Got rid of Braviax, now have Brastk.exe

Well got as far as windows\erdnt>dir and this is what came up: :sad:

Directory of C:\WINDOWS\ERDNT

10/28/08 08:43p d------- 0 .
10/28/08 08:43p d------- 0 ..
10/28/08 08:43p d------- 0 10-28-2008
3 file(s) 0 bytes
59765456896 bytes free

So of course typing cd 10-28-08 came up with:
"The system cannot find the file or directory specified."

You ever have to put in as much time on one of these fixes as you have with this one? :) Thanks so much for your patience.
 
Sorry my bad ..
Only mistake made here was typing in the directory wrong.
I should have seen that (duh on me) even after looking in my own erdnt folder. :red:

Once in the ERDNT directory & you see the list after typing in dir

Now type these commands hitting enter after each. Give ERDNT.Con time to finish its job before exiting recovery console.

cd 10-28-2008
ERDNT.CON
exit

don't worry. We'll get there. :)
 
We got one step closer, but only one........:) Here we go:

C:\WINDOWS\ERDNT>cd 10-28-2008

C:\WINDOWS\ERDNT\10-28-2008>ERDNT.CON
The command is not recognized Type HELP for a list of supported commands.

I tried all caps, all lowercase, and a mixture of both for erdnt.con, but to no avail. Got the same response. :eek:
 
OK... My bad again. Lack of coffee moment.
I guess I cant remember as much stuff by heart as I thought. :oops:

Instead of ERDNT.con command do this:

BATCH ERDNT.con

The rest is all the same. It does not matter if you type in upper or lower case.

cd erdnt
cd 10-28-2008
batch erdnt.con
exit
 
Got sign on after doing cd batch erdnt.con! :bigthumb:

Can't use anything after signing on! :sad:

Internet Explorer, Firefox, Spybot, or anything with an .exe extension.
Trying these just gives the warning:

"This file does not have a program associated with it for performing this action. Create an association in the Folder Options control panel."


Baby steps, just try to think baby steps. :D: :red:
 
Kewl!!

We're logged in == progress

Ok --- you get TeaTimer disabled and reset? Leave it off till I say. OK?

Make sure you can see all your file extensions.
Open your control panel & then "folder options"
Hit the "view" tab
Under "hidden files & folders" UNcheck "hide file extensions for known file types"
Apply & OK.

Download this tool to your desktop.
http://www.techsupportforum.com/sectools/Deckard/daft.exe
Right click "daft.exe" and choose "rename"
Call it daft.com
Once done it should look like a generic white/blue icon.
Double click it, OK the disclaimer & choose "scan"
Save log file & post the log here.

Make no changes yet please.

Also --- that TeaTimer log you posted.
Can you zip up & send me the whole log?
If not possible -- I imagine it is huge so you can upload it here please (even if just the text):

http://www.bleepingcomputer.com/submit-malware.php?channel=19

Put URL from this thread in space provided so I know who the log came from.
It will likely be alot easier for me to read than trying to in the posts.

Also -- your XP CD.. What service pack is it bundled with?

Thanks :)
 
As for the TeaTimer I can't get it or IE or anything else to open even after UNchecking the hide file extension line in folder options. Still getting the same message as in previous post. :sad:
 
OK. So .com files give same message?

Does explorer start? Meaning you get the desktop loaded, see your icons, task bar and so on?

C:\program files\Spybot - Search & Destroy <-- go to this folder & rename TeaTimer.exe to TeaTimer.OLD

That is just to prevent it from running once we fix file associations.
We'll rename it back when we are done fixin stuff.

Now -- may need to use another machione since IE don't work..

Go to this site:

http://www.symantec.com/security_response/writeup.jsp?docid=2004-050614-0532-99

Right click on the "UnHookExec.inf" file and choose "save target as"
Save it to whatever media you are using to transfer stuff to busted computer.
copy it to broken computer.
Right click it & choose install
It should only take a few seconds then be done.

You should be able to run exes and such now.

If not -- reboot.
If you can please post new set of OTViewIt logs and do the teatimer disable/reset instructions.
If above is successful -- make ERUNT backup please.

I have to go for a bit & will come back later to check on you.

Thanks :)
 
Well I tried............:sad: I got the "daft.txt" log, had it loaded in a reply thread, went to get some other info you requested & the damn thing just logged off! (On a side note I have been communicating with you on a laptop; just switching the connection cable to the "infected" computer when you instruct me to.)

So after logging back on a few times & having it log itself off, I switched the cable back here & now it doesn't log off?

Frustration is mounting!!! :D:
 
You have some method to transfer logs?
What was listed in the daft log? You can run it again and see what is listed.
I wanna see if we got all the extensions fixed.

Some of the infections is likely what keeps logging you on/off.

Did you get TeaTimer renamed OK? Obviously can run exes and stuff now?
And you made new ERUNT backup?

Can you get to safe mode with network support & run OTViewIt so you can post logs? (less junkaroo should run in safe mode making system a bit more stable)
However -- don't be online long in safe mode cus no AV or firewall to help protect you against more junk.
Just be on long enough to get those logs done/posted and get offline with that machine.

As soon as you have it connected to the net it is either downloading more junk or spamming or something so you don't want it online unless posting logs/downloading stuff we need.

Thanks :)
 
On another side note, the Spybot files are screwed up also. I can't start up Spybot to change settings, turn off TeaTimer or anything. :red:
 
What exactly happens when you try to start Spybot?

Can you get OTViewIt to run? Post logs from it if you can please.

Thanks :)
 
Basically nothing happens when I try to run Spybot. Also, some of the file names in the Spybot folder seem to have been renamed or deleted, including the .exe files. I'll try to run the OTview it & post results.

Sorry for the slow responce, but I could not log onto this forum yesterday at all. Just timed out. Other web sites were working fine. This happened last week too. Thanks again. Dennis.
 
Hi,

Some of Spybot exe files are hidden.
How to view Hidden files/folders.
http://www.bleepingcomputer.com/tutorials/tutorial62.html
don't forget to hide files/folders when we are finished cleaning.

Yes. Part of yesterday & the other day the forum was having trouble. I couldn't get here either.

If you can't get OTViewIt to run -- try downloading a new copy to overwrite the old one.

Your CD .. what service pack does it have on it (if any)?

Thanks
 
I think the XP disk has service pack 1.

When using the XP disk yesterday to be able to log on & stay logged on I inadvertantly reloaded Windows. :red: Big panic; thought I wiped everything out! The biggest problem I have now is that after it boots up, goes through all the checks, the monitor clicks off after reading something about status: over.

Fortunately I can still log on in "safe mode" & I did mange to run a new OTViewIt log, but can't get IE or FireFox to load so I can post it. I tried to copy it to disk, but I'm having problems with the CD drive in the infected computer. I'm gonna try again now, so keep your fingers crossed.

Thanks again, Dennis. :)

PS I did also manage to open Spybot in safe mode & turn off TeaTimer.
 
Hi,

Sorry for delay.
You get IE/FF working to get those logs yet? Can you get to safe mode with network support? If so try & post those logs please.
How about IE or FF without add-ons?

start> programs> accessories> system tools> Internet Explorer (no add-ons)
start> Mozilla Firefox (safe mode) <-- just means no add-ons

Still same monitor issue? Not sure I understand the monitor issue. :scratch:
What is happening with the cd drive?
 
