I believe I have a hijack virus

J

j_ringo5

New member
When I do a google search, my results get redirected. There is aa09.r.google.com/?... appended to each of the resulting links.

Here is the dds log.


DDS (Ver_10-12-12.02) - NTFSx86
Run by Jon at 21:46:21.45 on Thu 02/03/2011
Internet Explorer: 7.0.5730.13
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2038.1520 [GMT -5:00]

AV: Panda Cloud Antivirus *Enabled/Updated* {5AD27692-540A-464E-B625-78275FA38393}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe
C:\Documents and Settings\All Users\Application Data\Panda Security URL Filtering\Panda_URL_Filtering.exe
C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe
C:\Program Files\TrojanHunter 5.3\THGuard.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Documents and Settings\Jon\Desktop\downloads\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com/
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\stsystra.exe
mRun: [Broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe
mRun: [Dell QuickSet] c:\program files\dell\quickset\quickset.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [PSUNMain] "c:\program files\panda security\panda cloud antivirus\PSUNMain.exe" /Traybar
mRun: [Panda Security URL Filtering] "c:\documents and settings\all users\application data\panda security url filtering\Panda_URL_Filtering.exe"
mRun: [THGuard] "c:\program files\trojanhunter 5.3\THGuard.exe"
dRunOnce: [nltide_2] regsvr32 /s /n /i:U shell32
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\winzip~1.lnk - c:\program files\winzip\WZQKPICK.EXE
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1296771899843
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\wpdshserviceobj.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\jon\applic~1\mozilla\firefox\profiles\5cm2omqa.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=panda&type=PCAFSI1190&p=
FF - prefs.js: network.proxy.type - 0
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

============= SERVICES / DRIVERS ===============

R1 PSINKNC;PSINKNC;c:\windows\system32\drivers\PSINKNC.sys [2010-12-16 130376]
R2 NanoServiceMain;Panda Cloud Antivirus Service;c:\program files\panda security\panda cloud antivirus\PSANHost.exe [2010-12-16 140608]
R2 PSINAflt;PSINAflt;c:\windows\system32\drivers\PSINAflt.sys [2010-12-16 141768]
R2 PSINFile;PSINFile;c:\windows\system32\drivers\PSINFile.sys [2010-12-16 97352]
R2 PSINProc;PSINProc;c:\windows\system32\drivers\PSINProc.sys [2010-12-16 111944]
R2 PSINProt;PSINProt;c:\windows\system32\drivers\PSINProt.sys [2010-12-16 113096]

