Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Very unusual problem [Solved]

Started by jhn-e-bee , Mar 21 2010 05:10 PM

Page 5 of 9
3
4
5
6
7

This topic is locked

#61
jhn-e-bee

Posted 24 March 2010 - 10:03 AM

Member

Topic Starter
Member
89 posts

I dont know what went wrong but i only got 1 log from OTL, there was no extras log. I have looked on my desktop where the other log is and in C:\OTL, nothing.

Should it happen like that?

Heres the first log anyway:

OTL logfile created on: 3/24/2010 3:47:17 PM - Run 3
OTL by OldTimer - Version 3.1.37.3 Folder = C:\Documents and Settings\jhn barrett\Desktop
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

251.00 Mb Total Physical Memory | 110.00 Mb Available Physical Memory | 44.00% Memory free
610.00 Mb Paging File | 437.00 Mb Available in Paging File | 72.00% Paging File free
Paging file location(s): C:\pagefile.sys 372 744 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.25 Gb Total Space | 31.82 Gb Free Space | 85.42% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 1.84 Gb Total Space | 1.74 Gb Free Space | 94.62% Space Free | Partition Type: FAT32
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: J-C4E7983211AD4
Current User Name: jhn barrett
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/03/21 23:13:24 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\jhn barrett\Desktop\OTL.exe
PRC - [2010/03/20 21:43:52 | 000,185,896 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2004/08/04 12:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2004/07/01 16:23:32 | 000,067,584 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE

========== Modules (SafeList) ==========

MOD - [2010/03/21 23:13:24 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\jhn barrett\Desktop\OTL.exe
MOD - [2004/08/04 12:00:00 | 001,050,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll

========== Win32 Services (SafeList) ==========

========== Driver Services (SafeList) ==========

DRV - [2010/03/23 20:00:03 | 000,007,168 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\utezmtyx.sys -- (utezmtyx)
DRV - [2009/10/09 22:31:10 | 000,315,408 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\4244292.sys -- (setup_9.0.0.722_23.03.2010_14-47drv)
DRV - [2009/09/25 16:59:42 | 000,128,016 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\42442921.sys -- (42442921)
DRV - [2008/01/17 16:50:34 | 000,100,864 | ---- | M] (ZTE Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV - [2008/01/17 16:50:34 | 000,100,864 | ---- | M] (ZTE Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV - [2008/01/17 16:50:34 | 000,100,864 | ---- | M] (ZTE Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
DRV - [2004/08/03 22:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2004/07/22 12:50:16 | 001,268,234 | R--- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2004/07/01 12:49:00 | 000,626,977 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2004/02/24 08:08:52 | 000,400,384 | R--- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXSENS.SYS -- (ALCXSENS)
DRV - [2001/08/17 12:10:30 | 000,035,871 | ---- | M] (Winbond Electronics Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wbfirdma.sys -- (WBFIRDMA)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.mirostart...cfg=2-73-0-E39G
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.mirostart...cfg=2-73-0-E2N5

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\K-Meleon\Extensions\\Plugins: C:\Program Files\K-Meleon\Plugins [2010/03/24 04:56:40 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\K-Meleon\Extensions\\Components: C:\Program Files\K-Meleon\Components [2010/03/20 21:59:42 | 000,000,000 | ---D | M]

O1 HOSTS File: ([2010/03/24 13:21:17 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://go.microsoft....k/?linkid=58813 (Office Genuine Advantage Validation Tool)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft....k/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/03/20 17:29:50 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2004/08/04 12:00:00 | 000,059,288 | RHS- | M] () - E:\autorun.inf -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: ias - C:\WINDOWS\system32\ias [2010/03/20 17:29:07 | 000,000,000 | ---D | M]
NetSvcs: iprip - File not found
NetSvcs: nwcworkstation - File not found
NetSvcs: nwsapagent - File not found
NetSvcs: wmi - C:\WINDOWS\system32\wmi.dll (Microsoft Corporation)
NetSvcs: wmdmpmsp - File not found

SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4b218e3e-bc98-4770-93d3-2731b9329278} - %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection MarketplaceLinkInstall 896 %systemroot%\inf\ie.inf
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - %SystemRoot%\system32\ie4uinit.exe
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {ACC563BC-4266-43f0-B6ED-9D38C4202C7E} -
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Macromedia Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (16610416650092544)

