PDA

View Full Version : Google Redirect Virus – Santa Clarita CA.


mrsr71
2010-12-21, 18:38
This is my first post and hopefully I’ve followed the procedures correctly.

My laptop is infected by a redirect virus, “Google Redirect” I presume. I’ve scanned using Norton 360, Malwarebytes, and SpyBot with no effect.

I’m connected to my Linksys router utilizing wifi only. The router is fed from a Time Warner cable modem.

I did a SpyBot scan and the results were negative.


DDS (Ver_10-12-12.02) - NTFSx86
Run by Dan Werner at 7:54:59.65 on Tue 12/21/2010
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1022.60 [GMT -8:00]

AV: Norton 360 *Enabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton 360 *Enabled*

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Memeo\AutoBackupPro\MemeoBackgroundService.exe
C:\Program Files\Norton 360\Engine\4.3.0.5\ccSvcHst.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe
C:\Program Files\Norton 360\Engine\4.3.0.5\ccSvcHst.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
C:\WINDOWS\stsystra.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\Google\Google Calendar Sync\GoogleCalendarSync.exe
C:\Program Files\ClickTray Calendar\ClickTray.exe
C:\Program Files\PdaNet for Android\PdaNetPC.exe
C:\Program Files\Seagate\Seagate Dashboard\MemeoDashboard.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Dan Werner\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.yahoo.com/
BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 6.0\acrobat\activex\AcroIEHelper.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\norton 360\engine\4.3.0.5\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton 360\engine\4.3.0.5\IPSBHO.DLL
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: AcroIEToolbarHelper Class: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\adobe\acrobat 6.0\acrobat\AcroIEFavClient.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5805.1910\swg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\adobe\acrobat 6.0\acrobat\AcroIEFavClient.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\norton 360\engine\4.3.0.5\coIEPlg.dll
EB: Adobe PDF: {182ec0be-5110-49c8-a062-beb1d02a220b} - c:\program files\adobe\acrobat 6.0\acrobat\AcroIEFavClient.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
mRun: [SigmatelSysTrayApp] stsystra.exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /installquiet
mRun: [NVHotkey] rundll32.exe nvHotkey.dll,Start
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [IntelZeroConfig] "c:\program files\intel\wireless\bin\ZCfgSvc.exe"
mRun: [IntelWireless] "c:\program files\intel\wireless\bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
mRun: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [<NO NAME>]
mRun: [RoxWatchTray] "c:\program files\common files\roxio shared\9.0\sharedcom\RoxWatchTray9.exe"
mRun: [Seagate Dashboard] c:\program files\seagate\seagate dashboard\MemeoLauncher.exe --silent --no_ui
mRun: [Memeo Backup Premium] c:\program files\memeo\autobackuppro\MemeoLauncher2.exe --silent --no_ui
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
StartupFolder: c:\docume~1\danwer~1\startm~1\programs\startup\clickt~1.lnk - c:\program files\clicktray calendar\ClickTray.exe
StartupFolder: c:\docume~1\danwer~1\startm~1\programs\startup\pdanet~1.lnk - c:\program files\pdanet for android\PdaNetPC.exe
StartupFolder: c:\docume~1\danwer~1\startm~1\programs\startup\seagat~1.lnk - c:\documents and settings\dan werner\application data\leadertech\powerregister\Seagate Product Registration.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\acroba~1.lnk - c:\program files\adobe\acrobat 6.0\distillr\acrotray.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\google~1.lnk - c:\program files\google\google calendar sync\GoogleCalendarSync.exe
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
Hosts: 127.0.0.1 www.spywareinfo.com

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\danwer~1\applic~1\mozilla\firefox\profiles\zp8eoqbx.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/
FF - prefs.js: network.proxy.type - 0
FF - component: c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_4.1.0.32\coffplgn\components\coFFPlgn.dll
FF - component: c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_4.1.0.32\ipsffplgn\components\IPSFFPl.dll
FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: AniWeather: {4176DFF4-4698-11DE-BEEB-45DA55D89593} - %profile%\extensions\{4176DFF4-4698-11DE-BEEB-45DA55D89593}
FF - Ext: Favicon Picker 2: {446c03e0-2c35-11db-a98b-0800200c9a66} - %profile%\extensions\{446c03e0-2c35-11db-a98b-0800200c9a66}
FF - Ext: NoRedirect: {c1970c0d-dbe6-4d91-804f-c9c0de643a57} - %profile%\extensions\{c1970c0d-dbe6-4d91-804f-c9c0de643a57}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\java\jre6\lib\deploy\jqs\ff
FF - Ext: Norton IPS: {BBDA0591-3099-440a-AA10-41764D9DB4DB} - c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_4.1.0.32\IPSFFPlgn
FF - Ext: Norton Toolbar: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62} - c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_4.1.0.32\coFFPlgn

============= SERVICES / DRIVERS ===============

R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\n360\0403000.005\symds.sys [2010-12-17 328752]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\n360\0403000.005\symefa.sys [2010-12-17 173104]
R1 BHDrvx86;BHDrvx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_4.1.0.32\definitions\bashdefs\20101123.003\BHDrvx86.sys [2010-11-23 691248]
R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\n360\0403000.005\cchpx86.sys [2010-12-17 501888]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\n360\0403000.005\ironx86.sys [2010-12-17 116784]
R2 MemeoBackgroundService;MemeoBackgroundService;c:\program files\memeo\autobackuppro\MemeoBackgroundService.exe [2010-4-22 25824]
R2 N360;Norton 360;c:\program files\norton 360\engine\4.3.0.5\ccsvchst.exe [2010-12-17 126392]
R2 SeagateDashboardService;Seagate Dashboard Service;c:\program files\seagate\seagate dashboard\SeagateDashboardService.exe [2010-4-30 14088]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2010-12-17 102448]
R3 IDSxpx86;IDSxpx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_4.1.0.32\definitions\ipsdefs\20101217.001\IDSXpx86.sys [2010-12-20 341944]
R3 NAVENG;NAVENG;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_4.1.0.32\definitions\virusdefs\20101221.002\NAVENG.SYS [2010-12-21 86008]
R3 NAVEX15;NAVEX15;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_4.1.0.32\definitions\virusdefs\20101221.002\NAVEX15.SYS [2010-12-21 1360760]
R3 pneteth;PdaNet Broadband;c:\windows\system32\drivers\pneteth.sys [2010-12-13 13312]
S0 cerc6;cerc6; [x]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-12-13 135664]

=============== Created Last 30 ================

2010-12-21 01:22:43 16968 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys
2010-12-21 01:21:28 -------- d-----w- c:\docume~1\alluse~1\applic~1\Hitman Pro
2010-12-19 21:53:15 -------- d-----w- c:\docume~1\danwer~1\locals~1\applic~1\Identities
2010-12-18 22:39:17 -------- d-----w- C:\tmp
2010-12-18 22:39:07 -------- d-----w- C:\Cool RingTone Maker
2010-12-17 23:43:36 385024 ----a-w- c:\windows\system32\vbar332.dll
2010-12-17 23:43:35 -------- d-----w- c:\program files\VoptXP v7
2010-12-17 20:22:41 501888 ----a-w- c:\windows\system32\drivers\n360\0403000.005\cchpx86.sys
2010-12-17 20:22:41 43696 ----a-w- c:\windows\system32\drivers\n360\0403000.005\srtspx.sys
2010-12-17 20:22:41 361904 ----a-w- c:\windows\system32\drivers\n360\0403000.005\symtdi.sys
2010-12-17 20:22:41 339504 ----a-w- c:\windows\system32\drivers\n360\0403000.005\symtdiv.sys
2010-12-17 20:22:41 328752 ----a-r- c:\windows\system32\drivers\n360\0403000.005\symds.sys
2010-12-17 20:22:41 325680 ----a-w- c:\windows\system32\drivers\n360\0403000.005\srtsp.sys
2010-12-17 20:22:41 173104 ----a-w- c:\windows\system32\drivers\n360\0403000.005\symefa.sys
2010-12-17 20:22:41 116784 ----a-w- c:\windows\system32\drivers\n360\0403000.005\ironx86.sys
2010-12-17 20:22:01 -------- d-----w- c:\windows\system32\drivers\n360\0403000.005
2010-12-16 20:26:50 107368 ----a-r- c:\windows\system32\GEARAspi.dll
2010-12-16 20:26:21 60808 ----a-w- c:\windows\system32\S32EVNT1.DLL
2010-12-16 20:26:21 124976 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2010-12-16 20:26:20 -------- d-----w- c:\program files\Symantec
2010-12-16 20:25:07 -------- d-----w- c:\windows\system32\drivers\N360
2010-12-16 20:25:03 -------- d-----w- c:\program files\Norton 360
2010-12-16 20:17:45 -------- d-----w- c:\program files\NortonInstaller
2010-12-16 18:45:28 -------- d-----w- c:\docume~1\danwer~1\applic~1\Tific
2010-12-15 20:03:37 221184 ----a-w- c:\windows\system32\wmpns.dll
2010-12-15 19:28:54 -------- d-----w- c:\program files\Garmin
2010-12-15 18:57:30 577 ----a-w- c:\windows\system32\gmsblist.dll
2010-12-15 18:57:06 -------- d-----w- c:\docume~1\danwer~1\locals~1\applic~1\Help
2010-12-15 18:54:59 -------- d-----w- c:\program files\GSAK
2010-12-15 01:26:53 -------- d-----w- c:\docume~1\danwer~1\locals~1\applic~1\WMTools Downloaded Files
2010-12-15 00:04:10 73728 ----a-w- c:\windows\system32\javacpl.cpl
2010-12-15 00:04:10 472808 ----a-w- c:\windows\system32\deployJava1.dll
2010-12-14 18:18:34 49152 ------w- c:\windows\system32\INETWH32.dll
2010-12-14 18:18:34 1089536 ------w- c:\windows\system32\ROBOEX32.DLL
2010-12-14 18:18:34 -------- d-----w- C:\Garmin
2010-12-14 04:56:03 -------- d-----w- c:\program files\HyperSnap-DX 4
2010-12-14 04:46:53 -------- d-----w- c:\program files\HyperSnap 6
2010-12-14 04:24:27 -------- d-----w- c:\program files\GlobalSCAPE
2010-12-14 04:24:07 77824 ----a-w- c:\program files\common files\installshield\engine\6\intel 32\ctor.dll
2010-12-14 04:24:07 32768 ----a-w- c:\program files\common files\installshield\engine\6\intel 32\objectps.dll
2010-12-14 04:24:07 225280 ----a-w- c:\program files\common files\installshield\iscript\iscript.dll
2010-12-14 04:24:07 176128 ----a-w- c:\program files\common files\installshield\engine\6\intel 32\iuser.dll
2010-12-14 04:24:06 614532 ------w- c:\program files\common files\installshield\engine\6\intel 32\IKernel.exe
2010-12-14 04:20:11 -------- d-----w- c:\program files\common files\Vbox
2010-12-14 04:18:36 306688 ----a-w- c:\windows\IsUninst.exe
2010-12-14 04:15:19 -------- d-----w- c:\program files\ClickTray Calendar
2010-12-14 03:46:51 -------- d-----w- c:\program files\Auction Sentry
2010-12-14 03:46:32 -------- d-----w- c:\windows\Downloaded Installations
2010-12-14 03:33:38 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-12-14 03:33:38 -------- d-----w- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy
2010-12-14 03:22:46 286720 ----a-w- c:\windows\iun506.exe
2010-12-14 02:54:51 13312 ----a-w- c:\windows\system32\drivers\pneteth.sys
2010-12-14 02:47:32 14640 ------w- c:\windows\system32\spmsgXP_2k3.dll
2010-12-14 02:47:00 32128 -c--a-w- c:\windows\system32\dllcache\usbccgp.sys
2010-12-14 02:47:00 32128 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2010-12-14 02:44:41 581192 ----a-w- c:\windows\system32\WinUSBCoInstaller.dll
2010-12-14 02:44:41 1112288 ----a-w- c:\windows\system32\WdfCoInstaller01007.dll
2010-12-14 02:44:40 -------- d-----w- c:\program files\PdaNet for Android
2010-12-14 01:07:48 37 ----a-w- c:\windows\system32\gr6rlzay.dll
2010-12-14 01:00:19 -------- d-----w- c:\docume~1\danwer~1\applic~1\GARMIN
2010-12-14 01:00:19 -------- d-----w- c:\docume~1\alluse~1\applic~1\GARMIN
2010-12-14 00:48:27 -------- d-----w- c:\windows\system32\XPSViewer
2010-12-14 00:48:00 89088 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
2010-12-14 00:47:42 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2010-12-14 00:47:42 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2010-12-14 00:47:42 597504 ------w- c:\windows\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe
2010-12-14 00:47:42 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2010-12-14 00:47:42 575488 ------w- c:\windows\system32\xpsshhdr.dll
2010-12-14 00:47:42 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2010-12-14 00:47:42 1676288 ------w- c:\windows\system32\xpssvcs.dll
2010-12-14 00:47:42 117760 ------w- c:\windows\system32\prntvpt.dll
2010-12-14 00:47:42 -------- d-----w- C:\30af5d22e69d662677
2010-12-14 00:36:31 -------- d-----w- c:\docume~1\danwer~1\locals~1\applic~1\Google
2010-12-13 23:48:13 -------- d-----w- C:\gsak
2010-12-13 23:28:42 -------- d-----w- C:\e18a05fd45ecaad9b471
2010-12-13 23:28:08 -------- d-----w- C:\drivers
2010-12-13 20:23:38 -------- d-----w- C:\DJ's 2010
2010-12-13 20:23:26 -------- d-----w- C:\c653913046ee4a6c69ae8de1105fed
2010-12-13 17:24:46 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-12-13 17:24:43 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-12-13 17:24:42 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-12-13 17:16:05 -------- d-----w- c:\docume~1\danwer~1\applic~1\Malwarebytes
2010-12-13 17:15:57 -------- d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes
2010-12-13 17:04:46 -------- d-----w- c:\docume~1\alluse~1\applic~1\PCSettings
2010-12-13 17:01:33 -------- d-----w- c:\docume~1\alluse~1\applic~1\NortonInstaller
2010-12-13 16:41:05 -------- d-----w- c:\docume~1\danwer~1\locals~1\applic~1\Symantec
2010-12-13 03:07:04 -------- d-----w- c:\docume~1\alluse~1\applic~1\MemeoCommon
2010-12-13 01:54:55 -------- d-----w- c:\docume~1\alluse~1\applic~1\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2010-12-13 01:54:18 -------- d-----w- c:\docume~1\alluse~1\applic~1\Norton
2010-12-13 01:52:27 -------- d-----w- c:\docume~1\danwer~1\applic~1\Memeo
2010-12-13 01:52:14 -------- d-----w- c:\docume~1\danwer~1\applic~1\Seagate
2010-12-13 01:50:46 -------- d-----w- c:\program files\common files\Memeo
2010-12-13 01:50:39 -------- d-----w- c:\program files\Memeo
2010-12-13 01:50:35 -------- d-----w- c:\docume~1\danwer~1\locals~1\applic~1\temp
2010-12-13 01:48:06 -------- d-----w- c:\program files\Seagate
2010-12-13 01:27:54 -------- d-----w- c:\docume~1\danwer~1\locals~1\applic~1\Adobe
2010-12-13 01:12:59 -------- d-----w- c:\docume~1\alluse~1\applic~1\Symantec
2010-12-13 00:48:29 -------- d-----w- c:\program files\common files\Symantec Shared
2010-12-13 00:41:34 -------- d-----w- c:\docume~1\danwer~1\applic~1\Symantec
2010-12-13 00:00:56 -------- d-----w- c:\windows\ie8updates
2010-12-13 00:00:07 21504 ----a-w- c:\windows\system32\drivers\hidserv.dll
2010-12-12 23:56:50 455680 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2010-12-12 23:52:49 602112 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2010-12-12 23:52:49 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2010-12-12 23:52:48 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll
2010-12-12 23:52:48 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2010-12-12 23:52:48 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2010-12-12 23:52:47 1991680 -c----w- c:\windows\system32\dllcache\iertutil.dll
2010-12-12 23:52:45 11080704 -c----w- c:\windows\system32\dllcache\ieframe.dll
2010-12-12 23:52:30 2146304 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2010-12-12 23:52:29 2189952 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe
2010-12-12 23:52:28 2024448 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2010-12-12 23:50:24 272128 -c----w- c:\windows\system32\dllcache\bthport.sys
2010-12-12 23:50:24 272128 ------w- c:\windows\system32\drivers\bthport.sys
2010-12-12 23:48:35 5120 ----a-w- c:\windows\system32\xpsp4res.dll
2010-12-12 23:46:26 -------- d-----w- c:\windows\system32\PreInstall
2010-12-12 23:46:24 -------- d--h--w- c:\windows\$hf_mig$
2010-12-12 23:37:02 -------- d-----w- c:\windows\system32\LogFiles
2010-12-12 23:35:57 -------- d-----w- c:\windows\system32\SoftwareDistribution
2010-12-12 22:27:51 -------- d-sh--w- c:\documents and settings\dan werner\IECompatCache
2010-12-12 22:27:33 -------- d-sh--w- c:\documents and settings\dan werner\PrivacIE
2010-12-12 22:27:09 -------- d-sh--w- c:\documents and settings\dan werner\IETldCache
2010-12-12 22:24:31 26144 ----a-w- c:\windows\system32\spupdsvc.exe
2010-12-12 22:23:45 -------- dc-h--w- c:\windows\ie8
2010-12-12 22:18:14 99176 ----a-w- c:\windows\system32\drivers\DRVMCDB.SYS
2010-12-12 22:18:14 92920 ----a-w- c:\windows\DLA.EXE
2010-12-12 22:18:14 56056 ----a-w- c:\windows\system32\DLAAPI_W.DLL
2010-12-12 22:18:14 51768 ----a-w- c:\windows\system32\drivers\DRVNDDM.SYS
2010-12-12 22:18:14 28120 ----a-w- c:\windows\system32\drivers\DLARTL_M.SYS
2010-12-12 22:18:14 12856 ----a-w- c:\windows\system32\drivers\DLACDBHM.SYS
2010-12-12 22:18:14 -------- d-----w- c:\windows\system32\DLA
2010-12-12 22:15:03 819200 ----a-w- c:\program files\windows media player\wmsetsdk.exe
2010-12-12 22:15:03 47616 ----a-w- c:\program files\windows media player\msoobci.dll
2010-12-12 22:14:45 -------- d-----w- c:\windows\RegisteredPackages
2010-12-12 22:14:18 -------- d-----w- c:\program files\common files\SureThing Shared
2010-12-12 22:13:43 -------- d-----w- c:\program files\common files\Sonic Shared
2010-12-12 22:13:04 -------- d-----w- c:\program files\Roxio
2010-12-12 22:06:04 28552 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\mdippr.dll
2010-12-12 22:06:04 28040 ----a-w- c:\windows\system32\mdimon.dll
2010-12-12 22:05:26 -------- d-----w- c:\program files\common files\L&H
2010-12-12 22:05:13 -------- d-----w- c:\program files\Microsoft ActiveSync
2010-12-12 22:04:39 -------- d-----w- c:\windows\SHELLNEW
2010-12-12 21:56:24 21425 ----a-w- c:\windows\system32\drivers\AegisP.sys
2010-12-12 21:55:48 679936 ----a-w- c:\windows\system32\NETw4c32.dll
2010-12-12 21:55:48 2756608 ----a-w- c:\windows\system32\NETw4r32.dll
2010-12-12 21:55:48 2203520 ----a-w- c:\windows\system32\drivers\NETw4x32.sys
2010-12-12 21:34:59 -------- d-----w- c:\windows\system32\wbem\repository\FS
2010-12-12 21:34:59 -------- d-----w- c:\windows\system32\wbem\Repository
2010-12-12 21:34:19 -------- d-----w- c:\program files\Broadcom
2010-12-12 21:28:54 26368 -c--a-w- c:\windows\system32\dllcache\usbstor.sys
2010-12-12 21:03:59 958464 ----a-w- c:\windows\system32\nvmobls.dll
2010-12-12 21:02:56 -------- d-----w- c:\docume~1\danwer~1\applic~1\Intel
2010-12-12 21:02:50 319488 ----a-w- c:\windows\system32\AegisI5Installer.exe
2010-12-12 21:01:16 45568 ----a-r- c:\windows\system32\drivers\bcm4sbxp.sys

==================== Find3M ====================

2010-11-18 18:12:44 81920 ----a-w- c:\windows\system32\isign32.dll
2010-11-06 00:26:58 916480 ----a-w- c:\windows\system32\wininet.dll
2010-11-06 00:26:58 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-11-06 00:26:58 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2010-11-03 12:25:54 385024 ----a-w- c:\windows\system32\html.iec
2010-10-28 13:13:22 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-10-26 13:25:00 1853312 ----a-w- c:\windows\system32\win32k.sys

============= FINISH: 7:56:40.85 ===============
ken545
2010-12-23, 22:39
:snwelcome:


Please read Before You Post (http://forums.spybot.info/showthread.php?t=288)
While best efforts are made to assist in removing infections safely, unexpected stuff can happen. It is advisable that you back up your important data before starting any clean up procedure. Neither Safer Networking Forums nor the Analyst providing the advice may be held responsible for any loss.

Until we deem your system clean I am going to ask you not to install or uninstall any software or hardware except for the programs we may run.


Did Malwarebytes find anything to remove, if so open the program and go to the Reports Tab , open the last scan you ran that found threats and copy and paste it in this thread for me to see.




Scan With RootKitUnHooker


Please choose one link and download Rootkit Unhooker and save it to your desktop.
Link 1 (http://www.kernelmode.info/ARKs/RKUnhookerLE.EXE)
Link 2 (http://www.kernelmode.info/ARKs/RKUnhookerLE.zip)
Link 3 (http://www.kernelmode.info/ARKs/RkU3.8.388.590.rar)

Now double-click on RKUnhookerLE.exe to run it.
Click the Report tab, then click Scan.
Check (Tick) Drivers and Stealth
Uncheck the rest. then click OK
When prompted to Select Disks for Scan, make sure C:\ is checked and click OK
Wait till the scanner has finished and then click File > Save Report.
Save the report somewhere where you can find it. Click Close.
Copy the entire contents of the report and paste it in your next reply.


Note** you may get the following warning, just click OK and continue.

"Rootkit Unhooker has detected a parasite inside itself!
It is recommended to remove parasite, okay?"
mrsr71
2010-12-23, 23:21
RkU Version: 3.8.388.590, Type LE (SR2)
==============================================
OS Name: Windows XP
Version 5.1.2600 (Service Pack 3)
Number of processors #2
==============================================
>Drivers
==============================================
0xF679B000 C:\WINDOWS\system32\DRIVERS\nv4_mini.sys 6352896 bytes (NVIDIA Corporation, NVIDIA Compatible Windows 2000 Miniport Driver, Version 101.38 )
0xBF012000 C:\WINDOWS\System32\nv4_disp.dll 5468160 bytes (NVIDIA Corporation, NVIDIA Compatible Windows 2000 Display driver, Version 101.38 )
0xB7699000 C:\WINDOWS\system32\DRIVERS\NETw4x32.sys 2203648 bytes (Intel Corporation, Intel® Wireless WiFi Link Driver)
0x804D7000 C:\WINDOWS\system32\ntkrnlpa.exe 2150400 bytes (Microsoft Corporation, NT Kernel & System)
0x804D7000 PnpManager 2150400 bytes
0x804D7000 RAW 2150400 bytes
0x804D7000 WMIxWDM 2150400 bytes
0xBF800000 Win32k 1855488 bytes
0xBF800000 C:\WINDOWS\System32\win32k.sys 1855488 bytes (Microsoft Corporation, Multi-User Win32 Driver)
0xB7AD9000 C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\VirusDefs\20101223.002\NAVEX15.SYS 1355776 bytes (Symantec Corporation, AV Engine)
0xF5179000 C:\WINDOWS\system32\drivers\sthda.sys 1171456 bytes (SigmaTel, Inc., NDRC)
0xF502F000 C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys 991232 bytes (Conexant Systems, Inc., HSF_DP driver)
0xF4F7C000 C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys 733184 bytes (Conexant Systems, Inc., HSF_CNXT driver)
0xF404A000 C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\BASHDefs\20101123.003\BHDrvx86.sys 704512 bytes (Symantec Corporation, BASH Driver)
0xF7338000 Ntfs.sys 577536 bytes (Microsoft Corporation, NT File System Driver)
0xF40F6000 C:\WINDOWS\system32\drivers\N360\0403000.005\ccHPx86.sys 520192 bytes (Symantec Corporation, Common Client Hash Provider Driver)
0xB78DE000 C:\WINDOWS\system32\DRIVERS\Wdf01000.sys 507904 bytes (Microsoft Corporation, WDF Dynamic)
0xF41F0000 C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 458752 bytes (Microsoft Corporation, Windows NT SMB Minirdr)
0xF4192000 C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys 385024 bytes (Symantec Corporation, Symantec Eraser Control Driver)
0xF63A7000 C:\WINDOWS\system32\DRIVERS\update.sys 385024 bytes (Microsoft Corporation, Update Driver)
0xF43D2000 C:\WINDOWS\system32\DRIVERS\tcpip.sys 364544 bytes (Microsoft Corporation, TCP/IP Protocol Driver)
0xF42D5000 C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\IPSDefs\20101222.001\IDSxpx86.sys 360448 bytes (Symantec Corporation, IDS Core Driver)
0xBA1BE000 C:\WINDOWS\system32\DRIVERS\srv.sys 360448 bytes (Microsoft Corporation, Server driver)
0xF467D000 C:\WINDOWS\System32\Drivers\N360\0403000.005\SRTSP.SYS 356352 bytes (Symantec Corporation, Symantec AutoProtect)
0xF4353000 C:\WINDOWS\System32\Drivers\N360\0403000.005\SYMTDI.SYS 356352 bytes (Symantec Corporation, Network Dispatch Driver)
0xF7431000 SYMDS.SYS 352256 bytes
0xF64A8000 C:\WINDOWS\system32\DRIVERS\rixdptsk.sys 331776 bytes (REDC, RICOH XD SM Driver)
0xBFFA0000 C:\WINDOWS\System32\ATMFD.DLL 290816 bytes (Adobe Systems Incorporated, Windows NT OpenType/Type 1 Font Driver)
0xB8A97000 C:\WINDOWS\System32\Drivers\HTTP.sys 266240 bytes (Microsoft Corporation, HTTP Protocol Stack)
0xF5121000 C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys 212992 bytes (Conexant Systems, Inc., HSF_HWAZL WDM driver)
0xF642D000 C:\WINDOWS\system32\DRIVERS\rdpdr.sys 196608 bytes (Microsoft Corporation, Microsoft RDP Device redirector)
0xF7515000 ACPI.sys 188416 bytes (Microsoft Corporation, ACPI Driver for NT)
0xBA3CE000 C:\WINDOWS\system32\DRIVERS\mrxdav.sys 184320 bytes (Microsoft Corporation, Windows NT WebDav Minirdr)
0xF730B000 NDIS.sys 184320 bytes (Microsoft Corporation, NDIS 5.1 wrapper driver)
0xF73F2000 SYMEFA.SYS 184320 bytes
0xB764A000 C:\WINDOWS\system32\drivers\kmixer.sys 176128 bytes (Microsoft Corporation, Kernel Mode Audio Mixer)
0xF4260000 C:\WINDOWS\system32\DRIVERS\rdbss.sys 176128 bytes (Microsoft Corporation, Redirected Drive Buffering SubSystem Driver)
0xF673B000 C:\WINDOWS\system32\DRIVERS\HDAudBus.sys 163840 bytes (Windows (R) Server 2003 DDK provider, High Definition Audio Bus Driver v1.0a)
0xF42AD000 C:\WINDOWS\system32\DRIVERS\netbt.sys 163840 bytes (Microsoft Corporation, MBT Transport driver)
0xF74BF000 dmio.sys 155648 bytes (Microsoft Corp., Veritas Software, NT Disk Manager I/O Driver)
0xF432D000 C:\WINDOWS\system32\DRIVERS\ipnat.sys 155648 bytes (Microsoft Corporation, IP Network Address Translator)
0xF4472000 C:\WINDOWS\system32\Drivers\SYMEVENT.SYS 151552 bytes (Symantec Corporation, Symantec Event Library)
0xB7675000 C:\WINDOWS\System32\Drivers\Fastfat.SYS 147456 bytes (Microsoft Corporation, Fast FAT File System Driver)
0xF5155000 C:\WINDOWS\system32\drivers\portcls.sys 147456 bytes (Microsoft Corporation, Port Class (Class Driver for Port/Miniport Devices))
0xF6763000 C:\WINDOWS\system32\DRIVERS\USBPORT.SYS 147456 bytes (Microsoft Corporation, USB 1.1 & 2.0 Port Driver)
0xF6485000 C:\WINDOWS\system32\DRIVERS\ks.sys 143360 bytes (Microsoft Corporation, Kernel CSA Library)
0xF428B000 C:\WINDOWS\System32\drivers\afd.sys 139264 bytes (Microsoft Corporation, Ancillary Function Driver for WinSock)
0x806E4000 ACPI_HAL 134400 bytes
0x806E4000 C:\WINDOWS\system32\hal.dll 134400 bytes (Microsoft Corporation, Hardware Abstraction Layer DLL)
0xF7487000 fltMgr.sys 131072 bytes (Microsoft Corporation, Microsoft Filesystem Filter Manager)
0xF74E5000 ftdisk.sys 126976 bytes (Microsoft Corporation, FT Disk Driver)
0xF45E2000 C:\WINDOWS\system32\drivers\N360\0403000.005\Ironx86.SYS 126976 bytes (Symantec Corporation, Iron Driver)
0xF4175000 C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys 118784 bytes (Symantec Corporation, Symantec Eraser Utility Driver)
0xF72F1000 Mup.sys 106496 bytes (Microsoft Corporation, Multiple UNC Provider driver)
0xF74A7000 atapi.sys 98304 bytes (Microsoft Corporation, IDE/ATAPI Port Driver)
0xBA6A8000 C:\WINDOWS\System32\DLA\DLAIFS_M.SYS 98304 bytes (Roxio, Drive Letter Access Component)
0xF4032000 C:\WINDOWS\System32\Drivers\dump_atapi.sys 98304 bytes
0xBA67B000 C:\WINDOWS\System32\DLA\DLAUDF_M.SYS 94208 bytes (Roxio, Drive Letter Access Component)
0xF73C5000 KSecDD.sys 94208 bytes (Microsoft Corporation, Kernel Security Support Provider Interface)
0xF646E000 C:\WINDOWS\system32\DRIVERS\ndiswan.sys 94208 bytes (Microsoft Corporation, MS PPP Framing Driver (Strong Encryption))
0xBA692000 C:\WINDOWS\System32\DLA\DLAUDFAM.SYS 90112 bytes (Roxio, Drive Letter Access Component)
0xF73DC000 DRVMCDB.SYS 90112 bytes (Sonic Solutions, Device Driver)
0xBA131000 C:\WINDOWS\system32\drivers\wdmaud.sys 86016 bytes (Microsoft Corporation, MMSYSTEM Wave/Midi API mapper)
0xB7AC5000 C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\VirusDefs\20101223.002\NAVENG.SYS 81920 bytes (Symantec Corporation, AV Engine)
0xF64F9000 C:\WINDOWS\system32\DRIVERS\rimsptsk.sys 81920 bytes (REDC, RICOH MS Driver)
0xF650D000 C:\WINDOWS\system32\DRIVERS\sdbus.sys 81920 bytes (Microsoft Corporation, SecureDigital Bus Driver)
0xF6787000 C:\WINDOWS\system32\DRIVERS\VIDEOPRT.SYS 81920 bytes (Microsoft Corporation, Video Port Driver)
0xF442B000 C:\WINDOWS\system32\DRIVERS\ipsec.sys 77824 bytes (Microsoft Corporation, IPSec Driver)
0xBF000000 C:\WINDOWS\System32\drivers\dxg.sys 73728 bytes (Microsoft Corporation, DirectX Graphics Driver)
0xF741F000 sr.sys 73728 bytes (Microsoft Corporation, System Restore Filesystem Filter Driver)
0xF7504000 pci.sys 69632 bytes (Microsoft Corporation, NT Plug and Play PCI Enumerator)
0xF645D000 C:\WINDOWS\system32\DRIVERS\psched.sys 69632 bytes (Microsoft Corporation, MS QoS Packet Scheduler)
0xF631F000 C:\WINDOWS\System32\Drivers\Cdfs.SYS 65536 bytes (Microsoft Corporation, CD-ROM File System Driver)
0xF7814000 C:\WINDOWS\system32\DRIVERS\cdrom.sys 65536 bytes (Microsoft Corporation, SCSI CD-ROM Driver)
0xF7654000 ohci1394.sys 65536 bytes (Microsoft Corporation, 1394 OpenHCI Port Driver)
0xF76D4000 C:\WINDOWS\system32\drivers\drmk.sys 61440 bytes (Microsoft Corporation, Microsoft Kernel DRM Descrambler Filter)
0xF7824000 C:\WINDOWS\system32\DRIVERS\redbook.sys 61440 bytes (Microsoft Corporation, Redbook Audio Filter Driver)
0xBA256000 C:\WINDOWS\system32\drivers\sysaudio.sys 61440 bytes (Microsoft Corporation, System Audio WDM Filter)
0xF78A4000 C:\WINDOWS\system32\DRIVERS\usbhub.sys 61440 bytes (Microsoft Corporation, Default Hub Driver for USB)
0xF7664000 C:\WINDOWS\system32\DRIVERS\1394BUS.SYS 57344 bytes (Microsoft Corporation, 1394 Bus Device Driver)
0xF77E4000 C:\WINDOWS\system32\DRIVERS\rimmptsk.sys 57344 bytes (REDC, RICOH MMC Driver)
0xF76A4000 C:\WINDOWS\system32\DRIVERS\CLASSPNP.SYS 53248 bytes (Microsoft Corporation, SCSI Class System Dll)
0xF77F4000 C:\WINDOWS\system32\DRIVERS\i8042prt.sys 53248 bytes (Microsoft Corporation, i8042 Port Driver)
0xF7834000 C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 53248 bytes (Microsoft Corporation, RAS L2TP mini-port/call-manager driver)
0xF7684000 VolSnap.sys 53248 bytes (Microsoft Corporation, Volume Shadow Copy Driver)
0xB87E7000 C:\WINDOWS\system32\DRIVERS\WDFLDR.SYS 53248 bytes (Microsoft Corporation, WDFLDR)
0xF7854000 C:\WINDOWS\system32\DRIVERS\raspptp.sys 49152 bytes (Microsoft Corporation, Peer-to-Peer Tunneling Protocol)
0xF3FCA000 C:\WINDOWS\System32\Drivers\DRVNDDM.SYS 45056 bytes (Roxio, Device Driver Manager)
0xF633F000 C:\WINDOWS\System32\Drivers\Fips.SYS 45056 bytes (Microsoft Corporation, FIPS Crypto Driver)
0xF7804000 C:\WINDOWS\system32\DRIVERS\imapi.sys 45056 bytes (Microsoft Corporation, IMAPI Kernel Driver)
0xF7674000 MountMgr.sys 45056 bytes (Microsoft Corporation, Mount Manager)
0xF7844000 C:\WINDOWS\system32\DRIVERS\raspppoe.sys 45056 bytes (Microsoft Corporation, RAS PPPoE mini-port/call-manager driver)
0xF7644000 isapnp.sys 40960 bytes (Microsoft Corporation, PNP ISA Bus Driver)
0xF7884000 C:\WINDOWS\System32\Drivers\NDProxy.SYS 40960 bytes (Microsoft Corporation, NDIS Proxy)
0xF7784000 C:\WINDOWS\system32\drivers\N360\0403000.005\SRTSPX.SYS 40960 bytes (Symantec Corporation, Symantec AutoProtect)
0xF7874000 C:\WINDOWS\system32\DRIVERS\termdd.sys 40960 bytes (Microsoft Corporation, Terminal Server Driver)
0xF7694000 disk.sys 36864 bytes (Microsoft Corporation, PnP Disk Driver)
0xB863F000 C:\WINDOWS\system32\DRIVERS\HIDCLASS.SYS 36864 bytes (Microsoft Corporation, Hid Class Library)
0xF77D4000 C:\WINDOWS\system32\DRIVERS\intelppm.sys 36864 bytes (Microsoft Corporation, Processor Device Driver)
0xF7864000 C:\WINDOWS\system32\DRIVERS\msgpc.sys 36864 bytes (Microsoft Corporation, MS General Packet Classifier)
0xF634F000 C:\WINDOWS\system32\DRIVERS\netbios.sys 36864 bytes (Microsoft Corporation, NetBIOS interface driver)
0xB79BA000 C:\WINDOWS\System32\Drivers\Normandy.SYS 36864 bytes (RKU Driver)
0xF76B4000 PxHelp20.sys 36864 bytes (Sonic Solutions, Px Engine Device Driver for Windows 2000/XP)
0xF77C4000 C:\WINDOWS\system32\DRIVERS\wanarp.sys 36864 bytes (Microsoft Corporation, MS Remote Access and Routing ARP Driver)
0xF799C000 C:\WINDOWS\System32\Drivers\Modem.SYS 32768 bytes (Microsoft Corporation, Modem Device Driver)
0xF78FC000 C:\WINDOWS\System32\Drivers\Npfs.SYS 32768 bytes (Microsoft Corporation, NPFS Driver)
0xF7964000 C:\WINDOWS\system32\DRIVERS\usbehci.sys 32768 bytes (Microsoft Corporation, EHCI eUSB Miniport Driver)
0xF79C4000 C:\WINDOWS\System32\DLA\DLABMFSM.SYS 28672 bytes (Roxio, Drive Letter Access Component)
0xF79CC000 C:\WINDOWS\System32\DLA\DLABOIOM.SYS 28672 bytes (Roxio, Drive Letter Access Component)
0xF79B4000 C:\WINDOWS\system32\DRIVERS\HIDPARSE.SYS 28672 bytes (Microsoft Corporation, Hid Parsing Library)
0xF7954000 C:\WINDOWS\system32\DRIVERS\NuidFltr.sys 28672 bytes (Microsoft Corporation, Filter Driver for Microsoft Hardware HID Non-User Input Data)
0xF78C4000 C:\WINDOWS\system32\DRIVERS\PCIIDEX.SYS 28672 bytes (Microsoft Corporation, PCI IDE Bus Driver Extension)
0xF7A44000 C:\WINDOWS\System32\Drivers\DLARTL_M.SYS 24576 bytes (Roxio, Shared Driver Component)
0xF797C000 C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys 24576 bytes (GEAR Software Inc., CD DVD Filter)
0xF7974000 C:\WINDOWS\system32\DRIVERS\kbdclass.sys 24576 bytes (Microsoft Corporation, Keyboard Class Driver)
0xF796C000 C:\WINDOWS\system32\DRIVERS\mouclass.sys 24576 bytes (Microsoft Corporation, Mouse Class Driver)
0xF795C000 C:\WINDOWS\system32\DRIVERS\usbuhci.sys 24576 bytes (Microsoft Corporation, UHCI USB Miniport Driver)
0xF7A4C000 C:\WINDOWS\System32\drivers\vga.sys 24576 bytes (Microsoft Corporation, VGA/Super VGA Video Driver)
0xF79DC000 C:\WINDOWS\system32\DRIVERS\AegisP.sys 20480 bytes (Meetinghouse Data Communications, IEEE 802.1X Protocol Driver)
0xF79AC000 C:\WINDOWS\System32\DLA\DLAOPIOM.SYS 20480 bytes (Roxio, Drive Letter Access Component)
0xF78DC000 C:\WINDOWS\System32\Drivers\Msfs.SYS 20480 bytes (Microsoft Corporation, Mailslot driver)
0xF78CC000 PartMgr.sys 20480 bytes (Microsoft Corporation, Partition Manager)
0xF798C000 C:\WINDOWS\system32\DRIVERS\ptilink.sys 20480 bytes (Parallel Technologies, Inc., Parallel Technologies DirectParallel IO Library)
0xF7994000 C:\WINDOWS\system32\DRIVERS\raspti.sys 20480 bytes (Microsoft Corporation, PTI DirectParallel(R) mini-port/call-manager driver)
0xF7984000 C:\WINDOWS\system32\DRIVERS\TDI.SYS 20480 bytes (Microsoft Corporation, TDI Wrapper)
0xF792C000 C:\WINDOWS\System32\watchdog.sys 20480 bytes (Microsoft Corporation, Watchdog Driver)
0xF7A5C000 C:\WINDOWS\system32\DRIVERS\BATTC.SYS 16384 bytes (Microsoft Corporation, Battery Class Driver)
0xF7B38000 C:\WINDOWS\system32\DRIVERS\CmBatt.sys 16384 bytes (Microsoft Corporation, Control Method Battery Driver)
0xBA407000 C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys 16384 bytes (Conexant, Diagnostic Interface x86 Driver)
0xF72B1000 C:\WINDOWS\system32\DRIVERS\mssmbios.sys 16384 bytes (Microsoft Corporation, System Management BIOS Driver)
0xBA65F000 C:\WINDOWS\system32\DRIVERS\ndisuio.sys 16384 bytes (Microsoft Corporation, NDIS User mode I/O Driver)
0xF72C5000 C:\WINDOWS\system32\DRIVERS\pneteth.sys 16384 bytes (June Fabrics Technology Inc., PdaNet Broadband Adapter Driver)
0xBA6F0000 C:\WINDOWS\system32\DRIVERS\s24trans.sys 16384 bytes (Intel Corporation, Intel WLAN Packet Driver)
0xF7A54000 C:\WINDOWS\system32\BOOTVID.dll 12288 bytes (Microsoft Corporation, VGA Boot Driver)
0xF7A58000 compbatt.sys 12288 bytes (Microsoft Corporation, Composite Battery Driver)
0xF52B7000 C:\WINDOWS\System32\drivers\Dxapi.sys 12288 bytes (Microsoft Corporation, DirectX API Driver)
0xB9923000 C:\WINDOWS\system32\DRIVERS\hidusb.sys 12288 bytes (Microsoft Corporation, USB Miniport Driver for Input Devices)
0xF52B3000 C:\WINDOWS\system32\DRIVERS\mouhid.sys 12288 bytes (Microsoft Corporation, HID Mouse Filter Driver)
0xF7B40000 C:\WINDOWS\system32\DRIVERS\ndistapi.sys 12288 bytes (Microsoft Corporation, NDIS 3.0 connection wrapper driver)
0xF46E8000 C:\WINDOWS\system32\DRIVERS\rasacd.sys 12288 bytes (Microsoft Corporation, RAS Automatic Connection Driver)
0xF7B3C000 C:\WINDOWS\system32\DRIVERS\wmiacpi.sys 12288 bytes (Microsoft Corporation, Windows Management Interface for ACPI)
0xF7BE0000 C:\WINDOWS\System32\Drivers\Beep.SYS 8192 bytes (Microsoft Corporation, BEEP Driver)
0xF7B66000 C:\WINDOWS\System32\Drivers\DLACDBHM.SYS 8192 bytes (Roxio, Shared Driver Component)
0xF7B9C000 C:\WINDOWS\System32\DLA\DLAPoolM.SYS 8192 bytes (Roxio, Drive Letter Access Component)
0xF7B48000 dmload.sys 8192 bytes (Microsoft Corp., Veritas Software., NT Disk Manager Startup Driver)
0xF7BEE000 C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS 8192 bytes
0xF7BDE000 C:\WINDOWS\System32\Drivers\Fs_Rec.SYS 8192 bytes (Microsoft Corporation, File System Recognizer Driver)
0xF7B44000 C:\WINDOWS\system32\KDCOM.DLL 8192 bytes (Microsoft Corporation, Kernel Debugger HW Extension DLL)
0xF7BE2000 C:\WINDOWS\System32\Drivers\mnmdd.SYS 8192 bytes (Microsoft Corporation, Frame buffer simulator)
0xF7BE4000 C:\WINDOWS\System32\DRIVERS\RDPCDD.sys 8192 bytes (Microsoft Corporation, RDP Miniport)
0xF7B68000 C:\WINDOWS\system32\DRIVERS\swenum.sys 8192 bytes (Microsoft Corporation, Plug and Play Software Device Enumerator)
0xF7B6C000 C:\WINDOWS\system32\DRIVERS\USBD.SYS 8192 bytes (Microsoft Corporation, Universal Serial Bus Driver)
0xF7B46000 C:\WINDOWS\system32\DRIVERS\WMILIB.SYS 8192 bytes (Microsoft Corporation, WMILIB WMI support library Dll)
0xF7C7D000 C:\WINDOWS\system32\DRIVERS\audstub.sys 4096 bytes (Microsoft Corporation, AudStub Driver)
0xF7D49000 C:\WINDOWS\System32\DLA\DLADResM.SYS 4096 bytes (Roxio, Drive Letter Access Component)
0xF7D8F000 C:\WINDOWS\System32\drivers\dxgthk.sys 4096 bytes (Microsoft Corporation, DirectX Graphics Driver Thunk)
0xF7D27000 C:\WINDOWS\System32\Drivers\Null.SYS 4096 bytes (Microsoft Corporation, NULL Driver)
0xF7C0C000 pciide.sys 4096 bytes (Microsoft Corporation, Generic PCI IDE Bus Driver)
==============================================
>Stealth
==============================================
0x06DF0000 Hidden Image-->System.Transactions.dll [ EPROCESS 0x82EA39E0 ] PID: 676, 270336 bytes
0x06910000 Hidden Image-->System.Data.dll [ EPROCESS 0x82EA39E0 ] PID: 676, 2961408 bytes
0x03BF0000 Hidden Image-->System.Runtime.Remoting.dll [ EPROCESS 0x8304E440 ] PID: 400, 307200 bytes
0x00C00000 Hidden Image-->System.Runtime.Remoting.dll [ EPROCESS 0x82F08910 ] PID: 3452, 307200 bytes
0x04330000 Hidden Image-->System.Runtime.Remoting.dll [ EPROCESS 0x82EE1B88 ] PID: 2616, 307200 bytes
0x06D00000 Hidden Image-->System.Data.SQLite.DLL [ EPROCESS 0x82EA39E0 ] PID: 676, 860160 bytes
ken545
2010-12-24, 00:01
Hi,

Lets do this.

Please download ATF Cleaner (http://www.atribune.org/ccount/click.php?id=1) by Atribune to your desktop.

Double-click ATF-Cleaner.exe to run the program.
Under Main choose: Select All
Click the Empty Selected button.Your system may start up slower after running ATF Cleaner, this is expected but will be back to normal after the first or second boot up
Please note: If you use online banking or are registered online with any other organizations, ensure you have memorized password and other personal information as removing cookies will temporarily disable the auto-login facility.







Please download Malwarebytes from Here (http://www.malwarebytes.org/mbam-download.php) or Here (http://www.majorgeeks.com/Malwarebytes_Anti-Malware_d5756.html)


Double-click mbam-setup.exe and follow the prompts to install the program.
At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded, select Perform quick scan, then click Scan.
http://i24.photobucket.com/albums/c30/ken545/MBAMCapture.jpg
When the scan is complete, click OK, then Show Results to view the results.
Be sure that everything is checked, and click Remove Selected .
When completed, a log will open in Notepad. Please save it to a convenient location and post the results.
Note: If you receive a notice that some of the items couldn't be removed, that they have been added to the delete on reboot list, please reboot.
Post the report please








OTL by OldTimer

Download OTL (http://oldtimer.geekstogo.com/OTL.exe) to your desktop.
Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
When the window appears, underneath Output at the top change it to Minimal Output.
Check the boxes beside LOP Check and Purity Check.
Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.

When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt.
Note:These logs can be located in the OTL. folder on you C:\ drive if they fail to open automatically.
Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply. You may need two posts to fit them both in.
mrsr71
2010-12-24, 01:00
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 5385

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

12/23/2010 3:39:31 PM
mbam-log-2010-12-23 (15-39-31).txt

Scan type: Quick scan
Objects scanned: 137643
Time elapsed: 6 minute(s), 44 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
mrsr71
2010-12-24, 01:03
OTL logfile created on: 12/23/2010 3:51:21 PM - Run 1
OTL by OldTimer - Version 3.2.18.0 Folder = C:\Documents and Settings\Dan Werner\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,022.00 Mb Total Physical Memory | 263.00 Mb Available Physical Memory | 26.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 63.00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149.04 Gb Total Space | 65.96 Gb Free Space | 44.26% Space Free | Partition Type: NTFS

Computer Name: DAN | User Name: Dan Werner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\Dan Werner\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\Mozilla Firefox\plugin-container.exe (Mozilla Corporation)
PRC - C:\Program Files\Seagate\Seagate Dashboard\MemeoDashboard.exe (Memeo)
PRC - C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe (Memeo)
PRC - C:\Program Files\Memeo\AutoBackupPro\MemeoBackgroundService.exe (Memeo)
PRC - C:\Program Files\Norton 360\Engine\4.3.0.5\ccsvchst.exe (Symantec Corporation)
PRC - C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
PRC - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe (Intel(R) Corporation)
PRC - C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe (Intel Corporation )
PRC - C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe (Intel Corporation)
PRC - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe (Sonic Solutions)
PRC - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe (Sonic Solutions)
PRC - C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (Macrovision Corporation)
PRC - C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe (Adobe Systems Inc.)