=============== Created Last 30 ================

2011-02-04 00:40:42 -------- d-----w- c:\program files\Spybot - Search & Destroy
2011-02-04 00:40:42 -------- d-----w- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy
2011-02-04 00:39:21 -------- d-----w- c:\docume~1\jon\applic~1\TrojanHunter
2011-02-04 00:17:01 -------- d-----w- c:\docume~1\alluse~1\applic~1\TrojanHunter
2011-02-04 00:16:55 -------- d-----w- c:\program files\TrojanHunter 5.3
2011-02-04 00:12:22 -------- d-----w- c:\program files\ToniArts
2011-02-03 23:38:30 -------- d-----w- c:\docume~1\jon\applic~1\Panda Security
2011-02-03 23:37:38 -------- d-----w- c:\docume~1\jon\locals~1\applic~1\panda2_0dn
2011-02-03 23:37:37 -------- d-----w- c:\docume~1\alluse~1\applic~1\Panda Security URL Filtering
2011-02-03 23:37:05 -------- d-----w- c:\program files\Panda Security
2011-02-03 23:37:05 -------- d-----w- c:\docume~1\alluse~1\applic~1\Panda Security
2011-02-03 23:32:42 428352 ----a-w- c:\program files\mozilla firefox\StubInstaller.exe
2011-02-03 23:10:54 2189952 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe
2011-02-03 23:10:54 2146304 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2011-02-03 23:10:54 2066816 -c----w- c:\windows\system32\dllcache\ntkrnlpa.exe
2011-02-03 23:10:54 2024448 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2011-02-03 23:07:58 455680 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2011-02-03 22:37:44 26488 ----a-w- c:\windows\system32\spupdsvc.exe
2011-02-03 22:37:44 -------- d-----w- c:\windows\system32\PreInstall
2011-02-03 22:25:49 21728 ----a-w- c:\windows\system32\wucltui.dll.mui
2011-02-03 22:25:49 17632 ----a-w- c:\windows\system32\wuaueng.dll.mui
2011-02-03 22:25:49 15072 ----a-w- c:\windows\system32\wuaucpl.cpl.mui
2011-02-03 22:25:48 15064 ----a-w- c:\windows\system32\wuapi.dll.mui
2011-02-03 22:25:48 -------- d-----w- c:\windows\system32\SoftwareDistribution
2011-02-03 22:12:46 -------- d-----w- c:\docume~1\jon\applic~1\Malwarebytes
2011-02-03 22:12:40 -------- d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes
2011-02-03 21:50:11 -------- d-----w- c:\docume~1\alluse~1\applic~1\Alwil Software
2011-02-03 21:22:14 172032 ----a-w- c:\windows\system32\igfxres.dll
2011-02-03 21:09:36 216800 ----a-w- c:\windows\system32\drivers\SynTP.sys
2011-02-03 21:09:36 196608 ----a-w- c:\windows\system32\SynCtrl.dll
2011-02-03 21:09:36 163840 ----a-w- c:\windows\system32\SynCOM.dll
2011-02-03 21:09:36 147456 ----a-w- c:\windows\system32\SynTPAPI.dll
2011-02-03 21:09:36 110592 ----a-w- c:\windows\system32\SynTPCo4.dll
2011-02-03 21:09:36 -------- d-----w- c:\program files\Synaptics
2011-02-03 21:08:52 77824 ----a-w- c:\program files\common files\installshield\engine\6\intel 32\ctor.dll
2011-02-03 21:08:52 32768 ----a-w- c:\program files\common files\installshield\engine\6\intel 32\objectps.dll
2011-02-03 21:08:52 225280 ----a-w- c:\program files\common files\installshield\iscript\iscript.dll
2011-02-03 21:08:52 176128 ----a-w- c:\program files\common files\installshield\engine\6\intel 32\iuser.dll
2011-02-03 21:08:51 614532 ----a-w- c:\program files\common files\installshield\engine\6\intel 32\IKernel.exe
2011-02-03 21:08:37 -------- d-----w- c:\docume~1\jon\applic~1\Dell
2011-02-03 21:08:19 16128 ----a-w- c:\windows\system32\drivers\APPDRV.SYS
2011-02-03 21:07:43 -------- d-----w- c:\windows\Downloaded Installations
2011-02-03 21:06:04 -------- d-----w- c:\windows\system32\ReinstallBackups
2011-02-03 21:05:51 -------- d-----w- C:\Intel

==================== Find3M ====================

2010-12-16 23:39:53 365888 ----a-w- c:\windows\system32\PSUNCpl.cpl
2010-11-18 18:12:44 81920 ----a-w- c:\windows\system32\isign32.dll
2010-11-09 14:52:35 249856 ----a-w- c:\windows\system32\odbc32.dll

============= FINISH: 21:46:46.60 ===============
 
:snwelcome:


Please read Before You Post
While best efforts are made to assist in removing infections safely, unexpected stuff can happen. It is advisable that you back up your important data before starting any clean up procedure. Neither Safer Networking Forums nor the Analyst providing the advice may be held responsible for any loss.

Until we deem your system clean I am going to ask you not to install or uninstall any software or hardware except for the programs we may run.





Please download Malwarebytes from Here or Here

  • Double-click mbam-setup.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform quick scan, then click Scan.
    MBAMCapture.jpg
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected .
  • When completed, a log will open in Notepad. Please save it to a convenient location and post the results.
  • Note: If you receive a notice that some of the items couldn't be removed, that they have been added to the delete on reboot list, please reboot.
Post the report please







OTL by OldTimer
  • Download OTL to your desktop.
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • Check the boxes beside LOP Check and Purity Check.
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt.
      Note:These logs can be located in the OTL. folder on you C:\ drive if they fail to open automatically.
    • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply. You may need two posts to fit them both in.
 
Thanks for your help

I ran mbam and nothing was found. Here are the results.