========== Files/Folders - Created Within 30 Days ==========

[2010/03/24 14:17:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jhn barrett\Desktop\gmer
[2010/03/24 13:54:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot_bak
[2010/03/24 13:19:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2010/03/24 12:48:37 | 000,000,000 | ---D | C] -- C:\_OTM
[2010/03/24 12:39:07 | 000,510,464 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\jhn barrett\Desktop\OTM.exe
[2010/03/24 06:46:26 | 000,000,000 | ---D | C] -- C:\Program Files\Participatory Culture Foundation
[2010/03/24 06:36:24 | 000,282,606 | ---- | C] (Participatory Culture Foundation) -- C:\Documents and Settings\jhn barrett\Desktop\Miro_Installer.exe
[2010/03/24 06:09:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jhn barrett\My Documents\My Videos
[2010/03/24 06:09:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jhn barrett\Application Data\Mozilla
[2010/03/24 06:08:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jhn barrett\Application Data\Participatory Culture Foundation
[2010/03/24 06:07:54 | 000,000,000 | ---D | C] -- C:\Program Files\Miro
[2010/03/24 05:00:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Adobe
[2010/03/24 04:56:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2010/03/24 04:55:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2010/03/24 04:55:46 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2010/03/24 04:49:17 | 027,386,256 | ---- | C] ( ) -- C:\Documents and Settings\jhn barrett\Desktop\AdbeRdr930_en_US.exe
[2010/03/23 18:38:30 | 000,315,408 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\4244292.sys
[2010/03/23 18:38:30 | 000,128,016 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\42442921.sys
[2010/03/23 17:29:20 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2010/03/23 15:15:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jhn barrett\DoctorWeb
[2010/03/23 15:11:53 | 068,146,672 | ---- | C] ( ) -- C:\Documents and Settings\jhn barrett\Desktop\setup_9.0.0.722_23.03.2010_14-47.exe
[2010/03/23 12:33:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jhn barrett\My Documents\LastFM downloader
[2010/03/23 12:32:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jhn barrett\My Documents\dogs2
[2010/03/23 12:30:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jhn barrett\My Documents\vids and DLs
[2010/03/23 01:36:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jhn barrett\Desktop\avenger
[2010/03/23 01:27:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun
[2010/03/23 01:24:48 | 005,115,824 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\jhn barrett\Desktop\mbam-setup.exe
[2010/03/22 20:41:36 | 000,000,000 | ---D | C] -- C:\Rooter$
[2010/03/22 18:45:47 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010/03/22 18:34:19 | 000,173,119 | ---- | C] (Eric_71) -- C:\Documents and Settings\jhn barrett\Desktop\Rooter.exe
[2010/03/22 17:18:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jhn barrett\.thumbnails
[2010/03/22 15:16:45 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010/03/22 15:16:45 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010/03/22 15:16:45 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010/03/22 15:16:45 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010/03/22 15:15:45 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010/03/22 15:13:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage
[2010/03/22 15:12:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2010/03/22 15:07:45 | 001,607,032 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\jhn barrett\Desktop\MGADiag.exe
[2010/03/22 14:23:45 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/03/22 05:46:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jhn barrett\Application Data\gtk-2.0
[2010/03/22 05:42:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jhn barrett\.gimp-2.6
[2010/03/22 05:42:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jhn barrett\My Documents\gegl-0.0
[2010/03/22 05:40:40 | 000,000,000 | ---D | C] -- C:\Program Files\GIMP-2.0
[2010/03/21 23:34:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/03/21 23:27:03 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2010/03/21 23:13:05 | 000,555,520 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\jhn barrett\Desktop\OTL.exe
[2010/03/21 23:11:20 | 000,791,393 | ---- | C] (Lars Hederer ) -- C:\Documents and Settings\jhn barrett\Desktop\erunt_setup.exe
[2010/03/21 23:11:00 | 000,444,416 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\jhn barrett\Desktop\TFC.exe
[2010/03/21 16:58:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2010/03/21 04:53:19 | 000,000,000 | ---D | C] -- C:\Program Files\Ask.com
[2010/03/21 04:53:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jhn barrett\My Documents\DVDVideoSoft
[2010/03/21 04:52:53 | 000,000,000 | ---D | C] -- C:\Program Files\DVDVideoSoft
[2010/03/21 04:52:53 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DVDVideoSoft
[2010/03/21 04:19:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jhn barrett\Application Data\Adobe
[2010/03/21 04:18:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun
[2010/03/21 04:18:11 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010/03/21 04:17:43 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deploytk.dll
[2010/03/21 04:17:43 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010/03/21 04:17:43 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010/03/21 04:17:43 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010/03/21 04:17:43 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010/03/21 04:17:21 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2010/03/21 04:16:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jhn barrett\Application Data\Sun
[2010/03/21 04:16:02 | 000,924,448 | ---- | C] (Sun Microsystems, Inc.) -- C:\Documents and Settings\jhn barrett\Desktop\jre-6u18-windows-i586-iftw-rv.exe
[2010/03/21 04:13:44 | 001,924,976 | ---- | C] (Adobe Systems Incorporated) -- C:\Documents and Settings\jhn barrett\Desktop\install_flash_player.exe
[2010/03/20 23:44:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jhn barrett\Application Data\Template
[2010/03/20 23:34:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jhn barrett\Application Data\Malwarebytes
[2010/03/20 23:34:50 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/03/20 23:34:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/03/20 23:34:48 | 000,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/03/20 23:34:48 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/03/20 23:25:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jhn barrett\Application Data\AVG8
[2010/03/20 23:25:23 | 000,891,248 | ---- | C] (AVG Technologies) -- C:\Documents and Settings\jhn barrett\Desktop\avg_free_stb_all_9_40_cnet.exe
[2010/03/20 23:02:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jhn barrett\Application Data\Macromedia
[2010/03/20 22:55:35 | 000,000,000 | --SD | C] -- C:\Documents and Settings\jhn barrett\UserData
[2010/03/20 22:28:49 | 000,887,296 | ---- | C] (Kurt Senfer) -- C:\WINDOWS\System32\KsDHTMLEDLib.ocx
[2010/03/20 22:28:48 | 000,000,000 | ---D | C] -- C:\Program Files\Evrsoft First Page 2006
[2010/03/20 22:00:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Real
[2010/03/20 21:57:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jhn barrett\Application Data\vlc
[2010/03/20 21:50:17 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2010/03/20 21:44:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared
[2010/03/20 21:44:00 | 000,185,944 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\rmoc3260.dll
[2010/03/20 21:43:54 | 000,006,656 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5016.dll
[2010/03/20 21:43:54 | 000,005,632 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5032.dll
[2010/03/20 21:43:53 | 000,278,528 | ---- | C] (Real Networks, Inc) -- C:\WINDOWS\System32\pncrt.dll
[2010/03/20 21:43:51 | 000,000,000 | ---D | C] -- C:\Program Files\Real
[2010/03/20 21:43:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Real
[2010/03/20 21:43:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jhn barrett\Application Data\Real
[2010/03/20 18:43:54 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2010/03/20 18:41:29 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works
[2010/03/20 18:38:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2010/03/20 18:32:11 | 000,100,864 | ---- | C] (ZTE Corporation) -- C:\WINDOWS\System32\drivers\ZTEusbser6k.sys
[2010/03/20 18:32:11 | 000,100,864 | ---- | C] (ZTE Corporation) -- C:\WINDOWS\System32\drivers\ZTEusbnmea.sys
[2010/03/20 18:32:11 | 000,100,864 | ---- | C] (ZTE Corporation) -- C:\WINDOWS\System32\drivers\ZTEusbmdm6k.sys
[2010/03/20 18:32:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SupportApp
[2010/03/20 18:31:58 | 000,000,000 | ---D | C] -- C:\Program Files\ZTE Mobile Connection
[2010/03/20 18:31:57 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2010/03/20 18:27:26 | 000,031,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbccgp.sys
[2010/03/20 18:27:17 | 000,000,000 | ---D | C] -- C:\Intel
[2010/03/20 18:27:16 | 000,159,744 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxres.dll
[2010/03/20 18:24:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jhn barrett\Desktop\Tunes
[2010/03/20 18:23:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jhn barrett\Desktop\installers
[2010/03/20 18:23:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jhn barrett\Local Settings\Application Data\K-Meleon
[2010/03/20 18:23:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jhn barrett\Application Data\K-Meleon
[2010/03/20 18:22:59 | 000,000,000 | ---D | C] -- C:\Program Files\K-Meleon
[2010/03/20 18:21:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jhn barrett\My Documents\whypay4it.net
[2010/03/20 18:20:51 | 000,026,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbstor.sys
[2010/03/20 18:03:01 | 001,268,234 | R--- | C] (Agere Systems) -- C:\WINDOWS\System32\drivers\AGRSM.sys
[2010/03/20 18:03:01 | 000,064,512 | R--- | C] (Agere Systems) -- C:\WINDOWS\agrsmdel.exe
[2010/03/20 18:01:29 | 000,006,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\splitter.sys
[2010/03/20 18:01:27 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wdmaud.sys
[2010/03/20 18:01:25 | 000,052,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmusic.sys
[2010/03/20 18:01:18 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swmidi.sys
[2010/03/20 18:01:16 | 000,142,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aec.sys
[2010/03/20 18:01:14 | 000,171,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kmixer.sys
[2010/03/20 18:01:13 | 000,002,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmkaud.sys
[2010/03/20 18:01:11 | 000,060,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sysaudio.sys
[2010/03/20 18:01:08 | 000,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mskssrv.sys
[2010/03/20 18:01:07 | 000,004,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspqm.sys
[2010/03/20 18:01:04 | 000,005,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspclock.sys
[2010/03/20 18:01:00 | 000,765,952 | R--- | C] (Sensaura Ltd) -- C:\WINDOWS\System\crlds3d.dll
[2010/03/20 18:01:00 | 000,065,536 | R--- | C] (Sensaura Ltd) -- C:\WINDOWS\System32\Audio3D.dll
[2010/03/20 18:01:00 | 000,065,536 | R--- | C] (Sensaura Ltd) -- C:\WINDOWS\System32\a3d.dll
[2010/03/20 18:01:00 | 000,065,536 | ---- | C] (Sensaura Ltd) -- C:\WINDOWS\System32\dllcache\a3d.dll
[2010/03/20 18:00:59 | 000,400,384 | R--- | C] (Sensaura) -- C:\WINDOWS\System32\drivers\ALCXSENS.SYS
[2010/03/20 18:00:56 | 007,509,504 | R--- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\RTLCPL.EXE
[2010/03/20 18:00:51 | 015,692,800 | R--- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\ALSNDMGR.CPL
[2010/03/20 18:00:51 | 000,067,584 | R--- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE
[2010/03/20 18:00:50 | 000,626,977 | R--- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\ALCXWDM.SYS
[2010/03/20 18:00:47 | 000,145,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\portcls.sys
[2010/03/20 18:00:47 | 000,145,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\portcls.sys
[2010/03/20 18:00:47 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksuser.dll
[2010/03/20 18:00:47 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksuser.dll
[2010/03/20 18:00:46 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksproxy.ax
[2010/03/20 18:00:46 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksproxy.ax
[2010/03/20 18:00:46 | 000,060,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmk.sys
[2010/03/20 18:00:46 | 000,060,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmk.sys
[2010/03/20 17:57:05 | 000,495,616 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\ialmgdev.dll
[2010/03/20 17:57:05 | 000,061,440 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\iAlmCoIn_v3865.dll
[2010/03/20 17:57:04 | 002,285,568 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\ialmgicd.dll
[2010/03/20 17:57:04 | 000,167,936 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrhun.lrc
[2010/03/20 17:57:04 | 000,163,840 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrtrk.lrc
[2010/03/20 17:57:04 | 000,106,496 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxext.exe
[2010/03/20 17:57:04 | 000,049,152 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\ialmrem.dll
[2010/03/20 17:57:04 | 000,036,864 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxexps.dll
[2010/03/20 17:57:03 | 000,172,032 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrell.lrc
[2010/03/20 17:57:03 | 000,167,936 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrrus.lrc
[2010/03/20 17:57:03 | 000,167,936 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrptg.lrc
[2010/03/20 17:57:03 | 000,167,936 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrptb.lrc
[2010/03/20 17:57:03 | 000,167,936 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrplk.lrc
[2010/03/20 17:57:03 | 000,167,936 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrnld.lrc
[2010/03/20 17:57:03 | 000,167,936 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrita.lrc
[2010/03/20 17:57:03 | 000,167,936 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrfrc.lrc
[2010/03/20 17:57:03 | 000,167,936 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrfra.lrc
[2010/03/20 17:57:03 | 000,163,840 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrtha.lrc
[2010/03/20 17:57:03 | 000,163,840 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrsve.lrc
[2010/03/20 17:57:03 | 000,163,840 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrnor.lrc
[2010/03/20 17:57:03 | 000,163,840 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrcsy.lrc
[2010/03/20 17:57:03 | 000,159,744 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrkor.lrc
[2010/03/20 17:57:03 | 000,159,744 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrjpn.lrc
[2010/03/20 17:57:03 | 000,159,744 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrheb.lrc
[2010/03/20 17:57:02 | 000,172,032 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxresp.lrc
[2010/03/20 17:57:02 | 000,163,840 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrfin.lrc
[2010/03/20 17:57:02 | 000,163,840 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrdeu.lrc
[2010/03/20 17:57:02 | 000,163,840 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrdan.lrc
[2010/03/20 17:57:02 | 000,159,744 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxreng.lrc
[2010/03/20 17:57:02 | 000,159,744 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrcht.lrc
[2010/03/20 17:57:02 | 000,159,744 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrchs.lrc
[2010/03/20 17:57:02 | 000,159,744 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrarb.lrc
[2010/03/20 17:57:02 | 000,159,744 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrara.lrc
[2010/03/20 17:57:00 | 001,097,728 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxress.dll
[2010/03/20 17:57:00 | 000,159,744 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrenu.lrc
[2010/03/20 17:57:00 | 000,151,552 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxdiag.exe
[2010/03/20 17:57:00 | 000,139,264 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxdev.dll
[2010/03/20 17:57:00 | 000,126,976 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxhk.dll
[2010/03/20 17:57:00 | 000,114,688 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxzoom.exe
[2010/03/20 17:57:00 | 000,086,016 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxdo.dll
[2010/03/20 17:57:00 | 000,045,056 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxdgps.dll
[2010/03/20 17:56:59 | 000,487,424 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxcfg.exe
[2010/03/20 17:56:59 | 000,225,280 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxpph.dll
[2010/03/20 17:56:59 | 000,221,184 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxeud.dll
[2010/03/20 17:56:59 | 000,094,208 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxcpl.cpl
[2010/03/20 17:56:58 | 000,748,091 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\ialmdd5.dll
[2010/03/20 17:56:58 | 000,344,064 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxsrvc.dll
[2010/03/20 17:56:58 | 000,151,259 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\ialmdev5.dll
[2010/03/20 17:56:58 | 000,118,784 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\hccutils.dll
[2010/03/20 17:56:58 | 000,099,388 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\ialmdnt5.dll
[2010/03/20 17:56:58 | 000,069,632 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\oemdspif.dll
[2010/03/20 17:56:57 | 000,037,951 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\ialmrnt5.dll
[2010/03/20 17:52:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[2010/03/20 17:36:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jhn barrett\Application Data\Identities
[2010/03/20 17:36:55 | 000,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
[2010/03/20 17:36:51 | 000,000,000 | R--D | C] -- C:\Documents and Settings\jhn barrett\My Documents\My Music
[2010/03/20 17:36:50 | 000,000,000 | R--D | C] -- C:\Documents and Settings\jhn barrett\My Documents\My Pictures
[2010/03/20 17:36:47 | 000,000,000 | --SD | C] -- C:\Documents and Settings\jhn barrett\Application Data\Microsoft
[2010/03/20 17:36:47 | 000,000,000 | --SD | C] -- C:\Documents and Settings\jhn barrett\Cookies
[2010/03/20 17:36:47 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\jhn barrett\SendTo
[2010/03/20 17:36:47 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\jhn barrett\Recent
[2010/03/20 17:36:47 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\jhn barrett\Application Data
[2010/03/20 17:36:47 | 000,000,000 | R--D | C] -- C:\Documents and Settings\jhn barrett\Start Menu
[2010/03/20 17:36:47 | 000,000,000 | R--D | C] -- C:\Documents and Settings\jhn barrett\My Documents
[2010/03/20 17:36:47 | 000,000,000 | R--D | C] -- C:\Documents and Settings\jhn barrett\Favorites
[2010/03/20 17:36:47 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\jhn barrett\Templates
[2010/03/20 17:36:47 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\jhn barrett\PrintHood
[2010/03/20 17:36:47 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\jhn barrett\NetHood
[2010/03/20 17:36:47 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\jhn barrett\Local Settings
[2010/03/20 17:36:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Microsoft
[2010/03/20 17:36:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jhn barrett\Desktop
[2010/03/20 17:34:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2010/03/20 17:34:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2010/03/20 17:34:52 | 000,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft
[2010/03/20 17:34:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2010/03/20 17:34:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2010/03/20 17:32:43 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winzm.ime
[2010/03/20 17:32:43 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winsp.ime
[2010/03/20 17:32:42 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winpy.ime
[2010/03/20 17:32:42 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wingb.ime
[2010/03/20 17:32:42 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winime.ime
[2010/03/20 17:32:41 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winar30.ime
[2010/03/20 17:32:40 | 000,041,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.dll
[2010/03/20 17:32:40 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.sys
[2010/03/20 17:32:38 | 000,048,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32.dll
[2010/03/20 17:32:37 | 000,426,041 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicepad.dll
[2010/03/20 17:32:37 | 000,086,073 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicesub.dll
[2010/03/20 17:32:35 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniime.dll
[2010/03/20 17:32:35 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unicdime.ime
[2010/03/20 17:32:34 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe
[2010/03/20 17:32:33 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintsetp.exe
[2010/03/20 17:32:33 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmigrate.dll
[2010/03/20 17:32:32 | 000,571,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlgnt.ime
[2010/03/20 17:32:32 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\thawbrkr.dll
[2010/03/20 17:32:32 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlphr.exe
[2010/03/20 17:32:31 | 000,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdipx.sys
[2010/03/20 17:32:31 | 000,019,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdspx.sys
[2010/03/20 17:32:31 | 000,013,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdasync.sys
[2010/03/20 17:32:28 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusbusd.dll
[2010/03/20 17:32:26 | 000,143,422 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\softkey.dll
[2010/03/20 17:32:25 | 000,358,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpincl.dll
[2010/03/20 17:32:25 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpcl.dll
[2010/03/20 17:32:25 | 000,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpsmir.dll
[2010/03/20 17:32:25 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpthrd.dll
[2010/03/20 17:32:25 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpstup.dll
[2010/03/20 17:32:25 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmptrap.exe
[2010/03/20 17:32:25 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll
[2010/03/20 17:32:25 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpmib.dll
[2010/03/20 17:32:24 | 000,456,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpsvc.dll
[2010/03/20 17:32:24 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmp.exe
[2010/03/20 17:32:24 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll
[2010/03/20 17:32:24 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smimsgif.dll
[2010/03/20 17:32:24 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsy.dll
[2010/03/20 17:32:23 | 000,236,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smi2smir.exe
[2010/03/20 17:32:23 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm9aw.dll
[2010/03/20 17:32:23 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb6w.dll
[2010/03/20 17:32:23 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma3w.dll
[2010/03/20 17:32:23 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm93w.dll
[2010/03/20 17:32:23 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm92w.dll
[2010/03/20 17:32:23 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsm.dll
[2010/03/20 17:32:22 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm87w.dll
[2010/03/20 17:32:22 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm81w.dll
[2010/03/20 17:32:22 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8cw.dll
[2010/03/20 17:32:22 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm90w.dll
[2010/03/20 17:32:22 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8dw.dll
[2010/03/20 17:32:22 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8aw.dll
[2010/03/20 17:32:22 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm89w.dll
[2010/03/20 17:32:22 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm59w.dll
[2010/03/20 17:32:22 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\simptcp.dll
[2010/03/20 17:32:17 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seos.dll
[2010/03/20 17:32:16 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_scripto.dll
[2010/03/20 17:32:15 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2010/03/20 17:32:15 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2010/03/20 17:32:14 | 000,026,624 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll
[2010/03/20 17:32:14 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rw001ext.dll
[2010/03/20 17:32:13 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\romanime.ime
[2010/03/20 17:32:12 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe
[2010/03/20 17:32:12 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe
[2010/03/20 17:32:10 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quick.ime
[2010/03/20 17:32:10 | 000,020,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ramdisk.sys
[2010/03/20 17:32:10 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quser.exe
[2010/03/20 17:32:09 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe
[2010/03/20 17:32:07 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxviceo.dll
[2010/03/20 17:32:07 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlphr.exe
[2010/03/20 17:32:07 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmigrate.dll
[2010/03/20 17:32:07 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxmcro.dll
[2010/03/20 17:32:07 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxgl.dll
[2010/03/20 17:32:06 | 000,482,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlgnt.ime
[2010/03/20 17:32:06 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phon.ime
[2010/03/20 17:32:06 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlcsd.dll
[2010/03/20 17:32:05 | 000,036,927 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs411.dll
[2010/03/20 17:32:05 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs404.dll
[2010/03/20 17:32:05 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs804.dll
[2010/03/20 17:32:05 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs412.dll
[2010/03/20 17:32:02 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll
[2010/03/20 17:31:57 | 000,229,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\multibox.dll
[2010/03/20 17:31:57 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtstocom.exe
[2010/03/20 17:31:53 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msiregmv.exe
[2010/03/20 17:31:52 | 001,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.lex
[2010/03/20 17:31:52 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.dll
[2010/03/20 17:31:42 | 000,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.sys
[2010/03/20 17:31:42 | 000,092,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.dll
[2010/03/20 17:31:42 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migregdb.exe
[2010/03/20 17:31:40 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll
[2010/03/20 17:31:39 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lpdsvc.dll
[2010/03/20 17:31:39 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lprmon.dll
[2010/03/20 17:31:38 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lmmib2.dll
[2010/03/20 17:31:37 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\korwbrkr.dll
[2010/03/20 17:31:36 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth3.dll
[2010/03/20 17:31:36 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth2.dll
[2010/03/20 17:31:36 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdvntc.dll
[2010/03/20 17:31:36 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdusa.dll
[2010/03/20 17:31:36 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdurdu.dll
[2010/03/20 17:31:36 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth1.dll
[2010/03/20 17:31:36 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth0.dll
[2010/03/20 17:31:36 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr2.dll
[2010/03/20 17:31:36 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr1.dll
[2010/03/20 17:31:35 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecat.dll
[2010/03/20 17:31:35 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecnt.dll
[2010/03/20 17:31:35 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnec95.dll
[2010/03/20 17:31:35 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41a.dll
[2010/03/20 17:31:35 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41j.dll
[2010/03/20 17:31:34 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdibm02.dll
[2010/03/20 17:31:34 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinpun.dll
[2010/03/20 17:31:34 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintel.dll
[2010/03/20 17:31:34 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintam.dll
[2010/03/20 17:31:34 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinmar.dll
[2010/03/20 17:31:34 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinkan.dll
[2010/03/20 17:31:34 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinhin.dll
[2010/03/20 17:31:34 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinguj.dll
[2010/03/20 17:31:34 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdindev.dll
[2010/03/20 17:31:34 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdheb.dll
[2010/03/20 17:31:33 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdax2.dll
[2010/03/20 17:31:33 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdfa.dll
[2010/03/20 17:31:33 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv2.dll
[2010/03/20 17:31:33 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv1.dll
[2010/03/20 17:31:33 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgeo.dll
[2010/03/20 17:31:33 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarmw.dll
[2010/03/20 17:31:33 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarme.dll
[2010/03/20 17:31:32 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jupiw.dll
[2010/03/20 17:31:32 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd106n.dll
[2010/03/20 17:31:32 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101a.dll
[2010/03/20 17:31:32 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101.dll
[2010/03/20 17:31:32 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda3.dll
[2010/03/20 17:31:32 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda2.dll
[2010/03/20 17:31:32 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda1.dll
[2010/03/20 17:31:31 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iprip.dll
[2010/03/20 17:31:29 | 000,471,102 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskdic.dll
[2010/03/20 17:31:29 | 000,315,452 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskf.dll
[2010/03/20 17:31:29 | 000,274,489 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputyc.dll
[2010/03/20 17:31:29 | 000,102,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imlang.dll
[2010/03/20 17:31:29 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imkrinst.exe
[2010/03/20 17:31:28 | 000,233,527 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjprw.exe
[2010/03/20 17:31:28 | 000,208,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpmig.exe
[2010/03/20 17:31:28 | 000,045,109 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpuex.exe
[2010/03/20 17:31:27 | 000,716,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcus.dll
[2010/03/20 17:31:27 | 000,368,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcic.dll
[2010/03/20 17:31:27 | 000,307,257 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.exe
[2010/03/20 17:31:27 | 000,155,705 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdsvr.exe
[2010/03/20 17:31:27 | 000,081,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.dll
[2010/03/20 17:31:27 | 000,057,398 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdadm.exe
[2010/03/20 17:31:26 | 000,811,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81k.dll
[2010/03/20 17:31:26 | 000,340,023 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81.ime
[2010/03/20 17:31:26 | 000,311,359 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsv.exe
[2010/03/20 17:31:26 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrcic.dll
[2010/03/20 17:31:26 | 000,102,463 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsm.dll
[2010/03/20 17:31:26 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekr61.ime
[2010/03/20 17:31:26 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmbx.dll
[2010/03/20 17:31:26 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmig.exe
[2010/03/20 17:31:21 | 010,129,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxkor.dll
[2010/03/20 17:31:14 | 010,096,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxcht.dll
[2010/03/20 17:31:13 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hostmib.dll
[2010/03/20 17:31:12 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hanjadic.dll
[2010/03/20 17:31:11 | 000,400,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsxp32.dll
[2010/03/20 17:31:11 | 000,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxstiff.dll
[2010/03/20 17:31:11 | 000,192,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxswzrd.dll
[2010/03/20 17:31:11 | 000,154,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsui.dll
[2010/03/20 17:31:10 | 000,562,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsst.dll
[2010/03/20 17:31:10 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssvc.exe
[2010/03/20 17:31:10 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxst30.dll
[2010/03/20 17:31:10 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsevent.dll
[2010/03/20 17:31:10 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsroute.dll
[2010/03/20 17:31:10 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsmon.dll
[2010/03/20 17:31:10 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsext32.dll
[2010/03/20 17:31:10 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssend.exe
[2010/03/20 17:31:10 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsperf.dll
[2010/03/20 17:31:10 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsres.dll
[2010/03/20 17:31:09 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsapi.dll
[2010/03/20 17:31:09 | 000,285,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscomex.dll
[2010/03/20 17:31:09 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscover.exe
[2010/03/20 17:31:09 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclnt.exe
[2010/03/20 17:31:09 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclntr.dll
[2010/03/20 17:31:09 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscfgwz.dll
[2010/03/20 17:31:09 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscom.dll
[2010/03/20 17:31:09 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsdrv.dll
[2010/03/20 17:31:08 | 000,020,541 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmdll.dll
[2010/03/20 17:31:08 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftlx041e.dll
[2010/03/20 17:31:07 | 000,618,605 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4autl.dll
[2010/03/20 17:31:07 | 000,024,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmcgi.exe
[2010/03/20 17:31:06 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe
[2010/03/20 17:31:05 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntwin.exe
[2010/03/20 17:31:05 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll
[2010/03/20 17:31:05 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\f3ahvoas.dll
[2010/03/20 17:31:04 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntagnt.dll
[2010/03/20 17:31:04 | 000,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll
[2010/03/20 17:31:04 | 000,045,056 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll
[2010/03/20 17:31:04 | 000,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll
[2010/03/20 17:31:04 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\et4000.sys
[2010/03/20 17:31:04 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntcmd.exe
[2010/03/20 17:31:03 | 000,514,587 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\edb500.dll
[2010/03/20 17:30:54 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dayi.ime
[2010/03/20 17:30:52 | 000,057,399 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cplexe.exe
[2010/03/20 17:30:52 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cprofile.exe
[2010/03/20 17:30:49 | 000,480,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintsetp.exe
[2010/03/20 17:30:49 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintlgnt.ime
[2010/03/20 17:30:48 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintime.dll
[2010/03/20 17:30:48 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtmbx.dll
[2010/03/20 17:30:48 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtskdic.dll
[2010/03/20 17:30:47 | 001,677,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chsbrkr.dll
[2010/03/20 17:30:47 | 000,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtbrkr.dll
[2010/03/20 17:30:46 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chajei.ime
[2010/03/20 17:30:46 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgport.exe
[2010/03/20 17:30:46 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgusr.exe
[2010/03/20 17:30:46 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chglogon.exe
[2010/03/20 17:30:46 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\change.exe
[2010/03/20 17:30:44 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2010/03/20 17:30:44 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_iscii.dll
[2010/03/20 17:30:43 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_g18030.dll
[2010/03/20 17:30:43 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_is2022.dll
[2010/03/20 17:30:33 | 000,331,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aqueue.dll
[2010/03/20 17:30:33 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll
[2010/03/20 17:30:33 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0804.dll
[2010/03/20 17:30:32 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0412.dll
[2010/03/20 17:30:32 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0411.dll
[2010/03/20 17:30:32 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt040d.dll
[2010/03/20 17:30:32 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0404.dll
[2010/03/20 17:30:32 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0401.dll
[2010/03/20 17:30:31 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll
[2010/03/20 17:30:23 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptsat.dll
[2010/03/20 17:30:22 | 000,032,827 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptest.exe
[2010/03/20 17:30:22 | 000,020,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.dll
[2010/03/20 17:30:22 | 000,016,437 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.exe
[2010/03/20 17:30:16 | 000,598,071 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmc.dll
[2010/03/20 17:30:16 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmcsat.dll
[2010/03/20 17:30:16 | 000,020,538 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpremadm.exe
[2010/03/20 17:30:15 | 000,876,653 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4awel.dll
[2010/03/20 17:30:15 | 000,188,494 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpcount.exe
[2010/03/20 17:30:15 | 000,109,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98swin.exe
[2010/03/20 17:30:15 | 000,049,212 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4awebs.dll
[2010/03/20 17:30:15 | 000,020,541 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpexedll.dll
[2010/03/20 17:30:15 | 000,014,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98sadm.exe
[2010/03/20 17:30:14 | 000,184,435 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4amsft.dll
[2010/03/20 17:30:14 | 000,147,513 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4apws.dll
[2010/03/20 17:30:14 | 000,102,509 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4atxt.dll
[2010/03/20 17:30:14 | 000,082,035 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4anscp.dll
[2010/03/20 17:30:14 | 000,049,210 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4areg.dll
[2010/03/20 17:30:14 | 000,041,020 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4avnb.dll
[2010/03/20 17:30:14 | 000,032,826 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4avss.dll
[2010/03/20 17:30:13 | 000,188,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cfgwiz.exe
[2010/03/20 17:30:13 | 000,016,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.exe
[2010/03/20 17:30:12 | 000,020,540 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.dll
[2010/03/20 17:30:12 | 000,016,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.exe
[2010/03/20 17:30:08 | 000,020,540 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.dll
[2010/03/20 17:30:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom
[2010/03/20 17:30:04 | 000,000,000 | ---D | C] -- C:\Program Files\xerox
[2010/03/20 17:30:04 | 000,000,000 | ---D | C] -- C:\Program Files\microsoft frontpage
[2010/03/20 17:29:43 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2010/03/20 17:29:43 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2010/03/20 17:29:28 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mapi32.dll
[2010/03/20 17:28:31 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\DRM
[2010/03/20 17:28:17 | 000,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages
[2010/03/20 17:28:16 | 000,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files
[2010/03/20 17:28:00 | 000,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate
[2010/03/20 17:27:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX
[2010/03/20 17:27:14 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoobe.exe
[2010/03/20 17:27:13 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\notiflag.exe
[2010/03/20 17:27:13 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atrace.dll
[2010/03/20 17:27:13 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\atrace.dll
[2010/03/20 17:27:12 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helphost.exe
[2010/03/20 17:27:12 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\brpinfo.dll
[2010/03/20 17:27:12 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hcappres.dll
[2010/03/20 17:27:04 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srdiag.exe
[2010/03/20 17:27:03 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wb32.exe
[2010/03/20 17:27:03 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmevtmsg.dll
[2010/03/20 17:27:03 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmevtmsg.dll
[2010/03/20 17:27:03 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cb32.exe
[2010/03/20 17:27:02 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\acctres.dll
[2010/03/20 17:27:02 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\acctres.dll
[2010/03/20 17:27:02 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msinfo32.exe
[2010/03/20 17:27:01 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Services
[2010/03/20 17:26:59 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwres.dll
[2010/03/20 17:26:59 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trialoc.dll
[2010/03/20 17:26:59 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icfgnt5.dll
[2010/03/20 17:26:59 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icfgnt5.dll
[2010/03/20 17:26:59 | 000,000,000 | --SD | C] -- C:\WINDOWS\Tasks
[2010/03/20 17:26:58 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssoap1.dll
[2010/03/20 17:26:58 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwtutor.exe
[2010/03/20 17:26:58 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wisc10.dll
[2010/03/20 17:26:58 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssoapr.dll
[2010/03/20 17:26:58 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isignup.exe
[2010/03/20 17:26:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap
[2010/03/20 17:26:57 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieinfo5.ocx
[2010/03/20 17:26:55 | 000,725,566 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srchui.dll
[2010/03/20 17:26:55 | 000,058,434 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srchctls.dll
[2010/03/20 17:26:54 | 003,166,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msgr3en.dll
[2010/03/20 17:26:54 | 000,848,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vgx.dll
[2010/03/20 17:26:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\srchasst
[2010/03/20 17:26:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed
[2010/03/20 17:26:52 | 000,774,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setup_wm.exe
[2010/03/20 17:26:52 | 000,368,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpvis.dll
[2010/03/20 17:26:52 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpns.dll
[2010/03/20 17:26:52 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpband.dll
[2010/03/20 17:26:51 | 000,786,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migrate.exe
[2010/03/20 17:26:51 | 000,364,544 | ---- | C] (Microsoft Corporation (written by Digital Renaissance Inc.)) -- C:\WINDOWS\System32\dllcache\npdsplay.dll
[2010/03/20 17:26:51 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npdrmv2.dll
[2010/03/20 17:26:51 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmplayer.exe
[2010/03/20 17:26:51 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\custsat.dll
[2010/03/20 17:26:51 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npwmsdrm.dll
[2010/03/20 17:26:50 | 001,929,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaueng.dll
[2010/03/20 17:26:50 | 000,327,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll
[2010/03/20 17:26:50 | 000,327,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wucltui.dll
[2010/03/20 17:26:50 | 000,209,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuweb.dll
[2010/03/20 17:26:50 | 000,183,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng1.dll
[2010/03/20 17:26:50 | 000,183,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaueng1.dll
[2010/03/20 17:26:50 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauserv.dll
[2010/03/20 17:26:49 | 000,575,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll
[2010/03/20 17:26:49 | 000,575,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuapi.dll
[2010/03/20 17:26:49 | 000,382,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qmgr.dll
[2010/03/20 17:26:49 | 000,217,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaucpl.cpl
[2010/03/20 17:26:49 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauclt1.exe
[2010/03/20 17:26:49 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauclt1.exe
[2010/03/20 17:26:49 | 000,053,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauclt.exe
[2010/03/20 17:26:49 | 000,035,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wups.dll
[2010/03/20 17:26:49 | 000,035,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wups.dll
[2010/03/20 17:26:49 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qmgrprxy.dll
[2010/03/20 17:26:49 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qmgrprxy.dll
[2010/03/20 17:26:49 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bitsprx2.dll
[2010/03/20 17:26:49 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx2.dll
[2010/03/20 17:26:49 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bitsprx3.dll
[2010/03/20 17:26:49 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx3.dll
[2010/03/20 17:26:47 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2res2.dll
[2010/03/20 17:26:47 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2eres.dll
[2010/03/20 17:26:46 | 004,256,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2res.dll
[2010/03/20 17:26:46 | 000,502,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2fxa.dll
[2010/03/20 17:26:46 | 000,402,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2filt.dll
[2010/03/20 17:26:46 | 000,325,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2fxb.dll
[2010/03/20 17:26:46 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2ae.dll
[2010/03/20 17:26:46 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2ext.dll
[2010/03/20 17:26:45 | 003,555,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\moviemk.exe
[2010/03/20 17:26:45 | 000,000,000 | ---D | C] -- C:\Program Files\Movie Maker
[2010/03/20 17:26:44 | 000,561,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobmain.dll
[2010/03/20 17:26:44 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobshel.dll
[2010/03/20 17:26:44 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobdl.dll
[2010/03/20 17:26:43 | 000,122,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobcomm.dll
[2010/03/20 17:26:43 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oobebaln.exe
[2010/03/20 17:26:43 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobweb.dll
[2010/03/20 17:26:41 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uploadm.exe
[2010/03/20 17:26:41 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrslv.dll
[2010/03/20 17:26:41 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\safrslv.dll