========== Modules (SafeList) ==========

MOD - C:\Documents and Settings\Dan Werner\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Program Files\Norton 360\Engine\4.3.0.5\asoehook.dll (Symantec Corporation)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (Microsoft Corporation)
MOD - C:\Program Files\Norton 360\Engine\4.3.0.5\microsoft.vc90.crt\msvcr90.dll (Microsoft Corporation)
MOD - C:\Program Files\Norton 360\Engine\4.3.0.5\microsoft.vc90.crt\msvcp90.dll (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV - (SeagateDashboardService) -- C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe (Memeo)
SRV - (MemeoBackgroundService) -- C:\Program Files\Memeo\AutoBackupPro\MemeoBackgroundService.exe (Memeo)
SRV - (N360) -- C:\Program Files\Norton 360\Engine\4.3.0.5\ccSvcHst.exe (Symantec Corporation)
SRV - (EvtEng) Intel(R) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe (Intel Corporation)
SRV - (WLANKEEPER) Intel(R) -- C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe (Intel(R) Corporation)
SRV - (S24EventMonitor) Intel(R) -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe (Intel Corporation )
SRV - (RegSrvc) Intel(R) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe (Intel Corporation)
SRV - (IDriverT) -- C:\Program Files\Roxio\Roxio MyDVD DE\InstallShield\Driver\1050\Intel 32\IDriverT.exe (Macrovision Corporation)


========== Driver Services (SafeList) ==========

DRV - (UIUSys) -- C:\WINDOWS\System32\DRIVERS\UIUSYS.SYS File not found
DRV - (NAVEX15) -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\VirusDefs\20101223.002\NAVEX15.SYS (Symantec Corporation)
DRV - (NAVENG) -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\VirusDefs\20101223.002\NAVENG.SYS (Symantec Corporation)
DRV - (SymEvent) -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS (Symantec Corporation)
DRV - (eeCtrl) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation)
DRV - (EraserUtilRebootDrv) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)
DRV - (IDSxpx86) -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\IPSDefs\20101223.002\IDSXpx86.sys (Symantec Corporation)
DRV - (BHDrvx86) -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\BASHDefs\20101123.003\BHDrvx86.sys (Symantec Corporation)
DRV - (pneteth) -- C:\WINDOWS\system32\drivers\pneteth.sys (June Fabrics Technology Inc.)
DRV - (SYMTDI) -- C:\WINDOWS\System32\Drivers\N360\0403000.005\SYMTDI.SYS (Symantec Corporation)
DRV - (SymIRON) -- C:\WINDOWS\system32\drivers\N360\0403000.005\Ironx86.SYS (Symantec Corporation)
DRV - (SymEFA) -- C:\WINDOWS\system32\drivers\N360\0403000.005\SYMEFA.SYS (Symantec Corporation)
DRV - (SRTSP) -- C:\WINDOWS\System32\Drivers\N360\0403000.005\SRTSP.SYS (Symantec Corporation)
DRV - (SRTSPX) Symantec Real Time Storage Protection (PEL) -- C:\WINDOWS\system32\drivers\N360\0403000.005\SRTSPX.SYS (Symantec Corporation)
DRV - (ccHP) -- C:\WINDOWS\system32\drivers\N360\0403000.005\ccHPx86.sys (Symantec Corporation)
DRV - (SymDS) -- C:\WINDOWS\system32\drivers\N360\0403000.005\SYMDS.SYS (Symantec Corporation)
DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows (R) Server 2003 DDK provider)
DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation)
DRV - (STHDA) -- C:\WINDOWS\system32\drivers\sthda.sys (SigmaTel, Inc.)
DRV - (NETw4x32) Intel(R) -- C:\WINDOWS\system32\drivers\NETw4x32.sys (Intel Corporation)
DRV - (s24trans) -- C:\WINDOWS\system32\drivers\s24trans.sys (Intel Corporation)
DRV - (DRVNDDM) -- C:\WINDOWS\system32\drivers\DRVNDDM.SYS (Roxio)
DRV - (DLARTL_M) -- C:\WINDOWS\system32\drivers\DLARTL_M.SYS (Roxio)
DRV - (DLACDBHM) -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS (Roxio)
DRV - (bcm4sbxp) -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys (Broadcom Corporation)
DRV - (rimmptsk) -- C:\WINDOWS\system32\drivers\rimmptsk.sys (REDC)
DRV - (rimsptsk) -- C:\WINDOWS\system32\drivers\rimsptsk.sys (REDC)
DRV - (rismxdp) -- C:\WINDOWS\system32\drivers\rixdptsk.sys (REDC)
DRV - (HSF_DPV) -- C:\WINDOWS\system32\drivers\HSF_DPV.sys (Conexant Systems, Inc.)
DRV - (HSFHWAZL) -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.)
DRV - (WinUSB) -- C:\WINDOWS\system32\drivers\winusb.sys (Microsoft Corporation)
DRV - (DLADResM) -- C:\WINDOWS\system32\DLA\DLADResM.SYS (Roxio)
DRV - (DLAUDFAM) -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS (Roxio)
DRV - (DLABMFSM) -- C:\WINDOWS\system32\DLA\DLABMFSM.SYS (Roxio)
DRV - (DLAUDF_M) -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS (Roxio)
DRV - (DLAOPIOM) -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS (Roxio)
DRV - (DLABOIOM) -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS (Roxio)
DRV - (DLAPoolM) -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS (Roxio)
DRV - (DLAIFS_M) -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS (Roxio)
DRV - (DRVMCDB) -- C:\WINDOWS\System32\Drivers\DRVMCDB.SYS (Sonic Solutions)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com/"
FF - prefs.js..extensions.enabledItems: {4176DFF4-4698-11DE-BEEB-45DA55D89593}:0.8.6
FF - prefs.js..extensions.enabledItems: {446c03e0-2c35-11db-a98b-0800200c9a66}:0.6.1.14
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0
FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:4.6
FF - prefs.js..extensions.enabledItems: {c1970c0d-dbe6-4d91-804f-c9c0de643a57}:1.2.4
FF - prefs.js..network.proxy.type: 0

FF - HKLM\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\IPSFFPlgn\ [2010/12/17 12:21:57 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\coFFPlgn\ [2010/12/16 12:28:04 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/12/17 10:00:26 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/12/17 10:00:11 | 000,000,000 | ---D | M]