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 5679

Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13

2/4/2011 2:56:33 PM
mbam-log-2011-02-04 (14-56-33).txt

Scan type: Quick scan
Objects scanned: 125797
Time elapsed: 1 minute(s), 41 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
 
thanks for your help

Here are the contents of the extras.txt from OTL:

OTL Extras logfile created on: 2/4/2011 2:59:45 PM - Run 1
OTL by OldTimer - Version 3.2.20.6 Folder = C:\Documents and Settings\Jon\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 76.00% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 93.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232.88 Gb Total Space | 225.22 Gb Free Space | 96.71% Space Free | Partition Type: NTFS

Computer Name: MAXAMELIA | User Name: Jon | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{612B9183-67A9-4B44-9877-2F059E35B86A}" = Broadcom 440x 10/100 Integrated Controller
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{C5074CC4-0E26-4716-A307-960272A90040}" = QuickSet
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240C0}" = WinZip 15.0
"{F5346614-B7C4-4E94-826A-E2363155233D}" = EasyCleaner
"{FEB2D0CA-9912-4AA1-8FBE-CFD852F9F1FC}" = Panda Cloud Antivirus
"4569969E1360D2854474C661EF9B4D54F143EB16" = Windows Driver Package - Ricoh Company (rimsptsk) hdc (11/14/2006 6.00.01.04)
"Broadcom 802.11b Network Adapter" = Dell Wireless WLAN Card Utility
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"Panda Cloud Antivirus" = Panda Cloud Antivirus
"Panda Security URL Filtering" = Panda Security URL Filtering
"SynTPDeinstKey" = Dell Touchpad
"TrojanHunter_is1" = TrojanHunter 5.3

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 2/3/2011 8:17:14 PM | Computer Name = MAXAMELIA | Source = Application Hang | ID = 1002
Description = Hanging application EasyClea.exe, version 2.0.6.380, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

[ System Events ]
Error - 2/3/2011 7:21:10 PM | Computer Name = MAXAMELIA | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.

Error - 2/3/2011 7:21:12 PM | Computer Name = MAXAMELIA | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.

Error - 2/3/2011 7:21:14 PM | Computer Name = MAXAMELIA | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.


< End of report >
 
otl 1

OTL logfile created on: 2/4/2011 2:59:45 PM - Run 1
OTL by OldTimer - Version 3.2.20.6 Folder = C:\Documents and Settings\Jon\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 76.00% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 93.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232.88 Gb Total Space | 225.22 Gb Free Space | 96.71% Space Free | Partition Type: NTFS

Computer Name: MAXAMELIA | User Name: Jon | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\Jon\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Documents and Settings\All Users\Application Data\Panda Security URL Filtering\Panda_URL_Filtering.exe (Panda Security)
PRC - C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe (Panda Security, S.L.)
PRC - C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe (Panda Security, S.L.)
PRC - C:\Program Files\WinZip\WZQKPICK.EXE (WinZip Computing, S.L.)
PRC - C:\Program Files\TrojanHunter 5.3\THGuard.exe (Mischel Internet Security)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
PRC - C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe (SigmaTel, Inc.)


========== Modules (SafeList) ==========

MOD - C:\Documents and Settings\Jon\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Documents and Settings\All Users\Application Data\Panda Security URL Filtering\Panda_URL_Filtering.dll (Panda Security)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV - (HidServ) -- File not found
SRV - (NanoServiceMain) -- C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe (Panda Security, S.L.)