[2010/03/20 17:26:41 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrcdlg.dll
[2010/03/20 17:26:41 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\safrcdlg.dll
[2010/03/20 17:26:41 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\racpldlg.dll
[2010/03/20 17:26:41 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\racpldlg.dll
[2010/03/20 17:26:41 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrdm.dll
[2010/03/20 17:26:41 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\safrdm.dll
[2010/03/20 17:26:40 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pchshell.dll
[2010/03/20 17:26:40 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pchsvc.dll
[2010/03/20 17:26:39 | 000,743,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe
[2010/03/20 17:26:39 | 000,158,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msconfig.exe
[2010/03/20 17:26:39 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hscupd.exe
[2010/03/20 17:26:38 | 000,768,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpctr.exe
[2010/03/20 17:26:38 | 000,124,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fltmgr.sys
[2010/03/20 17:26:38 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fltMc.exe
[2010/03/20 17:26:38 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fltmc.exe
[2010/03/20 17:26:38 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fltlib.dll
[2010/03/20 17:26:37 | 000,380,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rstrui.exe
[2010/03/20 17:26:37 | 000,239,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srrstr.dll
[2010/03/20 17:26:37 | 000,239,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srrstr.dll
[2010/03/20 17:26:37 | 000,170,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srsvc.dll
[2010/03/20 17:26:37 | 000,073,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sr.sys
[2010/03/20 17:26:37 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srclient.dll
[2010/03/20 17:26:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore
[2010/03/20 17:26:36 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ils.dll
[2010/03/20 17:26:36 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ils.dll
[2010/03/20 17:26:36 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msconf.dll
[2010/03/20 17:26:36 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msconf.dll
[2010/03/20 17:26:36 | 000,034,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mnmdd.dll
[2010/03/20 17:26:36 | 000,034,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mnmdd.dll
[2010/03/20 17:26:36 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mnmsrvc.exe
[2010/03/20 17:26:36 | 000,032,768 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\isrdbg32.dll
[2010/03/20 17:26:36 | 000,032,768 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\isrdbg32.dll
[2010/03/20 17:26:36 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmmkcert.dll
[2010/03/20 17:26:36 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmmkcert.dll
[2010/03/20 17:26:35 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\callcont.dll
[2010/03/20 17:26:35 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmas.dll
[2010/03/20 17:26:35 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rrcm.dll
[2010/03/20 17:26:35 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\h323cc.dll
[2010/03/20 17:26:35 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dcap32.dll
[2010/03/20 17:26:35 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmasnt.dll
[2010/03/20 17:26:34 | 000,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mst120.dll
[2010/03/20 17:26:34 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nac.dll
[2010/03/20 17:26:34 | 000,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmwb.dll
[2010/03/20 17:26:34 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmft.dll
[2010/03/20 17:26:34 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmchat.dll
[2010/03/20 17:26:34 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmcom.dll
[2010/03/20 17:26:34 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mst123.dll
[2010/03/20 17:26:34 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\confmrsl.dll
[2010/03/20 17:26:33 | 001,032,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\conf.exe
[2010/03/20 17:26:33 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoeacct.dll
[2010/03/20 17:26:33 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoeacct.dll
[2010/03/20 17:26:33 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmoldwb.dll
[2010/03/20 17:26:33 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoert2.dll
[2010/03/20 17:26:33 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoert2.dll
[2010/03/20 17:26:33 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab.exe
[2010/03/20 17:26:33 | 000,000,000 | ---D | C] -- C:\Program Files\NetMeeting
[2010/03/20 17:26:32 | 000,504,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab32.dll
[2010/03/20 17:26:32 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab32res.dll
[2010/03/20 17:26:32 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wabimp.dll
[2010/03/20 17:26:32 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\directdb.dll
[2010/03/20 17:26:32 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetres.dll
[2010/03/20 17:26:32 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetres.dll
[2010/03/20 17:26:32 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wabfind.dll
[2010/03/20 17:26:32 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wabmig.exe
[2010/03/20 17:26:31 | 000,678,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcomm.dll
[2010/03/20 17:26:31 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oeimport.dll
[2010/03/20 17:26:31 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msimn.exe
[2010/03/20 17:26:30 | 002,479,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoeres.dll
[2010/03/20 17:26:30 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oemig50.exe
[2010/03/20 17:26:30 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oemiglib.dll
[2010/03/20 17:26:29 | 000,274,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstask.dll
[2010/03/20 17:26:29 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\schedsvc.dll
[2010/03/20 17:26:29 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setup50.exe
[2010/03/20 17:26:29 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstinit.exe
[2010/03/20 17:26:29 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstinit.exe
[2010/03/20 17:26:29 | 000,000,000 | ---D | C] -- C:\Program Files\Outlook Express
[2010/03/20 17:26:28 | 000,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcfg.dll
[2010/03/20 17:26:28 | 000,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcfg.dll
[2010/03/20 17:26:28 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\isign32.dll
[2010/03/20 17:26:28 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isign32.dll
[2010/03/20 17:26:28 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwdial.dll
[2010/03/20 17:26:28 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwdial.dll
[2010/03/20 17:26:28 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwphbk.dll
[2010/03/20 17:26:28 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwphbk.dll
[2010/03/20 17:26:27 | 000,561,179 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dao360.dll
[2010/03/20 17:26:27 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwconn1.exe
[2010/03/20 17:26:27 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwhelp.dll
[2010/03/20 17:26:27 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwconn2.exe
[2010/03/20 17:26:27 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwconn.dll
[2010/03/20 17:26:27 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwutil.dll
[2010/03/20 17:26:27 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwdl.dll
[2010/03/20 17:26:27 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwrmind.exe
[2010/03/20 17:26:27 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetwiz.exe
[2010/03/20 17:26:26 | 000,487,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oledb32.dll
[2010/03/20 17:26:26 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sqlxmlx.dll
[2010/03/20 17:26:26 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdatl3.dll
[2010/03/20 17:26:26 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oledb32r.dll
[2010/03/20 17:26:25 | 000,315,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdasql.dll
[2010/03/20 17:26:25 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaora.dll
[2010/03/20 17:26:25 | 000,204,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaps.dll
[2010/03/20 17:26:25 | 000,200,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadox.dll
[2010/03/20 17:26:25 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msjro.dll
[2010/03/20 17:26:25 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaosp.dll
[2010/03/20 17:26:25 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadrh15.dll
[2010/03/20 17:26:25 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxactps.dll
[2010/03/20 17:26:25 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdatt.dll
[2010/03/20 17:26:25 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdasqlr.dll
[2010/03/20 17:26:25 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaorar.dll
[2010/03/20 17:26:25 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaurl.dll
[2010/03/20 17:26:25 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdasc.dll
[2010/03/20 17:26:25 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaer.dll
[2010/03/20 17:26:25 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaenum.dll
[2010/03/20 17:26:25 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdadc.dll
[2010/03/20 17:26:24 | 000,536,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado15.dll
[2010/03/20 17:26:24 | 000,200,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaprst.dll
[2010/03/20 17:26:24 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadomd.dll
[2010/03/20 17:26:24 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdarem.dll
[2010/03/20 17:26:24 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado27.tlb
[2010/03/20 17:26:24 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado26.tlb
[2010/03/20 17:26:24 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado25.tlb
[2010/03/20 17:26:24 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado21.tlb
[2010/03/20 17:26:24 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado20.tlb
[2010/03/20 17:26:24 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msador15.dll
[2010/03/20 17:26:24 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdfmap.dll
[2010/03/20 17:26:24 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msader15.dll
[2010/03/20 17:26:24 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaremr.dll
[2010/03/20 17:26:24 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaprsr.dll
[2010/03/20 17:26:23 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadce.dll
[2010/03/20 17:26:23 | 000,155,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadds.dll
[2010/03/20 17:26:23 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadco.dll
[2010/03/20 17:26:23 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcf.dll
[2010/03/20 17:26:23 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcs.dll
[2010/03/20 17:26:23 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msaddsr.dll
[2010/03/20 17:26:23 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcer.dll
[2010/03/20 17:26:23 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcor.dll
[2010/03/20 17:26:23 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcfr.dll
[2010/03/20 17:26:23 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\System
[2010/03/20 17:26:20 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iexplore.exe
[2010/03/20 17:26:20 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hmmapi.dll
[2010/03/20 17:26:20 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedw.exe
[2010/03/20 17:26:17 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Explorer
[2010/03/20 17:26:14 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Pictures
[2010/03/20 17:25:58 | 000,000,000 | ---D | C] -- C:\Program Files\ComPlus Applications
[2010/03/20 17:25:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\Registration
[2010/03/20 17:25:08 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Music
[2010/03/20 17:25:08 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Player
[2010/03/20 17:25:08 | 000,000,000 | ---D | C] -- C:\Program Files\Online Services
[2010/03/20 17:25:01 | 000,000,000 | ---D | C] -- C:\Program Files\Messenger
[2010/03/20 17:25:00 | 001,817,687 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgres.dll
[2010/03/20 17:25:00 | 000,753,236 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvseres.dll
[2010/03/20 17:25:00 | 000,082,501 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckg.dll
[2010/03/20 17:25:00 | 000,048,706 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvse.dll
[2010/03/20 17:25:00 | 000,042,577 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgzm.exe
[2010/03/20 17:25:00 | 000,042,574 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvsezm.exe
[2010/03/20 17:24:59 | 002,178,131 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlres.dll
[2010/03/20 17:24:59 | 001,175,635 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzres.dll
[2010/03/20 17:24:59 | 000,780,885 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrres.dll
[2010/03/20 17:24:59 | 000,066,113 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvl.dll
[2010/03/20 17:24:59 | 000,057,409 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtz.dll
[2010/03/20 17:24:59 | 000,042,575 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrzm.exe
[2010/03/20 17:24:59 | 000,042,573 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlzm.exe
[2010/03/20 17:24:59 | 000,042,573 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzzm.exe
[2010/03/20 17:24:59 | 000,040,515 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkr.dll
[2010/03/20 17:24:59 | 000,032,339 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniansi.dll
[2010/03/20 17:24:59 | 000,004,677 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zeeverm.dll
[2010/03/20 17:24:58 | 001,039,955 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnresm.dll
[2010/03/20 17:24:58 | 000,217,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnclim.dll
[2010/03/20 17:24:58 | 000,113,222 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zoneclim.dll
[2010/03/20 17:24:58 | 000,041,029 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zcorem.dll
[2010/03/20 17:24:58 | 000,013,894 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zonelibm.dll
[2010/03/20 17:24:57 | 000,036,937 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zclientm.exe
[2010/03/20 17:24:57 | 000,029,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\znetm.dll
[2010/03/20 17:24:57 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\write.exe
[2010/03/20 17:24:57 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\write.exe
[2010/03/20 17:24:57 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Gaming Zone
[2010/03/20 17:24:49 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndvol32.exe
[2010/03/20 17:24:49 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndvol32.exe
[2010/03/20 17:24:49 | 000,044,544 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\hticons.dll
[2010/03/20 17:24:48 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avtapi.dll
[2010/03/20 17:24:48 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avtapi.dll
[2010/03/20 17:24:48 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avwav.dll
[2010/03/20 17:24:48 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avwav.dll
[2010/03/20 17:24:48 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winchat.exe
[2010/03/20 17:24:48 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winchat.exe
[2010/03/20 17:24:48 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avmeter.dll
[2010/03/20 17:24:48 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avmeter.dll
[2010/03/20 17:24:48 | 000,013,312 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\dllcache\htrn_jis.dll
[2010/03/20 17:24:41 | 000,605,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\getuname.dll
[2010/03/20 17:24:41 | 000,605,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\getuname.dll
[2010/03/20 17:24:41 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\calc.exe
[2010/03/20 17:24:41 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\calc.exe
[2010/03/20 17:24:41 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\charmap.exe
[2010/03/20 17:24:41 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\charmap.exe
[2010/03/20 17:24:40 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mshearts.exe
[2010/03/20 17:24:40 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshearts.exe
[2010/03/20 17:24:40 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winmine.exe
[2010/03/20 17:24:40 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmine.exe
[2010/03/20 17:24:40 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sol.exe
[2010/03/20 17:24:40 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sol.exe
[2010/03/20 17:24:40 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\freecell.exe
[2010/03/20 17:24:40 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\freecell.exe
[2010/03/20 17:24:40 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\reset.exe
[2010/03/20 17:24:40 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\reset.exe
[2010/03/20 17:24:39 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\regini.exe
[2010/03/20 17:24:39 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\regini.exe
[2010/03/20 17:24:39 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qwinsta.exe
[2010/03/20 17:24:39 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qwinsta.exe
[2010/03/20 17:24:39 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msg.exe
[2010/03/20 17:24:39 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msg.exe
[2010/03/20 17:24:39 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsshutdn.exe
[2010/03/20 17:24:39 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsshutdn.exe
[2010/03/20 17:24:39 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qappsrv.exe
[2010/03/20 17:24:39 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qappsrv.exe
[2010/03/20 17:24:39 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tskill.exe
[2010/03/20 17:24:39 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tskill.exe
[2010/03/20 17:24:39 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rwinsta.exe
[2010/03/20 17:24:39 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rwinsta.exe
[2010/03/20 17:24:39 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\logoff.exe
[2010/03/20 17:24:39 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logoff.exe
[2010/03/20 17:24:39 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsdiscon.exe
[2010/03/20 17:24:39 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsdiscon.exe
[2010/03/20 17:24:39 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscon.exe
[2010/03/20 17:24:39 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscon.exe
[2010/03/20 17:24:39 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\shadow.exe
[2010/03/20 17:24:39 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shadow.exe
[2010/03/20 17:24:39 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpcfgex.dll
[2010/03/20 17:24:39 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpcfgex.dll
[2010/03/20 17:24:38 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtsadmin.tlb
[2010/03/20 17:24:38 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cdmodem.dll
[2010/03/20 17:24:38 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cdmodem.dll
[2010/03/20 17:24:38 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrereg.exe
[2010/03/20 17:24:37 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comsnap.dll
[2010/03/20 17:24:37 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsnap.dll
[2010/03/20 17:24:37 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrepl.dll
[2010/03/20 17:24:37 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comrepl.dll
[2010/03/20 17:24:37 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\stclient.dll
[2010/03/20 17:24:37 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\stclient.dll
[2010/03/20 17:24:37 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comaddin.dll
[2010/03/20 17:24:37 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comaddin.dll
[2010/03/20 17:24:37 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxlegih.dll
[2010/03/20 17:24:37 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxlegih.dll
[2010/03/20 17:24:37 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxdm.dll
[2010/03/20 17:24:37 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxdm.dll
[2010/03/20 17:24:37 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dcomcnfg.exe
[2010/03/20 17:24:37 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dcomcnfg.exe
[2010/03/20 17:24:37 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxex.dll
[2010/03/20 17:24:37 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxex.dll
[2010/03/20 17:24:36 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmi2xml.dll
[2010/03/20 17:24:33 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\updprov.dll
[2010/03/20 17:24:33 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipicmp.dll
[2010/03/20 17:24:33 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmplprov.dll
[2010/03/20 17:24:33 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmimsg.dll
[2010/03/20 17:24:33 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemdisp.tlb
[2010/03/20 17:24:33 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trnsprov.dll
[2010/03/20 17:24:33 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmitimep.dll
[2010/03/20 17:24:33 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.tlb
[2010/03/20 17:24:33 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unsecapp.exe
[2010/03/20 17:24:33 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmtr.dll
[2010/03/20 17:24:33 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmt.exe
[2010/03/20 17:24:33 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.dll
[2010/03/20 17:24:32 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msiprov.dll
[2010/03/20 17:24:32 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsprov.dll
[2010/03/20 17:24:32 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fwdprov.dll
[2010/03/20 17:24:32 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpcons.dll
[2010/03/20 17:24:22 | 000,000,000 | ---D | C] -- C:\Program Files\MSN
[2010/03/20 17:24:21 | 000,281,088 | ---- | C] (Cinematronics) -- C:\WINDOWS\System32\dllcache\pinball.exe
[2010/03/20 17:24:21 | 000,183,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\accwiz.exe
[2010/03/20 17:24:21 | 000,183,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\accwiz.exe
[2010/03/20 17:24:21 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\access.cpl
[2010/03/20 17:24:21 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\access.cpl
[2010/03/20 17:24:20 | 000,539,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dialer.exe
[2010/03/20 17:24:20 | 000,345,088 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\hypertrm.dll
[2010/03/20 17:24:20 | 000,343,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mspaint.exe
[2010/03/20 17:24:20 | 000,343,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspaint.exe
[2010/03/20 17:24:20 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndrec32.exe
[2010/03/20 17:24:20 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndrec32.exe
[2010/03/20 17:24:20 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mplay32.exe
[2010/03/20 17:24:20 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplay32.exe
[2010/03/20 17:24:20 | 000,000,000 | ---D | C] -- C:\Program Files\Windows NT
[2010/03/20 17:24:19 | 000,538,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spider.exe
[2010/03/20 17:24:19 | 000,538,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spider.exe
[2010/03/20 17:24:19 | 000,139,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwd.sys
[2010/03/20 17:24:19 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clipbrd.exe
[2010/03/20 17:24:19 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clipbrd.exe
[2010/03/20 17:24:19 | 000,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdtcp.sys
[2010/03/20 17:24:19 | 000,012,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdpipe.sys
[2010/03/20 17:24:18 | 000,655,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstscax.dll
[2010/03/20 17:24:18 | 000,407,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstsc.exe
[2010/03/20 17:24:18 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdchost.dll
[2010/03/20 17:24:18 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdchost.dll
[2010/03/20 17:24:18 | 000,140,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sessmgr.exe
[2010/03/20 17:24:18 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscfgwmi.dll
[2010/03/20 17:24:18 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscfgwmi.dll
[2010/03/20 17:24:18 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdshost.exe
[2010/03/20 17:24:18 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdshost.exe
[2010/03/20 17:24:18 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\remotepg.dll
[2010/03/20 17:24:18 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdsaddin.exe
[2010/03/20 17:24:18 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdsaddin.exe
[2010/03/20 17:24:17 | 000,295,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\termsrv.dll
[2010/03/20 17:24:17 | 000,087,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpwsx.dll
[2010/03/20 17:24:17 | 000,087,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwsx.dll
[2010/03/20 17:24:17 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpclip.exe
[2010/03/20 17:24:17 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpclip.exe
[2010/03/20 17:24:17 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscupgrd.exe
[2010/03/20 17:24:17 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscupgrd.exe
[2010/03/20 17:24:17 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cfgbkend.dll
[2010/03/20 17:24:17 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cfgbkend.dll
[2010/03/20 17:24:17 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qprocess.exe
[2010/03/20 17:24:17 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qprocess.exe
[2010/03/20 17:24:17 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpsnd.dll
[2010/03/20 17:24:17 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpsnd.dll
[2010/03/20 17:24:17 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icaapi.dll
[2010/03/20 17:24:17 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icaapi.dll
[2010/03/20 17:24:16 | 000,949,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtctm.dll
[2010/03/20 17:24:16 | 000,949,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtctm.dll
[2010/03/20 17:24:16 | 000,425,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcprx.dll
[2010/03/20 17:24:16 | 000,425,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtcprx.dll
[2010/03/20 17:24:16 | 000,161,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcuiu.dll
[2010/03/20 17:24:16 | 000,161,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtcuiu.dll
[2010/03/20 17:24:16 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxoci.dll
[2010/03/20 17:24:16 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxoci.dll
[2010/03/20 17:24:16 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtclog.dll
[2010/03/20 17:24:16 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtclog.dll
[2010/03/20 17:24:16 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xolehlp.dll
[2010/03/20 17:24:16 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xolehlp.dll
[2010/03/20 17:24:16 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtc.exe
[2010/03/20 17:24:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc
[2010/03/20 17:24:15 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comadmin.dll
[2010/03/20 17:24:15 | 000,110,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clbcatex.dll
[2010/03/20 17:24:15 | 000,110,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clbcatex.dll
[2010/03/20 17:24:15 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\catsrvps.dll
[2010/03/20 17:24:15 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvps.dll
[2010/03/20 17:24:15 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\colbact.dll
[2010/03/20 17:24:15 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\colbact.dll
[2010/03/20 17:24:15 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrepl.exe
[2010/03/20 17:24:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Com
[2010/03/20 17:24:14 | 001,251,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comsvcs.dll
[2010/03/20 17:24:14 | 001,251,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsvcs.dll
[2010/03/20 17:24:14 | 000,628,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\catsrvut.dll
[2010/03/20 17:24:14 | 000,628,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvut.dll
[2010/03/20 17:24:14 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\catsrv.dll
[2010/03/20 17:24:14 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrv.dll
[2010/03/20 17:24:13 | 000,540,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comuid.dll
[2010/03/20 17:24:13 | 000,540,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comuid.dll
[2010/03/20 17:24:13 | 000,501,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clbcatq.dll
[2010/03/20 17:24:12 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmisvc.dll
[2010/03/20 17:24:12 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiutils.dll
[2010/03/20 17:24:12 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipsess.dll
[2010/03/20 17:24:11 | 000,530,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcore.dll
[2010/03/20 17:24:11 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemess.dll
[2010/03/20 17:24:11 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemupgd.dll
[2010/03/20 17:24:11 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiadap.exe
[2010/03/20 17:24:11 | 000,178,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemdisp.dll
[2010/03/20 17:24:11 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipcima.dll
[2010/03/20 17:24:11 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprov.dll
[2010/03/20 17:24:11 | 000,140,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmidcprv.dll
[2010/03/20 17:24:11 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipdskq.dll
[2010/03/20 17:24:11 | 000,126,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiapsrv.exe
[2010/03/20 17:24:11 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemtest.exe
[2010/03/20 17:24:11 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiaprpl.dll
[2010/03/20 17:24:11 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcons.dll
[2010/03/20 17:24:11 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipjobj.dll
[2010/03/20 17:24:11 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipiprt.dll
[2010/03/20 17:24:11 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmicookr.dll
[2010/03/20 17:24:11 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemsvc.dll
[2010/03/20 17:24:11 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemprox.dll
[2010/03/20 17:24:11 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiapres.dll
[2010/03/20 17:24:10 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\provthrd.dll
[2010/03/20 17:24:10 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcomn.dll
[2010/03/20 17:24:10 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntevt.dll
[2010/03/20 17:24:10 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcntl.dll
[2010/03/20 17:24:10 | 000,177,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\repdrvfs.dll
[2010/03/20 17:24:10 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\viewprov.dll
[2010/03/20 17:24:10 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\stdprov.dll
[2010/03/20 17:24:10 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scrcons.exe
[2010/03/20 17:24:09 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\esscli.dll
[2010/03/20 17:24:09 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\framedyn.dll
[2010/03/20 17:24:09 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mofd.dll
[2010/03/20 17:24:09 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ncprov.dll
[2010/03/20 17:24:09 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\krnlprov.dll
[2010/03/20 17:24:09 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mofcomp.exe
[2010/03/20 17:24:08 | 001,352,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cimwin32.dll
[2010/03/20 17:24:08 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\servdeps.dll
[2010/03/20 17:24:08 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\servdeps.dll
[2010/03/20 17:24:08 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmfutil.dll
[2010/03/20 17:24:08 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mmfutil.dll
[2010/03/20 17:24:06 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\licwmi.dll
[2010/03/20 17:24:06 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\licwmi.dll
[2010/03/20 17:24:05 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmprops.dll
[2010/03/20 17:24:05 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmprops.dll
[2010/03/20 17:19:32 | 000,006,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\enum1394.sys
[2010/03/20 17:19:17 | 000,020,992 | ---- | C] (Realtek Semiconductor Corporation) -- C:\WINDOWS\System32\drivers\RTL8139.sys
[2010/03/20 17:19:05 | 000,152,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irftp.exe
[2010/03/20 17:19:04 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wshirda.dll
[2010/03/20 17:18:57 | 000,035,871 | ---- | C] (Winbond Electronics Corp.) -- C:\WINDOWS\System32\drivers\wbfirdma.sys
[2010/03/20 17:18:31 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\usbui.dll
[2010/03/20 17:18:18 | 000,014,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\battc.sys
[2010/03/20 17:16:44 | 000,000,000 | -HSD | C] -- C:\WINDOWS\Installer
[2010/03/20 17:16:43 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC
[2010/03/20 17:16:41 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spcommon.dll
[2010/03/20 17:16:41 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spcplui.dll
[2010/03/20 17:16:40 | 000,774,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spttseng.dll
[2010/03/20 17:16:39 | 000,741,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapi.dll
[2010/03/20 17:16:39 | 000,155,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapi.cpl
[2010/03/20 17:16:39 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapisvr.exe
[2010/03/20 17:16:39 | 000,000,000 | R--D | C] -- C:\Program Files
[2010/03/20 17:16:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeechEngines
[2010/03/20 17:16:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Shared
[2010/03/20 17:16:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files
[2010/03/20 17:16:37 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt041f.dll
[2010/03/20 17:16:36 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0419.dll
[2010/03/20 17:16:36 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuq.dll
[2010/03/20 17:16:36 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuf.dll
[2010/03/20 17:16:36 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtuq.dll
[2010/03/20 17:16:36 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtuf.dll
[2010/03/20 17:16:36 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdazel.dll
[2010/03/20 17:16:36 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdazel.dll
[2010/03/20 17:16:34 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycc.dll
[2010/03/20 17:16:34 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbduzb.dll
[2010/03/20 17:16:34 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdur.dll
[2010/03/20 17:16:34 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtat.dll
[2010/03/20 17:16:34 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru1.dll
[2010/03/20 17:16:34 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru.dll
[2010/03/20 17:16:34 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmon.dll
[2010/03/20 17:16:34 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkyr.dll
[2010/03/20 17:16:34 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkaz.dll
[2010/03/20 17:16:34 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbu.dll
[2010/03/20 17:16:34 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdblr.dll
[2010/03/20 17:16:34 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdaze.dll
[2010/03/20 17:16:34 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdycc.dll
[2010/03/20 17:16:34 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbduzb.dll
[2010/03/20 17:16:34 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdur.dll
[2010/03/20 17:16:34 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtat.dll
[2010/03/20 17:16:34 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdru1.dll
[2010/03/20 17:16:34 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdru.dll
[2010/03/20 17:16:34 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdmon.dll
[2010/03/20 17:16:34 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkyr.dll
[2010/03/20 17:16:34 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkaz.dll
[2010/03/20 17:16:34 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdbu.dll
[2010/03/20 17:16:34 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdblr.dll
[2010/03/20 17:16:34 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdaze.dll
[2010/03/20 17:16:33 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0408.dll
[2010/03/20 17:16:32 | 000,008,192 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhept.dll
[2010/03/20 17:16:32 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhept.dll
[2010/03/20 17:16:32 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela3.dll
[2010/03/20 17:16:32 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhela3.dll
[2010/03/20 17:16:32 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela2.dll
[2010/03/20 17:16:32 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdgkl.dll
[2010/03/20 17:16:32 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhela2.dll
[2010/03/20 17:16:32 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgkl.dll
[2010/03/20 17:16:32 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe319.dll
[2010/03/20 17:16:32 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe220.dll
[2010/03/20 17:16:32 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe.dll
[2010/03/20 17:16:32 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe319.dll
[2010/03/20 17:16:32 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe220.dll
[2010/03/20 17:16:32 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe.dll
[2010/03/20 17:16:31 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv1.dll
[2010/03/20 17:16:31 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlv1.dll
[2010/03/20 17:16:31 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt1.dll
[2010/03/20 17:16:31 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt.dll
[2010/03/20 17:16:31 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlt1.dll
[2010/03/20 17:16:31 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlt.dll
[2010/03/20 17:16:30 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt040e.dll
[2010/03/20 17:16:30 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0415.dll
[2010/03/20 17:16:30 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0405.dll
[2010/03/20 17:16:30 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv.dll
[2010/03/20 17:16:30 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdest.dll
[2010/03/20 17:16:30 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlv.dll
[2010/03/20 17:16:30 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdest.dll
[2010/03/20 17:16:29 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl1.dll
[2010/03/20 17:16:29 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl.dll
[2010/03/20 17:16:29 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpl.dll
[2010/03/20 17:16:29 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsl1.dll
[2010/03/20 17:16:29 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsl.dll
[2010/03/20 17:16:29 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdpl.dll
[2010/03/20 17:16:29 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdro.dll
[2010/03/20 17:16:29 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdro.dll
[2010/03/20 17:16:28 | 000,007,168 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz.dll
[2010/03/20 17:16:28 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz.dll
[2010/03/20 17:16:28 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycl.dll
[2010/03/20 17:16:28 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu.dll
[2010/03/20 17:16:28 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz2.dll
[2010/03/20 17:16:28 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz1.dll
[2010/03/20 17:16:28 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcr.dll
[2010/03/20 17:16:28 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\KBDAL.DLL
[2010/03/20 17:16:28 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdycl.dll
[2010/03/20 17:16:28 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhu.dll
[2010/03/20 17:16:28 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz2.dll
[2010/03/20 17:16:28 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz1.dll
[2010/03/20 17:16:28 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcr.dll
[2010/03/20 17:16:28 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdal.dll
[2010/03/20 17:16:28 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpl1.dll
[2010/03/20 17:16:28 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu1.dll
[2010/03/20 17:16:28 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdpl1.dll
[2010/03/20 17:16:28 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhu1.dll
[2010/03/20 17:16:26 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irclass.dll
[2010/03/20 17:16:26 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irclass.dll
[2010/03/20 17:16:25 | 000,176,157 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dllcache\dgrpsetu.dll
[2010/03/20 17:16:25 | 000,176,157 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dgrpsetu.dll
[2010/03/20 17:16:25 | 000,103,424 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\EqnClass.Dll
[2010/03/20 17:16:25 | 000,103,424 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqnclass.dll
[2010/03/20 17:16:25 | 000,085,020 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dllcache\dgsetup.dll
[2010/03/20 17:16:25 | 000,085,020 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dgsetup.dll
[2010/03/20 17:16:25 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\spxcoins.dll
[2010/03/20 17:16:25 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxcoins.dll
[2010/03/20 17:16:25 | 000,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TAPI.DLL
[2010/03/20 17:16:25 | 000,013,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\WFWNET.DRV
[2010/03/20 17:16:25 | 000,009,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VER.DLL
[2010/03/20 17:16:25 | 000,004,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TIMER.DRV
[2010/03/20 17:16:25 | 000,002,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VGA.DRV
[2010/03/20 17:16:24 | 000,126,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MSVIDEO.DLL
[2010/03/20 17:16:24 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLECLI.DLL
[2010/03/20 17:16:24 | 000,073,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIAVI.DRV
[2010/03/20 17:16:24 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIWAVE.DRV
[2010/03/20 17:16:24 | 000,025,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCISEQ.DRV
[2010/03/20 17:16:24 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLESVR.DLL
[2010/03/20 17:16:24 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SHELL.DLL
[2010/03/20 17:16:24 | 000,003,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SYSTEM.DRV
[2010/03/20 17:16:24 | 000,002,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MOUSE.DRV
[2010/03/20 17:16:24 | 000,001,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SOUND.DRV
[2010/03/20 17:16:24 | 000,001,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MMTASK.TSK
[2010/03/20 17:16:23 | 000,109,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVIFILE.DLL
[2010/03/20 17:16:23 | 000,069,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVICAP.DLL
[2010/03/20 17:16:23 | 000,032,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\COMMDLG.DLL
[2010/03/20 17:16:23 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\TASKMAN.EXE
[2010/03/20 17:16:23 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\taskman.exe
[2010/03/20 17:16:23 | 000,009,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\LZEXPAND.DLL
[2010/03/20 17:16:23 | 000,002,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\KEYBOARD.DRV
[2010/03/20 17:16:22 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\WINSPOOL.DRV
[2010/03/20 17:16:22 | 000,068,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MMSYSTEM.DLL
[2010/03/20 17:16:22 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irenum.sys
[2010/03/20 17:16:22 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\batt.dll
[2010/03/20 17:16:22 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\batt.dll
[2010/03/20 17:16:19 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\storprop.dll
[2010/03/20 17:16:08 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu
[2010/03/20 17:16:08 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents
[2010/03/20 17:16:08 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Templates
[2010/03/20 17:16:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Favorites
[2010/03/20 17:16:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Desktop
[2010/03/20 17:15:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2010/03/20 17:15:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot
[2010/03/20 17:15:45 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2010/03/20 17:15:45 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\All Users\Application Data
[2010/03/20 17:15:16 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2010/03/20 17:15:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings
[2010/03/20 17:07:26 | 000,000,000 | R-SD | C] -- C:\WINDOWS\Fonts
[2010/03/20 17:07:26 | 000,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2010/03/20 17:07:26 | 000,000,000 | R--D | C] -- C:\WINDOWS\Web
[2010/03/20 17:07:26 | 000,000,000 | -H-D | C] -- C:\WINDOWS\inf
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\WinSxS
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wins
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\twain_32
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\system32
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\system
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\spool
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\security
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\Resources
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\repair
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ras
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\Provisioning
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\PeerNet
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\pchealth
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\npp
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\mui
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\mui
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\msapps
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\msagent
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\Media
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\java
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\IME
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\ime
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ias
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\Help
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\export
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\Debug
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cursors
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\config
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\Config
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\AppPatch
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\addins
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3076
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\2052
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1054
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1042
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1041
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1037
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1033
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1031
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1028
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1025