[2010/12/17 10:00:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dan Werner\Application Data\Mozilla\Extensions
[2010/12/22 16:24:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dan Werner\Application Data\Mozilla\Firefox\Profiles\zp8eoqbx.default\extensions
[2010/12/19 07:39:52 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Dan Werner\Application Data\Mozilla\Firefox\Profiles\zp8eoqbx.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/12/17 12:53:49 | 000,000,000 | ---D | M] (AniWeather) -- C:\Documents and Settings\Dan Werner\Application Data\Mozilla\Firefox\Profiles\zp8eoqbx.default\extensions\{4176DFF4-4698-11DE-BEEB-45DA55D89593}
[2010/12/17 14:55:29 | 000,000,000 | ---D | M] (Favicon Picker 2) -- C:\Documents and Settings\Dan Werner\Application Data\Mozilla\Firefox\Profiles\zp8eoqbx.default\extensions\{446c03e0-2c35-11db-a98b-0800200c9a66}
[2010/12/20 15:48:55 | 000,000,000 | ---D | M] (NoRedirect) -- C:\Documents and Settings\Dan Werner\Application Data\Mozilla\Firefox\Profiles\zp8eoqbx.default\extensions\{c1970c0d-dbe6-4d91-804f-c9c0de643a57}
[2010/12/17 10:00:12 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
mrsr71
2010-12-24, 01:06
O1 HOSTS File: ([2010/12/22 12:26:18 | 000,428,313 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 14747 more lines...
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\4.3.0.5\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\4.3.0.5\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (AcroIEToolbarHelper Class) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\4.3.0.5\coieplg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\4.3.0.5\coieplg.dll (Symantec Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation)
O4 - HKLM..\Run: [IntelZeroConfig] C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe (Intel Corporation)
O4 - HKLM..\Run: [ISUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (Macrovision Corporation)
O4 - HKLM..\Run: [Memeo Backup Premium] C:\Program Files\Memeo\AutoBackupPro\MemeoLauncher2.exe (Memeo Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NVHotkey] C:\WINDOWS\System32\nvhotkey.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe (Sonic Solutions)
O4 - HKLM..\Run: [Seagate Dashboard] C:\Program Files\Seagate\Seagate Dashboard\MemeoLauncher.exe ()
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe (Adobe Systems Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Google Calendar Sync.lnk = C:\Program Files\Google\Google Calendar Sync\GoogleCalendarSync.exe (Google)
O4 - Startup: C:\Documents and Settings\Dan Werner\Start Menu\Programs\Startup\ClickTray Calendar.lnk = C:\Program Files\ClickTray Calendar\ClickTray.exe (WASEO)
O4 - Startup: C:\Documents and Settings\Dan Werner\Start Menu\Programs\Startup\PdaNet Desktop.lnk = C:\Program Files\PdaNet for Android\PdaNetPC.exe ()
O4 - Startup: C:\Documents and Settings\Dan Werner\Start Menu\Programs\Startup\Seagate Product Registration.lnk = C:\Documents and Settings\Dan Werner\Application Data\Leadertech\PowerRegister\Seagate Product Registration.exe (Leader Technologies/Seagate)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll (Google Inc.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.109.67.74 213.109.77.113 1.1.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Dan Werner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Dan Werner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/12/12 12:06:16 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{d2d46390-0636-11e0-991c-001d09a4531f}\Shell\AutoRun\command - "" = F:\setupSNK.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/12/23 15:49:09 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Dan Werner\Desktop\OTL.exe
[2010/12/23 15:29:27 | 000,050,688 | ---- | C] (Atribune.org) -- C:\Documents and Settings\Dan Werner\Desktop\ATF-Cleaner.exe
[2010/12/21 07:52:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/12/21 07:51:24 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010/12/21 07:49:55 | 000,791,393 | ---- | C] (Lars Hederer ) -- C:\Documents and Settings\Dan Werner\Desktop\erunt-setup.exe
[2010/12/20 17:21:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Hitman Pro
[2010/12/19 13:53:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\Local Settings\Application Data\Identities
[2010/12/18 14:39:17 | 000,000,000 | ---D | C] -- C:\tmp
[2010/12/18 14:39:07 | 000,000,000 | ---D | C] -- C:\Cool RingTone Maker
[2010/12/17 15:43:36 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vbar332.dll
[2010/12/17 15:43:35 | 000,000,000 | ---D | C] -- C:\Program Files\VoptXP v7
[2010/12/17 12:22:41 | 000,501,888 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0403000.005\cchpx86.sys
[2010/12/17 12:22:41 | 000,361,904 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0403000.005\symtdi.sys
[2010/12/17 12:22:41 | 000,339,504 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0403000.005\symtdiv.sys
[2010/12/17 12:22:41 | 000,328,752 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0403000.005\symds.sys
[2010/12/17 12:22:41 | 000,325,680 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0403000.005\srtsp.sys
[2010/12/17 12:22:41 | 000,173,104 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0403000.005\symefa.sys
[2010/12/17 12:22:41 | 000,116,784 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0403000.005\ironx86.sys
[2010/12/17 12:22:41 | 000,043,696 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0403000.005\srtspx.sys
[2010/12/17 12:22:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\N360\0403000.005
[2010/12/17 10:58:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\My Documents\Downloads
[2010/12/17 10:00:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\Local Settings\Application Data\Mozilla
[2010/12/17 10:00:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\Application Data\Mozilla
[2010/12/17 10:00:10 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2010/12/16 12:26:50 | 000,107,368 | R--- | C] (GEAR Software Inc.) -- C:\WINDOWS\System32\GEARAspi.dll
[2010/12/16 12:26:21 | 000,124,976 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2010/12/16 12:26:21 | 000,060,808 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\S32EVNT1.DLL
[2010/12/16 12:26:20 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2010/12/16 12:25:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\N360
[2010/12/16 12:25:03 | 000,000,000 | ---D | C] -- C:\Program Files\Norton 360
[2010/12/16 12:17:45 | 000,000,000 | ---D | C] -- C:\Program Files\NortonInstaller
[2010/12/16 10:45:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\Application Data\Tific
[2010/12/15 11:28:55 | 000,018,304 | ---- | C] (GARMIN Corp.) -- C:\WINDOWS\System32\drivers\grmngen.sys
[2010/12/15 11:28:54 | 000,000,000 | ---D | C] -- C:\Program Files\Garmin
[2010/12/15 10:57:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\Local Settings\Application Data\Help
[2010/12/15 10:57:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\Application Data\Help
[2010/12/15 10:54:59 | 000,000,000 | ---D | C] -- C:\Program Files\GSAK
[2010/12/14 17:26:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\Local Settings\Application Data\WMTools Downloaded Files
[2010/12/14 16:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun
[2010/12/14 16:05:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun
[2010/12/14 16:05:24 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010/12/14 16:04:10 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2010/12/14 16:04:10 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010/12/14 16:04:10 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010/12/14 16:04:10 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010/12/14 16:04:10 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010/12/14 16:03:44 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2010/12/14 15:57:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\Application Data\Sun
[2010/12/14 12:05:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\Application Data\GlobalSCAPE
[2010/12/14 10:36:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\My Documents\My Garmin
[2010/12/14 10:18:34 | 001,089,536 | ---- | C] (eHelp Corporation.) -- C:\WINDOWS\System32\ROBOEX32.DLL
[2010/12/14 10:18:34 | 000,049,152 | ---- | C] (Blue Sky Software Corporation.) -- C:\WINDOWS\System32\INETWH32.dll
[2010/12/14 10:18:34 | 000,000,000 | ---D | C] -- C:\Garmin
[2010/12/14 08:51:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\My Documents\Ultra Fractal 5
[2010/12/14 08:51:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\My Documents\Ultra Fractal 4
[2010/12/14 08:50:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\My Documents\Norton Key
[2010/12/14 08:49:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\My Documents\Elks
[2010/12/14 08:33:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\My Documents\My Pictures
[2010/12/14 08:23:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\My Documents\My Music
[2010/12/14 08:20:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\My Documents\Wells Fargo
[2010/12/14 08:20:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\My Documents\RCI Info
[2010/12/14 08:19:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\My Documents\SCSA
[2010/12/13 20:56:03 | 000,000,000 | ---D | C] -- C:\Program Files\HyperSnap-DX 4
[2010/12/13 20:46:53 | 000,000,000 | ---D | C] -- C:\Program Files\HyperSnap 6
[2010/12/13 20:24:27 | 000,000,000 | ---D | C] -- C:\Program Files\GlobalSCAPE
[2010/12/13 20:20:11 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Vbox
[2010/12/13 20:18:36 | 000,306,688 | ---- | C] (InstallShield Software Corporation) -- C:\WINDOWS\IsUninst.exe
[2010/12/13 20:15:19 | 000,000,000 | ---D | C] -- C:\Program Files\ClickTray Calendar
[2010/12/13 19:47:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\My Documents\Auction Sentry Data
[2010/12/13 19:46:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/12/13 19:46:51 | 000,000,000 | ---D | C] -- C:\Program Files\Auction Sentry
[2010/12/13 19:46:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\Downloaded Installations
[2010/12/13 19:33:38 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2010/12/13 19:33:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2010/12/13 19:22:46 | 000,286,720 | ---- | C] (Indigo Rose Corporation) -- C:\WINDOWS\iun506.exe
[2010/12/13 18:54:51 | 000,013,312 | ---- | C] (June Fabrics Technology Inc.) -- C:\WINDOWS\System32\drivers\pneteth.sys
[2010/12/13 18:47:32 | 000,014,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsgXP_2k3.dll
[2010/12/13 18:47:00 | 000,032,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbccgp.sys
[2010/12/13 18:44:41 | 001,112,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\WdfCoInstaller01007.dll
[2010/12/13 18:44:41 | 000,581,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\WinUSBCoInstaller.dll
[2010/12/13 18:44:40 | 000,000,000 | ---D | C] -- C:\Program Files\PdaNet for Android
[2010/12/13 17:00:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\Application Data\GARMIN
[2010/12/13 17:00:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\GARMIN
[2010/12/13 16:48:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2010/12/13 16:48:24 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2010/12/13 16:48:15 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2010/12/13 16:47:42 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpssvcs.dll
[2010/12/13 16:47:42 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpssvcs.dll
[2010/12/13 16:47:42 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\printfilterpipelinesvc.exe
[2010/12/13 16:47:42 | 000,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpsshhdr.dll
[2010/12/13 16:47:42 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\prntvpt.dll
[2010/12/13 16:47:42 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\filterpipelineprintproc.dll
[2010/12/13 16:47:42 | 000,000,000 | ---D | C] -- C:\30af5d22e69d662677
[2010/12/13 16:41:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google
[2010/12/13 16:36:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2010/12/13 16:36:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\Local Settings\Application Data\Google
[2010/12/13 16:35:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Google
[2010/12/13 16:34:55 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2010/12/13 16:34:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\Application Data\Google
[2010/12/13 16:34:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\Application Data\Macromedia
[2010/12/13 15:48:13 | 000,000,000 | ---D | C] -- C:\gsak
[2010/12/13 15:28:42 | 000,000,000 | ---D | C] -- C:\e18a05fd45ecaad9b471
[2010/12/13 15:28:08 | 000,000,000 | ---D | C] -- C:\drivers
[2010/12/13 12:23:38 | 000,000,000 | ---D | C] -- C:\DJ's 2010
[2010/12/13 12:23:26 | 000,000,000 | ---D | C] -- C:\c653913046ee4a6c69ae8de1105fed
[2010/12/13 09:24:46 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/12/13 09:24:43 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/12/13 09:24:42 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/12/13 09:16:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\Application Data\Malwarebytes
[2010/12/13 09:15:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/12/13 09:12:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\My Documents\Symantec
[2010/12/13 09:04:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PCSettings
[2010/12/13 09:01:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NortonInstaller
[2010/12/13 08:51:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\Norton
[2010/12/13 08:41:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\Local Settings\Application Data\Symantec
[2010/12/13 08:00:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\My Documents\Temp
[2010/12/13 08:00:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\My Documents\RV Data
[2010/12/13 08:00:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\My Documents\pwrcmdr
[2010/12/13 07:58:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\My Documents\PDF Files
[2010/12/13 07:55:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\My Documents\My Web Sites
[2010/12/13 07:54:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\My Documents\My Videos
[2010/12/13 07:53:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\My Documents\Harley Data
[2010/12/13 07:52:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\My Documents\Guns
[2010/12/13 07:49:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\My Documents\Geocaching Data
[2010/12/13 07:46:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\My Documents\DJs
[2010/12/13 07:46:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\My Documents\Blood Pressure
[2010/12/12 19:07:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MemeoCommon
[2010/12/12 17:54:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[2010/12/12 17:54:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Norton
[2010/12/12 17:52:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\Application Data\Memeo
[2010/12/12 17:52:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Seagate
[2010/12/12 17:52:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\Application Data\Seagate
[2010/12/12 17:51:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\ServiceTest
[2010/12/12 17:50:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Memeo
[2010/12/12 17:50:39 | 000,000,000 | ---D | C] -- C:\Program Files\Memeo
[2010/12/12 17:50:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\Local Settings\Application Data\temp
[2010/12/12 17:49:21 | 000,000,000 | R-SD | C] -- C:\WINDOWS\assembly
[2010/12/12 17:48:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET
[2010/12/12 17:48:06 | 000,000,000 | ---D | C] -- C:\Program Files\Seagate
[2010/12/12 17:33:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\Application Data\Leadertech
[2010/12/12 17:27:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\Application Data\AdobeUM
[2010/12/12 17:27:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\Local Settings\Application Data\Adobe
[2010/12/12 17:27:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\My Documents\My eBooks
[2010/12/12 17:26:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\Application Data\Adobe
[2010/12/12 17:25:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2010/12/12 17:25:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\Adobe PDF 6.0
[2010/12/12 17:25:09 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2010/12/12 17:24:26 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2010/12/12 17:14:22 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Sidebar
[2010/12/12 17:12:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Symantec
[2010/12/12 16:48:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2010/12/12 16:41:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\Application Data\Symantec
[2010/12/12 16:01:31 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2010/12/12 16:00:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2010/12/12 16:00:07 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\hidserv.dll
[2010/12/12 15:56:50 | 000,455,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys
[2010/12/12 15:52:49 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2010/12/12 15:52:49 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2010/12/12 15:52:48 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2010/12/12 15:52:47 | 001,991,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2010/12/12 15:52:45 | 011,080,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2010/12/12 15:52:30 | 002,146,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe
[2010/12/12 15:52:29 | 002,189,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe
[2010/12/12 15:52:28 | 002,024,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe
[2010/12/12 15:50:24 | 000,272,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthport.sys
[2010/12/12 15:49:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2010/12/12 15:46:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2010/12/12 15:46:24 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$
[2010/12/12 15:37:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles
[2010/12/12 15:35:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2010/12/12 14:27:51 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Dan Werner\IECompatCache
[2010/12/12 14:27:33 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Dan Werner\PrivacIE
[2010/12/12 14:27:09 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Dan Werner\IETldCache
[2010/12/12 14:24:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2010/12/12 14:24:34 | 000,016,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2010/12/12 14:24:31 | 000,026,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spupdsvc.exe
[2010/12/12 14:23:45 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2010/12/12 14:21:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Roxio
[2010/12/12 14:21:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\Application Data\Roxio
[2010/12/12 14:18:14 | 000,099,176 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\DRVMCDB.SYS
[2010/12/12 14:18:14 | 000,092,920 | ---- | C] (Roxio) -- C:\WINDOWS\DLA.EXE
[2010/12/12 14:18:14 | 000,051,768 | ---- | C] (Roxio) -- C:\WINDOWS\System32\drivers\DRVNDDM.SYS
[2010/12/12 14:18:14 | 000,028,120 | ---- | C] (Roxio) -- C:\WINDOWS\System32\drivers\DLARTL_M.SYS
[2010/12/12 14:18:14 | 000,012,856 | ---- | C] (Roxio) -- C:\WINDOWS\System32\drivers\DLACDBHM.SYS
[2010/12/12 14:18:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DLA
[2010/12/12 14:17:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sonic
[2010/12/12 14:15:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Roxio
[2010/12/12 14:14:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\RegisteredPackages
[2010/12/12 14:14:18 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SureThing Shared
[2010/12/12 14:13:43 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Sonic Shared
[2010/12/12 14:13:15 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Roxio Shared
[2010/12/12 14:13:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\InstallShield
[2010/12/12 14:13:04 | 000,000,000 | ---D | C] -- C:\Program Files\Roxio
[2010/12/12 14:06:04 | 000,028,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mdimon.dll
[2010/12/12 14:05:26 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\L&H
[2010/12/12 14:05:20 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2010/12/12 14:05:13 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft ActiveSync
[2010/12/12 14:04:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2010/12/12 14:04:51 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works
[2010/12/12 14:04:46 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio
[2010/12/12 14:04:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\SHELLNEW
[2010/12/12 14:03:09 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2010/12/12 14:01:00 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2010/12/12 13:55:48 | 002,756,608 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\NETw4r32.dll
[2010/12/12 13:55:48 | 002,203,520 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\drivers\NETw4x32.sys
[2010/12/12 13:55:48 | 000,679,936 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\NETw4c32.dll
[2010/12/12 13:34:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Intel
[2010/12/12 13:34:19 | 000,000,000 | ---D | C] -- C:\Program Files\Broadcom
[2010/12/12 13:28:54 | 000,026,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbstor.sys
[2010/12/12 13:04:24 | 000,356,352 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvudisp.exe
[2010/12/12 13:04:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\nview
[2010/12/12 13:04:11 | 000,356,352 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NVUNINST.EXE
[2010/12/12 13:04:02 | 002,113,536 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvwss.dll
[2010/12/12 13:04:02 | 000,335,872 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvwrses.dll
[2010/12/12 13:04:02 | 000,327,680 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvwrsfr.dll
[2010/12/12 13:04:02 | 000,323,584 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvwrsit.dll
[2010/12/12 13:04:02 | 000,319,488 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvwrsptb.dll
[2010/12/12 13:04:02 | 000,315,392 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvwrsru.dll
[2010/12/12 13:04:02 | 000,311,296 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvwrsde.dll
[2010/12/12 13:04:02 | 000,294,912 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvwrspl.dll
[2010/12/12 13:04:02 | 000,212,992 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvwrsja.dll
[2010/12/12 13:04:02 | 000,196,608 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvwrsko.dll
[2010/12/12 13:04:02 | 000,167,936 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvwrszht.dll
[2010/12/12 13:04:02 | 000,163,840 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvwrszhc.dll
[2010/12/12 13:04:01 | 003,620,864 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvvitvsr.dll
[2010/12/12 13:04:01 | 000,081,920 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvwddi.dll
[2010/12/12 13:04:00 | 003,395,584 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvvitvs.dll
[2010/12/12 13:04:00 | 000,282,624 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsfr.dll
[2010/12/12 13:04:00 | 000,282,624 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrses.dll
[2010/12/12 13:04:00 | 000,278,528 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsit.dll
[2010/12/12 13:04:00 | 000,278,528 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsde.dll
[2010/12/12 13:04:00 | 000,266,240 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsru.dll
[2010/12/12 13:04:00 | 000,266,240 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsptb.dll
[2010/12/12 13:04:00 | 000,266,240 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsja.dll
[2010/12/12 13:04:00 | 000,262,144 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsko.dll
[2010/12/12 13:04:00 | 000,253,952 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrspl.dll
[2010/12/12 13:04:00 | 000,225,280 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrszhc.dll
[2010/12/12 13:04:00 | 000,122,880 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrszht.dll
[2010/12/12 13:03:59 | 006,660,096 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvoglnt.dll
[2010/12/12 13:03:59 | 002,854,912 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvmoblsr.dll
[2010/12/12 13:03:59 | 000,958,464 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvmobls.dll
[2010/12/12 13:03:59 | 000,458,752 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvmccssr.dll
[2010/12/12 13:03:59 | 000,229,376 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvmccs.dll
[2010/12/12 13:03:59 | 000,188,416 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvmccss.dll
[2010/12/12 13:03:59 | 000,081,920 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvmctray.dll
[2010/12/12 13:03:59 | 000,067,584 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvhotkey.dll
[2010/12/12 13:03:59 | 000,045,056 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvmccsrs.dll
[2010/12/12 13:03:58 | 003,235,840 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvgamesr.dll
[2010/12/12 13:03:58 | 003,145,728 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvgames.dll
[2010/12/12 13:03:58 | 000,307,200 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvexpbar.dll
[2010/12/12 13:03:57 | 005,427,200 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvdispsr.dll
[2010/12/12 13:03:56 | 006,074,368 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvdisps.dll
[2010/12/12 13:03:56 | 001,069,056 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcpluir.dll
[2010/12/12 13:03:56 | 000,815,104 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcplui.exe
[2010/12/12 13:03:55 | 008,433,664 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcpl.dll
[2010/12/12 13:03:55 | 000,344,064 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvapi.dll
[2010/12/12 13:03:55 | 000,073,728 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcpl.cpl
[2010/12/12 13:03:55 | 000,036,864 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcodins.dll
[2010/12/12 13:03:55 | 000,036,864 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcod.dll
[2010/12/12 13:03:54 | 006,349,696 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\drivers\nv4_mini.sys
[2010/12/12 13:03:54 | 006,349,696 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\dllcache\nv4_mini.sys
[2010/12/12 13:03:54 | 005,466,624 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nv4_disp.dll
[2010/12/12 13:03:54 | 005,466,624 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\dllcache\nv4_disp.dll
[2010/12/12 13:03:52 | 002,379,776 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvwssr.dll
[2010/12/12 13:02:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Intel
[2010/12/12 13:02:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\Application Data\Intel
[2010/12/12 13:02:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Intel
[2010/12/12 13:01:16 | 000,045,568 | R--- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\drivers\bcm4sbxp.sys
[2010/12/12 12:59:57 | 000,000,000 | ---D | C] -- C:\Program Files\CONEXANT
[2010/12/12 12:59:40 | 000,172,032 | ---- | C] (Conexant Systems, Inc) -- C:\WINDOWS\System32\Uci32114.dll
[2010/12/12 12:59:40 | 000,094,208 | ---- | C] (Conexant) -- C:\WINDOWS\System32\mdmxsdk.dll
[2010/12/12 12:59:39 | 000,989,696 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\drivers\HSF_DPV.sys
[2010/12/12 12:59:39 | 000,209,152 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\drivers\HSFHWAZL.sys
[2010/12/12 12:59:38 | 000,730,112 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\drivers\HSF_CNXT.sys
[2010/12/12 12:59:12 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2010/12/12 12:59:06 | 000,032,256 | ---- | C] (REDC) -- C:\WINDOWS\System32\drivers\rimmptsk.sys
[2010/12/12 12:59:05 | 000,090,112 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\snymsico.dll
[2010/12/12 12:59:05 | 000,043,520 | ---- | C] (REDC) -- C:\WINDOWS\System32\drivers\rimsptsk.sys
[2010/12/12 12:59:05 | 000,037,376 | ---- | C] (REDC) -- C:\WINDOWS\System32\drivers\rixdptsk.sys
[2010/12/12 12:57:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups
[2010/12/12 12:57:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
[2010/12/12 12:57:05 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2010/12/12 12:56:54 | 000,000,000 | ---D | C] -- C:\Intel
[2010/12/12 12:55:31 | 000,006,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\splitter.sys
[2010/12/12 12:55:30 | 000,083,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wdmaud.sys
[2010/12/12 12:55:28 | 000,052,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmusic.sys
[2010/12/12 12:55:27 | 000,056,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swmidi.sys
[2010/12/12 12:55:25 | 000,142,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aec.sys
[2010/12/12 12:55:24 | 000,172,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kmixer.sys
[2010/12/12 12:55:23 | 000,002,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmkaud.sys
[2010/12/12 12:55:22 | 000,060,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sysaudio.sys
[2010/12/12 12:55:20 | 000,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mskssrv.sys
[2010/12/12 12:55:19 | 000,004,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspqm.sys
[2010/12/12 12:55:17 | 000,005,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspclock.sys
[2010/12/12 12:55:14 | 004,952,064 | ---- | C] (SigmaTel, Inc.) -- C:\WINDOWS\System32\stacgui.cpl
[2010/12/12 12:55:14 | 001,601,536 | ---- | C] (SigmaTel, Inc.) -- C:\WINDOWS\System32\stlang.dll
[2010/12/12 12:55:14 | 000,405,504 | ---- | C] (SigmaTel, Inc.) -- C:\WINDOWS\stsystra.exe
[2010/12/12 12:55:13 | 000,146,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\portcls.sys
[2010/12/12 12:55:13 | 000,146,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\portcls.sys
[2010/12/12 12:55:13 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksuser.dll
[2010/12/12 12:55:13 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksuser.dll
[2010/12/12 12:55:12 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksproxy.ax
[2010/12/12 12:55:12 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksproxy.ax
[2010/12/12 12:55:12 | 000,060,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmk.sys
[2010/12/12 12:55:12 | 000,060,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmk.sys
[2010/12/12 12:55:07 | 000,144,896 | ---- | C] (SigmaTel, Inc.) -- C:\WINDOWS\System32\staco.dll
[2010/12/12 12:55:05 | 001,222,840 | ---- | C] (SigmaTel, Inc.) -- C:\WINDOWS\System32\drivers\sthda.sys
[2010/12/12 12:55:05 | 000,270,336 | ---- | C] (SigmaTel, Inc.) -- C:\WINDOWS\System32\stacapi.dll
[2010/12/12 12:55:05 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2010/12/12 12:55:05 | 000,000,000 | ---D | C] -- C:\Program Files\SigmaTel
[2010/12/12 12:54:59 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2010/12/12 12:47:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\vmm32
[2010/12/12 12:47:12 | 000,000,000 | ---D | C] -- C:\Program Files\Dell
[2010/12/12 12:41:12 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Dan Werner\UserData
[2010/12/12 12:16:18 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010/12/12 12:12:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\Application Data\Identities
[2010/12/12 12:12:11 | 000,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
[2010/12/12 12:12:04 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Dan Werner\Application Data\Microsoft
[2010/12/12 12:12:04 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Dan Werner\SendTo
[2010/12/12 12:12:04 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Dan Werner\Recent
[2010/12/12 12:12:04 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Dan Werner\Application Data
[2010/12/12 12:12:04 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Dan Werner\Start Menu
[2010/12/12 12:12:04 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Dan Werner\My Documents
[2010/12/12 12:12:04 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Dan Werner\Favorites
[2010/12/12 12:12:04 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Dan Werner\Cookies
[2010/12/12 12:12:04 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Dan Werner\Templates
[2010/12/12 12:12:04 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Dan Werner\PrintHood
[2010/12/12 12:12:04 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Dan Werner\NetHood
[2010/12/12 12:12:04 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Dan Werner\Local Settings
[2010/12/12 12:12:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\Local Settings\Application Data\Microsoft
[2010/12/12 12:12:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\Desktop
[2010/12/12 12:10:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2010/12/12 12:10:02 | 000,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft
[2010/12/12 12:10:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2010/12/12 12:10:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2010/12/12 12:10:00 | 000,000,000 | --SD | C] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2010/12/12 12:09:39 | 000,000,000 | --SD | C] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2010/12/12 12:09:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2010/12/12 12:08:30 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winzm.ime
[2010/12/12 12:08:30 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winsp.ime
[2010/12/12 12:08:30 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winpy.ime
[2010/12/12 12:08:29 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winar30.ime
[2010/12/12 12:08:29 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wingb.ime
[2010/12/12 12:08:29 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winime.ime
[2010/12/12 12:08:28 | 000,041,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.dll
[2010/12/12 12:08:28 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.sys
[2010/12/12 12:08:27 | 000,364,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3svc.dll
[2010/12/12 12:08:27 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wam51.dll
[2010/12/12 12:08:27 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamreg51.dll
[2010/12/12 12:08:27 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamps51.dll
[2010/12/12 12:08:26 | 000,086,073 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicesub.dll
[2010/12/12 12:08:26 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ext.dll
[2010/12/12 12:08:26 | 000,048,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32.dll
[2010/12/12 12:08:26 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3svapi.dll
[2010/12/12 12:08:26 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ctrs51.dll
[2010/12/12 12:08:25 | 000,426,041 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicepad.dll
[2010/12/12 12:08:24 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniime.dll
[2010/12/12 12:08:24 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unicdime.ime
[2010/12/12 12:08:23 | 000,103,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uihelper.dll
[2010/12/12 12:08:23 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe
[2010/12/12 12:08:22 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintsetp.exe
[2010/12/12 12:08:22 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlphr.exe
[2010/12/12 12:08:22 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tools.dll
[2010/12/12 12:08:22 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmigrate.dll
[2010/12/12 12:08:21 | 000,571,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlgnt.ime
[2010/12/12 12:08:21 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\thawbrkr.dll
[2010/12/12 12:08:21 | 000,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdipx.sys
[2010/12/12 12:08:21 | 000,019,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdspx.sys
[2010/12/12 12:08:20 | 000,013,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdasync.sys
[2010/12/12 12:08:19 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\svcext51.dll
[2010/12/12 12:08:19 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\status.dll
[2010/12/12 12:08:18 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusbusd.dll
[2010/12/12 12:08:18 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sspifilt.dll
[2010/12/12 12:08:18 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ssinc51.dll
[2010/12/12 12:08:17 | 000,143,422 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\softkey.dll
[2010/12/12 12:08:16 | 000,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpsmir.dll
[2010/12/12 12:08:16 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpthrd.dll
[2010/12/12 12:08:16 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpstup.dll
[2010/12/12 12:08:16 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmptrap.exe
[2010/12/12 12:08:16 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll
[2010/12/12 12:08:15 | 000,456,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpsvc.dll
[2010/12/12 12:08:15 | 000,358,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpincl.dll
[2010/12/12 12:08:15 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpcl.dll
[2010/12/12 12:08:15 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmp.exe
[2010/12/12 12:08:15 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpmib.dll
[2010/12/12 12:08:14 | 000,236,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smi2smir.exe
[2010/12/12 12:08:14 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb6w.dll
[2010/12/12 12:08:14 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsm.dll
[2010/12/12 12:08:14 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll
[2010/12/12 12:08:14 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpapi.dll
[2010/12/12 12:08:14 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smimsgif.dll
[2010/12/12 12:08:14 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsy.dll
[2010/12/12 12:08:13 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm9aw.dll
[2010/12/12 12:08:13 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma3w.dll
[2010/12/12 12:08:13 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm87w.dll
[2010/12/12 12:08:13 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm81w.dll
[2010/12/12 12:08:13 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8cw.dll
[2010/12/12 12:08:13 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm93w.dll
[2010/12/12 12:08:13 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm92w.dll
[2010/12/12 12:08:13 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm90w.dll
[2010/12/12 12:08:13 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8dw.dll
[2010/12/12 12:08:13 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8aw.dll
[2010/12/12 12:08:13 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm89w.dll
[2010/12/12 12:08:13 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm59w.dll
[2010/12/12 12:08:13 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\simptcp.dll
[2010/12/12 12:08:10 | 000,221,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\seo.dll
[2010/12/12 12:08:10 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_scripto.dll
[2010/12/12 12:08:10 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seos.dll
[2010/12/12 12:08:09 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2010/12/12 12:08:09 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2010/12/12 12:08:09 | 000,029,184 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll
[2010/12/12 12:08:09 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rw001ext.dll
[2010/12/12 12:08:09 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rwnh.dll
[2010/12/12 12:08:08 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\romanime.ime
[2010/12/12 12:08:08 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe
[2010/12/12 12:08:08 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe
[2010/12/12 12:08:08 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcref.dll
[2010/12/12 12:08:07 | 000,020,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ramdisk.sys
[2010/12/12 12:08:06 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quick.ime
[2010/12/12 12:08:06 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quser.exe
[2010/12/12 12:08:06 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe
[2010/12/12 12:08:05 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pwsdata.dll
[2010/12/12 12:08:04 | 000,482,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlgnt.ime
[2010/12/12 12:08:04 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxviceo.dll
[2010/12/12 12:08:04 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlphr.exe
[2010/12/12 12:08:04 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmigrate.dll
[2010/12/12 12:08:04 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlcsd.dll
[2010/12/12 12:08:04 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxmcro.dll
[2010/12/12 12:08:04 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxgl.dll
[2010/12/12 12:08:03 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phon.ime
[2010/12/12 12:08:03 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pagecnt.dll
[2010/12/12 12:08:03 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\permchk.dll
[2010/12/12 12:08:02 | 000,036,927 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs411.dll
[2010/12/12 12:08:02 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs404.dll
[2010/12/12 12:08:02 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs804.dll
[2010/12/12 12:08:02 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs412.dll
[2010/12/12 12:08:00 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nsepm.dll
[2010/12/12 12:08:00 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll
[2010/12/12 12:07:59 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nextlink.dll
[2010/12/12 12:07:58 | 000,229,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\multibox.dll
[2010/12/12 12:07:58 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtstocom.exe
[2010/12/12 12:07:55 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msiregmv.exe
[2010/12/12 12:07:54 | 001,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.lex
[2010/12/12 12:07:54 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.dll
[2010/12/12 12:07:50 | 000,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.sys
[2010/12/12 12:07:50 | 000,092,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.dll
[2010/12/12 12:07:50 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migregdb.exe
[2010/12/12 12:07:49 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\metada51.dll
[2010/12/12 12:07:49 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll
[2010/12/12 12:07:49 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\md5filt.dll
[2010/12/12 12:07:49 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mdsync.dll
[2010/12/12 12:07:48 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lmmib2.dll
mrsr71
2010-12-24, 01:07
[2010/12/12 12:07:48 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lpdsvc.dll
[2010/12/12 12:07:48 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logscrpt.dll
[2010/12/12 12:07:48 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lprmon.dll
[2010/12/12 12:07:48 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lonsint.dll
[2010/12/12 12:07:47 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\korwbrkr.dll
[2010/12/12 12:07:46 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecat.dll
[2010/12/12 12:07:46 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecnt.dll
[2010/12/12 12:07:46 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnec95.dll
[2010/12/12 12:07:46 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth3.dll
[2010/12/12 12:07:46 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth2.dll
[2010/12/12 12:07:46 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdvntc.dll
[2010/12/12 12:07:46 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdusa.dll
[2010/12/12 12:07:46 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdurdu.dll
[2010/12/12 12:07:46 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth1.dll
[2010/12/12 12:07:46 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth0.dll
[2010/12/12 12:07:46 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr2.dll
[2010/12/12 12:07:46 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr1.dll
[2010/12/12 12:07:45 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdibm02.dll
[2010/12/12 12:07:45 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41a.dll
[2010/12/12 12:07:45 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41j.dll
[2010/12/12 12:07:45 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinpun.dll
[2010/12/12 12:07:45 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintel.dll
[2010/12/12 12:07:45 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintam.dll
[2010/12/12 12:07:45 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinmar.dll
[2010/12/12 12:07:45 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinkan.dll
[2010/12/12 12:07:45 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinhin.dll
[2010/12/12 12:07:45 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinguj.dll
[2010/12/12 12:07:45 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdindev.dll
[2010/12/12 12:07:45 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdheb.dll
[2010/12/12 12:07:45 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdfa.dll
[2010/12/12 12:07:45 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgeo.dll
[2010/12/12 12:07:44 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jupiw.dll
[2010/12/12 12:07:44 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iwrps.dll
[2010/12/12 12:07:44 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdax2.dll
[2010/12/12 12:07:44 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd106n.dll
[2010/12/12 12:07:44 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101a.dll
[2010/12/12 12:07:44 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101.dll
[2010/12/12 12:07:44 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv2.dll
[2010/12/12 12:07:44 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv1.dll
[2010/12/12 12:07:44 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda3.dll
[2010/12/12 12:07:44 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda2.dll
[2010/12/12 12:07:44 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda1.dll
[2010/12/12 12:07:44 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarmw.dll
[2010/12/12 12:07:44 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarme.dll
[2010/12/12 12:07:43 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iprip.dll
[2010/12/12 12:07:43 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iscomlog.dll
[2010/12/12 12:07:43 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infoctrs.dll
[2010/12/12 12:07:43 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isapips.dll
[2010/12/12 12:07:42 | 000,471,102 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskdic.dll
[2010/12/12 12:07:42 | 000,315,455 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskf.dll
[2010/12/12 12:07:42 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infocomm.dll
[2010/12/12 12:07:42 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetin51.exe
[2010/12/12 12:07:41 | 000,274,489 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputyc.dll
[2010/12/12 12:07:41 | 000,262,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputy.exe
[2010/12/12 12:07:41 | 000,233,527 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjprw.exe
[2010/12/12 12:07:41 | 000,208,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpmig.exe
[2010/12/12 12:07:41 | 000,102,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imlang.dll
[2010/12/12 12:07:41 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imkrinst.exe
[2010/12/12 12:07:41 | 000,045,109 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpuex.exe
[2010/12/12 12:07:40 | 000,716,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcus.dll
[2010/12/12 12:07:40 | 000,368,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcic.dll
[2010/12/12 12:07:40 | 000,307,257 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.exe
[2010/12/12 12:07:40 | 000,155,705 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdsvr.exe
[2010/12/12 12:07:40 | 000,081,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.dll
[2010/12/12 12:07:40 | 000,057,398 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdadm.exe
[2010/12/12 12:07:39 | 000,811,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81k.dll
[2010/12/12 12:07:39 | 000,340,023 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81.ime
[2010/12/12 12:07:39 | 000,311,359 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsv.exe
[2010/12/12 12:07:39 | 000,102,463 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsm.dll
[2010/12/12 12:07:39 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmig.exe
[2010/12/12 12:07:38 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrcic.dll
[2010/12/12 12:07:38 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekr61.ime
[2010/12/12 12:07:38 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmbx.dll
[2010/12/12 12:07:38 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iislog51.dll
[2010/12/12 12:07:38 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisclex4.dll
[2010/12/12 12:07:38 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iiscrmap.dll
[2010/12/12 12:07:38 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisfecnv.dll
[2010/12/12 12:07:38 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iissync.exe
[2010/12/12 12:07:38 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iismui.dll
[2010/12/12 12:07:37 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iische51.dll
[2010/12/12 12:07:37 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisadmin.dll
[2010/12/12 12:07:32 | 010,129,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxkor.dll
[2010/12/12 12:07:23 | 010,096,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxcht.dll
[2010/12/12 12:07:22 | 000,268,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpext.dll
[2010/12/12 12:07:22 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpod51.dll
[2010/12/12 12:07:22 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hostmib.dll
[2010/12/12 12:07:22 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpmb51.dll
[2010/12/12 12:07:21 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hanjadic.dll
[2010/12/12 12:07:21 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gzip.dll
[2010/12/12 12:07:20 | 000,562,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsst.dll
[2010/12/12 12:07:20 | 000,400,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsxp32.dll
[2010/12/12 12:07:20 | 000,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxstiff.dll
[2010/12/12 12:07:20 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssvc.exe
[2010/12/12 12:07:20 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxst30.dll
[2010/12/12 12:07:20 | 000,192,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxswzrd.dll
[2010/12/12 12:07:20 | 000,154,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsui.dll
[2010/12/12 12:07:20 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssend.exe
[2010/12/12 12:07:19 | 000,285,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscomex.dll
[2010/12/12 12:07:19 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscover.exe
[2010/12/12 12:07:19 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclnt.exe
[2010/12/12 12:07:19 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclntr.dll
[2010/12/12 12:07:19 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscfgwz.dll
[2010/12/12 12:07:19 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscom.dll
[2010/12/12 12:07:19 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsevent.dll
[2010/12/12 12:07:19 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsroute.dll
[2010/12/12 12:07:19 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsdrv.dll
[2010/12/12 12:07:19 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsmon.dll
[2010/12/12 12:07:19 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsext32.dll
[2010/12/12 12:07:19 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsperf.dll
[2010/12/12 12:07:19 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsres.dll
[2010/12/12 12:07:18 | 000,618,605 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4autl.dll
[2010/12/12 12:07:18 | 000,451,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsapi.dll
[2010/12/12 12:07:18 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpsv251.dll
[2010/12/12 12:07:18 | 000,024,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmcgi.exe
[2010/12/12 12:07:18 | 000,020,541 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmdll.dll
[2010/12/12 12:07:18 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpctrs2.dll
[2010/12/12 12:07:18 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpmib.dll
[2010/12/12 12:07:18 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftlx041e.dll
[2010/12/12 12:07:17 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll
[2010/12/12 12:07:17 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe
[2010/12/12 12:07:17 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\exstrace.dll
[2010/12/12 12:07:17 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\f3ahvoas.dll
[2010/12/12 12:07:16 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntagnt.dll
[2010/12/12 12:07:16 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntwin.exe
[2010/12/12 12:07:16 | 000,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll
[2010/12/12 12:07:16 | 000,045,056 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll
[2010/12/12 12:07:16 | 000,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll
[2010/12/12 12:07:16 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\et4000.sys
[2010/12/12 12:07:16 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntcmd.exe
[2010/12/12 12:07:15 | 000,514,587 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\edb500.dll
[2010/12/12 12:07:13 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dayi.ime
[2010/12/12 12:07:12 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\davcdata.exe
[2010/12/12 12:07:11 | 000,057,399 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cplexe.exe
[2010/12/12 12:07:11 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\convlog.exe
[2010/12/12 12:07:11 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\controt.dll
[2010/12/12 12:07:11 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\counters.dll
[2010/12/12 12:07:11 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cprofile.exe
[2010/12/12 12:07:10 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\compfilt.dll
[2010/12/12 12:07:09 | 000,480,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintsetp.exe
[2010/12/12 12:07:09 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintime.dll
[2010/12/12 12:07:09 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintlgnt.ime
[2010/12/12 12:07:08 | 000,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtbrkr.dll
[2010/12/12 12:07:08 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtmbx.dll
[2010/12/12 12:07:08 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtskdic.dll
[2010/12/12 12:07:07 | 001,677,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chsbrkr.dll
[2010/12/12 12:07:07 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgport.exe
[2010/12/12 12:07:07 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgusr.exe
[2010/12/12 12:07:07 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chglogon.exe
[2010/12/12 12:07:07 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\change.exe
[2010/12/12 12:07:06 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chajei.ime
[2010/12/12 12:07:06 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2010/12/12 12:07:05 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_g18030.dll
[2010/12/12 12:07:05 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_iscii.dll
[2010/12/12 12:07:05 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_is2022.dll
[2010/12/12 12:07:00 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\browscap.dll
[2010/12/12 12:06:59 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asptxn.dll
[2010/12/12 12:06:59 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aspperf.dll
[2010/12/12 12:06:59 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\authfilt.dll
[2010/12/12 12:06:58 | 000,369,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asp51.dll
[2010/12/12 12:06:58 | 000,331,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aqueue.dll
[2010/12/12 12:06:58 | 000,108,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\appconf.dll
[2010/12/12 12:06:58 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll
[2010/12/12 12:06:58 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0804.dll
[2010/12/12 12:06:58 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0412.dll
[2010/12/12 12:06:58 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0411.dll
[2010/12/12 12:06:57 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt040d.dll
[2010/12/12 12:06:57 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0404.dll
[2010/12/12 12:06:57 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0401.dll
[2010/12/12 12:06:57 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll
[2010/12/12 12:06:56 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adrot.dll
[2010/12/12 12:06:56 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admexs.dll
[2010/12/12 12:06:56 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admxprox.dll
[2010/12/12 12:06:54 | 000,032,827 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptest.exe
[2010/12/12 12:06:54 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptsat.dll
[2010/12/12 12:06:54 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamregps.dll
[2010/12/12 12:06:53 | 002,134,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpsnap.dll
[2010/12/12 12:06:53 | 000,189,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpadm.dll
[2010/12/12 12:06:53 | 000,016,437 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.exe
[2010/12/12 12:06:53 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\staxmem.dll
[2010/12/12 12:06:52 | 000,020,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.dll
[2010/12/12 12:06:50 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logui.ocx
[2010/12/12 12:06:49 | 000,829,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmgr.dll
[2010/12/12 12:06:49 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isatq.dll
[2010/12/12 12:06:49 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetsloc.dll
[2010/12/12 12:06:49 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infoadmn.dll
[2010/12/12 12:06:49 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmgr.exe
[2010/12/12 12:06:48 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisui.dll
[2010/12/12 12:06:48 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrtl.dll
[2010/12/12 12:06:48 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisext51.dll
[2010/12/12 12:06:48 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iismap.dll
[2010/12/12 12:06:48 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrstas.exe
[2010/12/12 12:06:48 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisreset.exe
[2010/12/12 12:06:48 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrstap.dll
[2010/12/12 12:06:47 | 000,598,071 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmc.dll
[2010/12/12 12:06:47 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmcsat.dll
[2010/12/12 12:06:47 | 000,188,494 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpcount.exe
[2010/12/12 12:06:47 | 000,109,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98swin.exe
[2010/12/12 12:06:47 | 000,020,541 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpexedll.dll
[2010/12/12 12:06:47 | 000,020,538 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpremadm.exe
[2010/12/12 12:06:47 | 000,014,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98sadm.exe
[2010/12/12 12:06:47 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpsapi2.dll
[2010/12/12 12:06:46 | 000,876,653 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4awel.dll
[2010/12/12 12:06:46 | 000,184,435 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4amsft.dll
[2010/12/12 12:06:46 | 000,147,513 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4apws.dll
[2010/12/12 12:06:46 | 000,102,509 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4atxt.dll
[2010/12/12 12:06:46 | 000,082,035 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4anscp.dll
[2010/12/12 12:06:46 | 000,049,212 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4awebs.dll
[2010/12/12 12:06:46 | 000,049,210 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4areg.dll
[2010/12/12 12:06:46 | 000,041,020 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4avnb.dll
[2010/12/12 12:06:46 | 000,032,826 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4avss.dll
[2010/12/12 12:06:45 | 000,275,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\certwiz.ocx
[2010/12/12 12:06:45 | 000,188,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cfgwiz.exe
[2010/12/12 12:06:45 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\certmap.ocx
[2010/12/12 12:06:45 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cnfgprts.ocx
[2010/12/12 12:06:45 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\coadmin.dll
[2010/12/12 12:06:45 | 000,016,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.exe
[2010/12/12 12:06:44 | 000,290,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adsiis51.dll
[2010/12/12 12:06:44 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admwprox.dll
[2010/12/12 12:06:44 | 000,020,540 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.dll
[2010/12/12 12:06:44 | 000,016,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.exe
[2010/12/12 12:06:43 | 000,020,540 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.dll
[2010/12/12 12:06:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom
[2010/12/12 12:06:42 | 000,000,000 | ---D | C] -- C:\Program Files\xerox
[2010/12/12 12:06:42 | 000,000,000 | ---D | C] -- C:\Program Files\microsoft frontpage
[2010/12/12 12:06:27 | 000,000,000 | ---D | C] -- C:\DELL
[2010/12/12 12:06:03 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mapi32.dll
[2010/12/12 12:05:23 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\DRM
[2010/12/12 12:05:14 | 000,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files
[2010/12/12 12:05:14 | 000,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages
[2010/12/12 12:05:06 | 000,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate
[2010/12/12 12:04:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX
[2010/12/12 12:04:41 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atrace.dll
[2010/12/12 12:04:41 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\atrace.dll
[2010/12/12 12:04:40 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helphost.exe
[2010/12/12 12:04:40 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\notiflag.exe
[2010/12/12 12:04:40 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\brpinfo.dll
[2010/12/12 12:04:40 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hcappres.dll
[2010/12/12 12:04:32 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srdiag.exe
[2010/12/12 12:04:31 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wb32.exe
[2010/12/12 12:04:31 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmevtmsg.dll
[2010/12/12 12:04:31 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmevtmsg.dll
[2010/12/12 12:04:31 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cb32.exe
[2010/12/12 12:04:30 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\acctres.dll
[2010/12/12 12:04:30 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\acctres.dll
[2010/12/12 12:04:30 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msinfo32.exe
[2010/12/12 12:04:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Services
[2010/12/12 12:04:27 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwtutor.exe
[2010/12/12 12:04:27 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwres.dll
[2010/12/12 12:04:27 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trialoc.dll
[2010/12/12 12:04:27 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssoapr.dll
[2010/12/12 12:04:27 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isignup.exe
[2010/12/12 12:04:27 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icfgnt5.dll
[2010/12/12 12:04:27 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icfgnt5.dll
[2010/12/12 12:04:27 | 000,000,000 | --SD | C] -- C:\WINDOWS\Tasks
[2010/12/12 12:04:26 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssoap1.dll
[2010/12/12 12:04:26 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieinfo5.ocx
[2010/12/12 12:04:26 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wisc10.dll
[2010/12/12 12:04:26 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap
[2010/12/12 12:04:23 | 000,726,078 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srchui.dll
[2010/12/12 12:04:23 | 000,058,434 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srchctls.dll
[2010/12/12 12:04:22 | 003,166,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msgr3en.dll
[2010/12/12 12:04:22 | 000,759,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\VGX.dll
[2010/12/12 12:04:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\srchasst
[2010/12/12 12:04:21 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpband.dll
[2010/12/12 12:04:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed
[2010/12/12 12:04:20 | 000,774,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setup_wm.exe
[2010/12/12 12:04:20 | 000,368,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpvis.dll
[2010/12/12 12:04:20 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpns.dll
[2010/12/12 12:04:20 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\custsat.dll
[2010/12/12 12:04:19 | 000,786,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migrate.exe
[2010/12/12 12:04:19 | 000,364,544 | ---- | C] (Microsoft Corporation (written by Digital Renaissance Inc.)) -- C:\WINDOWS\System32\dllcache\npdsplay.dll
[2010/12/12 12:04:19 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npdrmv2.dll
[2010/12/12 12:04:19 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmplayer.exe
[2010/12/12 12:04:19 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npwmsdrm.dll
[2010/12/12 12:04:19 | 000,004,639 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplayer2.exe
[2010/12/12 12:04:18 | 000,327,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll
[2010/12/12 12:04:18 | 000,327,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wucltui.dll
[2010/12/12 12:04:18 | 000,209,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuweb.dll
[2010/12/12 12:04:18 | 000,183,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng1.dll
[2010/12/12 12:04:18 | 000,183,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaueng1.dll
[2010/12/12 12:04:18 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauserv.dll
[2010/12/12 12:04:17 | 001,929,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaueng.dll
[2010/12/12 12:04:17 | 000,575,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll
[2010/12/12 12:04:17 | 000,575,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuapi.dll
[2010/12/12 12:04:17 | 000,217,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaucpl.cpl
[2010/12/12 12:04:17 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauclt1.exe
[2010/12/12 12:04:17 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauclt1.exe
[2010/12/12 12:04:17 | 000,053,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauclt.exe
[2010/12/12 12:04:17 | 000,035,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wups.dll
[2010/12/12 12:04:17 | 000,035,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wups.dll
[2010/12/12 12:04:17 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bitsprx4.dll
[2010/12/12 12:04:17 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx4.dll
[2010/12/12 12:04:17 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bitsprx3.dll
[2010/12/12 12:04:17 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx3.dll
[2010/12/12 12:04:16 | 000,409,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qmgr.dll
[2010/12/12 12:04:16 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qmgrprxy.dll
[2010/12/12 12:04:16 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qmgrprxy.dll
[2010/12/12 12:04:16 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bitsprx2.dll
[2010/12/12 12:04:16 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx2.dll
[2010/12/12 12:04:14 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2res2.dll
[2010/12/12 12:04:14 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2eres.dll
[2010/12/12 12:04:13 | 004,256,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2res.dll
[2010/12/12 12:04:13 | 000,502,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2fxa.dll
[2010/12/12 12:04:13 | 000,402,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2filt.dll
[2010/12/12 12:04:13 | 000,325,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2fxb.dll
[2010/12/12 12:04:13 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2ae.dll
[2010/12/12 12:04:13 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2ext.dll
[2010/12/12 12:04:12 | 003,558,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\moviemk.exe
[2010/12/12 12:04:12 | 000,000,000 | ---D | C] -- C:\Program Files\Movie Maker
[2010/12/12 12:03:57 | 000,565,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobmain.dll
[2010/12/12 12:03:57 | 000,122,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobcomm.dll
[2010/12/12 12:03:57 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oobebaln.exe
[2010/12/12 12:03:57 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobshel.dll
[2010/12/12 12:03:57 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoobe.exe
[2010/12/12 12:03:57 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobweb.dll
[2010/12/12 12:03:57 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobdl.dll
[2010/12/12 12:03:54 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uploadm.exe
[2010/12/12 12:03:54 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrslv.dll
[2010/12/12 12:03:54 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\safrslv.dll
[2010/12/12 12:03:54 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrcdlg.dll
[2010/12/12 12:03:54 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\safrcdlg.dll
[2010/12/12 12:03:54 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\racpldlg.dll
[2010/12/12 12:03:54 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\racpldlg.dll
[2010/12/12 12:03:54 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrdm.dll
[2010/12/12 12:03:54 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\safrdm.dll
[2010/12/12 12:03:53 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pchshell.dll
[2010/12/12 12:03:53 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pchsvc.dll
[2010/12/12 12:03:51 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe
[2010/12/12 12:03:51 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msconfig.exe
[2010/12/12 12:03:51 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hscupd.exe
[2010/12/12 12:03:50 | 000,769,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpctr.exe
[2010/12/12 12:03:50 | 000,129,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fltmgr.sys
[2010/12/12 12:03:50 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fltMc.exe
[2010/12/12 12:03:50 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fltmc.exe
[2010/12/12 12:03:50 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fltlib.dll
[2010/12/12 12:03:49 | 000,380,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rstrui.exe
[2010/12/12 12:03:49 | 000,239,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srrstr.dll
[2010/12/12 12:03:49 | 000,239,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srrstr.dll
[2010/12/12 12:03:49 | 000,171,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srsvc.dll
[2010/12/12 12:03:49 | 000,073,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sr.sys
[2010/12/12 12:03:49 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srclient.dll
[2010/12/12 12:03:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore
[2010/12/12 12:03:48 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ils.dll
[2010/12/12 12:03:48 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ils.dll
[2010/12/12 12:03:48 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msconf.dll
[2010/12/12 12:03:48 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msconf.dll
[2010/12/12 12:03:48 | 000,034,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mnmdd.dll
[2010/12/12 12:03:48 | 000,034,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mnmdd.dll
[2010/12/12 12:03:48 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mnmsrvc.exe
[2010/12/12 12:03:48 | 000,032,768 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\isrdbg32.dll
[2010/12/12 12:03:48 | 000,032,768 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\isrdbg32.dll
[2010/12/12 12:03:48 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmmkcert.dll
[2010/12/12 12:03:48 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmmkcert.dll
[2010/12/12 12:03:47 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\callcont.dll
[2010/12/12 12:03:47 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmas.dll
[2010/12/12 12:03:47 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rrcm.dll
[2010/12/12 12:03:47 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\h323cc.dll
[2010/12/12 12:03:47 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dcap32.dll
[2010/12/12 12:03:47 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmasnt.dll
[2010/12/12 12:03:46 | 000,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mst120.dll
[2010/12/12 12:03:46 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nac.dll
[2010/12/12 12:03:46 | 000,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmwb.dll
[2010/12/12 12:03:46 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmchat.dll
[2010/12/12 12:03:46 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmcom.dll
[2010/12/12 12:03:46 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mst123.dll
[2010/12/12 12:03:46 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\confmrsl.dll
[2010/12/12 12:03:45 | 001,032,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\conf.exe
[2010/12/12 12:03:45 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmoldwb.dll
[2010/12/12 12:03:45 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmft.dll
[2010/12/12 12:03:45 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoert2.dll
[2010/12/12 12:03:45 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoert2.dll
[2010/12/12 12:03:45 | 000,000,000 | ---D | C] -- C:\Program Files\NetMeeting
[2010/12/12 12:03:44 | 000,510,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab32.dll
[2010/12/12 12:03:44 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoeacct.dll
[2010/12/12 12:03:44 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoeacct.dll
[2010/12/12 12:03:44 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab32res.dll
[2010/12/12 12:03:44 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\directdb.dll
[2010/12/12 12:03:44 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wabimp.dll
[2010/12/12 12:03:44 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab.exe
[2010/12/12 12:03:44 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wabfind.dll
[2010/12/12 12:03:44 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wabmig.exe
[2010/12/12 12:03:43 | 000,692,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcomm.dll
[2010/12/12 12:03:43 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oeimport.dll
[2010/12/12 12:03:43 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msimn.exe
[2010/12/12 12:03:43 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetres.dll
[2010/12/12 12:03:43 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetres.dll
[2010/12/12 12:03:42 | 002,479,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoeres.dll
[2010/12/12 12:03:41 | 000,274,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstask.dll
[2010/12/12 12:03:41 | 000,192,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\schedsvc.dll
[2010/12/12 12:03:41 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setup50.exe
[2010/12/12 12:03:41 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oemig50.exe
[2010/12/12 12:03:41 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oemiglib.dll
[2010/12/12 12:03:41 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstinit.exe
[2010/12/12 12:03:41 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstinit.exe
[2010/12/12 12:03:41 | 000,000,000 | ---D | C] -- C:\Program Files\Outlook Express
[2010/12/12 12:03:40 | 000,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcfg.dll
[2010/12/12 12:03:40 | 000,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcfg.dll
[2010/12/12 12:03:40 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\isign32.dll
[2010/12/12 12:03:40 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isign32.dll
[2010/12/12 12:03:40 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwdial.dll
[2010/12/12 12:03:40 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwdial.dll
[2010/12/12 12:03:40 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwphbk.dll
[2010/12/12 12:03:40 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwphbk.dll
[2010/12/12 12:03:39 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwconn1.exe
[2010/12/12 12:03:39 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwhelp.dll
[2010/12/12 12:03:39 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwconn2.exe
[2010/12/12 12:03:39 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwconn.dll
[2010/12/12 12:03:39 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwutil.dll
[2010/12/12 12:03:39 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwdl.dll
[2010/12/12 12:03:39 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwrmind.exe
[2010/12/12 12:03:39 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetwiz.exe
[2010/12/12 12:03:38 | 000,554,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dao360.dll
[2010/12/12 12:03:38 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sqlxmlx.dll
[2010/12/12 12:03:37 | 000,487,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oledb32.dll
[2010/12/12 12:03:37 | 000,315,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdasql.dll
[2010/12/12 12:03:37 | 000,204,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaps.dll
[2010/12/12 12:03:37 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdatl3.dll
[2010/12/12 12:03:37 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaosp.dll
[2010/12/12 12:03:37 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oledb32r.dll
[2010/12/12 12:03:37 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxactps.dll
[2010/12/12 12:03:37 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdatt.dll
[2010/12/12 12:03:37 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdasqlr.dll
[2010/12/12 12:03:37 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaurl.dll
[2010/12/12 12:03:37 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdasc.dll
[2010/12/12 12:03:36 | 000,536,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado15.dll
[2010/12/12 12:03:36 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaora.dll
[2010/12/12 12:03:36 | 000,200,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadox.dll
[2010/12/12 12:03:36 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadomd.dll
[2010/12/12 12:03:36 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msjro.dll
[2010/12/12 12:03:36 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado27.tlb
[2010/12/12 12:03:36 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado26.tlb
[2010/12/12 12:03:36 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado25.tlb
[2010/12/12 12:03:36 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado21.tlb
[2010/12/12 12:03:36 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado20.tlb
[2010/12/12 12:03:36 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadrh15.dll
[2010/12/12 12:03:36 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msador15.dll
[2010/12/12 12:03:36 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msader15.dll
[2010/12/12 12:03:36 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaorar.dll
[2010/12/12 12:03:36 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaer.dll
[2010/12/12 12:03:36 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaenum.dll
[2010/12/12 12:03:36 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdadc.dll
[2010/12/12 12:03:35 | 000,200,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaprst.dll
[2010/12/12 12:03:35 | 000,155,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadds.dll
[2010/12/12 12:03:35 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadco.dll
[2010/12/12 12:03:35 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdarem.dll
[2010/12/12 12:03:35 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcf.dll
[2010/12/12 12:03:35 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcs.dll
[2010/12/12 12:03:35 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdfmap.dll
[2010/12/12 12:03:35 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msaddsr.dll
[2010/12/12 12:03:35 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcer.dll
[2010/12/12 12:03:35 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaremr.dll
[2010/12/12 12:03:35 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaprsr.dll
[2010/12/12 12:03:35 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcor.dll
[2010/12/12 12:03:35 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcfr.dll
[2010/12/12 12:03:34 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadce.dll
[2010/12/12 12:03:34 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\System
[2010/12/12 12:03:33 | 000,638,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iexplore.exe
[2010/12/12 12:03:33 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hmmapi.dll
[2010/12/12 12:03:33 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedw.exe
mrsr71
2010-12-24, 01:08
[2010/12/12 12:03:28 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Explorer
[2010/12/12 12:03:27 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Pictures
[2010/12/12 12:02:57 | 000,000,000 | ---D | C] -- C:\Program Files\ComPlus Applications
[2010/12/12 12:02:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\Registration
[2010/12/12 12:02:43 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Music
[2010/12/12 12:02:43 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Player
[2010/12/12 12:02:43 | 000,000,000 | ---D | C] -- C:\Program Files\Online Services
[2010/12/12 12:02:37 | 000,000,000 | ---D | C] -- C:\Program Files\Messenger
[2010/12/12 12:02:36 | 001,817,687 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgres.dll
[2010/12/12 12:02:36 | 000,082,501 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckg.dll
[2010/12/12 12:02:36 | 000,042,577 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgzm.exe
[2010/12/12 12:02:36 | 000,042,574 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvsezm.exe
[2010/12/12 12:02:35 | 002,178,131 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlres.dll
[2010/12/12 12:02:35 | 000,780,885 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrres.dll
[2010/12/12 12:02:35 | 000,753,236 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvseres.dll
[2010/12/12 12:02:35 | 000,066,113 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvl.dll
[2010/12/12 12:02:35 | 000,048,706 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvse.dll
[2010/12/12 12:02:35 | 000,042,575 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrzm.exe
[2010/12/12 12:02:35 | 000,042,573 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlzm.exe
[2010/12/12 12:02:35 | 000,042,573 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzzm.exe
[2010/12/12 12:02:35 | 000,040,515 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkr.dll
[2010/12/12 12:02:34 | 001,175,635 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzres.dll
[2010/12/12 12:02:34 | 001,039,955 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnresm.dll
[2010/12/12 12:02:34 | 000,057,409 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtz.dll
[2010/12/12 12:02:34 | 000,041,029 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zcorem.dll
[2010/12/12 12:02:34 | 000,032,339 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniansi.dll
[2010/12/12 12:02:34 | 000,013,894 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zonelibm.dll
[2010/12/12 12:02:34 | 000,004,677 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zeeverm.dll
[2010/12/12 12:02:33 | 000,217,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnclim.dll
[2010/12/12 12:02:33 | 000,113,222 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zoneclim.dll
[2010/12/12 12:02:33 | 000,036,937 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zclientm.exe
[2010/12/12 12:02:33 | 000,029,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\znetm.dll
[2010/12/12 12:02:33 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\write.exe
[2010/12/12 12:02:33 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\write.exe
[2010/12/12 12:02:33 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Gaming Zone
[2010/12/12 12:02:25 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndvol32.exe
[2010/12/12 12:02:25 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndvol32.exe
[2010/12/12 12:02:25 | 000,044,544 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\hticons.dll
[2010/12/12 12:02:25 | 000,013,312 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\dllcache\htrn_jis.dll
[2010/12/12 12:02:24 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avtapi.dll
[2010/12/12 12:02:24 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avtapi.dll
[2010/12/12 12:02:24 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avwav.dll
[2010/12/12 12:02:24 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avwav.dll
[2010/12/12 12:02:24 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winchat.exe
[2010/12/12 12:02:24 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winchat.exe
[2010/12/12 12:02:24 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avmeter.dll
[2010/12/12 12:02:24 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avmeter.dll
[2010/12/12 12:02:18 | 000,605,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\getuname.dll
[2010/12/12 12:02:18 | 000,605,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\getuname.dll
[2010/12/12 12:02:18 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\charmap.exe
[2010/12/12 12:02:18 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\charmap.exe
[2010/12/12 12:02:17 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winmine.exe
[2010/12/12 12:02:17 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmine.exe
[2010/12/12 12:02:17 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\calc.exe
[2010/12/12 12:02:17 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\calc.exe
[2010/12/12 12:02:17 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sol.exe
[2010/12/12 12:02:17 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sol.exe
[2010/12/12 12:02:16 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mshearts.exe
[2010/12/12 12:02:16 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshearts.exe
[2010/12/12 12:02:16 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\freecell.exe
[2010/12/12 12:02:16 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\freecell.exe
[2010/12/12 12:02:16 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\regini.exe
[2010/12/12 12:02:16 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\regini.exe
[2010/12/12 12:02:16 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsshutdn.exe
[2010/12/12 12:02:16 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsshutdn.exe
[2010/12/12 12:02:16 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tskill.exe
[2010/12/12 12:02:16 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tskill.exe
[2010/12/12 12:02:16 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rwinsta.exe
[2010/12/12 12:02:16 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rwinsta.exe
[2010/12/12 12:02:16 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsdiscon.exe
[2010/12/12 12:02:16 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsdiscon.exe
[2010/12/12 12:02:16 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscon.exe
[2010/12/12 12:02:16 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscon.exe
[2010/12/12 12:02:16 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\shadow.exe
[2010/12/12 12:02:16 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shadow.exe
[2010/12/12 12:02:16 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\reset.exe
[2010/12/12 12:02:16 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\reset.exe
[2010/12/12 12:02:15 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qwinsta.exe
[2010/12/12 12:02:15 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qwinsta.exe
[2010/12/12 12:02:15 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msg.exe
[2010/12/12 12:02:15 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msg.exe
[2010/12/12 12:02:15 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtsadmin.tlb
[2010/12/12 12:02:15 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qappsrv.exe
[2010/12/12 12:02:15 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qappsrv.exe
[2010/12/12 12:02:15 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cdmodem.dll
[2010/12/12 12:02:15 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cdmodem.dll
[2010/12/12 12:02:15 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\logoff.exe
[2010/12/12 12:02:15 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logoff.exe
[2010/12/12 12:02:15 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpcfgex.dll
[2010/12/12 12:02:15 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpcfgex.dll
[2010/12/12 12:02:14 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmi2xml.dll
[2010/12/12 12:02:11 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\updprov.dll
[2010/12/12 12:02:11 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipicmp.dll
[2010/12/12 12:02:11 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmplprov.dll
[2010/12/12 12:02:11 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmimsg.dll
[2010/12/12 12:02:11 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemdisp.tlb
[2010/12/12 12:02:11 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trnsprov.dll
[2010/12/12 12:02:11 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmitimep.dll
[2010/12/12 12:02:11 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.tlb
[2010/12/12 12:02:11 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unsecapp.exe
[2010/12/12 12:02:11 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmtr.dll
[2010/12/12 12:02:11 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmt.exe
[2010/12/12 12:02:11 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.dll
[2010/12/12 12:02:10 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msiprov.dll
[2010/12/12 12:02:10 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsprov.dll
[2010/12/12 12:02:10 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fwdprov.dll
[2010/12/12 12:02:10 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpcons.dll
[2010/12/12 12:01:56 | 000,000,000 | ---D | C] -- C:\Program Files\MSN
[2010/12/12 12:01:55 | 000,281,088 | ---- | C] (Cinematronics) -- C:\WINDOWS\System32\dllcache\pinball.exe
[2010/12/12 12:01:54 | 000,347,136 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\hypertrm.dll
[2010/12/12 12:01:54 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\accwiz.exe
[2010/12/12 12:01:54 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\accwiz.exe
[2010/12/12 12:01:54 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndrec32.exe
[2010/12/12 12:01:54 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndrec32.exe
[2010/12/12 12:01:54 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mplay32.exe
[2010/12/12 12:01:54 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplay32.exe
[2010/12/12 12:01:54 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\access.cpl
[2010/12/12 12:01:54 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\access.cpl
[2010/12/12 12:01:53 | 000,539,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dialer.exe
[2010/12/12 12:01:53 | 000,343,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mspaint.exe
[2010/12/12 12:01:53 | 000,343,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspaint.exe
[2010/12/12 12:01:53 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clipbrd.exe
[2010/12/12 12:01:53 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clipbrd.exe
[2010/12/12 12:01:53 | 000,000,000 | ---D | C] -- C:\Program Files\Windows NT
[2010/12/12 12:01:52 | 000,538,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spider.exe
[2010/12/12 12:01:52 | 000,538,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spider.exe
[2010/12/12 12:01:52 | 000,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdtcp.sys
[2010/12/12 12:01:52 | 000,012,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdpipe.sys
[2010/12/12 12:01:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US
[2010/12/12 12:01:51 | 000,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rhttpaa.dll
[2010/12/12 12:01:51 | 000,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rhttpaa.dll
[2010/12/12 12:01:51 | 000,139,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwd.sys
[2010/12/12 12:01:51 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aaclient.dll
[2010/12/12 12:01:51 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\aaclient.dll
[2010/12/12 12:01:51 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscfgwmi.dll
[2010/12/12 12:01:51 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscfgwmi.dll
[2010/12/12 12:01:51 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsgqec.dll
[2010/12/12 12:01:51 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsgqec.dll
[2010/12/12 12:01:50 | 002,061,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lhmstscx.dll
[2010/12/12 12:01:50 | 000,677,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lhmstsc.exe
[2010/12/12 12:01:50 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdshost.exe
[2010/12/12 12:01:50 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdshost.exe
[2010/12/12 12:01:50 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\remotepg.dll
[2010/12/12 12:01:50 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdsaddin.exe
[2010/12/12 12:01:50 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdsaddin.exe
[2010/12/12 12:01:49 | 000,295,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\termsrv.dll
[2010/12/12 12:01:49 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdchost.dll
[2010/12/12 12:01:49 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdchost.dll
[2010/12/12 12:01:49 | 000,141,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sessmgr.exe
[2010/12/12 12:01:49 | 000,087,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpwsx.dll
[2010/12/12 12:01:49 | 000,087,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwsx.dll
[2010/12/12 12:01:49 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpclip.exe
[2010/12/12 12:01:49 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpclip.exe
[2010/12/12 12:01:49 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cfgbkend.dll
[2010/12/12 12:01:49 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cfgbkend.dll
[2010/12/12 12:01:49 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpsnd.dll
[2010/12/12 12:01:49 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpsnd.dll
[2010/12/12 12:01:49 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qprocess.exe
[2010/12/12 12:01:49 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qprocess.exe
[2010/12/12 12:01:49 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icaapi.dll
[2010/12/12 12:01:49 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icaapi.dll
[2010/12/12 12:01:48 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtctm.dll
[2010/12/12 12:01:48 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtctm.dll
[2010/12/12 12:01:48 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcprx.dll
[2010/12/12 12:01:48 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtcprx.dll
[2010/12/12 12:01:48 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcuiu.dll
[2010/12/12 12:01:48 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtcuiu.dll
[2010/12/12 12:01:48 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxoci.dll
[2010/12/12 12:01:48 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxoci.dll
[2010/12/12 12:01:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc
[2010/12/12 12:01:47 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtclog.dll
[2010/12/12 12:01:47 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtclog.dll
[2010/12/12 12:01:47 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xolehlp.dll
[2010/12/12 12:01:47 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xolehlp.dll
[2010/12/12 12:01:47 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrepl.exe
[2010/12/12 12:01:47 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtc.exe
[2010/12/12 12:01:47 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrereg.exe
[2010/12/12 12:01:46 | 000,195,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comadmin.dll
[2010/12/12 12:01:46 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrepl.dll
[2010/12/12 12:01:46 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comrepl.dll
[2010/12/12 12:01:46 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\colbact.dll
[2010/12/12 12:01:46 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\colbact.dll
[2010/12/12 12:01:46 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\stclient.dll
[2010/12/12 12:01:46 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\stclient.dll
[2010/12/12 12:01:46 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxlegih.dll
[2010/12/12 12:01:46 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxlegih.dll
[2010/12/12 12:01:46 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxdm.dll
[2010/12/12 12:01:46 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxdm.dll
[2010/12/12 12:01:46 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comaddin.dll
[2010/12/12 12:01:46 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comaddin.dll
[2010/12/12 12:01:46 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dcomcnfg.exe
[2010/12/12 12:01:46 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dcomcnfg.exe
[2010/12/12 12:01:46 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxex.dll
[2010/12/12 12:01:46 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxex.dll
[2010/12/12 12:01:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Com
[2010/12/12 12:01:45 | 000,625,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\catsrvut.dll
[2010/12/12 12:01:45 | 000,625,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvut.dll
[2010/12/12 12:01:45 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\catsrv.dll
[2010/12/12 12:01:45 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrv.dll
[2010/12/12 12:01:45 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clbcatex.dll
[2010/12/12 12:01:45 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clbcatex.dll
[2010/12/12 12:01:45 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\catsrvps.dll
[2010/12/12 12:01:45 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvps.dll
[2010/12/12 12:01:44 | 001,267,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comsvcs.dll
[2010/12/12 12:01:44 | 001,267,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsvcs.dll
[2010/12/12 12:01:44 | 000,539,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comuid.dll
[2010/12/12 12:01:44 | 000,539,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comuid.dll
[2010/12/12 12:01:44 | 000,498,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clbcatq.dll
[2010/12/12 12:01:44 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comsnap.dll
[2010/12/12 12:01:44 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsnap.dll
[2010/12/12 12:01:42 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipcima.dll
[2010/12/12 12:01:42 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmisvc.dll
[2010/12/12 12:01:42 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprov.dll
[2010/12/12 12:01:42 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipdskq.dll
[2010/12/12 12:01:42 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiutils.dll
[2010/12/12 12:01:42 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipjobj.dll
[2010/12/12 12:01:42 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipiprt.dll
[2010/12/12 12:01:42 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipsess.dll
[2010/12/12 12:01:41 | 000,358,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmic.exe
[2010/12/12 12:01:41 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemess.dll
[2010/12/12 12:01:41 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemupgd.dll
[2010/12/12 12:01:41 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiadap.exe
[2010/12/12 12:01:41 | 000,178,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemdisp.dll
[2010/12/12 12:01:41 | 000,140,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmidcprv.dll
[2010/12/12 12:01:41 | 000,126,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiapsrv.exe
[2010/12/12 12:01:41 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemtest.exe
[2010/12/12 12:01:41 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiaprpl.dll
[2010/12/12 12:01:41 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmicookr.dll
[2010/12/12 12:01:41 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemsvc.dll
[2010/12/12 12:01:41 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemprox.dll
[2010/12/12 12:01:41 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiapres.dll
[2010/12/12 12:01:40 | 000,531,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcore.dll
[2010/12/12 12:01:40 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcomn.dll
[2010/12/12 12:01:40 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcntl.dll
[2010/12/12 12:01:40 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\viewprov.dll
[2010/12/12 12:01:40 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\stdprov.dll
[2010/12/12 12:01:40 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcons.dll
[2010/12/12 12:01:40 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scrcons.exe
[2010/12/12 12:01:39 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\provthrd.dll
[2010/12/12 12:01:39 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntevt.dll
[2010/12/12 12:01:39 | 000,178,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\repdrvfs.dll
[2010/12/12 12:01:39 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mofd.dll
[2010/12/12 12:01:39 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\policman.dll
[2010/12/12 12:01:39 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ncprov.dll
[2010/12/12 12:01:39 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\krnlprov.dll
[2010/12/12 12:01:39 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mofcomp.exe
[2010/12/12 12:01:38 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\esscli.dll
[2010/12/12 12:01:38 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\framedyn.dll
[2010/12/12 12:01:37 | 001,358,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cimwin32.dll
[2010/12/12 12:01:37 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmprops.dll
[2010/12/12 12:01:37 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmprops.dll
[2010/12/12 12:01:37 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\licwmi.dll
[2010/12/12 12:01:37 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\licwmi.dll
[2010/12/12 12:01:37 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\servdeps.dll
[2010/12/12 12:01:37 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\servdeps.dll
[2010/12/12 12:01:37 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmfutil.dll
[2010/12/12 12:01:37 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mmfutil.dll
[2010/12/12 12:01:30 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Videos
[2010/12/12 04:55:06 | 000,006,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\enum1394.sys
[2010/12/12 04:54:51 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\usbui.dll
[2010/12/12 04:54:51 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbui.dll
[2010/12/12 04:54:29 | 000,014,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\battc.sys
[2010/12/12 04:53:41 | 000,000,000 | -HSD | C] -- C:\WINDOWS\Installer
[2010/12/12 04:53:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC
[2010/12/12 04:53:39 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spcommon.dll
[2010/12/12 04:53:39 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spcplui.dll
[2010/12/12 04:53:38 | 000,774,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spttseng.dll
[2010/12/12 04:53:37 | 000,155,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapi.cpl
[2010/12/12 04:53:37 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapisvr.exe
[2010/12/12 04:53:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeechEngines
[2010/12/12 04:53:36 | 000,741,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapi.dll
[2010/12/12 04:53:36 | 000,000,000 | R--D | C] -- C:\Program Files
[2010/12/12 04:53:36 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Shared
[2010/12/12 04:53:36 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files
[2010/12/12 04:53:35 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0408.dll
[2010/12/12 04:53:35 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt040e.dll
[2010/12/12 04:53:35 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt041f.dll
[2010/12/12 04:53:35 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0419.dll
[2010/12/12 04:53:35 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0415.dll
[2010/12/12 04:53:35 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0405.dll
[2010/12/12 04:53:33 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuq.dll
[2010/12/12 04:53:33 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuf.dll
[2010/12/12 04:53:33 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtuq.dll
[2010/12/12 04:53:33 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtuf.dll
[2010/12/12 04:53:33 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdazel.dll
[2010/12/12 04:53:33 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdazel.dll
[2010/12/12 04:53:32 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkyr.dll
[2010/12/12 04:53:32 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkyr.dll
[2010/12/12 04:53:31 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycc.dll
[2010/12/12 04:53:31 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbduzb.dll
[2010/12/12 04:53:31 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdur.dll
[2010/12/12 04:53:31 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtat.dll
[2010/12/12 04:53:31 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru1.dll
[2010/12/12 04:53:31 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru.dll
[2010/12/12 04:53:31 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmon.dll
[2010/12/12 04:53:31 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkaz.dll
[2010/12/12 04:53:31 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbu.dll
[2010/12/12 04:53:31 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdblr.dll
[2010/12/12 04:53:31 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdaze.dll
[2010/12/12 04:53:31 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdycc.dll
[2010/12/12 04:53:31 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbduzb.dll
[2010/12/12 04:53:31 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdur.dll
[2010/12/12 04:53:31 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtat.dll
[2010/12/12 04:53:31 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdru1.dll
[2010/12/12 04:53:31 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdru.dll
[2010/12/12 04:53:31 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdmon.dll
[2010/12/12 04:53:31 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkaz.dll
[2010/12/12 04:53:31 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdbu.dll
[2010/12/12 04:53:31 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdblr.dll
[2010/12/12 04:53:31 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdaze.dll
[2010/12/12 04:53:29 | 000,008,192 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhept.dll
[2010/12/12 04:53:29 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhept.dll
[2010/12/12 04:53:29 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela3.dll
[2010/12/12 04:53:29 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhela3.dll
[2010/12/12 04:53:29 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela2.dll
[2010/12/12 04:53:29 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdgkl.dll
[2010/12/12 04:53:29 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhela2.dll
[2010/12/12 04:53:29 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgkl.dll
[2010/12/12 04:53:29 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe319.dll
[2010/12/12 04:53:29 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe220.dll
[2010/12/12 04:53:29 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe.dll
[2010/12/12 04:53:29 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe319.dll
[2010/12/12 04:53:29 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe220.dll
[2010/12/12 04:53:29 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe.dll
[2010/12/12 04:53:28 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv1.dll
[2010/12/12 04:53:28 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv.dll
[2010/12/12 04:53:28 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdest.dll
[2010/12/12 04:53:28 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlv1.dll
[2010/12/12 04:53:28 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlv.dll
[2010/12/12 04:53:28 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdest.dll
[2010/12/12 04:53:28 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt1.dll
[2010/12/12 04:53:28 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt.dll
[2010/12/12 04:53:28 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlt1.dll
[2010/12/12 04:53:28 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlt.dll
[2010/12/12 04:53:26 | 000,007,168 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz.dll
[2010/12/12 04:53:26 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz.dll
[2010/12/12 04:53:26 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycl.dll
[2010/12/12 04:53:26 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl1.dll
[2010/12/12 04:53:26 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl.dll
[2010/12/12 04:53:26 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpl.dll
[2010/12/12 04:53:26 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu.dll
[2010/12/12 04:53:26 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz2.dll
[2010/12/12 04:53:26 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz1.dll
[2010/12/12 04:53:26 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcr.dll
[2010/12/12 04:53:26 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\KBDAL.DLL
[2010/12/12 04:53:26 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdycl.dll
[2010/12/12 04:53:26 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsl1.dll
[2010/12/12 04:53:26 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsl.dll
[2010/12/12 04:53:26 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdpl.dll
[2010/12/12 04:53:26 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhu.dll
[2010/12/12 04:53:26 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz2.dll
[2010/12/12 04:53:26 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz1.dll
[2010/12/12 04:53:26 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcr.dll
[2010/12/12 04:53:26 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdal.dll
[2010/12/12 04:53:26 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdro.dll
[2010/12/12 04:53:26 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpl1.dll
[2010/12/12 04:53:26 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu1.dll
[2010/12/12 04:53:26 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdro.dll
[2010/12/12 04:53:26 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdpl1.dll
[2010/12/12 04:53:26 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhu1.dll
[2010/12/12 04:53:24 | 000,176,157 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dllcache\dgrpsetu.dll
[2010/12/12 04:53:24 | 000,176,157 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dgrpsetu.dll
[2010/12/12 04:53:24 | 000,085,020 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dllcache\dgsetup.dll
[2010/12/12 04:53:24 | 000,085,020 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dgsetup.dll
[2010/12/12 04:53:24 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\spxcoins.dll
[2010/12/12 04:53:24 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxcoins.dll
[2010/12/12 04:53:24 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irclass.dll
[2010/12/12 04:53:24 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irclass.dll
[2010/12/12 04:53:23 | 000,103,424 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\EqnClass.Dll
[2010/12/12 04:53:23 | 000,103,424 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqnclass.dll
[2010/12/12 04:53:23 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLECLI.DLL
[2010/12/12 04:53:23 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLESVR.DLL
[2010/12/12 04:53:23 | 000,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TAPI.DLL
[2010/12/12 04:53:23 | 000,013,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\WFWNET.DRV
[2010/12/12 04:53:23 | 000,009,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VER.DLL
[2010/12/12 04:53:23 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SHELL.DLL
[2010/12/12 04:53:23 | 000,004,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TIMER.DRV
[2010/12/12 04:53:23 | 000,003,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SYSTEM.DRV
[2010/12/12 04:53:23 | 000,002,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VGA.DRV
[2010/12/12 04:53:23 | 000,001,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SOUND.DRV
[2010/12/12 04:53:22 | 000,126,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MSVIDEO.DLL
[2010/12/12 04:53:22 | 000,109,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVIFILE.DLL
[2010/12/12 04:53:22 | 000,073,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIAVI.DRV
[2010/12/12 04:53:22 | 000,069,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVICAP.DLL
[2010/12/12 04:53:22 | 000,032,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\COMMDLG.DLL
[2010/12/12 04:53:22 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIWAVE.DRV
[2010/12/12 04:53:22 | 000,025,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCISEQ.DRV
[2010/12/12 04:53:22 | 000,009,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\LZEXPAND.DLL
[2010/12/12 04:53:22 | 000,002,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MOUSE.DRV
[2010/12/12 04:53:22 | 000,002,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\KEYBOARD.DRV
[2010/12/12 04:53:22 | 000,001,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MMTASK.TSK
[2010/12/12 04:53:21 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\WINSPOOL.DRV
[2010/12/12 04:53:21 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\TASKMAN.EXE
[2010/12/12 04:53:21 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\taskman.exe
[2010/12/12 04:53:21 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irenum.sys
[2010/12/12 04:53:21 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\batt.dll
[2010/12/12 04:53:21 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\batt.dll
[2010/12/12 04:53:20 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\storprop.dll
[2010/12/12 04:53:20 | 000,068,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MMSYSTEM.DLL
[2010/12/12 04:53:12 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu
[2010/12/12 04:53:12 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents
[2010/12/12 04:53:12 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Templates
[2010/12/12 04:53:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Favorites
[2010/12/12 04:53:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Desktop
[2010/12/12 04:53:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2010/12/12 04:53:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot
[2010/12/12 04:52:54 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2010/12/12 04:52:54 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\All Users\Application Data
[2010/12/12 04:52:28 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2010/12/12 04:52:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings
[2010/12/12 04:44:02 | 000,000,000 | R-SD | C] -- C:\WINDOWS\Fonts
[2010/12/12 04:44:02 | 000,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2010/12/12 04:44:02 | 000,000,000 | R--D | C] -- C:\WINDOWS\Web
[2010/12/12 04:44:02 | 000,000,000 | -H-D | C] -- C:\WINDOWS\inf
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\WinSxS
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wins
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\twain_32
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\system32
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\system
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\spool
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\security
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\Resources
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\repair
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ras
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\Provisioning
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\PeerNet
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\pchealth
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\npp
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\Network Diagnostic
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\mui
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\mui
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\msapps
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\msagent
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\Media
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\L2Schemas
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\java
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\IME
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\ime
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ias
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\Help
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\export
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\ehome
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\Dell
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\Debug
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cursors
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard
mrsr71
2010-12-24, 01:09
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\config
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\Config
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\AppPatch
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\addins
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3076
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\2052
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1054
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1042
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1041
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1037
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1033
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1031
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1028
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1025
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/12/23 15:49:10 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dan Werner\Desktop\OTL.exe
[2010/12/23 15:46:17 | 000,000,894 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/12/23 15:29:28 | 000,050,688 | ---- | M] (Atribune.org) -- C:\Documents and Settings\Dan Werner\Desktop\ATF-Cleaner.exe
[2010/12/23 14:17:01 | 000,133,632 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Desktop\RKUnhookerLE.EXE
[2010/12/23 13:45:10 | 000,012,800 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/12/23 13:45:00 | 000,027,810 | ---- | M] () -- C:\WINDOWS\System32\nvModes.001
[2010/12/23 07:14:46 | 000,002,521 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Desktop\Outlook.lnk
[2010/12/23 07:12:08 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/12/23 07:11:36 | 000,000,890 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/12/23 07:11:25 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/12/22 15:01:32 | 000,000,225 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Desktop\Blade CX2 - RC Groups.URL
[2010/12/22 12:28:31 | 000,000,981 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2010/12/22 12:26:18 | 000,428,313 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2010/12/21 11:13:22 | 000,000,173 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Desktop\June.URL
[2010/12/21 09:39:10 | 000,000,086 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Desktop\Google Redirect Virus – Santa Clarita CA. - Safer-Networking Forums.URL
[2010/12/21 08:01:38 | 000,002,578 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Desktop\Attach.zip
[2010/12/21 07:54:23 | 000,624,128 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Desktop\dds.scr
[2010/12/21 07:51:26 | 000,000,592 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Desktop\ERUNT.lnk
[2010/12/21 07:49:56 | 000,791,393 | ---- | M] (Lars Hederer ) -- C:\Documents and Settings\Dan Werner\Desktop\erunt-setup.exe
[2010/12/21 07:37:15 | 000,000,073 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Desktop\Malware Removal - Safer-Networking Forums.URL
[2010/12/20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/12/20 18:08:40 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/12/20 17:22:43 | 000,016,968 | ---- | M] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys
[2010/12/19 13:52:01 | 000,000,738 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Desktop\Outlook Express.lnk
[2010/12/18 15:45:15 | 000,000,209 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Desktop\Google Calendar.URL
[2010/12/18 15:38:06 | 000,000,192 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Desktop\Gull Lake.URL
[2010/12/18 14:39:10 | 000,000,616 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Application Data\Microsoft\Internet Explorer\Quick Launch\Cool RingTone Maker.lnk
[2010/12/18 14:39:10 | 000,000,598 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Ring Tone Maker.lnk
[2010/12/18 07:36:32 | 000,435,828 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/12/18 07:36:32 | 000,068,558 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/12/17 17:14:47 | 000,001,889 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Norton 360.LNK
[2010/12/17 17:13:49 | 000,550,944 | ---- | M] () -- C:\WINDOWS\System32\drivers\N360\0403000.005\Cat.DB
[2010/12/17 15:43:37 | 000,000,789 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Desktop\VoptXP.lnk
[2010/12/17 13:57:20 | 000,000,275 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Desktop\The Ride Central.url
[2010/12/17 10:00:27 | 000,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2010/12/17 10:00:15 | 000,001,620 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/12/17 10:00:15 | 000,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Firefox.lnk
[2010/12/17 09:55:17 | 000,000,329 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Desktop\Doppler.url
[2010/12/16 13:26:27 | 000,427,647 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20101222-122618.backup
[2010/12/16 12:26:21 | 000,124,976 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2010/12/16 12:26:21 | 000,007,443 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.CAT
[2010/12/16 12:26:21 | 000,000,805 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.INF
[2010/12/16 12:26:20 | 000,060,808 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\S32EVNT1.DLL
[2010/12/16 12:12:00 | 000,000,909 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20101216-132627.backup
[2010/12/16 11:23:37 | 000,291,680 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/12/16 07:55:21 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/12/15 12:03:42 | 000,000,804 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2010/12/15 10:55:10 | 000,000,626 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Desktop\GSAK.lnk
[2010/12/15 10:54:48 | 000,286,720 | ---- | M] (Indigo Rose Corporation) -- C:\WINDOWS\iun506.exe
[2010/12/14 17:30:25 | 000,000,293 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Desktop\SCSA.url
[2010/12/14 17:27:01 | 000,000,777 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Desktop\Movie Maker.lnk
[2010/12/14 17:12:52 | 000,000,316 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Desktop\My eBay Auctions.url
[2010/12/14 16:46:40 | 000,000,363 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Desktop\Traffic.url
[2010/12/14 16:28:30 | 000,000,478 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Desktop\Bakersfield.url
[2010/12/14 16:24:21 | 000,000,478 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Desktop\Canyon Country.url
[2010/12/14 16:23:40 | 000,000,476 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Desktop\Silver.url
[2010/12/14 16:03:51 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010/12/14 16:03:51 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010/12/14 16:03:51 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010/12/14 16:03:51 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010/12/14 16:03:50 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2010/12/14 12:20:26 | 000,000,205 | ---- | M] () -- C:\WINDOWS\EurekaLog.ini
[2010/12/14 11:24:09 | 000,000,223 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Desktop\Geocaching.url
[2010/12/14 10:18:55 | 000,001,327 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\MapSource.lnk
[2010/12/13 21:00:23 | 000,001,519 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Desktop\HyperSnap.lnk
[2010/12/13 20:56:12 | 000,001,734 | ---- | M] () -- C:\WINDOWS\HS4Setup.MIF
[2010/12/13 20:49:52 | 000,000,505 | ---- | M] () -- C:\HprSnap.hs4lic
[2010/12/13 20:27:49 | 000,001,469 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Desktop\CuteFTP.lnk
[2010/12/13 20:19:29 | 000,000,793 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
[2010/12/13 20:19:25 | 000,000,895 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Photoshop.lnk
[2010/12/13 20:15:22 | 000,000,769 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Start Menu\Programs\Startup\ClickTray Calendar.lnk
[2010/12/13 19:46:54 | 000,000,715 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Auction Sentry.lnk
[2010/12/13 19:39:33 | 000,426,903 | RH-- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts.bak
[2010/12/13 19:37:25 | 000,426,903 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20101213-193933.backup
[2010/12/13 18:54:53 | 000,000,692 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Start Menu\Programs\Startup\PdaNet Desktop.lnk
[2010/12/13 18:48:01 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_WinUSB_01007.Wdf
[2010/12/13 18:47:38 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
[2010/12/13 18:38:08 | 000,001,845 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Google Calendar Sync.lnk
[2010/12/13 16:35:07 | 000,001,836 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk
[2010/12/12 20:16:06 | 000,000,792 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Microsoft Office Outlook.lnk
[2010/12/12 19:05:20 | 000,000,886 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Desktop\Seagate Dashboard.lnk
[2010/12/12 19:02:51 | 000,001,195 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Start Menu\Programs\Startup\Seagate Product Registration.lnk
[2010/12/12 16:38:34 | 000,001,475 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Desktop\Explorer.lnk
[2010/12/12 16:00:21 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_NuidFltr_01005.Wdf
[2010/12/12 16:00:19 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
[2010/12/12 14:27:14 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010/12/12 14:18:43 | 000,000,169 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2010/12/12 14:14:57 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2010/12/12 14:13:45 | 000,002,129 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Roxio Creator.lnk
[2010/12/12 14:13:45 | 000,002,079 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Application Data\Microsoft\Internet Explorer\Quick Launch\Roxio Creator DE.lnk
[2010/12/12 14:10:40 | 000,000,376 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2010/12/12 13:56:24 | 000,319,488 | ---- | M] () -- C:\WINDOWS\System32\AegisI5Installer.exe
[2010/12/12 13:04:40 | 000,027,810 | ---- | M] () -- C:\WINDOWS\System32\nvModes.dat
[2010/12/12 12:12:20 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2010/12/12 12:09:42 | 000,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD
[2010/12/12 12:08:47 | 000,000,290 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2010/12/12 12:06:16 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/12/12 12:06:16 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2010/12/12 12:06:16 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/12/12 12:06:16 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010/12/12 12:06:16 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010/12/12 12:06:13 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2010/12/12 12:06:13 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2010/12/12 12:06:03 | 000,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2010/12/12 12:03:07 | 000,021,640 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010/12/12 12:00:00 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2010/12/12 04:53:45 | 000,004,444 | ---- | M] () -- C:\WINDOWS\System32\pid.PNF
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/12/23 14:17:01 | 000,133,632 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Desktop\RKUnhookerLE.EXE
[2010/12/22 15:00:12 | 000,000,225 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Desktop\Blade CX2 - RC Groups.URL
[2010/12/22 12:26:18 | 000,427,647 | R--- | C] () -- C:\WINDOWS\System32\drivers\etc\hosts.20101222-122618.backup
[2010/12/21 11:08:08 | 000,000,173 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Desktop\June.URL
[2010/12/21 09:39:10 | 000,000,086 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Desktop\Google Redirect Virus – Santa Clarita CA. - Safer-Networking Forums.URL
[2010/12/21 08:01:38 | 000,002,578 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Desktop\Attach.zip
[2010/12/21 07:54:23 | 000,624,128 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Desktop\dds.scr
[2010/12/21 07:51:25 | 000,000,592 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Desktop\ERUNT.lnk
[2010/12/21 07:37:15 | 000,000,073 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Desktop\Malware Removal - Safer-Networking Forums.URL
[2010/12/20 17:22:43 | 000,016,968 | ---- | C] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys
[2010/12/19 13:52:01 | 000,000,738 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Desktop\Outlook Express.lnk
[2010/12/19 10:10:37 | 000,012,800 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/12/18 15:38:57 | 000,000,209 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Desktop\Google Calendar.URL
[2010/12/18 15:37:40 | 000,000,192 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Desktop\Gull Lake.URL
[2010/12/18 14:39:10 | 000,000,616 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Application Data\Microsoft\Internet Explorer\Quick Launch\Cool RingTone Maker.lnk
[2010/12/18 14:39:09 | 000,000,598 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Ring Tone Maker.lnk
[2010/12/17 17:13:33 | 000,550,944 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0403000.005\Cat.DB
[2010/12/17 15:43:37 | 000,000,789 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Desktop\VoptXP.lnk
[2010/12/17 12:22:41 | 000,007,873 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0403000.005\symefa.cat
[2010/12/17 12:22:41 | 000,007,787 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0403000.005\symnetv.cat
[2010/12/17 12:22:41 | 000,007,442 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0403000.005\srtspx.cat
[2010/12/17 12:22:41 | 000,007,438 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0403000.005\srtsp.cat
[2010/12/17 12:22:41 | 000,007,438 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0403000.005\iron.cat
[2010/12/17 12:22:41 | 000,007,425 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0403000.005\symds.cat
[2010/12/17 12:22:41 | 000,007,396 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0403000.005\cchpx86.cat
[2010/12/17 12:22:41 | 000,007,368 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0403000.005\symnet.cat
[2010/12/17 12:22:41 | 000,003,373 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0403000.005\symefa.inf
[2010/12/17 12:22:41 | 000,002,793 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0403000.005\symds.inf
[2010/12/17 12:22:41 | 000,001,754 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0403000.005\cchpx86.inf
[2010/12/17 12:22:41 | 000,001,473 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0403000.005\symnetv.inf
[2010/12/17 12:22:41 | 000,001,445 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0403000.005\symnet.inf
[2010/12/17 12:22:41 | 000,001,388 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0403000.005\srtspx.inf
[2010/12/17 12:22:41 | 000,001,382 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0403000.005\srtsp.inf
[2010/12/17 12:22:41 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0403000.005\iron.inf
[2010/12/17 12:22:01 | 000,000,172 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0403000.005\isolate.ini
[2010/12/17 10:00:27 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010/12/17 10:00:15 | 000,001,620 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/12/17 10:00:14 | 000,001,602 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Firefox.lnk
[2010/12/16 13:26:27 | 000,000,909 | ---- | C] () -- C:\WINDOWS\System32\drivers\etc\hosts.20101216-132627.backup
[2010/12/16 12:26:21 | 000,007,443 | ---- | C] () -- C:\WINDOWS\System32\drivers\SYMEVENT.CAT
[2010/12/16 12:26:21 | 000,000,805 | ---- | C] () -- C:\WINDOWS\System32\drivers\SYMEVENT.INF
[2010/12/16 12:25:51 | 000,001,889 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Norton 360.LNK
[2010/12/15 12:03:42 | 000,000,804 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2010/12/15 10:57:30 | 000,000,577 | ---- | C] () -- C:\WINDOWS\System32\gmsblist.dll
[2010/12/15 10:55:10 | 000,000,626 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Desktop\GSAK.lnk
[2010/12/14 17:29:07 | 000,000,293 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Desktop\SCSA.url
[2010/12/14 17:27:01 | 000,000,777 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Desktop\Movie Maker.lnk
[2010/12/14 16:58:45 | 000,000,316 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Desktop\My eBay Auctions.url
[2010/12/14 16:48:56 | 000,000,329 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Desktop\Doppler.url
[2010/12/14 16:45:38 | 000,000,363 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Desktop\Traffic.url
[2010/12/14 16:27:14 | 000,000,478 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Desktop\Bakersfield.url
[2010/12/14 16:21:57 | 000,000,478 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Desktop\Canyon Country.url
[2010/12/14 16:20:39 | 000,000,476 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Desktop\Silver.url
[2010/12/14 16:16:01 | 000,000,275 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Desktop\The Ride Central.url
[2010/12/14 11:24:09 | 000,000,223 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Desktop\Geocaching.url
[2010/12/14 10:18:55 | 000,001,327 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\MapSource.lnk
[2010/12/13 21:00:23 | 000,001,519 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Desktop\HyperSnap.lnk
[2010/12/13 20:55:49 | 000,001,734 | ---- | C] () -- C:\WINDOWS\HS4Setup.MIF
[2010/12/13 20:48:10 | 000,000,505 | ---- | C] () -- C:\HprSnap.hs4lic
[2010/12/13 20:27:49 | 000,001,469 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Desktop\CuteFTP.lnk
[2010/12/13 20:19:24 | 000,000,895 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Photoshop.lnk
[2010/12/13 20:15:22 | 000,000,769 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Start Menu\Programs\Startup\ClickTray Calendar.lnk
[2010/12/13 19:46:54 | 000,000,715 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Auction Sentry.lnk
[2010/12/13 19:39:33 | 000,426,903 | R--- | C] () -- C:\WINDOWS\System32\drivers\etc\hosts.20101213-193933.backup
[2010/12/13 19:37:25 | 000,000,734 | ---- | C] () -- C:\WINDOWS\System32\drivers\etc\hosts.20101213-193725.backup
[2010/12/13 19:33:48 | 000,000,981 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2010/12/13 18:48:01 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_WinUSB_01007.Wdf
[2010/12/13 18:47:38 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
[2010/12/13 18:44:43 | 000,000,692 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Start Menu\Programs\Startup\PdaNet Desktop.lnk
[2010/12/13 17:08:18 | 000,000,205 | ---- | C] () -- C:\WINDOWS\EurekaLog.ini
[2010/12/13 17:07:48 | 000,000,037 | ---- | C] () -- C:\WINDOWS\System32\gr6rlzay.dll
[2010/12/13 16:36:35 | 000,000,894 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/12/13 16:36:34 | 000,000,890 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/12/13 16:35:07 | 000,001,836 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk
[2010/12/12 20:16:48 | 000,002,521 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Desktop\Outlook.lnk
[2010/12/12 20:16:06 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Microsoft Office Outlook.lnk
[2010/12/12 18:04:11 | 000,001,195 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Start Menu\Programs\Startup\Seagate Product Registration.lnk
[2010/12/12 17:51:22 | 000,000,886 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Desktop\Seagate Dashboard.lnk
[2010/12/12 17:25:57 | 000,001,824 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Acrobat Assistant.lnk
[2010/12/12 17:25:57 | 000,001,740 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Acrobat 6.0 Professional.lnk
[2010/12/12 16:38:12 | 000,001,475 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Desktop\Explorer.lnk
[2010/12/12 16:00:21 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_NuidFltr_01005.Wdf
[2010/12/12 16:00:19 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
[2010/12/12 14:18:14 | 000,056,056 | ---- | C] () -- C:\WINDOWS\System32\DLAAPI_W.DLL
[2010/12/12 14:18:14 | 000,000,169 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2010/12/12 14:13:45 | 000,002,129 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Roxio Creator.lnk
[2010/12/12 14:13:45 | 000,002,079 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Application Data\Microsoft\Internet Explorer\Quick Launch\Roxio Creator DE.lnk
[2010/12/12 14:06:10 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010/12/12 13:04:40 | 000,027,810 | ---- | C] () -- C:\WINDOWS\System32\nvModes.dat
[2010/12/12 13:04:40 | 000,027,810 | ---- | C] () -- C:\WINDOWS\System32\nvModes.001
[2010/12/12 13:04:25 | 000,111,544 | ---- | C] () -- C:\WINDOWS\System32\nvapps.xml
[2010/12/12 13:04:24 | 000,017,431 | ---- | C] () -- C:\WINDOWS\System32\nvdisp.nvu
[2010/12/12 13:04:02 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2010/12/12 13:04:01 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2010/12/12 13:04:00 | 001,018,804 | ---- | C] () -- C:\WINDOWS\System32\nvucode.bin
[2010/12/12 13:04:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2010/12/12 13:04:00 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\nvtuicpl.cpl
[2010/12/12 13:03:59 | 001,474,560 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2010/12/12 13:03:58 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2010/12/12 13:03:55 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2010/12/12 13:03:53 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2010/12/12 13:03:52 | 001,626,112 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2010/12/12 13:02:50 | 000,319,488 | ---- | C] () -- C:\WINDOWS\System32\AegisI5Installer.exe
[2010/12/12 12:59:38 | 000,144,360 | ---- | C] () -- C:\WINDOWS\System32\drivers\del1028.cty
[2010/12/12 12:59:05 | 000,016,480 | ---- | C] () -- C:\WINDOWS\System32\rixdicon.dll
[2010/12/12 12:12:20 | 000,000,079 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2010/12/12 12:12:11 | 000,000,815 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010/12/12 12:09:42 | 000,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2010/12/12 12:08:47 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010/12/12 12:08:03 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2010/12/12 12:07:47 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2010/12/12 12:07:42 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2010/12/12 12:07:41 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2010/12/12 12:07:38 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2010/12/12 12:07:27 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2010/12/12 12:07:21 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2010/12/12 12:07:18 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fpencode.dll
[2010/12/12 12:07:08 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2010/12/12 12:06:16 | 000,002,577 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/12/12 12:06:16 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2010/12/12 12:06:16 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2010/12/12 12:06:16 | 000,000,000 | ---- | C] () -- C:\CONFIG.SYS
[2010/12/12 12:06:16 | 000,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT
[2010/12/12 12:06:13 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2010/12/12 12:06:13 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2010/12/12 12:06:12 | 000,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2010/12/12 12:04:53 | 004,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex
[2010/12/12 12:04:38 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2010/12/12 12:04:38 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2010/12/12 12:04:32 | 000,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf
[2010/12/12 12:03:51 | 000,376,832 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msinfo.dll
[2010/12/12 12:03:07 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010/12/12 12:02:20 | 000,065,832 | ---- | C] () -- C:\WINDOWS\Santa Fe Stucco.bmp
[2010/12/12 12:02:20 | 000,026,680 | ---- | C] () -- C:\WINDOWS\River Sumida.bmp
[2010/12/12 12:02:20 | 000,017,362 | ---- | C] () -- C:\WINDOWS\Rhododendron.bmp
[2010/12/12 12:02:20 | 000,009,522 | ---- | C] () -- C:\WINDOWS\Zapotec.bmp
[2010/12/12 12:02:19 | 000,065,978 | ---- | C] () -- C:\WINDOWS\Soap Bubbles.bmp
[2010/12/12 12:02:19 | 000,065,954 | ---- | C] () -- C:\WINDOWS\Prairie Wind.bmp
[2010/12/12 12:02:19 | 000,026,582 | ---- | C] () -- C:\WINDOWS\Greenstone.bmp
[2010/12/12 12:02:19 | 000,017,336 | ---- | C] () -- C:\WINDOWS\Gone Fishing.bmp
[2010/12/12 12:02:19 | 000,017,062 | ---- | C] () -- C:\WINDOWS\Coffee Bean.bmp
[2010/12/12 12:02:19 | 000,016,730 | ---- | C] () -- C:\WINDOWS\FeatherTexture.bmp
[2010/12/12 12:02:19 | 000,001,272 | ---- | C] () -- C:\WINDOWS\Blue Lace 16.bmp
[2010/12/12 12:02:16 | 000,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h
[2010/12/12 12:02:16 | 000,001,161 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2010/12/12 12:02:15 | 000,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h
[2010/12/12 12:02:10 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc
[2010/12/12 04:53:45 | 000,004,444 | ---- | C] () -- C:\WINDOWS\System32\pid.PNF
[2010/12/12 04:53:44 | 000,001,393 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2010/12/12 04:53:40 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010/12/12 04:53:38 | 001,685,606 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.spd
[2010/12/12 04:53:38 | 000,000,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.sdf
[2010/12/12 04:53:37 | 000,643,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa
[2010/12/12 04:53:37 | 000,605,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa
[2010/12/12 04:53:21 | 000,001,688 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2010/12/12 04:53:12 | 000,144,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\netfx.cat
[2010/12/12 04:53:12 | 000,112,918 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tabletpc.cat
[2010/12/12 04:53:12 | 000,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2010/12/12 04:53:12 | 000,034,747 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mediactr.cat
[2010/12/12 04:53:12 | 000,026,991 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn7.cat
[2010/12/12 04:53:12 | 000,014,433 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn9.cat
[2010/12/12 04:53:12 | 000,010,027 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSTSWEB.CAT
[2010/12/12 04:53:12 | 000,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2010/12/12 04:53:12 | 000,007,710 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2010/12/12 04:53:12 | 000,007,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat
[2010/12/12 04:53:11 | 002,144,487 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5.CAT
[2010/12/12 04:53:11 | 001,296,669 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP3.CAT
[2010/12/12 04:53:11 | 000,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2010/12/12 04:53:11 | 000,522,220 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5INF.CAT
[2010/12/12 04:53:11 | 000,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2010/12/12 04:53:11 | 000,034,063 | ---- | C] () -- C:\WINDOWS\System32\dllcache\FP4.CAT
[2010/12/12 04:53:11 | 000,016,535 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IMS.CAT
[2010/12/12 04:53:11 | 000,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2010/12/12 04:53:11 | 000,012,363 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSMSGS.CAT
[2010/12/12 04:52:27 | 000,291,680 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/12/12 04:51:40 | 000,000,211 | -HS- | C] () -- C:\boot.ini
[2010/12/12 04:51:37 | 000,000,290 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf
[2009/02/05 15:46:04 | 000,069,632 | ---- | C] () -- C:\WINDOWS\Memeo.ShellExtension.WicIO.dll
[2007/08/06 15:22:15 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2006/09/16 23:36:50 | 000,520,192 | ---- | C] () -- C:\WINDOWS\System32\CddbPlaylist2Roxio.dll
[2006/09/16 23:36:50 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\CddbFileTaggerRoxio.dll
[2003/01/07 15:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI

========== LOP Check ==========

[2010/12/13 17:00:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GARMIN
[2010/12/20 17:21:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Hitman Pro
[2010/12/12 19:07:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MemeoCommon
[2010/12/13 09:04:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCSettings
[2010/12/13 19:46:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/12/12 17:54:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[2010/12/15 11:29:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dan Werner\Application Data\GARMIN
[2010/12/14 12:05:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dan Werner\Application Data\GlobalSCAPE
[2010/12/12 17:33:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dan Werner\Application Data\Leadertech
[2010/12/12 19:04:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dan Werner\Application Data\Memeo
[2010/12/12 17:52:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dan Werner\Application Data\Seagate
[2010/12/16 10:45:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dan Werner\Application Data\Tific

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Dan Werner\My Documents\Wells Fargo:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Dan Werner\My Documents\Symantec:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Dan Werner\My Documents\SCSA:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Dan Werner\My Documents\RCI Info:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Dan Werner\My Documents\My Music:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Dan Werner\My Documents\My eBooks:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Dan Werner\My Documents\Harley Data:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Dan Werner\My Documents\Guns:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Dan Werner\My Documents\Geocaching Data:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Dan Werner\My Documents\Downloads:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Dan Werner\My Documents\DJs:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Dan Werner\My Documents\Blood Pressure:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Dan Werner\My Documents\Auction Sentry Data:Roxio EMC Stream

< End of report >
ken545
2010-12-24, 02:13
Hi,


Backup Your Registry with ERUNT:
Download erunt.zip to your Desktop from here:
http://aumha.org/downloads/erunt.zip
Right-click erunt.zip, select Extract All... and follow the prompts to extract ERUNT to a new folder on your Desktop
Inside the new folder, double-click ERUNT.exe to start the program
OK all the prompts to back up your registry to the default location.Note: to restore your registry, go to the backup folder and start ERDNT.exe







Run OTL.exe

Copy/paste the following text written inside of the code box into the Custom Scans/Fixes box located at the bottom of OTL



:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
[2010/12/16 12:12:00 | 000,000,909 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20101216-132627.backup
[2010/12/13 19:39:33 | 000,426,903 | RH-- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts.bak
[2010/12/13 19:37:25 | 000,426,903 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20101213-193933.backup

:Services

:Reg

:Files


:Commands
[purity]
[emptytemp]
[RESETHOSTS]
[start explorer]
[Reboot]

Then click the Run Fix button at the top
Let the program run unhindered, reboot when it is done
Then post the results of the log and a new OTL log ( don't check the boxes beside LOP Check or Purity this time )
mrsr71
2010-12-24, 16:42
All processes killed
========== OTL ==========
No active process named explorer.exe was found!
C:\WINDOWS\system32\drivers\etc\hosts.20101216-132627.backup moved successfully.
File move failed. C:\WINDOWS\system32\drivers\etc\Hosts.bak scheduled to be moved on reboot.
C:\WINDOWS\system32\drivers\etc\hosts.20101213-193933.backup moved successfully.
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Dan Werner
->Temp folder emptied: 132685856 bytes
->Temporary Internet Files folder emptied: 99239 bytes
->Java cache emptied: 569295 bytes
->FireFox cache emptied: 44442708 bytes
->Flash cache emptied: 2843368 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: Owner

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2402044 bytes
%systemroot%\System32 .tmp files removed: 2577 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 3180451 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 18117650 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 195.00 mb

C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTL by OldTimer - Version 3.2.18.0 log created on 12242010_072627

All processes killed
========== OTL ==========
No active process named explorer.exe was found!
C:\WINDOWS\system32\drivers\etc\hosts.20101216-132627.backup moved successfully.
File move failed. C:\WINDOWS\system32\drivers\etc\Hosts.bak scheduled to be moved on reboot.
C:\WINDOWS\system32\drivers\etc\hosts.20101213-193933.backup moved successfully.
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Dan Werner
->Temp folder emptied: 132685856 bytes
->Temporary Internet Files folder emptied: 99239 bytes
->Java cache emptied: 569295 bytes
->FireFox cache emptied: 44442708 bytes
->Flash cache emptied: 2843368 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: Owner

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2402044 bytes
%systemroot%\System32 .tmp files removed: 2577 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 3180451 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 18117650 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 195.00 mb

C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTL by OldTimer - Version 3.2.18.0 log created on 12242010_072627

Files\Folders moved on Reboot...
File move failed. C:\WINDOWS\system32\drivers\etc\Hosts.bak scheduled to be moved on reboot.
File\Folder C:\WINDOWS\temp\Perflib_Perfdata_648.dat not found!

Registry entries deleted on Reboot...
ken545
2010-12-24, 20:00
Merry Christmas :)

Make sure you rebooted for the fix to take effect, then run OTL like you first did ( not the fix ) and post a new OTL log.

How are things running now ?
mrsr71
2010-12-24, 21:18
Merry Christmas to you as well and thanks so much for your assistance. It's much appreciated. It's still redirecting :sad:

OTL logfile created on: 12/24/2010 12:00:20 PM - Run 2
OTL by OldTimer - Version 3.2.18.0 Folder = C:\Documents and Settings\Dan Werner\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,022.00 Mb Total Physical Memory | 245.00 Mb Available Physical Memory | 24.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 73.00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149.04 Gb Total Space | 66.10 Gb Free Space | 44.35% Space Free | Partition Type: NTFS

Computer Name: DAN | User Name: Dan Werner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\Dan Werner\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\Mozilla Firefox\plugin-container.exe (Mozilla Corporation)
PRC - C:\Program Files\PdaNet for Android\PdaNetPC.exe ()
PRC - C:\Program Files\Google\Google Calendar Sync\GoogleCalendarSync.exe (Google)
PRC - C:\Program Files\Seagate\Seagate Dashboard\MemeoDashboard.exe (Memeo)
PRC - C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe (Memeo)
PRC - C:\Program Files\Memeo\AutoBackupPro\MemeoBackgroundService.exe (Memeo)
PRC - C:\Program Files\Norton 360\Engine\4.3.0.5\ccsvchst.exe (Symantec Corporation)
PRC - C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
PRC - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe (Intel(R) Corporation)
PRC - C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe (Intel Corporation )
PRC - C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe (Intel Corporation)
PRC - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe (Sonic Solutions)
PRC - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe (Sonic Solutions)
PRC - C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (Macrovision Corporation)
PRC - C:\Program Files\ClickTray Calendar\ClickTray.exe (WASEO)
PRC - C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe (Adobe Systems Inc.)


========== Modules (SafeList) ==========

MOD - C:\Documents and Settings\Dan Werner\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Program Files\Norton 360\Engine\4.3.0.5\asoehook.dll (Symantec Corporation)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (Microsoft Corporation)
MOD - C:\Program Files\Norton 360\Engine\4.3.0.5\microsoft.vc90.crt\msvcr90.dll (Microsoft Corporation)
MOD - C:\Program Files\Norton 360\Engine\4.3.0.5\microsoft.vc90.crt\msvcp90.dll (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV - (SeagateDashboardService) -- C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe (Memeo)
SRV - (MemeoBackgroundService) -- C:\Program Files\Memeo\AutoBackupPro\MemeoBackgroundService.exe (Memeo)
SRV - (N360) -- C:\Program Files\Norton 360\Engine\4.3.0.5\ccSvcHst.exe (Symantec Corporation)
SRV - (EvtEng) Intel(R) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe (Intel Corporation)
SRV - (WLANKEEPER) Intel(R) -- C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe (Intel(R) Corporation)
SRV - (S24EventMonitor) Intel(R) -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe (Intel Corporation )
SRV - (RegSrvc) Intel(R) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe (Intel Corporation)
SRV - (IDriverT) -- C:\Program Files\Roxio\Roxio MyDVD DE\InstallShield\Driver\1050\Intel 32\IDriverT.exe (Macrovision Corporation)


========== Driver Services (SafeList) ==========

DRV - (UIUSys) -- C:\WINDOWS\System32\DRIVERS\UIUSYS.SYS File not found
DRV - (NAVEX15) -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\VirusDefs\20101224.004\NAVEX15.SYS (Symantec Corporation)
DRV - (NAVENG) -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\VirusDefs\20101224.004\NAVENG.SYS (Symantec Corporation)
DRV - (SymEvent) -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS (Symantec Corporation)
DRV - (eeCtrl) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation)
DRV - (EraserUtilRebootDrv) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)
DRV - (IDSxpx86) -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\IPSDefs\20101223.002\IDSXpx86.sys (Symantec Corporation)
DRV - (BHDrvx86) -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\BASHDefs\20101123.003\BHDrvx86.sys (Symantec Corporation)
DRV - (pneteth) -- C:\WINDOWS\system32\drivers\pneteth.sys (June Fabrics Technology Inc.)
DRV - (SYMTDI) -- C:\WINDOWS\System32\Drivers\N360\0403000.005\SYMTDI.SYS (Symantec Corporation)
DRV - (SymIRON) -- C:\WINDOWS\system32\drivers\N360\0403000.005\Ironx86.SYS (Symantec Corporation)
DRV - (SymEFA) -- C:\WINDOWS\system32\drivers\N360\0403000.005\SYMEFA.SYS (Symantec Corporation)
DRV - (SRTSP) -- C:\WINDOWS\System32\Drivers\N360\0403000.005\SRTSP.SYS (Symantec Corporation)
DRV - (SRTSPX) Symantec Real Time Storage Protection (PEL) -- C:\WINDOWS\system32\drivers\N360\0403000.005\SRTSPX.SYS (Symantec Corporation)
DRV - (ccHP) -- C:\WINDOWS\system32\drivers\N360\0403000.005\ccHPx86.sys (Symantec Corporation)
DRV - (SymDS) -- C:\WINDOWS\system32\drivers\N360\0403000.005\SYMDS.SYS (Symantec Corporation)
DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows (R) Server 2003 DDK provider)
DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation)
DRV - (STHDA) -- C:\WINDOWS\system32\drivers\sthda.sys (SigmaTel, Inc.)
DRV - (NETw4x32) Intel(R) -- C:\WINDOWS\system32\drivers\NETw4x32.sys (Intel Corporation)
DRV - (s24trans) -- C:\WINDOWS\system32\drivers\s24trans.sys (Intel Corporation)
DRV - (DRVNDDM) -- C:\WINDOWS\system32\drivers\DRVNDDM.SYS (Roxio)
DRV - (DLARTL_M) -- C:\WINDOWS\system32\drivers\DLARTL_M.SYS (Roxio)
DRV - (DLACDBHM) -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS (Roxio)
DRV - (bcm4sbxp) -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys (Broadcom Corporation)
DRV - (rimmptsk) -- C:\WINDOWS\system32\drivers\rimmptsk.sys (REDC)
DRV - (rimsptsk) -- C:\WINDOWS\system32\drivers\rimsptsk.sys (REDC)
DRV - (rismxdp) -- C:\WINDOWS\system32\drivers\rixdptsk.sys (REDC)
DRV - (HSF_DPV) -- C:\WINDOWS\system32\drivers\HSF_DPV.sys (Conexant Systems, Inc.)
DRV - (HSFHWAZL) -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.)
DRV - (WinUSB) -- C:\WINDOWS\system32\drivers\winusb.sys (Microsoft Corporation)
DRV - (DLADResM) -- C:\WINDOWS\system32\DLA\DLADResM.SYS (Roxio)
DRV - (DLAUDFAM) -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS (Roxio)
DRV - (DLABMFSM) -- C:\WINDOWS\system32\DLA\DLABMFSM.SYS (Roxio)
DRV - (DLAUDF_M) -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS (Roxio)
DRV - (DLAOPIOM) -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS (Roxio)
DRV - (DLABOIOM) -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS (Roxio)
DRV - (DLAPoolM) -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS (Roxio)
DRV - (DLAIFS_M) -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS (Roxio)
DRV - (DRVMCDB) -- C:\WINDOWS\System32\Drivers\DRVMCDB.SYS (Sonic Solutions)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com/"
FF - prefs.js..extensions.enabledItems: {4176DFF4-4698-11DE-BEEB-45DA55D89593}:0.8.6
FF - prefs.js..extensions.enabledItems: {446c03e0-2c35-11db-a98b-0800200c9a66}:0.6.1.14
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0
FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:4.6
FF - prefs.js..extensions.enabledItems: {c1970c0d-dbe6-4d91-804f-c9c0de643a57}:1.2.4
FF - prefs.js..network.proxy.type: 0

FF - HKLM\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\IPSFFPlgn\ [2010/12/17 12:21:57 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\coFFPlgn\ [2010/12/16 12:28:04 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/12/17 10:00:26 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/12/17 10:00:11 | 000,000,000 | ---D | M]

[2010/12/17 10:00:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dan Werner\Application Data\Mozilla\Extensions
[2010/12/23 16:41:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dan Werner\Application Data\Mozilla\Firefox\Profiles\zp8eoqbx.default\extensions
[2010/12/19 07:39:52 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Dan Werner\Application Data\Mozilla\Firefox\Profiles\zp8eoqbx.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/12/17 12:53:49 | 000,000,000 | ---D | M] (AniWeather) -- C:\Documents and Settings\Dan Werner\Application Data\Mozilla\Firefox\Profiles\zp8eoqbx.default\extensions\{4176DFF4-4698-11DE-BEEB-45DA55D89593}
[2010/12/17 14:55:29 | 000,000,000 | ---D | M] (Favicon Picker 2) -- C:\Documents and Settings\Dan Werner\Application Data\Mozilla\Firefox\Profiles\zp8eoqbx.default\extensions\{446c03e0-2c35-11db-a98b-0800200c9a66}
[2010/12/20 15:48:55 | 000,000,000 | ---D | M] (NoRedirect) -- C:\Documents and Settings\Dan Werner\Application Data\Mozilla\Firefox\Profiles\zp8eoqbx.default\extensions\{c1970c0d-dbe6-4d91-804f-c9c0de643a57}
[2010/12/17 10:00:12 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions

O1 HOSTS File: ([2010/12/24 07:27:03 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\4.3.0.5\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\4.3.0.5\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (AcroIEToolbarHelper Class) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\4.3.0.5\coieplg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\4.3.0.5\coieplg.dll (Symantec Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation)
O4 - HKLM..\Run: [IntelZeroConfig] C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe (Intel Corporation)
O4 - HKLM..\Run: [ISUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (Macrovision Corporation)
O4 - HKLM..\Run: [Memeo Backup Premium] C:\Program Files\Memeo\AutoBackupPro\MemeoLauncher2.exe (Memeo Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NVHotkey] C:\WINDOWS\System32\nvhotkey.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe (Sonic Solutions)
O4 - HKLM..\Run: [Seagate Dashboard] C:\Program Files\Seagate\Seagate Dashboard\MemeoLauncher.exe ()
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe (Adobe Systems Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Google Calendar Sync.lnk = C:\Program Files\Google\Google Calendar Sync\GoogleCalendarSync.exe (Google)
O4 - Startup: C:\Documents and Settings\Dan Werner\Start Menu\Programs\Startup\ClickTray Calendar.lnk = C:\Program Files\ClickTray Calendar\ClickTray.exe (WASEO)
O4 - Startup: C:\Documents and Settings\Dan Werner\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O4 - Startup: C:\Documents and Settings\Dan Werner\Start Menu\Programs\Startup\PdaNet Desktop.lnk = C:\Program Files\PdaNet for Android\PdaNetPC.exe ()
O4 - Startup: C:\Documents and Settings\Dan Werner\Start Menu\Programs\Startup\Seagate Product Registration.lnk = C:\Documents and Settings\Dan Werner\Application Data\Leadertech\PowerRegister\Seagate Product Registration.exe (Leader Technologies/Seagate)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll (Google Inc.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.109.67.74 213.109.77.113 1.1.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Dan Werner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Dan Werner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/12/12 12:06:16 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{d2d46390-0636-11e0-991c-001d09a4531f}\Shell\AutoRun\command - "" = F:\setupSNK.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
mrsr71
2010-12-24, 21:18
========== Files/Folders - Created Within 30 Days ==========