========== Driver Services (SafeList) ==========

DRV - (PSINProt) -- C:\WINDOWS\system32\drivers\PSINProt.sys (Panda Security, S.L.)
DRV - (PSINProc) -- C:\WINDOWS\system32\drivers\PSINProc.sys (Panda Security, S.L.)
DRV - (PSINKNC) -- C:\WINDOWS\system32\drivers\PSINKNC.sys (Panda Security, S.L.)
DRV - (PSINFile) -- C:\WINDOWS\system32\drivers\PSINFile.sys (Panda Security, S.L.)
DRV - (PSINAflt) -- C:\WINDOWS\system32\drivers\PSINAflt.sys (Panda Security, S.L.)
DRV - (BCM43XX) -- C:\WINDOWS\system32\drivers\BCMWL5.SYS (Broadcom Corporation)
DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows (R) Server 2003 DDK provider)
DRV - (SynTP) -- C:\WINDOWS\system32\drivers\SynTP.sys (Synaptics, Inc.)
DRV - (ialm) -- C:\WINDOWS\system32\drivers\igxpmp32.sys (Intel Corporation)
DRV - (STHDA) -- C:\WINDOWS\system32\drivers\sthda.sys (SigmaTel, Inc.)
DRV - (bcm4sbxp) -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys (Broadcom Corporation)
DRV - (rimmptsk) -- C:\WINDOWS\system32\drivers\rimmptsk.sys (REDC)
DRV - (rimsptsk) -- C:\WINDOWS\system32\drivers\rimsptsk.sys (REDC)
DRV - (rismxdp) -- C:\WINDOWS\system32\drivers\rixdptsk.sys (REDC)
DRV - (APPDRV) -- C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS (Dell Inc)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.startup.homepage: "http://www.bing.com"
FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=panda&type=PCAFSI1190&p="
FF - prefs.js..network.proxy.type: 0

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/02/03 17:18:30 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/02/03 17:18:22 | 000,000,000 | ---D | M]

[2011/02/03 17:18:36 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jon\Application Data\Mozilla\Extensions
[2011/02/03 18:54:07 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jon\Application Data\Mozilla\Firefox\Profiles\5cm2omqa.default\extensions
[2011/02/03 17:18:22 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