========== Files - Modified Within 30 Days ==========

[2010/03/24 15:01:01 | 000,000,246 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2010/03/24 14:16:06 | 000,284,915 | ---- | M] () -- C:\Documents and Settings\jhn barrett\Desktop\gmer.zip
[2010/03/24 14:14:42 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/03/24 14:14:39 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/03/24 14:13:56 | 002,097,152 | -H-- | M] () -- C:\Documents and Settings\jhn barrett\NTUSER.DAT
[2010/03/24 14:13:20 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\jhn barrett\ntuser.ini
[2010/03/24 14:12:51 | 004,227,884 | -H-- | M] () -- C:\Documents and Settings\jhn barrett\Local Settings\Application Data\IconCache.db
[2010/03/24 13:30:35 | 000,000,081 | ---- | M] () -- C:\WINDOWS\System32\asr_gfycc
[2010/03/24 13:21:25 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/03/24 13:21:17 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010/03/24 12:45:59 | 000,014,848 | ---- | M] () -- C:\Documents and Settings\jhn barrett\Desktop\otm text.wps
[2010/03/24 12:45:59 | 000,002,558 | ---- | M] () -- C:\Documents and Settings\jhn barrett\Application Data\wklnhst.dat
[2010/03/24 12:39:22 | 000,510,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\jhn barrett\Desktop\OTM.exe
[2010/03/24 06:48:50 | 000,000,785 | ---- | M] () -- C:\Documents and Settings\jhn barrett\Desktop\subscribe.miro
[2010/03/24 06:47:00 | 000,001,819 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Miro.lnk
[2010/03/24 06:36:29 | 000,282,606 | ---- | M] (Participatory Culture Foundation) -- C:\Documents and Settings\jhn barrett\Desktop\Miro_Installer.exe
[2010/03/24 06:20:00 | 000,056,338 | ---- | M] () -- C:\Documents and Settings\jhn barrett\My Documents\Christiane_F..3503763.TPB.torrent
[2010/03/24 05:56:34 | 000,000,785 | ---- | M] () -- C:\Documents and Settings\jhn barrett\My Documents\subscribe.miro
[2010/03/24 05:56:08 | 000,257,422 | ---- | M] () -- C:\Documents and Settings\jhn barrett\My Documents\Christiane_F._-_Wir_Kinder_vom_Bahnhof_Zoo.5408545.TPB.torrent
[2010/03/24 05:40:57 | 000,673,809 | ---- | M] () -- C:\Documents and Settings\jhn barrett\My Documents\ConservativeTechnologyManifesto.pdf
[2010/03/24 05:07:07 | 000,235,370 | ---- | M] () -- C:\Documents and Settings\jhn barrett\My Documents\FixingBrokenPoliticsPartTwo.ashx
[2010/03/24 05:01:05 | 000,442,173 | ---- | M] () -- C:\Documents and Settings\jhn barrett\My Documents\FixingBrokenPoliticsPartOne.ashx
[2010/03/24 04:56:43 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2010/03/24 04:53:56 | 027,386,256 | ---- | M] ( ) -- C:\Documents and Settings\jhn barrett\Desktop\AdbeRdr930_en_US.exe
[2010/03/24 02:04:04 | 003,898,797 | R--- | M] () -- C:\Documents and Settings\jhn barrett\Desktop\ComboFix.exe
[2010/03/23 20:09:02 | 000,360,448 | ---- | M] () -- C:\Documents and Settings\jhn barrett\Desktop\kasp report 2.wps
[2010/03/23 20:00:03 | 000,007,168 | ---- | M] () -- C:\WINDOWS\System32\drivers\utezmtyx.sys
[2010/03/23 18:00:10 | 000,000,079 | ---- | M] () -- C:\WINDOWS\System32\asr_qrqhfe
[2010/03/23 17:54:33 | 000,000,078 | ---- | M] () -- C:\WINDOWS\System32\asr_uemdb
[2010/03/23 13:48:38 | 068,146,672 | ---- | M] ( ) -- C:\Documents and Settings\jhn barrett\Desktop\setup_9.0.0.722_23.03.2010_14-47.exe
[2010/03/23 13:46:18 | 002,672,312 | ---- | M] () -- C:\Documents and Settings\jhn barrett\Desktop\esetsmartinstaller_enu.exe
[2010/03/23 13:38:36 | 034,952,464 | ---- | M] () -- C:\Documents and Settings\jhn barrett\Desktop\drweb-cureit.exe
[2010/03/23 10:43:00 | 002,533,663 | ---- | M] () -- C:\Documents and Settings\jhn barrett\Desktop\installer_dr_web_cureit!_5_00_2_[10_03_2009]_English.exe
[2010/03/23 03:51:22 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/03/23 02:18:12 | 000,000,081 | ---- | M] () -- C:\WINDOWS\System32\asr_ypfrco
[2010/03/23 02:11:15 | 000,000,078 | ---- | M] () -- C:\WINDOWS\System32\asr_ccnfd
[2010/03/23 01:33:54 | 000,724,952 | ---- | M] () -- C:\Documents and Settings\jhn barrett\Desktop\avenger.zip
[2010/03/23 01:30:05 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/03/23 01:25:35 | 005,115,824 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\jhn barrett\Desktop\mbam-setup.exe
[2010/03/23 00:44:57 | 000,444,416 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\jhn barrett\Desktop\TFC.exe
[2010/03/22 21:41:52 | 000,451,584 | ---- | M] () -- C:\Documents and Settings\jhn barrett\Desktop\CKScanner.exe
[2010/03/22 18:45:54 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2010/03/22 18:34:24 | 000,173,119 | ---- | M] (Eric_71) -- C:\Documents and Settings\jhn barrett\Desktop\Rooter.exe
[2010/03/22 17:33:40 | 000,008,982 | ---- | M] () -- C:\Documents and Settings\jhn barrett\.recently-used.xbel
[2010/03/22 15:08:02 | 001,607,032 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\jhn barrett\Desktop\MGADiag.exe
[2010/03/22 05:41:29 | 000,000,790 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\GIMP 2.lnk
[2010/03/22 04:07:01 | 000,048,640 | ---- | M] () -- C:\Documents and Settings\jhn barrett\Desktop\malware remove.wps
[2010/03/21 23:18:04 | 000,939,956 | ---- | M] () -- C:\Documents and Settings\jhn barrett\Desktop\7zip.exe
[2010/03/21 23:13:24 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\jhn barrett\Desktop\OTL.exe
[2010/03/21 23:12:11 | 000,791,393 | ---- | M] (Lars Hederer ) -- C:\Documents and Settings\jhn barrett\Desktop\erunt_setup.exe
[2010/03/21 20:52:16 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/03/21 04:53:01 | 000,000,892 | ---- | M] () -- C:\Documents and Settings\jhn barrett\Desktop\DVDVideoSoft Free Studio.lnk
[2010/03/21 04:17:28 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deploytk.dll
[2010/03/21 04:17:28 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010/03/21 04:17:28 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010/03/21 04:17:28 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010/03/21 04:17:28 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010/03/21 04:16:06 | 000,924,448 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\jhn barrett\Desktop\jre-6u18-windows-i586-iftw-rv.exe
[2010/03/21 04:13:53 | 001,924,976 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\jhn barrett\Desktop\install_flash_player.exe
[2010/03/21 03:20:11 | 000,284,050 | ---- | M] () -- C:\Documents and Settings\jhn barrett\Desktop\James-Caans-Essential-Business-Tips.pdf
[2010/03/20 23:50:27 | 000,154,624 | ---- | M] () -- C:\Documents and Settings\jhn barrett\My Documents\bookmarks.wps
[2010/03/20 23:25:43 | 000,891,248 | ---- | M] (AVG Technologies) -- C:\Documents and Settings\jhn barrett\Desktop\avg_free_stb_all_9_40_cnet.exe
[2010/03/20 23:09:04 | 000,029,528 | ---- | M] () -- C:\Documents and Settings\jhn barrett\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/03/20 22:29:05 | 000,000,698 | ---- | M] () -- C:\Documents and Settings\jhn barrett\Desktop\Evrsoft First Page 2006.lnk
[2010/03/20 21:50:32 | 000,000,719 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\VLC media player.lnk
[2010/03/20 21:45:13 | 000,000,025 | ---- | M] () -- C:\WINDOWS\cdplayer.ini
[2010/03/20 21:44:07 | 000,000,897 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\RealPlayer.lnk
[2010/03/20 21:44:00 | 000,185,944 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\rmoc3260.dll
[2010/03/20 21:43:54 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5016.dll
[2010/03/20 21:43:54 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5032.dll
[2010/03/20 21:43:53 | 000,278,528 | ---- | M] (Real Networks, Inc) -- C:\WINDOWS\System32\pncrt.dll
[2010/03/20 20:55:40 | 000,142,032 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/03/20 18:32:08 | 000,001,617 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\ZTE Mobile Connection.lnk
[2010/03/20 18:23:11 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\jhn barrett\Desktop\K-Meleon.lnk
[2010/03/20 18:22:05 | 000,000,465 | ---- | M] () -- C:\Documents and Settings\jhn barrett\Desktop\Shortcut to whypay4it.net.lnk
[2010/03/20 18:04:07 | 000,356,120 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/03/20 18:04:07 | 000,312,172 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/03/20 18:04:07 | 000,040,394 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/03/20 17:34:26 | 000,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD
[2010/03/20 17:33:21 | 000,000,302 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2010/03/20 17:29:50 | 000,000,477 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/03/20 17:29:50 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2010/03/20 17:29:50 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/03/20 17:29:50 | 000,000,000 | ---- | M] () -- C:\WINDOWS\control.ini
[2010/03/20 17:29:50 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010/03/20 17:29:50 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010/03/20 17:29:42 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2010/03/20 17:29:41 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2010/03/20 17:29:41 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2010/03/20 17:29:28 | 000,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2010/03/20 17:28:16 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\System32\WindowsLogon.manifest
[2010/03/20 17:28:16 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2010/03/20 17:28:07 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2010/03/20 17:28:07 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\WindowsShell.Manifest
[2010/03/20 17:28:07 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2010/03/20 17:28:07 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2010/03/20 17:28:07 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2010/03/20 17:28:07 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2010/03/20 17:26:12 | 000,021,640 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010/03/20 17:25:54 | 000,000,037 | ---- | M] () -- C:\WINDOWS\vbaddin.ini
[2010/03/20 17:25:54 | 000,000,036 | ---- | M] () -- C:\WINDOWS\vb.ini
[2010/03/20 17:22:55 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[2010/03/20 11:30:54 | 000,205,017 | ---- | M] () -- C:\Documents and Settings\jhn barrett\My Documents\ins3.xcf
[2010/03/20 01:31:38 | 000,335,330 | ---- | M] () -- C:\Documents and Settings\jhn barrett\My Documents\ins2.xcf
[2010/03/20 01:30:06 | 000,283,904 | ---- | M] () -- C:\Documents and Settings\jhn barrett\My Documents\ins.xcf
[2010/03/20 01:27:28 | 000,173,010 | ---- | M] () -- C:\Documents and Settings\jhn barrett\My Documents\dtop.xcf
[2010/03/12 18:02:38 | 000,261,632 | ---- | M] () -- C:\WINDOWS\PEV.exe
[2010/03/01 20:39:16 | 000,000,058 | ---- | M] () -- C:\Documents and Settings\jhn barrett\My Documents\2lktt.bat
[2010/03/01 20:37:00 | 000,000,058 | ---- | M] () -- C:\Documents and Settings\jhn barrett\My Documents\ak2opp.bat