Can't get IE or FF to connect to the web in safe mode. The monitor starts up while booting, then shuts down saying status: over in regular mode. I think that when I re-installed Windows the drivers got corrupted or not installed, so the monitor is set at some high refresh rate or something.

The CD rom shows files on it, but when I try to write files to it from the infected computer (like the OTViewIt files) it says insert a disk?
 
Can't get IE or FF to connect to the web in safe mode. The monitor starts up while booting, then shuts down saying status: over in regular mode. I think that when I re-installed Windows the drivers got corrupted or not installed, so the monitor is set at some high refresh rate or something.

The CD rom shows files on it, but when I try to write files to it from the infected computer (like the OTViewIt files) it says insert a disk?

All in all it seems the harder I try the farther behind I get. :red: :sad:
 
So after many trials & tribulations I got the monitor & internet connection bugs worked out. Here are the logs you requested:

Daft log:
DAFT Log saved on 2008-11-08 10:24:07
-----------------------------------------------------------------------
All associations okay!

OTViewIt log (in 2 parts):
OTViewIt logfile created on: 11/8/2008 10:05:58 AM - Run 2
OTViewIt by OldTimer - Version 1.0.19.0 Folder = C:\Documents and Settings\Dennis\Desktop
Windows XP Home Edition Service Pack 1 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2800.1106)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1023.48 Mb Total Physical Memory | 697.14 Mb Available Physical Memory | 68.11% Memory free
2.41 Gb Paging File | 2.14 Gb Available in Paging File | 89.11% Paging File free
Paging file location(s): c:\pagefile.sys 1536 3072;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 76.32 Gb Total Space | 56.14 Gb Free Space | 73.55% Space Free | Partition Type: NTFS
Drive D: | 40.67 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: DENNIS-JIF0Z43K
Current User Name: Dennis
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Whitelist: On
File Age = 30 Days

========== Processes ==========

[2008/09/19 13:22:21 | 00,611,664 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
[1999/12/13 00:01:00 | 00,044,032 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\CTSVCCDA.EXE
[2006/10/22 12:22:00 | 00,159,810 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
[2008/04/24 15:52:22 | 00,066,880 | ---- | M] (PC Tools) -- C:\Program Files\ThreatFire\TFService.exe
[2007/03/15 17:17:08 | 00,336,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\WgaTray.exe
[2002/04/11 10:47:52 | 00,176,128 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Hardware\Mouse\point32.exe
[2001/10/16 07:08:48 | 00,086,016 | ---- | M] (Visioneer Inc) -- C:\Program Files\Visioneer OneTouch\OneTouchMon.exe
[2005/08/12 13:43:58 | 00,045,056 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
[2008/04/24 15:52:28 | 00,259,392 | ---- | M] (PC Tools) -- C:\Program Files\ThreatFire\TFTray.exe
[2002/08/29 04:00:00 | 00,031,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rundll32.exe
[2007/01/19 12:54:56 | 05,674,352 | ---- | M] (Microsoft Corporation) -- C:\Program Files\MSN Messenger\msnmsgr.exe
[2004/02/03 13:42:54 | 00,401,491 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
[2007/12/25 09:36:05 | 00,028,672 | ---- | M] (DataViz, Inc.) -- C:\Program Files\Common Files\DataViz\DvzIncMsgr.exe
[2004/06/09 14:27:34 | 00,471,040 | ---- | M] (PalmSource, Inc) -- C:\Program Files\Palm\Hotsync.exe
[2006/02/19 03:21:22 | 00,288,472 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
[2005/08/12 13:43:58 | 00,045,056 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
[2006/02/19 04:24:52 | 00,239,320 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
[2008/10/28 19:46:51 | 00,422,400 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dennis\Desktop\OTViewIt.exe