[2010/12/24 07:26:27 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/12/23 15:49:09 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Dan Werner\Desktop\OTL.exe
[2010/12/23 15:29:27 | 000,050,688 | ---- | C] (Atribune.org) -- C:\Documents and Settings\Dan Werner\Desktop\ATF-Cleaner.exe
[2010/12/21 07:52:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/12/21 07:51:24 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010/12/21 07:49:55 | 000,791,393 | ---- | C] (Lars Hederer ) -- C:\Documents and Settings\Dan Werner\Desktop\erunt-setup.exe
[2010/12/20 17:21:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Hitman Pro
[2010/12/19 13:53:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\Local Settings\Application Data\Identities
[2010/12/18 14:39:17 | 000,000,000 | ---D | C] -- C:\tmp
[2010/12/18 14:39:07 | 000,000,000 | ---D | C] -- C:\Cool RingTone Maker
[2010/12/17 15:43:36 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vbar332.dll
[2010/12/17 15:43:35 | 000,000,000 | ---D | C] -- C:\Program Files\VoptXP v7
[2010/12/17 12:22:41 | 000,501,888 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0403000.005\cchpx86.sys
[2010/12/17 12:22:41 | 000,361,904 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0403000.005\symtdi.sys
[2010/12/17 12:22:41 | 000,339,504 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0403000.005\symtdiv.sys
[2010/12/17 12:22:41 | 000,328,752 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0403000.005\symds.sys
[2010/12/17 12:22:41 | 000,325,680 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0403000.005\srtsp.sys
[2010/12/17 12:22:41 | 000,173,104 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0403000.005\symefa.sys
[2010/12/17 12:22:41 | 000,116,784 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0403000.005\ironx86.sys
[2010/12/17 12:22:41 | 000,043,696 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0403000.005\srtspx.sys
[2010/12/17 12:22:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\N360\0403000.005
[2010/12/17 10:58:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\My Documents\Downloads
[2010/12/17 10:00:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\Local Settings\Application Data\Mozilla
[2010/12/17 10:00:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\Application Data\Mozilla
[2010/12/17 10:00:10 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2010/12/16 12:26:50 | 000,107,368 | R--- | C] (GEAR Software Inc.) -- C:\WINDOWS\System32\GEARAspi.dll
[2010/12/16 12:26:21 | 000,124,976 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2010/12/16 12:26:21 | 000,060,808 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\S32EVNT1.DLL
[2010/12/16 12:26:20 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2010/12/16 12:25:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\N360
[2010/12/16 12:25:03 | 000,000,000 | ---D | C] -- C:\Program Files\Norton 360
[2010/12/16 12:17:45 | 000,000,000 | ---D | C] -- C:\Program Files\NortonInstaller
[2010/12/16 10:45:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\Application Data\Tific
[2010/12/15 11:28:55 | 000,018,304 | ---- | C] (GARMIN Corp.) -- C:\WINDOWS\System32\drivers\grmngen.sys
[2010/12/15 11:28:54 | 000,000,000 | ---D | C] -- C:\Program Files\Garmin
[2010/12/15 10:57:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\Local Settings\Application Data\Help
[2010/12/15 10:57:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\Application Data\Help
[2010/12/15 10:54:59 | 000,000,000 | ---D | C] -- C:\Program Files\GSAK
[2010/12/14 17:26:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\Local Settings\Application Data\WMTools Downloaded Files
[2010/12/14 16:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun
[2010/12/14 16:05:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun
[2010/12/14 16:05:24 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010/12/14 16:04:10 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2010/12/14 16:04:10 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010/12/14 16:04:10 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010/12/14 16:04:10 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010/12/14 16:04:10 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010/12/14 16:03:44 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2010/12/14 15:57:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\Application Data\Sun
[2010/12/14 12:05:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\Application Data\GlobalSCAPE
[2010/12/14 10:36:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\My Documents\My Garmin
[2010/12/14 10:18:34 | 001,089,536 | ---- | C] (eHelp Corporation.) -- C:\WINDOWS\System32\ROBOEX32.DLL
[2010/12/14 10:18:34 | 000,049,152 | ---- | C] (Blue Sky Software Corporation.) -- C:\WINDOWS\System32\INETWH32.dll
[2010/12/14 10:18:34 | 000,000,000 | ---D | C] -- C:\Garmin
[2010/12/14 08:51:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\My Documents\Ultra Fractal 5
[2010/12/14 08:51:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\My Documents\Ultra Fractal 4
[2010/12/14 08:50:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\My Documents\Norton Key
[2010/12/14 08:49:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\My Documents\Elks
[2010/12/14 08:33:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\My Documents\My Pictures
[2010/12/14 08:23:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\My Documents\My Music
[2010/12/14 08:20:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\My Documents\Wells Fargo
[2010/12/14 08:20:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\My Documents\RCI Info
[2010/12/14 08:19:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\My Documents\SCSA
[2010/12/13 20:56:03 | 000,000,000 | ---D | C] -- C:\Program Files\HyperSnap-DX 4
[2010/12/13 20:46:53 | 000,000,000 | ---D | C] -- C:\Program Files\HyperSnap 6
[2010/12/13 20:24:27 | 000,000,000 | ---D | C] -- C:\Program Files\GlobalSCAPE
[2010/12/13 20:20:11 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Vbox
[2010/12/13 20:18:36 | 000,306,688 | ---- | C] (InstallShield Software Corporation) -- C:\WINDOWS\IsUninst.exe
[2010/12/13 20:15:19 | 000,000,000 | ---D | C] -- C:\Program Files\ClickTray Calendar
[2010/12/13 19:47:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\My Documents\Auction Sentry Data
[2010/12/13 19:46:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/12/13 19:46:51 | 000,000,000 | ---D | C] -- C:\Program Files\Auction Sentry
[2010/12/13 19:46:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\Downloaded Installations
[2010/12/13 19:33:38 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2010/12/13 19:33:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2010/12/13 19:22:46 | 000,286,720 | ---- | C] (Indigo Rose Corporation) -- C:\WINDOWS\iun506.exe
[2010/12/13 18:54:51 | 000,013,312 | ---- | C] (June Fabrics Technology Inc.) -- C:\WINDOWS\System32\drivers\pneteth.sys
[2010/12/13 18:47:32 | 000,014,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsgXP_2k3.dll
[2010/12/13 18:47:00 | 000,032,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbccgp.sys
[2010/12/13 18:44:41 | 001,112,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\WdfCoInstaller01007.dll
[2010/12/13 18:44:41 | 000,581,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\WinUSBCoInstaller.dll
[2010/12/13 18:44:40 | 000,000,000 | ---D | C] -- C:\Program Files\PdaNet for Android
[2010/12/13 17:00:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\Application Data\GARMIN
[2010/12/13 17:00:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\GARMIN
[2010/12/13 16:48:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2010/12/13 16:48:24 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2010/12/13 16:48:15 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2010/12/13 16:47:42 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpssvcs.dll
[2010/12/13 16:47:42 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpssvcs.dll
[2010/12/13 16:47:42 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\printfilterpipelinesvc.exe
[2010/12/13 16:47:42 | 000,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpsshhdr.dll
[2010/12/13 16:47:42 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\prntvpt.dll
[2010/12/13 16:47:42 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\filterpipelineprintproc.dll
[2010/12/13 16:47:42 | 000,000,000 | ---D | C] -- C:\30af5d22e69d662677
[2010/12/13 16:41:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google
[2010/12/13 16:36:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2010/12/13 16:36:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\Local Settings\Application Data\Google
[2010/12/13 16:35:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Google
[2010/12/13 16:34:55 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2010/12/13 16:34:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\Application Data\Google
[2010/12/13 16:34:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\Application Data\Macromedia
[2010/12/13 15:48:13 | 000,000,000 | ---D | C] -- C:\gsak
[2010/12/13 15:28:42 | 000,000,000 | ---D | C] -- C:\e18a05fd45ecaad9b471
[2010/12/13 15:28:08 | 000,000,000 | ---D | C] -- C:\drivers
[2010/12/13 12:23:38 | 000,000,000 | ---D | C] -- C:\DJ's 2010
[2010/12/13 12:23:26 | 000,000,000 | ---D | C] -- C:\c653913046ee4a6c69ae8de1105fed
[2010/12/13 09:24:46 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/12/13 09:24:43 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/12/13 09:24:42 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/12/13 09:16:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\Application Data\Malwarebytes
[2010/12/13 09:15:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/12/13 09:12:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\My Documents\Symantec
[2010/12/13 09:04:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PCSettings
[2010/12/13 09:01:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NortonInstaller
[2010/12/13 08:51:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\Norton
[2010/12/13 08:41:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\Local Settings\Application Data\Symantec
[2010/12/13 08:00:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\My Documents\Temp
[2010/12/13 08:00:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\My Documents\RV Data
[2010/12/13 08:00:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\My Documents\pwrcmdr
[2010/12/13 07:58:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\My Documents\PDF Files
[2010/12/13 07:55:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\My Documents\My Web Sites
[2010/12/13 07:54:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\My Documents\My Videos
[2010/12/13 07:53:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\My Documents\Harley Data
[2010/12/13 07:52:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\My Documents\Guns
[2010/12/13 07:49:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\My Documents\Geocaching Data
[2010/12/13 07:46:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\My Documents\DJs
[2010/12/13 07:46:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\My Documents\Blood Pressure
[2010/12/12 19:07:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MemeoCommon
[2010/12/12 17:54:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[2010/12/12 17:54:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Norton
[2010/12/12 17:52:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\Application Data\Memeo
[2010/12/12 17:52:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Seagate
[2010/12/12 17:52:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\Application Data\Seagate
[2010/12/12 17:51:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\ServiceTest
[2010/12/12 17:50:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Memeo
[2010/12/12 17:50:39 | 000,000,000 | ---D | C] -- C:\Program Files\Memeo
[2010/12/12 17:50:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\Local Settings\Application Data\temp
[2010/12/12 17:49:21 | 000,000,000 | R-SD | C] -- C:\WINDOWS\assembly
[2010/12/12 17:48:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET
[2010/12/12 17:48:06 | 000,000,000 | ---D | C] -- C:\Program Files\Seagate
[2010/12/12 17:33:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\Application Data\Leadertech
[2010/12/12 17:27:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\Application Data\AdobeUM
[2010/12/12 17:27:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\Local Settings\Application Data\Adobe
[2010/12/12 17:27:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\My Documents\My eBooks
[2010/12/12 17:26:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\Application Data\Adobe
[2010/12/12 17:25:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2010/12/12 17:25:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\Adobe PDF 6.0
[2010/12/12 17:25:09 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2010/12/12 17:24:26 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2010/12/12 17:14:22 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Sidebar
[2010/12/12 17:12:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Symantec
[2010/12/12 16:48:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2010/12/12 16:41:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\Application Data\Symantec
[2010/12/12 16:01:31 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2010/12/12 16:00:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2010/12/12 16:00:07 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\hidserv.dll
[2010/12/12 15:56:50 | 000,455,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys
[2010/12/12 15:52:49 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2010/12/12 15:52:49 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2010/12/12 15:52:48 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2010/12/12 15:52:47 | 001,991,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2010/12/12 15:52:45 | 011,080,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2010/12/12 15:52:30 | 002,146,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe
[2010/12/12 15:52:29 | 002,189,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe
[2010/12/12 15:52:28 | 002,024,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe
[2010/12/12 15:50:24 | 000,272,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthport.sys
[2010/12/12 15:49:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2010/12/12 15:46:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2010/12/12 15:46:24 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$
[2010/12/12 15:37:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles
[2010/12/12 15:35:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2010/12/12 14:27:51 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Dan Werner\IECompatCache
[2010/12/12 14:27:33 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Dan Werner\PrivacIE
[2010/12/12 14:27:09 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Dan Werner\IETldCache
[2010/12/12 14:24:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2010/12/12 14:24:34 | 000,016,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2010/12/12 14:24:31 | 000,026,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spupdsvc.exe
[2010/12/12 14:23:45 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2010/12/12 14:21:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Roxio
[2010/12/12 14:21:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\Application Data\Roxio
[2010/12/12 14:18:14 | 000,099,176 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\DRVMCDB.SYS
[2010/12/12 14:18:14 | 000,092,920 | ---- | C] (Roxio) -- C:\WINDOWS\DLA.EXE
[2010/12/12 14:18:14 | 000,051,768 | ---- | C] (Roxio) -- C:\WINDOWS\System32\drivers\DRVNDDM.SYS
[2010/12/12 14:18:14 | 000,028,120 | ---- | C] (Roxio) -- C:\WINDOWS\System32\drivers\DLARTL_M.SYS
[2010/12/12 14:18:14 | 000,012,856 | ---- | C] (Roxio) -- C:\WINDOWS\System32\drivers\DLACDBHM.SYS
[2010/12/12 14:18:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DLA
[2010/12/12 14:17:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sonic
[2010/12/12 14:15:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Roxio
[2010/12/12 14:14:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\RegisteredPackages
[2010/12/12 14:14:18 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SureThing Shared
[2010/12/12 14:13:43 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Sonic Shared
[2010/12/12 14:13:15 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Roxio Shared
[2010/12/12 14:13:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\InstallShield
[2010/12/12 14:13:04 | 000,000,000 | ---D | C] -- C:\Program Files\Roxio
[2010/12/12 14:06:04 | 000,028,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mdimon.dll
[2010/12/12 14:05:26 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\L&H
[2010/12/12 14:05:20 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2010/12/12 14:05:13 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft ActiveSync
[2010/12/12 14:04:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2010/12/12 14:04:51 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works
[2010/12/12 14:04:46 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio
[2010/12/12 14:04:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\SHELLNEW
[2010/12/12 14:03:09 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2010/12/12 14:01:00 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2010/12/12 13:55:48 | 002,756,608 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\NETw4r32.dll
[2010/12/12 13:55:48 | 002,203,520 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\drivers\NETw4x32.sys
[2010/12/12 13:55:48 | 000,679,936 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\NETw4c32.dll
[2010/12/12 13:34:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Intel
[2010/12/12 13:34:19 | 000,000,000 | ---D | C] -- C:\Program Files\Broadcom
[2010/12/12 13:28:54 | 000,026,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbstor.sys
[2010/12/12 13:04:24 | 000,356,352 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvudisp.exe
[2010/12/12 13:04:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\nview
[2010/12/12 13:04:11 | 000,356,352 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NVUNINST.EXE
[2010/12/12 13:04:02 | 002,113,536 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvwss.dll
[2010/12/12 13:04:02 | 000,335,872 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvwrses.dll
[2010/12/12 13:04:02 | 000,327,680 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvwrsfr.dll
[2010/12/12 13:04:02 | 000,323,584 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvwrsit.dll
[2010/12/12 13:04:02 | 000,319,488 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvwrsptb.dll
[2010/12/12 13:04:02 | 000,315,392 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvwrsru.dll
[2010/12/12 13:04:02 | 000,311,296 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvwrsde.dll
[2010/12/12 13:04:02 | 000,294,912 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvwrspl.dll
[2010/12/12 13:04:02 | 000,212,992 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvwrsja.dll
[2010/12/12 13:04:02 | 000,196,608 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvwrsko.dll
[2010/12/12 13:04:02 | 000,167,936 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvwrszht.dll
[2010/12/12 13:04:02 | 000,163,840 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvwrszhc.dll
[2010/12/12 13:04:01 | 003,620,864 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvvitvsr.dll
[2010/12/12 13:04:01 | 000,081,920 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvwddi.dll
[2010/12/12 13:04:00 | 003,395,584 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvvitvs.dll
[2010/12/12 13:04:00 | 000,282,624 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsfr.dll
[2010/12/12 13:04:00 | 000,282,624 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrses.dll
[2010/12/12 13:04:00 | 000,278,528 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsit.dll
[2010/12/12 13:04:00 | 000,278,528 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsde.dll
[2010/12/12 13:04:00 | 000,266,240 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsru.dll
[2010/12/12 13:04:00 | 000,266,240 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsptb.dll
[2010/12/12 13:04:00 | 000,266,240 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsja.dll
[2010/12/12 13:04:00 | 000,262,144 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsko.dll
[2010/12/12 13:04:00 | 000,253,952 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrspl.dll
[2010/12/12 13:04:00 | 000,225,280 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrszhc.dll
[2010/12/12 13:04:00 | 000,122,880 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrszht.dll
[2010/12/12 13:03:59 | 006,660,096 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvoglnt.dll
[2010/12/12 13:03:59 | 002,854,912 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvmoblsr.dll
[2010/12/12 13:03:59 | 000,958,464 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvmobls.dll
[2010/12/12 13:03:59 | 000,458,752 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvmccssr.dll
[2010/12/12 13:03:59 | 000,229,376 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvmccs.dll
[2010/12/12 13:03:59 | 000,188,416 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvmccss.dll
[2010/12/12 13:03:59 | 000,081,920 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvmctray.dll
[2010/12/12 13:03:59 | 000,067,584 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvhotkey.dll
[2010/12/12 13:03:59 | 000,045,056 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvmccsrs.dll
[2010/12/12 13:03:58 | 003,235,840 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvgamesr.dll
[2010/12/12 13:03:58 | 003,145,728 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvgames.dll
[2010/12/12 13:03:58 | 000,307,200 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvexpbar.dll
[2010/12/12 13:03:57 | 005,427,200 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvdispsr.dll
[2010/12/12 13:03:56 | 006,074,368 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvdisps.dll
[2010/12/12 13:03:56 | 001,069,056 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcpluir.dll
[2010/12/12 13:03:56 | 000,815,104 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcplui.exe
[2010/12/12 13:03:55 | 008,433,664 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcpl.dll
[2010/12/12 13:03:55 | 000,344,064 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvapi.dll
[2010/12/12 13:03:55 | 000,073,728 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcpl.cpl
[2010/12/12 13:03:55 | 000,036,864 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcodins.dll
[2010/12/12 13:03:55 | 000,036,864 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcod.dll
[2010/12/12 13:03:54 | 006,349,696 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\drivers\nv4_mini.sys
[2010/12/12 13:03:54 | 006,349,696 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\dllcache\nv4_mini.sys
[2010/12/12 13:03:54 | 005,466,624 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nv4_disp.dll
[2010/12/12 13:03:54 | 005,466,624 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\dllcache\nv4_disp.dll
[2010/12/12 13:03:52 | 002,379,776 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvwssr.dll
[2010/12/12 13:02:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Intel
[2010/12/12 13:02:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\Application Data\Intel
[2010/12/12 13:02:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Intel
[2010/12/12 13:01:16 | 000,045,568 | R--- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\drivers\bcm4sbxp.sys
[2010/12/12 12:59:57 | 000,000,000 | ---D | C] -- C:\Program Files\CONEXANT
[2010/12/12 12:59:40 | 000,172,032 | ---- | C] (Conexant Systems, Inc) -- C:\WINDOWS\System32\Uci32114.dll
[2010/12/12 12:59:40 | 000,094,208 | ---- | C] (Conexant) -- C:\WINDOWS\System32\mdmxsdk.dll
[2010/12/12 12:59:39 | 000,989,696 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\drivers\HSF_DPV.sys
[2010/12/12 12:59:39 | 000,209,152 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\drivers\HSFHWAZL.sys
[2010/12/12 12:59:38 | 000,730,112 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\drivers\HSF_CNXT.sys
[2010/12/12 12:59:12 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2010/12/12 12:59:06 | 000,032,256 | ---- | C] (REDC) -- C:\WINDOWS\System32\drivers\rimmptsk.sys
[2010/12/12 12:59:05 | 000,090,112 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\snymsico.dll
[2010/12/12 12:59:05 | 000,043,520 | ---- | C] (REDC) -- C:\WINDOWS\System32\drivers\rimsptsk.sys
[2010/12/12 12:59:05 | 000,037,376 | ---- | C] (REDC) -- C:\WINDOWS\System32\drivers\rixdptsk.sys
[2010/12/12 12:57:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups
[2010/12/12 12:57:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
[2010/12/12 12:57:05 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2010/12/12 12:56:54 | 000,000,000 | ---D | C] -- C:\Intel
[2010/12/12 12:55:31 | 000,006,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\splitter.sys
[2010/12/12 12:55:30 | 000,083,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wdmaud.sys
[2010/12/12 12:55:28 | 000,052,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmusic.sys
[2010/12/12 12:55:27 | 000,056,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swmidi.sys
[2010/12/12 12:55:25 | 000,142,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aec.sys
[2010/12/12 12:55:24 | 000,172,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kmixer.sys
[2010/12/12 12:55:23 | 000,002,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmkaud.sys
[2010/12/12 12:55:22 | 000,060,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sysaudio.sys
[2010/12/12 12:55:20 | 000,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mskssrv.sys
[2010/12/12 12:55:19 | 000,004,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspqm.sys
[2010/12/12 12:55:17 | 000,005,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspclock.sys
[2010/12/12 12:55:14 | 004,952,064 | ---- | C] (SigmaTel, Inc.) -- C:\WINDOWS\System32\stacgui.cpl
[2010/12/12 12:55:14 | 001,601,536 | ---- | C] (SigmaTel, Inc.) -- C:\WINDOWS\System32\stlang.dll
[2010/12/12 12:55:14 | 000,405,504 | ---- | C] (SigmaTel, Inc.) -- C:\WINDOWS\stsystra.exe
[2010/12/12 12:55:13 | 000,146,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\portcls.sys
[2010/12/12 12:55:13 | 000,146,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\portcls.sys
[2010/12/12 12:55:13 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksuser.dll
[2010/12/12 12:55:13 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksuser.dll
[2010/12/12 12:55:12 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksproxy.ax
[2010/12/12 12:55:12 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksproxy.ax
[2010/12/12 12:55:12 | 000,060,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmk.sys
[2010/12/12 12:55:12 | 000,060,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmk.sys
[2010/12/12 12:55:07 | 000,144,896 | ---- | C] (SigmaTel, Inc.) -- C:\WINDOWS\System32\staco.dll
[2010/12/12 12:55:05 | 001,222,840 | ---- | C] (SigmaTel, Inc.) -- C:\WINDOWS\System32\drivers\sthda.sys
[2010/12/12 12:55:05 | 000,270,336 | ---- | C] (SigmaTel, Inc.) -- C:\WINDOWS\System32\stacapi.dll
[2010/12/12 12:55:05 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2010/12/12 12:55:05 | 000,000,000 | ---D | C] -- C:\Program Files\SigmaTel
[2010/12/12 12:54:59 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2010/12/12 12:47:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\vmm32
[2010/12/12 12:47:12 | 000,000,000 | ---D | C] -- C:\Program Files\Dell
[2010/12/12 12:41:12 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Dan Werner\UserData
[2010/12/12 12:16:18 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010/12/12 12:12:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\Application Data\Identities
[2010/12/12 12:12:11 | 000,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
[2010/12/12 12:12:04 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Dan Werner\Application Data\Microsoft
[2010/12/12 12:12:04 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Dan Werner\SendTo
[2010/12/12 12:12:04 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Dan Werner\Recent
[2010/12/12 12:12:04 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Dan Werner\Application Data
[2010/12/12 12:12:04 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Dan Werner\Start Menu
[2010/12/12 12:12:04 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Dan Werner\My Documents
[2010/12/12 12:12:04 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Dan Werner\Favorites
[2010/12/12 12:12:04 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Dan Werner\Cookies
[2010/12/12 12:12:04 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Dan Werner\Templates
[2010/12/12 12:12:04 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Dan Werner\PrintHood
[2010/12/12 12:12:04 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Dan Werner\NetHood
[2010/12/12 12:12:04 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Dan Werner\Local Settings
[2010/12/12 12:12:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\Local Settings\Application Data\Microsoft
[2010/12/12 12:12:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\Desktop
[2010/12/12 12:10:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2010/12/12 12:10:02 | 000,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft
[2010/12/12 12:10:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2010/12/12 12:10:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2010/12/12 12:10:00 | 000,000,000 | --SD | C] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2010/12/12 12:09:39 | 000,000,000 | --SD | C] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2010/12/12 12:09:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2010/12/12 12:08:30 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winzm.ime
[2010/12/12 12:08:30 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winsp.ime
[2010/12/12 12:08:30 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winpy.ime
[2010/12/12 12:08:29 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winar30.ime
[2010/12/12 12:08:29 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wingb.ime
[2010/12/12 12:08:29 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winime.ime
[2010/12/12 12:08:28 | 000,041,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.dll
[2010/12/12 12:08:28 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.sys
[2010/12/12 12:08:27 | 000,364,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3svc.dll
[2010/12/12 12:08:27 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wam51.dll
[2010/12/12 12:08:27 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamreg51.dll
[2010/12/12 12:08:27 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamps51.dll
[2010/12/12 12:08:26 | 000,086,073 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicesub.dll
[2010/12/12 12:08:26 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ext.dll
[2010/12/12 12:08:26 | 000,048,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32.dll
[2010/12/12 12:08:26 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3svapi.dll
[2010/12/12 12:08:26 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ctrs51.dll
[2010/12/12 12:08:25 | 000,426,041 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicepad.dll
[2010/12/12 12:08:24 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniime.dll
[2010/12/12 12:08:24 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unicdime.ime
[2010/12/12 12:08:23 | 000,103,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uihelper.dll
[2010/12/12 12:08:23 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe
[2010/12/12 12:08:22 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintsetp.exe
[2010/12/12 12:08:22 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlphr.exe
[2010/12/12 12:08:22 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tools.dll
[2010/12/12 12:08:22 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmigrate.dll
[2010/12/12 12:08:21 | 000,571,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlgnt.ime
[2010/12/12 12:08:21 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\thawbrkr.dll
[2010/12/12 12:08:21 | 000,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdipx.sys
[2010/12/12 12:08:21 | 000,019,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdspx.sys
[2010/12/12 12:08:20 | 000,013,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdasync.sys
[2010/12/12 12:08:19 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\svcext51.dll
[2010/12/12 12:08:19 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\status.dll
[2010/12/12 12:08:18 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusbusd.dll
[2010/12/12 12:08:18 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sspifilt.dll
[2010/12/12 12:08:18 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ssinc51.dll
[2010/12/12 12:08:17 | 000,143,422 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\softkey.dll
[2010/12/12 12:08:16 | 000,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpsmir.dll
[2010/12/12 12:08:16 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpthrd.dll
[2010/12/12 12:08:16 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpstup.dll
[2010/12/12 12:08:16 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmptrap.exe
[2010/12/12 12:08:16 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll
[2010/12/12 12:08:15 | 000,456,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpsvc.dll
[2010/12/12 12:08:15 | 000,358,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpincl.dll
[2010/12/12 12:08:15 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpcl.dll
[2010/12/12 12:08:15 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmp.exe
[2010/12/12 12:08:15 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpmib.dll
[2010/12/12 12:08:14 | 000,236,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smi2smir.exe
[2010/12/12 12:08:14 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb6w.dll
[2010/12/12 12:08:14 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsm.dll
[2010/12/12 12:08:14 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll
[2010/12/12 12:08:14 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpapi.dll
[2010/12/12 12:08:14 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smimsgif.dll
[2010/12/12 12:08:14 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsy.dll
[2010/12/12 12:08:13 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm9aw.dll
[2010/12/12 12:08:13 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma3w.dll
[2010/12/12 12:08:13 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm87w.dll
[2010/12/12 12:08:13 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm81w.dll
[2010/12/12 12:08:13 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8cw.dll
[2010/12/12 12:08:13 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm93w.dll
[2010/12/12 12:08:13 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm92w.dll
[2010/12/12 12:08:13 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm90w.dll
[2010/12/12 12:08:13 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8dw.dll
[2010/12/12 12:08:13 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8aw.dll
[2010/12/12 12:08:13 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm89w.dll
[2010/12/12 12:08:13 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm59w.dll
[2010/12/12 12:08:13 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\simptcp.dll
[2010/12/12 12:08:10 | 000,221,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\seo.dll
[2010/12/12 12:08:10 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_scripto.dll
[2010/12/12 12:08:10 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seos.dll
[2010/12/12 12:08:09 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2010/12/12 12:08:09 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2010/12/12 12:08:09 | 000,029,184 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll
[2010/12/12 12:08:09 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rw001ext.dll
[2010/12/12 12:08:09 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rwnh.dll
[2010/12/12 12:08:08 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\romanime.ime
[2010/12/12 12:08:08 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe
[2010/12/12 12:08:08 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe
[2010/12/12 12:08:08 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcref.dll
[2010/12/12 12:08:07 | 000,020,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ramdisk.sys
[2010/12/12 12:08:06 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quick.ime
[2010/12/12 12:08:06 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quser.exe
[2010/12/12 12:08:06 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe
[2010/12/12 12:08:05 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pwsdata.dll
[2010/12/12 12:08:04 | 000,482,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlgnt.ime
[2010/12/12 12:08:04 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxviceo.dll
[2010/12/12 12:08:04 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlphr.exe
[2010/12/12 12:08:04 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmigrate.dll
[2010/12/12 12:08:04 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlcsd.dll
[2010/12/12 12:08:04 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxmcro.dll
[2010/12/12 12:08:04 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxgl.dll
[2010/12/12 12:08:03 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phon.ime
[2010/12/12 12:08:03 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pagecnt.dll
[2010/12/12 12:08:03 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\permchk.dll
[2010/12/12 12:08:02 | 000,036,927 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs411.dll
[2010/12/12 12:08:02 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs404.dll
[2010/12/12 12:08:02 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs804.dll
[2010/12/12 12:08:02 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs412.dll
[2010/12/12 12:08:00 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nsepm.dll
[2010/12/12 12:08:00 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll
[2010/12/12 12:07:59 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nextlink.dll
[2010/12/12 12:07:58 | 000,229,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\multibox.dll
[2010/12/12 12:07:58 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtstocom.exe
[2010/12/12 12:07:55 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msiregmv.exe
[2010/12/12 12:07:54 | 001,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.lex
[2010/12/12 12:07:54 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.dll
[2010/12/12 12:07:50 | 000,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.sys
[2010/12/12 12:07:50 | 000,092,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.dll
[2010/12/12 12:07:50 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migregdb.exe
[2010/12/12 12:07:49 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\metada51.dll
[2010/12/12 12:07:49 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll
[2010/12/12 12:07:49 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\md5filt.dll
[2010/12/12 12:07:49 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mdsync.dll
[2010/12/12 12:07:48 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lmmib2.dll
[2010/12/12 12:07:48 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lpdsvc.dll
[2010/12/12 12:07:48 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logscrpt.dll
[2010/12/12 12:07:48 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lprmon.dll
[2010/12/12 12:07:48 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lonsint.dll
[2010/12/12 12:07:47 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\korwbrkr.dll
[2010/12/12 12:07:46 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecat.dll
[2010/12/12 12:07:46 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecnt.dll
[2010/12/12 12:07:46 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnec95.dll
[2010/12/12 12:07:46 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth3.dll
[2010/12/12 12:07:46 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth2.dll
[2010/12/12 12:07:46 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdvntc.dll
[2010/12/12 12:07:46 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdusa.dll
[2010/12/12 12:07:46 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdurdu.dll
[2010/12/12 12:07:46 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth1.dll
mrsr71
2010-12-24, 21:19
[2010/12/12 12:07:46 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth0.dll
[2010/12/12 12:07:46 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr2.dll
[2010/12/12 12:07:46 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr1.dll
[2010/12/12 12:07:45 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdibm02.dll
[2010/12/12 12:07:45 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41a.dll
[2010/12/12 12:07:45 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41j.dll
[2010/12/12 12:07:45 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinpun.dll
[2010/12/12 12:07:45 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintel.dll
[2010/12/12 12:07:45 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintam.dll
[2010/12/12 12:07:45 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinmar.dll
[2010/12/12 12:07:45 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinkan.dll
[2010/12/12 12:07:45 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinhin.dll
[2010/12/12 12:07:45 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinguj.dll
[2010/12/12 12:07:45 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdindev.dll
[2010/12/12 12:07:45 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdheb.dll
[2010/12/12 12:07:45 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdfa.dll
[2010/12/12 12:07:45 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgeo.dll
[2010/12/12 12:07:44 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jupiw.dll
[2010/12/12 12:07:44 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iwrps.dll
[2010/12/12 12:07:44 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdax2.dll
[2010/12/12 12:07:44 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd106n.dll
[2010/12/12 12:07:44 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101a.dll
[2010/12/12 12:07:44 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101.dll
[2010/12/12 12:07:44 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv2.dll
[2010/12/12 12:07:44 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv1.dll
[2010/12/12 12:07:44 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda3.dll
[2010/12/12 12:07:44 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda2.dll
[2010/12/12 12:07:44 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda1.dll
[2010/12/12 12:07:44 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarmw.dll
[2010/12/12 12:07:44 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarme.dll
[2010/12/12 12:07:43 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iprip.dll
[2010/12/12 12:07:43 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iscomlog.dll
[2010/12/12 12:07:43 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infoctrs.dll
[2010/12/12 12:07:43 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isapips.dll
[2010/12/12 12:07:42 | 000,471,102 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskdic.dll
[2010/12/12 12:07:42 | 000,315,455 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskf.dll
[2010/12/12 12:07:42 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infocomm.dll
[2010/12/12 12:07:42 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetin51.exe
[2010/12/12 12:07:41 | 000,274,489 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputyc.dll
[2010/12/12 12:07:41 | 000,262,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputy.exe
[2010/12/12 12:07:41 | 000,233,527 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjprw.exe
[2010/12/12 12:07:41 | 000,208,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpmig.exe
[2010/12/12 12:07:41 | 000,102,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imlang.dll
[2010/12/12 12:07:41 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imkrinst.exe
[2010/12/12 12:07:41 | 000,045,109 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpuex.exe
[2010/12/12 12:07:40 | 000,716,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcus.dll
[2010/12/12 12:07:40 | 000,368,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcic.dll
[2010/12/12 12:07:40 | 000,307,257 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.exe
[2010/12/12 12:07:40 | 000,155,705 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdsvr.exe
[2010/12/12 12:07:40 | 000,081,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.dll
[2010/12/12 12:07:40 | 000,057,398 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdadm.exe
[2010/12/12 12:07:39 | 000,811,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81k.dll
[2010/12/12 12:07:39 | 000,340,023 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81.ime
[2010/12/12 12:07:39 | 000,311,359 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsv.exe
[2010/12/12 12:07:39 | 000,102,463 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsm.dll
[2010/12/12 12:07:39 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmig.exe
[2010/12/12 12:07:38 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrcic.dll
[2010/12/12 12:07:38 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekr61.ime
[2010/12/12 12:07:38 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmbx.dll
[2010/12/12 12:07:38 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iislog51.dll
[2010/12/12 12:07:38 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisclex4.dll
[2010/12/12 12:07:38 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iiscrmap.dll
[2010/12/12 12:07:38 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisfecnv.dll
[2010/12/12 12:07:38 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iissync.exe
[2010/12/12 12:07:38 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iismui.dll
[2010/12/12 12:07:37 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iische51.dll
[2010/12/12 12:07:37 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisadmin.dll
[2010/12/12 12:07:32 | 010,129,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxkor.dll
[2010/12/12 12:07:23 | 010,096,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxcht.dll
[2010/12/12 12:07:22 | 000,268,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpext.dll
[2010/12/12 12:07:22 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpod51.dll
[2010/12/12 12:07:22 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hostmib.dll
[2010/12/12 12:07:22 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpmb51.dll
[2010/12/12 12:07:21 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hanjadic.dll
[2010/12/12 12:07:21 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gzip.dll
[2010/12/12 12:07:20 | 000,562,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsst.dll
[2010/12/12 12:07:20 | 000,400,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsxp32.dll
[2010/12/12 12:07:20 | 000,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxstiff.dll
[2010/12/12 12:07:20 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssvc.exe
[2010/12/12 12:07:20 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxst30.dll
[2010/12/12 12:07:20 | 000,192,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxswzrd.dll
[2010/12/12 12:07:20 | 000,154,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsui.dll
[2010/12/12 12:07:20 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssend.exe
[2010/12/12 12:07:19 | 000,285,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscomex.dll
[2010/12/12 12:07:19 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscover.exe
[2010/12/12 12:07:19 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclnt.exe
[2010/12/12 12:07:19 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclntr.dll
[2010/12/12 12:07:19 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscfgwz.dll
[2010/12/12 12:07:19 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscom.dll
[2010/12/12 12:07:19 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsevent.dll
[2010/12/12 12:07:19 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsroute.dll
[2010/12/12 12:07:19 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsdrv.dll
[2010/12/12 12:07:19 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsmon.dll
[2010/12/12 12:07:19 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsext32.dll
[2010/12/12 12:07:19 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsperf.dll
[2010/12/12 12:07:19 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsres.dll
[2010/12/12 12:07:18 | 000,618,605 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4autl.dll
[2010/12/12 12:07:18 | 000,451,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsapi.dll
[2010/12/12 12:07:18 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpsv251.dll
[2010/12/12 12:07:18 | 000,024,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmcgi.exe
[2010/12/12 12:07:18 | 000,020,541 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmdll.dll
[2010/12/12 12:07:18 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpctrs2.dll
[2010/12/12 12:07:18 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpmib.dll
[2010/12/12 12:07:18 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftlx041e.dll
[2010/12/12 12:07:17 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll
[2010/12/12 12:07:17 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe
[2010/12/12 12:07:17 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\exstrace.dll
[2010/12/12 12:07:17 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\f3ahvoas.dll
[2010/12/12 12:07:16 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntagnt.dll
[2010/12/12 12:07:16 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntwin.exe
[2010/12/12 12:07:16 | 000,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll
[2010/12/12 12:07:16 | 000,045,056 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll
[2010/12/12 12:07:16 | 000,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll
[2010/12/12 12:07:16 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\et4000.sys
[2010/12/12 12:07:16 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntcmd.exe
[2010/12/12 12:07:15 | 000,514,587 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\edb500.dll
[2010/12/12 12:07:13 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dayi.ime
[2010/12/12 12:07:12 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\davcdata.exe
[2010/12/12 12:07:11 | 000,057,399 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cplexe.exe
[2010/12/12 12:07:11 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\convlog.exe
[2010/12/12 12:07:11 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\controt.dll
[2010/12/12 12:07:11 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\counters.dll
[2010/12/12 12:07:11 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cprofile.exe
[2010/12/12 12:07:10 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\compfilt.dll
[2010/12/12 12:07:09 | 000,480,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintsetp.exe
[2010/12/12 12:07:09 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintime.dll
[2010/12/12 12:07:09 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintlgnt.ime
[2010/12/12 12:07:08 | 000,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtbrkr.dll
[2010/12/12 12:07:08 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtmbx.dll
[2010/12/12 12:07:08 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtskdic.dll
[2010/12/12 12:07:07 | 001,677,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chsbrkr.dll
[2010/12/12 12:07:07 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgport.exe
[2010/12/12 12:07:07 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgusr.exe
[2010/12/12 12:07:07 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chglogon.exe
[2010/12/12 12:07:07 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\change.exe
[2010/12/12 12:07:06 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chajei.ime
[2010/12/12 12:07:06 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2010/12/12 12:07:05 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_g18030.dll
[2010/12/12 12:07:05 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_iscii.dll
[2010/12/12 12:07:05 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_is2022.dll
[2010/12/12 12:07:00 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\browscap.dll
[2010/12/12 12:06:59 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asptxn.dll
[2010/12/12 12:06:59 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aspperf.dll
[2010/12/12 12:06:59 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\authfilt.dll
[2010/12/12 12:06:58 | 000,369,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asp51.dll
[2010/12/12 12:06:58 | 000,331,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aqueue.dll
[2010/12/12 12:06:58 | 000,108,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\appconf.dll
[2010/12/12 12:06:58 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll
[2010/12/12 12:06:58 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0804.dll
[2010/12/12 12:06:58 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0412.dll
[2010/12/12 12:06:58 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0411.dll
[2010/12/12 12:06:57 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt040d.dll
[2010/12/12 12:06:57 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0404.dll
[2010/12/12 12:06:57 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0401.dll
[2010/12/12 12:06:57 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll
[2010/12/12 12:06:56 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adrot.dll
[2010/12/12 12:06:56 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admexs.dll
[2010/12/12 12:06:56 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admxprox.dll
[2010/12/12 12:06:54 | 000,032,827 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptest.exe
[2010/12/12 12:06:54 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptsat.dll
[2010/12/12 12:06:54 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamregps.dll
[2010/12/12 12:06:53 | 002,134,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpsnap.dll
[2010/12/12 12:06:53 | 000,189,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpadm.dll
[2010/12/12 12:06:53 | 000,016,437 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.exe
[2010/12/12 12:06:53 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\staxmem.dll
[2010/12/12 12:06:52 | 000,020,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.dll
[2010/12/12 12:06:50 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logui.ocx
[2010/12/12 12:06:49 | 000,829,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmgr.dll
[2010/12/12 12:06:49 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isatq.dll
[2010/12/12 12:06:49 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetsloc.dll
[2010/12/12 12:06:49 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infoadmn.dll
[2010/12/12 12:06:49 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmgr.exe
[2010/12/12 12:06:48 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisui.dll
[2010/12/12 12:06:48 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrtl.dll
[2010/12/12 12:06:48 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisext51.dll
[2010/12/12 12:06:48 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iismap.dll
[2010/12/12 12:06:48 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrstas.exe
[2010/12/12 12:06:48 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisreset.exe
[2010/12/12 12:06:48 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrstap.dll
[2010/12/12 12:06:47 | 000,598,071 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmc.dll
[2010/12/12 12:06:47 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmcsat.dll
[2010/12/12 12:06:47 | 000,188,494 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpcount.exe
[2010/12/12 12:06:47 | 000,109,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98swin.exe
[2010/12/12 12:06:47 | 000,020,541 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpexedll.dll
[2010/12/12 12:06:47 | 000,020,538 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpremadm.exe
[2010/12/12 12:06:47 | 000,014,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98sadm.exe
[2010/12/12 12:06:47 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpsapi2.dll
[2010/12/12 12:06:46 | 000,876,653 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4awel.dll
[2010/12/12 12:06:46 | 000,184,435 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4amsft.dll
[2010/12/12 12:06:46 | 000,147,513 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4apws.dll
[2010/12/12 12:06:46 | 000,102,509 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4atxt.dll
[2010/12/12 12:06:46 | 000,082,035 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4anscp.dll
[2010/12/12 12:06:46 | 000,049,212 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4awebs.dll
[2010/12/12 12:06:46 | 000,049,210 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4areg.dll
[2010/12/12 12:06:46 | 000,041,020 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4avnb.dll
[2010/12/12 12:06:46 | 000,032,826 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4avss.dll
[2010/12/12 12:06:45 | 000,275,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\certwiz.ocx
[2010/12/12 12:06:45 | 000,188,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cfgwiz.exe
[2010/12/12 12:06:45 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\certmap.ocx
[2010/12/12 12:06:45 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cnfgprts.ocx
[2010/12/12 12:06:45 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\coadmin.dll
[2010/12/12 12:06:45 | 000,016,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.exe
[2010/12/12 12:06:44 | 000,290,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adsiis51.dll
[2010/12/12 12:06:44 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admwprox.dll
[2010/12/12 12:06:44 | 000,020,540 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.dll
[2010/12/12 12:06:44 | 000,016,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.exe
[2010/12/12 12:06:43 | 000,020,540 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.dll
[2010/12/12 12:06:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom
[2010/12/12 12:06:42 | 000,000,000 | ---D | C] -- C:\Program Files\xerox
[2010/12/12 12:06:42 | 000,000,000 | ---D | C] -- C:\Program Files\microsoft frontpage
[2010/12/12 12:06:27 | 000,000,000 | ---D | C] -- C:\DELL
[2010/12/12 12:06:03 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mapi32.dll
[2010/12/12 12:05:23 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\DRM
[2010/12/12 12:05:14 | 000,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files
[2010/12/12 12:05:14 | 000,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages
[2010/12/12 12:05:06 | 000,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate
[2010/12/12 12:04:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX
[2010/12/12 12:04:41 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atrace.dll
[2010/12/12 12:04:41 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\atrace.dll
[2010/12/12 12:04:40 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helphost.exe
[2010/12/12 12:04:40 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\notiflag.exe
[2010/12/12 12:04:40 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\brpinfo.dll
[2010/12/12 12:04:40 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hcappres.dll
[2010/12/12 12:04:32 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srdiag.exe
[2010/12/12 12:04:31 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wb32.exe
[2010/12/12 12:04:31 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmevtmsg.dll
[2010/12/12 12:04:31 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmevtmsg.dll
[2010/12/12 12:04:31 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cb32.exe
[2010/12/12 12:04:30 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\acctres.dll
[2010/12/12 12:04:30 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\acctres.dll
[2010/12/12 12:04:30 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msinfo32.exe
[2010/12/12 12:04:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Services
[2010/12/12 12:04:27 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwtutor.exe
[2010/12/12 12:04:27 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwres.dll
[2010/12/12 12:04:27 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trialoc.dll
[2010/12/12 12:04:27 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssoapr.dll
[2010/12/12 12:04:27 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isignup.exe
[2010/12/12 12:04:27 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icfgnt5.dll
[2010/12/12 12:04:27 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icfgnt5.dll
[2010/12/12 12:04:27 | 000,000,000 | --SD | C] -- C:\WINDOWS\Tasks
[2010/12/12 12:04:26 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssoap1.dll
[2010/12/12 12:04:26 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieinfo5.ocx
[2010/12/12 12:04:26 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wisc10.dll
[2010/12/12 12:04:26 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap
[2010/12/12 12:04:23 | 000,726,078 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srchui.dll
[2010/12/12 12:04:23 | 000,058,434 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srchctls.dll
[2010/12/12 12:04:22 | 003,166,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msgr3en.dll
[2010/12/12 12:04:22 | 000,759,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\VGX.dll
[2010/12/12 12:04:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\srchasst
[2010/12/12 12:04:21 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpband.dll
[2010/12/12 12:04:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed
[2010/12/12 12:04:20 | 000,774,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setup_wm.exe
[2010/12/12 12:04:20 | 000,368,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpvis.dll
[2010/12/12 12:04:20 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpns.dll
[2010/12/12 12:04:20 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\custsat.dll
[2010/12/12 12:04:19 | 000,786,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migrate.exe
[2010/12/12 12:04:19 | 000,364,544 | ---- | C] (Microsoft Corporation (written by Digital Renaissance Inc.)) -- C:\WINDOWS\System32\dllcache\npdsplay.dll
[2010/12/12 12:04:19 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npdrmv2.dll
[2010/12/12 12:04:19 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmplayer.exe
[2010/12/12 12:04:19 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npwmsdrm.dll
[2010/12/12 12:04:19 | 000,004,639 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplayer2.exe
[2010/12/12 12:04:18 | 000,327,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll
[2010/12/12 12:04:18 | 000,327,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wucltui.dll
[2010/12/12 12:04:18 | 000,209,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuweb.dll
[2010/12/12 12:04:18 | 000,183,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng1.dll
[2010/12/12 12:04:18 | 000,183,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaueng1.dll
[2010/12/12 12:04:18 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauserv.dll
[2010/12/12 12:04:17 | 001,929,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaueng.dll
[2010/12/12 12:04:17 | 000,575,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll
[2010/12/12 12:04:17 | 000,575,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuapi.dll
[2010/12/12 12:04:17 | 000,217,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaucpl.cpl
[2010/12/12 12:04:17 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauclt1.exe
[2010/12/12 12:04:17 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauclt1.exe
[2010/12/12 12:04:17 | 000,053,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauclt.exe
[2010/12/12 12:04:17 | 000,035,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wups.dll
[2010/12/12 12:04:17 | 000,035,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wups.dll
[2010/12/12 12:04:17 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bitsprx4.dll
[2010/12/12 12:04:17 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx4.dll
[2010/12/12 12:04:17 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bitsprx3.dll
[2010/12/12 12:04:17 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx3.dll
[2010/12/12 12:04:16 | 000,409,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qmgr.dll
[2010/12/12 12:04:16 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qmgrprxy.dll
[2010/12/12 12:04:16 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qmgrprxy.dll
[2010/12/12 12:04:16 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bitsprx2.dll
[2010/12/12 12:04:16 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx2.dll
[2010/12/12 12:04:14 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2res2.dll
[2010/12/12 12:04:14 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2eres.dll
[2010/12/12 12:04:13 | 004,256,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2res.dll
[2010/12/12 12:04:13 | 000,502,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2fxa.dll
[2010/12/12 12:04:13 | 000,402,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2filt.dll
[2010/12/12 12:04:13 | 000,325,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2fxb.dll
[2010/12/12 12:04:13 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2ae.dll
[2010/12/12 12:04:13 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2ext.dll
[2010/12/12 12:04:12 | 003,558,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\moviemk.exe
[2010/12/12 12:04:12 | 000,000,000 | ---D | C] -- C:\Program Files\Movie Maker
[2010/12/12 12:03:57 | 000,565,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobmain.dll
[2010/12/12 12:03:57 | 000,122,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobcomm.dll
[2010/12/12 12:03:57 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oobebaln.exe
[2010/12/12 12:03:57 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobshel.dll
[2010/12/12 12:03:57 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoobe.exe
[2010/12/12 12:03:57 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobweb.dll
[2010/12/12 12:03:57 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobdl.dll
[2010/12/12 12:03:54 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uploadm.exe
[2010/12/12 12:03:54 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrslv.dll
[2010/12/12 12:03:54 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\safrslv.dll
[2010/12/12 12:03:54 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrcdlg.dll
[2010/12/12 12:03:54 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\safrcdlg.dll
[2010/12/12 12:03:54 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\racpldlg.dll
[2010/12/12 12:03:54 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\racpldlg.dll
[2010/12/12 12:03:54 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrdm.dll
[2010/12/12 12:03:54 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\safrdm.dll
[2010/12/12 12:03:53 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pchshell.dll
[2010/12/12 12:03:53 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pchsvc.dll
[2010/12/12 12:03:51 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe
[2010/12/12 12:03:51 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msconfig.exe
[2010/12/12 12:03:51 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hscupd.exe
[2010/12/12 12:03:50 | 000,769,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpctr.exe
[2010/12/12 12:03:50 | 000,129,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fltmgr.sys
[2010/12/12 12:03:50 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fltMc.exe
[2010/12/12 12:03:50 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fltmc.exe
[2010/12/12 12:03:50 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fltlib.dll
[2010/12/12 12:03:49 | 000,380,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rstrui.exe
[2010/12/12 12:03:49 | 000,239,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srrstr.dll
[2010/12/12 12:03:49 | 000,239,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srrstr.dll
[2010/12/12 12:03:49 | 000,171,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srsvc.dll
[2010/12/12 12:03:49 | 000,073,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sr.sys
[2010/12/12 12:03:49 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srclient.dll
[2010/12/12 12:03:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore
[2010/12/12 12:03:48 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ils.dll
[2010/12/12 12:03:48 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ils.dll
[2010/12/12 12:03:48 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msconf.dll
[2010/12/12 12:03:48 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msconf.dll
[2010/12/12 12:03:48 | 000,034,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mnmdd.dll
[2010/12/12 12:03:48 | 000,034,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mnmdd.dll
[2010/12/12 12:03:48 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mnmsrvc.exe
[2010/12/12 12:03:48 | 000,032,768 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\isrdbg32.dll
[2010/12/12 12:03:48 | 000,032,768 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\isrdbg32.dll
[2010/12/12 12:03:48 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmmkcert.dll
[2010/12/12 12:03:48 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmmkcert.dll
[2010/12/12 12:03:47 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\callcont.dll
[2010/12/12 12:03:47 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmas.dll
[2010/12/12 12:03:47 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rrcm.dll
[2010/12/12 12:03:47 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\h323cc.dll
[2010/12/12 12:03:47 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dcap32.dll
[2010/12/12 12:03:47 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmasnt.dll
[2010/12/12 12:03:46 | 000,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mst120.dll
[2010/12/12 12:03:46 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nac.dll
[2010/12/12 12:03:46 | 000,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmwb.dll
[2010/12/12 12:03:46 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmchat.dll
[2010/12/12 12:03:46 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmcom.dll
[2010/12/12 12:03:46 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mst123.dll
[2010/12/12 12:03:46 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\confmrsl.dll
[2010/12/12 12:03:45 | 001,032,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\conf.exe
[2010/12/12 12:03:45 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmoldwb.dll
[2010/12/12 12:03:45 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmft.dll
[2010/12/12 12:03:45 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoert2.dll
[2010/12/12 12:03:45 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoert2.dll
[2010/12/12 12:03:45 | 000,000,000 | ---D | C] -- C:\Program Files\NetMeeting
[2010/12/12 12:03:44 | 000,510,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab32.dll
[2010/12/12 12:03:44 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoeacct.dll
[2010/12/12 12:03:44 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoeacct.dll
[2010/12/12 12:03:44 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab32res.dll
[2010/12/12 12:03:44 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\directdb.dll
[2010/12/12 12:03:44 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wabimp.dll
[2010/12/12 12:03:44 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab.exe
[2010/12/12 12:03:44 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wabfind.dll
[2010/12/12 12:03:44 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wabmig.exe
[2010/12/12 12:03:43 | 000,692,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcomm.dll
[2010/12/12 12:03:43 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oeimport.dll
[2010/12/12 12:03:43 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msimn.exe
[2010/12/12 12:03:43 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetres.dll
[2010/12/12 12:03:43 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetres.dll
[2010/12/12 12:03:42 | 002,479,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoeres.dll
[2010/12/12 12:03:41 | 000,274,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstask.dll
[2010/12/12 12:03:41 | 000,192,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\schedsvc.dll
[2010/12/12 12:03:41 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setup50.exe
[2010/12/12 12:03:41 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oemig50.exe
[2010/12/12 12:03:41 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oemiglib.dll
[2010/12/12 12:03:41 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstinit.exe
[2010/12/12 12:03:41 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstinit.exe
[2010/12/12 12:03:41 | 000,000,000 | ---D | C] -- C:\Program Files\Outlook Express
[2010/12/12 12:03:40 | 000,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcfg.dll
[2010/12/12 12:03:40 | 000,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcfg.dll
[2010/12/12 12:03:40 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\isign32.dll
[2010/12/12 12:03:40 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isign32.dll
[2010/12/12 12:03:40 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwdial.dll
[2010/12/12 12:03:40 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwdial.dll
[2010/12/12 12:03:40 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwphbk.dll
[2010/12/12 12:03:40 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwphbk.dll
[2010/12/12 12:03:39 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwconn1.exe
[2010/12/12 12:03:39 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwhelp.dll
[2010/12/12 12:03:39 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwconn2.exe
[2010/12/12 12:03:39 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwconn.dll
[2010/12/12 12:03:39 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwutil.dll
[2010/12/12 12:03:39 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwdl.dll
[2010/12/12 12:03:39 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwrmind.exe
[2010/12/12 12:03:39 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetwiz.exe
[2010/12/12 12:03:38 | 000,554,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dao360.dll
[2010/12/12 12:03:38 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sqlxmlx.dll
[2010/12/12 12:03:37 | 000,487,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oledb32.dll
[2010/12/12 12:03:37 | 000,315,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdasql.dll
[2010/12/12 12:03:37 | 000,204,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaps.dll
[2010/12/12 12:03:37 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdatl3.dll
[2010/12/12 12:03:37 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaosp.dll
[2010/12/12 12:03:37 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oledb32r.dll
[2010/12/12 12:03:37 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxactps.dll
[2010/12/12 12:03:37 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdatt.dll
[2010/12/12 12:03:37 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdasqlr.dll
[2010/12/12 12:03:37 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaurl.dll
[2010/12/12 12:03:37 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdasc.dll
[2010/12/12 12:03:36 | 000,536,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado15.dll
[2010/12/12 12:03:36 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaora.dll
[2010/12/12 12:03:36 | 000,200,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadox.dll
[2010/12/12 12:03:36 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadomd.dll
[2010/12/12 12:03:36 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msjro.dll
[2010/12/12 12:03:36 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado27.tlb
[2010/12/12 12:03:36 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado26.tlb
[2010/12/12 12:03:36 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado25.tlb
[2010/12/12 12:03:36 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado21.tlb
[2010/12/12 12:03:36 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado20.tlb
[2010/12/12 12:03:36 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadrh15.dll
[2010/12/12 12:03:36 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msador15.dll
[2010/12/12 12:03:36 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msader15.dll
[2010/12/12 12:03:36 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaorar.dll
[2010/12/12 12:03:36 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaer.dll
[2010/12/12 12:03:36 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaenum.dll
[2010/12/12 12:03:36 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdadc.dll
[2010/12/12 12:03:35 | 000,200,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaprst.dll
[2010/12/12 12:03:35 | 000,155,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadds.dll
[2010/12/12 12:03:35 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadco.dll
[2010/12/12 12:03:35 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdarem.dll
[2010/12/12 12:03:35 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcf.dll
[2010/12/12 12:03:35 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcs.dll
[2010/12/12 12:03:35 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdfmap.dll
[2010/12/12 12:03:35 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msaddsr.dll
[2010/12/12 12:03:35 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcer.dll
[2010/12/12 12:03:35 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaremr.dll
[2010/12/12 12:03:35 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaprsr.dll
[2010/12/12 12:03:35 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcor.dll
[2010/12/12 12:03:35 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcfr.dll
[2010/12/12 12:03:34 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadce.dll
[2010/12/12 12:03:34 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\System
[2010/12/12 12:03:33 | 000,638,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iexplore.exe
[2010/12/12 12:03:33 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hmmapi.dll
[2010/12/12 12:03:33 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedw.exe
[2010/12/12 12:03:28 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Explorer
[2010/12/12 12:03:27 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Pictures
[2010/12/12 12:02:57 | 000,000,000 | ---D | C] -- C:\Program Files\ComPlus Applications
[2010/12/12 12:02:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\Registration
[2010/12/12 12:02:43 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Music
[2010/12/12 12:02:43 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Player
[2010/12/12 12:02:43 | 000,000,000 | ---D | C] -- C:\Program Files\Online Services
[2010/12/12 12:02:37 | 000,000,000 | ---D | C] -- C:\Program Files\Messenger
[2010/12/12 12:02:36 | 001,817,687 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgres.dll
[2010/12/12 12:02:36 | 000,082,501 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckg.dll
[2010/12/12 12:02:36 | 000,042,577 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgzm.exe
[2010/12/12 12:02:36 | 000,042,574 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvsezm.exe
[2010/12/12 12:02:35 | 002,178,131 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlres.dll
[2010/12/12 12:02:35 | 000,780,885 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrres.dll
[2010/12/12 12:02:35 | 000,753,236 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvseres.dll
[2010/12/12 12:02:35 | 000,066,113 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvl.dll
[2010/12/12 12:02:35 | 000,048,706 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvse.dll
[2010/12/12 12:02:35 | 000,042,575 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrzm.exe
[2010/12/12 12:02:35 | 000,042,573 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlzm.exe
[2010/12/12 12:02:35 | 000,042,573 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzzm.exe
[2010/12/12 12:02:35 | 000,040,515 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkr.dll
[2010/12/12 12:02:34 | 001,175,635 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzres.dll
[2010/12/12 12:02:34 | 001,039,955 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnresm.dll
[2010/12/12 12:02:34 | 000,057,409 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtz.dll
[2010/12/12 12:02:34 | 000,041,029 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zcorem.dll
[2010/12/12 12:02:34 | 000,032,339 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniansi.dll
[2010/12/12 12:02:34 | 000,013,894 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zonelibm.dll
[2010/12/12 12:02:34 | 000,004,677 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zeeverm.dll
[2010/12/12 12:02:33 | 000,217,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnclim.dll
[2010/12/12 12:02:33 | 000,113,222 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zoneclim.dll
[2010/12/12 12:02:33 | 000,036,937 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zclientm.exe
[2010/12/12 12:02:33 | 000,029,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\znetm.dll
[2010/12/12 12:02:33 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\write.exe
[2010/12/12 12:02:33 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\write.exe
mrsr71
2010-12-24, 21:20
[2010/12/12 12:02:33 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Gaming Zone
[2010/12/12 12:02:25 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndvol32.exe
[2010/12/12 12:02:25 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndvol32.exe
[2010/12/12 12:02:25 | 000,044,544 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\hticons.dll
[2010/12/12 12:02:25 | 000,013,312 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\dllcache\htrn_jis.dll
[2010/12/12 12:02:24 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avtapi.dll
[2010/12/12 12:02:24 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avtapi.dll
[2010/12/12 12:02:24 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avwav.dll
[2010/12/12 12:02:24 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avwav.dll
[2010/12/12 12:02:24 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winchat.exe
[2010/12/12 12:02:24 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winchat.exe
[2010/12/12 12:02:24 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avmeter.dll
[2010/12/12 12:02:24 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avmeter.dll
[2010/12/12 12:02:18 | 000,605,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\getuname.dll
[2010/12/12 12:02:18 | 000,605,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\getuname.dll
[2010/12/12 12:02:18 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\charmap.exe
[2010/12/12 12:02:18 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\charmap.exe
[2010/12/12 12:02:17 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winmine.exe
[2010/12/12 12:02:17 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmine.exe
[2010/12/12 12:02:17 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\calc.exe
[2010/12/12 12:02:17 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\calc.exe
[2010/12/12 12:02:17 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sol.exe
[2010/12/12 12:02:17 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sol.exe
[2010/12/12 12:02:16 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mshearts.exe
[2010/12/12 12:02:16 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshearts.exe
[2010/12/12 12:02:16 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\freecell.exe
[2010/12/12 12:02:16 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\freecell.exe
[2010/12/12 12:02:16 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\regini.exe
[2010/12/12 12:02:16 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\regini.exe
[2010/12/12 12:02:16 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsshutdn.exe
[2010/12/12 12:02:16 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsshutdn.exe
[2010/12/12 12:02:16 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tskill.exe
[2010/12/12 12:02:16 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tskill.exe
[2010/12/12 12:02:16 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rwinsta.exe
[2010/12/12 12:02:16 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rwinsta.exe
[2010/12/12 12:02:16 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsdiscon.exe
[2010/12/12 12:02:16 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsdiscon.exe
[2010/12/12 12:02:16 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscon.exe
[2010/12/12 12:02:16 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscon.exe
[2010/12/12 12:02:16 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\shadow.exe
[2010/12/12 12:02:16 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shadow.exe
[2010/12/12 12:02:16 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\reset.exe
[2010/12/12 12:02:16 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\reset.exe
[2010/12/12 12:02:15 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qwinsta.exe
[2010/12/12 12:02:15 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qwinsta.exe
[2010/12/12 12:02:15 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msg.exe
[2010/12/12 12:02:15 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msg.exe
[2010/12/12 12:02:15 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtsadmin.tlb
[2010/12/12 12:02:15 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qappsrv.exe
[2010/12/12 12:02:15 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qappsrv.exe
[2010/12/12 12:02:15 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cdmodem.dll
[2010/12/12 12:02:15 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cdmodem.dll
[2010/12/12 12:02:15 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\logoff.exe
[2010/12/12 12:02:15 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logoff.exe
[2010/12/12 12:02:15 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpcfgex.dll
[2010/12/12 12:02:15 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpcfgex.dll
[2010/12/12 12:02:14 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmi2xml.dll
[2010/12/12 12:02:11 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\updprov.dll
[2010/12/12 12:02:11 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipicmp.dll
[2010/12/12 12:02:11 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmplprov.dll
[2010/12/12 12:02:11 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmimsg.dll
[2010/12/12 12:02:11 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemdisp.tlb
[2010/12/12 12:02:11 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trnsprov.dll
[2010/12/12 12:02:11 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmitimep.dll
[2010/12/12 12:02:11 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.tlb
[2010/12/12 12:02:11 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unsecapp.exe
[2010/12/12 12:02:11 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmtr.dll
[2010/12/12 12:02:11 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmt.exe
[2010/12/12 12:02:11 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.dll
[2010/12/12 12:02:10 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msiprov.dll
[2010/12/12 12:02:10 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsprov.dll
[2010/12/12 12:02:10 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fwdprov.dll
[2010/12/12 12:02:10 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpcons.dll
[2010/12/12 12:01:56 | 000,000,000 | ---D | C] -- C:\Program Files\MSN
[2010/12/12 12:01:55 | 000,281,088 | ---- | C] (Cinematronics) -- C:\WINDOWS\System32\dllcache\pinball.exe
[2010/12/12 12:01:54 | 000,347,136 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\hypertrm.dll
[2010/12/12 12:01:54 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\accwiz.exe
[2010/12/12 12:01:54 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\accwiz.exe
[2010/12/12 12:01:54 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndrec32.exe
[2010/12/12 12:01:54 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndrec32.exe
[2010/12/12 12:01:54 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mplay32.exe
[2010/12/12 12:01:54 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplay32.exe
[2010/12/12 12:01:54 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\access.cpl
[2010/12/12 12:01:54 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\access.cpl
[2010/12/12 12:01:53 | 000,539,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dialer.exe
[2010/12/12 12:01:53 | 000,343,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mspaint.exe
[2010/12/12 12:01:53 | 000,343,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspaint.exe
[2010/12/12 12:01:53 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clipbrd.exe
[2010/12/12 12:01:53 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clipbrd.exe
[2010/12/12 12:01:53 | 000,000,000 | ---D | C] -- C:\Program Files\Windows NT
[2010/12/12 12:01:52 | 000,538,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spider.exe
[2010/12/12 12:01:52 | 000,538,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spider.exe
[2010/12/12 12:01:52 | 000,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdtcp.sys
[2010/12/12 12:01:52 | 000,012,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdpipe.sys
[2010/12/12 12:01:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US
[2010/12/12 12:01:51 | 000,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rhttpaa.dll
[2010/12/12 12:01:51 | 000,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rhttpaa.dll
[2010/12/12 12:01:51 | 000,139,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwd.sys
[2010/12/12 12:01:51 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aaclient.dll
[2010/12/12 12:01:51 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\aaclient.dll
[2010/12/12 12:01:51 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscfgwmi.dll
[2010/12/12 12:01:51 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscfgwmi.dll
[2010/12/12 12:01:51 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsgqec.dll
[2010/12/12 12:01:51 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsgqec.dll
[2010/12/12 12:01:50 | 002,061,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lhmstscx.dll
[2010/12/12 12:01:50 | 000,677,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lhmstsc.exe
[2010/12/12 12:01:50 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdshost.exe
[2010/12/12 12:01:50 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdshost.exe
[2010/12/12 12:01:50 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\remotepg.dll
[2010/12/12 12:01:50 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdsaddin.exe
[2010/12/12 12:01:50 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdsaddin.exe
[2010/12/12 12:01:49 | 000,295,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\termsrv.dll
[2010/12/12 12:01:49 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdchost.dll
[2010/12/12 12:01:49 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdchost.dll
[2010/12/12 12:01:49 | 000,141,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sessmgr.exe
[2010/12/12 12:01:49 | 000,087,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpwsx.dll
[2010/12/12 12:01:49 | 000,087,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwsx.dll
[2010/12/12 12:01:49 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpclip.exe
[2010/12/12 12:01:49 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpclip.exe
[2010/12/12 12:01:49 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cfgbkend.dll
[2010/12/12 12:01:49 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cfgbkend.dll
[2010/12/12 12:01:49 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpsnd.dll
[2010/12/12 12:01:49 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpsnd.dll
[2010/12/12 12:01:49 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qprocess.exe
[2010/12/12 12:01:49 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qprocess.exe
[2010/12/12 12:01:49 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icaapi.dll
[2010/12/12 12:01:49 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icaapi.dll
[2010/12/12 12:01:48 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtctm.dll
[2010/12/12 12:01:48 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtctm.dll
[2010/12/12 12:01:48 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcprx.dll
[2010/12/12 12:01:48 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtcprx.dll
[2010/12/12 12:01:48 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcuiu.dll
[2010/12/12 12:01:48 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtcuiu.dll
[2010/12/12 12:01:48 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxoci.dll
[2010/12/12 12:01:48 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxoci.dll
[2010/12/12 12:01:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc
[2010/12/12 12:01:47 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtclog.dll
[2010/12/12 12:01:47 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtclog.dll
[2010/12/12 12:01:47 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xolehlp.dll
[2010/12/12 12:01:47 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xolehlp.dll
[2010/12/12 12:01:47 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrepl.exe
[2010/12/12 12:01:47 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtc.exe
[2010/12/12 12:01:47 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrereg.exe
[2010/12/12 12:01:46 | 000,195,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comadmin.dll
[2010/12/12 12:01:46 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrepl.dll
[2010/12/12 12:01:46 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comrepl.dll
[2010/12/12 12:01:46 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\colbact.dll
[2010/12/12 12:01:46 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\colbact.dll
[2010/12/12 12:01:46 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\stclient.dll
[2010/12/12 12:01:46 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\stclient.dll
[2010/12/12 12:01:46 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxlegih.dll
[2010/12/12 12:01:46 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxlegih.dll
[2010/12/12 12:01:46 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxdm.dll
[2010/12/12 12:01:46 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxdm.dll
[2010/12/12 12:01:46 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comaddin.dll
[2010/12/12 12:01:46 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comaddin.dll
[2010/12/12 12:01:46 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dcomcnfg.exe
[2010/12/12 12:01:46 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dcomcnfg.exe
[2010/12/12 12:01:46 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxex.dll
[2010/12/12 12:01:46 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxex.dll
[2010/12/12 12:01:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Com
[2010/12/12 12:01:45 | 000,625,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\catsrvut.dll
[2010/12/12 12:01:45 | 000,625,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvut.dll
[2010/12/12 12:01:45 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\catsrv.dll
[2010/12/12 12:01:45 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrv.dll
[2010/12/12 12:01:45 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clbcatex.dll
[2010/12/12 12:01:45 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clbcatex.dll
[2010/12/12 12:01:45 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\catsrvps.dll
[2010/12/12 12:01:45 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvps.dll
[2010/12/12 12:01:44 | 001,267,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comsvcs.dll
[2010/12/12 12:01:44 | 001,267,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsvcs.dll
[2010/12/12 12:01:44 | 000,539,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comuid.dll
[2010/12/12 12:01:44 | 000,539,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comuid.dll
[2010/12/12 12:01:44 | 000,498,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clbcatq.dll
[2010/12/12 12:01:44 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comsnap.dll
[2010/12/12 12:01:44 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsnap.dll
[2010/12/12 12:01:42 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipcima.dll
[2010/12/12 12:01:42 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmisvc.dll
[2010/12/12 12:01:42 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprov.dll
[2010/12/12 12:01:42 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipdskq.dll
[2010/12/12 12:01:42 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiutils.dll
[2010/12/12 12:01:42 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipjobj.dll
[2010/12/12 12:01:42 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipiprt.dll
[2010/12/12 12:01:42 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipsess.dll
[2010/12/12 12:01:41 | 000,358,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmic.exe
[2010/12/12 12:01:41 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemess.dll
[2010/12/12 12:01:41 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemupgd.dll
[2010/12/12 12:01:41 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiadap.exe
[2010/12/12 12:01:41 | 000,178,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemdisp.dll
[2010/12/12 12:01:41 | 000,140,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmidcprv.dll
[2010/12/12 12:01:41 | 000,126,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiapsrv.exe
[2010/12/12 12:01:41 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemtest.exe
[2010/12/12 12:01:41 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiaprpl.dll
[2010/12/12 12:01:41 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmicookr.dll
[2010/12/12 12:01:41 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemsvc.dll
[2010/12/12 12:01:41 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemprox.dll
[2010/12/12 12:01:41 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiapres.dll
[2010/12/12 12:01:40 | 000,531,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcore.dll
[2010/12/12 12:01:40 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcomn.dll
[2010/12/12 12:01:40 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcntl.dll
[2010/12/12 12:01:40 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\viewprov.dll
[2010/12/12 12:01:40 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\stdprov.dll
[2010/12/12 12:01:40 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcons.dll
[2010/12/12 12:01:40 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scrcons.exe
[2010/12/12 12:01:39 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\provthrd.dll
[2010/12/12 12:01:39 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntevt.dll
[2010/12/12 12:01:39 | 000,178,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\repdrvfs.dll
[2010/12/12 12:01:39 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mofd.dll
[2010/12/12 12:01:39 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\policman.dll
[2010/12/12 12:01:39 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ncprov.dll
[2010/12/12 12:01:39 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\krnlprov.dll
[2010/12/12 12:01:39 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mofcomp.exe
[2010/12/12 12:01:38 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\esscli.dll
[2010/12/12 12:01:38 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\framedyn.dll
[2010/12/12 12:01:37 | 001,358,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cimwin32.dll
[2010/12/12 12:01:37 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmprops.dll
[2010/12/12 12:01:37 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmprops.dll
[2010/12/12 12:01:37 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\licwmi.dll
[2010/12/12 12:01:37 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\licwmi.dll
[2010/12/12 12:01:37 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\servdeps.dll
[2010/12/12 12:01:37 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\servdeps.dll
[2010/12/12 12:01:37 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmfutil.dll
[2010/12/12 12:01:37 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mmfutil.dll
[2010/12/12 12:01:30 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Videos
[2010/12/12 04:55:06 | 000,006,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\enum1394.sys
[2010/12/12 04:54:51 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\usbui.dll
[2010/12/12 04:54:51 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbui.dll
[2010/12/12 04:54:29 | 000,014,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\battc.sys
[2010/12/12 04:53:41 | 000,000,000 | -HSD | C] -- C:\WINDOWS\Installer
[2010/12/12 04:53:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC
[2010/12/12 04:53:39 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spcommon.dll
[2010/12/12 04:53:39 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spcplui.dll
[2010/12/12 04:53:38 | 000,774,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spttseng.dll
[2010/12/12 04:53:37 | 000,155,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapi.cpl
[2010/12/12 04:53:37 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapisvr.exe
[2010/12/12 04:53:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeechEngines
[2010/12/12 04:53:36 | 000,741,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapi.dll
[2010/12/12 04:53:36 | 000,000,000 | R--D | C] -- C:\Program Files
[2010/12/12 04:53:36 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Shared
[2010/12/12 04:53:36 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files
[2010/12/12 04:53:35 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0408.dll
[2010/12/12 04:53:35 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt040e.dll
[2010/12/12 04:53:35 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt041f.dll
[2010/12/12 04:53:35 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0419.dll
[2010/12/12 04:53:35 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0415.dll
[2010/12/12 04:53:35 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0405.dll
[2010/12/12 04:53:33 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuq.dll
[2010/12/12 04:53:33 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuf.dll
[2010/12/12 04:53:33 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtuq.dll
[2010/12/12 04:53:33 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtuf.dll
[2010/12/12 04:53:33 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdazel.dll
[2010/12/12 04:53:33 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdazel.dll
[2010/12/12 04:53:32 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkyr.dll
[2010/12/12 04:53:32 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkyr.dll
[2010/12/12 04:53:31 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycc.dll
[2010/12/12 04:53:31 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbduzb.dll
[2010/12/12 04:53:31 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdur.dll
[2010/12/12 04:53:31 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtat.dll
[2010/12/12 04:53:31 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru1.dll
[2010/12/12 04:53:31 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru.dll
[2010/12/12 04:53:31 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmon.dll
[2010/12/12 04:53:31 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkaz.dll
[2010/12/12 04:53:31 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbu.dll
[2010/12/12 04:53:31 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdblr.dll
[2010/12/12 04:53:31 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdaze.dll
[2010/12/12 04:53:31 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdycc.dll
[2010/12/12 04:53:31 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbduzb.dll
[2010/12/12 04:53:31 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdur.dll
[2010/12/12 04:53:31 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtat.dll
[2010/12/12 04:53:31 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdru1.dll
[2010/12/12 04:53:31 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdru.dll
[2010/12/12 04:53:31 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdmon.dll
[2010/12/12 04:53:31 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkaz.dll
[2010/12/12 04:53:31 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdbu.dll
[2010/12/12 04:53:31 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdblr.dll
[2010/12/12 04:53:31 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdaze.dll
[2010/12/12 04:53:29 | 000,008,192 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhept.dll
[2010/12/12 04:53:29 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhept.dll
[2010/12/12 04:53:29 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela3.dll
[2010/12/12 04:53:29 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhela3.dll
[2010/12/12 04:53:29 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela2.dll
[2010/12/12 04:53:29 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdgkl.dll
[2010/12/12 04:53:29 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhela2.dll
[2010/12/12 04:53:29 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgkl.dll
[2010/12/12 04:53:29 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe319.dll
[2010/12/12 04:53:29 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe220.dll
[2010/12/12 04:53:29 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe.dll
[2010/12/12 04:53:29 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe319.dll
[2010/12/12 04:53:29 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe220.dll
[2010/12/12 04:53:29 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe.dll
[2010/12/12 04:53:28 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv1.dll
[2010/12/12 04:53:28 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv.dll
[2010/12/12 04:53:28 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdest.dll
[2010/12/12 04:53:28 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlv1.dll
[2010/12/12 04:53:28 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlv.dll
[2010/12/12 04:53:28 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdest.dll
[2010/12/12 04:53:28 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt1.dll
[2010/12/12 04:53:28 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt.dll
[2010/12/12 04:53:28 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlt1.dll
[2010/12/12 04:53:28 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlt.dll
[2010/12/12 04:53:26 | 000,007,168 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz.dll
[2010/12/12 04:53:26 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz.dll
[2010/12/12 04:53:26 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycl.dll
[2010/12/12 04:53:26 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl1.dll
[2010/12/12 04:53:26 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl.dll
[2010/12/12 04:53:26 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpl.dll
[2010/12/12 04:53:26 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu.dll
[2010/12/12 04:53:26 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz2.dll
[2010/12/12 04:53:26 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz1.dll
[2010/12/12 04:53:26 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcr.dll
[2010/12/12 04:53:26 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\KBDAL.DLL
[2010/12/12 04:53:26 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdycl.dll
[2010/12/12 04:53:26 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsl1.dll
[2010/12/12 04:53:26 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsl.dll
[2010/12/12 04:53:26 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdpl.dll
[2010/12/12 04:53:26 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhu.dll
[2010/12/12 04:53:26 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz2.dll
[2010/12/12 04:53:26 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz1.dll
[2010/12/12 04:53:26 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcr.dll
[2010/12/12 04:53:26 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdal.dll
[2010/12/12 04:53:26 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdro.dll
[2010/12/12 04:53:26 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpl1.dll
[2010/12/12 04:53:26 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu1.dll
[2010/12/12 04:53:26 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdro.dll
[2010/12/12 04:53:26 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdpl1.dll
[2010/12/12 04:53:26 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhu1.dll
[2010/12/12 04:53:24 | 000,176,157 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dllcache\dgrpsetu.dll
[2010/12/12 04:53:24 | 000,176,157 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dgrpsetu.dll
[2010/12/12 04:53:24 | 000,085,020 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dllcache\dgsetup.dll
[2010/12/12 04:53:24 | 000,085,020 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dgsetup.dll
[2010/12/12 04:53:24 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\spxcoins.dll
[2010/12/12 04:53:24 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxcoins.dll
[2010/12/12 04:53:24 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irclass.dll
[2010/12/12 04:53:24 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irclass.dll
[2010/12/12 04:53:23 | 000,103,424 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\EqnClass.Dll
[2010/12/12 04:53:23 | 000,103,424 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqnclass.dll
[2010/12/12 04:53:23 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLECLI.DLL
[2010/12/12 04:53:23 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLESVR.DLL
[2010/12/12 04:53:23 | 000,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TAPI.DLL
[2010/12/12 04:53:23 | 000,013,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\WFWNET.DRV
[2010/12/12 04:53:23 | 000,009,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VER.DLL
[2010/12/12 04:53:23 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SHELL.DLL
[2010/12/12 04:53:23 | 000,004,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TIMER.DRV
[2010/12/12 04:53:23 | 000,003,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SYSTEM.DRV
[2010/12/12 04:53:23 | 000,002,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VGA.DRV
[2010/12/12 04:53:23 | 000,001,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SOUND.DRV
[2010/12/12 04:53:22 | 000,126,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MSVIDEO.DLL
[2010/12/12 04:53:22 | 000,109,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVIFILE.DLL
[2010/12/12 04:53:22 | 000,073,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIAVI.DRV
[2010/12/12 04:53:22 | 000,069,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVICAP.DLL
[2010/12/12 04:53:22 | 000,032,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\COMMDLG.DLL
[2010/12/12 04:53:22 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIWAVE.DRV
[2010/12/12 04:53:22 | 000,025,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCISEQ.DRV
[2010/12/12 04:53:22 | 000,009,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\LZEXPAND.DLL
[2010/12/12 04:53:22 | 000,002,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MOUSE.DRV
[2010/12/12 04:53:22 | 000,002,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\KEYBOARD.DRV
[2010/12/12 04:53:22 | 000,001,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MMTASK.TSK
[2010/12/12 04:53:21 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\WINSPOOL.DRV
[2010/12/12 04:53:21 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\TASKMAN.EXE
[2010/12/12 04:53:21 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\taskman.exe
[2010/12/12 04:53:21 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irenum.sys
[2010/12/12 04:53:21 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\batt.dll
[2010/12/12 04:53:21 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\batt.dll
[2010/12/12 04:53:20 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\storprop.dll
[2010/12/12 04:53:20 | 000,068,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MMSYSTEM.DLL
[2010/12/12 04:53:12 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu
[2010/12/12 04:53:12 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents
[2010/12/12 04:53:12 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Templates
[2010/12/12 04:53:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Favorites
[2010/12/12 04:53:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Desktop
[2010/12/12 04:53:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2010/12/12 04:53:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot
[2010/12/12 04:52:54 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2010/12/12 04:52:54 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\All Users\Application Data
[2010/12/12 04:52:28 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2010/12/12 04:52:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings
[2010/12/12 04:44:02 | 000,000,000 | R-SD | C] -- C:\WINDOWS\Fonts
[2010/12/12 04:44:02 | 000,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2010/12/12 04:44:02 | 000,000,000 | R--D | C] -- C:\WINDOWS\Web
[2010/12/12 04:44:02 | 000,000,000 | -H-D | C] -- C:\WINDOWS\inf
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\WinSxS
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wins
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\twain_32
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\system32
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\system
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\spool
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\security
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\Resources
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\repair
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ras
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\Provisioning
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\PeerNet
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\pchealth
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\npp
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\Network Diagnostic
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\mui
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\mui
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\msapps
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\msagent
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\Media
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\L2Schemas
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\java
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\IME
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\ime
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ias
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\Help
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\export
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\ehome
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\Dell
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\Debug
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cursors
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\config
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\Config
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\AppPatch
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\addins
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3076
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\2052
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1054
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1042
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1041
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1037
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1033
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1031
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1028
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1025

========== Files - Modified Within 30 Days ==========

[2010/12/24 11:55:20 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/12/24 11:55:15 | 000,027,810 | ---- | M] () -- C:\WINDOWS\System32\nvModes.001
[2010/12/24 11:54:18 | 000,000,890 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/12/24 11:54:09 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/12/24 11:46:14 | 000,000,894 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/12/24 09:39:27 | 000,031,223 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Desktop\Microwave Dementions.jpg
[2010/12/24 07:27:03 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2010/12/24 07:22:47 | 000,000,767 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2010/12/24 07:22:29 | 000,000,611 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Desktop\NTREGOPT.lnk
[2010/12/24 07:22:28 | 000,000,592 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Desktop\ERUNT.lnk
[2010/12/23 15:49:10 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dan Werner\Desktop\OTL.exe
[2010/12/23 15:29:28 | 000,050,688 | ---- | M] (Atribune.org) -- C:\Documents and Settings\Dan Werner\Desktop\ATF-Cleaner.exe
[2010/12/23 14:17:01 | 000,133,632 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Desktop\RKUnhookerLE.EXE
[2010/12/23 13:45:10 | 000,012,800 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/12/23 07:14:46 | 000,002,521 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Desktop\Outlook.lnk
[2010/12/22 15:01:32 | 000,000,225 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Desktop\Blade CX2 - RC Groups.URL
[2010/12/22 12:28:31 | 000,000,981 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2010/12/21 11:13:22 | 000,000,173 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Desktop\June.URL
[2010/12/21 09:39:10 | 000,000,086 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Desktop\Google Redirect Virus – Santa Clarita CA. - Safer-Networking Forums.URL
[2010/12/21 08:01:38 | 000,002,578 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Desktop\Attach.zip
[2010/12/21 07:54:23 | 000,624,128 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Desktop\dds.scr
[2010/12/21 07:49:56 | 000,791,393 | ---- | M] (Lars Hederer ) -- C:\Documents and Settings\Dan Werner\Desktop\erunt-setup.exe
[2010/12/21 07:37:15 | 000,000,073 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Desktop\Malware Removal - Safer-Networking Forums.URL
[2010/12/20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/12/20 18:08:40 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/12/20 17:22:43 | 000,016,968 | ---- | M] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys
[2010/12/19 13:52:01 | 000,000,738 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Desktop\Outlook Express.lnk
[2010/12/18 15:45:15 | 000,000,209 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Desktop\Google Calendar.URL
[2010/12/18 15:38:06 | 000,000,192 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Desktop\Gull Lake.URL
[2010/12/18 14:39:10 | 000,000,616 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Application Data\Microsoft\Internet Explorer\Quick Launch\Cool RingTone Maker.lnk
[2010/12/18 14:39:10 | 000,000,598 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Ring Tone Maker.lnk
[2010/12/18 07:36:32 | 000,435,828 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/12/18 07:36:32 | 000,068,558 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/12/17 17:14:47 | 000,001,889 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Norton 360.LNK
[2010/12/17 17:13:49 | 000,550,944 | ---- | M] () -- C:\WINDOWS\System32\drivers\N360\0403000.005\Cat.DB
[2010/12/17 15:43:37 | 000,000,789 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Desktop\VoptXP.lnk
[2010/12/17 13:57:20 | 000,000,275 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Desktop\The Ride Central.url
[2010/12/17 10:00:27 | 000,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2010/12/17 10:00:15 | 000,001,620 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/12/17 10:00:15 | 000,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Firefox.lnk
[2010/12/17 09:55:17 | 000,000,329 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Desktop\Doppler.url
[2010/12/16 13:26:27 | 000,427,647 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20101222-122618.backup
[2010/12/16 12:26:21 | 000,124,976 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2010/12/16 12:26:21 | 000,007,443 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.CAT
[2010/12/16 12:26:21 | 000,000,805 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.INF
[2010/12/16 12:26:20 | 000,060,808 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\S32EVNT1.DLL
[2010/12/16 11:23:37 | 000,291,680 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/12/16 07:55:21 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/12/15 12:03:42 | 000,000,804 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2010/12/15 10:55:10 | 000,000,626 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Desktop\GSAK.lnk
[2010/12/15 10:54:48 | 000,286,720 | ---- | M] (Indigo Rose Corporation) -- C:\WINDOWS\iun506.exe
[2010/12/14 17:30:25 | 000,000,293 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Desktop\SCSA.url
[2010/12/14 17:27:01 | 000,000,777 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Desktop\Movie Maker.lnk
[2010/12/14 17:12:52 | 000,000,316 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Desktop\My eBay Auctions.url
[2010/12/14 16:46:40 | 000,000,363 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Desktop\Traffic.url
[2010/12/14 16:28:30 | 000,000,478 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Desktop\Bakersfield.url
[2010/12/14 16:24:21 | 000,000,478 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Desktop\Canyon Country.url
[2010/12/14 16:23:40 | 000,000,476 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Desktop\Silver.url
[2010/12/14 16:03:51 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010/12/14 16:03:51 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010/12/14 16:03:51 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010/12/14 16:03:51 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010/12/14 16:03:50 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2010/12/14 12:20:26 | 000,000,205 | ---- | M] () -- C:\WINDOWS\EurekaLog.ini
[2010/12/14 11:24:09 | 000,000,223 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Desktop\Geocaching.url
[2010/12/14 10:18:55 | 000,001,327 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\MapSource.lnk
[2010/12/13 21:00:23 | 000,001,519 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Desktop\HyperSnap.lnk
[2010/12/13 20:56:12 | 000,001,734 | ---- | M] () -- C:\WINDOWS\HS4Setup.MIF
[2010/12/13 20:49:52 | 000,000,505 | ---- | M] () -- C:\HprSnap.hs4lic
[2010/12/13 20:27:49 | 000,001,469 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Desktop\CuteFTP.lnk
[2010/12/13 20:19:29 | 000,000,793 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
[2010/12/13 20:19:25 | 000,000,895 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Photoshop.lnk
[2010/12/13 20:15:22 | 000,000,769 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Start Menu\Programs\Startup\ClickTray Calendar.lnk
[2010/12/13 19:46:54 | 000,000,715 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Auction Sentry.lnk
[2010/12/13 19:39:33 | 000,426,903 | RH-- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts.bak
[2010/12/13 18:54:53 | 000,000,692 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Start Menu\Programs\Startup\PdaNet Desktop.lnk
[2010/12/13 18:48:01 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_WinUSB_01007.Wdf
[2010/12/13 18:47:38 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
[2010/12/13 18:38:08 | 000,001,845 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Google Calendar Sync.lnk
[2010/12/13 16:35:07 | 000,001,836 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk
[2010/12/12 20:16:06 | 000,000,792 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Microsoft Office Outlook.lnk
[2010/12/12 19:05:20 | 000,000,886 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Desktop\Seagate Dashboard.lnk
[2010/12/12 19:02:51 | 000,001,195 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Start Menu\Programs\Startup\Seagate Product Registration.lnk
[2010/12/12 16:38:34 | 000,001,475 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Desktop\Explorer.lnk
[2010/12/12 16:00:21 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_NuidFltr_01005.Wdf
[2010/12/12 16:00:19 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
[2010/12/12 14:27:14 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010/12/12 14:18:43 | 000,000,169 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2010/12/12 14:14:57 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2010/12/12 14:13:45 | 000,002,129 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Roxio Creator.lnk
[2010/12/12 14:13:45 | 000,002,079 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Application Data\Microsoft\Internet Explorer\Quick Launch\Roxio Creator DE.lnk
[2010/12/12 14:10:40 | 000,000,376 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2010/12/12 13:56:24 | 000,319,488 | ---- | M] () -- C:\WINDOWS\System32\AegisI5Installer.exe
[2010/12/12 13:04:40 | 000,027,810 | ---- | M] () -- C:\WINDOWS\System32\nvModes.dat
[2010/12/12 12:12:20 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2010/12/12 12:09:42 | 000,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD
[2010/12/12 12:08:47 | 000,000,290 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2010/12/12 12:06:16 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/12/12 12:06:16 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2010/12/12 12:06:16 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/12/12 12:06:16 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010/12/12 12:06:16 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010/12/12 12:06:13 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2010/12/12 12:06:13 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2010/12/12 12:06:03 | 000,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2010/12/12 12:03:07 | 000,021,640 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010/12/12 12:00:00 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2010/12/12 04:53:45 | 000,004,444 | ---- | M] () -- C:\WINDOWS\System32\pid.PNF
mrsr71
2010-12-24, 21:21
========== Files Created - No Company Name ==========