========== Files Created - No Company Name ==========

[2010/03/24 14:16:04 | 000,284,915 | ---- | C] () -- C:\Documents and Settings\jhn barrett\Desktop\gmer.zip
[2010/03/24 13:30:35 | 000,000,081 | ---- | C] () -- C:\WINDOWS\System32\asr_gfycc
[2010/03/24 12:45:58 | 000,014,848 | ---- | C] () -- C:\Documents and Settings\jhn barrett\Desktop\otm text.wps
[2010/03/24 06:48:50 | 000,000,785 | ---- | C] () -- C:\Documents and Settings\jhn barrett\Desktop\subscribe.miro
[2010/03/24 06:47:00 | 000,001,819 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Miro.lnk
[2010/03/24 06:19:59 | 000,056,338 | ---- | C] () -- C:\Documents and Settings\jhn barrett\My Documents\Christiane_F..3503763.TPB.torrent
[2010/03/24 05:56:34 | 000,000,785 | ---- | C] () -- C:\Documents and Settings\jhn barrett\My Documents\subscribe.miro
[2010/03/24 05:56:04 | 000,257,422 | ---- | C] () -- C:\Documents and Settings\jhn barrett\My Documents\Christiane_F._-_Wir_Kinder_vom_Bahnhof_Zoo.5408545.TPB.torrent
[2010/03/24 05:40:49 | 000,673,809 | ---- | C] () -- C:\Documents and Settings\jhn barrett\My Documents\ConservativeTechnologyManifesto.pdf
[2010/03/24 05:07:07 | 000,235,370 | ---- | C] () -- C:\Documents and Settings\jhn barrett\My Documents\FixingBrokenPoliticsPartTwo.ashx
[2010/03/24 05:01:05 | 000,442,173 | ---- | C] () -- C:\Documents and Settings\jhn barrett\My Documents\FixingBrokenPoliticsPartOne.ashx
[2010/03/24 04:56:42 | 000,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2010/03/24 02:03:48 | 003,898,797 | R--- | C] () -- C:\Documents and Settings\jhn barrett\Desktop\ComboFix.exe
[2010/03/23 20:25:42 | 000,360,448 | ---- | C] () -- C:\Documents and Settings\jhn barrett\Desktop\kasp report 2.wps
[2010/03/23 20:00:03 | 000,007,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\utezmtyx.sys
[2010/03/23 18:00:10 | 000,000,079 | ---- | C] () -- C:\WINDOWS\System32\asr_qrqhfe
[2010/03/23 17:54:33 | 000,000,078 | ---- | C] () -- C:\WINDOWS\System32\asr_uemdb
[2010/03/23 15:11:47 | 002,672,312 | ---- | C] () -- C:\Documents and Settings\jhn barrett\Desktop\esetsmartinstaller_enu.exe
[2010/03/23 15:11:39 | 034,952,464 | ---- | C] () -- C:\Documents and Settings\jhn barrett\Desktop\drweb-cureit.exe
[2010/03/23 10:42:43 | 002,533,663 | ---- | C] () -- C:\Documents and Settings\jhn barrett\Desktop\installer_dr_web_cureit!_5_00_2_[10_03_2009]_English.exe
[2010/03/23 02:18:12 | 000,000,081 | ---- | C] () -- C:\WINDOWS\System32\asr_ypfrco
[2010/03/23 02:11:15 | 000,000,078 | ---- | C] () -- C:\WINDOWS\System32\asr_ccnfd
[2010/03/23 01:33:53 | 000,724,952 | ---- | C] () -- C:\Documents and Settings\jhn barrett\Desktop\avenger.zip
[2010/03/22 21:41:41 | 000,451,584 | ---- | C] () -- C:\Documents and Settings\jhn barrett\Desktop\CKScanner.exe
[2010/03/22 18:45:54 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2010/03/22 18:45:50 | 000,260,272 | ---- | C] () -- C:\cmldr
[2010/03/22 17:33:40 | 000,008,982 | ---- | C] () -- C:\Documents and Settings\jhn barrett\.recently-used.xbel
[2010/03/22 15:16:45 | 000,261,632 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010/03/22 15:16:45 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010/03/22 15:16:45 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010/03/22 15:16:45 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010/03/22 15:16:45 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010/03/22 05:41:29 | 000,000,790 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\GIMP 2.lnk
[2010/03/21 23:17:32 | 000,939,956 | ---- | C] () -- C:\Documents and Settings\jhn barrett\Desktop\7zip.exe
[2010/03/21 23:16:11 | 000,048,640 | ---- | C] () -- C:\Documents and Settings\jhn barrett\Desktop\malware remove.wps
[2010/03/21 04:53:24 | 000,000,246 | ---- | C] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2010/03/21 04:53:01 | 000,000,892 | ---- | C] () -- C:\Documents and Settings\jhn barrett\Desktop\DVDVideoSoft Free Studio.lnk
[2010/03/21 03:20:08 | 000,284,050 | ---- | C] () -- C:\Documents and Settings\jhn barrett\Desktop\James-Caans-Essential-Business-Tips.pdf
[2010/03/20 23:50:26 | 000,154,624 | ---- | C] () -- C:\Documents and Settings\jhn barrett\My Documents\bookmarks.wps
[2010/03/20 23:44:45 | 000,002,558 | ---- | C] () -- C:\Documents and Settings\jhn barrett\Application Data\wklnhst.dat
[2010/03/20 23:34:53 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/03/20 22:29:05 | 000,000,698 | ---- | C] () -- C:\Documents and Settings\jhn barrett\Desktop\Evrsoft First Page 2006.lnk
[2010/03/20 21:50:32 | 000,000,719 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\VLC media player.lnk
[2010/03/20 21:45:13 | 000,000,025 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2010/03/20 21:44:07 | 000,000,897 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\RealPlayer.lnk
[2010/03/20 18:31:58 | 000,001,617 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\ZTE Mobile Connection.lnk
[2010/03/20 18:23:10 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\jhn barrett\Desktop\K-Meleon.lnk
[2010/03/20 18:22:05 | 000,000,465 | ---- | C] () -- C:\Documents and Settings\jhn barrett\Desktop\Shortcut to whypay4it.net.lnk
[2010/03/20 18:01:00 | 000,155,648 | R--- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2010/03/20 18:00:56 | 000,141,016 | R--- | C] () -- C:\WINDOWS\System32\ALSNDMGR.WAV
[2010/03/20 17:57:02 | 000,067,380 | R--- | C] () -- C:\WINDOWS\System32\igfxhhun.lhp
[2010/03/20 17:57:02 | 000,063,938 | R--- | C] () -- C:\WINDOWS\System32\igfxhtrk.lhp
[2010/03/20 17:57:02 | 000,061,984 | R--- | C] () -- C:\WINDOWS\System32\igfxhsve.lhp
[2010/03/20 17:57:02 | 000,061,869 | R--- | C] () -- C:\WINDOWS\System32\igfxhtha.lhp
[2010/03/20 17:57:02 | 000,061,388 | R--- | C] () -- C:\WINDOWS\System32\igfxhptg.lhp
[2010/03/20 17:57:02 | 000,060,547 | R--- | C] () -- C:\WINDOWS\System32\igfxhell.lhp
[2010/03/20 17:57:02 | 000,060,436 | R--- | C] () -- C:\WINDOWS\System32\igfxhptb.lhp
[2010/03/20 17:57:02 | 000,060,216 | R--- | C] () -- C:\WINDOWS\System32\igfxhrus.lhp
[2010/03/20 17:57:02 | 000,059,760 | R--- | C] () -- C:\WINDOWS\System32\igfxhcsy.lhp
[2010/03/20 17:57:01 | 000,065,087 | R--- | C] () -- C:\WINDOWS\System32\igfxhkor.lhp
[2010/03/20 17:57:01 | 000,062,815 | R--- | C] () -- C:\WINDOWS\System32\igfxhplk.lhp
[2010/03/20 17:57:01 | 000,062,509 | R--- | C] () -- C:\WINDOWS\System32\igfxhdeu.lhp
[2010/03/20 17:57:01 | 000,061,950 | R--- | C] () -- C:\WINDOWS\System32\igfxhfrc.lhp
[2010/03/20 17:57:01 | 000,061,799 | R--- | C] () -- C:\WINDOWS\System32\igfxhfin.lhp
[2010/03/20 17:57:01 | 000,061,511 | R--- | C] () -- C:\WINDOWS\System32\igfxhfra.lhp
[2010/03/20 17:57:01 | 000,060,848 | R--- | C] () -- C:\WINDOWS\System32\igfxhesp.lhp
[2010/03/20 17:57:01 | 000,060,758 | R--- | C] () -- C:\WINDOWS\System32\igfxhjpn.lhp
[2010/03/20 17:57:01 | 000,060,476 | R--- | C] () -- C:\WINDOWS\System32\igfxhdan.lhp
[2010/03/20 17:57:01 | 000,059,861 | R--- | C] () -- C:\WINDOWS\System32\igfxharb.lhp
[2010/03/20 17:57:01 | 000,059,753 | R--- | C] () -- C:\WINDOWS\System32\igfxhara.lhp
[2010/03/20 17:57:01 | 000,059,448 | R--- | C] () -- C:\WINDOWS\System32\igfxhnld.lhp
[2010/03/20 17:57:01 | 000,059,350 | R--- | C] () -- C:\WINDOWS\System32\igfxhnor.lhp
[2010/03/20 17:57:01 | 000,059,095 | R--- | C] () -- C:\WINDOWS\System32\igfxhita.lhp
[2010/03/20 17:57:01 | 000,059,064 | R--- | C] () -- C:\WINDOWS\System32\igfxhheb.lhp
[2010/03/20 17:57:01 | 000,058,394 | R--- | C] () -- C:\WINDOWS\System32\igfxhcht.lhp
[2010/03/20 17:57:01 | 000,057,559 | R--- | C] () -- C:\WINDOWS\System32\igfxheng.lhp
[2010/03/20 17:57:01 | 000,057,430 | R--- | C] () -- C:\WINDOWS\System32\igfxhchs.lhp
[2010/03/20 17:57:00 | 000,056,937 | R--- | C] () -- C:\WINDOWS\System32\igfxhenu.lhp
[2010/03/20 17:36:49 | 000,000,178 | -HS- | C] () -- C:\Documents and Settings\jhn barrett\ntuser.ini
[2010/03/20 17:36:47 | 002,097,152 | -H-- | C] () -- C:\Documents and Settings\jhn barrett\NTUSER.DAT
[2010/03/20 17:34:25 | 000,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2010/03/20 17:33:15 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010/03/20 17:32:53 | 000,028,288 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xjis.nls
[2010/03/20 17:32:08 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prcp.nls
[2010/03/20 17:32:07 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prc.nls
[2010/03/20 17:32:06 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2010/03/20 17:31:38 | 000,047,066 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ksc.nls
[2010/03/20 17:31:37 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2010/03/20 17:31:29 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2010/03/20 17:31:28 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2010/03/20 17:31:25 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2010/03/20 17:31:17 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2010/03/20 17:31:12 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2010/03/20 17:31:08 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fpencode.dll
[2010/03/20 17:30:48 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2010/03/20 17:30:43 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_864.nls
[2010/03/20 17:30:43 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_862.nls
[2010/03/20 17:30:43 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_858.nls
[2010/03/20 17:30:43 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_870.nls
[2010/03/20 17:30:42 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_720.nls
[2010/03/20 17:30:42 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_708.nls
[2010/03/20 17:30:42 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28596.nls
[2010/03/20 17:30:42 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21027.nls
[2010/03/20 17:30:42 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21025.nls
[2010/03/20 17:30:41 | 000,180,770 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20932.nls
[2010/03/20 17:30:41 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20949.nls
[2010/03/20 17:30:41 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20936.nls
[2010/03/20 17:30:41 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20924.nls
[2010/03/20 17:30:41 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20880.nls
[2010/03/20 17:30:41 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20871.nls
[2010/03/20 17:30:41 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20838.nls
[2010/03/20 17:30:41 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20833.nls
[2010/03/20 17:30:41 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20424.nls
[2010/03/20 17:30:41 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20423.nls
[2010/03/20 17:30:40 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20420.nls
[2010/03/20 17:30:40 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20297.nls
[2010/03/20 17:30:40 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20290.nls
[2010/03/20 17:30:40 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20285.nls
[2010/03/20 17:30:40 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20284.nls
[2010/03/20 17:30:40 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20280.nls
[2010/03/20 17:30:40 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20278.nls
[2010/03/20 17:30:40 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20277.nls
[2010/03/20 17:30:40 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20273.nls
[2010/03/20 17:30:40 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20269.nls
[2010/03/20 17:30:40 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20108.nls
[2010/03/20 17:30:39 | 000,187,938 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20005.nls
[2010/03/20 17:30:39 | 000,186,402 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20001.nls
[2010/03/20 17:30:39 | 000,185,378 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20003.nls
[2010/03/20 17:30:39 | 000,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20004.nls
[2010/03/20 17:30:39 | 000,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20000.nls
[2010/03/20 17:30:39 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20002.nls
[2010/03/20 17:30:39 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20107.nls
[2010/03/20 17:30:39 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20106.nls
[2010/03/20 17:30:39 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20105.nls
[2010/03/20 17:30:38 | 000,189,986 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1361.nls
[2010/03/20 17:30:38 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1149.nls
[2010/03/20 17:30:38 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1148.nls
[2010/03/20 17:30:38 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1147.nls
[2010/03/20 17:30:38 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1146.nls
[2010/03/20 17:30:38 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1145.nls
[2010/03/20 17:30:38 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1144.nls
[2010/03/20 17:30:38 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1143.nls
[2010/03/20 17:30:38 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1142.nls
[2010/03/20 17:30:38 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1141.nls
[2010/03/20 17:30:37 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10003.nls
[2010/03/20 17:30:37 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10008.nls
[2010/03/20 17:30:37 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1140.nls
[2010/03/20 17:30:37 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1047.nls
[2010/03/20 17:30:37 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10021.nls
[2010/03/20 17:30:37 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10005.nls
[2010/03/20 17:30:37 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10004.nls
[2010/03/20 17:30:36 | 000,195,618 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10002.nls
[2010/03/20 17:30:36 | 000,162,850 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10001.nls
[2010/03/20 17:30:36 | 000,082,172 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bopomofo.nls
[2010/03/20 17:30:35 | 000,066,728 | ---- | C] () -- C:\WINDOWS\System32\dllcache\big5.nls
[2010/03/20 17:29:50 | 000,002,577 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/03/20 17:29:50 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2010/03/20 17:29:50 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2010/03/20 17:29:50 | 000,000,000 | ---- | C] () -- C:\CONFIG.SYS
[2010/03/20 17:29:50 | 000,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT
[2010/03/20 17:29:41 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2010/03/20 17:29:41 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2010/03/20 17:29:40 | 000,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2010/03/20 17:28:16 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\WindowsLogon.manifest
[2010/03/20 17:28:16 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2010/03/20 17:28:07 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2010/03/20 17:28:07 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\WindowsShell.Manifest
[2010/03/20 17:28:07 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2010/03/20 17:28:07 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2010/03/20 17:28:07 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2010/03/20 17:28:07 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2010/03/20 17:27:40 | 004,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex
[2010/03/20 17:27:10 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2010/03/20 17:27:10 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2010/03/20 17:27:04 | 000,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf
[2010/03/20 17:26:51 | 000,004,639 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.exe
[2010/03/20 17:26:39 | 000,376,320 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msinfo.dll
[2010/03/20 17:26:12 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010/03/20 17:24:43 | 000,065,954 | ---- | C] () -- C:\WINDOWS\Prairie Wind.bmp
[2010/03/20 17:24:43 | 000,065,832 | ---- | C] () -- C:\WINDOWS\Santa Fe Stucco.bmp
[2010/03/20 17:24:43 | 000,026,680 | ---- | C] () -- C:\WINDOWS\River Sumida.bmp
[2010/03/20 17:24:43 | 000,026,582 | ---- | C] () -- C:\WINDOWS\Greenstone.bmp
[2010/03/20 17:24:43 | 000,017,362 | ---- | C] () -- C:\WINDOWS\Rhododendron.bmp
[2010/03/20 17:24:43 | 000,009,522 | ---- | C] () -- C:\WINDOWS\Zapotec.bmp
[2010/03/20 17:24:42 | 000,093,702 | ---- | C] () -- C:\WINDOWS\System32\subrange.uce
[2010/03/20 17:24:42 | 000,065,978 | ---- | C] () -- C:\WINDOWS\Soap Bubbles.bmp
[2010/03/20 17:24:42 | 000,017,336 | ---- | C] () -- C:\WINDOWS\Gone Fishing.bmp
[2010/03/20 17:24:42 | 000,017,062 | ---- | C] () -- C:\WINDOWS\Coffee Bean.bmp
[2010/03/20 17:24:42 | 000,016,740 | ---- | C] () -- C:\WINDOWS\System32\shiftjis.uce
[2010/03/20 17:24:42 | 000,016,730 | ---- | C] () -- C:\WINDOWS\FeatherTexture.bmp
[2010/03/20 17:24:42 | 000,012,876 | ---- | C] () -- C:\WINDOWS\System32\korean.uce
[2010/03/20 17:24:42 | 000,001,272 | ---- | C] () -- C:\WINDOWS\Blue Lace 16.bmp
[2010/03/20 17:24:41 | 000,060,458 | ---- | C] () -- C:\WINDOWS\System32\ideograf.uce
[2010/03/20 17:24:41 | 000,024,006 | ---- | C] () -- C:\WINDOWS\System32\gb2312.uce
[2010/03/20 17:24:41 | 000,022,984 | ---- | C] () -- C:\WINDOWS\System32\bopomofo.uce
[2010/03/20 17:24:41 | 000,008,484 | ---- | C] () -- C:\WINDOWS\System32\kanji_2.uce
[2010/03/20 17:24:41 | 000,006,948 | ---- | C] () -- C:\WINDOWS\System32\kanji_1.uce
[2010/03/20 17:24:39 | 000,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h
[2010/03/20 17:24:39 | 000,001,161 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2010/03/20 17:24:38 | 000,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h
[2010/03/20 17:24:32 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc
[2010/03/20 17:16:40 | 001,685,606 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.spd
[2010/03/20 17:16:40 | 000,605,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa
[2010/03/20 17:16:40 | 000,000,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.sdf
[2010/03/20 17:16:39 | 000,643,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa
[2010/03/20 17:16:37 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28603.nls
[2010/03/20 17:16:37 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28603.nls
[2010/03/20 17:16:36 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_857.nls
[2010/03/20 17:16:36 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_857.nls
[2010/03/20 17:16:36 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28599.nls
[2010/03/20 17:16:36 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28599.nls
[2010/03/20 17:16:36 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10081.nls
[2010/03/20 17:16:36 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10081.nls
[2010/03/20 17:16:34 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28595.nls
[2010/03/20 17:16:34 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28595.NLS
[2010/03/20 17:16:34 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10017.nls
[2010/03/20 17:16:34 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10017.nls
[2010/03/20 17:16:34 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10007.nls
[2010/03/20 17:16:34 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10007.nls
[2010/03/20 17:16:32 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_869.nls
[2010/03/20 17:16:32 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_869.nls
[2010/03/20 17:16:32 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_737.nls
[2010/03/20 17:16:32 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_737.nls
[2010/03/20 17:16:32 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_875.nls
[2010/03/20 17:16:32 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_875.nls
[2010/03/20 17:16:32 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28597.nls
[2010/03/20 17:16:32 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28597.NLS
[2010/03/20 17:16:32 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10006.nls
[2010/03/20 17:16:32 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10006.nls
[2010/03/20 17:16:30 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_866.nls
[2010/03/20 17:16:30 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_866.nls
[2010/03/20 17:16:30 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_855.nls
[2010/03/20 17:16:30 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_855.nls
[2010/03/20 17:16:30 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28594.nls
[2010/03/20 17:16:30 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28594.NLS
[2010/03/20 17:16:28 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_852.nls
[2010/03/20 17:16:28 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_852.nls
[2010/03/20 17:16:28 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10082.nls
[2010/03/20 17:16:28 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10082.nls
[2010/03/20 17:16:28 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10029.nls
[2010/03/20 17:16:28 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10029.nls
[2010/03/20 17:16:28 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10010.nls
[2010/03/20 17:16:28 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10010.nls
[2010/03/20 17:16:27 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20127.nls
[2010/03/20 17:16:27 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_20127.nls
[2010/03/20 17:16:23 | 000,001,688 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2010/03/20 17:16:07 | 000,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2010/03/20 17:16:07 | 000,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2010/03/20 17:16:07 | 000,168,806 | ---- | C] () -- C:\WINDOWS\System32\dllcache\startoc.cat
[2010/03/20 17:16:07 | 000,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2010/03/20 17:16:07 | 000,031,281 | ---- | C] () -- C:\WINDOWS\System32\dllcache\FP4.CAT
[2010/03/20 17:16:07 | 000,024,209 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn7.cat
[2010/03/20 17:16:07 | 000,013,753 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IMS.CAT
[2010/03/20 17:16:07 | 000,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2010/03/20 17:16:07 | 000,011,651 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn9.cat
[2010/03/20 17:16:07 | 000,009,581 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSMSGS.CAT
[2010/03/20 17:16:07 | 000,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2010/03/20 17:16:07 | 000,007,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat
[2010/03/20 17:16:07 | 000,007,245 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSTSWEB.CAT
[2010/03/20 17:16:07 | 000,007,046 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2010/03/20 17:16:06 | 002,012,670 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5.CAT
[2010/03/20 17:16:06 | 001,042,903 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP2.CAT
[2010/03/20 17:16:06 | 000,382,952 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5INF.CAT
[2010/03/20 17:15:15 | 000,142,032 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/03/20 17:14:17 | 000,000,281 | RHS- | C] () -- C:\boot.ini
[2010/03/20 17:14:12 | 000,000,302 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf
[2010/03/20 12:31:41 | 000,205,017 | ---- | C] () -- C:\Documents and Settings\jhn barrett\My Documents\ins3.xcf
[2010/03/20 12:31:40 | 000,335,330 | ---- | C] () -- C:\Documents and Settings\jhn barrett\My Documents\ins2.xcf
[2010/03/20 12:31:40 | 000,283,904 | ---- | C] () -- C:\Documents and Settings\jhn barrett\My Documents\ins.xcf
[2010/03/20 12:31:40 | 000,173,010 | ---- | C] () -- C:\Documents and Settings\jhn barrett\My Documents\dtop.xcf
[2010/03/20 12:31:40 | 000,000,058 | ---- | C] () -- C:\Documents and Settings\jhn barrett\My Documents\ak2opp.bat
[2010/03/20 12:31:40 | 000,000,058 | ---- | C] () -- C:\Documents and Settings\jhn barrett\My Documents\2lktt.bat
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.DLL
[2004/08/04 12:00:00 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[2004/08/04 12:00:00 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.* >
[2010/03/20 17:29:50 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010/03/20 17:22:55 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[2010/03/22 18:45:54 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2004/08/03 23:00:00 | 000,260,272 | ---- | M] () -- C:\cmldr
[2010/03/24 13:25:03 | 000,013,286 | ---- | M] () -- C:\ComboFix.txt
[2010/03/20 17:29:50 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010/03/20 17:29:50 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/03/20 17:29:50 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2004/08/04 12:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2004/08/04 12:00:00 | 000,250,032 | RHS- | M] () -- C:\ntldr
[2010/03/24 14:14:38 | 390,070,272 | -HS- | M] () -- C:\pagefile.sys