========== (O23) Win32 Services ==========

[2008/09/19 13:22:21 | 00,611,664 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe -- (aawservice [Auto | Running])
[2006/07/30 11:49:12 | 00,072,704 | ---- | M] (Adobe Systems) -- C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe -- (Adobe LM Service [On_Demand | Stopped])
File not found -- -- (AlerterRasAutoAticlr_optimization_v2.0.50727_32 [Auto | Stopped])
File not found -- -- (AlerterRpcSs [Auto | Stopped])
File not found -- -- (AppMgmtCiSvc [Auto | Stopped])
File not found -- -- (AppMgmtCiSvcFastUserSwitchingCompatibility [Auto | Stopped])
File not found -- -- (AppMgmtFastUserSwitchingCompatibility [Auto | Stopped])
File not found -- -- (AppMgmtFastUserSwitchingCompatibilityTrkWksImapiService [Auto | Stopped])
File not found -- -- (AppMgmtFastUserSwitchingCompatibilityTrkWksImapiService PMSP Service [Auto | Stopped])
File not found -- -- (AppMgmtFastUserSwitchingCompatibilityTrkWksImapiServiceMessengerRSVP [Auto | Stopped])
File not found -- -- (AppMgmtFastUserSwitchingCompatibilityTrkWksImapiServiceNetman [Auto | Stopped])
[2007/04/13 02:20:52 | 00,033,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
File not found -- -- (aspnet_stateLmHosts [Auto | Stopped])
[2007/12/20 18:57:27 | 00,512,000 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe -- (Ati HotKey Poller [Auto | Stopped])
[2007/12/20 21:05:00 | 00,593,920 | ---- | M] () -- C:\WINDOWS\system32\ati2sgag.exe -- (ATI Smart [Auto | Stopped])
File not found -- -- (Aticlr_optimization_v2.0.50727_32 [Auto | Stopped])
File not found -- -- (Aticlr_optimization_v2.0.50727_32AppMgmtFastUserSwitchingCompatibilityTrkWksImapiService [Auto | Stopped])
File not found -- -- (AudioSrvRDSessMgr [Auto | Stopped])
File not found -- -- (Browseraspnet_stateLmHosts [Auto | Stopped])
File not found -- -- (Browserwuauserv [Auto | Stopped])
File not found -- -- (BrowserwuauservALG [Auto | Stopped])
File not found -- -- (BrowserwuauservW32TimeSpoolerNVSvc [Auto | Stopped])
File not found -- -- (ClipSrvSSDPSRVEventSystemwuauservEventlogImapiServicegusvc [Auto | Stopped])
[2007/04/13 02:21:18 | 00,068,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
File not found -- -- (clr_optimization_v2.0.50727_32RasMan [Auto | Stopped])
File not found -- -- (COMSysAppFastUserSwitchingCompatibility [Auto | Stopped])
File not found -- -- (COMSysAppFastUserSwitchingCompatibilityWMPNetworkSvcWebClient [Auto | Stopped])
[1999/12/13 00:01:00 | 00,044,032 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\CTSVCCDA.EXE -- (Creative Service for CDROM Access [Auto | Running])
File not found -- -- (DhcpNetman [Auto | Stopped])
File not found -- -- (dmadminEventlog [Auto | Stopped])
File not found -- -- (Dnscachegusvc [Auto | Stopped])
File not found -- -- (EventSystemgusvc [Auto | Stopped])
File not found -- -- (EventSystemgusvcWMPNetworkSvc [Auto | Stopped])
[2008/09/17 16:00:24 | 00,138,168 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [On_Demand | Stopped])
File not found -- -- (gusvcstisvc [Auto | Stopped])
File not found -- -- (HidServaspnet_state [Auto | Stopped])
[2005/04/04 00:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])
File not found -- -- (LmHostsNtLmSsp [Auto | Stopped])
File not found -- -- (MessengerRSVP [Auto | Stopped])
File not found -- -- (MSDTCWZCSVC [Auto | Stopped])
File not found -- -- (MSDTCWZCSVCAppMgmtCiSvcFastUserSwitchingCompatibility [Auto | Stopped])
File not found -- -- (MSDTCWZCSVCAppMgmtCiSvcFastUserSwitchingCompatibility Smart [Auto | Stopped])
File not found -- -- (MSIServerTrkWksALG [Auto | Stopped])
File not found -- -- (NetDDEclr_optimization_v2.0.50727_32 [Auto | Stopped])
File not found -- -- (NetDDEdsdm Smart [Auto | Stopped])
File not found -- -- (NetDDEdsdmgusvcstisvc [Auto | Stopped])
File not found -- -- (NetmanSamSs [Auto | Stopped])
File not found -- -- (NetmanWMPNetworkSvcNtmsSvc [Auto | Stopped])
File not found -- -- (NlaSENS [Auto | Stopped])
[2006/10/22 12:22:00 | 00,159,810 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc [Auto | Running])
File not found -- -- (NVSvchkmsvc [Auto | Stopped])
File not found -- -- (NVSvcRemoteAccess [Auto | Stopped])
File not found -- -- (NVSvcRemoteAccessDhcpNetman [Auto | Stopped])
File not found -- -- (PolicyAgentWebClient [Auto | Stopped])
File not found -- -- (PolicyAgentWebClientWmiApSrv [Auto | Stopped])
File not found -- -- (RasAutoAticlr_optimization_v2.0.50727_32 [Auto | Stopped])
File not found -- -- (RemoteAccessNtLmSsp [Auto | Stopped])
File not found -- -- (RemoteAccessPolicyAgentWebClient [Auto | Stopped])
File not found -- -- (RpcLocatorRemoteAccessNtLmSsp [Auto | Stopped])
File not found -- -- (SCardSvrThemes [Auto | Stopped])
File not found -- -- (seclogonALG [Auto | Stopped])
File not found -- -- (SharedAccessWMPNetworkSvcNtmsSvc [Auto | Stopped])
File not found -- -- (ShellHWDetection Service for CDROM Access [Auto | Stopped])
File not found -- -- (ShellHWDetectionIDriverT [Auto | Stopped])
File not found -- -- (ShellHWDetectionIDriverTPlugPlay [Auto | Stopped])
File not found -- -- (ShellHWDetectionIDriverTPlugPlayNVSvcRemoteAccess [Auto | Stopped])
File not found -- -- (ShellHWDetectionIDriverTPlugPlayRpcLocatorRemoteAccessNtLmSsp [Auto | Stopped])
File not found -- -- (Spooler Smart [Auto | Stopped])
File not found -- -- (SpoolerAudioSrvRDSessMgr [Auto | Stopped])
File not found -- -- (SpoolerAudioSrvRDSessMgrTrkWksALGSSDPSRVEventSystemwuauservEventlogImapiServicegusvc [Auto | Stopped])
File not found -- -- (SpoolerNVSvc [Auto | Stopped])
File not found -- -- (SSDPSRVEventSystem [Auto | Stopped])
File not found -- -- (SSDPSRVEventSystemwuauservEventlogImapiServicegusvc [Auto | Stopped])
File not found -- -- (SwPrvSharedAccess [Auto | Stopped])
File not found -- -- (SysmonLogAppMgmtCiSvcFastUserSwitchingCompatibility [Auto | Stopped])
[2008/04/24 15:52:22 | 00,066,880 | ---- | M] (PC Tools) -- C:\Program Files\ThreatFire\TFService.exe -- (ThreatFire [Auto | Running])
File not found -- -- (TrkWksALG [Auto | Stopped])
File not found -- -- (TrkWksALGSSDPSRVEventSystemwuauservEventlogImapiServicegusvc [Auto | Stopped])
File not found -- -- (TrkWksImapiService [Auto | Stopped])
File not found -- -- (TrkWkslanmanserver [Auto | Stopped])
File not found -- -- (TrkWksNetmanSamSs [Auto | Stopped])
[2005/01/28 13:44:28 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdfmgr.exe -- (UMWdf [On_Demand | Stopped])
File not found -- -- (UPSAudioSrvRDSessMgr [Auto | Stopped])
[2007/01/19 12:54:14 | 00,097,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\MSN Messenger\usnsvc.exe -- (usnjsvc [On_Demand | Stopped])
File not found -- -- (W32TimeSpoolerNVSvc [Auto | Stopped])
File not found -- -- (WmdmPmSNaspnet_stateLmHosts [Auto | Stopped])
File not found -- -- (WmiApSrvAppMgmtCiSvcFastUserSwitchingCompatibility [Auto | Stopped])
File not found -- -- (WmiApSrvRemoteAccessNtLmSsp [Auto | Stopped])
[2006/10/18 20:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])
File not found -- -- (WMPNetworkSvcNtmsSvc [Auto | Stopped])
File not found -- -- (WMPNetworkSvcNtmsSvcTermService [Auto | Stopped])
File not found -- -- (WMPNetworkSvcWebClient [Auto | Stopped])
File not found -- -- (WMPNetworkSvcWebClientDhcp [Auto | Stopped])
File not found -- -- (wscsvc Service for CDROM Access [Auto | Stopped])
File not found -- -- (wscsvcDhcp [Auto | Stopped])
File not found -- -- (wuauservDhcp [Auto | Stopped])
File not found -- -- (wuauservEventlog [Auto | Stopped])
File not found -- -- (wuauservEventlogImapiService [Auto | Stopped])
File not found -- -- (wuauservEventlogImapiServicegusvc [Auto | Stopped])