[2010/12/24 09:39:27 | 000,031,223 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Desktop\Microwave Dementions.jpg
[2010/12/24 07:22:47 | 000,000,767 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2010/12/24 07:22:28 | 000,000,611 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Desktop\NTREGOPT.lnk
[2010/12/23 14:17:01 | 000,133,632 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Desktop\RKUnhookerLE.EXE
[2010/12/22 15:00:12 | 000,000,225 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Desktop\Blade CX2 - RC Groups.URL
[2010/12/22 12:26:18 | 000,427,647 | R--- | C] () -- C:\WINDOWS\System32\drivers\etc\hosts.20101222-122618.backup
[2010/12/21 11:08:08 | 000,000,173 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Desktop\June.URL
[2010/12/21 09:39:10 | 000,000,086 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Desktop\Google Redirect Virus – Santa Clarita CA. - Safer-Networking Forums.URL
[2010/12/21 08:01:38 | 000,002,578 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Desktop\Attach.zip
[2010/12/21 07:54:23 | 000,624,128 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Desktop\dds.scr
[2010/12/21 07:51:25 | 000,000,592 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Desktop\ERUNT.lnk
[2010/12/21 07:37:15 | 000,000,073 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Desktop\Malware Removal - Safer-Networking Forums.URL
[2010/12/20 17:22:43 | 000,016,968 | ---- | C] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys
[2010/12/19 13:52:01 | 000,000,738 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Desktop\Outlook Express.lnk
[2010/12/19 10:10:37 | 000,012,800 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/12/18 15:38:57 | 000,000,209 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Desktop\Google Calendar.URL
[2010/12/18 15:37:40 | 000,000,192 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Desktop\Gull Lake.URL
[2010/12/18 14:39:10 | 000,000,616 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Application Data\Microsoft\Internet Explorer\Quick Launch\Cool RingTone Maker.lnk
[2010/12/18 14:39:09 | 000,000,598 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Ring Tone Maker.lnk
[2010/12/17 17:13:33 | 000,550,944 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0403000.005\Cat.DB
[2010/12/17 15:43:37 | 000,000,789 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Desktop\VoptXP.lnk
[2010/12/17 12:22:41 | 000,007,873 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0403000.005\symefa.cat
[2010/12/17 12:22:41 | 000,007,787 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0403000.005\symnetv.cat
[2010/12/17 12:22:41 | 000,007,442 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0403000.005\srtspx.cat
[2010/12/17 12:22:41 | 000,007,438 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0403000.005\srtsp.cat
[2010/12/17 12:22:41 | 000,007,438 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0403000.005\iron.cat
[2010/12/17 12:22:41 | 000,007,425 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0403000.005\symds.cat
[2010/12/17 12:22:41 | 000,007,396 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0403000.005\cchpx86.cat
[2010/12/17 12:22:41 | 000,007,368 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0403000.005\symnet.cat
[2010/12/17 12:22:41 | 000,003,373 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0403000.005\symefa.inf
[2010/12/17 12:22:41 | 000,002,793 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0403000.005\symds.inf
[2010/12/17 12:22:41 | 000,001,754 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0403000.005\cchpx86.inf
[2010/12/17 12:22:41 | 000,001,473 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0403000.005\symnetv.inf
[2010/12/17 12:22:41 | 000,001,445 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0403000.005\symnet.inf
[2010/12/17 12:22:41 | 000,001,388 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0403000.005\srtspx.inf
[2010/12/17 12:22:41 | 000,001,382 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0403000.005\srtsp.inf
[2010/12/17 12:22:41 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0403000.005\iron.inf
[2010/12/17 12:22:01 | 000,000,172 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0403000.005\isolate.ini
[2010/12/17 10:00:27 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010/12/17 10:00:15 | 000,001,620 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/12/17 10:00:14 | 000,001,602 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Firefox.lnk
[2010/12/16 12:26:21 | 000,007,443 | ---- | C] () -- C:\WINDOWS\System32\drivers\SYMEVENT.CAT
[2010/12/16 12:26:21 | 000,000,805 | ---- | C] () -- C:\WINDOWS\System32\drivers\SYMEVENT.INF
[2010/12/16 12:25:51 | 000,001,889 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Norton 360.LNK
[2010/12/15 12:03:42 | 000,000,804 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2010/12/15 10:57:30 | 000,000,577 | ---- | C] () -- C:\WINDOWS\System32\gmsblist.dll
[2010/12/15 10:55:10 | 000,000,626 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Desktop\GSAK.lnk
[2010/12/14 17:29:07 | 000,000,293 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Desktop\SCSA.url
[2010/12/14 17:27:01 | 000,000,777 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Desktop\Movie Maker.lnk
[2010/12/14 16:58:45 | 000,000,316 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Desktop\My eBay Auctions.url
[2010/12/14 16:48:56 | 000,000,329 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Desktop\Doppler.url
[2010/12/14 16:45:38 | 000,000,363 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Desktop\Traffic.url
[2010/12/14 16:27:14 | 000,000,478 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Desktop\Bakersfield.url
[2010/12/14 16:21:57 | 000,000,478 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Desktop\Canyon Country.url
[2010/12/14 16:20:39 | 000,000,476 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Desktop\Silver.url
[2010/12/14 16:16:01 | 000,000,275 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Desktop\The Ride Central.url
[2010/12/14 11:24:09 | 000,000,223 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Desktop\Geocaching.url
[2010/12/14 10:18:55 | 000,001,327 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\MapSource.lnk
[2010/12/13 21:00:23 | 000,001,519 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Desktop\HyperSnap.lnk
[2010/12/13 20:55:49 | 000,001,734 | ---- | C] () -- C:\WINDOWS\HS4Setup.MIF
[2010/12/13 20:48:10 | 000,000,505 | ---- | C] () -- C:\HprSnap.hs4lic
[2010/12/13 20:27:49 | 000,001,469 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Desktop\CuteFTP.lnk
[2010/12/13 20:19:24 | 000,000,895 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Photoshop.lnk
[2010/12/13 20:15:22 | 000,000,769 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Start Menu\Programs\Startup\ClickTray Calendar.lnk
[2010/12/13 19:46:54 | 000,000,715 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Auction Sentry.lnk
[2010/12/13 19:37:25 | 000,000,734 | ---- | C] () -- C:\WINDOWS\System32\drivers\etc\hosts.20101213-193725.backup
[2010/12/13 19:33:48 | 000,000,981 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2010/12/13 18:48:01 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_WinUSB_01007.Wdf
[2010/12/13 18:47:38 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
[2010/12/13 18:44:43 | 000,000,692 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Start Menu\Programs\Startup\PdaNet Desktop.lnk
[2010/12/13 17:08:18 | 000,000,205 | ---- | C] () -- C:\WINDOWS\EurekaLog.ini
[2010/12/13 17:07:48 | 000,000,037 | ---- | C] () -- C:\WINDOWS\System32\gr6rlzay.dll
[2010/12/13 16:36:35 | 000,000,894 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/12/13 16:36:34 | 000,000,890 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/12/13 16:35:07 | 000,001,836 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk
[2010/12/12 20:16:48 | 000,002,521 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Desktop\Outlook.lnk
[2010/12/12 20:16:06 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Microsoft Office Outlook.lnk
[2010/12/12 18:04:11 | 000,001,195 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Start Menu\Programs\Startup\Seagate Product Registration.lnk
[2010/12/12 17:51:22 | 000,000,886 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Desktop\Seagate Dashboard.lnk
[2010/12/12 17:25:57 | 000,001,824 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Acrobat Assistant.lnk
[2010/12/12 17:25:57 | 000,001,740 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Acrobat 6.0 Professional.lnk
[2010/12/12 16:38:12 | 000,001,475 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Desktop\Explorer.lnk
[2010/12/12 16:00:21 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_NuidFltr_01005.Wdf
[2010/12/12 16:00:19 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
[2010/12/12 14:18:14 | 000,056,056 | ---- | C] () -- C:\WINDOWS\System32\DLAAPI_W.DLL
[2010/12/12 14:18:14 | 000,000,169 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2010/12/12 14:13:45 | 000,002,129 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Roxio Creator.lnk
[2010/12/12 14:13:45 | 000,002,079 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Application Data\Microsoft\Internet Explorer\Quick Launch\Roxio Creator DE.lnk
[2010/12/12 14:06:10 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010/12/12 13:04:40 | 000,027,810 | ---- | C] () -- C:\WINDOWS\System32\nvModes.dat
[2010/12/12 13:04:40 | 000,027,810 | ---- | C] () -- C:\WINDOWS\System32\nvModes.001
[2010/12/12 13:04:25 | 000,111,544 | ---- | C] () -- C:\WINDOWS\System32\nvapps.xml
[2010/12/12 13:04:24 | 000,017,431 | ---- | C] () -- C:\WINDOWS\System32\nvdisp.nvu
[2010/12/12 13:04:02 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2010/12/12 13:04:01 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2010/12/12 13:04:00 | 001,018,804 | ---- | C] () -- C:\WINDOWS\System32\nvucode.bin
[2010/12/12 13:04:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2010/12/12 13:04:00 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\nvtuicpl.cpl
[2010/12/12 13:03:59 | 001,474,560 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2010/12/12 13:03:58 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2010/12/12 13:03:55 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2010/12/12 13:03:53 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2010/12/12 13:03:52 | 001,626,112 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2010/12/12 13:02:50 | 000,319,488 | ---- | C] () -- C:\WINDOWS\System32\AegisI5Installer.exe
[2010/12/12 12:59:38 | 000,144,360 | ---- | C] () -- C:\WINDOWS\System32\drivers\del1028.cty
[2010/12/12 12:59:05 | 000,016,480 | ---- | C] () -- C:\WINDOWS\System32\rixdicon.dll
[2010/12/12 12:12:20 | 000,000,079 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2010/12/12 12:12:11 | 000,000,815 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010/12/12 12:09:42 | 000,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2010/12/12 12:08:47 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010/12/12 12:08:03 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2010/12/12 12:07:47 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2010/12/12 12:07:42 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2010/12/12 12:07:41 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2010/12/12 12:07:38 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2010/12/12 12:07:27 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2010/12/12 12:07:21 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2010/12/12 12:07:18 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fpencode.dll
[2010/12/12 12:07:08 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2010/12/12 12:06:16 | 000,002,577 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/12/12 12:06:16 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2010/12/12 12:06:16 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2010/12/12 12:06:16 | 000,000,000 | ---- | C] () -- C:\CONFIG.SYS
[2010/12/12 12:06:16 | 000,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT
[2010/12/12 12:06:13 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2010/12/12 12:06:13 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2010/12/12 12:06:12 | 000,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2010/12/12 12:04:53 | 004,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex
[2010/12/12 12:04:38 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2010/12/12 12:04:38 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2010/12/12 12:04:32 | 000,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf
[2010/12/12 12:03:51 | 000,376,832 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msinfo.dll
[2010/12/12 12:03:07 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010/12/12 12:02:20 | 000,065,832 | ---- | C] () -- C:\WINDOWS\Santa Fe Stucco.bmp
[2010/12/12 12:02:20 | 000,026,680 | ---- | C] () -- C:\WINDOWS\River Sumida.bmp
[2010/12/12 12:02:20 | 000,017,362 | ---- | C] () -- C:\WINDOWS\Rhododendron.bmp
[2010/12/12 12:02:20 | 000,009,522 | ---- | C] () -- C:\WINDOWS\Zapotec.bmp
[2010/12/12 12:02:19 | 000,065,978 | ---- | C] () -- C:\WINDOWS\Soap Bubbles.bmp
[2010/12/12 12:02:19 | 000,065,954 | ---- | C] () -- C:\WINDOWS\Prairie Wind.bmp
[2010/12/12 12:02:19 | 000,026,582 | ---- | C] () -- C:\WINDOWS\Greenstone.bmp
[2010/12/12 12:02:19 | 000,017,336 | ---- | C] () -- C:\WINDOWS\Gone Fishing.bmp
[2010/12/12 12:02:19 | 000,017,062 | ---- | C] () -- C:\WINDOWS\Coffee Bean.bmp
[2010/12/12 12:02:19 | 000,016,730 | ---- | C] () -- C:\WINDOWS\FeatherTexture.bmp
[2010/12/12 12:02:19 | 000,001,272 | ---- | C] () -- C:\WINDOWS\Blue Lace 16.bmp
[2010/12/12 12:02:16 | 000,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h
[2010/12/12 12:02:16 | 000,001,161 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2010/12/12 12:02:15 | 000,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h
[2010/12/12 12:02:10 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc
[2010/12/12 04:53:45 | 000,004,444 | ---- | C] () -- C:\WINDOWS\System32\pid.PNF
[2010/12/12 04:53:44 | 000,001,393 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2010/12/12 04:53:40 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010/12/12 04:53:38 | 001,685,606 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.spd
[2010/12/12 04:53:38 | 000,000,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.sdf
[2010/12/12 04:53:37 | 000,643,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa
[2010/12/12 04:53:37 | 000,605,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa
[2010/12/12 04:53:21 | 000,001,688 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2010/12/12 04:53:12 | 000,144,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\netfx.cat
[2010/12/12 04:53:12 | 000,112,918 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tabletpc.cat
[2010/12/12 04:53:12 | 000,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2010/12/12 04:53:12 | 000,034,747 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mediactr.cat
[2010/12/12 04:53:12 | 000,026,991 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn7.cat
[2010/12/12 04:53:12 | 000,014,433 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn9.cat
[2010/12/12 04:53:12 | 000,010,027 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSTSWEB.CAT
[2010/12/12 04:53:12 | 000,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2010/12/12 04:53:12 | 000,007,710 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2010/12/12 04:53:12 | 000,007,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat
[2010/12/12 04:53:11 | 002,144,487 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5.CAT
[2010/12/12 04:53:11 | 001,296,669 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP3.CAT
[2010/12/12 04:53:11 | 000,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2010/12/12 04:53:11 | 000,522,220 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5INF.CAT
[2010/12/12 04:53:11 | 000,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2010/12/12 04:53:11 | 000,034,063 | ---- | C] () -- C:\WINDOWS\System32\dllcache\FP4.CAT
[2010/12/12 04:53:11 | 000,016,535 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IMS.CAT
[2010/12/12 04:53:11 | 000,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2010/12/12 04:53:11 | 000,012,363 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSMSGS.CAT
[2010/12/12 04:52:27 | 000,291,680 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/12/12 04:51:40 | 000,000,211 | -HS- | C] () -- C:\boot.ini
[2010/12/12 04:51:37 | 000,000,290 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf
[2009/02/05 15:46:04 | 000,069,632 | ---- | C] () -- C:\WINDOWS\Memeo.ShellExtension.WicIO.dll
[2007/08/06 15:22:15 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2006/09/16 23:36:50 | 000,520,192 | ---- | C] () -- C:\WINDOWS\System32\CddbPlaylist2Roxio.dll
[2006/09/16 23:36:50 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\CddbFileTaggerRoxio.dll
[2003/01/07 15:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI

========== Alternate Data Streams ==========

@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Dan Werner\My Documents\Wells Fargo:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Dan Werner\My Documents\Symantec:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Dan Werner\My Documents\SCSA:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Dan Werner\My Documents\RCI Info:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Dan Werner\My Documents\My Music:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Dan Werner\My Documents\My eBooks:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Dan Werner\My Documents\Harley Data:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Dan Werner\My Documents\Guns:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Dan Werner\My Documents\Geocaching Data:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Dan Werner\My Documents\Downloads:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Dan Werner\My Documents\DJs:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Dan Werner\My Documents\Blood Pressure:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Dan Werner\My Documents\Auction Sentry Data:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Dan Werner\Desktop\Microwave Dementions.jpg:Roxio EMC Stream

< End of report >
ken545
2010-12-25, 03:23
Lets run this program


Download ComboFix from one of these locations:

Link 1 (http://download.bleepingcomputer.com/sUBs/ComboFix.exe)
Link 2 (http://www.forospyware.com/sUBs/ComboFix.exe)


* IMPORTANT !!! Save ComboFix.exe to your Desktop


Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
See this Link (http://www.bleepingcomputer.com/forums/topic114351.html) for programs that need to be disabled and instruction on how to disable them.
Remember to re-enable them when we're done.


Double click on ComboFix.exe & follow the prompts.


As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.


Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.



http://img.photobucket.com/albums/v706/ried7/RC1.png


Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

http://img.photobucket.com/albums/v706/ried7/RC2-1.png

Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.

[color="#800080"]*If there is no internet connection when Combofix has completely finished then restart your computer to restore back the connections.[/color
mrsr71
2010-12-25, 16:24
Merry Christmas and thanks again for taking the time to help me :~)

ComboFix 10-12-24.01 - Dan Werner 12/25/2010 7:07.1.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1022.640 [GMT -8:00]
Running from: c:\documents and settings\Dan Werner\Desktop\ComboFix.exe
AV: Norton 360 *Disabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton 360 *Enabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\All Users\Start Menu\Internet Explorer.lnk

.
((((((((((((((((((((((((( Files Created from 2010-11-25 to 2010-12-25 )))))))))))))))))))))))))))))))
.

2010-12-24 21:59 . 2010-12-24 22:00 -------- d-----w- C:\f0d53f01b9790e9347
2010-12-24 15:26 . 2010-12-24 15:26 -------- d-----w- C:\_OTL
2010-12-18 22:39 . 2010-12-18 23:51 -------- d-----w- C:\tmp
2010-12-18 22:39 . 2010-12-18 22:39 -------- d-----w- C:\Cool RingTone Maker
2010-12-14 18:18 . 2010-12-15 19:29 -------- d-----w- C:\Garmin
2010-12-14 00:47 . 2010-12-14 00:48 -------- d-----w- C:\30af5d22e69d662677
2010-12-13 23:48 . 2010-12-14 03:22 -------- d-----w- C:\gsak
2010-12-13 23:28 . 2010-12-13 23:28 -------- d-----w- C:\e18a05fd45ecaad9b471
2010-12-13 23:28 . 2010-12-13 23:28 -------- d-----w- C:\drivers
2010-12-13 20:23 . 2010-12-13 20:23 -------- d-----w- C:\DJ's 2010
2010-12-13 20:23 . 2010-12-13 20:23 -------- d-----w- C:\c653913046ee4a6c69ae8de1105fed
2010-12-12 22:01 . 2010-12-12 22:01 -------- d-----r- C:\MSOCache

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-11-06 00:26 . 2008-04-13 23:00 916480 ----a-w- c:\windows\system32\wininet.dll
2010-11-06 00:26 . 2008-04-13 23:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-11-06 00:26 . 2008-04-13 23:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2010-11-03 12:25 . 2008-04-13 23:00 385024 ----a-w- c:\windows\system32\html.iec
2010-11-02 15:17 . 2008-04-13 23:00 40960 ----a-w- c:\windows\system32\drivers\ndproxy.sys
2010-10-28 13:13 . 2008-04-13 23:00 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-10-26 13:25 . 2008-04-13 23:00 1853312 ----a-w- c:\windows\system32\win32k.sys
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-12-14 39408]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-06 2260480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SigmatelSysTrayApp"="stsystra.exe" [2007-05-07 405504]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-06-07 8433664]
"nwiz"="nwiz.exe" [2007-06-07 1626112]
"NVHotkey"="nvHotkey.dll" [2007-06-07 67584]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-06-07 81920]
"IntelZeroConfig"="c:\program files\Intel\Wireless\bin\ZCfgSvc.exe" [2007-02-21 819200]
"IntelWireless"="c:\program files\Intel\Wireless\Bin\ifrmewrk.exe" [2007-02-21 970752]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2006-10-03 221184]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2006-10-03 81920]
"RoxWatchTray"="c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [2006-11-05 221184]
"Seagate Dashboard"="c:\program files\Seagate\Seagate Dashboard\MemeoLauncher.exe" [2010-04-30 79112]
"Memeo Backup Premium"="c:\program files\Memeo\AutoBackupPro\MemeoLauncher2.exe" [2010-04-23 136416]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]

c:\documents and settings\Dan Werner\Start Menu\Programs\Startup\
ClickTray Calendar.lnk - c:\program files\ClickTray Calendar\ClickTray.exe [2010-12-13 3495936]
ERUNT AutoBackup.lnk - c:\program files\ERUNT\AUTOBACK.EXE [2005-10-20 38912]
PdaNet Desktop.lnk - c:\program files\PdaNet for Android\PdaNetPC.exe [2010-12-13 473616]
Seagate Product Registration.lnk - c:\documents and settings\Dan Werner\Application Data\Leadertech\PowerRegister\Seagate Product Registration.exe [2010-12-12 1731736]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Acrobat Assistant.lnk - c:\program files\Adobe\Acrobat 6.0\Distillr\acrotray.exe [2003-5-15 217193]
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2010-12-13 113664]
Google Calendar Sync.lnk - c:\program files\Google\Google Calendar Sync\GoogleCalendarSync.exe [2010-7-26 546360]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=

R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360\0403000.005\symds.sys [12/17/2010 12:22 PM 328752]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360\0403000.005\symefa.sys [12/17/2010 12:22 PM 173104]
R1 BHDrvx86;BHDrvx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\BASHDefs\20101123.003\BHDrvx86.sys [11/23/2010 3:34 AM 691248]
R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\N360\0403000.005\cchpx86.sys [12/17/2010 12:22 PM 501888]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360\0403000.005\ironx86.sys [12/17/2010 12:22 PM 116784]
R2 MemeoBackgroundService;MemeoBackgroundService;c:\program files\Memeo\AutoBackupPro\MemeoBackgroundService.exe [4/22/2010 4:49 PM 25824]
R2 N360;Norton 360;c:\program files\Norton 360\Engine\4.3.0.5\ccsvchst.exe [12/17/2010 12:22 PM 126392]
R2 SeagateDashboardService;Seagate Dashboard Service;c:\program files\Seagate\Seagate Dashboard\SeagateDashboardService.exe [4/30/2010 6:47 AM 14088]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [12/17/2010 7:08 AM 102448]
R3 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\IPSDefs\20101224.001\IDSXpx86.sys [12/24/2010 4:34 PM 341944]
R3 pneteth;PdaNet Broadband;c:\windows\system32\drivers\pneteth.sys [12/13/2010 6:54 PM 13312]
S0 cerc6;cerc6; [x]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [12/13/2010 4:36 PM 135664]
.
Contents of the 'Scheduled Tasks' folder

2010-12-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-12-14 00:36]

2010-12-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-12-14 00:36]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.yahoo.com/
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
FF - ProfilePath - c:\documents and settings\Dan Werner\Application Data\Mozilla\Firefox\Profiles\zp8eoqbx.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/
FF - prefs.js: network.proxy.type - 0
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: AniWeather: {4176DFF4-4698-11DE-BEEB-45DA55D89593} - %profile%\extensions\{4176DFF4-4698-11DE-BEEB-45DA55D89593}
FF - Ext: Favicon Picker 2: {446c03e0-2c35-11db-a98b-0800200c9a66} - %profile%\extensions\{446c03e0-2c35-11db-a98b-0800200c9a66}
FF - Ext: NoRedirect: {c1970c0d-dbe6-4d91-804f-c9c0de643a57} - %profile%\extensions\{c1970c0d-dbe6-4d91-804f-c9c0de643a57}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: Norton IPS: {BBDA0591-3099-440a-AA10-41764D9DB4DB} - c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\IPSFFPlgn
FF - Ext: Norton Toolbar: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62} - c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\coFFPlgn
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-12-25 07:14
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\N360]
"ImagePath"="\"c:\program files\Norton 360\Engine\4.3.0.5\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files\Norton 360\Engine\4.3.0.5\diMaster.dll\" /prefetch:1"
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Completion time: 2010-12-25 07:17:08
ComboFix-quarantined-files.txt 2010-12-25 15:17

Pre-Run: 70,256,525,312 bytes free
Post-Run: 70,221,201,408 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

- - End Of File - - D3BEC45EB1D9649E104E784D5301E211
ken545
2010-12-25, 17:26
Hi,

Your original OTL log was so long that I missed these. Lets run the fix again, this should fix the redirects


Run OTL.exe

Copy/paste the following text written inside of the code box into the Custom Scans/Fixes box located at the bottom of OTL



:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.109.67.74 213.109.77.113 1.1.1.1
[2010/12/16 12:12:00 | 000,000,909 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20101216-132627.backup
[2010/12/16 12:12:00 | 000,000,909 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20101216-132627.backup
[2010/12/13 19:37:25 | 000,426,903 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20101213-193933.backup
[2010/12/22 12:26:18 | 000,427,647 | R--- | C] () -- C:\WINDOWS\System32\drivers\etc\hosts.20101222-122618.backup
[2010/12/16 13:26:27 | 000,000,909 | ---- | C] () -- C:\WINDOWS\System32\drivers\etc\hosts.20101216-132627.backup
[2010/12/13 19:39:33 | 000,426,903 | R--- | C] () -- C:\WINDOWS\System32\drivers\etc\hosts.20101213-193933.backup
[2010/12/13 19:37:25 | 000,000,734 | ---- | C] () -- C:\WINDOWS\System32\drivers\etc\hosts.20101213-193725.backup

:Services

:Reg

:Files


:Commands
[purity]
[emptytemp]
[RESETHOSTS]
[start explorer]
[Reboot]

Then click the Run Fix button at the top
Let the program run unhindered, reboot when it is done
Then post the results of the log and a new OTL log ( don't check the boxes beside LOP Check or Purity this time )
mrsr71
2010-12-25, 18:37
All processes killed
========== OTL ==========
No active process named explorer.exe was found!
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\\DhcpNameServer| /E : value set successfully!
File C:\WINDOWS\System32\drivers\etc\hosts.20101216-132627.backup not found.
File C:\WINDOWS\System32\drivers\etc\hosts.20101216-132627.backup not found.
File C:\WINDOWS\System32\drivers\etc\hosts.20101213-193933.backup not found.
C:\WINDOWS\system32\drivers\etc\hosts.20101222-122618.backup moved successfully.
File C:\WINDOWS\System32\drivers\etc\hosts.20101216-132627.backup not found.
File C:\WINDOWS\System32\drivers\etc\hosts.20101213-193933.backup not found.
C:\WINDOWS\system32\drivers\etc\hosts.20101213-193725.backup moved successfully.
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Dan Werner
->Temp folder emptied: 149221 bytes
->Temporary Internet Files folder emptied: 541499 bytes
->Java cache emptied: 31504 bytes
->FireFox cache emptied: 44928460 bytes
->Flash cache emptied: 456 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Owner

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 3645952 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 16867 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 47.00 mb

C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTL by OldTimer - Version 3.2.18.0 log created on 12252010_092140

Files\Folders moved on Reboot...
C:\Documents and Settings\Dan Werner\Local Settings\Temp\VBE\MSForms.exd moved successfully.
File\Folder C:\Documents and Settings\Dan Werner\Local Settings\Temp\~DF19F5.tmp not found!
File\Folder C:\Documents and Settings\Dan Werner\Local Settings\Temp\~DF7440.tmp not found!
File\Folder C:\Documents and Settings\Dan Werner\Local Settings\Temp\~DF7D6B.tmp not found!
File\Folder C:\Documents and Settings\Dan Werner\Local Settings\Temporary Internet Files\Content.Word\~WRF0001.tmp not found!
File\Folder C:\Documents and Settings\Dan Werner\Local Settings\Temporary Internet Files\Content.Word\~WRS0000.tmp not found!
File\Folder C:\WINDOWS\temp\Perflib_Perfdata_39c.dat not found!

Registry entries deleted on Reboot...


OTL logfile created on: 12/25/2010 9:30:34 AM - Run 3
OTL by OldTimer - Version 3.2.18.0 Folder = C:\Documents and Settings\Dan Werner\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,022.00 Mb Total Physical Memory | 249.00 Mb Available Physical Memory | 24.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 74.00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149.04 Gb Total Space | 65.46 Gb Free Space | 43.92% Space Free | Partition Type: NTFS

Computer Name: DAN | User Name: Dan Werner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\Dan Werner\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\Mozilla Firefox\plugin-container.exe (Mozilla Corporation)
PRC - C:\Program Files\PdaNet for Android\PdaNetPC.exe ()
PRC - C:\Program Files\Google\Google Calendar Sync\GoogleCalendarSync.exe (Google)
PRC - C:\Program Files\Seagate\Seagate Dashboard\MemeoDashboard.exe (Memeo)
PRC - C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe (Memeo)
PRC - C:\Program Files\Memeo\AutoBackupPro\MemeoBackgroundService.exe (Memeo)
PRC - C:\Program Files\Norton 360\Engine\4.3.0.5\ccsvchst.exe (Symantec Corporation)
PRC - C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
PRC - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe (Intel(R) Corporation)
PRC - C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe (Intel Corporation )
PRC - C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe (Intel Corporation)
PRC - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe (Sonic Solutions)
PRC - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe (Sonic Solutions)
PRC - C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (Macrovision Corporation)
PRC - C:\Program Files\ClickTray Calendar\ClickTray.exe (WASEO)
PRC - C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe (Adobe Systems Inc.)


========== Modules (SafeList) ==========

MOD - C:\Documents and Settings\Dan Werner\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Program Files\Norton 360\Engine\4.3.0.5\asoehook.dll (Symantec Corporation)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (Microsoft Corporation)
MOD - C:\Program Files\Norton 360\Engine\4.3.0.5\microsoft.vc90.crt\msvcr90.dll (Microsoft Corporation)
MOD - C:\Program Files\Norton 360\Engine\4.3.0.5\microsoft.vc90.crt\msvcp90.dll (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV - (SeagateDashboardService) -- C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe (Memeo)
SRV - (MemeoBackgroundService) -- C:\Program Files\Memeo\AutoBackupPro\MemeoBackgroundService.exe (Memeo)
SRV - (N360) -- C:\Program Files\Norton 360\Engine\4.3.0.5\ccSvcHst.exe (Symantec Corporation)
SRV - (EvtEng) Intel(R) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe (Intel Corporation)
SRV - (WLANKEEPER) Intel(R) -- C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe (Intel(R) Corporation)
SRV - (S24EventMonitor) Intel(R) -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe (Intel Corporation )
SRV - (RegSrvc) Intel(R) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe (Intel Corporation)
SRV - (IDriverT) -- C:\Program Files\Roxio\Roxio MyDVD DE\InstallShield\Driver\1050\Intel 32\IDriverT.exe (Macrovision Corporation)


========== Driver Services (SafeList) ==========

DRV - (UIUSys) -- C:\WINDOWS\System32\DRIVERS\UIUSYS.SYS File not found
DRV - (catchme) -- C:\DOCUME~1\DANWER~1\LOCALS~1\Temp\catchme.sys File not found
DRV - (NAVEX15) -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\VirusDefs\20101225.007\NAVEX15.SYS (Symantec Corporation)
DRV - (NAVENG) -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\VirusDefs\20101225.007\NAVENG.SYS (Symantec Corporation)
DRV - (SymEvent) -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS (Symantec Corporation)
DRV - (eeCtrl) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation)
DRV - (EraserUtilRebootDrv) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)
DRV - (IDSxpx86) -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\IPSDefs\20101224.001\IDSXpx86.sys (Symantec Corporation)
DRV - (BHDrvx86) -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\BASHDefs\20101123.003\BHDrvx86.sys (Symantec Corporation)
DRV - (pneteth) -- C:\WINDOWS\system32\drivers\pneteth.sys (June Fabrics Technology Inc.)
DRV - (SYMTDI) -- C:\WINDOWS\System32\Drivers\N360\0403000.005\SYMTDI.SYS (Symantec Corporation)
DRV - (SymIRON) -- C:\WINDOWS\system32\drivers\N360\0403000.005\Ironx86.SYS (Symantec Corporation)
DRV - (SymEFA) -- C:\WINDOWS\system32\drivers\N360\0403000.005\SYMEFA.SYS (Symantec Corporation)
DRV - (SRTSP) -- C:\WINDOWS\System32\Drivers\N360\0403000.005\SRTSP.SYS (Symantec Corporation)
DRV - (SRTSPX) Symantec Real Time Storage Protection (PEL) -- C:\WINDOWS\system32\drivers\N360\0403000.005\SRTSPX.SYS (Symantec Corporation)
DRV - (ccHP) -- C:\WINDOWS\system32\drivers\N360\0403000.005\ccHPx86.sys (Symantec Corporation)
DRV - (SymDS) -- C:\WINDOWS\system32\drivers\N360\0403000.005\SYMDS.SYS (Symantec Corporation)
DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows (R) Server 2003 DDK provider)
DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation)
DRV - (STHDA) -- C:\WINDOWS\system32\drivers\sthda.sys (SigmaTel, Inc.)
DRV - (NETw4x32) Intel(R) -- C:\WINDOWS\system32\drivers\NETw4x32.sys (Intel Corporation)
DRV - (s24trans) -- C:\WINDOWS\system32\drivers\s24trans.sys (Intel Corporation)
DRV - (DRVNDDM) -- C:\WINDOWS\system32\drivers\DRVNDDM.SYS (Roxio)
DRV - (DLARTL_M) -- C:\WINDOWS\system32\drivers\DLARTL_M.SYS (Roxio)
DRV - (DLACDBHM) -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS (Roxio)
DRV - (bcm4sbxp) -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys (Broadcom Corporation)
DRV - (rimmptsk) -- C:\WINDOWS\system32\drivers\rimmptsk.sys (REDC)
DRV - (rimsptsk) -- C:\WINDOWS\system32\drivers\rimsptsk.sys (REDC)
DRV - (rismxdp) -- C:\WINDOWS\system32\drivers\rixdptsk.sys (REDC)
DRV - (HSF_DPV) -- C:\WINDOWS\system32\drivers\HSF_DPV.sys (Conexant Systems, Inc.)
DRV - (HSFHWAZL) -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.)
DRV - (WinUSB) -- C:\WINDOWS\system32\drivers\winusb.sys (Microsoft Corporation)
DRV - (DLADResM) -- C:\WINDOWS\system32\DLA\DLADResM.SYS (Roxio)
DRV - (DLAUDFAM) -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS (Roxio)
DRV - (DLABMFSM) -- C:\WINDOWS\system32\DLA\DLABMFSM.SYS (Roxio)
DRV - (DLAUDF_M) -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS (Roxio)
DRV - (DLAOPIOM) -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS (Roxio)
DRV - (DLABOIOM) -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS (Roxio)
DRV - (DLAPoolM) -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS (Roxio)
DRV - (DLAIFS_M) -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS (Roxio)
DRV - (DRVMCDB) -- C:\WINDOWS\System32\Drivers\DRVMCDB.SYS (Sonic Solutions)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========
mrsr71
2010-12-25, 18:39
FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com/"
FF - prefs.js..extensions.enabledItems: {4176DFF4-4698-11DE-BEEB-45DA55D89593}:0.8.6
FF - prefs.js..extensions.enabledItems: {446c03e0-2c35-11db-a98b-0800200c9a66}:0.6.1.14
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0
FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:4.6
FF - prefs.js..extensions.enabledItems: {c1970c0d-dbe6-4d91-804f-c9c0de643a57}:1.2.4
FF - prefs.js..network.proxy.type: 0

FF - HKLM\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\IPSFFPlgn\ [2010/12/17 12:21:57 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\coFFPlgn\ [2010/12/16 12:28:04 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/12/17 10:00:26 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/12/17 10:00:11 | 000,000,000 | ---D | M]

[2010/12/17 10:00:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dan Werner\Application Data\Mozilla\Extensions
[2010/12/25 06:27:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dan Werner\Application Data\Mozilla\Firefox\Profiles\zp8eoqbx.default\extensions
[2010/12/19 07:39:52 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Dan Werner\Application Data\Mozilla\Firefox\Profiles\zp8eoqbx.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/12/17 12:53:49 | 000,000,000 | ---D | M] (AniWeather) -- C:\Documents and Settings\Dan Werner\Application Data\Mozilla\Firefox\Profiles\zp8eoqbx.default\extensions\{4176DFF4-4698-11DE-BEEB-45DA55D89593}
[2010/12/17 14:55:29 | 000,000,000 | ---D | M] (Favicon Picker 2) -- C:\Documents and Settings\Dan Werner\Application Data\Mozilla\Firefox\Profiles\zp8eoqbx.default\extensions\{446c03e0-2c35-11db-a98b-0800200c9a66}
[2010/12/20 15:48:55 | 000,000,000 | ---D | M] (NoRedirect) -- C:\Documents and Settings\Dan Werner\Application Data\Mozilla\Firefox\Profiles\zp8eoqbx.default\extensions\{c1970c0d-dbe6-4d91-804f-c9c0de643a57}
[2010/12/17 10:00:12 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions

O1 HOSTS File: ([2010/12/25 09:21:54 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\4.3.0.5\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\4.3.0.5\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (AcroIEToolbarHelper Class) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\4.3.0.5\coieplg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\4.3.0.5\coieplg.dll (Symantec Corporation)
O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation)
O4 - HKLM..\Run: [IntelZeroConfig] C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe (Intel Corporation)
O4 - HKLM..\Run: [ISUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (Macrovision Corporation)
O4 - HKLM..\Run: [Memeo Backup Premium] C:\Program Files\Memeo\AutoBackupPro\MemeoLauncher2.exe (Memeo Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NVHotkey] C:\WINDOWS\System32\nvhotkey.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe (Sonic Solutions)
O4 - HKLM..\Run: [Seagate Dashboard] C:\Program Files\Seagate\Seagate Dashboard\MemeoLauncher.exe ()
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe (Adobe Systems Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Google Calendar Sync.lnk = C:\Program Files\Google\Google Calendar Sync\GoogleCalendarSync.exe (Google)
O4 - Startup: C:\Documents and Settings\Dan Werner\Start Menu\Programs\Startup\ClickTray Calendar.lnk = C:\Program Files\ClickTray Calendar\ClickTray.exe (WASEO)
O4 - Startup: C:\Documents and Settings\Dan Werner\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O4 - Startup: C:\Documents and Settings\Dan Werner\Start Menu\Programs\Startup\PdaNet Desktop.lnk = C:\Program Files\PdaNet for Android\PdaNetPC.exe ()
O4 - Startup: C:\Documents and Settings\Dan Werner\Start Menu\Programs\Startup\Seagate Product Registration.lnk = C:\Documents and Settings\Dan Werner\Application Data\Leadertech\PowerRegister\Seagate Product Registration.exe (Leader Technologies/Seagate)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll (Google Inc.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.109.67.74 213.109.77.113 1.1.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Dan Werner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Dan Werner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/12/12 12:06:16 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/12/25 09:21:54 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010/12/25 06:44:01 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010/12/25 06:40:42 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010/12/25 06:40:42 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010/12/25 06:40:42 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010/12/25 06:40:42 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010/12/25 06:39:06 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010/12/24 14:02:13 | 000,016,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2010/12/24 14:01:34 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Connect 2
[2010/12/24 13:59:24 | 000,000,000 | ---D | C] -- C:\f0d53f01b9790e9347
[2010/12/24 13:59:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\UMDF
[2010/12/24 07:26:27 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/12/23 15:49:09 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Dan Werner\Desktop\OTL.exe
[2010/12/23 15:29:27 | 000,050,688 | ---- | C] (Atribune.org) -- C:\Documents and Settings\Dan Werner\Desktop\ATF-Cleaner.exe
[2010/12/21 07:52:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/12/21 07:51:24 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010/12/21 07:49:55 | 000,791,393 | ---- | C] (Lars Hederer ) -- C:\Documents and Settings\Dan Werner\Desktop\erunt-setup.exe
[2010/12/20 17:21:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Hitman Pro
[2010/12/19 13:53:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\Local Settings\Application Data\Identities
[2010/12/18 14:39:17 | 000,000,000 | ---D | C] -- C:\tmp
[2010/12/18 14:39:07 | 000,000,000 | ---D | C] -- C:\Cool RingTone Maker
[2010/12/17 15:43:36 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vbar332.dll
[2010/12/17 15:43:35 | 000,000,000 | ---D | C] -- C:\Program Files\VoptXP v7
[2010/12/17 12:22:41 | 000,501,888 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0403000.005\cchpx86.sys
[2010/12/17 12:22:41 | 000,361,904 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0403000.005\symtdi.sys
[2010/12/17 12:22:41 | 000,339,504 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0403000.005\symtdiv.sys
[2010/12/17 12:22:41 | 000,328,752 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0403000.005\symds.sys
[2010/12/17 12:22:41 | 000,325,680 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0403000.005\srtsp.sys
[2010/12/17 12:22:41 | 000,173,104 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0403000.005\symefa.sys
[2010/12/17 12:22:41 | 000,116,784 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0403000.005\ironx86.sys
[2010/12/17 12:22:41 | 000,043,696 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0403000.005\srtspx.sys
[2010/12/17 12:22:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\N360\0403000.005
[2010/12/17 10:58:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\My Documents\Downloads
[2010/12/17 10:00:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\Local Settings\Application Data\Mozilla
[2010/12/17 10:00:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\Application Data\Mozilla
[2010/12/17 10:00:10 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2010/12/16 12:26:50 | 000,107,368 | R--- | C] (GEAR Software Inc.) -- C:\WINDOWS\System32\GEARAspi.dll
[2010/12/16 12:26:21 | 000,124,976 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2010/12/16 12:26:21 | 000,060,808 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\S32EVNT1.DLL
[2010/12/16 12:26:20 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2010/12/16 12:25:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\N360
[2010/12/16 12:25:03 | 000,000,000 | ---D | C] -- C:\Program Files\Norton 360
[2010/12/16 12:17:45 | 000,000,000 | ---D | C] -- C:\Program Files\NortonInstaller
[2010/12/16 10:45:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\Application Data\Tific
[2010/12/15 11:28:55 | 000,018,304 | ---- | C] (GARMIN Corp.) -- C:\WINDOWS\System32\drivers\grmngen.sys
[2010/12/15 11:28:54 | 000,000,000 | ---D | C] -- C:\Program Files\Garmin
[2010/12/15 10:57:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\Local Settings\Application Data\Help
[2010/12/15 10:57:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\Application Data\Help
[2010/12/15 10:54:59 | 000,000,000 | ---D | C] -- C:\Program Files\GSAK
[2010/12/14 17:26:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\Local Settings\Application Data\WMTools Downloaded Files
[2010/12/14 16:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun
[2010/12/14 16:05:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun
[2010/12/14 16:05:24 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010/12/14 16:04:10 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2010/12/14 16:04:10 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010/12/14 16:04:10 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010/12/14 16:04:10 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010/12/14 16:04:10 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010/12/14 16:03:44 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2010/12/14 15:57:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\Application Data\Sun
[2010/12/14 12:05:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\Application Data\GlobalSCAPE
[2010/12/14 10:36:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\My Documents\My Garmin
[2010/12/14 10:18:34 | 001,089,536 | ---- | C] (eHelp Corporation.) -- C:\WINDOWS\System32\ROBOEX32.DLL
[2010/12/14 10:18:34 | 000,049,152 | ---- | C] (Blue Sky Software Corporation.) -- C:\WINDOWS\System32\INETWH32.dll
[2010/12/14 10:18:34 | 000,000,000 | ---D | C] -- C:\Garmin
[2010/12/14 08:51:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\My Documents\Ultra Fractal 5
[2010/12/14 08:51:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\My Documents\Ultra Fractal 4
[2010/12/14 08:50:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\My Documents\Norton Key
[2010/12/14 08:49:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\My Documents\Elks
[2010/12/14 08:33:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\My Documents\My Pictures
[2010/12/14 08:23:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\My Documents\My Music
[2010/12/14 08:20:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\My Documents\Wells Fargo
[2010/12/14 08:20:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\My Documents\RCI Info
[2010/12/14 08:19:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\My Documents\SCSA
[2010/12/13 20:56:03 | 000,000,000 | ---D | C] -- C:\Program Files\HyperSnap-DX 4
[2010/12/13 20:46:53 | 000,000,000 | ---D | C] -- C:\Program Files\HyperSnap 6
[2010/12/13 20:24:27 | 000,000,000 | ---D | C] -- C:\Program Files\GlobalSCAPE
[2010/12/13 20:20:11 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Vbox
[2010/12/13 20:18:36 | 000,306,688 | ---- | C] (InstallShield Software Corporation) -- C:\WINDOWS\IsUninst.exe
[2010/12/13 20:15:19 | 000,000,000 | ---D | C] -- C:\Program Files\ClickTray Calendar
[2010/12/13 19:47:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\My Documents\Auction Sentry Data
[2010/12/13 19:46:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/12/13 19:46:51 | 000,000,000 | ---D | C] -- C:\Program Files\Auction Sentry
[2010/12/13 19:46:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\Downloaded Installations
[2010/12/13 19:33:38 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2010/12/13 19:33:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2010/12/13 19:22:46 | 000,286,720 | ---- | C] (Indigo Rose Corporation) -- C:\WINDOWS\iun506.exe
[2010/12/13 18:54:51 | 000,013,312 | ---- | C] (June Fabrics Technology Inc.) -- C:\WINDOWS\System32\drivers\pneteth.sys
[2010/12/13 18:47:32 | 000,014,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsgXP_2k3.dll
[2010/12/13 18:47:00 | 000,032,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbccgp.sys
[2010/12/13 18:44:41 | 001,112,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\WdfCoInstaller01007.dll
[2010/12/13 18:44:41 | 000,581,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\WinUSBCoInstaller.dll
[2010/12/13 18:44:40 | 000,000,000 | ---D | C] -- C:\Program Files\PdaNet for Android
[2010/12/13 17:00:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\Application Data\GARMIN
[2010/12/13 17:00:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\GARMIN
[2010/12/13 16:48:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2010/12/13 16:48:24 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2010/12/13 16:48:15 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2010/12/13 16:47:42 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpssvcs.dll
[2010/12/13 16:47:42 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpssvcs.dll
[2010/12/13 16:47:42 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\printfilterpipelinesvc.exe
[2010/12/13 16:47:42 | 000,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpsshhdr.dll
[2010/12/13 16:47:42 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\prntvpt.dll
[2010/12/13 16:47:42 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\filterpipelineprintproc.dll
[2010/12/13 16:47:42 | 000,000,000 | ---D | C] -- C:\30af5d22e69d662677
[2010/12/13 16:41:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google
[2010/12/13 16:36:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2010/12/13 16:36:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\Local Settings\Application Data\Google
[2010/12/13 16:35:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Google
[2010/12/13 16:34:55 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2010/12/13 16:34:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\Application Data\Google
[2010/12/13 16:34:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\Application Data\Macromedia
[2010/12/13 15:48:13 | 000,000,000 | ---D | C] -- C:\gsak
[2010/12/13 15:28:42 | 000,000,000 | ---D | C] -- C:\e18a05fd45ecaad9b471
[2010/12/13 15:28:08 | 000,000,000 | ---D | C] -- C:\drivers
[2010/12/13 12:23:38 | 000,000,000 | ---D | C] -- C:\DJ's 2010
[2010/12/13 12:23:26 | 000,000,000 | ---D | C] -- C:\c653913046ee4a6c69ae8de1105fed
[2010/12/13 09:24:46 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/12/13 09:24:43 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/12/13 09:24:42 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/12/13 09:16:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\Application Data\Malwarebytes
[2010/12/13 09:15:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/12/13 09:12:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\My Documents\Symantec
[2010/12/13 09:04:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PCSettings
[2010/12/13 09:01:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NortonInstaller
[2010/12/13 08:51:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\Norton
[2010/12/13 08:41:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\Local Settings\Application Data\Symantec
[2010/12/13 08:00:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\My Documents\Temp
[2010/12/13 08:00:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\My Documents\RV Data
[2010/12/13 08:00:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\My Documents\pwrcmdr
[2010/12/13 07:58:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\My Documents\PDF Files
[2010/12/13 07:55:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\My Documents\My Web Sites
[2010/12/13 07:54:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\My Documents\My Videos
[2010/12/13 07:53:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\My Documents\Harley Data
[2010/12/13 07:52:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\My Documents\Guns
[2010/12/13 07:49:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\My Documents\Geocaching Data
[2010/12/13 07:46:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\My Documents\DJs
[2010/12/13 07:46:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\My Documents\Blood Pressure
[2010/12/12 19:07:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MemeoCommon
[2010/12/12 17:54:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[2010/12/12 17:54:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Norton
[2010/12/12 17:52:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\Application Data\Memeo
[2010/12/12 17:52:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Seagate
[2010/12/12 17:52:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\Application Data\Seagate
[2010/12/12 17:51:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\ServiceTest
[2010/12/12 17:50:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Memeo
[2010/12/12 17:50:39 | 000,000,000 | ---D | C] -- C:\Program Files\Memeo
[2010/12/12 17:50:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\Local Settings\Application Data\temp
[2010/12/12 17:49:21 | 000,000,000 | R-SD | C] -- C:\WINDOWS\assembly
[2010/12/12 17:48:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET
[2010/12/12 17:48:06 | 000,000,000 | ---D | C] -- C:\Program Files\Seagate
[2010/12/12 17:33:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\Application Data\Leadertech
[2010/12/12 17:27:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\Application Data\AdobeUM
[2010/12/12 17:27:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\Local Settings\Application Data\Adobe
[2010/12/12 17:27:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\My Documents\My eBooks
[2010/12/12 17:26:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\Application Data\Adobe
[2010/12/12 17:25:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2010/12/12 17:25:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\Adobe PDF 6.0
[2010/12/12 17:25:09 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2010/12/12 17:24:26 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2010/12/12 17:14:22 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Sidebar
[2010/12/12 17:12:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Symantec
[2010/12/12 16:48:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
mrsr71
2010-12-25, 18:40
[2010/12/12 16:41:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\Application Data\Symantec
[2010/12/12 16:01:31 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2010/12/12 16:00:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2010/12/12 16:00:07 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\hidserv.dll
[2010/12/12 15:56:50 | 000,455,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys
[2010/12/12 15:52:49 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2010/12/12 15:52:49 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2010/12/12 15:52:48 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2010/12/12 15:52:47 | 001,991,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2010/12/12 15:52:45 | 011,080,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2010/12/12 15:52:30 | 002,146,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe
[2010/12/12 15:52:29 | 002,189,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe
[2010/12/12 15:52:28 | 002,024,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe
[2010/12/12 15:50:24 | 000,272,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthport.sys
[2010/12/12 15:49:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2010/12/12 15:46:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2010/12/12 15:46:24 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$
[2010/12/12 15:37:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles
[2010/12/12 15:35:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2010/12/12 14:27:51 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Dan Werner\IECompatCache
[2010/12/12 14:27:33 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Dan Werner\PrivacIE
[2010/12/12 14:27:09 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Dan Werner\IETldCache
[2010/12/12 14:24:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2010/12/12 14:24:31 | 000,026,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spupdsvc.exe
[2010/12/12 14:23:45 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2010/12/12 14:21:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Roxio
[2010/12/12 14:21:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\Application Data\Roxio
[2010/12/12 14:18:14 | 000,099,176 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\DRVMCDB.SYS
[2010/12/12 14:18:14 | 000,092,920 | ---- | C] (Roxio) -- C:\WINDOWS\DLA.EXE
[2010/12/12 14:18:14 | 000,051,768 | ---- | C] (Roxio) -- C:\WINDOWS\System32\drivers\DRVNDDM.SYS
[2010/12/12 14:18:14 | 000,028,120 | ---- | C] (Roxio) -- C:\WINDOWS\System32\drivers\DLARTL_M.SYS
[2010/12/12 14:18:14 | 000,012,856 | ---- | C] (Roxio) -- C:\WINDOWS\System32\drivers\DLACDBHM.SYS
[2010/12/12 14:18:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DLA
[2010/12/12 14:17:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sonic
[2010/12/12 14:15:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Roxio
[2010/12/12 14:14:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\RegisteredPackages
[2010/12/12 14:14:18 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SureThing Shared
[2010/12/12 14:13:43 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Sonic Shared
[2010/12/12 14:13:15 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Roxio Shared
[2010/12/12 14:13:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\InstallShield
[2010/12/12 14:13:04 | 000,000,000 | ---D | C] -- C:\Program Files\Roxio
[2010/12/12 14:06:04 | 000,028,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mdimon.dll
[2010/12/12 14:05:26 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\L&H
[2010/12/12 14:05:20 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2010/12/12 14:05:13 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft ActiveSync
[2010/12/12 14:04:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2010/12/12 14:04:51 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works
[2010/12/12 14:04:46 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio
[2010/12/12 14:04:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\SHELLNEW
[2010/12/12 14:03:09 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2010/12/12 14:01:00 | 000,000,000 | R--D | C] -- C:\MSOCache
[2010/12/12 13:55:48 | 002,756,608 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\NETw4r32.dll
[2010/12/12 13:55:48 | 002,203,520 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\drivers\NETw4x32.sys
[2010/12/12 13:55:48 | 000,679,936 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\NETw4c32.dll
[2010/12/12 13:34:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Intel
[2010/12/12 13:34:19 | 000,000,000 | ---D | C] -- C:\Program Files\Broadcom
[2010/12/12 13:28:54 | 000,026,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbstor.sys
[2010/12/12 13:04:24 | 000,356,352 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvudisp.exe
[2010/12/12 13:04:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\nview
[2010/12/12 13:04:11 | 000,356,352 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NVUNINST.EXE
[2010/12/12 13:04:02 | 002,113,536 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvwss.dll
[2010/12/12 13:04:02 | 000,335,872 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvwrses.dll
[2010/12/12 13:04:02 | 000,327,680 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvwrsfr.dll
[2010/12/12 13:04:02 | 000,323,584 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvwrsit.dll
[2010/12/12 13:04:02 | 000,319,488 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvwrsptb.dll
[2010/12/12 13:04:02 | 000,315,392 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvwrsru.dll
[2010/12/12 13:04:02 | 000,311,296 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvwrsde.dll
[2010/12/12 13:04:02 | 000,294,912 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvwrspl.dll
[2010/12/12 13:04:02 | 000,212,992 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvwrsja.dll
[2010/12/12 13:04:02 | 000,196,608 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvwrsko.dll
[2010/12/12 13:04:02 | 000,167,936 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvwrszht.dll
[2010/12/12 13:04:02 | 000,163,840 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvwrszhc.dll
[2010/12/12 13:04:01 | 003,620,864 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvvitvsr.dll
[2010/12/12 13:04:01 | 000,081,920 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvwddi.dll
[2010/12/12 13:04:00 | 003,395,584 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvvitvs.dll
[2010/12/12 13:04:00 | 000,282,624 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsfr.dll
[2010/12/12 13:04:00 | 000,282,624 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrses.dll
[2010/12/12 13:04:00 | 000,278,528 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsit.dll
[2010/12/12 13:04:00 | 000,278,528 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsde.dll
[2010/12/12 13:04:00 | 000,266,240 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsru.dll
[2010/12/12 13:04:00 | 000,266,240 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsptb.dll
[2010/12/12 13:04:00 | 000,266,240 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsja.dll
[2010/12/12 13:04:00 | 000,262,144 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsko.dll
[2010/12/12 13:04:00 | 000,253,952 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrspl.dll
[2010/12/12 13:04:00 | 000,225,280 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrszhc.dll
[2010/12/12 13:04:00 | 000,122,880 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrszht.dll
[2010/12/12 13:03:59 | 006,660,096 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvoglnt.dll
[2010/12/12 13:03:59 | 002,854,912 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvmoblsr.dll
[2010/12/12 13:03:59 | 000,958,464 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvmobls.dll
[2010/12/12 13:03:59 | 000,458,752 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvmccssr.dll
[2010/12/12 13:03:59 | 000,229,376 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvmccs.dll
[2010/12/12 13:03:59 | 000,188,416 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvmccss.dll
[2010/12/12 13:03:59 | 000,081,920 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvmctray.dll
[2010/12/12 13:03:59 | 000,067,584 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvhotkey.dll
[2010/12/12 13:03:59 | 000,045,056 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvmccsrs.dll
[2010/12/12 13:03:58 | 003,235,840 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvgamesr.dll
[2010/12/12 13:03:58 | 003,145,728 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvgames.dll
[2010/12/12 13:03:58 | 000,307,200 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvexpbar.dll
[2010/12/12 13:03:57 | 005,427,200 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvdispsr.dll
[2010/12/12 13:03:56 | 006,074,368 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvdisps.dll
[2010/12/12 13:03:56 | 001,069,056 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcpluir.dll
[2010/12/12 13:03:56 | 000,815,104 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcplui.exe
[2010/12/12 13:03:55 | 008,433,664 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcpl.dll
[2010/12/12 13:03:55 | 000,344,064 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvapi.dll
[2010/12/12 13:03:55 | 000,073,728 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcpl.cpl
[2010/12/12 13:03:55 | 000,036,864 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcodins.dll
[2010/12/12 13:03:55 | 000,036,864 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcod.dll
[2010/12/12 13:03:54 | 006,349,696 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\drivers\nv4_mini.sys
[2010/12/12 13:03:54 | 006,349,696 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\dllcache\nv4_mini.sys
[2010/12/12 13:03:54 | 005,466,624 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nv4_disp.dll
[2010/12/12 13:03:54 | 005,466,624 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\dllcache\nv4_disp.dll
[2010/12/12 13:03:52 | 002,379,776 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvwssr.dll
[2010/12/12 13:02:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Intel
[2010/12/12 13:02:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\Application Data\Intel
[2010/12/12 13:02:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Intel
[2010/12/12 13:01:16 | 000,045,568 | R--- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\drivers\bcm4sbxp.sys
[2010/12/12 12:59:57 | 000,000,000 | ---D | C] -- C:\Program Files\CONEXANT
[2010/12/12 12:59:40 | 000,172,032 | ---- | C] (Conexant Systems, Inc) -- C:\WINDOWS\System32\Uci32114.dll
[2010/12/12 12:59:40 | 000,094,208 | ---- | C] (Conexant) -- C:\WINDOWS\System32\mdmxsdk.dll
[2010/12/12 12:59:39 | 000,989,696 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\drivers\HSF_DPV.sys
[2010/12/12 12:59:39 | 000,209,152 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\drivers\HSFHWAZL.sys
[2010/12/12 12:59:38 | 000,730,112 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\drivers\HSF_CNXT.sys
[2010/12/12 12:59:12 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2010/12/12 12:59:06 | 000,032,256 | ---- | C] (REDC) -- C:\WINDOWS\System32\drivers\rimmptsk.sys
[2010/12/12 12:59:05 | 000,090,112 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\snymsico.dll
[2010/12/12 12:59:05 | 000,043,520 | ---- | C] (REDC) -- C:\WINDOWS\System32\drivers\rimsptsk.sys
[2010/12/12 12:59:05 | 000,037,376 | ---- | C] (REDC) -- C:\WINDOWS\System32\drivers\rixdptsk.sys
[2010/12/12 12:57:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups
[2010/12/12 12:57:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
[2010/12/12 12:57:05 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2010/12/12 12:56:54 | 000,000,000 | ---D | C] -- C:\Intel
[2010/12/12 12:55:31 | 000,006,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\splitter.sys
[2010/12/12 12:55:30 | 000,083,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wdmaud.sys
[2010/12/12 12:55:28 | 000,052,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmusic.sys
[2010/12/12 12:55:27 | 000,056,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swmidi.sys
[2010/12/12 12:55:25 | 000,142,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aec.sys
[2010/12/12 12:55:24 | 000,172,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kmixer.sys
[2010/12/12 12:55:23 | 000,002,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmkaud.sys
[2010/12/12 12:55:22 | 000,060,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sysaudio.sys
[2010/12/12 12:55:20 | 000,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mskssrv.sys
[2010/12/12 12:55:19 | 000,004,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspqm.sys
[2010/12/12 12:55:17 | 000,005,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspclock.sys
[2010/12/12 12:55:14 | 004,952,064 | ---- | C] (SigmaTel, Inc.) -- C:\WINDOWS\System32\stacgui.cpl
[2010/12/12 12:55:14 | 001,601,536 | ---- | C] (SigmaTel, Inc.) -- C:\WINDOWS\System32\stlang.dll
[2010/12/12 12:55:14 | 000,405,504 | ---- | C] (SigmaTel, Inc.) -- C:\WINDOWS\stsystra.exe
[2010/12/12 12:55:13 | 000,146,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\portcls.sys
[2010/12/12 12:55:13 | 000,146,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\portcls.sys
[2010/12/12 12:55:13 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksuser.dll
[2010/12/12 12:55:13 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksuser.dll
[2010/12/12 12:55:12 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksproxy.ax
[2010/12/12 12:55:12 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksproxy.ax
[2010/12/12 12:55:12 | 000,060,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmk.sys
[2010/12/12 12:55:12 | 000,060,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmk.sys
[2010/12/12 12:55:07 | 000,144,896 | ---- | C] (SigmaTel, Inc.) -- C:\WINDOWS\System32\staco.dll
[2010/12/12 12:55:05 | 001,222,840 | ---- | C] (SigmaTel, Inc.) -- C:\WINDOWS\System32\drivers\sthda.sys
[2010/12/12 12:55:05 | 000,270,336 | ---- | C] (SigmaTel, Inc.) -- C:\WINDOWS\System32\stacapi.dll
[2010/12/12 12:55:05 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2010/12/12 12:55:05 | 000,000,000 | ---D | C] -- C:\Program Files\SigmaTel
[2010/12/12 12:54:59 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2010/12/12 12:47:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\vmm32
[2010/12/12 12:47:12 | 000,000,000 | ---D | C] -- C:\Program Files\Dell
[2010/12/12 12:41:12 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Dan Werner\UserData
[2010/12/12 12:12:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\Application Data\Identities
[2010/12/12 12:12:11 | 000,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
[2010/12/12 12:12:04 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Dan Werner\Application Data\Microsoft
[2010/12/12 12:12:04 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Dan Werner\SendTo
[2010/12/12 12:12:04 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Dan Werner\Recent
[2010/12/12 12:12:04 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Dan Werner\Application Data
[2010/12/12 12:12:04 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Dan Werner\Start Menu
[2010/12/12 12:12:04 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Dan Werner\My Documents
[2010/12/12 12:12:04 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Dan Werner\Favorites
[2010/12/12 12:12:04 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Dan Werner\Cookies
[2010/12/12 12:12:04 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Dan Werner\Templates
[2010/12/12 12:12:04 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Dan Werner\PrintHood
[2010/12/12 12:12:04 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Dan Werner\NetHood
[2010/12/12 12:12:04 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Dan Werner\Local Settings
[2010/12/12 12:12:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\Local Settings\Application Data\Microsoft
[2010/12/12 12:12:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan Werner\Desktop
[2010/12/12 12:10:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2010/12/12 12:10:02 | 000,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft
[2010/12/12 12:10:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2010/12/12 12:10:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2010/12/12 12:10:00 | 000,000,000 | --SD | C] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2010/12/12 12:09:39 | 000,000,000 | --SD | C] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2010/12/12 12:09:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2010/12/12 12:08:30 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winzm.ime
[2010/12/12 12:08:30 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winsp.ime
[2010/12/12 12:08:30 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winpy.ime
[2010/12/12 12:08:29 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winar30.ime
[2010/12/12 12:08:29 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wingb.ime
[2010/12/12 12:08:29 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winime.ime
[2010/12/12 12:08:28 | 000,041,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.dll
[2010/12/12 12:08:28 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.sys
[2010/12/12 12:08:27 | 000,364,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3svc.dll
[2010/12/12 12:08:27 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wam51.dll
[2010/12/12 12:08:27 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamreg51.dll
[2010/12/12 12:08:27 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamps51.dll
[2010/12/12 12:08:26 | 000,086,073 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicesub.dll
[2010/12/12 12:08:26 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ext.dll
[2010/12/12 12:08:26 | 000,048,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32.dll
[2010/12/12 12:08:26 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3svapi.dll
[2010/12/12 12:08:26 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ctrs51.dll
[2010/12/12 12:08:25 | 000,426,041 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicepad.dll
[2010/12/12 12:08:24 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniime.dll
[2010/12/12 12:08:24 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unicdime.ime
[2010/12/12 12:08:23 | 000,103,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uihelper.dll
[2010/12/12 12:08:23 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe
[2010/12/12 12:08:22 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintsetp.exe
[2010/12/12 12:08:22 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlphr.exe
[2010/12/12 12:08:22 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tools.dll
[2010/12/12 12:08:22 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmigrate.dll
[2010/12/12 12:08:21 | 000,571,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlgnt.ime
[2010/12/12 12:08:21 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\thawbrkr.dll
[2010/12/12 12:08:21 | 000,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdipx.sys
[2010/12/12 12:08:21 | 000,019,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdspx.sys
[2010/12/12 12:08:20 | 000,013,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdasync.sys
[2010/12/12 12:08:19 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\svcext51.dll
[2010/12/12 12:08:19 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\status.dll
[2010/12/12 12:08:18 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusbusd.dll
[2010/12/12 12:08:18 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sspifilt.dll
[2010/12/12 12:08:18 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ssinc51.dll
[2010/12/12 12:08:17 | 000,143,422 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\softkey.dll
[2010/12/12 12:08:16 | 000,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpsmir.dll
[2010/12/12 12:08:16 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpthrd.dll
[2010/12/12 12:08:16 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpstup.dll
[2010/12/12 12:08:16 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmptrap.exe
[2010/12/12 12:08:16 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll
[2010/12/12 12:08:15 | 000,456,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpsvc.dll
[2010/12/12 12:08:15 | 000,358,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpincl.dll
[2010/12/12 12:08:15 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpcl.dll
[2010/12/12 12:08:15 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmp.exe
[2010/12/12 12:08:15 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpmib.dll
[2010/12/12 12:08:14 | 000,236,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smi2smir.exe
[2010/12/12 12:08:14 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb6w.dll
[2010/12/12 12:08:14 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsm.dll
[2010/12/12 12:08:14 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll
[2010/12/12 12:08:14 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpapi.dll
[2010/12/12 12:08:14 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smimsgif.dll
[2010/12/12 12:08:14 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsy.dll
[2010/12/12 12:08:13 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm9aw.dll
[2010/12/12 12:08:13 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma3w.dll
[2010/12/12 12:08:13 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm87w.dll
[2010/12/12 12:08:13 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm81w.dll
[2010/12/12 12:08:13 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8cw.dll
[2010/12/12 12:08:13 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm93w.dll
[2010/12/12 12:08:13 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm92w.dll
[2010/12/12 12:08:13 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm90w.dll
[2010/12/12 12:08:13 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8dw.dll
[2010/12/12 12:08:13 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8aw.dll
[2010/12/12 12:08:13 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm89w.dll
[2010/12/12 12:08:13 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm59w.dll
[2010/12/12 12:08:13 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\simptcp.dll
[2010/12/12 12:08:10 | 000,221,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\seo.dll
[2010/12/12 12:08:10 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_scripto.dll
[2010/12/12 12:08:10 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seos.dll
[2010/12/12 12:08:09 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2010/12/12 12:08:09 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2010/12/12 12:08:09 | 000,029,184 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll
[2010/12/12 12:08:09 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rw001ext.dll
[2010/12/12 12:08:09 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rwnh.dll
[2010/12/12 12:08:08 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\romanime.ime
[2010/12/12 12:08:08 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe
[2010/12/12 12:08:08 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe
[2010/12/12 12:08:08 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcref.dll
[2010/12/12 12:08:07 | 000,020,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ramdisk.sys
[2010/12/12 12:08:06 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quick.ime
[2010/12/12 12:08:06 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quser.exe
[2010/12/12 12:08:06 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe
[2010/12/12 12:08:05 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pwsdata.dll
[2010/12/12 12:08:04 | 000,482,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlgnt.ime
[2010/12/12 12:08:04 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxviceo.dll
[2010/12/12 12:08:04 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlphr.exe
[2010/12/12 12:08:04 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmigrate.dll
[2010/12/12 12:08:04 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlcsd.dll
[2010/12/12 12:08:04 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxmcro.dll
[2010/12/12 12:08:04 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxgl.dll
[2010/12/12 12:08:03 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phon.ime
[2010/12/12 12:08:03 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pagecnt.dll
[2010/12/12 12:08:03 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\permchk.dll
[2010/12/12 12:08:02 | 000,036,927 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs411.dll
[2010/12/12 12:08:02 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs404.dll
[2010/12/12 12:08:02 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs804.dll
[2010/12/12 12:08:02 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs412.dll
[2010/12/12 12:08:00 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nsepm.dll
[2010/12/12 12:08:00 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll
[2010/12/12 12:07:59 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nextlink.dll
[2010/12/12 12:07:58 | 000,229,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\multibox.dll
[2010/12/12 12:07:58 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtstocom.exe
[2010/12/12 12:07:55 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msiregmv.exe
[2010/12/12 12:07:54 | 001,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.lex
[2010/12/12 12:07:54 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.dll
[2010/12/12 12:07:50 | 000,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.sys
[2010/12/12 12:07:50 | 000,092,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.dll
[2010/12/12 12:07:50 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migregdb.exe
[2010/12/12 12:07:49 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\metada51.dll
[2010/12/12 12:07:49 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll
[2010/12/12 12:07:49 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\md5filt.dll
[2010/12/12 12:07:49 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mdsync.dll
[2010/12/12 12:07:48 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lmmib2.dll
[2010/12/12 12:07:48 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lpdsvc.dll
[2010/12/12 12:07:48 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logscrpt.dll
[2010/12/12 12:07:48 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lprmon.dll
[2010/12/12 12:07:48 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lonsint.dll
[2010/12/12 12:07:47 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\korwbrkr.dll
[2010/12/12 12:07:46 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecat.dll
[2010/12/12 12:07:46 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecnt.dll
[2010/12/12 12:07:46 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnec95.dll
[2010/12/12 12:07:46 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth3.dll
[2010/12/12 12:07:46 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth2.dll
[2010/12/12 12:07:46 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdvntc.dll
[2010/12/12 12:07:46 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdusa.dll
[2010/12/12 12:07:46 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdurdu.dll
[2010/12/12 12:07:46 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth1.dll
[2010/12/12 12:07:46 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth0.dll
[2010/12/12 12:07:46 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr2.dll
[2010/12/12 12:07:46 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr1.dll
[2010/12/12 12:07:45 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdibm02.dll
[2010/12/12 12:07:45 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41a.dll
[2010/12/12 12:07:45 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41j.dll
[2010/12/12 12:07:45 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinpun.dll
[2010/12/12 12:07:45 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintel.dll
[2010/12/12 12:07:45 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintam.dll
[2010/12/12 12:07:45 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinmar.dll
[2010/12/12 12:07:45 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinkan.dll
[2010/12/12 12:07:45 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinhin.dll
[2010/12/12 12:07:45 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinguj.dll
[2010/12/12 12:07:45 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdindev.dll
[2010/12/12 12:07:45 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdheb.dll
[2010/12/12 12:07:45 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdfa.dll
[2010/12/12 12:07:45 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgeo.dll
[2010/12/12 12:07:44 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jupiw.dll
[2010/12/12 12:07:44 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iwrps.dll
[2010/12/12 12:07:44 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdax2.dll
[2010/12/12 12:07:44 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd106n.dll
[2010/12/12 12:07:44 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101a.dll
[2010/12/12 12:07:44 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101.dll
[2010/12/12 12:07:44 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv2.dll
[2010/12/12 12:07:44 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv1.dll
[2010/12/12 12:07:44 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda3.dll
[2010/12/12 12:07:44 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda2.dll
[2010/12/12 12:07:44 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda1.dll
[2010/12/12 12:07:44 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarmw.dll
[2010/12/12 12:07:44 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarme.dll
[2010/12/12 12:07:43 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iprip.dll
[2010/12/12 12:07:43 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iscomlog.dll
[2010/12/12 12:07:43 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infoctrs.dll
[2010/12/12 12:07:43 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isapips.dll
[2010/12/12 12:07:42 | 000,471,102 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskdic.dll
[2010/12/12 12:07:42 | 000,315,455 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskf.dll
[2010/12/12 12:07:42 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infocomm.dll
[2010/12/12 12:07:42 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetin51.exe
[2010/12/12 12:07:41 | 000,274,489 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputyc.dll
[2010/12/12 12:07:41 | 000,262,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputy.exe
[2010/12/12 12:07:41 | 000,233,527 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjprw.exe
[2010/12/12 12:07:41 | 000,208,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpmig.exe
[2010/12/12 12:07:41 | 000,102,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imlang.dll
[2010/12/12 12:07:41 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imkrinst.exe
[2010/12/12 12:07:41 | 000,045,109 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpuex.exe
[2010/12/12 12:07:40 | 000,716,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcus.dll
[2010/12/12 12:07:40 | 000,368,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcic.dll
[2010/12/12 12:07:40 | 000,307,257 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.exe
[2010/12/12 12:07:40 | 000,155,705 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdsvr.exe
[2010/12/12 12:07:40 | 000,081,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.dll
[2010/12/12 12:07:40 | 000,057,398 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdadm.exe
[2010/12/12 12:07:39 | 000,811,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81k.dll
[2010/12/12 12:07:39 | 000,340,023 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81.ime
[2010/12/12 12:07:39 | 000,311,359 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsv.exe
[2010/12/12 12:07:39 | 000,102,463 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsm.dll
[2010/12/12 12:07:39 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmig.exe
[2010/12/12 12:07:38 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrcic.dll
[2010/12/12 12:07:38 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekr61.ime
[2010/12/12 12:07:38 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmbx.dll
[2010/12/12 12:07:38 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iislog51.dll
[2010/12/12 12:07:38 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisclex4.dll
[2010/12/12 12:07:38 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iiscrmap.dll
[2010/12/12 12:07:38 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisfecnv.dll
[2010/12/12 12:07:38 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iissync.exe
[2010/12/12 12:07:38 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iismui.dll
[2010/12/12 12:07:37 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iische51.dll
[2010/12/12 12:07:37 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisadmin.dll
[2010/12/12 12:07:32 | 010,129,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxkor.dll
[2010/12/12 12:07:23 | 010,096,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxcht.dll
[2010/12/12 12:07:22 | 000,268,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpext.dll
[2010/12/12 12:07:22 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpod51.dll
[2010/12/12 12:07:22 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hostmib.dll
[2010/12/12 12:07:22 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpmb51.dll
[2010/12/12 12:07:21 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hanjadic.dll
[2010/12/12 12:07:21 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gzip.dll
[2010/12/12 12:07:20 | 000,562,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsst.dll
[2010/12/12 12:07:20 | 000,400,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsxp32.dll
[2010/12/12 12:07:20 | 000,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxstiff.dll
[2010/12/12 12:07:20 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssvc.exe
[2010/12/12 12:07:20 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxst30.dll
[2010/12/12 12:07:20 | 000,192,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxswzrd.dll
[2010/12/12 12:07:20 | 000,154,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsui.dll
[2010/12/12 12:07:20 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssend.exe
[2010/12/12 12:07:19 | 000,285,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscomex.dll
[2010/12/12 12:07:19 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscover.exe
[2010/12/12 12:07:19 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclnt.exe
[2010/12/12 12:07:19 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclntr.dll
[2010/12/12 12:07:19 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscfgwz.dll
[2010/12/12 12:07:19 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscom.dll
[2010/12/12 12:07:19 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsevent.dll
[2010/12/12 12:07:19 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsroute.dll
[2010/12/12 12:07:19 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsdrv.dll
[2010/12/12 12:07:19 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsmon.dll
[2010/12/12 12:07:19 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsext32.dll
[2010/12/12 12:07:19 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsperf.dll
[2010/12/12 12:07:19 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsres.dll
[2010/12/12 12:07:18 | 000,618,605 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4autl.dll
[2010/12/12 12:07:18 | 000,451,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsapi.dll
[2010/12/12 12:07:18 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpsv251.dll
[2010/12/12 12:07:18 | 000,024,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmcgi.exe
[2010/12/12 12:07:18 | 000,020,541 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmdll.dll
[2010/12/12 12:07:18 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpctrs2.dll
[2010/12/12 12:07:18 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpmib.dll
[2010/12/12 12:07:18 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftlx041e.dll
[2010/12/12 12:07:17 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll
[2010/12/12 12:07:17 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe
[2010/12/12 12:07:17 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\exstrace.dll
[2010/12/12 12:07:17 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\f3ahvoas.dll
[2010/12/12 12:07:16 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntagnt.dll
[2010/12/12 12:07:16 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntwin.exe
[2010/12/12 12:07:16 | 000,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll
[2010/12/12 12:07:16 | 000,045,056 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll
[2010/12/12 12:07:16 | 000,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll
[2010/12/12 12:07:16 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\et4000.sys
[2010/12/12 12:07:16 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntcmd.exe
[2010/12/12 12:07:15 | 000,514,587 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\edb500.dll
[2010/12/12 12:07:13 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dayi.ime
[2010/12/12 12:07:12 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\davcdata.exe
[2010/12/12 12:07:11 | 000,057,399 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cplexe.exe
[2010/12/12 12:07:11 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\convlog.exe
[2010/12/12 12:07:11 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\controt.dll
[2010/12/12 12:07:11 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\counters.dll
[2010/12/12 12:07:11 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cprofile.exe
mrsr71
2010-12-25, 18:41
[2010/12/12 12:07:10 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\compfilt.dll
[2010/12/12 12:07:09 | 000,480,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintsetp.exe
[2010/12/12 12:07:09 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintime.dll
[2010/12/12 12:07:09 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintlgnt.ime
[2010/12/12 12:07:08 | 000,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtbrkr.dll
[2010/12/12 12:07:08 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtmbx.dll
[2010/12/12 12:07:08 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtskdic.dll
[2010/12/12 12:07:07 | 001,677,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chsbrkr.dll
[2010/12/12 12:07:07 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgport.exe
[2010/12/12 12:07:07 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgusr.exe
[2010/12/12 12:07:07 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chglogon.exe
[2010/12/12 12:07:07 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\change.exe
[2010/12/12 12:07:06 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chajei.ime
[2010/12/12 12:07:06 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2010/12/12 12:07:05 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_g18030.dll
[2010/12/12 12:07:05 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_iscii.dll
[2010/12/12 12:07:05 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_is2022.dll
[2010/12/12 12:07:00 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\browscap.dll
[2010/12/12 12:06:59 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asptxn.dll
[2010/12/12 12:06:59 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aspperf.dll
[2010/12/12 12:06:59 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\authfilt.dll
[2010/12/12 12:06:58 | 000,369,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asp51.dll
[2010/12/12 12:06:58 | 000,331,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aqueue.dll
[2010/12/12 12:06:58 | 000,108,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\appconf.dll
[2010/12/12 12:06:58 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll
[2010/12/12 12:06:58 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0804.dll
[2010/12/12 12:06:58 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0412.dll
[2010/12/12 12:06:58 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0411.dll
[2010/12/12 12:06:57 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt040d.dll
[2010/12/12 12:06:57 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0404.dll
[2010/12/12 12:06:57 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0401.dll
[2010/12/12 12:06:57 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll
[2010/12/12 12:06:56 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adrot.dll
[2010/12/12 12:06:56 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admexs.dll
[2010/12/12 12:06:56 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admxprox.dll
[2010/12/12 12:06:54 | 000,032,827 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptest.exe
[2010/12/12 12:06:54 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptsat.dll
[2010/12/12 12:06:54 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamregps.dll
[2010/12/12 12:06:53 | 002,134,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpsnap.dll
[2010/12/12 12:06:53 | 000,189,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpadm.dll
[2010/12/12 12:06:53 | 000,016,437 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.exe
[2010/12/12 12:06:53 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\staxmem.dll
[2010/12/12 12:06:52 | 000,020,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.dll
[2010/12/12 12:06:50 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logui.ocx
[2010/12/12 12:06:49 | 000,829,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmgr.dll
[2010/12/12 12:06:49 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isatq.dll
[2010/12/12 12:06:49 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetsloc.dll
[2010/12/12 12:06:49 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infoadmn.dll
[2010/12/12 12:06:49 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmgr.exe
[2010/12/12 12:06:48 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisui.dll
[2010/12/12 12:06:48 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrtl.dll
[2010/12/12 12:06:48 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisext51.dll
[2010/12/12 12:06:48 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iismap.dll
[2010/12/12 12:06:48 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrstas.exe
[2010/12/12 12:06:48 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisreset.exe
[2010/12/12 12:06:48 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrstap.dll
[2010/12/12 12:06:47 | 000,598,071 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmc.dll
[2010/12/12 12:06:47 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmcsat.dll
[2010/12/12 12:06:47 | 000,188,494 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpcount.exe
[2010/12/12 12:06:47 | 000,109,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98swin.exe
[2010/12/12 12:06:47 | 000,020,541 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpexedll.dll
[2010/12/12 12:06:47 | 000,020,538 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpremadm.exe
[2010/12/12 12:06:47 | 000,014,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98sadm.exe
[2010/12/12 12:06:47 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpsapi2.dll
[2010/12/12 12:06:46 | 000,876,653 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4awel.dll
[2010/12/12 12:06:46 | 000,184,435 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4amsft.dll
[2010/12/12 12:06:46 | 000,147,513 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4apws.dll
[2010/12/12 12:06:46 | 000,102,509 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4atxt.dll
[2010/12/12 12:06:46 | 000,082,035 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4anscp.dll
[2010/12/12 12:06:46 | 000,049,212 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4awebs.dll
[2010/12/12 12:06:46 | 000,049,210 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4areg.dll
[2010/12/12 12:06:46 | 000,041,020 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4avnb.dll
[2010/12/12 12:06:46 | 000,032,826 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4avss.dll
[2010/12/12 12:06:45 | 000,275,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\certwiz.ocx
[2010/12/12 12:06:45 | 000,188,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cfgwiz.exe
[2010/12/12 12:06:45 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\certmap.ocx
[2010/12/12 12:06:45 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cnfgprts.ocx
[2010/12/12 12:06:45 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\coadmin.dll
[2010/12/12 12:06:45 | 000,016,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.exe
[2010/12/12 12:06:44 | 000,290,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adsiis51.dll
[2010/12/12 12:06:44 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admwprox.dll
[2010/12/12 12:06:44 | 000,020,540 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.dll
[2010/12/12 12:06:44 | 000,016,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.exe
[2010/12/12 12:06:43 | 000,020,540 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.dll
[2010/12/12 12:06:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom
[2010/12/12 12:06:42 | 000,000,000 | ---D | C] -- C:\Program Files\xerox
[2010/12/12 12:06:42 | 000,000,000 | ---D | C] -- C:\Program Files\microsoft frontpage
[2010/12/12 12:06:27 | 000,000,000 | ---D | C] -- C:\DELL
[2010/12/12 12:06:03 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mapi32.dll
[2010/12/12 12:05:23 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\DRM
[2010/12/12 12:05:14 | 000,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files
[2010/12/12 12:05:14 | 000,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages
[2010/12/12 12:05:06 | 000,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate
[2010/12/12 12:04:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX
[2010/12/12 12:04:41 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atrace.dll
[2010/12/12 12:04:41 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\atrace.dll
[2010/12/12 12:04:40 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helphost.exe
[2010/12/12 12:04:40 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\notiflag.exe
[2010/12/12 12:04:40 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\brpinfo.dll
[2010/12/12 12:04:40 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hcappres.dll
[2010/12/12 12:04:32 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srdiag.exe
[2010/12/12 12:04:31 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wb32.exe
[2010/12/12 12:04:31 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmevtmsg.dll
[2010/12/12 12:04:31 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmevtmsg.dll
[2010/12/12 12:04:31 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cb32.exe
[2010/12/12 12:04:30 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\acctres.dll
[2010/12/12 12:04:30 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\acctres.dll
[2010/12/12 12:04:30 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msinfo32.exe
[2010/12/12 12:04:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Services
[2010/12/12 12:04:27 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwtutor.exe
[2010/12/12 12:04:27 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwres.dll
[2010/12/12 12:04:27 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trialoc.dll
[2010/12/12 12:04:27 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssoapr.dll
[2010/12/12 12:04:27 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isignup.exe
[2010/12/12 12:04:27 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icfgnt5.dll
[2010/12/12 12:04:27 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icfgnt5.dll
[2010/12/12 12:04:27 | 000,000,000 | --SD | C] -- C:\WINDOWS\Tasks
[2010/12/12 12:04:26 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssoap1.dll
[2010/12/12 12:04:26 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieinfo5.ocx
[2010/12/12 12:04:26 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wisc10.dll
[2010/12/12 12:04:26 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap
[2010/12/12 12:04:23 | 000,726,078 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srchui.dll
[2010/12/12 12:04:23 | 000,058,434 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srchctls.dll
[2010/12/12 12:04:22 | 003,166,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msgr3en.dll
[2010/12/12 12:04:22 | 000,759,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\VGX.dll
[2010/12/12 12:04:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\srchasst
[2010/12/12 12:04:21 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpband.dll
[2010/12/12 12:04:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed
[2010/12/12 12:04:20 | 001,669,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setup_wm.exe
[2010/12/12 12:04:20 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpvis.dll
[2010/12/12 12:04:20 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpns.dll
[2010/12/12 12:04:20 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\custsat.dll
[2010/12/12 12:04:19 | 000,786,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migrate.exe
[2010/12/12 12:04:19 | 000,364,544 | ---- | C] (Microsoft Corporation (written by Digital Renaissance Inc.)) -- C:\WINDOWS\System32\dllcache\npdsplay.dll
[2010/12/12 12:04:19 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npdrmv2.dll
[2010/12/12 12:04:19 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmplayer.exe
[2010/12/12 12:04:19 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npwmsdrm.dll
[2010/12/12 12:04:19 | 000,004,639 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplayer2.exe
[2010/12/12 12:04:18 | 000,327,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll
[2010/12/12 12:04:18 | 000,327,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wucltui.dll
[2010/12/12 12:04:18 | 000,209,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuweb.dll
[2010/12/12 12:04:18 | 000,183,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng1.dll
[2010/12/12 12:04:18 | 000,183,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaueng1.dll
[2010/12/12 12:04:18 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauserv.dll
[2010/12/12 12:04:17 | 001,929,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaueng.dll
[2010/12/12 12:04:17 | 000,575,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll
[2010/12/12 12:04:17 | 000,575,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuapi.dll
[2010/12/12 12:04:17 | 000,217,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaucpl.cpl
[2010/12/12 12:04:17 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauclt1.exe
[2010/12/12 12:04:17 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauclt1.exe
[2010/12/12 12:04:17 | 000,053,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauclt.exe
[2010/12/12 12:04:17 | 000,035,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wups.dll
[2010/12/12 12:04:17 | 000,035,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wups.dll
[2010/12/12 12:04:17 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bitsprx4.dll
[2010/12/12 12:04:17 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx4.dll
[2010/12/12 12:04:17 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bitsprx3.dll
[2010/12/12 12:04:17 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx3.dll
[2010/12/12 12:04:16 | 000,409,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qmgr.dll
[2010/12/12 12:04:16 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qmgrprxy.dll
[2010/12/12 12:04:16 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qmgrprxy.dll
[2010/12/12 12:04:16 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bitsprx2.dll
[2010/12/12 12:04:16 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx2.dll
[2010/12/12 12:04:14 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2res2.dll
[2010/12/12 12:04:14 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2eres.dll
[2010/12/12 12:04:13 | 004,256,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2res.dll
[2010/12/12 12:04:13 | 000,502,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2fxa.dll
[2010/12/12 12:04:13 | 000,402,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2filt.dll
[2010/12/12 12:04:13 | 000,325,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2fxb.dll
[2010/12/12 12:04:13 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2ae.dll
[2010/12/12 12:04:13 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2ext.dll
[2010/12/12 12:04:12 | 003,558,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\moviemk.exe
[2010/12/12 12:04:12 | 000,000,000 | ---D | C] -- C:\Program Files\Movie Maker
[2010/12/12 12:03:57 | 000,565,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobmain.dll
[2010/12/12 12:03:57 | 000,122,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobcomm.dll
[2010/12/12 12:03:57 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oobebaln.exe
[2010/12/12 12:03:57 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobshel.dll
[2010/12/12 12:03:57 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoobe.exe
[2010/12/12 12:03:57 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobweb.dll
[2010/12/12 12:03:57 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobdl.dll
[2010/12/12 12:03:54 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uploadm.exe
[2010/12/12 12:03:54 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrslv.dll
[2010/12/12 12:03:54 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\safrslv.dll
[2010/12/12 12:03:54 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrcdlg.dll
[2010/12/12 12:03:54 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\safrcdlg.dll
[2010/12/12 12:03:54 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\racpldlg.dll
[2010/12/12 12:03:54 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\racpldlg.dll
[2010/12/12 12:03:54 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrdm.dll
[2010/12/12 12:03:54 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\safrdm.dll
[2010/12/12 12:03:53 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pchshell.dll
[2010/12/12 12:03:53 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pchsvc.dll
[2010/12/12 12:03:51 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe
[2010/12/12 12:03:51 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msconfig.exe
[2010/12/12 12:03:51 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hscupd.exe
[2010/12/12 12:03:50 | 000,769,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpctr.exe
[2010/12/12 12:03:50 | 000,129,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fltmgr.sys
[2010/12/12 12:03:50 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fltMc.exe
[2010/12/12 12:03:50 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fltmc.exe
[2010/12/12 12:03:50 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fltlib.dll
[2010/12/12 12:03:49 | 000,380,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rstrui.exe
[2010/12/12 12:03:49 | 000,239,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srrstr.dll
[2010/12/12 12:03:49 | 000,239,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srrstr.dll
[2010/12/12 12:03:49 | 000,171,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srsvc.dll
[2010/12/12 12:03:49 | 000,073,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sr.sys
[2010/12/12 12:03:49 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srclient.dll
[2010/12/12 12:03:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore
[2010/12/12 12:03:48 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ils.dll
[2010/12/12 12:03:48 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ils.dll
[2010/12/12 12:03:48 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msconf.dll
[2010/12/12 12:03:48 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msconf.dll
[2010/12/12 12:03:48 | 000,034,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mnmdd.dll
[2010/12/12 12:03:48 | 000,034,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mnmdd.dll
[2010/12/12 12:03:48 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mnmsrvc.exe
[2010/12/12 12:03:48 | 000,032,768 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\isrdbg32.dll
[2010/12/12 12:03:48 | 000,032,768 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\isrdbg32.dll
[2010/12/12 12:03:48 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmmkcert.dll
[2010/12/12 12:03:48 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmmkcert.dll
[2010/12/12 12:03:47 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\callcont.dll
[2010/12/12 12:03:47 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmas.dll
[2010/12/12 12:03:47 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rrcm.dll
[2010/12/12 12:03:47 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\h323cc.dll
[2010/12/12 12:03:47 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dcap32.dll
[2010/12/12 12:03:47 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmasnt.dll
[2010/12/12 12:03:46 | 000,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mst120.dll
[2010/12/12 12:03:46 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nac.dll
[2010/12/12 12:03:46 | 000,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmwb.dll
[2010/12/12 12:03:46 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmchat.dll
[2010/12/12 12:03:46 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmcom.dll
[2010/12/12 12:03:46 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mst123.dll
[2010/12/12 12:03:46 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\confmrsl.dll
[2010/12/12 12:03:45 | 001,032,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\conf.exe
[2010/12/12 12:03:45 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmoldwb.dll
[2010/12/12 12:03:45 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmft.dll
[2010/12/12 12:03:45 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoert2.dll
[2010/12/12 12:03:45 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoert2.dll
[2010/12/12 12:03:45 | 000,000,000 | ---D | C] -- C:\Program Files\NetMeeting
[2010/12/12 12:03:44 | 000,510,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab32.dll
[2010/12/12 12:03:44 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoeacct.dll
[2010/12/12 12:03:44 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoeacct.dll
[2010/12/12 12:03:44 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab32res.dll
[2010/12/12 12:03:44 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\directdb.dll
[2010/12/12 12:03:44 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wabimp.dll
[2010/12/12 12:03:44 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab.exe
[2010/12/12 12:03:44 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wabfind.dll
[2010/12/12 12:03:44 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wabmig.exe
[2010/12/12 12:03:43 | 000,692,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcomm.dll
[2010/12/12 12:03:43 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oeimport.dll
[2010/12/12 12:03:43 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msimn.exe
[2010/12/12 12:03:43 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetres.dll
[2010/12/12 12:03:43 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetres.dll
[2010/12/12 12:03:42 | 002,479,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoeres.dll
[2010/12/12 12:03:41 | 000,274,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstask.dll
[2010/12/12 12:03:41 | 000,192,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\schedsvc.dll
[2010/12/12 12:03:41 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setup50.exe
[2010/12/12 12:03:41 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oemig50.exe
[2010/12/12 12:03:41 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oemiglib.dll
[2010/12/12 12:03:41 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstinit.exe
[2010/12/12 12:03:41 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstinit.exe
[2010/12/12 12:03:41 | 000,000,000 | ---D | C] -- C:\Program Files\Outlook Express
[2010/12/12 12:03:40 | 000,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcfg.dll
[2010/12/12 12:03:40 | 000,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcfg.dll
[2010/12/12 12:03:40 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\isign32.dll
[2010/12/12 12:03:40 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isign32.dll
[2010/12/12 12:03:40 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwdial.dll
[2010/12/12 12:03:40 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwdial.dll
[2010/12/12 12:03:40 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwphbk.dll
[2010/12/12 12:03:40 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwphbk.dll
[2010/12/12 12:03:39 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwconn1.exe
[2010/12/12 12:03:39 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwhelp.dll
[2010/12/12 12:03:39 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwconn2.exe
[2010/12/12 12:03:39 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwconn.dll
[2010/12/12 12:03:39 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwutil.dll
[2010/12/12 12:03:39 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwdl.dll
[2010/12/12 12:03:39 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwrmind.exe
[2010/12/12 12:03:39 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetwiz.exe
[2010/12/12 12:03:38 | 000,554,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dao360.dll
[2010/12/12 12:03:38 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sqlxmlx.dll
[2010/12/12 12:03:37 | 000,487,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oledb32.dll
[2010/12/12 12:03:37 | 000,315,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdasql.dll
[2010/12/12 12:03:37 | 000,204,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaps.dll
[2010/12/12 12:03:37 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdatl3.dll
[2010/12/12 12:03:37 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaosp.dll
mrsr71
2010-12-25, 18:41
[2010/12/12 12:03:37 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oledb32r.dll
[2010/12/12 12:03:37 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxactps.dll
[2010/12/12 12:03:37 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdatt.dll
[2010/12/12 12:03:37 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdasqlr.dll
[2010/12/12 12:03:37 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaurl.dll
[2010/12/12 12:03:37 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdasc.dll
[2010/12/12 12:03:36 | 000,536,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado15.dll
[2010/12/12 12:03:36 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaora.dll
[2010/12/12 12:03:36 | 000,200,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadox.dll
[2010/12/12 12:03:36 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadomd.dll
[2010/12/12 12:03:36 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msjro.dll
[2010/12/12 12:03:36 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado27.tlb
[2010/12/12 12:03:36 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado26.tlb
[2010/12/12 12:03:36 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado25.tlb
[2010/12/12 12:03:36 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado21.tlb
[2010/12/12 12:03:36 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado20.tlb
[2010/12/12 12:03:36 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadrh15.dll
[2010/12/12 12:03:36 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msador15.dll
[2010/12/12 12:03:36 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msader15.dll
[2010/12/12 12:03:36 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaorar.dll
[2010/12/12 12:03:36 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaer.dll
[2010/12/12 12:03:36 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaenum.dll
[2010/12/12 12:03:36 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdadc.dll
[2010/12/12 12:03:35 | 000,200,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaprst.dll
[2010/12/12 12:03:35 | 000,155,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadds.dll
[2010/12/12 12:03:35 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadco.dll
[2010/12/12 12:03:35 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdarem.dll
[2010/12/12 12:03:35 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcf.dll
[2010/12/12 12:03:35 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcs.dll
[2010/12/12 12:03:35 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdfmap.dll
[2010/12/12 12:03:35 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msaddsr.dll
[2010/12/12 12:03:35 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcer.dll
[2010/12/12 12:03:35 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaremr.dll
[2010/12/12 12:03:35 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaprsr.dll
[2010/12/12 12:03:35 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcor.dll
[2010/12/12 12:03:35 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcfr.dll
[2010/12/12 12:03:34 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadce.dll
[2010/12/12 12:03:34 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\System
[2010/12/12 12:03:33 | 000,638,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iexplore.exe
[2010/12/12 12:03:33 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hmmapi.dll
[2010/12/12 12:03:33 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedw.exe
[2010/12/12 12:03:28 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Explorer
[2010/12/12 12:03:27 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Pictures
[2010/12/12 12:02:57 | 000,000,000 | ---D | C] -- C:\Program Files\ComPlus Applications
[2010/12/12 12:02:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\Registration
[2010/12/12 12:02:43 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Music
[2010/12/12 12:02:43 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Player
[2010/12/12 12:02:43 | 000,000,000 | ---D | C] -- C:\Program Files\Online Services
[2010/12/12 12:02:37 | 000,000,000 | ---D | C] -- C:\Program Files\Messenger
[2010/12/12 12:02:36 | 001,817,687 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgres.dll
[2010/12/12 12:02:36 | 000,082,501 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckg.dll
[2010/12/12 12:02:36 | 000,042,577 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgzm.exe
[2010/12/12 12:02:36 | 000,042,574 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvsezm.exe
[2010/12/12 12:02:35 | 002,178,131 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlres.dll
[2010/12/12 12:02:35 | 000,780,885 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrres.dll
[2010/12/12 12:02:35 | 000,753,236 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvseres.dll
[2010/12/12 12:02:35 | 000,066,113 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvl.dll
[2010/12/12 12:02:35 | 000,048,706 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvse.dll
[2010/12/12 12:02:35 | 000,042,575 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrzm.exe
[2010/12/12 12:02:35 | 000,042,573 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlzm.exe
[2010/12/12 12:02:35 | 000,042,573 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzzm.exe
[2010/12/12 12:02:35 | 000,040,515 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkr.dll
[2010/12/12 12:02:34 | 001,175,635 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzres.dll
[2010/12/12 12:02:34 | 001,039,955 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnresm.dll
[2010/12/12 12:02:34 | 000,057,409 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtz.dll
[2010/12/12 12:02:34 | 000,041,029 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zcorem.dll
[2010/12/12 12:02:34 | 000,032,339 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniansi.dll
[2010/12/12 12:02:34 | 000,013,894 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zonelibm.dll
[2010/12/12 12:02:34 | 000,004,677 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zeeverm.dll
[2010/12/12 12:02:33 | 000,217,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnclim.dll
[2010/12/12 12:02:33 | 000,113,222 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zoneclim.dll
[2010/12/12 12:02:33 | 000,036,937 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zclientm.exe
[2010/12/12 12:02:33 | 000,029,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\znetm.dll
[2010/12/12 12:02:33 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\write.exe
[2010/12/12 12:02:33 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\write.exe
[2010/12/12 12:02:33 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Gaming Zone
[2010/12/12 12:02:25 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndvol32.exe
[2010/12/12 12:02:25 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndvol32.exe
[2010/12/12 12:02:25 | 000,044,544 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\hticons.dll
[2010/12/12 12:02:25 | 000,013,312 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\dllcache\htrn_jis.dll
[2010/12/12 12:02:24 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avtapi.dll
[2010/12/12 12:02:24 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avtapi.dll
[2010/12/12 12:02:24 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avwav.dll
[2010/12/12 12:02:24 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avwav.dll
[2010/12/12 12:02:24 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winchat.exe
[2010/12/12 12:02:24 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winchat.exe
[2010/12/12 12:02:24 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avmeter.dll
[2010/12/12 12:02:24 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avmeter.dll
[2010/12/12 12:02:18 | 000,605,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\getuname.dll
[2010/12/12 12:02:18 | 000,605,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\getuname.dll
[2010/12/12 12:02:18 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\charmap.exe
[2010/12/12 12:02:18 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\charmap.exe
[2010/12/12 12:02:17 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winmine.exe
[2010/12/12 12:02:17 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmine.exe
[2010/12/12 12:02:17 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\calc.exe
[2010/12/12 12:02:17 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\calc.exe
[2010/12/12 12:02:17 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sol.exe
[2010/12/12 12:02:17 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sol.exe
[2010/12/12 12:02:16 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mshearts.exe
[2010/12/12 12:02:16 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshearts.exe
[2010/12/12 12:02:16 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\freecell.exe
[2010/12/12 12:02:16 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\freecell.exe
[2010/12/12 12:02:16 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\regini.exe
[2010/12/12 12:02:16 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\regini.exe
[2010/12/12 12:02:16 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsshutdn.exe
[2010/12/12 12:02:16 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsshutdn.exe
[2010/12/12 12:02:16 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tskill.exe
[2010/12/12 12:02:16 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tskill.exe
[2010/12/12 12:02:16 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rwinsta.exe
[2010/12/12 12:02:16 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rwinsta.exe
[2010/12/12 12:02:16 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsdiscon.exe
[2010/12/12 12:02:16 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsdiscon.exe
[2010/12/12 12:02:16 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscon.exe
[2010/12/12 12:02:16 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscon.exe
[2010/12/12 12:02:16 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\shadow.exe
[2010/12/12 12:02:16 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shadow.exe
[2010/12/12 12:02:16 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\reset.exe
[2010/12/12 12:02:16 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\reset.exe
[2010/12/12 12:02:15 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qwinsta.exe
[2010/12/12 12:02:15 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qwinsta.exe
[2010/12/12 12:02:15 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msg.exe
[2010/12/12 12:02:15 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msg.exe
[2010/12/12 12:02:15 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtsadmin.tlb
[2010/12/12 12:02:15 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qappsrv.exe
[2010/12/12 12:02:15 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qappsrv.exe
[2010/12/12 12:02:15 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cdmodem.dll
[2010/12/12 12:02:15 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cdmodem.dll
[2010/12/12 12:02:15 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\logoff.exe
[2010/12/12 12:02:15 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logoff.exe
[2010/12/12 12:02:15 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpcfgex.dll
[2010/12/12 12:02:15 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpcfgex.dll
[2010/12/12 12:02:14 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmi2xml.dll
[2010/12/12 12:02:11 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\updprov.dll
[2010/12/12 12:02:11 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipicmp.dll
[2010/12/12 12:02:11 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmplprov.dll
[2010/12/12 12:02:11 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmimsg.dll
[2010/12/12 12:02:11 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemdisp.tlb
[2010/12/12 12:02:11 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trnsprov.dll
[2010/12/12 12:02:11 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmitimep.dll
[2010/12/12 12:02:11 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.tlb
[2010/12/12 12:02:11 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unsecapp.exe
[2010/12/12 12:02:11 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmtr.dll
[2010/12/12 12:02:11 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmt.exe
[2010/12/12 12:02:11 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.dll
[2010/12/12 12:02:10 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msiprov.dll
[2010/12/12 12:02:10 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsprov.dll
[2010/12/12 12:02:10 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fwdprov.dll
[2010/12/12 12:02:10 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpcons.dll
[2010/12/12 12:01:56 | 000,000,000 | ---D | C] -- C:\Program Files\MSN
[2010/12/12 12:01:55 | 000,281,088 | ---- | C] (Cinematronics) -- C:\WINDOWS\System32\dllcache\pinball.exe
[2010/12/12 12:01:54 | 000,347,136 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\hypertrm.dll
[2010/12/12 12:01:54 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\accwiz.exe
[2010/12/12 12:01:54 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\accwiz.exe
[2010/12/12 12:01:54 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndrec32.exe
[2010/12/12 12:01:54 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndrec32.exe
[2010/12/12 12:01:54 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mplay32.exe
[2010/12/12 12:01:54 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplay32.exe
[2010/12/12 12:01:54 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\access.cpl
[2010/12/12 12:01:54 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\access.cpl
[2010/12/12 12:01:53 | 000,539,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dialer.exe
[2010/12/12 12:01:53 | 000,343,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mspaint.exe
[2010/12/12 12:01:53 | 000,343,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspaint.exe
[2010/12/12 12:01:53 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clipbrd.exe
[2010/12/12 12:01:53 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clipbrd.exe
[2010/12/12 12:01:53 | 000,000,000 | ---D | C] -- C:\Program Files\Windows NT
[2010/12/12 12:01:52 | 000,538,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spider.exe
[2010/12/12 12:01:52 | 000,538,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spider.exe
[2010/12/12 12:01:52 | 000,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdtcp.sys
[2010/12/12 12:01:52 | 000,012,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdpipe.sys
[2010/12/12 12:01:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US
[2010/12/12 12:01:51 | 000,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rhttpaa.dll
[2010/12/12 12:01:51 | 000,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rhttpaa.dll
[2010/12/12 12:01:51 | 000,139,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwd.sys
[2010/12/12 12:01:51 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aaclient.dll
[2010/12/12 12:01:51 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\aaclient.dll
[2010/12/12 12:01:51 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscfgwmi.dll
[2010/12/12 12:01:51 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscfgwmi.dll
[2010/12/12 12:01:51 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsgqec.dll
[2010/12/12 12:01:51 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsgqec.dll
[2010/12/12 12:01:50 | 002,061,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lhmstscx.dll
[2010/12/12 12:01:50 | 000,677,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lhmstsc.exe
[2010/12/12 12:01:50 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdshost.exe
[2010/12/12 12:01:50 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdshost.exe
[2010/12/12 12:01:50 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\remotepg.dll
[2010/12/12 12:01:50 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdsaddin.exe
[2010/12/12 12:01:50 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdsaddin.exe
[2010/12/12 12:01:49 | 000,295,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\termsrv.dll
[2010/12/12 12:01:49 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdchost.dll
[2010/12/12 12:01:49 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdchost.dll
[2010/12/12 12:01:49 | 000,141,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sessmgr.exe
[2010/12/12 12:01:49 | 000,087,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpwsx.dll
[2010/12/12 12:01:49 | 000,087,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwsx.dll
[2010/12/12 12:01:49 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpclip.exe
[2010/12/12 12:01:49 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpclip.exe
[2010/12/12 12:01:49 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cfgbkend.dll
[2010/12/12 12:01:49 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cfgbkend.dll
[2010/12/12 12:01:49 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpsnd.dll
[2010/12/12 12:01:49 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpsnd.dll
[2010/12/12 12:01:49 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qprocess.exe
[2010/12/12 12:01:49 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qprocess.exe
[2010/12/12 12:01:49 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icaapi.dll
[2010/12/12 12:01:49 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icaapi.dll
[2010/12/12 12:01:48 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtctm.dll
[2010/12/12 12:01:48 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtctm.dll
[2010/12/12 12:01:48 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcprx.dll
[2010/12/12 12:01:48 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtcprx.dll
[2010/12/12 12:01:48 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcuiu.dll
[2010/12/12 12:01:48 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtcuiu.dll
[2010/12/12 12:01:48 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxoci.dll
[2010/12/12 12:01:48 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxoci.dll
[2010/12/12 12:01:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc
[2010/12/12 12:01:47 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtclog.dll
[2010/12/12 12:01:47 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtclog.dll
[2010/12/12 12:01:47 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xolehlp.dll
[2010/12/12 12:01:47 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xolehlp.dll
[2010/12/12 12:01:47 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrepl.exe
[2010/12/12 12:01:47 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtc.exe
[2010/12/12 12:01:47 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrereg.exe
[2010/12/12 12:01:46 | 000,195,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comadmin.dll
[2010/12/12 12:01:46 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrepl.dll
[2010/12/12 12:01:46 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comrepl.dll
[2010/12/12 12:01:46 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\colbact.dll
[2010/12/12 12:01:46 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\colbact.dll
[2010/12/12 12:01:46 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\stclient.dll
[2010/12/12 12:01:46 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\stclient.dll
[2010/12/12 12:01:46 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxlegih.dll
[2010/12/12 12:01:46 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxlegih.dll
[2010/12/12 12:01:46 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxdm.dll
[2010/12/12 12:01:46 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxdm.dll
[2010/12/12 12:01:46 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comaddin.dll
[2010/12/12 12:01:46 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comaddin.dll
[2010/12/12 12:01:46 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dcomcnfg.exe
[2010/12/12 12:01:46 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dcomcnfg.exe
[2010/12/12 12:01:46 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxex.dll
[2010/12/12 12:01:46 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxex.dll
[2010/12/12 12:01:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Com
[2010/12/12 12:01:45 | 000,625,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\catsrvut.dll
[2010/12/12 12:01:45 | 000,625,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvut.dll
[2010/12/12 12:01:45 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\catsrv.dll
[2010/12/12 12:01:45 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrv.dll
[2010/12/12 12:01:45 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clbcatex.dll
[2010/12/12 12:01:45 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clbcatex.dll
[2010/12/12 12:01:45 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\catsrvps.dll
[2010/12/12 12:01:45 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvps.dll
[2010/12/12 12:01:44 | 001,267,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comsvcs.dll
[2010/12/12 12:01:44 | 001,267,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsvcs.dll
[2010/12/12 12:01:44 | 000,539,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comuid.dll
[2010/12/12 12:01:44 | 000,539,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comuid.dll
[2010/12/12 12:01:44 | 000,498,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clbcatq.dll
[2010/12/12 12:01:44 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comsnap.dll
[2010/12/12 12:01:44 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsnap.dll
[2010/12/12 12:01:42 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipcima.dll
[2010/12/12 12:01:42 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmisvc.dll
[2010/12/12 12:01:42 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprov.dll
[2010/12/12 12:01:42 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipdskq.dll
[2010/12/12 12:01:42 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiutils.dll
[2010/12/12 12:01:42 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipjobj.dll
[2010/12/12 12:01:42 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipiprt.dll
[2010/12/12 12:01:42 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipsess.dll
[2010/12/12 12:01:41 | 000,358,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmic.exe
[2010/12/12 12:01:41 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemess.dll
[2010/12/12 12:01:41 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemupgd.dll
[2010/12/12 12:01:41 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiadap.exe
[2010/12/12 12:01:41 | 000,178,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemdisp.dll
[2010/12/12 12:01:41 | 000,140,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmidcprv.dll
[2010/12/12 12:01:41 | 000,126,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiapsrv.exe
[2010/12/12 12:01:41 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemtest.exe
[2010/12/12 12:01:41 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiaprpl.dll
[2010/12/12 12:01:41 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmicookr.dll
[2010/12/12 12:01:41 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemsvc.dll
[2010/12/12 12:01:41 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemprox.dll
[2010/12/12 12:01:41 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiapres.dll
[2010/12/12 12:01:40 | 000,531,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcore.dll
[2010/12/12 12:01:40 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcomn.dll
[2010/12/12 12:01:40 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcntl.dll
[2010/12/12 12:01:40 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\viewprov.dll
[2010/12/12 12:01:40 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\stdprov.dll
[2010/12/12 12:01:40 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcons.dll
[2010/12/12 12:01:40 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scrcons.exe
[2010/12/12 12:01:39 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\provthrd.dll
[2010/12/12 12:01:39 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntevt.dll
[2010/12/12 12:01:39 | 000,178,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\repdrvfs.dll
[2010/12/12 12:01:39 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mofd.dll
[2010/12/12 12:01:39 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\policman.dll
[2010/12/12 12:01:39 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ncprov.dll
[2010/12/12 12:01:39 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\krnlprov.dll
[2010/12/12 12:01:39 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mofcomp.exe
[2010/12/12 12:01:38 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\esscli.dll
[2010/12/12 12:01:38 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\framedyn.dll
[2010/12/12 12:01:37 | 001,358,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cimwin32.dll
[2010/12/12 12:01:37 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmprops.dll
[2010/12/12 12:01:37 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmprops.dll
[2010/12/12 12:01:37 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\licwmi.dll
[2010/12/12 12:01:37 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\licwmi.dll
[2010/12/12 12:01:37 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\servdeps.dll
[2010/12/12 12:01:37 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\servdeps.dll
[2010/12/12 12:01:37 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmfutil.dll
[2010/12/12 12:01:37 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mmfutil.dll
[2010/12/12 12:01:30 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Videos
[2010/12/12 04:55:06 | 000,006,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\enum1394.sys
[2010/12/12 04:54:51 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\usbui.dll
[2010/12/12 04:54:51 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbui.dll
[2010/12/12 04:54:29 | 000,014,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\battc.sys
[2010/12/12 04:53:41 | 000,000,000 | -HSD | C] -- C:\WINDOWS\Installer
[2010/12/12 04:53:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC
[2010/12/12 04:53:39 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spcommon.dll
[2010/12/12 04:53:39 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spcplui.dll
[2010/12/12 04:53:38 | 000,774,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spttseng.dll
[2010/12/12 04:53:37 | 000,155,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapi.cpl
[2010/12/12 04:53:37 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapisvr.exe
[2010/12/12 04:53:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeechEngines
[2010/12/12 04:53:36 | 000,741,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapi.dll
[2010/12/12 04:53:36 | 000,000,000 | R--D | C] -- C:\Program Files
[2010/12/12 04:53:36 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Shared
[2010/12/12 04:53:36 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files
[2010/12/12 04:53:35 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0408.dll
[2010/12/12 04:53:35 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt040e.dll
[2010/12/12 04:53:35 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt041f.dll
[2010/12/12 04:53:35 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0419.dll
[2010/12/12 04:53:35 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0415.dll
[2010/12/12 04:53:35 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0405.dll
[2010/12/12 04:53:33 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuq.dll
[2010/12/12 04:53:33 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuf.dll
[2010/12/12 04:53:33 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtuq.dll
[2010/12/12 04:53:33 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtuf.dll
[2010/12/12 04:53:33 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdazel.dll
[2010/12/12 04:53:33 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdazel.dll
[2010/12/12 04:53:32 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkyr.dll
[2010/12/12 04:53:32 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkyr.dll
[2010/12/12 04:53:31 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycc.dll
[2010/12/12 04:53:31 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbduzb.dll
[2010/12/12 04:53:31 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdur.dll
[2010/12/12 04:53:31 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtat.dll
[2010/12/12 04:53:31 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru1.dll
[2010/12/12 04:53:31 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru.dll
[2010/12/12 04:53:31 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmon.dll
[2010/12/12 04:53:31 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkaz.dll
[2010/12/12 04:53:31 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbu.dll
[2010/12/12 04:53:31 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdblr.dll
[2010/12/12 04:53:31 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdaze.dll
[2010/12/12 04:53:31 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdycc.dll
[2010/12/12 04:53:31 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbduzb.dll
[2010/12/12 04:53:31 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdur.dll
[2010/12/12 04:53:31 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtat.dll
[2010/12/12 04:53:31 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdru1.dll
[2010/12/12 04:53:31 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdru.dll
[2010/12/12 04:53:31 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdmon.dll
[2010/12/12 04:53:31 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkaz.dll
[2010/12/12 04:53:31 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdbu.dll
[2010/12/12 04:53:31 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdblr.dll
[2010/12/12 04:53:31 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdaze.dll
[2010/12/12 04:53:29 | 000,008,192 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhept.dll
[2010/12/12 04:53:29 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhept.dll
[2010/12/12 04:53:29 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela3.dll
[2010/12/12 04:53:29 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhela3.dll
[2010/12/12 04:53:29 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela2.dll
[2010/12/12 04:53:29 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdgkl.dll
[2010/12/12 04:53:29 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhela2.dll
[2010/12/12 04:53:29 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgkl.dll
[2010/12/12 04:53:29 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe319.dll
[2010/12/12 04:53:29 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe220.dll
[2010/12/12 04:53:29 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe.dll
[2010/12/12 04:53:29 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe319.dll
[2010/12/12 04:53:29 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe220.dll
[2010/12/12 04:53:29 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe.dll
[2010/12/12 04:53:28 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv1.dll
[2010/12/12 04:53:28 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv.dll
[2010/12/12 04:53:28 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdest.dll
[2010/12/12 04:53:28 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlv1.dll
[2010/12/12 04:53:28 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlv.dll
[2010/12/12 04:53:28 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdest.dll
[2010/12/12 04:53:28 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt1.dll
[2010/12/12 04:53:28 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt.dll
[2010/12/12 04:53:28 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlt1.dll
[2010/12/12 04:53:28 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlt.dll
[2010/12/12 04:53:26 | 000,007,168 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz.dll
[2010/12/12 04:53:26 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz.dll
[2010/12/12 04:53:26 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycl.dll
[2010/12/12 04:53:26 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl1.dll
[2010/12/12 04:53:26 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl.dll
[2010/12/12 04:53:26 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpl.dll
[2010/12/12 04:53:26 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu.dll
[2010/12/12 04:53:26 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz2.dll
[2010/12/12 04:53:26 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz1.dll
[2010/12/12 04:53:26 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcr.dll
[2010/12/12 04:53:26 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\KBDAL.DLL
[2010/12/12 04:53:26 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdycl.dll
[2010/12/12 04:53:26 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsl1.dll
[2010/12/12 04:53:26 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsl.dll
[2010/12/12 04:53:26 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdpl.dll
[2010/12/12 04:53:26 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhu.dll
[2010/12/12 04:53:26 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz2.dll
[2010/12/12 04:53:26 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz1.dll
[2010/12/12 04:53:26 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcr.dll
[2010/12/12 04:53:26 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdal.dll
[2010/12/12 04:53:26 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdro.dll
[2010/12/12 04:53:26 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpl1.dll
[2010/12/12 04:53:26 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu1.dll
[2010/12/12 04:53:26 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdro.dll
[2010/12/12 04:53:26 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdpl1.dll
[2010/12/12 04:53:26 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhu1.dll
[2010/12/12 04:53:24 | 000,176,157 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dllcache\dgrpsetu.dll
[2010/12/12 04:53:24 | 000,176,157 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dgrpsetu.dll
[2010/12/12 04:53:24 | 000,085,020 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dllcache\dgsetup.dll
[2010/12/12 04:53:24 | 000,085,020 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dgsetup.dll
[2010/12/12 04:53:24 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\spxcoins.dll
[2010/12/12 04:53:24 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxcoins.dll
[2010/12/12 04:53:24 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irclass.dll
[2010/12/12 04:53:24 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irclass.dll
[2010/12/12 04:53:23 | 000,103,424 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\EqnClass.Dll
[2010/12/12 04:53:23 | 000,103,424 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqnclass.dll
mrsr71
2010-12-25, 18:42
[2010/12/12 04:53:23 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLECLI.DLL
[2010/12/12 04:53:23 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLESVR.DLL
[2010/12/12 04:53:23 | 000,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TAPI.DLL
[2010/12/12 04:53:23 | 000,013,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\WFWNET.DRV
[2010/12/12 04:53:23 | 000,009,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VER.DLL
[2010/12/12 04:53:23 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SHELL.DLL
[2010/12/12 04:53:23 | 000,004,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TIMER.DRV
[2010/12/12 04:53:23 | 000,003,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SYSTEM.DRV
[2010/12/12 04:53:23 | 000,002,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VGA.DRV
[2010/12/12 04:53:23 | 000,001,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SOUND.DRV
[2010/12/12 04:53:22 | 000,126,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MSVIDEO.DLL
[2010/12/12 04:53:22 | 000,109,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVIFILE.DLL
[2010/12/12 04:53:22 | 000,073,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIAVI.DRV
[2010/12/12 04:53:22 | 000,069,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVICAP.DLL
[2010/12/12 04:53:22 | 000,032,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\COMMDLG.DLL
[2010/12/12 04:53:22 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIWAVE.DRV
[2010/12/12 04:53:22 | 000,025,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCISEQ.DRV
[2010/12/12 04:53:22 | 000,009,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\LZEXPAND.DLL
[2010/12/12 04:53:22 | 000,002,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MOUSE.DRV
[2010/12/12 04:53:22 | 000,002,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\KEYBOARD.DRV
[2010/12/12 04:53:22 | 000,001,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MMTASK.TSK
[2010/12/12 04:53:21 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\WINSPOOL.DRV
[2010/12/12 04:53:21 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\TASKMAN.EXE
[2010/12/12 04:53:21 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\taskman.exe
[2010/12/12 04:53:21 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irenum.sys
[2010/12/12 04:53:21 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\batt.dll
[2010/12/12 04:53:21 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\batt.dll
[2010/12/12 04:53:20 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\storprop.dll
[2010/12/12 04:53:20 | 000,068,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MMSYSTEM.DLL
[2010/12/12 04:53:12 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu
[2010/12/12 04:53:12 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents
[2010/12/12 04:53:12 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Templates
[2010/12/12 04:53:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Favorites
[2010/12/12 04:53:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Desktop
[2010/12/12 04:53:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2010/12/12 04:53:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot
[2010/12/12 04:52:54 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2010/12/12 04:52:54 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\All Users\Application Data
[2010/12/12 04:52:28 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2010/12/12 04:52:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings
[2010/12/12 04:44:02 | 000,000,000 | R-SD | C] -- C:\WINDOWS\Fonts
[2010/12/12 04:44:02 | 000,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2010/12/12 04:44:02 | 000,000,000 | R--D | C] -- C:\WINDOWS\Web
[2010/12/12 04:44:02 | 000,000,000 | -H-D | C] -- C:\WINDOWS\inf
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\WinSxS
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wins
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\twain_32
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\system32
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\system
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\spool
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\security
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\Resources
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\repair
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ras
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\Provisioning
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\PeerNet
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\pchealth
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\npp
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\Network Diagnostic
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\mui
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\mui
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\msapps
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\msagent
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\Media
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\L2Schemas
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\java
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\IME
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\ime
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ias
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\Help
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\export
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\ehome
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\Dell
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\Debug
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cursors
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\config
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\Config
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\AppPatch
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\addins
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3076
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\2052
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1054
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1042
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1041
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1037
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1033
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1031
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1028
[2010/12/12 04:44:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1025