< MD5 for: AGP440.SYS >
[2004/08/04 12:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys

< MD5 for: ATAPI.SYS >
[2004/08/04 12:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2004/08/04 12:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\ERDNT\cache\atapi.sys
[2004/08/04 12:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys

< MD5 for: EVENTLOG.DLL >
[2004/08/04 12:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\ERDNT\cache\eventlog.dll
[2004/08/04 12:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2004/08/04 12:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\system32\eventlog.dll

< MD5 for: NETLOGON.DLL >
[2009/02/06 18:46:09 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\SoftwareDistribution\Download\78cf8552430e25a8f24bc1e4dfb1970e\SP2QFE\netlogon.dll
[2009/02/06 18:46:09 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\SoftwareDistribution\Download\de81b460c3abcfc5b8494c785a5f3944\SP2QFE\netlogon.dll
[2004/08/04 12:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\ERDNT\cache\netlogon.dll
[2004/08/04 12:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2004/08/04 12:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: SCECLI.DLL >
[2004/08/04 12:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\ERDNT\cache\scecli.dll
[2004/08/04 12:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\system32\dllcache\scecli.dll
[2004/08/04 12:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\system32\scecli.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\*.exe /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2010/03/20 17:14:16 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2010/03/20 17:14:15 | 000,634,880 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2010/03/20 17:14:15 | 000,880,640 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %PROGRAMFILES%\*. >
[2010/03/21 23:27:04 | 000,000,000 | ---D | M] -- C:\Program Files\7-Zip
[2010/03/24 04:55:46 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe
[2010/03/21 04:53:27 | 000,000,000 | ---D | M] -- C:\Program Files\Ask.com
[2010/03/24 13:18:24 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files
[2010/03/20 17:25:58 | 000,000,000 | ---D | M] -- C:\Program Files\ComPlus Applications
[2010/03/21 04:52:53 | 000,000,000 | ---D | M] -- C:\Program Files\DVDVideoSoft
[2010/03/23 17:29:20 | 000,000,000 | ---D | M] -- C:\Program Files\ESET
[2010/03/22 07:37:00 | 000,000,000 | ---D | M] -- C:\Program Files\Evrsoft First Page 2006
[2010/03/22 05:40:53 | 000,000,000 | ---D | M] -- C:\Program Files\GIMP-2.0
[2010/03/20 18:31:57 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2010/03/20 17:28:16 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2010/03/21 04:17:21 | 000,000,000 | ---D | M] -- C:\Program Files\Java
[2010/03/20 22:27:40 | 000,000,000 | ---D | M] -- C:\Program Files\K-Meleon
[2010/03/23 01:30:06 | 000,000,000 | ---D | M] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/03/20 17:25:03 | 000,000,000 | ---D | M] -- C:\Program Files\Messenger
[2010/03/20 17:30:04 | 000,000,000 | ---D | M] -- C:\Program Files\microsoft frontpage
[2010/03/20 18:43:54 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office
[2010/03/20 18:44:31 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Works
[2010/03/24 06:07:54 | 000,000,000 | ---D | M] -- C:\Program Files\Miro
[2010/03/20 17:26:48 | 000,000,000 | ---D | M] -- C:\Program Files\Movie Maker
[2010/03/20 17:24:22 | 000,000,000 | ---D | M] -- C:\Program Files\MSN
[2010/03/20 17:24:57 | 000,000,000 | ---D | M] -- C:\Program Files\MSN Gaming Zone
[2010/03/20 17:27:03 | 000,000,000 | ---D | M] -- C:\Program Files\NetMeeting
[2010/03/20 17:27:55 | 000,000,000 | ---D | M] -- C:\Program Files\Online Services
[2010/03/20 17:26:59 | 000,000,000 | ---D | M] -- C:\Program Files\Outlook Express
[2010/03/24 06:46:26 | 000,000,000 | ---D | M] -- C:\Program Files\Participatory Culture Foundation
[2010/03/20 21:43:51 | 000,000,000 | ---D | M] -- C:\Program Files\Real
[2010/03/20 17:36:55 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
[2010/03/20 21:50:17 | 000,000,000 | ---D | M] -- C:\Program Files\VideoLAN
[2010/03/20 17:29:50 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
[2010/03/20 17:24:48 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT
[2010/03/20 17:28:00 | 000,000,000 | -H-D | M] -- C:\Program Files\WindowsUpdate
[2010/03/20 17:30:04 | 000,000,000 | ---D | M] -- C:\Program Files\xerox
[2010/03/24 15:45:32 | 000,000,000 | ---D | M] -- C:\Program Files\ZTE Mobile Connection

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >

< End of report >

#62
jhn-e-bee

Posted 24 March 2010 - 10:15 AM

Member

Topic Starter
Member
89 posts

About ten seconds after posting just now I got an error message flash up on the screen, before i could read it a blue screen flashed up and computer shut down and restarted. on restart i got this message pop-up:

Microsoft Windows
---------------------

the system has recovered from a serious error

A log of this error has been created.

please tell Microsoft about this problem

|report error| |dont send|

---------------------------------

i clicked to send report then IE opened and took me to this website:

http://wer.microsoft...cb-e3ae9f12623d

then a balloon appeared from notifications tray telling me i have updates and to click it to install them.

should i install them?

and is that a real microsoft website? i have never seen a microsoft site with wer at the beginning before.

#63
jhn-e-bee

Posted 24 March 2010 - 10:18 AM

Member

Topic Starter
Member
89 posts

wer = windows error report, i suppose?

just got it!

#64
Rorschach112

Posted 24 March 2010 - 12:47 PM

Ralphie

Retired Staff
47,710 posts

hi

Run OTL

Under the Custom Scans/Fixes box at the bottom, paste in the following

:OTL
DRV - [2010/03/23 20:00:03 | 000,007,168 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\utezmtyx.sys -- (utezmtyx)
DRV - [2009/10/09 22:31:10 | 000,315,408 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\4244292.sys -- (setup_9.0.0.722_23.03.2010_14-47drv)
DRV - [2009/09/25 16:59:42 | 000,128,016 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\42442921.sys -- (42442921)
[2010/03/24 13:30:35 | 000,000,081 | ---- | M] () -- C:\WINDOWS\System32\asr_gfycc

:Services

:Reg

:Files
C:\WINDOWS\Fonts\*.exe
C:\WINDOWS\System32\asr*
:Commands
[purity]
[resethosts]
[emptytemp]
[EMPTYFLASH]
[CREATERESTOREPOINT]
[Reboot]

Then click the Run Fix button at the top
Let the program run unhindered, reboot the PC when it is done

Update mbam run a quick scan fix everything it finds post that log

[*]Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

#65
jhn-e-bee

Posted 24 March 2010 - 02:45 PM

Member

Topic Starter
Member
89 posts

I am really starting to get some strange problems now, I cannot get to AV sites again. I just went to update MBAM and it kept coming up with an error so I tried re-installing but it is still doing it.
So I did the scan anyway, it deleted 10 threats. After that I opened browser to come back here and as usual I clicked sessions > open last session, like I always do for quickness and to get straight to this page.
It made the browser minimize, tried a couple more times and it did it again. had to type the url in and navigate manually to this page. Strange huh!

Anyway, here is the MBAM log produced:

Malwarebytes' Anti-Malware 1.44
Database version: 3510
Windows 5.1.2600 Service Pack 2
Internet Explorer 6.0.2900.2180

3/24/2010 8:26:25 PM
mbam-log-2010-03-24 (20-26-25).txt

Scan type: Quick Scan
Objects scanned: 104351
Time elapsed: 4 minute(s), 16 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 2
Registry Values Infected: 6
Registry Data Items Infected: 2
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Enum\Root\LEGACY_Windows_HOSTS_CONTROLLER (Worm.Kolab) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Windows Hosts Controller (Trojan.Agent) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\intime (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\reup (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\waittokillservicet (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\unwise_.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\unwise_.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\c:\windows\fonts\unwise_.exe (Trojan.Agent) -> Quarantined and deleted successfully.

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

Here's the OTL log:

OTL logfile created on: 3/24/2010 8:33:19 PM - Run 4
OTL by OldTimer - Version 3.1.37.3 Folder = C:\Documents and Settings\jhn barrett\Desktop
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

251.00 Mb Total Physical Memory | 111.00 Mb Available Physical Memory | 44.00% Memory free
610.00 Mb Paging File | 489.00 Mb Available in Paging File | 80.00% Paging File free
Paging file location(s): C:\pagefile.sys 372 744 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.25 Gb Total Space | 31.92 Gb Free Space | 85.69% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 1.84 Gb Total Space | 1.74 Gb Free Space | 94.62% Space Free | Partition Type: FAT32
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: J-C4E7983211AD4
Current User Name: jhn barrett
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/03/21 23:13:24 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\jhn barrett\Desktop\OTL.exe
PRC - [2010/03/20 21:43:52 | 000,185,896 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2004/08/04 12:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2004/07/01 16:23:32 | 000,067,584 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE

========== Modules (SafeList) ==========

MOD - [2010/03/21 23:13:24 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\jhn barrett\Desktop\OTL.exe
MOD - [2004/08/04 12:00:00 | 001,050,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll

========== Win32 Services (SafeList) ==========

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.mirostart...cfg=2-73-0-E39G
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.mirostart...cfg=2-73-0-E2N5

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\K-Meleon\Extensions\\Plugins: C:\Program Files\K-Meleon\Plugins [2010/03/24 04:56:40 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\K-Meleon\Extensions\\Components: C:\Program Files\K-Meleon\Components [2010/03/20 21:59:42 | 000,000,000 | ---D | M]

O1 HOSTS File: ([2010/03/24 19:41:54 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://go.microsoft....k/?linkid=58813 (Office Genuine Advantage Validation Tool)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft....k/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/03/20 17:29:50 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2004/08/04 12:00:00 | 000,059,288 | RHS- | M] () - E:\autorun.inf -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 14 Days ==========

[2010/03/24 20:20:17 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/03/24 20:20:15 | 000,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/03/24 20:20:15 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/03/24 19:41:57 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010/03/24 16:05:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2010/03/24 14:17:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jhn barrett\Desktop\gmer
[2010/03/24 13:54:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot_bak
[2010/03/24 13:19:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2010/03/24 12:48:37 | 000,000,000 | ---D | C] -- C:\_OTM
[2010/03/24 12:39:07 | 000,510,464 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\jhn barrett\Desktop\OTM.exe
[2010/03/24 06:46:26 | 000,000,000 | ---D | C] -- C:\Program Files\Participatory Culture Foundation
[2010/03/24 06:36:24 | 000,282,606 | ---- | C] (Participatory Culture Foundation) -- C:\Documents and Settings\jhn barrett\Desktop\Miro_Installer.exe
[2010/03/24 06:09:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jhn barrett\My Documents\My Videos
[2010/03/24 06:09:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jhn barrett\Application Data\Mozilla
[2010/03/24 06:08:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jhn barrett\Application Data\Participatory Culture Foundation
[2010/03/24 06:07:54 | 000,000,000 | ---D | C] -- C:\Program Files\Miro
[2010/03/24 05:00:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Adobe
[2010/03/24 04:56:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2010/03/24 04:55:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2010/03/24 04:55:46 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2010/03/24 04:49:17 | 027,386,256 | ---- | C] ( ) -- C:\Documents and Settings\jhn barrett\Desktop\AdbeRdr930_en_US.exe
[2010/03/23 17:29:20 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2010/03/23 15:15:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jhn barrett\DoctorWeb
[2010/03/23 15:11:53 | 068,146,672 | ---- | C] ( ) -- C:\Documents and Settings\jhn barrett\Desktop\setup_9.0.0.722_23.03.2010_14-47.exe
[2010/03/23 12:33:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jhn barrett\My Documents\LastFM downloader
[2010/03/23 12:32:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jhn barrett\My Documents\dogs2
[2010/03/23 12:30:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jhn barrett\My Documents\vids and DLs
[2010/03/23 01:36:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jhn barrett\Desktop\avenger
[2010/03/23 01:27:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun
[2010/03/23 01:24:48 | 005,115,824 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\jhn barrett\Desktop\mbam-setup.exe
[2010/03/22 20:41:36 | 000,000,000 | ---D | C] -- C:\Rooter$
[2010/03/22 18:45:47 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010/03/22 18:34:19 | 000,173,119 | ---- | C] (Eric_71) -- C:\Documents and Settings\jhn barrett\Desktop\Rooter.exe
[2010/03/22 17:18:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jhn barrett\.thumbnails
[2010/03/22 15:16:45 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010/03/22 15:16:45 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010/03/22 15:16:45 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010/03/22 15:16:45 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010/03/22 15:15:45 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010/03/22 15:13:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage
[2010/03/22 15:12:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2010/03/22 14:23:45 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/03/22 05:46:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jhn barrett\Application Data\gtk-2.0
[2010/03/22 05:42:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jhn barrett\.gimp-2.6
[2010/03/22 05:42:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jhn barrett\My Documents\gegl-0.0
[2010/03/22 05:40:40 | 000,000,000 | ---D | C] -- C:\Program Files\GIMP-2.0
[2010/03/21 23:34:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/03/21 23:27:03 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2010/03/21 23:13:05 | 000,555,520 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\jhn barrett\Desktop\OTL.exe
[2010/03/21 23:11:20 | 000,791,393 | ---- | C] (Lars Hederer ) -- C:\Documents and Settings\jhn barrett\Desktop\erunt_setup.exe
[2010/03/21 23:11:00 | 000,444,416 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\jhn barrett\Desktop\TFC.exe
[2010/03/21 16:58:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2010/03/21 04:53:19 | 000,000,000 | ---D | C] -- C:\Program Files\Ask.com
[2010/03/21 04:53:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jhn barrett\My Documents\DVDVideoSoft
[2010/03/21 04:52:53 | 000,000,000 | ---D | C] -- C:\Program Files\DVDVideoSoft
[2010/03/21 04:52:53 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DVDVideoSoft
[2010/03/21 04:19:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jhn barrett\Application Data\Adobe
[2010/03/21 04:18:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun
[2010/03/21 04:18:11 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010/03/21 04:17:21 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2010/03/21 04:16:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jhn barrett\Application Data\Sun
[2010/03/20 23:44:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jhn barrett\Application Data\Template
[2010/03/20 23:34:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jhn barrett\Application Data\Malwarebytes
[2010/03/20 23:34:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/03/20 23:25:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jhn barrett\Application Data\AVG8
[2010/03/20 23:25:23 | 000,891,248 | ---- | C] (AVG Technologies) -- C:\Documents and Settings\jhn barrett\Desktop\avg_free_stb_all_9_40_cnet.exe
[2010/03/20 23:02:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jhn barrett\Application Data\Macromedia
[2010/03/20 22:55:35 | 000,000,000 | --SD | C] -- C:\Documents and Settings\jhn barrett\UserData
[2010/03/20 22:28:49 | 000,887,296 | ---- | C] (Kurt Senfer) -- C:\WINDOWS\System32\KsDHTMLEDLib.ocx
[2010/03/20 22:28:48 | 000,000,000 | ---D | C] -- C:\Program Files\Evrsoft First Page 2006
[2010/03/20 22:00:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Real
[2010/03/20 21:57:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jhn barrett\Application Data\vlc
[2010/03/20 21:50:17 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2010/03/20 21:44:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared
[2010/03/20 21:43:53 | 000,278,528 | ---- | C] (Real Networks, Inc) -- C:\WINDOWS\System32\pncrt.dll
[2010/03/20 21:43:51 | 000,000,000 | ---D | C] -- C:\Program Files\Real
[2010/03/20 21:43:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Real
[2010/03/20 21:43:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jhn barrett\Application Data\Real
[2010/03/20 18:43:54 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2010/03/20 18:41:29 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works
[2010/03/20 18:38:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2010/03/20 18:32:11 | 000,100,864 | ---- | C] (ZTE Corporation) -- C:\WINDOWS\System32\drivers\ZTEusbser6k.sys
[2010/03/20 18:32:11 | 000,100,864 | ---- | C] (ZTE Corporation) -- C:\WINDOWS\System32\drivers\ZTEusbnmea.sys
[2010/03/20 18:32:11 | 000,100,864 | ---- | C] (ZTE Corporation) -- C:\WINDOWS\System32\drivers\ZTEusbmdm6k.sys
[2010/03/20 18:32:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SupportApp
[2010/03/20 18:31:58 | 000,000,000 | ---D | C] -- C:\Program Files\ZTE Mobile Connection
[2010/03/20 18:31:57 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2010/03/20 18:27:17 | 000,000,000 | ---D | C] -- C:\Intel
[2010/03/20 18:24:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jhn barrett\Desktop\Tunes
[2010/03/20 18:23:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jhn barrett\Desktop\installers
[2010/03/20 18:23:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jhn barrett\Local Settings\Application Data\K-Meleon
[2010/03/20 18:23:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jhn barrett\Application Data\K-Meleon
[2010/03/20 18:22:59 | 000,000,000 | ---D | C] -- C:\Program Files\K-Meleon
[2010/03/20 18:21:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jhn barrett\My Documents\whypay4it.net
[2010/03/20 18:03:01 | 001,268,234 | R--- | C] (Agere Systems) -- C:\WINDOWS\System32\drivers\AGRSM.sys
[2010/03/20 18:03:01 | 000,064,512 | R--- | C] (Agere Systems) -- C:\WINDOWS\agrsmdel.exe
[2010/03/20 18:00:59 | 000,400,384 | R--- | C] (Sensaura) -- C:\WINDOWS\System32\drivers\ALCXSENS.SYS
[2010/03/20 17:52:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[2010/03/20 17:36:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jhn barrett\Application Data\Identities
[2010/03/20 17:36:55 | 000,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
[2010/03/20 17:36:51 | 000,000,000 | R--D | C] -- C:\Documents and Settings\jhn barrett\My Documents\My Music
[2010/03/20 17:36:50 | 000,000,000 | R--D | C] -- C:\Documents and Settings\jhn barrett\My Documents\My Pictures
[2010/03/20 17:36:47 | 000,000,000 | --SD | C] -- C:\Documents and Settings\jhn barrett\Application Data\Microsoft
[2010/03/20 17:36:47 | 000,000,000 | --SD | C] -- C:\Documents and Settings\jhn barrett\Cookies
[2010/03/20 17:36:47 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\jhn barrett\SendTo
[2010/03/20 17:36:47 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\jhn barrett\Recent
[2010/03/20 17:36:47 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\jhn barrett\Application Data
[2010/03/20 17:36:47 | 000,000,000 | R--D | C] -- C:\Documents and Settings\jhn barrett\Start Menu
[2010/03/20 17:36:47 | 000,000,000 | R--D | C] -- C:\Documents and Settings\jhn barrett\My Documents
[2010/03/20 17:36:47 | 000,000,000 | R--D | C] -- C:\Documents and Settings\jhn barrett\Favorites
[2010/03/20 17:36:47 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\jhn barrett\Templates
[2010/03/20 17:36:47 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\jhn barrett\PrintHood
[2010/03/20 17:36:47 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\jhn barrett\NetHood
[2010/03/20 17:36:47 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\jhn barrett\Local Settings
[2010/03/20 17:36:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Microsoft
[2010/03/20 17:36:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jhn barrett\Desktop
[2010/03/20 17:34:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2010/03/20 17:34:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2010/03/20 17:34:52 | 000,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft
[2010/03/20 17:34:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2010/03/20 17:34:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2010/03/20 17:32:15 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2010/03/20 17:32:15 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2010/03/20 17:32:14 | 000,026,624 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll
[2010/03/20 17:31:04 | 000,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll
[2010/03/20 17:31:04 | 000,045,056 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll
[2010/03/20 17:31:04 | 000,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll
[2010/03/20 17:30:44 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2010/03/20 17:30:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom
[2010/03/20 17:30:04 | 000,000,000 | ---D | C] -- C:\Program Files\xerox
[2010/03/20 17:30:04 | 000,000,000 | ---D | C] -- C:\Program Files\microsoft frontpage
[2010/03/20 17:29:43 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2010/03/20 17:29:43 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2010/03/20 17:28:31 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\DRM
[2010/03/20 17:28:17 | 000,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages
[2010/03/20 17:28:16 | 000,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files
[2010/03/20 17:28:00 | 000,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate
[2010/03/20 17:27:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX
[2010/03/20 17:27:01 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Services
[2010/03/20 17:26:59 | 000,000,000 | --SD | C] -- C:\WINDOWS\Tasks
[2010/03/20 17:26:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap
[2010/03/20 17:26:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\srchasst
[2010/03/20 17:26:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed
[2010/03/20 17:26:45 | 000,000,000 | ---D | C] -- C:\Program Files\Movie Maker
[2010/03/20 17:26:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore
[2010/03/20 17:26:33 | 000,000,000 | ---D | C] -- C:\Program Files\NetMeeting
[2010/03/20 17:26:29 | 000,000,000 | ---D | C] -- C:\Program Files\Outlook Express
[2010/03/20 17:26:23 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\System
[2010/03/20 17:26:17 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Explorer
[2010/03/20 17:26:14 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Pictures
[2010/03/20 17:25:58 | 000,000,000 | ---D | C] -- C:\Program Files\ComPlus Applications
[2010/03/20 17:25:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\Registration
[2010/03/20 17:25:08 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Music
[2010/03/20 17:25:08 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Player
[2010/03/20 17:25:08 | 000,000,000 | ---D | C] -- C:\Program Files\Online Services
[2010/03/20 17:25:01 | 000,000,000 | ---D | C] -- C:\Program Files\Messenger
[2010/03/20 17:24:57 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Gaming Zone
[2010/03/20 17:24:22 | 000,000,000 | ---D | C] -- C:\Program Files\MSN
[2010/03/20 17:24:21 | 000,281,088 | ---- | C] (Cinematronics) -- C:\WINDOWS\System32\dllcache\pinball.exe
[2010/03/20 17:24:20 | 000,000,000 | ---D | C] -- C:\Program Files\Windows NT
[2010/03/20 17:24:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc
[2010/03/20 17:24:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Com
[2010/03/20 17:19:17 | 000,020,992 | ---- | C] (Realtek Semiconductor Corporation) -- C:\WINDOWS\System32\drivers\RTL8139.sys
[2010/03/20 17:18:57 | 000,035,871 | ---- | C] (Winbond Electronics Corp.) -- C:\WINDOWS\System32\drivers\wbfirdma.sys
[2010/03/20 17:16:44 | 000,000,000 | -HSD | C] -- C:\WINDOWS\Installer
[2010/03/20 17:16:43 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC
[2010/03/20 17:16:39 | 000,000,000 | R--D | C] -- C:\Program Files
[2010/03/20 17:16:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeechEngines
[2010/03/20 17:16:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Shared
[2010/03/20 17:16:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files
[2010/03/20 17:16:08 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu
[2010/03/20 17:16:08 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents
[2010/03/20 17:16:08 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Templates
[2010/03/20 17:16:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Favorites
[2010/03/20 17:16:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Desktop
[2010/03/20 17:15:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2010/03/20 17:15:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot
[2010/03/20 17:15:45 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2010/03/20 17:15:45 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\All Users\Application Data
[2010/03/20 17:15:16 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2010/03/20 17:15:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings
[2010/03/20 17:07:26 | 000,000,000 | R-SD | C] -- C:\WINDOWS\Fonts
[2010/03/20 17:07:26 | 000,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2010/03/20 17:07:26 | 000,000,000 | R--D | C] -- C:\WINDOWS\Web
[2010/03/20 17:07:26 | 000,000,000 | -H-D | C] -- C:\WINDOWS\inf
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\WinSxS
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wins
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\twain_32
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\system32
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\system
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\spool
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\security
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\Resources
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\repair
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ras
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\Provisioning
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\PeerNet
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\pchealth
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\npp
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\mui
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\mui
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\msapps
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\msagent
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\Media
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\java
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\IME
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\ime
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ias
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\Help
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\export
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\Debug
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cursors
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\config
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\Config
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\AppPatch
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\addins
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3076
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\2052
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1054
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1042
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1041
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1037
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1033
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1031
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1028
[2010/03/20 17:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1025