O1 HOSTS File: ([2001/08/23 08:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O4 - HKLM..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
O4 - HKLM..\Run: [Panda Security URL Filtering] C:\Documents and Settings\All Users\Application Data\Panda Security URL Filtering\Panda_URL_Filtering.exe (Panda Security)
O4 - HKLM..\Run: [PSUNMain] C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe (Panda Security, S.L.)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [THGuard] C:\Program Files\TrojanHunter 5.3\THGuard.exe (Mischel Internet Security)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE (WinZip Computing, S.L.)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1296771899843 (WUWebControl Class)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/02/03 15:37:23 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/02/04 14:57:57 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Jon\Desktop\OTL.exe
[2011/02/04 14:52:06 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/02/04 14:52:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/02/04 14:52:02 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/02/04 14:52:02 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/02/03 21:45:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\WinZip
[2011/02/03 21:45:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2011/02/03 21:45:32 | 000,000,000 | ---D | C] -- C:\Program Files\WinZip
[2011/02/03 19:40:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Spybot - Search & Destroy
[2011/02/03 19:40:42 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2011/02/03 19:40:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2011/02/03 19:39:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jon\Application Data\TrojanHunter
[2011/02/03 19:17:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\TrojanHunter
[2011/02/03 19:17:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TrojanHunter
[2011/02/03 19:16:55 | 000,000,000 | ---D | C] -- C:\Program Files\TrojanHunter 5.3
[2011/02/03 19:15:51 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Jon\Recent
[2011/02/03 19:12:22 | 000,000,000 | ---D | C] -- C:\Program Files\ToniArts
[2011/02/03 19:12:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\EasyCleaner
[2011/02/03 18:38:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jon\Application Data\Panda Security
[2011/02/03 18:37:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jon\Local Settings\Application Data\panda2_0dn
[2011/02/03 18:37:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Panda Security URL Filtering
[2011/02/03 18:37:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Panda Cloud Antivirus
[2011/02/03 18:37:05 | 000,000,000 | ---D | C] -- C:\Program Files\Panda Security
[2011/02/03 18:37:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Panda Security
[2011/02/03 18:20:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie7updates
[2011/02/03 18:10:54 | 002,189,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe
[2011/02/03 18:10:54 | 002,146,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe
[2011/02/03 18:10:54 | 002,066,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlpa.exe
[2011/02/03 18:10:54 | 002,024,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe
[2011/02/03 18:07:58 | 000,455,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys
[2011/02/03 17:37:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2011/02/03 17:37:44 | 000,026,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spupdsvc.exe
[2011/02/03 17:37:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2011/02/03 17:36:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jon\Desktop\Resume
[2011/02/03 17:25:49 | 000,044,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wups2.dll
[2011/02/03 17:25:49 | 000,021,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll.mui
[2011/02/03 17:25:48 | 000,015,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll.mui
[2011/02/03 17:25:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2011/02/03 17:18:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jon\My Documents\Downloads
[2011/02/03 17:18:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jon\Local Settings\Application Data\Mozilla
[2011/02/03 17:18:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jon\Application Data\Mozilla
[2011/02/03 17:18:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox
[2011/02/03 17:18:21 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2011/02/03 17:12:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jon\Application Data\Malwarebytes
[2011/02/03 17:12:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/02/03 16:50:11 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2011/02/03 16:50:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2011/02/03 16:22:14 | 000,172,032 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxres.dll
[2011/02/03 16:20:47 | 000,122,880 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxcpl.cpl
[2011/02/03 16:20:46 | 005,707,744 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\drivers\igxpmp32.sys
[2011/02/03 16:20:46 | 003,293,184 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxress.dll
[2011/02/03 16:20:46 | 002,556,928 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igxpdx32.dll
[2011/02/03 16:20:46 | 002,383,872 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\ig4icd32.dll
[2011/02/03 16:20:46 | 000,535,320 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxcfg.exe
[2011/02/03 16:20:46 | 000,204,800 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxdev.dll
[2011/02/03 16:20:46 | 000,200,704 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxpph.dll
[2011/02/03 16:20:46 | 000,188,416 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrita.lrc
[2011/02/03 16:20:46 | 000,184,320 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrfra.lrc
[2011/02/03 16:20:46 | 000,180,224 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrptb.lrc
[2011/02/03 16:20:46 | 000,172,032 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrenu.lrc