========== Driver Services ==========

[2002/08/29 04:00:00 | 00,032,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\amdk7.sys -- (AmdK7 [System | Stopped])
[1997/04/22 09:16:00 | 00,006,272 | ---- | M] () -- C:\WINDOWS\system32\drivers\ASLM75.SYS -- (aslm75 [Auto | Running])
[2007/12/20 19:53:20 | 02,843,136 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag [On_Demand | Stopped])
[2002/07/19 09:46:28 | 00,127,948 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\drivers\ctac32k.sys -- (ctac32k [On_Demand | Running])
[2002/07/19 09:47:52 | 00,837,548 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\drivers\ctaud2k.sys -- (ctaud2k [On_Demand | Running])
[2001/08/17 11:19:20 | 00,003,712 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\system32\drivers\ctljystk.sys -- (ctljystk [On_Demand | Stopped])
[2002/07/19 09:48:08 | 00,011,068 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\drivers\ctprxy2k.sys -- (ctprxy2k [On_Demand | Running])
[2002/07/19 09:48:22 | 00,213,860 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k [On_Demand | Running])
[2002/07/19 09:48:32 | 00,156,604 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\drivers\emupia2k.sys -- (emupia [On_Demand | Running])
[2002/08/29 04:00:00 | 00,009,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum [On_Demand | Running])
[2002/07/24 12:52:26 | 00,998,004 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\drivers\ha10kx2k.sys -- (ha10kx2k [On_Demand | Running])
[2002/04/11 10:47:52 | 00,011,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ipfilter.sys -- (IPFilter [On_Demand | Running])
[2001/08/17 13:02:40 | 00,035,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\msgame.sys -- (msgame [On_Demand | Stopped])
[2001/08/17 06:00:04 | 00,002,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401 [On_Demand | Running])
[2003/05/26 15:41:29 | 00,006,912 | ---- | M] (NewTech Infosystems, Inc.) -- C:\WINDOWS\system32\drivers\NTIDrvr.sys -- (NTIDrvr [On_Demand | Running])
[2006/10/22 12:22:00 | 03,994,624 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv [On_Demand | Running])
[2002/12/04 20:01:00 | 00,013,056 | R--- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nvax.sys -- (nvax [On_Demand | Stopped])
[2002/09/22 18:37:00 | 00,080,896 | R--- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\NVENET.sys -- (NVENET [On_Demand | Stopped])
[2002/12/04 20:01:00 | 00,241,664 | R--- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nvapu.sys -- (nvnforce [On_Demand | Stopped])
[2002/09/05 19:24:00 | 00,013,568 | R--- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nv_agp.SYS -- (nv_agp [Boot | Running])
[2002/07/19 09:48:04 | 00,195,432 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv [On_Demand | Running])
[2007/12/25 09:33:54 | 00,016,694 | ---- | M] (PalmSource, Inc.) -- C:\WINDOWS\system32\drivers\PalmUSBD.sys -- (PalmUSBD [On_Demand | Stopped])
[2002/06/14 12:49:56 | 00,010,194 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\system32\PFMODNT.SYS -- (PfModNT [Auto | Running])
[2002/08/29 04:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink [On_Demand | Running])
[2002/08/29 04:00:00 | 00,027,440 | ---- | M] () -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv [On_Demand | Stopped])
[2005/11/10 17:00:48 | 00,102,400 | ---- | M] (Silicon Image, Inc) -- C:\WINDOWS\system32\drivers\SI3112r.sys -- (Si3112r [Boot | Running])
[2004/11/01 11:21:32 | 00,010,368 | ---- | M] (Silicon Image, Inc.) -- C:\WINDOWS\system32\drivers\SiWinAcc.sys -- (SiFilter [Boot | Running])
[2005/03/24 17:21:22 | 00,038,937 | ---- | M] (Service & Quality Technology.) -- C:\WINDOWS\system32\drivers\Capt905c.sys -- (SQTECH905C [On_Demand | Stopped])
[2008/04/24 15:52:38 | 00,051,520 | ---- | M] (PC Tools) -- C:\WINDOWS\system32\drivers\TfFsMon.sys -- (TfFsMon [Boot | Running])
[2008/04/24 15:52:42 | 00,033,088 | ---- | M] (PC Tools) -- C:\WINDOWS\system32\drivers\TfNetMon.sys -- (TfNetMon [On_Demand | Running])
[2008/04/24 15:52:44 | 00,038,208 | ---- | M] (PC Tools) -- C:\WINDOWS\system32\drivers\TfSysMon.sys -- (TfSysMon [Boot | Running])
[2002/08/29 04:00:00 | 00,030,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\wceusbsh.sys -- (wceusbsh [On_Demand | Stopped])
[2008/11/02 18:30:28 | 00,031,104 | ---- | M] () -- C:\WINDOWS\system32\drivers\Windi26.sys -- (Windi26 [Boot | Running])

========== (R ) Internet Explorer ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main]
"Default_Page_URL"=http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
"Default_Search_URL"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
"Default_Secondary_Page_URL"=
"Extensions Off Page"=about:NoAdd-ons
"Local Page"=%SystemRoot%\system32\blank.htm
"Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
"Security Risk Page"=about:SecurityRisk
"Start Page"=http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search]
"CustomizeSearch"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
"Default_Search_URL"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
"SearchAssistant"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchURL]
""=http://home.microsoft.com/access/autosearch.asp?p=%s

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main]
"Page_Transitions"=
"Start Page"=http://msn.com/

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0

========== (O1) Hosts File ==========

HOSTS File = (734 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
First 25 entries...
127.0.0.1 localhost

========== (O2) BHO's ==========

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\]
{02478D38-C3F9-4efb-9B51-7695ECA05670} (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found
{7E853D72-626A-48EC-A868-BA8D5E23E045} (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found
{AA58ED58-01DD-4d91-8333-CF10577473F7} (HKLM) -- c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)

========== (O3) Toolbars ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" (HKLM) -- c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
"{327C2873-E90D-4c37-AA9D-10AC9BABA46C}" (HKLM) -- C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
"{8E718888-423F-11D2-876E-00A0C9082467}" (HKLM) -- C:\WINDOWS\system32\msdxm.ocx ()

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
"{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}" (HKLM) -- C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dll File not found

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" (HKLM) -- c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
"{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}" (HKLM) -- C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dll File not found

========== (O4) Run Keys ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay (ATI Technologies Inc.)
"KernelFaultCheck"=%systemroot%\system32\dumprep 0 -k File not found
"nForce Tray Options"=sstray.exe /r (NVIDIA Corporation)
"NvCplDaemon"=RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup (NVIDIA Corporation)
"NvMediaCenter"=RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit (NVIDIA Corporation)
"nwiz"=nwiz.exe /install ()
"OneTouch Monitor"=C:\PROGRA~1\VISION~1\ONETOU~2.EXE (Visioneer Inc)
"POINTER"=point32.exe File not found
"ThreatFire"=C:\Program Files\ThreatFire\TFTray.exe (PC Tools)

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE" (Microsoft Corporation)
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" /background (Microsoft Corporation)

========== (O4) Startup Folders ==========

[2005/09/23 22:05:26 | 00,029,696 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
[2005/08/12 13:43:58 | 00,045,056 | ---- | M] (ATI Technologies Inc.) -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ATI CATALYST System Tray.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
[2007/12/25 09:36:05 | 00,028,672 | ---- | M] (DataViz, Inc.) -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\DataViz Inc Messenger.lnk = C:\Program Files\Common Files\DataViz\DvzIncMsgr.exe
[2004/06/09 14:27:34 | 00,471,040 | ---- | M] (PalmSource, Inc) -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HOTSYNCSHORTCUTNAME.lnk = C:\Program Files\Palm\Hotsync.exe
[2006/02/19 03:21:22 | 00,288,472 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
[2001/02/13 01:01:04 | 00,083,360 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE

========== (O6 & O7) Current Version Policies ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
""=
"NoDriveTypeAutoRun"=_ [binary data]
"NoActiveDesktopChanges"=0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableTaskMgr"=0
"DisableCAD"=0

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=_ [binary data]
"NoSaveSettings"=0

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]
"DisableTaskMgr"=0
"NoColorChoice"=0
"NoSizeChoice"=0
"NoVisualStyleChoice"=0

