microsoft Corporation) logoff.exe -> %SystemRoot%\System32\logoff.exe -> [2008/12/01 17:43:50 | 00,015,360 | ---- | C] (Microsoft Corporation) msdtcprf.ini -> %SystemRoot%\System32\msdtcprf.ini -> [2008/12/01 17:43:50 | 00,001,931 | ---- | C] () msdtcprf.h -> %SystemRoot%\System32\msdtcprf.h -> [2008/12/01 17:43:50 | 00,000,768 | ---- | C] () comrepl.dll -> %SystemRoot%\System32\comrepl.dll -> [2008/12/01 17:43:49 | 00,082,432 | ---- | C] (Microsoft Corporation) comaddin.dll -> %SystemRoot%\System32\comaddin.dll -> [2008/12/01 17:43:49 | 00,025,600 | ---- | C] (Microsoft Corporation) mtxlegih.dll -> %SystemRoot%\System32\mtxlegih.dll -> [2008/12/01 17:43:49 | 00,025,088 | ---- | C] (Microsoft Corporation) mtxdm.dll -> %SystemRoot%\System32\mtxdm.dll -> [2008/12/01 17:43:49 | 00,020,480 | ---- | C] (Microsoft Corporation) dcomcnfg.exe -> %SystemRoot%\System32\dcomcnfg.exe -> [2008/12/01 17:43:49 | 00,005,120 | ---- | C] (Microsoft Corporation) mtxex.dll -> %SystemRoot%\System32\mtxex.dll -> [2008/12/01 17:43:49 | 00,004,096 | ---- | C] (Microsoft Corporation) comsnap.dll -> %SystemRoot%\System32\comsnap.dll -> [2008/12/01 17:43:48 | 00,147,456 | ---- | C] (Microsoft Corporation) stclient.dll -> %SystemRoot%\System32\stclient.dll -> [2008/12/01 17:43:48 | 00,054,272 | ---- | C] (Microsoft Corporation) wmimgmt.msc -> %SystemRoot%\System32\wmimgmt.msc -> [2008/12/01 17:43:43 | 00,063,488 | ---- | C] () MSN -> %ProgramFiles%\MSN -> [2008/12/01 17:43:33 | 00,000,000 | ---D | C] accwiz.exe -> %SystemRoot%\System32\accwiz.exe -> [2008/12/01 17:43:32 | 00,183,808 | ---- | C] (Microsoft Corporation) sndrec32.exe -> %SystemRoot%\System32\sndrec32.exe -> [2008/12/01 17:43:32 | 00,131,584 | ---- | C] (Microsoft Corporation) access.cpl -> %SystemRoot%\System32\access.cpl -> [2008/12/01 17:43:32 | 00,068,608 | ---- | C] (Microsoft Corporation) mspaint.exe -> %SystemRoot%\System32\mspaint.exe -> [2008/12/01 17:43:31 | 00,343,040 | ---- | C] (Microsoft Corporation) mplay32.exe -> %SystemRoot%\System32\mplay32.exe -> [2008/12/01 17:43:31 | 00,123,392 | ---- | C] (Microsoft Corporation) clipbrd.exe -> %SystemRoot%\System32\clipbrd.exe -> [2008/12/01 17:43:31 | 00,102,912 | ---- | C] (Microsoft Corporation) Windows NT -> %ProgramFiles%\Windows NT -> [2008/12/01 17:43:31 | 00,000,000 | ---D | C] spider.exe -> %SystemRoot%\System32\spider.exe -> [2008/12/01 17:43:30 | 00,538,624 | ---- | C] (Microsoft Corporation) rdpwd.sys -> %SystemRoot%\System32\drivers\rdpwd.sys -> [2008/12/01 17:43:30 | 00,139,400 | ---- | C] (Microsoft Corporation) tscfgwmi.dll -> %SystemRoot%\System32\tscfgwmi.dll -> [2008/12/01 17:43:30 | 00,093,696 | ---- | C] (Microsoft Corporation) tdtcp.sys -> %SystemRoot%\System32\drivers\tdtcp.sys -> [2008/12/01 17:43:30 | 00,021,896 | ---- | C] (Microsoft Corporation) tdpipe.sys -> %SystemRoot%\System32\drivers\tdpipe.sys -> [2008/12/01 17:43:30 | 00,012,040 | ---- | C] (Microsoft Corporation) mstscax.dll -> %SystemRoot%\System32\mstscax.dll -> [2008/12/01 17:43:29 | 00,655,360 | ---- | C] (Microsoft Corporation) mstsc.exe -> %SystemRoot%\System32\mstsc.exe -> [2008/12/01 17:43:29 | 00,407,552 | ---- | C] (Microsoft Corporation) rdchost.dll -> %SystemRoot%\System32\rdchost.dll -> [2008/12/01 17:43:29 | 00,147,968 | ---- | C] (Microsoft Corporation) sessmgr.exe -> %SystemRoot%\System32\sessmgr.exe -> [2008/12/01 17:43:29 | 00,140,800 | ---- | C] (Microsoft Corporation) rdshost.exe -> %SystemRoot%\System32\rdshost.exe -> [2008/12/01 17:43:29 | 00,067,072 | ---- | C] (Microsoft Corporation) remotepg.dll -> %SystemRoot%\System32\remotepg.dll -> [2008/12/01 17:43:29 | 00,060,416 | ---- | C] (Microsoft Corporation) tscupgrd.exe -> %SystemRoot%\System32\tscupgrd.exe -> [2008/12/01 17:43:29 | 00,044,544 | ---- | C] (Microsoft Corporation) rdsaddin.exe -> %SystemRoot%\System32\rdsaddin.exe -> [2008/12/01 17:43:29 | 00,013,824 | ---- | C] (Microsoft Corporation) termsrv.dll -> %SystemRoot%\System32\termsrv.dll -> [2008/12/01 17:43:28 | 00,295,424 | ---- | C] (Microsoft Corporation) msdtcuiu.dll -> %SystemRoot%\System32\msdtcuiu.dll -> [2008/12/01 17:43:28 | 00,161,280 | ---- | C] (Microsoft Corporation) rdpwsx.dll -> %SystemRoot%\System32\rdpwsx.dll -> [2008/12/01 17:43:28 | 00,087,176 | ---- | C] (Microsoft Corporation) rdpclip.exe -> %SystemRoot%\System32\rdpclip.exe -> [2008/12/01 17:43:28 | 00,062,464 | ---- | C] (Microsoft Corporation) cfgbkend.dll -> %SystemRoot%\System32\cfgbkend.dll -> [2008/12/01 17:43:28 | 00,038,912 | ---- | C] (Microsoft Corporation) qprocess.exe -> %SystemRoot%\System32\qprocess.exe -> [2008/12/01 17:43:28 | 00,020,480 | ---- | C] (Microsoft Corporation) rdpsnd.dll -> %SystemRoot%\System32\rdpsnd.dll -> [2008/12/01 17:43:28 | 00,019,968 | ---- | C] (Microsoft Corporation) icaapi.dll -> %SystemRoot%\System32\icaapi.dll -> [2008/12/01 17:43:28 | 00,011,264 | ---- | C] (Microsoft Corporation) MsDtc -> %SystemRoot%\System32\MsDtc -> [2008/12/01 17:43:28 | 