[2011/02/03 16:20:46 | 000,170,776 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxzoom.exe
[2011/02/03 16:20:46 | 000,149,504 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igxpgd32.dll
[2011/02/03 16:20:46 | 000,126,976 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrkor.lrc
[2011/02/03 16:20:46 | 000,102,400 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\hccutils.dll
[2011/02/03 16:20:46 | 000,057,344 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igxprd32.dll
[2011/02/03 16:20:46 | 000,047,616 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxsrvc.dll
[2011/02/03 16:20:45 | 001,612,480 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igxpdv32.dll
[2011/02/03 16:20:45 | 001,486,848 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\ig4dev32.dll
[2011/02/03 16:20:45 | 000,192,512 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrdeu.lrc
[2011/02/03 16:20:45 | 000,188,416 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxresp.lrc
[2011/02/03 16:20:45 | 000,166,680 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxext.exe
[2011/02/03 16:20:45 | 000,135,168 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxdo.dll
[2011/02/03 16:20:45 | 000,131,072 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrjpn.lrc
[2011/02/03 16:20:45 | 000,110,592 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrcht.lrc
[2011/02/03 16:20:45 | 000,110,592 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrchs.lrc
[2011/02/03 16:20:45 | 000,024,576 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxexps.dll
[2011/02/03 16:20:43 | 000,400,152 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\igxpun.exe
[2011/02/03 16:20:43 | 000,319,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\difxapi.dll
[2011/02/03 16:20:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Lang
[2011/02/03 16:18:19 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC
[2011/02/03 16:13:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jon\Desktop\downloads
[2011/02/03 16:13:22 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011/02/03 16:09:36 | 000,216,800 | ---- | C] (Synaptics, Inc.) -- C:\WINDOWS\System32\drivers\SynTP.sys
[2011/02/03 16:09:36 | 000,196,608 | ---- | C] (Synaptics, Inc.) -- C:\WINDOWS\System32\SynCtrl.dll
[2011/02/03 16:09:36 | 000,163,840 | ---- | C] (Synaptics, Inc.) -- C:\WINDOWS\System32\SynCOM.dll
[2011/02/03 16:09:36 | 000,147,456 | ---- | C] (Synaptics, Inc.) -- C:\WINDOWS\System32\SynTPAPI.dll
[2011/02/03 16:09:36 | 000,110,592 | ---- | C] (Synaptics, Inc.) -- C:\WINDOWS\System32\SynTPCo4.dll
[2011/02/03 16:09:36 | 000,000,000 | ---D | C] -- C:\Program Files\Synaptics
[2011/02/03 16:08:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jon\Application Data\Dell
[2011/02/03 16:08:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Dell QuickSet
[2011/02/03 16:08:19 | 000,016,128 | ---- | C] (Dell Inc) -- C:\WINDOWS\System32\drivers\APPDRV.SYS
[2011/02/03 16:07:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\Downloaded Installations
[2011/02/03 16:06:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups
[2011/02/03 16:06:00 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2011/02/03 16:05:51 | 000,000,000 | ---D | C] -- C:\Intel
[2011/02/03 15:58:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Dell Wireless
[2011/02/03 15:58:17 | 000,815,104 | ---- | C] (Dell Inc.) -- C:\WINDOWS\System32\BCMLogon.dll
[2011/02/03 15:58:16 | 002,682,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vcredist_x86.exe
[2011/02/03 15:58:16 | 000,033,664 | ---- | C] (CACE Technologies) -- C:\WINDOWS\System32\drivers\BCMWLNPF.SYS
[2011/02/03 15:58:15 | 005,029,888 | ---- | C] (Dell Inc.) -- C:\WINDOWS\System32\BCMWLCPL.CPL
[2011/02/03 15:58:15 | 000,286,720 | ---- | C] (Dell Inc.) -- C:\WINDOWS\System32\bcmwlu00.exe
[2011/02/03 15:58:15 | 000,069,632 | ---- | C] (CACE Technologies) -- C:\WINDOWS\System32\bcmwlpkt.dll
[2011/02/03 15:58:15 | 000,065,536 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\wltrynt.dll
[2011/02/03 15:58:14 | 002,670,592 | ---- | C] (BCGSoft Ltd) -- C:\WINDOWS\System32\WLBCGCBPRO731.DLL
[2011/02/03 15:58:14 | 001,287,552 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\drivers\BCMWL5.SYS
[2011/02/03 15:58:14 | 000,143,360 | ---- | C] (Broadcom Corp.) -- C:\WINDOWS\System32\bcmwlapi.dll
[2011/02/03 15:58:14 | 000,000,000 | ---D | C] -- C:\Program Files\Dell
[2011/02/03 15:57:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jon\Application Data\InstallShield
[2011/02/03 15:55:15 | 000,006,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\splitter.sys
[2011/02/03 15:55:13 | 000,083,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wdmaud.sys
[2011/02/03 15:55:11 | 000,052,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmusic.sys
[2011/02/03 15:55:09 | 000,056,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swmidi.sys
[2011/02/03 15:55:08 | 000,142,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aec.sys
[2011/02/03 15:55:06 | 000,172,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kmixer.sys
[2011/02/03 15:55:05 | 000,002,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmkaud.sys
[2011/02/03 15:55:04 | 000,060,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sysaudio.sys
[2011/02/03 15:55:02 | 000,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mskssrv.sys
[2011/02/03 15:55:00 | 000,004,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspqm.sys
[2011/02/03 15:54:58 | 000,005,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspclock.sys
[2011/02/03 15:54:54 | 004,952,064 | ---- | C] (SigmaTel, Inc.) -- C:\WINDOWS\System32\stacgui.cpl
[2011/02/03 15:54:54 | 001,601,536 | ---- | C] (SigmaTel, Inc.) -- C:\WINDOWS\System32\stlang.dll
[2011/02/03 15:54:54 | 000,405,504 | ---- | C] (SigmaTel, Inc.) -- C:\WINDOWS\stsystra.exe
[2011/02/03 15:54:53 | 000,146,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\portcls.sys
[2011/02/03 15:54:53 | 000,146,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\portcls.sys