========== (O9) IE Extensions ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}: Menu: Sun Java Console -- %ProgramFiles%\Java\jre1.6.0_07\bin\npjpi160_07.dll [2008/06/10 03:27:02 | 00,132,496 | ---- | M] (Sun Microsystems, Inc.)
{2D663D1A-8670-49D9-A1A5-4C56B4E14E84}: Button: Spyware Doctor -- Reg Error: Key does not exist or could not be opened. File not found
{2EAF5BB1-070F-11D3-9307-00C04FAE2D4F}: Button: Create Mobile Favorite -- %ProgramFiles%\Microsoft ActiveSync\INETREPL.DLL [2004/02/03 13:41:46 | 00,131,155 | ---- | M] (Microsoft Corporation)
{2EAF5BB2-070F-11D3-9307-00C04FAE2D4F}: Menu: Create Mobile Favorite... -- %ProgramFiles%\Microsoft ActiveSync\INETREPL.DLL [2004/02/03 13:41:46 | 00,131,155 | ---- | M] (Microsoft Corporation)
{c95fe080-8f5d-11d2-a20b-00aa003c157a}: Button: @shdoclc.dll,-866 -- %SystemRoot%\Web\related.htm [2002/08/29 04:00:00 | 00,000,654 | ---- | M] ()
{c95fe080-8f5d-11d2-a20b-00aa003c157a}: Menu: @shdoclc.dll,-864 -- %SystemRoot%\Web\related.htm [2002/08/29 04:00:00 | 00,000,654 | ---- | M] ()
{e2e2dd38-d088-4134-82b7-f2ba38496583}: Menu: @xpsp3res.dll,-20001 -- %SystemRoot%\network diagnostic\xpnetdiag.exe [2008/04/13 10:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)
{FB5F1910-F110-11d2-BB9E-00C04F795683}: Button: Messenger -- %ProgramFiles%\Messenger\msmsgs.exe [2008/04/13 16:12:28 | 01,695,232 | ---- | M] (Microsoft Corporation)
{FB5F1910-F110-11d2-BB9E-00C04F795683}: Menu: Windows Messenger -- %ProgramFiles%\Messenger\msmsgs.exe [2008/04/13 16:12:28 | 01,695,232 | ---- | M] (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> %SystemRoot%\system32\msjava.dll [Web Browser Applet Control] -> [2002/08/29 04:00:00 | 00,945,693 | ---- | M] (Microsoft Corporation)
CmdMapping\\{2D663D1A-8670-49D9-A1A5-4C56B4E14E84} [HKLM] -> [Spyware Doctor] -> File not found
CmdMapping\\{2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} [HKLM] -> %ProgramFiles%\Microsoft ActiveSync\INETREPL.DLL [Create Mobile Favorite] -> [2004/02/03 13:41:46 | 00,131,155 | ---- | M] (Microsoft Corporation)
CmdMapping\\{2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} [HKLM] -> %ProgramFiles%\Microsoft ActiveSync\INETREPL.DLL [Create Mobile Favorite...] -> [2004/02/03 13:41:46 | 00,131,155 | ---- | M] (Microsoft Corporation)
CmdMapping\\{c95fe080-8f5d-11d2-a20b-00aa003c157a} [HKLM] -> [@shdoclc.dll,-866] -> File not found
CmdMapping\\{e2e2dd38-d088-4134-82b7-f2ba38496583} [HKLM] -> %SystemRoot%\network diagnostic\xpnetdiag.exe [@xpsp3res.dll,-20001] -> [2008/04/13 10:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)
CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2008/04/13 16:12:28 | 01,695,232 | ---- | M] (Microsoft Corporation)

========== (O12) Internet Explorer Plugins ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\]
PluginsPage: "" = http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s
PluginsPageFriendlyName: "" = Microsoft ActiveX Gallery
Extension\.spop: -- C:\Program Files\Internet Explorer\PLUGINS\NPDocBox.dll [2001/01/30 12:56:24 | 00,225,280 | ---- | M] (InterTrust Technologies Corporation, Inc.)

========== (O13) Default Prefixes ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix]
""=http://

========== (O15) Trusted Sites ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
1 domain(s) and sub-domain(s) not assigned to a zone.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
: msn in My Computer
aol.com\free: http in Local intranet
24 domain(s) and sub-domain(s) not assigned to a zone.

========== (O16) DPF ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\]
{166B1BCA-3F9C-11CF-8075-444553540000}: http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab -- Shockwave ActiveX Control
{233C1507-6A77-46A4-9443-F871F945D258}: http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab -- Shockwave ActiveX Control
{49E67060-2C0D-415E-94C7-52A49F73B2F1}: http://zone.msn.com/bingame/pppp/default/PiratePoppers.1.0.0.39.cab -- CPlayFirstPiratePoppersControl Object
{7E980B9B-8AE5-466A-B6D6-DA8CF814E78A}: http://zone.msn.com/bingame/luxr/default/mjolauncher.cab -- MJLauncherCtrl Class
{8AD9C840-044E-11D1-B3E9-00805F499D93}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab -- Java Plug-in 1.6.0_07
{B8BE5E93-A60C-4D26-A2DC-220313175592}: http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab -- MSN Games - Installer
{BAE1D8DF-0B35-47E3-A1E7-EEB3FF2ECD19}: http://myspace.oberon-media.com/gam...cd/online/Diner_Dash_3/en/ddfotg.1.0.0.37.cab -- CPlayFirstddfotgControl Object
{C86FF4B0-AA1D-46D4-8612-025FB86583C7}: http://zone.msn.com/bingame/jobo/default/AstoundLauncher.cab#version=1,0,0,10 -- AstoundLauncher Control
{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab -- Java Plug-in 1.6.0_03
{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab -- Java Plug-in 1.6.0_05
{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab -- Java Plug-in 1.6.0_07
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab -- Java Plug-in 1.6.0_07
{D0C0F75C-683A-4390-A791-1ACFD5599AB8}: http://games.myspace.com/Gameshell/GameHost/1.0/OberonGameHost.cab -- Oberon Flash Game Host
{D27CDB6E-AE6D-11CF-96B8-444553540000}: http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab -- Shockwave Flash Object
{DC75FEF6-165D-4D25-A518-C8C4BDA7BAA6}: http://myspace.oberon-media.com/gam...5/online/diner_dash/en/DinerDash.1.0.0.80.cab -- CPlayFirstDinerDashControl Object
{DF780F87-FF2B-4DF8-92D0-73DB16A1543A}: http://zone.msn.com/bingame/popcaploader_v10.cab -- PopCapLoader Object
{FFB3A759-98B1-446F-BDA9-909C6EB18CC7}: http://utilities.pcpitstop.com/optimize2/pcpitstop2.dll -- PCPitstop Exam
DirectAnimation Java Classes: file://C:\WINDOWS\Java\classes\dajava.cab -- Reg Error: Key does not exist or could not be opened.
Microsoft XML Parser for Java: file://C:\WINDOWS\Java\classes\xmldso.cab -- Reg Error: Key does not exist or could not be opened.