00,000,000 | ---D | C] msdtctm.dll -> %SystemRoot%\System32\msdtctm.dll -> [2008/12/01 17:43:27 | 00,949,248 | ---- | C] (Microsoft Corporation) msdtcprx.dll -> %SystemRoot%\System32\msdtcprx.dll -> [2008/12/01 17:43:27 | 00,425,472 | ---- | C] (Microsoft Corporation) mtxoci.dll -> %SystemRoot%\System32\mtxoci.dll -> [2008/12/01 17:43:27 | 00,090,112 | ---- | C] (Microsoft Corporation) msdtclog.dll -> %SystemRoot%\System32\msdtclog.dll -> [2008/12/01 17:43:27 | 00,058,880 | ---- | C] (Microsoft Corporation) xolehlp.dll -> %SystemRoot%\System32\xolehlp.dll -> [2008/12/01 17:43:27 | 00,011,776 | ---- | C] (Microsoft Corporation) msdtc.exe -> %SystemRoot%\System32\msdtc.exe -> [2008/12/01 17:43:27 | 00,006,144 | ---- | C] (Microsoft Corporation) clbcatex.dll -> %SystemRoot%\System32\clbcatex.dll -> [2008/12/01 17:43:26 | 00,110,080 | ---- | C] (Microsoft Corporation) catsrvps.dll -> %SystemRoot%\System32\catsrvps.dll -> [2008/12/01 17:43:26 | 00,085,504 | ---- | C] (Microsoft Corporation) colbact.dll -> %SystemRoot%\System32\colbact.dll -> [2008/12/01 17:43:26 | 00,062,464 | ---- | C] (Microsoft Corporation) Com -> %SystemRoot%\System32\Com -> [2008/12/01 17:43:26 | 00,000,000 | ---D | C] comsvcs.dll -> %SystemRoot%\System32\comsvcs.dll -> [2008/12/01 17:43:25 | 01,251,840 | ---- | C] (Microsoft Corporation) catsrvut.dll -> %SystemRoot%\System32\catsrvut.dll -> [2008/12/01 17:43:25 | 00,628,224 | ---- | C] (Microsoft Corporation) comuid.dll -> %SystemRoot%\System32\comuid.dll -> [2008/12/01 17:43:25 | 00,540,160 | ---- | C] (Microsoft Corporation) clbcatq.dll -> %SystemRoot%\System32\clbcatq.dll -> [2008/12/01 17:43:25 | 00,501,248 | ---- | C] (Microsoft Corporation) catsrv.dll -> %SystemRoot%\System32\catsrv.dll -> [2008/12/01 17:43:25 | 00,229,888 | ---- | C] (Microsoft Corporation) servdeps.dll -> %SystemRoot%\System32\servdeps.dll -> [2008/12/01 17:43:18 | 00,056,320 | ---- | C] (Microsoft Corporation) cmprops.dll -> %SystemRoot%\System32\cmprops.dll -> [2008/12/01 17:43:17 | 00,185,344 | ---- | C] (Microsoft Corporation) licwmi.dll -> %SystemRoot%\System32\licwmi.dll -> [2008/12/01 17:43:17 | 00,058,880 | ---- | C] (Microsoft Corporation) mmfutil.dll -> %SystemRoot%\System32\mmfutil.dll -> [2008/12/01 17:43:17 | 00,017,408 | ---- | C] (Microsoft Corporation) rdpdr.sys -> %SystemRoot%\System32\drivers\rdpdr.sys -> [2008/12/01 17:43:14 | 00,196,864 | ---- | C] (Microsoft Corporation) termdd.sys -> %SystemRoot%\System32\drivers\termdd.sys -> [2008/12/01 17:43:14 | 00,040,840 | ---- | C] (Microsoft Corporation) My Videos -> %AllUsersProfile%\Documents\My Videos -> [2008/12/01 17:43:13 | 00,000,000 | R--D | C] audstub.sys -> %SystemRoot%\System32\drivers\audstub.sys -> [2008/12/01 09:42:13 | 00,003,072 | ---- | C] (Microsoft Corporation) hidserv.dll -> %SystemRoot%\System32\hidserv.dll -> [2008/12/01 09:41:58 | 00,021,504 | ---- | C] (Microsoft Corporation) redbook.sys -> %SystemRoot%\System32\drivers\redbook.sys -> [2008/12/01 09:41:34 | 00,057,472 | ---- | C] (Microsoft Corporation) usbui.dll -> %SystemRoot%\System32\usbui.dll -> [2008/12/01 09:40:56 | 00,074,240 | ---- | C] (Microsoft Corporation) imsins.BAK -> %SystemRoot%\imsins.BAK -> [2008/12/01 09:39:54 | 00,001,393 | ---- | C] () PerfStringBackup.INI -> %SystemRoot%\System32\PerfStringBackup.INI -> [2008/12/01 09:39:51 | 00,355,944 | ---- | C] () Installer -> %SystemRoot%\Installer -> [2008/12/01 09:39:51 | 00,000,000 | -HSD | C] ODBCINST.INI -> %SystemRoot%\ODBCINST.INI -> [2008/12/01 09:39:50 | 00,004,161 | ---- | C] () ODBC -> %CommonProgramFiles%\ODBC -> [2008/12/01 09:39:50 | 00,000,000 | ---D | C] Program Files -> %ProgramFiles% -> [2008/12/01 09:39:47 | 00,000,000 | R--D | C] SpeechEngines -> %CommonProgramFiles%\SpeechEngines -> [2008/12/01 09:39:47 | 00,000,000 | ---D | C] Microsoft Shared -> %CommonProgramFiles%\Microsoft Shared -> [2008/12/01 09:39:47 | 00,000,000 | ---D | C] Common Files -> %CommonProgramFiles% -> [2008/12/01 09:39:47 | 00,000,000 | ---D | C] c_28603.nls -> %SystemRoot%\System32\c_28603.nls -> [2008/12/01 09:39:45 | 00,066,082 | ---- | C] () kbdtuq.dll -> %SystemRoot%\System32\kbdtuq.dll -> [2008/12/01 09:39:44 | 00,006,144 | R--- | C] (Microsoft Corporation) kbdtuf.dll -> %SystemRoot%\System32\kbdtuf.dll -> [2008/12/01 09:39:44 | 00,006,144 | R--- | C] (Microsoft Corporation) kbdazel.dll -> %SystemRoot%\System32\kbdazel.dll -> [2008/12/01 09:39:44 | 00,005,632 | R--- | C] (Microsoft Corporation) c_857.nls -> %SystemRoot%\System32\c_857.nls -> [2008/12/01 09:39:43 | 00,066,594 | ---- | C] () c_28599.nls -> %SystemRoot%\System32\c_28599.nls -> [2008/12/01 09:39:43 | 00,066,082 | ---- | C] () c_10081.nls -> %SystemRoot%\System32\c_10081.nls -> [2008/12/01 09:39:43 | 00,066,082 | ---- | C] () C_28595.NLS -> %SystemRoot%\System32\C_28595.NLS -> [2008/12/01 09:39:41 | 00,066,082 | ---- | C] () c_10017.nls -> %SystemRoot%\System32\c_10017.nls -> [2008/12/01 09:39:41 | 00,066,082 | ---- | C] () c_10007.nls -> %SystemRoot%\System32\c_10007.nls -> [2008/12/01 09:39:41 | 00,066,082 | ---- | C] () kbdycc.dll -> %SystemRoot%\System32\kbdycc.dll -> [2008/12/01 09:39:41 | 00,005,632 | R--- | C] (Microsoft Corporation) kbduzb.dll -> %SystemRoot%\System32\kbduzb.dll -> [2008/12/01 09:39:41 | 00,005,632 | R--- | C] (Microsoft Corporation) kbdur.dll -> %SystemRoot%\System32\kbdur.dll -> [2008/12/01 09:39:41 | 00,005,632 | R--- | C] (Microsoft Corporation) kbdtat.dll -> %SystemRoot%\System32\kbdtat.dll -> [2008/12/01 09:39:41 | 00,005,632 | R--- | C] (Microsoft Corporation) kbdru1.dll -> %SystemRoot%\System32\kbdru1.dll -> [2008/12/01 09:39:41 | 00,005,632 | R--- | C] (Microsoft Corporation) kbdru.dll -> %SystemRoot%\System32\kbdru.dll -> [2008/12/01 09:39:41 | 00,005,632 | R--- | C] (Microsoft Corporation) kbdmon.dll -> %SystemRoot%\System32\kbdmon.dll -> [2008/12/01 09:39:41 | 00,005,632 | R--- | C] (Microsoft Corporation) kbdkyr.dll -> %SystemRoot%\System32\kbdkyr.dll -> [2008/12/01 09:39:41 | 00,005,632 | R--- | C] (Microsoft Corporation) kbdkaz.dll -> %SystemRoot%\System32\kbdkaz.dll -> [2008/12/01 09:39:41 | 00,005,632 | R--- | C] (Microsoft Corporation) kbdbu.dll -> %SystemRoot%\System32\kbdbu.dll -> [2008/12/01 09:39:41 | 00,005,632 | R--- | C] (Microsoft Corporation) kbdblr.dll -> %SystemRoot%\System32\kbdblr.dll -> [2008/12/01 09:39:41 | 00,005,632 | R--- | C] (Microsoft Corporation) kbdaze.dll -> %SystemRoot%\System32\kbdaze.dll -> [2008/12/01 09:39:41 | 00,005,632 | R--- | C] (Microsoft Corporation) kbdhept.dll -> %SystemRoot%\System32\kbdhept.dll -> [2008/12/01 09:39:39 | 00,008,192 | R--- | C] (Microsoft Corporation) kbdhela3.dll -> %SystemRoot%\System32\kbdhela3.dll -> [2008/12/01 09:39:39 | 00,006,656 | R--- | C] (Microsoft Corporation) kbdhela2.dll -> %SystemRoot%\System32\kbdhela2.dll -> [2008/12/01 09:39:39 | 00,006,144 | R--- | C] (Microsoft Corporation) c_869.nls -> %SystemRoot%\System32\c_869.nls -> [2008/12/01 09:39:38 | 00,066,594 | ---- | C] () c_737.nls -> %SystemRoot%\System32\c_737.nls -> [2008/12/01 09:39:38 | 00,066,594 | ---- | C] () c_875.nls -> %SystemRoot%\System32\c_875.nls -> [2008/12/01 09:39:38 | 00,066,082 | ---- | C] () C_28597.NLS -> %SystemRoot%\System32\C_28597.NLS -> [2008/12/01 09:39:38 | 00,066,082 | ---- | C] () c_10006.nls -> %SystemRoot%\System32\c_10006.nls -> [2008/12/01 09:39:38 | 00,066,082 | ---- | C] () kbdgkl.dll -> %SystemRoot%\System32\kbdgkl.dll -> [2008/12/01 09:39:38 | 00,006,144 | R--- | C] (Microsoft Corporation) kbdhe319.dll -> %SystemRoot%\System32\kbdhe319.dll -> [2008/12/01 09:39:38 | 00,005,632 | R--- | C] (Microsoft Corporation) kbdhe220.dll -> %SystemRoot%\System32\kbdhe220.dll -> [2008/12/01 09:39:38 | 00,005,632 | R--- | C] (Microsoft Corporation) kbdhe.dll -> %SystemRoot%\System32\kbdhe.dll -> [2008/12/01 09:39:38 | 00,005,632 | R--- | C] (Microsoft Corporation) kbdlv1.dll -> %SystemRoot%\System32\kbdlv1.dll -> [2008/12/01 09:39:37 | 00,006,144 | R--- | C] (Microsoft Corporation) kbdlv.dll -> %SystemRoot%\System32\kbdlv.dll -> [2008/12/01 09:39:37 | 00,006,144 | R--- | C] (Microsoft Corporation) kbdest.dll -> %SystemRoot%\System32\kbdest.dll -> [2008/12/01 09:39:37 | 00,006,144 | R--- | C] (Microsoft Corporation) kbdlt1.dll -> %SystemRoot%\System32\kbdlt1.dll -> [2008/12/01 09:39:37 | 00,005,632 | R--- | C] (Microsoft Corporation) kbdlt.dll -> %SystemRoot%\System32\kbdlt.dll -> [2008/12/01 09:39:37 | 00,005,632 | R--- | C] (Microsoft Corporation) c_866.nls -> %SystemRoot%\System32\c_866.nls -> [2008/12/01 09:39:36 | 00,066,594 | ---- | C] () c_855.nls -> %SystemRoot%\System32\c_855.nls -> [2008/12/01 09:39:36 | 00,066,594 | ---- | C] () C_28594.NLS -> %SystemRoot%\System32\C_28594.NLS -> [2008/12/01 09:39:36 | 00,066,082 | ---- | C] () c_852.nls -> %SystemRoot%\System32\c_852.nls -> [2008/12/01 09:39:34 | 00,066,594 | ---- | C] () c_10082.nls -> %SystemRoot%\System32\c_10082.nls -> [2008/12/01 09:39:34 | 00,066,082 | ---- | C] () c_10029.nls -> %SystemRoot%\System32\c_10029.nls -> [2008/12/01 09:39:34 | 00,066,082 | ---- | C] () c_10010.nls -> %SystemRoot%\System32\c_10010.nls -> [2008/12/01 09:39:34 | 00,066,082 | ---- | C] () kbdcz.dll -> %SystemRoot%\System32\kbdcz.dll -> [2008/12/01 09:39:34 | 00,007,168 | R--- | C] (Microsoft Corporation) kbdycl.dll -> %SystemRoot%\System32\kbdycl.dll -> [2008/12/01 09:39:34 | 00,006,656 | R--- | C] (Microsoft Corporation) kbdsl1.dll -> %SystemRoot%\System32\kbdsl1.dll -> [2008/12/01 09:39:34 | 00,006,656 | R--- | C] (Microsoft Corporation) kbdsl.dll -> %SystemRoot%\System32\kbdsl.dll -> [2008/12/01 09:39:34 | 00,006,656 | R--- | C] (Microsoft Corporation) kbdpl.dll -> %SystemRoot%\System32\kbdpl.dll -> [2008/12/01 09:39:34 | 00,006,656 | R--- | C] (Microsoft Corporation) kbdhu.dll -> %SystemRoot%\System32\kbdhu.dll -> [2008/12/01 09:39:34 | 00,006,656 | R--- | C] (Microsoft Corporation) kbdcz2.dll -> %SystemRoot%\System32\kbdcz2.dll -> [2008/12/01 09:39:34 | 