========== Files - Modified Within 14 Days ==========

[2010/03/24 20:28:47 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/03/24 20:28:44 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/03/24 20:27:50 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\jhn barrett\ntuser.ini
[2010/03/24 20:27:49 | 002,097,152 | -H-- | M] () -- C:\Documents and Settings\jhn barrett\NTUSER.DAT
[2010/03/24 20:27:43 | 004,229,050 | -H-- | M] () -- C:\Documents and Settings\jhn barrett\Local Settings\Application Data\IconCache.db
[2010/03/24 20:20:20 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/03/24 20:19:25 | 005,115,824 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\jhn barrett\Desktop\mbam-setup.exe
[2010/03/24 20:01:01 | 000,000,246 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2010/03/24 19:41:54 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2010/03/24 16:16:41 | 000,000,081 | ---- | M] () -- C:\(ôëtfbrqv
[2010/03/24 14:16:06 | 000,284,915 | ---- | M] () -- C:\Documents and Settings\jhn barrett\Desktop\gmer.zip
[2010/03/24 13:21:25 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/03/24 12:45:59 | 000,014,848 | ---- | M] () -- C:\Documents and Settings\jhn barrett\Desktop\otm text.wps
[2010/03/24 12:45:59 | 000,002,558 | ---- | M] () -- C:\Documents and Settings\jhn barrett\Application Data\wklnhst.dat
[2010/03/24 12:39:22 | 000,510,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\jhn barrett\Desktop\OTM.exe
[2010/03/24 06:48:50 | 000,000,785 | ---- | M] () -- C:\Documents and Settings\jhn barrett\Desktop\subscribe.miro
[2010/03/24 06:47:00 | 000,001,819 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Miro.lnk
[2010/03/24 06:36:29 | 000,282,606 | ---- | M] (Participatory Culture Foundation) -- C:\Documents and Settings\jhn barrett\Desktop\Miro_Installer.exe
[2010/03/24 06:20:00 | 000,056,338 | ---- | M] () -- C:\Documents and Settings\jhn barrett\My Documents\Christiane_F..3503763.TPB.torrent
[2010/03/24 05:56:34 | 000,000,785 | ---- | M] () -- C:\Documents and Settings\jhn barrett\My Documents\subscribe.miro
[2010/03/24 05:56:08 | 000,257,422 | ---- | M] () -- C:\Documents and Settings\jhn barrett\My Documents\Christiane_F._-_Wir_Kinder_vom_Bahnhof_Zoo.5408545.TPB.torrent
[2010/03/24 05:40:57 | 000,673,809 | ---- | M] () -- C:\Documents and Settings\jhn barrett\My Documents\ConservativeTechnologyManifesto.pdf
[2010/03/24 05:07:07 | 000,235,370 | ---- | M] () -- C:\Documents and Settings\jhn barrett\My Documents\FixingBrokenPoliticsPartTwo.ashx
[2010/03/24 05:01:05 | 000,442,173 | ---- | M] () -- C:\Documents and Settings\jhn barrett\My Documents\FixingBrokenPoliticsPartOne.ashx
[2010/03/24 04:56:43 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2010/03/24 04:53:56 | 027,386,256 | ---- | M] ( ) -- C:\Documents and Settings\jhn barrett\Desktop\AdbeRdr930_en_US.exe
[2010/03/24 02:04:04 | 003,898,797 | R--- | M] () -- C:\Documents and Settings\jhn barrett\Desktop\ComboFix.exe
[2010/03/23 20:09:02 | 000,360,448 | ---- | M] () -- C:\Documents and Settings\jhn barrett\Desktop\kasp report 2.wps
[2010/03/23 13:48:38 | 068,146,672 | ---- | M] ( ) -- C:\Documents and Settings\jhn barrett\Desktop\setup_9.0.0.722_23.03.2010_14-47.exe
[2010/03/23 13:46:18 | 002,672,312 | ---- | M] () -- C:\Documents and Settings\jhn barrett\Desktop\esetsmartinstaller_enu.exe
[2010/03/23 13:38:36 | 034,952,464 | ---- | M] () -- C:\Documents and Settings\jhn barrett\Desktop\drweb-cureit.exe
[2010/03/23 10:43:00 | 002,533,663 | ---- | M] () -- C:\Documents and Settings\jhn barrett\Desktop\installer_dr_web_cureit!_5_00_2_[10_03_2009]_English.exe
[2010/03/23 03:51:22 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/03/23 01:33:54 | 000,724,952 | ---- | M] () -- C:\Documents and Settings\jhn barrett\Desktop\avenger.zip
[2010/03/23 00:44:57 | 000,444,416 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\jhn barrett\Desktop\TFC.exe
[2010/03/22 21:41:52 | 000,451,584 | ---- | M] () -- C:\Documents and Settings\jhn barrett\Desktop\CKScanner.exe
[2010/03/22 18:45:54 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2010/03/22 18:34:24 | 000,173,119 | ---- | M] (Eric_71) -- C:\Documents and Settings\jhn barrett\Desktop\Rooter.exe
[2010/03/22 17:33:40 | 000,008,982 | ---- | M] () -- C:\Documents and Settings\jhn barrett\.recently-used.xbel
[2010/03/22 05:41:29 | 000,000,790 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\GIMP 2.lnk
[2010/03/22 04:07:01 | 000,048,640 | ---- | M] () -- C:\Documents and Settings\jhn barrett\Desktop\malware remove.wps
[2010/03/21 23:18:04 | 000,939,956 | ---- | M] () -- C:\Documents and Settings\jhn barrett\Desktop\7zip.exe
[2010/03/21 23:13:24 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\jhn barrett\Desktop\OTL.exe
[2010/03/21 23:12:11 | 000,791,393 | ---- | M] (Lars Hederer ) -- C:\Documents and Settings\jhn barrett\Desktop\erunt_setup.exe
[2010/03/21 20:52:16 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/03/21 04:53:01 | 000,000,892 | ---- | M] () -- C:\Documents and Settings\jhn barrett\Desktop\DVDVideoSoft Free Studio.lnk
[2010/03/21 03:20:11 | 000,284,050 | ---- | M] () -- C:\Documents and Settings\jhn barrett\Desktop\James-Caans-Essential-Business-Tips.pdf
[2010/03/20 23:50:27 | 000,154,624 | ---- | M] () -- C:\Documents and Settings\jhn barrett\My Documents\bookmarks.wps
[2010/03/20 23:25:43 | 000,891,248 | ---- | M] (AVG Technologies) -- C:\Documents and Settings\jhn barrett\Desktop\avg_free_stb_all_9_40_cnet.exe
[2010/03/20 23:09:04 | 000,029,528 | ---- | M] () -- C:\Documents and Settings\jhn barrett\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/03/20 22:29:05 | 000,000,698 | ---- | M] () -- C:\Documents and Settings\jhn barrett\Desktop\Evrsoft First Page 2006.lnk
[2010/03/20 21:50:32 | 000,000,719 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\VLC media player.lnk
[2010/03/20 21:45:13 | 000,000,025 | ---- | M] () -- C:\WINDOWS\cdplayer.ini
[2010/03/20 21:44:07 | 000,000,897 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\RealPlayer.lnk
[2010/03/20 21:43:53 | 000,278,528 | ---- | M] (Real Networks, Inc) -- C:\WINDOWS\System32\pncrt.dll
[2010/03/20 20:55:40 | 000,142,032 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/03/20 18:32:08 | 000,001,617 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\ZTE Mobile Connection.lnk
[2010/03/20 18:23:11 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\jhn barrett\Desktop\K-Meleon.lnk
[2010/03/20 18:22:05 | 000,000,465 | ---- | M] () -- C:\Documents and Settings\jhn barrett\Desktop\Shortcut to whypay4it.net.lnk
[2010/03/20 18:04:07 | 000,356,120 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/03/20 18:04:07 | 000,312,172 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/03/20 18:04:07 | 000,040,394 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/03/20 17:34:26 | 000,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD
[2010/03/20 17:33:21 | 000,000,302 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2010/03/20 17:29:50 | 000,000,477 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/03/20 17:29:50 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2010/03/20 17:29:50 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/03/20 17:29:50 | 000,000,000 | ---- | M] () -- C:\WINDOWS\control.ini
[2010/03/20 17:29:50 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010/03/20 17:29:50 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010/03/20 17:29:42 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2010/03/20 17:29:41 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2010/03/20 17:29:41 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2010/03/20 17:29:28 | 000,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2010/03/20 17:28:16 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\System32\WindowsLogon.manifest
[2010/03/20 17:28:16 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2010/03/20 17:28:07 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2010/03/20 17:28:07 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\WindowsShell.Manifest
[2010/03/20 17:28:07 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2010/03/20 17:28:07 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2010/03/20 17:28:07 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2010/03/20 17:28:07 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2010/03/20 17:26:12 | 000,021,640 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010/03/20 17:25:54 | 000,000,037 | ---- | M] () -- C:\WINDOWS\vbaddin.ini
[2010/03/20 17:25:54 | 000,000,036 | ---- | M] () -- C:\WINDOWS\vb.ini
[2010/03/20 17:22:55 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[2010/03/20 11:30:54 | 000,205,017 | ---- | M] () -- C:\Documents and Settings\jhn barrett\My Documents\ins3.xcf
[2010/03/20 01:31:38 | 000,335,330 | ---- | M] () -- C:\Documents and Settings\jhn barrett\My Documents\ins2.xcf
[2010/03/20 01:30:06 | 000,283,904 | ---- | M] () -- C:\Documents and Settings\jhn barrett\My Documents\ins.xcf
[2010/03/20 01:27:28 | 000,173,010 | ---- | M] () -- C:\Documents and Settings\jhn barrett\My Documents\dtop.xcf
[2010/03/12 18:02:38 | 000,261,632 | ---- | M] () -- C:\WINDOWS\PEV.exe