========== (O17) DNS Name Servers ==========

{0E43E730-3392-4C45-9E3A-62EAB853F739} (Servers: | Description: )
{184F51D8-B677-4C90-BB26-B5742A2D291D} (Servers: | Description: 1394 Net Adapter)

========== (O19) User Style Sheets ==========

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Styles]

========== (O20) AppInit_DLLs ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_Dlls"=karna.datesheet
>[2008/11/02 18:25:59 | 00,006,144 | ---- | M] () -- C:\WINDOWS\system32\karna.dat

========== (O20) Winlogon Notify Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\]
AtiExtEvent: "DllName" = Ati2evxx.dll -- C:\WINDOWS\system32\ati2evxx.dll (ATI Technologies Inc.)
WinCtrl32: "DllName" = WinCtrl32.dll -- C:\WINDOWS\system32\WinCtrl32.dll ()

========== HKLM *SecurityProviders* ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders]
"SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, zwebauth.dll
>[2001/09/18 17:37:34 | 00,016,973 | ---- | M] () -- C:\WINDOWS\system32\ZWebAuth.dll

========== Safeboot Options ==========

"AlternateShell"=cmd.exe

========== CDRom AutoRun Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]
"AutoRun" = 1

========== Autorun Files on Drives ==========

AUTOEXEC.BAT []
[2003/05/08 10:53:30 | 00,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT -- [ NTFS ]

========== Files/Folders - Created Within 30 Days ==========
 
Part 2 of 3:


[9 C:\WINDOWS\*.tmp files]
[2008/11/08 09:59:26 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\nView_Profiles
[2008/11/08 09:35:53 | 00,088,566 | ---- | C] () -- C:\WINDOWS\System32\nvapps.xml
[2008/11/08 09:35:49 | 00,017,056 | ---- | C] () -- C:\WINDOWS\System32\nvdisp.nvu
[2008/11/07 17:53:38 | 00,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmk.sys
[2008/11/07 17:53:38 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wdmaud.drv
[2008/11/07 17:53:38 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksuser.dll
[2008/11/07 17:53:36 | 00,134,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\portcls.sys
[2008/11/07 17:53:36 | 00,045,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\stream.sys
[2008/11/06 15:04:22 | 00,001,779 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Windows Live Messenger.lnk
[2008/11/06 11:53:17 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Dennis\My Documents\SRSWOWHD_1_12_1_0
[2008/11/04 23:01:14 | 00,000,468 | ---- | C] () -- C:\Documents and Settings\Dennis\Desktop\Shortcut to OTViewIt.lnk
[2008/11/04 20:49:48 | 00,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2008/11/04 20:39:58 | 00,150,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winzm.ime
[2008/11/04 20:39:58 | 00,150,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winsp.ime
[2008/11/04 20:39:58 | 00,150,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winpy.ime
[2008/11/04 20:39:57 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wingb.ime
[2008/11/04 20:39:57 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winime.ime
[2008/11/04 20:39:56 | 00,074,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winar30.ime
[2008/11/04 20:39:55 | 00,041,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.dll
[2008/11/04 20:39:55 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.sys
[2008/11/04 20:39:52 | 00,048,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32.dll
[2008/11/04 20:39:51 | 00,426,042 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicepad.dll
[2008/11/04 20:39:51 | 00,086,074 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicesub.dll
[2008/11/04 20:39:47 | 00,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniime.dll
[2008/11/04 20:39:47 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unicdime.ime
[2008/11/04 20:39:46 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe
[2008/11/04 20:39:45 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmigrate.dll
[2008/11/04 20:39:44 | 00,574,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlgnt.ime
[2008/11/04 20:39:44 | 00,455,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintsetp.exe
[2008/11/04 20:39:44 | 00,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\thawbrkr.dll
[2008/11/04 20:39:44 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlphr.exe
[2008/11/04 20:39:43 | 00,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdipx.sys
[2008/11/04 20:39:43 | 00,019,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdspx.sys
[2008/11/04 20:39:43 | 00,013,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdasync.sys
[2008/11/04 20:39:39 | 00,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusbusd.dll
[2008/11/04 20:39:37 | 00,143,422 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\softkey.dll
[2008/11/04 20:39:36 | 00,182,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpsmir.dll
[2008/11/04 20:39:36 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpthrd.dll
[2008/11/04 20:39:36 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpstup.dll
[2008/11/04 20:39:36 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmptrap.exe
[2008/11/04 20:39:36 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll
[2008/11/04 20:39:36 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpmib.dll
[2008/11/04 20:39:35 | 00,431,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpsvc.dll
[2008/11/04 20:39:35 | 00,345,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpincl.dll
[2008/11/04 20:39:35 | 00,246,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpcl.dll
[2008/11/04 20:39:35 | 00,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmp.exe
[2008/11/04 20:39:34 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsm.dll
[2008/11/04 20:39:34 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll
[2008/11/04 20:39:34 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpapi.dll
[2008/11/04 20:39:34 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smimsgif.dll
[2008/11/04 20:39:34 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsy.dll
[2008/11/04 20:39:33 | 00,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smi2smir.exe
[2008/11/04 20:39:33 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm9aw.dll
[2008/11/04 20:39:33 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb6w.dll
[2008/11/04 20:39:33 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma3w.dll
[2008/11/04 20:39:33 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm93w.dll
[2008/11/04 20:39:33 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm92w.dll
[2008/11/04 20:39:32 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm87w.dll
[2008/11/04 20:39:32 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm81w.dll
[2008/11/04 20:39:32 | 00,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8cw.dll
[2008/11/04 20:39:32 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm90w.dll
[2008/11/04 20:39:32 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8dw.dll
[2008/11/04 20:39:32 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8aw.dll
[2008/11/04 20:39:32 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm89w.dll
[2008/11/04 20:39:31 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm59w.dll
[2008/11/04 20:39:31 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\simptcp.dll
[2008/11/04 20:39:26 | 00,205,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seo.dll
[2008/11/04 20:39:26 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seos.dll
[2008/11/04 20:39:25 | 00,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_scripto.dll
[2008/11/04 20:39:24 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_rwnh.dll
[2008/11/04 20:39:23 | 00,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2008/11/04 20:39:23 | 00,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2008/11/04 20:39:23 | 00,026,624 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll
[2008/11/04 20:39:23 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rw001ext.dll
[2008/11/04 20:39:21 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\romanime.ime
[2008/11/04 20:39:20 | 00,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe
[2008/11/04 20:39:20 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe
[2008/11/04 20:39:18 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quick.ime
[2008/11/04 20:39:18 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quser.exe
[2008/11/04 20:39:17 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe
[2008/11/04 20:39:15 | 00,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxviceo.dll
[2008/11/04 20:39:15 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmigrate.dll
[2008/11/04 20:39:15 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxmcro.dll
[2008/11/04 20:39:15 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxgl.dll
[2008/11/04 20:39:14 | 00,479,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlgnt.ime
[2008/11/04 20:39:14 | 00,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2008/11/04 20:39:14 | 00,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlphr.exe
[2008/11/04 20:39:14 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlcsd.dll
[2008/11/04 20:39:13 | 00,075,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phon.ime
[2008/11/04 20:39:12 | 00,036,927 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs411.dll
[2008/11/04 20:39:12 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs404.dll
[2008/11/04 20:39:12 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs804.dll
[2008/11/04 20:39:12 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs412.dll
[2008/11/04 20:39:07 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll
[2008/11/04 20:39:01 | 00,229,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\multibox.dll
[2008/11/04 20:39:01 | 00,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtstocom.exe
[2008/11/04 20:38:55 | 01,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.lex
[2008/11/04 20:38:55 | 00,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.dll
[2008/11/04 20:38:48 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migregdb.exe
[2008/11/04 20:38:47 | 00,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.sys
[2008/11/04 20:38:47 | 00,092,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.dll
[2008/11/04 20:38:46 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll
[2008/11/04 20:38:45 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lpdsvc.dll
[2008/11/04 20:38:45 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lprmon.dll
[2008/11/04 20:38:44 | 00,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lmmib2.dll
[2008/11/04 20:38:43 | 01,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2008/11/04 20:38:43 | 00,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\korwbrkr.dll
[2008/11/04 20:38:43 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdvntc.dll
[2008/11/04 20:38:42 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth3.dll
[2008/11/04 20:38:42 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth2.dll
[2008/11/04 20:38:42 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdusa.dll
[2008/11/04 20:38:42 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdurdu.dll
[2008/11/04 20:38:41 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth1.dll
[2008/11/04 20:38:41 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth0.dll
[2008/11/04 20:38:41 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr2.dll
[2008/11/04 20:38:41 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr1.dll
[2008/11/04 20:38:40 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecat.dll
[2008/11/04 20:38:40 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecnt.dll
[2008/11/04 20:38:40 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnec95.dll
[2008/11/04 20:38:40 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41j.dll
[2008/11/04 20:38:39 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41a.dll
[2008/11/04 20:38:39 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinpun.dll
[2008/11/04 20:38:39 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintel.dll
[2008/11/04 20:38:39 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintam.dll
[2008/11/04 20:38:39 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinmar.dll
[2008/11/04 20:38:38 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinkan.dll
[2008/11/04 20:38:38 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinhin.dll
[2008/11/04 20:38:38 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinguj.dll
[2008/11/04 20:38:38 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdindev.dll
[2008/11/04 20:38:37 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdibm02.dll
[2008/11/04 20:38:37 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdheb.dll
[2008/11/04 20:38:37 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgeo.dll
[2008/11/04 20:38:36 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdfa.dll
[2008/11/04 20:38:36 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv2.dll
[2008/11/04 20:38:36 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv1.dll
[2008/11/04 20:38:35 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdax2.dll
[2008/11/04 20:38:35 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda3.dll
[2008/11/04 20:38:35 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda2.dll
[2008/11/04 20:38:35 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarmw.dll
[2008/11/04 20:38:35 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarme.dll
[2008/11/04 20:38:34 | 00,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jupiw.dll
[2008/11/04 20:38:34 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd106n.dll
[2008/11/04 20:38:34 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101a.dll
[2008/11/04 20:38:34 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101.dll
[2008/11/04 20:38:34 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda1.dll
[2008/11/04 20:38:32 | 00,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iprip.dll
[2008/11/04 20:38:31 | 00,471,102 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskdic.dll
[2008/11/04 20:38:31 | 00,315,452 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskf.dll
[2008/11/04 20:38:31 | 00,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2008/11/04 20:38:30 | 00,274,490 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputyc.dll
[2008/11/04 20:38:30 | 00,262,201 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputy.exe
[2008/11/04 20:38:30 | 00,102,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imlang.dll
[2008/11/04 20:38:30 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imkrinst.exe
[2008/11/04 20:38:30 | 00,045,109 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpuex.exe
[2008/11/04 20:38:29 | 00,233,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjprw.exe
[2008/11/04 20:38:29 | 00,208,953 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpmig.exe
[2008/11/04 20:38:29 | 00,196,666 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2008/11/04 20:38:29 | 00,155,706 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdsvr.exe
[2008/11/04 20:38:28 | 00,716,857 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcus.dll
[2008/11/04 20:38:28 | 00,360,494 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcic.dll
[2008/11/04 20:38:28 | 00,307,258 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.exe
[2008/11/04 20:38:28 | 00,081,977 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.dll
[2008/11/04 20:38:28 | 00,057,398 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdadm.exe
[2008/11/04 20:38:27 | 00,827,438 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81k.dll
[2008/11/04 20:38:27 | 00,340,013 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81.ime
[2008/11/04 20:38:27 | 00,311,359 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsv.exe