[2011/02/03 15:54:53 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksproxy.ax
[2011/02/03 15:54:53 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksproxy.ax
[2011/02/03 15:54:53 | 000,060,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmk.sys
[2011/02/03 15:54:53 | 000,060,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmk.sys
[2011/02/03 15:54:53 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksuser.dll
[2011/02/03 15:54:53 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksuser.dll
[2011/02/03 15:54:47 | 001,222,840 | ---- | C] (SigmaTel, Inc.) -- C:\WINDOWS\System32\drivers\sthda.sys
[2011/02/03 15:54:46 | 000,270,336 | ---- | C] (SigmaTel, Inc.) -- C:\WINDOWS\System32\stacapi.dll
[2011/02/03 15:54:46 | 000,146,944 | ---- | C] (IDT, Inc.) -- C:\WINDOWS\System32\st325602.dll
[2011/02/03 15:54:46 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2011/02/03 15:54:46 | 000,000,000 | ---D | C] -- C:\Program Files\SigmaTel
[2011/02/03 15:54:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2011/02/03 15:50:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jon\Desktop\dell
[2011/02/03 15:50:05 | 000,045,568 | R--- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\drivers\bcm4sbxp.sys
[2011/02/03 15:49:58 | 000,000,000 | ---D | C] -- C:\Program Files\Broadcom
[2011/02/03 15:48:15 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2011/02/03 15:48:07 | 000,037,376 | ---- | C] (REDC) -- C:\WINDOWS\System32\drivers\rixdptsk.sys
[2011/02/03 15:48:07 | 000,032,256 | ---- | C] (REDC) -- C:\WINDOWS\System32\drivers\rimmptsk.sys
[2011/02/03 15:48:06 | 000,090,112 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\snymsico.dll
[2011/02/03 15:48:06 | 000,043,520 | ---- | C] (REDC) -- C:\WINDOWS\System32\drivers\rimsptsk.sys
[2011/02/03 15:48:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
[2011/02/03 15:45:32 | 000,026,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbstor.sys
[2011/02/03 15:43:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jon\Application Data\Identities
[2011/02/03 15:43:15 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Jon\My Documents\My Pictures
[2011/02/03 15:43:15 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Jon\My Documents\My Music
[2011/02/03 15:43:15 | 000,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
[2011/02/03 15:43:11 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Jon\Local Settings\Application Data\Microsoft
[2011/02/03 15:43:11 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Jon\Application Data\Microsoft
[2011/02/03 15:43:11 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Jon\Application Data
[2011/02/03 15:43:11 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Jon\Favorites
[2011/02/03 15:43:11 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Jon\Cookies
[2011/02/03 15:43:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jon\Desktop
[2011/02/03 15:43:10 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Jon\SendTo
[2011/02/03 15:43:10 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Jon\Start Menu\Programs\Startup
[2011/02/03 15:43:10 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Jon\Start Menu
[2011/02/03 15:43:10 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Jon\My Documents
[2011/02/03 15:43:10 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Jon\Start Menu\Programs\Accessories
[2011/02/03 15:43:10 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Jon\Templates
[2011/02/03 15:43:10 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Jon\PrintHood
[2011/02/03 15:43:10 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Jon\NetHood
[2011/02/03 15:43:10 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Jon\Local Settings
[2011/02/03 15:42:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2011/02/03 15:42:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2011/02/03 15:42:25 | 000,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft
[2011/02/03 15:42:24 | 000,000,000 | --SD | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2011/02/03 15:42:24 | 000,000,000 | --SD | C] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2011/02/03 15:41:11 | 000,000,000 | --SD | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2011/02/03 15:41:11 | 000,000,000 | --SD | C] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2011/02/03 15:40:03 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winzm.ime
[2011/02/03 15:40:03 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winsp.ime
[2011/02/03 15:40:03 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winpy.ime
[2011/02/03 15:40:03 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winime.ime
[2011/02/03 15:40:02 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winar30.ime
[2011/02/03 15:40:02 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wingb.ime
[2011/02/03 15:40:02 | 000,041,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.dll
[2011/02/03 15:40:02 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.sys
[2011/02/03 15:40:01 | 000,364,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3svc.dll
[2011/02/03 15:40:01 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wam51.dll
[2011/02/03 15:40:01 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamreg51.dll
[2011/02/03 15:40:01 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamps51.dll
[2011/02/03 15:40:00 | 000,426,041 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicepad.dll
[2011/02/03 15:40:00 | 000,086,073 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicesub.dll
[2011/02/03 15:40:00 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ext.dll
[2011/02/03 15:40:00 | 000,048,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32.dll
[2011/02/03 15:40:00 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3svapi.dll
[2011/02/03 15:40:00 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ctrs51.dll
[2011/02/03 15:39:59 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniime.dll
[2011/02/03 15:39:58 | 000,103,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uihelper.dll