========== Files - Modified Within 30 Days ==========

[2010/12/25 09:25:22 | 000,041,702 | ---- | M] () -- C:\WINDOWS\System32\nvModes.001
[2010/12/25 09:24:38 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/12/25 09:24:36 | 000,000,890 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/12/25 09:24:00 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/12/25 09:21:54 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2010/12/25 08:46:16 | 000,000,894 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/12/25 07:02:17 | 000,041,702 | ---- | M] () -- C:\WINDOWS\System32\nvModes.dat
[2010/12/25 06:44:07 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2010/12/25 06:33:51 | 003,998,064 | R--- | M] () -- C:\Documents and Settings\Dan Werner\Desktop\ComboFix.exe
[2010/12/25 05:02:20 | 000,002,521 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Desktop\Outlook.lnk
[2010/12/25 04:59:49 | 000,561,582 | ---- | M] () -- C:\WINDOWS\System32\drivers\N360\0403000.005\Cat.DB
[2010/12/25 04:59:34 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/12/24 16:17:01 | 000,012,800 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/12/24 15:30:25 | 000,000,800 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2010/12/24 14:42:07 | 000,000,067 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Desktop\College Bowl Games.URL
[2010/12/24 14:01:58 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2010/12/24 14:01:58 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2010/12/24 14:00:27 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2010/12/24 13:59:19 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
[2010/12/24 09:39:27 | 000,031,223 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Desktop\Microwave Dementions.jpg
[2010/12/24 07:22:47 | 000,000,767 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2010/12/24 07:22:29 | 000,000,611 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Desktop\NTREGOPT.lnk
[2010/12/24 07:22:28 | 000,000,592 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Desktop\ERUNT.lnk
[2010/12/23 15:49:10 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dan Werner\Desktop\OTL.exe
[2010/12/23 15:29:28 | 000,050,688 | ---- | M] (Atribune.org) -- C:\Documents and Settings\Dan Werner\Desktop\ATF-Cleaner.exe
[2010/12/23 14:17:01 | 000,133,632 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Desktop\RKUnhookerLE.EXE
[2010/12/22 15:01:32 | 000,000,225 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Desktop\Blade CX2 - RC Groups.URL
[2010/12/22 12:28:31 | 000,000,981 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2010/12/21 11:13:22 | 000,000,173 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Desktop\June.URL
[2010/12/21 09:39:10 | 000,000,086 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Desktop\Google Redirect Virus – Santa Clarita CA. - Safer-Networking Forums.URL
[2010/12/21 08:01:38 | 000,002,578 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Desktop\Attach.zip
[2010/12/21 07:54:23 | 000,624,128 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Desktop\dds.scr
[2010/12/21 07:49:56 | 000,791,393 | ---- | M] (Lars Hederer ) -- C:\Documents and Settings\Dan Werner\Desktop\erunt-setup.exe
[2010/12/21 07:37:15 | 000,000,073 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Desktop\Malware Removal - Safer-Networking Forums.URL
[2010/12/20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/12/20 18:08:40 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/12/20 17:22:43 | 000,016,968 | ---- | M] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys
[2010/12/19 13:52:01 | 000,000,738 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Desktop\Outlook Express.lnk
[2010/12/18 15:45:15 | 000,000,209 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Desktop\Google Calendar.URL
[2010/12/18 15:38:06 | 000,000,192 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Desktop\Gull Lake.URL
[2010/12/18 14:39:10 | 000,000,616 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Application Data\Microsoft\Internet Explorer\Quick Launch\Cool RingTone Maker.lnk
[2010/12/18 14:39:10 | 000,000,598 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Ring Tone Maker.lnk
[2010/12/18 07:36:32 | 000,435,828 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/12/18 07:36:32 | 000,068,558 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/12/17 17:14:47 | 000,001,889 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Norton 360.LNK
[2010/12/17 15:43:37 | 000,000,789 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Desktop\VoptXP.lnk
[2010/12/17 13:57:20 | 000,000,275 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Desktop\The Ride Central.url
[2010/12/17 10:00:27 | 000,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2010/12/17 10:00:15 | 000,001,620 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/12/17 10:00:15 | 000,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Firefox.lnk
[2010/12/17 09:55:17 | 000,000,329 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Desktop\Doppler.url
[2010/12/16 12:26:21 | 000,124,976 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2010/12/16 12:26:21 | 000,007,443 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.CAT
[2010/12/16 12:26:21 | 000,000,805 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.INF
[2010/12/16 12:26:20 | 000,060,808 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\S32EVNT1.DLL
[2010/12/16 11:23:37 | 000,291,680 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/12/15 10:55:10 | 000,000,626 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Desktop\GSAK.lnk
[2010/12/15 10:54:48 | 000,286,720 | ---- | M] (Indigo Rose Corporation) -- C:\WINDOWS\iun506.exe
[2010/12/14 17:30:25 | 000,000,293 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Desktop\SCSA.url
[2010/12/14 17:27:01 | 000,000,777 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Desktop\Movie Maker.lnk
[2010/12/14 17:12:52 | 000,000,316 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Desktop\My eBay Auctions.url
[2010/12/14 16:46:40 | 000,000,363 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Desktop\Traffic.url
[2010/12/14 16:28:30 | 000,000,478 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Desktop\Bakersfield.url
[2010/12/14 16:24:21 | 000,000,478 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Desktop\Canyon Country.url
[2010/12/14 16:23:40 | 000,000,476 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Desktop\Silver.url
[2010/12/14 16:03:51 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010/12/14 16:03:51 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010/12/14 16:03:51 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010/12/14 16:03:51 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010/12/14 16:03:50 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2010/12/14 12:20:26 | 000,000,205 | ---- | M] () -- C:\WINDOWS\EurekaLog.ini
[2010/12/14 11:24:09 | 000,000,223 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Desktop\Geocaching.url
[2010/12/14 10:18:55 | 000,001,327 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\MapSource.lnk
[2010/12/13 21:00:23 | 000,001,519 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Desktop\HyperSnap.lnk
[2010/12/13 20:56:12 | 000,001,734 | ---- | M] () -- C:\WINDOWS\HS4Setup.MIF
[2010/12/13 20:49:52 | 000,000,505 | ---- | M] () -- C:\HprSnap.hs4lic
[2010/12/13 20:27:49 | 000,001,469 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Desktop\CuteFTP.lnk
[2010/12/13 20:19:29 | 000,000,793 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
[2010/12/13 20:19:25 | 000,000,895 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Photoshop.lnk
[2010/12/13 20:15:22 | 000,000,769 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Start Menu\Programs\Startup\ClickTray Calendar.lnk
[2010/12/13 19:46:54 | 000,000,715 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Auction Sentry.lnk
[2010/12/13 19:39:33 | 000,426,903 | RH-- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts.bak
[2010/12/13 18:54:53 | 000,000,692 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Start Menu\Programs\Startup\PdaNet Desktop.lnk
[2010/12/13 18:48:01 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_WinUSB_01007.Wdf
[2010/12/13 18:47:38 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
[2010/12/13 18:38:08 | 000,001,845 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Google Calendar Sync.lnk
[2010/12/13 16:35:07 | 000,001,836 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk
[2010/12/12 20:16:06 | 000,000,792 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Microsoft Office Outlook.lnk
[2010/12/12 19:05:20 | 000,000,886 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Desktop\Seagate Dashboard.lnk
[2010/12/12 19:02:51 | 000,001,195 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Start Menu\Programs\Startup\Seagate Product Registration.lnk
[2010/12/12 16:38:34 | 000,001,475 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Desktop\Explorer.lnk
[2010/12/12 16:00:21 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_NuidFltr_01005.Wdf
[2010/12/12 16:00:19 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
[2010/12/12 14:27:14 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010/12/12 14:18:43 | 000,000,169 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2010/12/12 14:13:45 | 000,002,129 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Roxio Creator.lnk
[2010/12/12 14:13:45 | 000,002,079 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Application Data\Microsoft\Internet Explorer\Quick Launch\Roxio Creator DE.lnk
[2010/12/12 14:10:40 | 000,000,376 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2010/12/12 13:56:24 | 000,319,488 | ---- | M] () -- C:\WINDOWS\System32\AegisI5Installer.exe
[2010/12/12 12:12:20 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\Dan Werner\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2010/12/12 12:09:42 | 000,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD
[2010/12/12 12:08:47 | 000,000,290 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2010/12/12 12:06:16 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/12/12 12:06:16 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2010/12/12 12:06:16 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/12/12 12:06:16 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010/12/12 12:06:16 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010/12/12 12:06:03 | 000,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2010/12/12 12:03:07 | 000,021,640 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010/12/12 12:00:00 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[2010/12/12 04:53:45 | 000,004,444 | ---- | M] () -- C:\WINDOWS\System32\pid.PNF

========== Files Created - No Company Name ==========
mrsr71
2010-12-25, 18:43
[2010/12/25 06:44:07 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2010/12/25 06:44:05 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2010/12/25 06:40:42 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010/12/25 06:40:42 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010/12/25 06:40:42 | 000,089,088 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010/12/25 06:40:42 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010/12/25 06:40:42 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010/12/25 06:33:42 | 003,998,064 | R--- | C] () -- C:\Documents and Settings\Dan Werner\Desktop\ComboFix.exe
[2010/12/24 14:42:07 | 000,000,067 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Desktop\College Bowl Games.URL
[2010/12/24 13:59:19 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
[2010/12/24 09:39:27 | 000,031,223 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Desktop\Microwave Dementions.jpg
[2010/12/24 07:22:47 | 000,000,767 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2010/12/24 07:22:28 | 000,000,611 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Desktop\NTREGOPT.lnk
[2010/12/23 14:17:01 | 000,133,632 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Desktop\RKUnhookerLE.EXE
[2010/12/22 15:00:12 | 000,000,225 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Desktop\Blade CX2 - RC Groups.URL
[2010/12/21 11:08:08 | 000,000,173 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Desktop\June.URL
[2010/12/21 09:39:10 | 000,000,086 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Desktop\Google Redirect Virus – Santa Clarita CA. - Safer-Networking Forums.URL
[2010/12/21 08:01:38 | 000,002,578 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Desktop\Attach.zip
[2010/12/21 07:54:23 | 000,624,128 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Desktop\dds.scr
[2010/12/21 07:51:25 | 000,000,592 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Desktop\ERUNT.lnk
[2010/12/21 07:37:15 | 000,000,073 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Desktop\Malware Removal - Safer-Networking Forums.URL
[2010/12/20 17:22:43 | 000,016,968 | ---- | C] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys
[2010/12/19 13:52:01 | 000,000,738 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Desktop\Outlook Express.lnk
[2010/12/19 10:10:37 | 000,012,800 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/12/18 15:38:57 | 000,000,209 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Desktop\Google Calendar.URL
[2010/12/18 15:37:40 | 000,000,192 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Desktop\Gull Lake.URL
[2010/12/18 14:39:10 | 000,000,616 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Application Data\Microsoft\Internet Explorer\Quick Launch\Cool RingTone Maker.lnk
[2010/12/18 14:39:09 | 000,000,598 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Ring Tone Maker.lnk
[2010/12/17 17:13:33 | 000,561,582 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0403000.005\Cat.DB
[2010/12/17 15:43:37 | 000,000,789 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Desktop\VoptXP.lnk
[2010/12/17 12:22:41 | 000,007,873 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0403000.005\symefa.cat
[2010/12/17 12:22:41 | 000,007,787 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0403000.005\symnetv.cat
[2010/12/17 12:22:41 | 000,007,442 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0403000.005\srtspx.cat
[2010/12/17 12:22:41 | 000,007,438 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0403000.005\srtsp.cat
[2010/12/17 12:22:41 | 000,007,438 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0403000.005\iron.cat
[2010/12/17 12:22:41 | 000,007,425 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0403000.005\symds.cat
[2010/12/17 12:22:41 | 000,007,396 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0403000.005\cchpx86.cat
[2010/12/17 12:22:41 | 000,007,368 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0403000.005\symnet.cat
[2010/12/17 12:22:41 | 000,003,373 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0403000.005\symefa.inf
[2010/12/17 12:22:41 | 000,002,793 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0403000.005\symds.inf
[2010/12/17 12:22:41 | 000,001,754 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0403000.005\cchpx86.inf
[2010/12/17 12:22:41 | 000,001,473 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0403000.005\symnetv.inf
[2010/12/17 12:22:41 | 000,001,445 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0403000.005\symnet.inf
[2010/12/17 12:22:41 | 000,001,388 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0403000.005\srtspx.inf
[2010/12/17 12:22:41 | 000,001,382 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0403000.005\srtsp.inf
[2010/12/17 12:22:41 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0403000.005\iron.inf
[2010/12/17 12:22:01 | 000,000,172 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0403000.005\isolate.ini
[2010/12/17 10:00:27 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010/12/17 10:00:15 | 000,001,620 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/12/17 10:00:14 | 000,001,602 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Firefox.lnk
[2010/12/16 12:26:21 | 000,007,443 | ---- | C] () -- C:\WINDOWS\System32\drivers\SYMEVENT.CAT
[2010/12/16 12:26:21 | 000,000,805 | ---- | C] () -- C:\WINDOWS\System32\drivers\SYMEVENT.INF
[2010/12/16 12:25:51 | 000,001,889 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Norton 360.LNK
[2010/12/15 12:03:42 | 000,000,800 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2010/12/15 10:57:30 | 000,000,577 | ---- | C] () -- C:\WINDOWS\System32\gmsblist.dll
[2010/12/15 10:55:10 | 000,000,626 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Desktop\GSAK.lnk
[2010/12/14 17:29:07 | 000,000,293 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Desktop\SCSA.url
[2010/12/14 17:27:01 | 000,000,777 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Desktop\Movie Maker.lnk
[2010/12/14 16:58:45 | 000,000,316 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Desktop\My eBay Auctions.url
[2010/12/14 16:48:56 | 000,000,329 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Desktop\Doppler.url
[2010/12/14 16:45:38 | 000,000,363 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Desktop\Traffic.url
[2010/12/14 16:27:14 | 000,000,478 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Desktop\Bakersfield.url
[2010/12/14 16:21:57 | 000,000,478 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Desktop\Canyon Country.url
[2010/12/14 16:20:39 | 000,000,476 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Desktop\Silver.url
[2010/12/14 16:16:01 | 000,000,275 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Desktop\The Ride Central.url
[2010/12/14 11:24:09 | 000,000,223 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Desktop\Geocaching.url
[2010/12/14 10:18:55 | 000,001,327 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\MapSource.lnk
[2010/12/13 21:00:23 | 000,001,519 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Desktop\HyperSnap.lnk
[2010/12/13 20:55:49 | 000,001,734 | ---- | C] () -- C:\WINDOWS\HS4Setup.MIF
[2010/12/13 20:48:10 | 000,000,505 | ---- | C] () -- C:\HprSnap.hs4lic
[2010/12/13 20:27:49 | 000,001,469 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Desktop\CuteFTP.lnk
[2010/12/13 20:19:24 | 000,000,895 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Photoshop.lnk
[2010/12/13 20:15:22 | 000,000,769 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Start Menu\Programs\Startup\ClickTray Calendar.lnk
[2010/12/13 19:46:54 | 000,000,715 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Auction Sentry.lnk
[2010/12/13 19:33:48 | 000,000,981 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2010/12/13 18:48:01 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_WinUSB_01007.Wdf
[2010/12/13 18:47:38 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
[2010/12/13 18:44:43 | 000,000,692 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Start Menu\Programs\Startup\PdaNet Desktop.lnk
[2010/12/13 17:08:18 | 000,000,205 | ---- | C] () -- C:\WINDOWS\EurekaLog.ini
[2010/12/13 17:07:48 | 000,000,037 | ---- | C] () -- C:\WINDOWS\System32\gr6rlzay.dll
[2010/12/13 16:36:35 | 000,000,894 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/12/13 16:36:34 | 000,000,890 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/12/13 16:35:07 | 000,001,836 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk
[2010/12/12 20:16:48 | 000,002,521 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Desktop\Outlook.lnk
[2010/12/12 20:16:06 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Microsoft Office Outlook.lnk
[2010/12/12 18:04:11 | 000,001,195 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Start Menu\Programs\Startup\Seagate Product Registration.lnk
[2010/12/12 17:51:22 | 000,000,886 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Desktop\Seagate Dashboard.lnk
[2010/12/12 17:25:57 | 000,001,824 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Acrobat Assistant.lnk
[2010/12/12 17:25:57 | 000,001,740 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Acrobat 6.0 Professional.lnk
[2010/12/12 16:38:12 | 000,001,475 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Desktop\Explorer.lnk
[2010/12/12 16:00:21 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_NuidFltr_01005.Wdf
[2010/12/12 16:00:19 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
[2010/12/12 14:18:14 | 000,056,056 | ---- | C] () -- C:\WINDOWS\System32\DLAAPI_W.DLL
[2010/12/12 14:18:14 | 000,000,169 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2010/12/12 14:13:45 | 000,002,129 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Roxio Creator.lnk
[2010/12/12 14:13:45 | 000,002,079 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Application Data\Microsoft\Internet Explorer\Quick Launch\Roxio Creator DE.lnk
[2010/12/12 14:06:10 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010/12/12 13:04:40 | 000,041,702 | ---- | C] () -- C:\WINDOWS\System32\nvModes.dat
[2010/12/12 13:04:40 | 000,041,702 | ---- | C] () -- C:\WINDOWS\System32\nvModes.001
[2010/12/12 13:04:25 | 000,111,544 | ---- | C] () -- C:\WINDOWS\System32\nvapps.xml
[2010/12/12 13:04:24 | 000,017,431 | ---- | C] () -- C:\WINDOWS\System32\nvdisp.nvu
[2010/12/12 13:04:02 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2010/12/12 13:04:01 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2010/12/12 13:04:00 | 001,018,804 | ---- | C] () -- C:\WINDOWS\System32\nvucode.bin
[2010/12/12 13:04:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2010/12/12 13:04:00 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\nvtuicpl.cpl
[2010/12/12 13:03:59 | 001,474,560 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2010/12/12 13:03:58 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2010/12/12 13:03:55 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2010/12/12 13:03:53 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2010/12/12 13:03:52 | 001,626,112 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2010/12/12 13:02:50 | 000,319,488 | ---- | C] () -- C:\WINDOWS\System32\AegisI5Installer.exe
[2010/12/12 12:59:38 | 000,144,360 | ---- | C] () -- C:\WINDOWS\System32\drivers\del1028.cty
[2010/12/12 12:59:05 | 000,016,480 | ---- | C] () -- C:\WINDOWS\System32\rixdicon.dll
[2010/12/12 12:12:20 | 000,000,079 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2010/12/12 12:12:11 | 000,000,815 | ---- | C] () -- C:\Documents and Settings\Dan Werner\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010/12/12 12:09:42 | 000,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2010/12/12 12:08:47 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010/12/12 12:08:03 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2010/12/12 12:07:47 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2010/12/12 12:07:42 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2010/12/12 12:07:41 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2010/12/12 12:07:38 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2010/12/12 12:07:27 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2010/12/12 12:07:21 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2010/12/12 12:07:18 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fpencode.dll
[2010/12/12 12:07:08 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2010/12/12 12:06:16 | 000,002,577 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/12/12 12:06:16 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2010/12/12 12:06:16 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2010/12/12 12:06:16 | 000,000,000 | ---- | C] () -- C:\CONFIG.SYS
[2010/12/12 12:06:16 | 000,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT
[2010/12/12 12:06:13 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2010/12/12 12:06:13 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2010/12/12 12:06:12 | 000,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2010/12/12 12:04:53 | 004,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex
[2010/12/12 12:04:38 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2010/12/12 12:04:38 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2010/12/12 12:04:32 | 000,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf
[2010/12/12 12:03:51 | 000,376,832 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msinfo.dll
[2010/12/12 12:03:07 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010/12/12 12:02:20 | 000,065,832 | ---- | C] () -- C:\WINDOWS\Santa Fe Stucco.bmp
[2010/12/12 12:02:20 | 000,026,680 | ---- | C] () -- C:\WINDOWS\River Sumida.bmp
[2010/12/12 12:02:20 | 000,017,362 | ---- | C] () -- C:\WINDOWS\Rhododendron.bmp
[2010/12/12 12:02:20 | 000,009,522 | ---- | C] () -- C:\WINDOWS\Zapotec.bmp
[2010/12/12 12:02:19 | 000,065,978 | ---- | C] () -- C:\WINDOWS\Soap Bubbles.bmp
[2010/12/12 12:02:19 | 000,065,954 | ---- | C] () -- C:\WINDOWS\Prairie Wind.bmp
[2010/12/12 12:02:19 | 000,026,582 | ---- | C] () -- C:\WINDOWS\Greenstone.bmp
[2010/12/12 12:02:19 | 000,017,336 | ---- | C] () -- C:\WINDOWS\Gone Fishing.bmp
[2010/12/12 12:02:19 | 000,017,062 | ---- | C] () -- C:\WINDOWS\Coffee Bean.bmp
[2010/12/12 12:02:19 | 000,016,730 | ---- | C] () -- C:\WINDOWS\FeatherTexture.bmp
[2010/12/12 12:02:19 | 000,001,272 | ---- | C] () -- C:\WINDOWS\Blue Lace 16.bmp
[2010/12/12 12:02:16 | 000,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h
[2010/12/12 12:02:16 | 000,001,161 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2010/12/12 12:02:15 | 000,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h
[2010/12/12 12:02:10 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc
[2010/12/12 04:53:45 | 000,004,444 | ---- | C] () -- C:\WINDOWS\System32\pid.PNF
[2010/12/12 04:53:44 | 000,001,393 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2010/12/12 04:53:40 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010/12/12 04:53:38 | 001,685,606 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.spd
[2010/12/12 04:53:38 | 000,000,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.sdf
[2010/12/12 04:53:37 | 000,643,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa
[2010/12/12 04:53:37 | 000,605,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa
[2010/12/12 04:53:21 | 000,001,688 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2010/12/12 04:53:12 | 000,144,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\netfx.cat
[2010/12/12 04:53:12 | 000,112,918 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tabletpc.cat
[2010/12/12 04:53:12 | 000,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2010/12/12 04:53:12 | 000,034,747 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mediactr.cat
[2010/12/12 04:53:12 | 000,026,991 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn7.cat
[2010/12/12 04:53:12 | 000,014,433 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn9.cat
[2010/12/12 04:53:12 | 000,010,027 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSTSWEB.CAT
[2010/12/12 04:53:12 | 000,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2010/12/12 04:53:12 | 000,007,710 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2010/12/12 04:53:12 | 000,007,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat
[2010/12/12 04:53:11 | 002,144,487 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5.CAT
[2010/12/12 04:53:11 | 001,296,669 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP3.CAT
[2010/12/12 04:53:11 | 000,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2010/12/12 04:53:11 | 000,522,220 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5INF.CAT
[2010/12/12 04:53:11 | 000,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2010/12/12 04:53:11 | 000,034,063 | ---- | C] () -- C:\WINDOWS\System32\dllcache\FP4.CAT
[2010/12/12 04:53:11 | 000,016,535 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IMS.CAT
[2010/12/12 04:53:11 | 000,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2010/12/12 04:53:11 | 000,012,363 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSMSGS.CAT
[2010/12/12 04:52:27 | 000,291,680 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/12/12 04:51:40 | 000,000,327 | RHS- | C] () -- C:\boot.ini
[2010/12/12 04:51:37 | 000,000,290 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf
[2009/02/05 15:46:04 | 000,069,632 | ---- | C] () -- C:\WINDOWS\Memeo.ShellExtension.WicIO.dll
[2007/08/06 15:22:15 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2006/09/16 23:36:50 | 000,520,192 | ---- | C] () -- C:\WINDOWS\System32\CddbPlaylist2Roxio.dll
[2006/09/16 23:36:50 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\CddbFileTaggerRoxio.dll
[2003/01/07 15:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI

========== Alternate Data Streams ==========

@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Dan Werner\My Documents\Wells Fargo:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Dan Werner\My Documents\Symantec:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Dan Werner\My Documents\SCSA:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Dan Werner\My Documents\RCI Info:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Dan Werner\My Documents\My Music:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Dan Werner\My Documents\My eBooks:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Dan Werner\My Documents\Harley Data:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Dan Werner\My Documents\Guns:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Dan Werner\My Documents\Geocaching Data:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Dan Werner\My Documents\Downloads:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Dan Werner\My Documents\DJs:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Dan Werner\My Documents\Blood Pressure:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Dan Werner\My Documents\Auction Sentry Data:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Dan Werner\Desktop\Microwave Dementions.jpg:Roxio EMC Stream

< End of report >
ken545
2010-12-26, 00:09
Well ??
mrsr71
2010-12-26, 00:20
It's still redirecting. Pretty frustrating :mad:

Anything else we can try other than reformatting?
ken545
2010-12-26, 00:49
Lets flush out your DNS

Copy and paste these lines in Note pad.

@Echo on
pushd\windows\system32\drivers\etc
attrib -h -s -r hosts
echo 127.0.0.1 localhost>HOSTS
attrib +r +h +s hosts
popd
ipconfig /release
ipconfig /renew
ipconfig /flushdns
netsh winsock reset all
netsh int ip reset all
shutdown -r -t 1
del %0

Save as flush.bat to your desktop. Double click to run.
*** note: Win Vista and Win 7 need to right click and choose to "run as Administrator" .. the computer will reboot itself.
mrsr71
2010-12-26, 01:29
It's still redirecting :confused:
ken545
2010-12-26, 01:48
Are you set up on a router ?


Download the GMER Rootkit Scanner (http://www.gmer.net/gmer.zip). Unzip it to your Desktop.

Before scanning, make sure all other running programs are closed and no other actions like a scheduled antivirus scan will occur while the scan is being performed. Do not use your computer for anything else during the scan.

Double click GMER.exe.
http://img.photobucket.com/albums/v666/sUBs/gmer_zip.gif
If it gives you a warning about rootkit activity and asks if you want to run a full scan...click on NO, then use the following settings for a more complete scan..
In the right panel, you will see several boxes that have been checked. Ensure the following are UNCHECKED ...
IAT/EAT
Drives/Partition other than Systemdrive (typically C:\)
Show All (don't miss this one)
http://www.geekstogo.com/misc/guide_icons/GMER_thumb.jpg (http://www.geekstogo.com/misc/guide_icons/GMER_instructions.jpg)
Click the image to enlarge it

Then click the Scan button & wait for it to finish.
Once done click on the [Save..] button, and in the File name area, type in "ark.txt"
Save the log where you can easily find it, such as your desktop.
**Caution**
Rootkit scans often produce false positives. Do NOT take any action on any "<--- ROOKIT" entries
Please copy and paste the report into your Post.
mrsr71
2010-12-26, 02:16
Yes - I'm on a wireless connection to a Linksys router. (I've always wondered if this could be the problem.) It's secured though. My wife is having the identical problems on her laptop via wireless to the same router. She's using Windows 7.


GMER 1.0.15.15530 - http://www.gmer.net
Rootkit scan 2010-12-25 17:09:26
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-e WDC_WD1600BEVS-75RST0 rev.04.01G04
Running: gmer.exe; Driver: C:\DOCUME~1\DANWER~1\LOCALS~1\Temp\pxtdapow.sys


---- System - GMER 1.0.15 ----

SSDT 864E9FD0 ZwAlertResumeThread
SSDT 83B29460 ZwAlertThread
SSDT 865A7638 ZwAllocateVirtualMemory
SSDT 83AFA7E8 ZwAssignProcessToJobObject
SSDT 8664A938 ZwConnectPort
SSDT \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS (Symantec Event Library/Symantec Corporation) ZwCreateKey [0xF4CBF210]
SSDT 864E9E48 ZwCreateMutant
SSDT 83B0E698 ZwCreateSymbolicLinkObject
SSDT 865C2E40 ZwCreateThread
SSDT 83A4A408 ZwDebugActiveProcess
SSDT \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS (Symantec Event Library/Symantec Corporation) ZwDeleteKey [0xF4CBF490]
SSDT \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS (Symantec Event Library/Symantec Corporation) ZwDeleteValueKey [0xF4CBF9F0]
SSDT 83AA4F80 ZwDuplicateObject
SSDT 866DD410 ZwFreeVirtualMemory
SSDT 864E9F38 ZwImpersonateAnonymousToken
SSDT 86486B00 ZwImpersonateThread
SSDT 864D5290 ZwLoadDriver
SSDT 865AC258 ZwMapViewOfSection
SSDT 86596418 ZwOpenEvent
SSDT 864EA890 ZwOpenProcess
SSDT 83AA4EA0 ZwOpenProcessToken
SSDT 864505F8 ZwOpenSection
SSDT 864EA7C0 ZwOpenThread
SSDT 83AFA6F8 ZwProtectVirtualMemory
SSDT 864D8E30 ZwResumeThread
SSDT 867007C8 ZwSetContextThread
SSDT 86700888 ZwSetInformationProcess
SSDT 83A4A4C8 ZwSetSystemInformation
SSDT \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS (Symantec Event Library/Symantec Corporation) ZwSetValueKey [0xF4CBFC40]
SSDT 86596338 ZwSuspendProcess
SSDT 864D8ED0 ZwSuspendThread
SSDT 86644C00 ZwTerminateProcess
SSDT 864D8F90 ZwTerminateThread
SSDT 866DD330 ZwUnmapViewOfSection
SSDT 865A7548 ZwWriteVirtualMemory

---- Kernel code sections - GMER 1.0.15 ----

.text ntkrnlpa.exe!ZwCallbackReturn + 2C28 805044C4 2 Bytes [38, 76]
.text ntkrnlpa.exe!ZwCallbackReturn + 2C30 805044CC 4 Bytes CALL 1CD3F478
? SYMDS.SYS The system cannot find the file specified. !
? SYMEFA.SYS The system cannot find the file specified. !
.text C:\WINDOWS\system32\DRIVERS\nv4_mini.sys section is writeable [0xF6752360, 0x2F26B7, 0xE8000020]

---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\Mozilla Firefox\plugin-container.exe[2108] USER32.dll!TrackPopupMenu 7E46531E 5 Bytes JMP 10402342 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\firefox.exe[2936] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 02D1003A

---- Devices - GMER 1.0.15 ----

Device Ntfs.sys (NT File System Driver/Microsoft Corporation)

AttachedDevice \Driver\Tcpip \Device\Ip SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\Tcp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\Udp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\RawIp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)

Device mrxsmb.sys (Windows NT SMB Minirdr/Microsoft Corporation)
Device \FileSystem\Cdfs \Cdfs DLAIFS_M.SYS (Drive Letter Access Component/Roxio)

---- EOF - GMER 1.0.15 ----
ken545
2010-12-26, 02:25
We ran both RootKitUnHooker and GMER and there is no sign of a rootkit. Your router may be infected if your wife is experiencing the same problems. What you need to do is to reset the router, there is a small hole on the back of it that a paper clip will fit into, you can insert the paper clip and hold it for 10 seconds or so and this will erase all the setting, then your going to have to set it up again. If you need help with this let me know
mrsr71
2010-12-26, 02:52
Thanks again for all of your help. Doing this on Christmas day is well beyond all my expectations. Your a true gentleman. I''l reset the router tomorrow following Linksys instructions. I'll report back following....

Dan
ken545
2010-12-26, 03:36
OK Dan, do that and let me know if it fixed it, if not we need to dig deeper
mrsr71
2010-12-26, 23:44
Ken,

I upgraded the firmware on the router, changed the name/password and the redirects have stopped. Hopefully this will be the end of it :yahoo: :yahoo: :yahoo:

Again, :thanks: so much for your unselfish dedication in helping folks infected with malware :bigthumb:
ken545
2010-12-27, 01:22
Great, glad to hear that. Not a problem helping you :)

What you want to do now is make sure your Java is up to date, older versions leave holes for the bad guys to get in.
Please download JavaRa (http://raproducts.org/click/click.php?id=1) to your desktop and unzip it to its own folder

Run JavaRa.exe, pick the language of your choice and click Select. Then click Remove Older Versions.
Accept any prompts.
Open JavaRa.exe again and select Search For Updates.
Select Update Using Sun Java's Website then click Search and click on the Open Webpage button. Download and install the latest Java Runtime Environment (JRE) version for your computer.



Then open OTL and click on Cleanup and it will remove most of the tools we used to clean your system along with there backups. It won't remove Malwarebytes which is fine, its the free version and yours to keep.




How did I get infected in the first place ?
Read these links and find out how to prevent getting infected again.
Tutorial for System Restore (http://www.bleepingcomputer.com/tutorials/tutorial56.html) <-- Do this first to prevent yourself from being reinfected.
WhattheTech (http://forums.whatthetech.com/So_how_did_I_get_infected_in_the_first_place_t57817.html)
Grinler BleepingComputer (http://www.bleepingcomputer.com/forums/topic2520.html)
GeeksTo Go (http://www.geekstogo.com/forum/index.php?autocom=custom&page=How_did_I)
Dslreports (http://www.dslreports.com/faq/10002)





Keep in mind if you install some of these programs. Only ONE Anti Virus and only ONE Firewall is recommended, more is overkill and can cause you problems. You can install all the Spyware programs I have listed without any problems. If you install Spyware Blaster and Spyware Guard, they will conflict with the TeaTimer in Spybot , you can still install Spybot Search and Destroy but do not enable the TeaTimer .


Here are some free programs to install, all free and highly regarded by the fine people in the Malware Removal Community

Spybot Search and Destroy 1.6 (http://www.safer-networking.org/en/download/)
Check for Updates/ Immunize and run a Full System Scan on a regular basis. If you install Spyware Blaster ( Recommended ) then do not enable the TeaTimer in Spybot Search and Destroy.

WinPatrol (www.winpatrol.com/download.html) Keep this fine program activated to block a lot of threats

Spyware Blaster (http://www.javacoolsoftware.com/spywareblaster.html) It will prevent most spyware from ever being installed. No scan to run, just update about once a week and enable all protection.

Spyware Guard (http://www.javacoolsoftware.com/spywareguard.html) It offers realtime protection from spyware installation attempts, again, no scan to run, just install it and let it do its thing.

IE-Spyad (http://www.pcworld.com/downloads/file/fid,23332-order,1-page,1-c,antispywaretools/description.html)
IE-Spyad places over 6000 web sites and domains in the IE Restricted list which will severely impair attempts to infect your system. It basically prevents any downloads (cookies etc) from the sites listed, although you will still be able to connect to the sites.

Firefox 3 (http://www.mozilla.org/products/firefox/) It has more features and is a lot more secure than IE. It is a very easy and painless download and install, it will no way interfere with IE, you can use them both.



Safe Surfn
Ken
ken545
2010-12-27, 10:40
Good Morning,

Just wanted to point out that when you password protect your router ( which is a good thing ) if prevents unauthorized use but on the home routers the signal does not go that far, maybe 500 feet at the most. But when your on the internet data travels through your router before it gets to you.

Someone in Russia planted bad code so that the redirects took you though there servers.

One line we fixed using OTL

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.109.67.74 213.109.77.113 1.1.1.1




213.109.64.0 - 213.109.79.255
ProLite Ltd.

Nikolay N. Filimonov
Russia, Nizhniy Novgorod, Pecherskiy syezd 22, off.12
+7 831 4284242


The reason I am pointing this out to you is that I wanted to let you know that you where infected and it was not an outdated firmware that was causing your redirects.


Ken :)
ken545
2011-01-01, 11:39
Since this issue appears to be resolved ... this Topic has been closed. Glad I could help.