[2008/11/04 20:38:27 | 00,102,463 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsm.dll
[2008/11/04 20:38:26 | 00,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2008/11/04 20:38:26 | 00,099,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrcic.dll
[2008/11/04 20:38:26 | 00,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekr61.ime
[2008/11/04 20:38:26 | 00,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmbx.dll
[2008/11/04 20:38:26 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmig.exe
[2008/11/04 20:38:20 | 10,129,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxkor.dll
[2008/11/04 20:38:14 | 13,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2008/11/04 20:38:09 | 10,096,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxcht.dll
[2008/11/04 20:38:09 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hostmib.dll
[2008/11/04 20:38:07 | 00,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2008/11/04 20:38:07 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hanjadic.dll
[2008/11/04 20:38:06 | 00,395,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsxp32.dll
[2008/11/04 20:38:06 | 00,391,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxstiff.dll
[2008/11/04 20:38:06 | 00,236,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxst30.dll
[2008/11/04 20:38:06 | 00,185,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxswzrd.dll
[2008/11/04 20:38:06 | 00,149,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsui.dll
[2008/11/04 20:38:05 | 00,559,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsst.dll
[2008/11/04 20:38:05 | 00,250,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssvc.exe
[2008/11/04 20:38:05 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsroute.dll
[2008/11/04 20:38:05 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssend.exe
[2008/11/04 20:38:05 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsperf.dll
[2008/11/04 20:38:05 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsres.dll
[2008/11/04 20:38:04 | 00,271,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscomex.dll
[2008/11/04 20:38:04 | 00,216,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscover.exe
[2008/11/04 20:38:04 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsevent.dll
[2008/11/04 20:38:04 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsdrv.dll
[2008/11/04 20:38:04 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsmon.dll
[2008/11/04 20:38:04 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsext32.dll
[2008/11/04 20:38:03 | 00,443,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsapi.dll
[2008/11/04 20:38:03 | 00,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclntr.dll
[2008/11/04 20:38:03 | 00,130,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclnt.exe
[2008/11/04 20:38:03 | 00,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscfgwz.dll
[2008/11/04 20:38:03 | 00,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscom.dll
[2008/11/04 20:38:02 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftlx041e.dll
[2008/11/04 20:38:00 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll
[2008/11/04 20:38:00 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe
[2008/11/04 20:38:00 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\f3ahvoas.dll
[2008/11/04 20:37:59 | 00,096,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntagnt.dll
[2008/11/04 20:37:59 | 00,084,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntwin.exe
[2008/11/04 20:37:59 | 00,045,056 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll
[2008/11/04 20:37:59 | 00,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\et4000.sys
[2008/11/04 20:37:59 | 00,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntcmd.exe
[2008/11/04 20:37:58 | 00,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll
[2008/11/04 20:37:58 | 00,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll
[2008/11/04 20:37:52 | 00,074,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dayi.ime
[2008/11/04 20:37:51 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cprofile.exe
[2008/11/04 20:37:50 | 00,057,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cplexe.exe
[2008/11/04 20:37:48 | 00,480,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintsetp.exe
[2008/11/04 20:37:48 | 00,201,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintime.dll
[2008/11/04 20:37:48 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintlgnt.ime
[2008/11/04 20:37:47 | 00,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtbrkr.dll
[2008/11/04 20:37:47 | 00,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2008/11/04 20:37:47 | 00,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtmbx.dll
[2008/11/04 20:37:47 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtskdic.dll
[2008/11/04 20:37:46 | 01,677,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chsbrkr.dll
[2008/11/04 20:37:46 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgport.exe
[2008/11/04 20:37:46 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgusr.exe
[2008/11/04 20:37:45 | 00,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chajei.ime
[2008/11/04 20:37:45 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chglogon.exe
[2008/11/04 20:37:45 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\change.exe
[2008/11/04 20:37:44 | 00,218,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_g18030.dll
[2008/11/04 20:37:44 | 00,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2008/11/04 20:37:44 | 00,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_iscii.dll
[2008/11/04 20:37:44 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_is2022.dll
[2008/11/04 20:37:32 | 00,312,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqueue.dll
[2008/11/04 20:37:31 | 00,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll
[2008/11/04 20:37:31 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0804.dll
[2008/11/04 20:37:31 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0412.dll
[2008/11/04 20:37:31 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0411.dll
[2008/11/04 20:37:30 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt040d.dll
[2008/11/04 20:37:30 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0404.dll
[2008/11/04 20:37:30 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0401.dll
[2008/11/04 20:37:29 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll
[2008/11/04 20:37:23 | 02,134,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpsnap.dll
[2008/11/04 20:37:23 | 00,175,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpadm.dll
[2008/11/04 20:36:04 | 00,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2008/11/04 20:36:04 | 00,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2008/11/04 20:34:00 | 00,106,562 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srchctls.dll
[2008/11/04 20:33:59 | 03,346,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msgr3en.dll
[2008/11/04 20:33:55 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoobe.exe
[2008/11/04 20:33:55 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobshel.dll
[2008/11/04 20:33:55 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobweb.dll
[2008/11/04 20:33:55 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobdl.dll
[2008/11/04 20:33:53 | 00,348,160 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msinfo.dll
[2008/11/04 20:33:53 | 00,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uploadm.exe
[2008/11/04 20:33:53 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrslv.dll
[2008/11/04 20:33:53 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\safrslv.dll
[2008/11/04 20:33:53 | 00,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrcdlg.dll
[2008/11/04 20:33:53 | 00,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\safrcdlg.dll
[2008/11/04 20:33:53 | 00,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\racpldlg.dll
[2008/11/04 20:33:53 | 00,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\racpldlg.dll
[2008/11/04 20:33:53 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrdm.dll
[2008/11/04 20:33:53 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\safrdm.dll
[2008/11/04 20:33:50 | 00,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wabimp.dll
[2008/11/04 20:33:50 | 00,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\directdb.dll
[2008/11/04 20:33:50 | 00,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\confmrsl.dll
[2008/11/04 20:33:50 | 00,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab.exe
[2008/11/04 20:33:50 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mnmsrvc.exe
[2008/11/04 20:33:50 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mnmsrvc.exe
[2008/11/04 20:33:50 | 00,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wabfind.dll
[2008/11/04 20:33:50 | 00,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wabmig.exe
[2008/11/04 20:33:49 | 02,479,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoeres.dll
[2008/11/04 20:33:49 | 00,092,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oeimport.dll
[2008/11/04 20:33:49 | 00,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetres.dll
[2008/11/04 20:33:49 | 00,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetres.dll
[2008/11/04 20:33:48 | 00,266,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcfg.dll
[2008/11/04 20:33:48 | 00,266,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcfg.dll
[2008/11/04 20:33:48 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\isign32.dll
[2008/11/04 20:33:48 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isign32.dll
[2008/11/04 20:33:48 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwdial.dll
[2008/11/04 20:33:48 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwdial.dll
[2008/11/04 20:33:48 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwphbk.dll
[2008/11/04 20:33:48 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwphbk.dll
[2008/11/04 20:33:48 | 00,055,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oemig50.exe
[2008/11/04 20:33:48 | 00,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oemiglib.dll
[2008/11/04 20:33:47 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwres.dll
[2008/11/04 20:33:47 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trialoc.dll
[2008/11/04 20:33:47 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwrmind.exe
[2008/11/04 20:33:47 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwdl.dll
[2008/11/04 20:33:46 | 00,557,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dao360.dll
[2008/11/04 20:33:46 | 00,155,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwhelp.dll
[2008/11/04 20:33:46 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwconn2.exe
[2008/11/04 20:33:46 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwtutor.exe
[2008/11/04 20:33:46 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwconn.dll
[2008/11/04 20:33:46 | 00,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwutil.dll
[2008/11/04 20:33:46 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetwiz.exe
[2008/11/04 20:33:46 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isignup.exe
[2008/11/04 20:33:45 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oledb32r.dll
[2008/11/04 20:33:45 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msader15.dll
[2008/11/04 20:33:45 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdasqlr.dll
[2008/11/04 20:33:45 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaorar.dll
[2008/11/04 20:33:44 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msaddsr.dll
[2008/11/04 20:33:44 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaremr.dll
[2008/11/04 20:33:44 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaprsr.dll
[2008/11/04 20:33:44 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcor.dll
[2008/11/04 20:33:44 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcfr.dll
[2008/11/04 20:33:43 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcer.dll
[2008/11/04 20:33:42 | 00,802,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vgx.dll
[2008/11/04 20:33:42 | 00,798,782 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srchui.dll
[2008/11/04 20:33:41 | 00,294,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dlimport.exe
[2008/11/04 20:33:40 | 00,806,969 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\moviemk.exe
[2008/11/04 20:33:40 | 00,221,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qmgr.dll
[2008/11/04 20:33:40 | 00,221,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qmgr.dll
[2008/11/04 20:33:40 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qmgrprxy.dll
[2008/11/04 20:33:40 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qmgrprxy.dll
[2008/11/04 20:33:39 | 00,536,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobmain.dll
[2008/11/04 20:33:39 | 00,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobcomm.dll
[2008/11/04 20:33:39 | 00,049,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oobebaln.exe
[2008/11/04 20:33:38 | 00,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pchsvc.dll
[2008/11/04 20:33:37 | 00,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pchshell.dll
[2008/11/04 20:33:36 | 00,145,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msconfig.exe
[2008/11/04 20:33:35 | 00,742,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpctr.exe
[2008/11/04 20:33:35 | 00,703,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe
[2008/11/04 20:33:35 | 00,370,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rstrui.exe
[2008/11/04 20:33:34 | 00,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srrstr.dll
[2008/11/04 20:33:34 | 00,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srrstr.dll
[2008/11/04 20:33:34 | 00,217,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npdrmv2.dll
[2008/11/04 20:33:34 | 00,158,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srsvc.dll
[2008/11/04 20:33:34 | 00,158,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srsvc.dll
[2008/11/04 20:33:34 | 00,069,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sr.sys
[2008/11/04 20:33:34 | 00,069,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sr.sys
[2008/11/04 20:33:34 | 00,063,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srclient.dll
[2008/11/04 20:33:34 | 00,063,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srclient.dll
 
You must log in or register to reply here.
Back
Top