00,006,656 | R--- | C] (Microsoft Corporation) kbdcz1.dll -> %SystemRoot%\System32\kbdcz1.dll -> [2008/12/01 09:39:34 | 00,006,656 | R--- | C] (Microsoft Corporation) kbdcr.dll -> %SystemRoot%\System32\kbdcr.dll -> [2008/12/01 09:39:34 | 00,006,656 | R--- | C] (Microsoft Corporation) KBDAL.DLL -> %SystemRoot%\System32\KBDAL.DLL -> [2008/12/01 09:39:34 | 00,006,656 | R--- | C] (Microsoft Corporation) kbdro.dll -> %SystemRoot%\System32\kbdro.dll -> [2008/12/01 09:39:34 | 00,005,632 | R--- | C] (Microsoft Corporation) kbdpl1.dll -> %SystemRoot%\System32\kbdpl1.dll -> [2008/12/01 09:39:34 | 00,005,632 | R--- | C] (Microsoft Corporation) kbdhu1.dll -> %SystemRoot%\System32\kbdhu1.dll -> [2008/12/01 09:39:34 | 00,005,632 | R--- | C] (Microsoft Corporation) c_20127.nls -> %SystemRoot%\System32\c_20127.nls -> [2008/12/01 09:39:32 | 00,066,082 | ---- | C] () spxcoins.dll -> %SystemRoot%\System32\spxcoins.dll -> [2008/12/01 09:39:31 | 00,024,661 | ---- | C] (Perle Systems Ltd.) WFWNET.DRV -> %SystemRoot%\System\WFWNET.DRV -> [2008/12/01 09:39:31 | 00,013,600 | ---- | C] (Microsoft Corporation) irclass.dll -> %SystemRoot%\System32\irclass.dll -> [2008/12/01 09:39:31 | 00,013,312 | ---- | C] (Microsoft Corporation) OLECLI.DLL -> %SystemRoot%\System\OLECLI.DLL -> [2008/12/01 09:39:30 | 00,082,944 | ---- | C] (Microsoft Corporation) OLESVR.DLL -> %SystemRoot%\System\OLESVR.DLL -> [2008/12/01 09:39:30 | 00,024,064 | ---- | C] (Microsoft Corporation) TAPI.DLL -> %SystemRoot%\System\TAPI.DLL -> [2008/12/01 09:39:30 | 00,019,200 | ---- | C] (Microsoft Corporation) VER.DLL -> %SystemRoot%\System\VER.DLL -> [2008/12/01 09:39:30 | 00,009,008 | ---- | C] (Microsoft Corporation) SHELL.DLL -> %SystemRoot%\System\SHELL.DLL -> [2008/12/01 09:39:30 | 00,005,120 | ---- | C] (Microsoft Corporation) TIMER.DRV -> %SystemRoot%\System\TIMER.DRV -> [2008/12/01 09:39:30 | 00,004,048 | ---- | C] (Microsoft Corporation) SYSTEM.DRV -> %SystemRoot%\System\SYSTEM.DRV -> [2008/12/01 09:39:30 | 00,003,360 | ---- | C] (Microsoft Corporation) VGA.DRV -> %SystemRoot%\System\VGA.DRV -> [2008/12/01 09:39:30 | 00,002,176 | ---- | C] (Microsoft Corporation) SOUND.DRV -> %SystemRoot%\System\SOUND.DRV -> [2008/12/01 09:39:30 | 00,001,744 | ---- | C] (Microsoft Corporation) MSVIDEO.DLL -> %SystemRoot%\System\MSVIDEO.DLL -> [2008/12/01 09:39:29 | 00,126,912 | ---- | C] (Microsoft Corporation) AVIFILE.DLL -> %SystemRoot%\System\AVIFILE.DLL -> [2008/12/01 09:39:29 | 00,109,456 | ---- | C] (Microsoft Corporation) MCIAVI.DRV -> %SystemRoot%\System\MCIAVI.DRV -> [2008/12/01 09:39:29 | 00,073,376 | ---- | C] (Microsoft Corporation) AVICAP.DLL -> %SystemRoot%\System\AVICAP.DLL -> [2008/12/01 09:39:29 | 00,069,584 | ---- | C] (Microsoft Corporation) COMMDLG.DLL -> %SystemRoot%\System\COMMDLG.DLL -> [2008/12/01 09:39:29 | 00,032,816 | ---- | C] (Microsoft Corporation) MCIWAVE.DRV -> %SystemRoot%\System\MCIWAVE.DRV -> [2008/12/01 09:39:29 | 00,028,160 | ---- | C] (Microsoft Corporation) MCISEQ.DRV -> %SystemRoot%\System\MCISEQ.DRV -> [2008/12/01 09:39:29 | 00,025,264 | ---- | C] (Microsoft Corporation) LZEXPAND.DLL -> %SystemRoot%\System\LZEXPAND.DLL -> [2008/12/01 09:39:29 | 00,009,936 | ---- | C] (Microsoft Corporation) MOUSE.DRV -> %SystemRoot%\System\MOUSE.DRV -> [2008/12/01 09:39:29 | 00,002,032 | ---- | C] (Microsoft Corporation) KEYBOARD.DRV -> %SystemRoot%\System\KEYBOARD.DRV -> [2008/12/01 09:39:29 | 00,002,000 | ---- | C] (Microsoft Corporation) MMTASK.TSK -> %SystemRoot%\System\MMTASK.TSK -> [2008/12/01 09:39:29 | 00,001,152 | ---- | C] (Microsoft Corporation) WINSPOOL.DRV -> %SystemRoot%\System\WINSPOOL.DRV -> [2008/12/01 09:39:28 | 00,146,432 | ---- | C] (Microsoft Corporation) TASKMAN.EXE -> %SystemRoot%\TASKMAN.EXE -> [2008/12/01 09:39:28 | 00,015,360 | ---- | C] (Microsoft Corporation) irenum.sys -> %SystemRoot%\System32\drivers\irenum.sys -> [2008/12/01 09:39:28 | 00,011,264 | ---- | C] (Microsoft Corporation) batt.dll -> %SystemRoot%\System32\batt.dll -> [2008/12/01 09:39:28 | 00,008,704 | ---- | C] (Microsoft Corporation) AUTOEXEC.NT -> %SystemRoot%\System32\AUTOEXEC.NT -> [2008/12/01 09:39:28 | 00,001,688 | ---- | C] () NOTEPAD.EXE -> %SystemRoot%\NOTEPAD.EXE -> [2008/12/01 09:39:27 | 00,069,120 | ---- | C] (Microsoft Corporation) MMSYSTEM.DLL -> %SystemRoot%\System\MMSYSTEM.DLL -> [2008/12/01 09:39:27 | 00,068,768 | ---- | C] (Microsoft Corporation) storprop.dll -> %SystemRoot%\System32\storprop.dll -> [2008/12/01 09:39:26 | 00,074,752 | ---- | C] (Microsoft Corporation) netfx.cat -> %SystemRoot%\System32\dllcache\netfx.cat -> [2008/12/01 09:39:17 | 00,141,702 | ---- | C] () tabletpc.cat -> %SystemRoot%\System32\dllcache\tabletpc.cat -> [2008/12/01 09:39:17 | 00,110,116 | ---- | C] () mediactr.cat -> %SystemRoot%\System32\dllcache\mediactr.cat -> [2008/12/01 09:39:17 | 00,031,965 | ---- | C] () msn7.cat -> %SystemRoot%\System32\dllcache\msn7.cat -> [2008/12/01 09:39:17 | 00,024,209 | ---- | C] () msn9.cat -> %SystemRoot%\System32\dllcache\msn9.cat -> [2008/12/01 09:39:17 | 00,011,651 | ---- | C] () OEMBIOS.CAT -> %SystemRoot%\System32\dllcache\OEMBIOS.CAT -> [2008/12/01 09:39:17 | 00,007,710 | ---- | C] () desktop.ini -> %AllUsersProfile%\Documents\desktop.ini -> [2008/12/01 09:39:17 | 00,000,131 | -HS- | C] () desktop.ini -> %AllUsersProfile%\Start Menu\Programs\Startup\desktop.ini -> [2008/12/01 09:39:17 | 00,000,084 | -HS- | C] () desktop.ini -> %AllUsersProfile%\Application Data\desktop.ini -> [2008/12/01 09:39:17 | 00,000,062 | -HS- | C] () Start Menu -> %AllUsersProfile%\Start Menu -> [2008/12/01 09:39:17 | 00,000,000 | R--D | C] Documents -> %AllUsersProfile%\Documents -> [2008/12/01 09:39:17 | 00,000,000 | R--D | C] Templates -> %AllUsersProfile%\Templates -> [2008/12/01 09:39:17 | 00,000,000 | -H-D | C] Favorites -> %AllUsersProfile%\Favorites -> [2008/12/01 09:39:17 | 00,000,000 | ---D | C] Desktop -> %AllUsersProfile%\Desktop -> [2008/12/01 09:39:17 | 00,000,000 | ---D | C] NTPRINT.CAT -> %SystemRoot%\System32\dllcache\NTPRINT.CAT -> [2008/12/01 09:39:16 | 01,086,058 | ---- | C] () SP2.CAT -> %SystemRoot%\System32\dllcache\SP2.CAT -> [2008/12/01 09:39:16 | 01,042,903 | ---- | C] () NT5IIS.CAT -> %SystemRoot%\System32\dllcache\NT5IIS.CAT -> [2008/12/01 09:39:16 | 00,797,189 | ---- | C] () MAPIMIG.CAT -> %SystemRoot%\System32\dllcache\MAPIMIG.CAT -> [2008/12/01 09:39:16 | 00,399,645 | ---- | C] () MW770.CAT -> %SystemRoot%\System32\dllcache\MW770.CAT -> [2008/12/01 09:39:16 | 00,037,484 | ---- | C] () FP4.CAT -> %SystemRoot%\System32\dllcache\FP4.CAT -> [2008/12/01 09:39:16 | 00,031,281 | ---- | C] () IMS.CAT -> %SystemRoot%\System32\dllcache\IMS.CAT -> [2008/12/01 09:39:16 | 00,013,753 | ---- | C] () HPCRDP.CAT -> %SystemRoot%\System32\dllcache\HPCRDP.CAT -> [2008/12/01 09:39:16 | 00,013,472 | ---- | C] () MSMSGS.CAT -> %SystemRoot%\System32\dllcache\MSMSGS.CAT -> [2008/12/01 09:39:16 | 00,009,581 | ---- | C] () IASNT4.CAT -> %SystemRoot%\System32\dllcache\IASNT4.CAT -> [2008/12/01 09:39:16 | 00,008,574 | ---- | C] () wmerrenu.cat -> %SystemRoot%\System32\dllcache\wmerrenu.cat -> [2008/12/01 09:39:16 | 00,007,334 | ---- | C] () MSTSWEB.CAT -> %SystemRoot%\System32\dllcache\MSTSWEB.CAT -> [2008/12/01 09:39:16 | 00,007,245 | ---- | C] () NT5.CAT -> %SystemRoot%\System32\dllcache\NT5.CAT -> [2008/12/01 09:39:15 | 02,012,670 | ---- | C] () NT5INF.CAT -> %SystemRoot%\System32\dllcache\NT5INF.CAT -> [2008/12/01 09:39:15 | 00,502,724 | ---- | C] () CatRoot2 -> %SystemRoot%\System32\CatRoot2 -> [2008/12/01 09:39:05 | 00,000,000 | ---D | C] CatRoot -> %SystemRoot%\System32\CatRoot -> [2008/12/01 09:39:05 | 00,000,000 | ---D | C] Microsoft -> %AllUsersProfile%\Application Data\Microsoft -> [2008/12/01 09:38:59 | 00,000,000 | --SD | C] Application Data -> %AllUsersProfile%\Application Data -> [2008/12/01 09:38:59 | 00,000,000 | RH-D | C] System Volume Information -> %SystemDrive%\System Volume Information -> [2008/12/01 09:38:36 | 00,000,000 | -HSD | C] Documents and Settings -> %SystemDrive%\Documents and Settings -> [2008/12/01 09:38:36 | 00,000,000 | ---D | C] FNTCACHE.DAT -> %SystemRoot%\System32\FNTCACHE.DAT -> [2008/12/01 09:38:35 | 00,263,024 | ---- | C] () boot.ini -> %SystemDrive%\boot.ini -> [2008/12/01 09:37:40 | 00,000,211 | RHS- | C] () $winnt$.inf -> %SystemRoot%\System32\$winnt$.inf -> [2008/12/01 09:37:37 | 00,000,263 | ---- | C] () Fonts -> %SystemRoot%\Fonts -> [2008/12/01 09:31:42 | 00,000,000 | R-SD | C] dllcache -> %SystemRoot%\System32\dllcache -> [2008/12/01 09:31:42 | 00,000,000 | RHSD | C] Web -> %SystemRoot%\Web -> [2008/12/01 09:31:42 | 00,000,000 | R--D | C] inf -> %SystemRoot%\inf -> [2008/12/01 09:31:42 | 00,000,000 | -H-D | C] WinSxS -> %SystemRoot%\WinSxS -> [2008/12/01 09:31:42 | 00,000,000 | ---D | C] wins -> %SystemRoot%\System32\wins -> [2008/12/01 09:31:42 | 00,000,000 | ---D | C] WINDOWS -> %SystemRoot% -> [2008/12/01 09:31:42 | 00,000,000 | ---D | C] wbem -> %SystemRoot%\System32\wbem -> [2008/12/01 09:31:42 | 00,000,000 | ---D | C] usmt -> %SystemRoot%\System32\usmt -> [2008/12/01 09:31:42 | 00,000,000 | ---D | C] twain_32 -> %SystemRoot%\twain_32 -> [2008/12/01 09:31:42 | 00,000,000 | ---D | C] Temp -> %SystemRoot%\Temp -> [2008/12/01 09:31:42 | 00,000,000 | ---D | C] system32 -> %SystemRoot%\system32 -> [2008/12/01 09:31:42 | 00,000,000 | ---D | C] system -> %SystemRoot%\system -> [2008/12/01 09:31:42 | 00,000,000 | ---D | C] spool -> %SystemRoot%\System32\spool -> [2008/12/01 09:31:42 | 00,000,000 | ---D | C] ShellExt -> %SystemRoot%\System32\ShellExt -> [2008/12/01 09:31:42 | 00,000,000 | ---D | C] Setup -> %SystemRoot%\System32\Setup -> [2008/12/01 09:31:42 | 00,000,000 | ---D | C] security -> %SystemRoot%\security -> [2008/12/01 09:31:42 | 00,000,000 | ---D | C] Resources -> %SystemRoot%\Resources -> [2008/12/01 09:31:42 | 00,000,000 | ---D | C] repair -> %SystemRoot%\repair -> [2008/12/01 09:31:42 | 00,000,000 | ---D | C] ras -> %SystemRoot%\System32\ras -> [2008/12/01 09:31:42 | 00,000,000 | ---D | C] Provisioning -> %SystemRoot%\Provisioning -> [2008/12/01 09:31:42 | 00,000,000 | ---D | C] PeerNet -> %SystemRoot%\PeerNet -> [2008/12/01 09:31:42 | 00,000,000 | ---D | C] pchealth -> %SystemRoot%\pchealth -> [2008/12/01 09:31:42 | 00,000,000 | ---D | C] oobe -> %SystemRoot%\System32\oobe -> [2008/12/01 09:31:42 | 00,000,000 | ---D | C] npp -> %SystemRoot%\System32\npp -> [2008/12/01 09:31:42 | 00,000,000 | ---D | C] mui -> %SystemRoot%\System32\mui -> [2008/12/01 09:31:42 | 00,000,000 | ---D | C] mui -> %SystemRoot%\mui -> [2008/12/01 09:31:42 | 00,000,000 | ---D | C] msapps -> %SystemRoot%\msapps -> [2008/12/01 09:31:42 | 00,000,000 | ---D | C] msagent -> %SystemRoot%\msagent -> [2008/12/01 09:31:42 | 00,000,000 | ---D | C] Media -> %SystemRoot%\Media -> [2008/12/01 09:31:42 | 00,000,000 | ---D | C] java -> %SystemRoot%\java -> [2008/12/01 09:31:42 | 00,000,000 | ---D | C] inetsrv -> %SystemRoot%\System32\inetsrv -> [2008/12/01 09:31:42 | 00,000,000 | ---D | C] IME -> %SystemRoot%\System32\IME -> [2008/12/01 09:31:42 | 00,000,000 | ---D | C] ime -> %SystemRoot%\ime -> [2008/12/01 09:31:42 | 00,000,000 | ---D | C] icsxml -> %SystemRoot%\System32\icsxml -> [2008/12/01 09:31:42 | 00,000,000 | ---D | C] ias -> %SystemRoot%\System32\ias -> [2008/12/01 09:31:42 | 00,000,000 | ---D | C] Help -> %SystemRoot%\Help -> [2008/12/01 09:31:42 | 00,000,000 | ---D | C] export -> %SystemRoot%\System32\export -> [2008/12/01 09:31:42 | 00,000,000 | ---D | C] etc -> %SystemRoot%\System32\drivers\etc -> [2008/12/01 09:31:42 | 00,000,000 | ---D | C] ehome -> %SystemRoot%\ehome -> [2008/12/01 09:31:42 | 00,000,000 | ---D | C] drivers -> %SystemRoot%\System32\drivers -> [2008/12/01 09:31:42 | 00,000,000 | ---D | C] Driver Cache -> %SystemRoot%\Driver Cache -> [2008/12/01 09:31:42 | 00,000,000 | ---D | C] disdn -> %SystemRoot%\System32\drivers\disdn -> [2008/12/01 09:31:42 | 00,000,000 | ---D | C] dhcp -> %SystemRoot%\System32\dhcp -> [2008/12/01 09:31:42 | 00,000,000 | ---D | C] dell -> %SystemRoot%\dell -> [2008/12/01 09:31:42 | 00,000,000 | ---D | C] Debug -> %SystemRoot%\Debug -> [2008/12/01 09:31:42 | 00,000,000 | ---D | C] Cursors -> %SystemRoot%\Cursors -> [2008/12/01 09:31:42 | 00,000,000 | ---D | C] Connection Wizard -> %SystemRoot%\Connection Wizard -> [2008/12/01 09:31:42 | 00,000,000 | ---D | C] config -> %SystemRoot%\System32\config -> [2008/12/01 09:31:42 | 00,000,000 | ---D | C] Config -> %SystemRoot%\Config -> [2008/12/01 09:31:42 | 00,000,000 | ---D | C] AppPatch -> %SystemRoot%\AppPatch -> [2008/12/01 09:31:42 | 00,000,000 | ---D | C] addins -> %SystemRoot%\addins -> [2008/12/01 09:31:42 | 00,000,000 | ---D | C] 3com_dmi -> %SystemRoot%\System32\3com_dmi -> [2008/12/01 09:31:42 | 00,000,000 | ---D | C] 3076 -> %SystemRoot%\System32\3076 -> [2008/12/01 09:31:42 | 00,000,000 | ---D | C] 2052 -> %SystemRoot%\System32\2052 -> [2008/12/01 09:31:42 | 00,000,000 | ---D | C] 1054 -> %SystemRoot%\System32\1054 -> [2008/12/01 09:31:42 | 00,000,000 | ---D | C] 1042 -> %SystemRoot%\System32\1042 -> [2008/12/01 09:31:42 | 00,000,000 | ---D | C] 1041 -> %SystemRoot%\System32\1041 -> [2008/12/01 09:31:42 | 00,000,000 | ---D | C] 1037 -> %SystemRoot%\System32\1037 -> [2008/12/01 09:31:42 | 00,000,000 | ---D | C] 1033 -> %SystemRoot%\System32\1033 -> [2008/12/01 09:31:42 | 00,000,000 | ---D | C] 1031 -> %SystemRoot%\System32\1031 -> [2008/12/01 09:31:42 | 00,000,000 | ---D | C] 1028 -> %SystemRoot%\System32\1028 -> [2008/12/01 09:31:42 | 00,000,000 | ---D | C] 1025 -> %SystemRoot%\System32\1025 -> [2008/12/01 09:31:42 | 00,000,000 | ---D | C] [Files/Folders - Modified Within 30 Days] 1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> 5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> OTScanIt2.exe -> %UserProfile%\Desktop\OTScanIt2.exe -> [2008/12/25 14:41:19 | 00,648,118 | ---- | M] () CONFIG.NT -> %SystemRoot%\System32\CONFIG.NT -> [2008/12/25 14:14:51 | 00,002,626 | ---- | M] () Perflib_Perfdata_5b8.dat -> %SystemRoot%\Temp\Perflib_Perfdata_5b8.dat -> [2008/12/25 14:14:09 | 00,016,384 | ---- | M] () SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [2008/12/25 14:14:08 | 00,000,006 | -H-- | M] () wpa.dbl -> %SystemRoot%\System32\wpa.dbl -> [2008/12/25 14:14:02 | 00,012,694 | ---- | M] () bootstat.dat -> %SystemRoot%\bootstat.dat -> [2008/12/25 14:14:01 | 00,002,048 | --S- | M] () NTUSER.DAT -> %UserProfile%\NTUSER.DAT -> [2008/12/24 02:16:36 | 01,572,864 | -H-- | M] () ntuser.ini -> %UserProfile%\ntuser.ini -> [2008/12/24 02:16:36 | 00,000,178 | -HS- | M] () IconCache.db -> %UserProfile%\Local Settings\Application Data\IconCache.db -> [2008/12/24 02:16:26 | 01,577,480 | -H-- | M] () DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> %UserProfile%\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [2008/12/24 01:48:44 | 00,031,232 | ---- | M] () LEXSTAT.INI -> %SystemRoot%\LEXSTAT.INI -> [2008/12/23 21:35:30 | 00,000,250 | ---- | M] () vtmb.ini -> %SystemRoot%\vtmb.ini -> [2008/12/23 09:23:02 | 00,000,292 | ---- | M] () avast! Antivirus.lnk -> %AllUsersProfile%\Desktop\avast! Antivirus.lnk -> [2008/12/22 02:56:03 | 00,001,709 | ---- | M] () AUTOEXEC.NT -> %SystemRoot%\System32\AUTOEXEC.NT -> [2008/12/22 02:11:27 | 00,001,688 | ---- | M] () winstart.bat -> %SystemRoot%\winstart.bat -> [2008/12/22 02:11:27 | 00,000,002 | RHS- | M] () PerfStringBackup.INI -> %SystemRoot%\System32\PerfStringBackup.INI -> [2008/12/21 23:07:05 | 00,355,944 | ---- | M] () perfh009.dat -> %SystemRoot%\System32\perfh009.dat -> [2008/12/21 23:07:05 | 00,311,604 | ---- | M] () perfc009.dat -> %SystemRoot%\System32\perfc009.dat -> [2008/12/21 23:07:05 | 00,039,992 | ---- | M] () qmgr0.dat -> %AllUsersProfile%\Application Data\Microsoft\Network\Downloader\qmgr0.dat -> [2008/12/21 23:05:33 | 00,004,232 | ---- | M] () qmgr1.dat -> %AllUsersProfile%\Application Data\Microsoft\Network\Downloader\qmgr1.dat -> [2008/12/21 23:05:32 | 00,005,486 | ---- | M] () Norton Security Scan for Adam.job -> %SystemRoot%\tasks\Norton Security Scan for Adam.job -> [2008/12/21 23:00:32 | 00,000,406 | ---- | M] () Google Updater.exe -> %UserProfile%\Desktop\Google Updater.exe -> [2008/12/21 22:57:24 | 01,034,320 | ---- | M] () Malwarebytes' Anti-Malware.lnk -> %AllUsersProfile%\Desktop\Malwarebytes' Anti-Malware.lnk -> [2008/12/21 22:52:33 | 00,000,696 | ---- | M] () mbam-setup.exe -> %UserProfile%\Desktop\mbam-setup.exe -> [2008/12/21 22:51:36 | 02,539,400 | ---- | M] (Malwarebytes Corporation ) FNTCACHE.DAT -> %SystemRoot%\System32\FNTCACHE.DAT -> [2008/12/21 21:52:19 | 00,263,024 | ---- | M] () desktop.ini -> %AllUsersProfile%\Documents\desktop.ini -> [2008/12/21 21:50:59 | 00,000,131 | -HS- | M] () GDIPFONTCACHEV1.DAT -> %UserProfile%\Local Settings\Application Data\GDIPFONTCACHEV1.DAT -> [2008/12/21 21:48:45 | 00,068,456 | ---- | M] () OneNote 2007 Screen Clipper and Launcher.lnk -> %UserProfile%\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk -> [2008/12/21 21:47:50 | 00,000,947 | ---- | M] () opa12.dat -> %AllUsersProfile%\Application Data\Microsoft\OFFICE\DATA\opa12.dat -> [2008/12/21 21:45:52 | 00,008,206 | ---- | M] () win.ini -> %SystemRoot%\win.ini -> [2008/12/21 21:40:20 | 00,000,552 | ---- | M] () MagicISO.lnk -> %UserProfile%\Desktop\MagicISO.lnk -> [2008/12/21 21:07:13 | 00,001,486 | ---- | M] () DOSBox 0.72.lnk -> %UserProfile%\Desktop\DOSBox 0.72.lnk -> [2008/12/21 15:23:00 | 00,001,659 | ---- | M] () Lexmark X5100 Series All-In-One Center.lnk -> %AllUsersProfile%\Desktop\Lexmark X5100 Series All-In-One Center.lnk -> [2008/12/21 14:54:27 | 00,000,770 | ---- | M] () autorun.inf -> %SystemDrive%\autorun.inf -> [2008/12/21 14:48:07 | 00,000,255 | RHS- | M] () CJXP5150LE.exe -> %UserProfile%\Desktop\CJXP5150LE.exe -> [2008/12/21 14:46:25 | 29,125,120 | ---- | M] () msqpdxippixvki.sys -> %SystemRoot%\System32\drivers\msqpdxippixvki.sys -> [2008/12/21 10:04:54 | 00,077,312 | ---- | M] () DAEMON Tools Lite.lnk -> %AllUsersProfile%\Desktop\DAEMON Tools Lite.lnk -> [2008/12/21 09:54:17 | 00,001,613 | ---- | M] () sptd.sys -> %SystemRoot%\System32\drivers\sptd.sys -> [2008/12/21 09:52:19 | 00,717,296 | ---- | M] () msqpdxtqptbrfw.sys -> %SystemRoot%\System32\drivers\msqpdxtqptbrfw.sys -> [2008/12/21 09:47:19 | 00,076,800 | ---- | M] () msqpdxvymovhpq.dll -> %SystemRoot%\System32\msqpdxvymovhpq.dll -> [2008/12/21 09:47:19 | 00,056,832 | ---- | M] () VLC media player.lnk -> %AllUsersProfile%\Desktop\VLC media player.lnk -> [2008/12/21 09:20:56 | 00,000,719 | ---- | M] () vlc-0.8.6d-win32.exe -> %UserProfile%\Desktop\vlc-0.8.6d-win32.exe -> [2008/12/21 09:20:19 | 09,733,451 | ---- | M] () Windows Media Player.lnk -> %UserProfile%\Desktop\Windows Media Player.lnk -> [2008/12/21 08:49:52 | 00,000,786 | ---- | M] () Adobe Reader 9.lnk -> %AllUsersProfile%\Desktop\Adobe Reader 9.lnk -> [2008/12/21 00:32:56 | 00,001,729 | ---- | M] () imsins.BAK -> %SystemRoot%\imsins.BAK -> [2008/12/20 20:10:33 | 00,001,393 | ---- | M] () War3Unin.dat -> %SystemRoot%\War3Unin.dat -> [2008/12/20 19:49:35 | 00,018,091 | ---- | M] () Warcraft III.lnk -> %UserProfile%\Desktop\Warcraft III.lnk -> [2008/12/20 19:49:35 | 00,001,612 | ---- | M] () War3Unin.exe -> %SystemRoot%\War3Unin.exe -> [2008/12/20 19:49:22 | 00,126,976 | ---- | M] (Blizzard Entertainment) War3Unin.pif -> %SystemRoot%\War3Unin.pif -> [2008/12/20 19:49:22 | 00,002,829 | ---- | M] () nsreg.dat -> %SystemRoot%\nsreg.dat -> [2008/12/20 19:34:44 | 00,000,000 | ---- | M] () Mozilla Firefox.lnk -> %AllUsersProfile%\Desktop\Mozilla Firefox.lnk -> [2008/12/20 19:34:30 | 00,001,602 | ---- | M] () Firefox Setup 3.0.5.exe -> %UserProfile%\Desktop\Firefox Setup 3.0.5.exe -> [2008/12/20 19:31:26 | 07,518,240 | ---- | M] (Mozilla) desktop.ini -> %UserProfile%\My Documents\desktop.ini -> [2008/12/20 19:07:13 | 00,000,075 | -HS- | M] () $winnt$.inf -> %SystemRoot%\System32\$winnt$.inf -> [2008/12/20 18:48:29 | 00,000,263 | ---- | M] () NTUSER.DAT -> %AllUsersProfile%\NTUSER.DAT -> [2008/12/20 18:48:28 | 00,262,144 | ---- | M] () boot.ini -> %SystemDrive%\boot.ini -> [2008/12/20 18:48:26 | 00,000,211 | RHS- | M] () wpa.bak -> %SystemRoot%\System32\wpa.bak -> [2008/12/20 18:47:46 | 00,012,636 | ---- | M] () mshtml.dll -> %SystemRoot%\System32\mshtml.dll -> [2008/12/12 09:33:23 | 03,060,224 | ---- | M] (Microsoft Corporation) mshtml.dll -> %SystemRoot%\System32\dllcache\mshtml.dll -> [2008/12/12 09:33:23 | 03,060,224 | ---- | M] (Microsoft Corporation) mbamswissarmy.sys -> %SystemRoot%\System32\drivers\mbamswissarmy.sys -> [2008/12/03 19:52:38 | 00,038,496 | ---- | M] (Malwarebytes Corporation) mbam.sys -> %SystemRoot%\System32\drivers\mbam.sys -> [2008/12/03 19:52:34 | 00,015,504 | ---- | M] (Malwarebytes Corporation) smscfg.ini -> %SystemRoot%\smscfg.ini -> [2008/12/01 18:26:05 | 00,000,061 | ---- | M] () $ncsp$.inf -> %SystemRoot%\System32\$ncsp$.inf -> [2008/12/01 18:26:03 | 00,000,333 | ---- | M] () REGLOCS.OLD -> %SystemRoot%\REGLOCS.OLD -> [2008/12/01 17:49:35 | 00,008,192 | ---- | M] () desktop.ini -> %UserProfile%\Start Menu\Programs\Startup\desktop.ini -> [2008/12/01 17:47:55 | 00,000,084 | -HS- | M] () desktop.ini -> %AllUsersProfile%\Start Menu\Programs\Startup\desktop.ini -> [2008/12/01 17:47:55 | 00,000,084 | -HS- | M] () MSDOS.SYS -> %SystemDrive%\MSDOS.SYS -> [2008/12/01 17:47:50 | 00,000,000 | RHS- | M] () IO.SYS -> %SystemDrive%\IO.SYS -> [2008/12/01 17:47:50 | 00,000,000 | RHS- | M] () control.ini -> %SystemRoot%\control.ini -> [2008/12/01 17:47:50 | 00,000,000 | ---- | M] () CONFIG.SYS -> %SystemDrive%\CONFIG.SYS -> [2008/12/01 17:47:50 | 00,000,000 | ---- | M] () AUTOEXEC.BAT -> %SystemDrive%\AUTOEXEC.BAT -> [2008/12/01 17:47:50 | 00,000,000 | ---- | M] () WMSysPr9.prx -> %SystemRoot%\WMSysPr9.prx -> [2008/12/01 17:47:47 | 00,316,640 | ---- | M] () nscompat.tlb -> %SystemRoot%\System32\nscompat.tlb -> [2008/12/01 17:47:46 | 00,023,392 | ---- | M] () amcompat.tlb -> %SystemRoot%\System32\amcompat.tlb -> [2008/12/01 17:47:46 | 00,016,832 | ---- | M] () ODBCINST.INI -> %SystemRoot%\ODBCINST.INI -> [2008/12/01 17:47:36 | 00,004,161 | ---- | M] () WindowsLogon.manifest -> %SystemRoot%\System32\WindowsLogon.manifest -> [2008/12/01 17:46:46 | 00,000,488 | RH-- | M] () logonui.exe.manifest -> %SystemRoot%\System32\logonui.exe.manifest -> [2008/12/01 17:46:46 | 00,000,488 | RH-- | M] () wuaucpl.cpl.manifest -> %SystemRoot%\System32\wuaucpl.cpl.manifest -> [2008/12/01 17:46:41 | 00,000,749 | RH-- | M] () WindowsShell.Manifest -> %SystemRoot%\WindowsShell.Manifest -> [2008/12/01 17:46:41 | 00,000,749 | RH-- | M] () sapi.cpl.manifest -> %SystemRoot%\System32\sapi.cpl.manifest -> [2008/12/01 17:46:41 | 00,000,749 | RH-- | M] () nwc.cpl.manifest -> %SystemRoot%\System32\nwc.cpl.manifest -> [2008/12/01 17:46:41 | 00,000,749 | RH-- | M] () ncpa.cpl.manifest -> %SystemRoot%\System32\ncpa.cpl.manifest -> [2008/12/01 17:46:41 | 00,000,749 | RH-- | M] () cdplayer.exe.manifest -> %SystemRoot%\System32\cdplayer.exe.manifest -> [2008/12/01 17:46:41 | 00,000,749 | RH-- | M] () emptyregdb.dat -> %SystemRoot%\System32\emptyregdb.dat -> [2008/12/01 17:44:43 | 00,021,640 | ---- | M] () vbaddin.ini -> %SystemRoot%\vbaddin.ini -> [2008/12/01 17:44:33 | 00,000,037 | ---- | M] () vb.ini -> %SystemRoot%\vb.ini -> [2008/12/01 17:44:33 | 00,000,036 | ---- | M] () system.ini -> %SystemRoot%\system.ini -> [2008/12/01 09:39:46 | 00,000,231 | ---- | M] () desktop.ini -> %AppData%\desktop.ini -> [2008/12/01 09:39:17 | 00,000,062 | -HS- | M] () desktop.ini -> %AllUsersProfile%\Application Data\desktop.ini -> [2008/12/01 09:39:17 | 00,000,062 | -HS- | M] () aswBoot.exe -> %SystemRoot%\System32\aswBoot.exe -> [2008/11/26 09:21:30 | 01,236,208 | ---- | M] (ALWIL Software) aswmon.sys -> %SystemRoot%\System32\drivers\aswmon.sys -> [2008/11/26 09:18:25 | 00,093,296 | ---- | M] (ALWIL Software) aswmon2.sys -> %SystemRoot%\System32\drivers\aswmon2.sys -> [2008/11/26 09:18:18 | 00,094,032 | ---- | M] (ALWIL Software) aswSP.sys -> %SystemRoot%\System32\drivers\aswSP.sys -> [2008/11/26 09:17:36 | 00,111,184 | ---- | M] (ALWIL Software) aswFsBlk.sys -> %SystemRoot%\System32\drivers\aswFsBlk.sys -> [2008/11/26 09:17:25 | 00,020,560 | ---- | M] (ALWIL Software) aswTdi.sys -> %SystemRoot%\System32\drivers\aswTdi.sys -> [2008/11/26 09:16:38 | 00,050,864 | ---- | M] (ALWIL Software) aswRdr.sys -> %SystemRoot%\System32\drivers\aswRdr.sys -> [2008/11/26 09:16:29 | 00,023,152 | ---- | M] (ALWIL Software) aavmker4.sys -> %SystemRoot%\System32\drivers\aavmker4.sys -> [2008/11/26 09:15:35 | 00,026,944 | ---- | M] (ALWIL Software) AvastSS.scr -> %SystemRoot%\System32\AvastSS.scr -> [2008/11/26 09:15:10 | 00,097,480 | ---- | M] (ALWIL Software) [Alternate Data Streams] @Alternate Data Stream - 104 bytes -> %AllUsersProfile%\Application Data\TEMP:DFC5A2B2 < End of report > [/code]