========== Files Created - No Company Name ==========

[2010/03/24 20:20:20 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/03/24 16:16:41 | 000,000,081 | ---- | C] () -- C:\(ôëtfbrqv
[2010/03/24 14:16:04 | 000,284,915 | ---- | C] () -- C:\Documents and Settings\jhn barrett\Desktop\gmer.zip
[2010/03/24 12:45:58 | 000,014,848 | ---- | C] () -- C:\Documents and Settings\jhn barrett\Desktop\otm text.wps
[2010/03/24 06:48:50 | 000,000,785 | ---- | C] () -- C:\Documents and Settings\jhn barrett\Desktop\subscribe.miro
[2010/03/24 06:47:00 | 000,001,819 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Miro.lnk
[2010/03/24 06:19:59 | 000,056,338 | ---- | C] () -- C:\Documents and Settings\jhn barrett\My Documents\Christiane_F..3503763.TPB.torrent
[2010/03/24 05:56:34 | 000,000,785 | ---- | C] () -- C:\Documents and Settings\jhn barrett\My Documents\subscribe.miro
[2010/03/24 05:56:04 | 000,257,422 | ---- | C] () -- C:\Documents and Settings\jhn barrett\My Documents\Christiane_F._-_Wir_Kinder_vom_Bahnhof_Zoo.5408545.TPB.torrent
[2010/03/24 05:40:49 | 000,673,809 | ---- | C] () -- C:\Documents and Settings\jhn barrett\My Documents\ConservativeTechnologyManifesto.pdf
[2010/03/24 05:07:07 | 000,235,370 | ---- | C] () -- C:\Documents and Settings\jhn barrett\My Documents\FixingBrokenPoliticsPartTwo.ashx
[2010/03/24 05:01:05 | 000,442,173 | ---- | C] () -- C:\Documents and Settings\jhn barrett\My Documents\FixingBrokenPoliticsPartOne.ashx
[2010/03/24 04:56:42 | 000,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2010/03/24 02:03:48 | 003,898,797 | R--- | C] () -- C:\Documents and Settings\jhn barrett\Desktop\ComboFix.exe
[2010/03/23 20:25:42 | 000,360,448 | ---- | C] () -- C:\Documents and Settings\jhn barrett\Desktop\kasp report 2.wps
[2010/03/23 15:11:47 | 002,672,312 | ---- | C] () -- C:\Documents and Settings\jhn barrett\Desktop\esetsmartinstaller_enu.exe
[2010/03/23 15:11:39 | 034,952,464 | ---- | C] () -- C:\Documents and Settings\jhn barrett\Desktop\drweb-cureit.exe
[2010/03/23 10:42:43 | 002,533,663 | ---- | C] () -- C:\Documents and Settings\jhn barrett\Desktop\installer_dr_web_cureit!_5_00_2_[10_03_2009]_English.exe
[2010/03/23 01:33:53 | 000,724,952 | ---- | C] () -- C:\Documents and Settings\jhn barrett\Desktop\avenger.zip
[2010/03/22 21:41:41 | 000,451,584 | ---- | C] () -- C:\Documents and Settings\jhn barrett\Desktop\CKScanner.exe
[2010/03/22 18:45:54 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2010/03/22 18:45:50 | 000,260,272 | ---- | C] () -- C:\cmldr
[2010/03/22 17:33:40 | 000,008,982 | ---- | C] () -- C:\Documents and Settings\jhn barrett\.recently-used.xbel
[2010/03/22 15:16:45 | 000,261,632 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010/03/22 15:16:45 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010/03/22 15:16:45 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010/03/22 15:16:45 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010/03/22 15:16:45 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010/03/22 05:41:29 | 000,000,790 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\GIMP 2.lnk
[2010/03/21 23:17:32 | 000,939,956 | ---- | C] () -- C:\Documents and Settings\jhn barrett\Desktop\7zip.exe
[2010/03/21 23:16:11 | 000,048,640 | ---- | C] () -- C:\Documents and Settings\jhn barrett\Desktop\malware remove.wps
[2010/03/21 04:53:24 | 000,000,246 | ---- | C] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2010/03/21 04:53:01 | 000,000,892 | ---- | C] () -- C:\Documents and Settings\jhn barrett\Desktop\DVDVideoSoft Free Studio.lnk
[2010/03/21 03:20:08 | 000,284,050 | ---- | C] () -- C:\Documents and Settings\jhn barrett\Desktop\James-Caans-Essential-Business-Tips.pdf
[2010/03/20 23:50:26 | 000,154,624 | ---- | C] () -- C:\Documents and Settings\jhn barrett\My Documents\bookmarks.wps
[2010/03/20 23:44:45 | 000,002,558 | ---- | C] () -- C:\Documents and Settings\jhn barrett\Application Data\wklnhst.dat
[2010/03/20 22:29:05 | 000,000,698 | ---- | C] () -- C:\Documents and Settings\jhn barrett\Desktop\Evrsoft First Page 2006.lnk
[2010/03/20 21:50:32 | 000,000,719 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\VLC media player.lnk
[2010/03/20 21:45:13 | 000,000,025 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2010/03/20 21:44:07 | 000,000,897 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\RealPlayer.lnk
[2010/03/20 18:31:58 | 000,001,617 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\ZTE Mobile Connection.lnk
[2010/03/20 18:23:10 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\jhn barrett\Desktop\K-Meleon.lnk
[2010/03/20 18:22:05 | 000,000,465 | ---- | C] () -- C:\Documents and Settings\jhn barrett\Desktop\Shortcut to whypay4it.net.lnk
[2010/03/20 18:01:00 | 000,155,648 | R--- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2010/03/20 18:00:56 | 000,141,016 | R--- | C] () -- C:\WINDOWS\System32\ALSNDMGR.WAV
[2010/03/20 17:57:02 | 000,067,380 | R--- | C] () -- C:\WINDOWS\System32\igfxhhun.lhp
[2010/03/20 17:57:02 | 000,063,938 | R--- | C] () -- C:\WINDOWS\System32\igfxhtrk.lhp
[2010/03/20 17:57:02 | 000,061,984 | R--- | C] () -- C:\WINDOWS\System32\igfxhsve.lhp
[2010/03/20 17:57:02 | 000,061,869 | R--- | C] () -- C:\WINDOWS\System32\igfxhtha.lhp
[2010/03/20 17:57:02 | 000,061,388 | R--- | C] () -- C:\WINDOWS\System32\igfxhptg.lhp
[2010/03/20 17:57:02 | 000,060,547 | R--- | C] () -- C:\WINDOWS\System32\igfxhell.lhp
[2010/03/20 17:57:02 | 000,060,436 | R--- | C] () -- C:\WINDOWS\System32\igfxhptb.lhp
[2010/03/20 17:57:02 | 000,060,216 | R--- | C] () -- C:\WINDOWS\System32\igfxhrus.lhp
[2010/03/20 17:57:02 | 000,059,760 | R--- | C] () -- C:\WINDOWS\System32\igfxhcsy.lhp
[2010/03/20 17:57:01 | 000,065,087 | R--- | C] () -- C:\WINDOWS\System32\igfxhkor.lhp
[2010/03/20 17:57:01 | 000,062,815 | R--- | C] () -- C:\WINDOWS\System32\igfxhplk.lhp
[2010/03/20 17:57:01 | 000,062,509 | R--- | C] () -- C:\WINDOWS\System32\igfxhdeu.lhp
[2010/03/20 17:57:01 | 000,061,950 | R--- | C] () -- C:\WINDOWS\System32\igfxhfrc.lhp
[2010/03/20 17:57:01 | 000,061,799 | R--- | C] () -- C:\WINDOWS\System32\igfxhfin.lhp
[2010/03/20 17:57:01 | 000,061,511 | R--- | C] () -- C:\WINDOWS\System32\igfxhfra.lhp
[2010/03/20 17:57:01 | 000,060,848 | R--- | C] () -- C:\WINDOWS\System32\igfxhesp.lhp
[2010/03/20 17:57:01 | 000,060,758 | R--- | C] () -- C:\WINDOWS\System32\igfxhjpn.lhp
[2010/03/20 17:57:01 | 000,060,476 | R--- | C] () -- C:\WINDOWS\System32\igfxhdan.lhp
[2010/03/20 17:57:01 | 000,059,861 | R--- | C] () -- C:\WINDOWS\System32\igfxharb.lhp
[2010/03/20 17:57:01 | 000,059,753 | R--- | C] () -- C:\WINDOWS\System32\igfxhara.lhp
[2010/03/20 17:57:01 | 000,059,448 | R--- | C] () -- C:\WINDOWS\System32\igfxhnld.lhp
[2010/03/20 17:57:01 | 000,059,350 | R--- | C] () -- C:\WINDOWS\System32\igfxhnor.lhp
[2010/03/20 17:57:01 | 000,059,095 | R--- | C] () -- C:\WINDOWS\System32\igfxhita.lhp
[2010/03/20 17:57:01 | 000,059,064 | R--- | C] () -- C:\WINDOWS\System32\igfxhheb.lhp
[2010/03/20 17:57:01 | 000,058,394 | R--- | C] () -- C:\WINDOWS\System32\igfxhcht.lhp
[2010/03/20 17:57:01 | 000,057,559 | R--- | C] () -- C:\WINDOWS\System32\igfxheng.lhp
[2010/03/20 17:57:01 | 000,057,430 | R--- | C] () -- C:\WINDOWS\System32\igfxhchs.lhp
[2010/03/20 17:57:00 | 000,056,937 | R--- | C] () -- C:\WINDOWS\System32\igfxhenu.lhp
[2010/03/20 17:36:49 | 000,000,178 | -HS- | C] () -- C:\Documents and Settings\jhn barrett\ntuser.ini
[2010/03/20 17:36:47 | 002,097,152 | -H-- | C] () -- C:\Documents and Settings\jhn barrett\NTUSER.DAT
[2010/03/20 17:34:25 | 000,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2010/03/20 17:33:15 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010/03/20 17:32:53 | 000,028,288 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xjis.nls
[2010/03/20 17:32:08 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prcp.nls
[2010/03/20 17:32:07 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prc.nls
[2010/03/20 17:32:06 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2010/03/20 17:31:38 | 000,047,066 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ksc.nls
[2010/03/20 17:31:37 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2010/03/20 17:31:29 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2010/03/20 17:31:28 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2010/03/20 17:31:25 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2010/03/20 17:31:17 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2010/03/20 17:31:12 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2010/03/20 17:31:08 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fpencode.dll
[2010/03/20 17:30:48 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2010/03/20 17:30:43 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_864.nls
[2010/03/20 17:30:43 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_862.nls
[2010/03/20 17:30:43 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_858.nls
[2010/03/20 17:30:43 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_870.nls
[2010/03/20 17:30:42 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_720.nls
[2010/03/20 17:30:42 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_708.nls
[2010/03/20 17:30:42 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28596.nls
[2010/03/20 17:30:42 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21027.nls
[2010/03/20 17:30:42 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21025.nls
[2010/03/20 17:30:41 | 000,180,770 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20932.nls
[2010/03/20 17:30:41 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20949.nls
[2010/03/20 17:30:41 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20936.nls
[2010/03/20 17:30:41 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20924.nls
[2010/03/20 17:30:41 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20880.nls
[2010/03/20 17:30:41 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20871.nls
[2010/03/20 17:30:41 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20838.nls
[2010/03/20 17:30:41 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20833.nls
[2010/03/20 17:30:41 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20424.nls
[2010/03/20 17:30:41 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20423.nls
[2010/03/20 17:30:40 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20420.nls
[2010/03/20 17:30:40 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20297.nls
[2010/03/20 17:30:40 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20290.nls
[2010/03/20 17:30:40 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20285.nls
[2010/03/20 17:30:40 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20284.nls
[2010/03/20 17:30:40 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20280.nls
[2010/03/20 17:30:40 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20278.nls
[2010/03/20 17:30:40 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20277.nls
[2010/03/20 17:30:40 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20273.nls
[2010/03/20 17:30:40 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20269.nls
[2010/03/20 17:30:40 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20108.nls
[2010/03/20 17:30:39 | 000,187,938 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20005.nls
[2010/03/20 17:30:39 | 000,186,402 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20001.nls
[2010/03/20 17:30:39 | 000,185,378 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20003.nls
[2010/03/20 17:30:39 | 000,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20004.nls
[2010/03/20 17:30:39 | 000,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20000.nls
[2010/03/20 17:30:39 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20002.nls
[2010/03/20 17:30:39 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20107.nls
[2010/03/20 17:30:39 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20106.nls
[2010/03/20 17:30:39 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20105.nls
[2010/03/20 17:30:38 | 000,189,986 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1361.nls
[2010/03/20 17:30:38 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1149.nls
[2010/03/20 17:30:38 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1148.nls
[2010/03/20 17:30:38 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1147.nls
[2010/03/20 17:30:38 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1146.nls
[2010/03/20 17:30:38 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1145.nls
[2010/03/20 17:30:38 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1144.nls
[2010/03/20 17:30:38 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1143.nls
[2010/03/20 17:30:38 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1142.nls
[2010/03/20 17:30:38 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1141.nls
[2010/03/20 17:30:37 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10003.nls
[2010/03/20 17:30:37 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10008.nls
[2010/03/20 17:30:37 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1140.nls
[2010/03/20 17:30:37 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1047.nls
[2010/03/20 17:30:37 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10021.nls
[2010/03/20 17:30:37 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10005.nls
[2010/03/20 17:30:37 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10004.nls
[2010/03/20 17:30:36 | 000,195,618 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10002.nls
[2010/03/20 17:30:36 | 000,162,850 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10001.nls
[2010/03/20 17:30:36 | 000,082,172 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bopomofo.nls
[2010/03/20 17:30:35 | 000,066,728 | ---- | C] () -- C:\WINDOWS\System32\dllcache\big5.nls
[2010/03/20 17:29:50 | 000,002,577 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/03/20 17:29:50 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2010/03/20 17:29:50 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2010/03/20 17:29:50 | 000,000,000 | ---- | C] () -- C:\CONFIG.SYS
[2010/03/20 17:29:50 | 000,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT
[2010/03/20 17:29:41 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2010/03/20 17:29:41 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2010/03/20 17:29:40 | 000,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2010/03/20 17:28:16 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\WindowsLogon.manifest
[2010/03/20 17:28:16 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2010/03/20 17:28:07 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2010/03/20 17:28:07 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\WindowsShell.Manifest
[2010/03/20 17:28:07 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2010/03/20 17:28:07 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2010/03/20 17:28:07 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2010/03/20 17:28:07 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2010/03/20 17:27:40 | 004,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex
[2010/03/20 17:27:10 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2010/03/20 17:27:10 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2010/03/20 17:27:04 | 000,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf
[2010/03/20 17:26:51 | 000,004,639 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.exe
[2010/03/20 17:26:39 | 000,376,320 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msinfo.dll
[2010/03/20 17:26:12 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010/03/20 17:24:43 | 000,065,954 | ---- | C] () -- C:\WINDOWS\Prairie Wind.bmp
[2010/03/20 17:24:43 | 000,065,832 | ---- | C] () -- C:\WINDOWS\Santa Fe Stucco.bmp
[2010/03/20 17:24:43 | 000,026,680 | ---- | C] () -- C:\WINDOWS\River Sumida.bmp
[2010/03/20 17:24:43 | 000,026,582 | ---- | C] () -- C:\WINDOWS\Greenstone.bmp
[2010/03/20 17:24:43 | 000,017,362 | ---- | C] () -- C:\WINDOWS\Rhododendron.bmp
[2010/03/20 17:24:43 | 000,009,522 | ---- | C] () -- C:\WINDOWS\Zapotec.bmp
[2010/03/20 17:24:42 | 000,093,702 | ---- | C] () -- C:\WINDOWS\System32\subrange.uce
[2010/03/20 17:24:42 | 000,065,978 | ---- | C] () -- C:\WINDOWS\Soap Bubbles.bmp
[2010/03/20 17:24:42 | 000,017,336 | ---- | C] () -- C:\WINDOWS\Gone Fishing.bmp
[2010/03/20 17:24:42 | 000,017,062 | ---- | C] () -- C:\WINDOWS\Coffee Bean.bmp
[2010/03/20 17:24:42 | 000,016,740 | ---- | C] () -- C:\WINDOWS\System32\shiftjis.uce
[2010/03/20 17:24:42 | 000,016,730 | ---- | C] () -- C:\WINDOWS\FeatherTexture.bmp
[2010/03/20 17:24:42 | 000,012,876 | ---- | C] () -- C:\WINDOWS\System32\korean.uce
[2010/03/20 17:24:42 | 000,001,272 | ---- | C] () -- C:\WINDOWS\Blue Lace 16.bmp
[2010/03/20 17:24:41 | 000,060,458 | ---- | C] () -- C:\WINDOWS\System32\ideograf.uce
[2010/03/20 17:24:41 | 000,024,006 | ---- | C] () -- C:\WINDOWS\System32\gb2312.uce
[2010/03/20 17:24:41 | 000,022,984 | ---- | C] () -- C:\WINDOWS\System32\bopomofo.uce
[2010/03/20 17:24:41 | 000,008,484 | ---- | C] () -- C:\WINDOWS\System32\kanji_2.uce
[2010/03/20 17:24:41 | 000,006,948 | ---- | C] () -- C:\WINDOWS\System32\kanji_1.uce
[2010/03/20 17:24:39 | 000,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h
[2010/03/20 17:24:39 | 000,001,161 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2010/03/20 17:24:38 | 000,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h
[2010/03/20 17:24:32 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc
[2010/03/20 17:16:40 | 001,685,606 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.spd
[2010/03/20 17:16:40 | 000,605,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa
[2010/03/20 17:16:40 | 000,000,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.sdf
[2010/03/20 17:16:39 | 000,643,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa
[2010/03/20 17:16:37 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28603.nls
[2010/03/20 17:16:37 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28603.nls
[2010/03/20 17:16:36 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_857.nls
[2010/03/20 17:16:36 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_857.nls
[2010/03/20 17:16:36 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28599.nls
[2010/03/20 17:16:36 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28599.nls
[2010/03/20 17:16:36 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10081.nls
[2010/03/20 17:16:36 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10081.nls
[2010/03/20 17:16:34 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28595.nls
[2010/03/20 17:16:34 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28595.NLS
[2010/03/20 17:16:34 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10017.nls
[2010/03/20 17:16:34 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10017.nls
[2010/03/20 17:16:34 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10007.nls
[2010/03/20 17:16:34 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10007.nls
[2010/03/20 17:16:32 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_869.nls
[2010/03/20 17:16:32 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_869.nls
[2010/03/20 17:16:32 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_737.nls
[2010/03/20 17:16:32 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_737.nls
[2010/03/20 17:16:32 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_875.nls
[2010/03/20 17:16:32 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_875.nls
[2010/03/20 17:16:32 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28597.nls
[2010/03/20 17:16:32 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28597.NLS
[2010/03/20 17:16:32 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10006.nls
[2010/03/20 17:16:32 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10006.nls
[2010/03/20 17:16:30 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_866.nls
[2010/03/20 17:16:30 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_866.nls
[2010/03/20 17:16:30 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_855.nls
[2010/03/20 17:16:30 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_855.nls
[2010/03/20 17:16:30 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28594.nls
[2010/03/20 17:16:30 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28594.NLS
[2010/03/20 17:16:28 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_852.nls
[2010/03/20 17:16:28 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_852.nls
[2010/03/20 17:16:28 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10082.nls
[2010/03/20 17:16:28 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10082.nls
[2010/03/20 17:16:28 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10029.nls
[2010/03/20 17:16:28 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10029.nls
[2010/03/20 17:16:28 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10010.nls
[2010/03/20 17:16:28 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10010.nls
[2010/03/20 17:16:27 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20127.nls
[2010/03/20 17:16:27 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_20127.nls
[2010/03/20 17:16:23 | 000,001,688 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2010/03/20 17:16:07 | 000,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2010/03/20 17:16:07 | 000,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2010/03/20 17:16:07 | 000,168,806 | ---- | C] () -- C:\WINDOWS\System32\dllcache\startoc.cat
[2010/03/20 17:16:07 | 000,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2010/03/20 17:16:07 | 000,031,281 | ---- | C] () -- C:\WINDOWS\System32\dllcache\FP4.CAT
[2010/03/20 17:16:07 | 000,024,209 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn7.cat
[2010/03/20 17:16:07 | 000,013,753 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IMS.CAT
[2010/03/20 17:16:07 | 000,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2010/03/20 17:16:07 | 000,011,651 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn9.cat
[2010/03/20 17:16:07 | 000,009,581 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSMSGS.CAT
[2010/03/20 17:16:07 | 000,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2010/03/20 17:16:07 | 000,007,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat
[2010/03/20 17:16:07 | 000,007,245 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSTSWEB.CAT
[2010/03/20 17:16:07 | 000,007,046 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2010/03/20 17:16:06 | 002,012,670 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5.CAT
[2010/03/20 17:16:06 | 001,042,903 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP2.CAT
[2010/03/20 17:16:06 | 000,382,952 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5INF.CAT
[2010/03/20 17:15:15 | 000,142,032 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/03/20 17:14:17 | 000,000,281 | RHS- | C] () -- C:\boot.ini
[2010/03/20 17:14:12 | 000,000,302 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf
[2010/03/20 12:31:41 | 000,205,017 | ---- | C] () -- C:\Documents and Settings\jhn barrett\My Documents\ins3.xcf
[2010/03/20 12:31:40 | 000,335,330 | ---- | C] () -- C:\Documents and Settings\jhn barrett\My Documents\ins2.xcf
[2010/03/20 12:31:40 | 000,283,904 | ---- | C] () -- C:\Documents and Settings\jhn barrett\My Documents\ins.xcf
[2010/03/20 12:31:40 | 000,173,010 | ---- | C] () -- C:\Documents and Settings\jhn barrett\My Documents\dtop.xcf
[2010/03/20 12:31:40 | 000,000,058 | ---- | C] () -- C:\Documents and Settings\jhn barrett\My Documents\ak2opp.bat
[2010/03/20 12:31:40 | 000,000,058 | ---- | C] () -- C:\Documents and Settings\jhn barrett\My Documents\2lktt.bat
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.DLL
[2004/08/04 12:00:00 | 001,906,560 | RHS- | C] () -- C:\WINDOWS\System32\heqxdc.dll
[2004/08/04 12:00:00 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[2004/08/04 12:00:00 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys

========== LOP Check ==========

[2010/03/21 20:52:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2010/03/22 05:46:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jhn barrett\Application Data\gtk-2.0
[2010/03/20 18:38:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jhn barrett\Application Data\K-Meleon
[2010/03/24 06:08:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jhn barrett\Application Data\Participatory Culture Foundation
[2010/03/20 23:44:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jhn barrett\Application Data\Template
[2010/03/24 20:01:01 | 000,000,246 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job

========== Purity Check ==========

< End of report >

#66
Rorschach112

Posted 24 March 2010 - 03:54 PM

Ralphie

Retired Staff
47,710 posts

that's the infection respawning, its so [bleep] aggressive

1. Please download The Avenger by Swandog46 to your Desktop.

Right click on the Avenger.zip folder and select "Extract All..."
Follow the prompts and extract the Avenger folder to your desktop
Make sure that the box next to Scan for rootkits has a tick in it and that the box next to Automatically disable any rootkits found does not have a tick in it.

2. Copy all the text contained in the code box below to your Clipboard by highlighting it and pressing (Ctrl+C):

Begin copying here:

Drivers to delete:
Windows Hosts Controller
Files to delete:
c:\windows\fonts\unwise_.exe
C:\(ôëtfbrqv
C:\WINDOWS\System32\heqxdc.dll

Note: the above code was created specifically for this user. If you are not this user, do NOT follow these directions as they could damage the workings of your system.

3. Now, open the avenger folder and start The Avenger program by clicking on its icon.

Right click on the window under Input script here:, and select Paste.
You can also click on this window and press (Ctrl+V) to paste the contents of the clipboard.
Click on Execute
Answer "Yes" twice when prompted.

4. The Avenger will automatically do the following:

It will Restart your computer. ( In cases where the code to execute contains "Drivers to Delete", The Avenger will actually restart your system twice.)
On reboot, it will briefly open a black command window on your desktop, this is normal.
After the restart, it creates a log file that should open with the results of Avenger’s actions. This log file will be located at C:\avenger.txt
The Avenger will also have backed up all the files, etc., that you asked it to delete, and will have zipped them and moved the zip archives to C:\avenger\backup.zip.

5. Please copy/paste the content of c:\avenger.txt into your reply

* I notice that you have no firewall on your PC, this is extremely dangerous and leaves your PC open to vulnerabilities, so please download and install one of the following programs : ZoneAlarm, Comodo, or
Outpost
Make sure you only use one firewall though. A tutorial on understanding and using firewalls may be found here.

* I notice that you have no anti-virus program on your PC, this is extremely dangerous and leaves your PC open to vulnerabilities, so please download and install one of the following programs :
AntiVir or avast!.

update mbam run a quick scan fix everything it finds, post that log here

Also update whatever anti-virus program you picked out, run a full scan, post that log here too. I recommend picking Avira out of those 3

#67
jhn-e-bee

Posted 24 March 2010 - 04:33 PM

Member

Topic Starter
Member
89 posts

I have had to disable firewall and anti-virus as the virus prevents me from getting online when they are on. I will try again. I use AVG normally and windows firewall.

#68
Rorschach112

Posted 24 March 2010 - 04:34 PM

Ralphie

Retired Staff
47,710 posts

ok no need to install new programs, just update and run a scan with avg

#69
jhn-e-bee

Posted 24 March 2010 - 04:35 PM

Member

Topic Starter
Member
89 posts

by the way, I assume i dont put 'begin copying here:' into avenger. Or do I?

#70
jhn-e-bee

Posted 24 March 2010 - 04:42 PM

Member

Topic Starter
Member
89 posts

here you go:

Logfile of The Avenger Version 2.0, © by Swandog46
http://swandog46.geekstogo.com

Platform: Windows XP

*******************

Script file opened successfully.
Script file read successfully.

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:

Rootkit scan active.
No rootkits found!

Error: registry key "\Registry\Machine\System\CurrentControlSet\Services\Windows Hosts Controller" not found!
Deletion of driver "Windows Hosts Controller" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist

Error: file "c:\windows\fonts\unwise_.exe" not found!
Deletion of file "c:\windows\fonts\unwise_.exe" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist

File "C:\(ôëtfbrqv" deleted successfully.
File "C:\WINDOWS\System32\heqxdc.dll" deleted successfully.

Completed script processing.

*******************

Finished! Terminate.

This thing is really peeing me off now. I am going to chuck this thing out the window in a minute!

#71
Rorschach112

Posted 24 March 2010 - 04:49 PM

Ralphie

Retired Staff
47,710 posts

I know what you mean, sadly with bad infections it can take time

#72
jhn-e-bee

Posted 24 March 2010 - 05:37 PM

Member

Topic Starter
Member
89 posts

OK, I cannot re install AVG as it has to go to the avg site to set-up, just tried to download avst again through cnet and it starts to download but really slowly. it was estimating 6 hrs to download. the avg was the same it started to download but really slowly(av 4kb/s) and kept stopping about 5% and stating 'check your internet connection'

I guess it is the virus stopping me going to AV websites. If we can get it to allow them again, i will try again.