[2011/02/03 15:39:58 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unicdime.ime
[2011/02/03 15:39:58 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe
[2011/02/03 15:39:57 | 000,571,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlgnt.ime
[2011/02/03 15:39:57 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintsetp.exe
[2011/02/03 15:39:57 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlphr.exe
[2011/02/03 15:39:57 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tools.dll
[2011/02/03 15:39:57 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmigrate.dll
[2011/02/03 15:39:56 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\thawbrkr.dll
[2011/02/03 15:39:56 | 000,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdipx.sys
[2011/02/03 15:39:56 | 000,019,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdspx.sys
[2011/02/03 15:39:56 | 000,013,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdasync.sys
[2011/02/03 15:39:55 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\svcext51.dll
[2011/02/03 15:39:55 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sspifilt.dll
[2011/02/03 15:39:55 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ssinc51.dll
[2011/02/03 15:39:55 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\status.dll
[2011/02/03 15:39:54 | 000,143,422 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\softkey.dll
[2011/02/03 15:39:54 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusbusd.dll
[2011/02/03 15:39:53 | 000,358,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpincl.dll
[2011/02/03 15:39:53 | 000,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpsmir.dll
[2011/02/03 15:39:53 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpthrd.dll
[2011/02/03 15:39:53 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpstup.dll
[2011/02/03 15:39:53 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmptrap.exe
[2011/02/03 15:39:53 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll
[2011/02/03 15:39:53 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpmib.dll
[2011/02/03 15:39:52 | 000,456,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpsvc.dll
[2011/02/03 15:39:52 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpcl.dll
[2011/02/03 15:39:52 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmp.exe
[2011/02/03 15:39:52 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll
[2011/02/03 15:39:51 | 000,236,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smi2smir.exe
[2011/02/03 15:39:51 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm9aw.dll
[2011/02/03 15:39:51 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb6w.dll
[2011/02/03 15:39:51 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma3w.dll
[2011/02/03 15:39:51 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm93w.dll
[2011/02/03 15:39:51 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsm.dll
[2011/02/03 15:39:51 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpapi.dll
[2011/02/03 15:39:51 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smimsgif.dll
[2011/02/03 15:39:51 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsy.dll
[2011/02/03 15:39:50 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm87w.dll
[2011/02/03 15:39:50 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm81w.dll
[2011/02/03 15:39:50 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8cw.dll
[2011/02/03 15:39:50 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm92w.dll
[2011/02/03 15:39:50 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm90w.dll
[2011/02/03 15:39:50 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8dw.dll
[2011/02/03 15:39:50 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8aw.dll
[2011/02/03 15:39:50 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm89w.dll
[2011/02/03 15:39:50 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm59w.dll
[2011/02/03 15:39:49 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\simptcp.dll
[2011/02/03 15:39:48 | 000,221,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\seo.dll
[2011/02/03 15:39:48 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seos.dll
[2011/02/03 15:39:47 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2011/02/03 15:39:47 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_scripto.dll
[2011/02/03 15:39:47 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rwnh.dll
[2011/02/03 15:39:46 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2011/02/03 15:39:46 | 000,029,184 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll
[2011/02/03 15:39:46 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rw001ext.dll
[2011/02/03 15:39:46 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcref.dll
[2011/02/03 15:39:45 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\romanime.ime
[2011/02/03 15:39:45 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe
[2011/02/03 15:39:45 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe
[2011/02/03 15:39:44 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quick.ime
[2011/02/03 15:39:44 | 000,020,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ramdisk.sys
[2011/02/03 15:39:44 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quser.exe
[2011/02/03 15:39:44 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe
[2011/02/03 15:39:43 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pwsdata.dll
[2011/02/03 15:39:42 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxviceo.dll
[2011/02/03 15:39:42 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxmcro.dll
[2011/02/03 15:39:42 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxgl.dll
[2011/02/03 15:39:41 | 000,482,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlgnt.ime
[2011/02/03 15:39:41 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlphr.exe
[2011/02/03 15:39:41 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmigrate.dll
[2011/02/03 15:39:41 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlcsd.dll
[2011/02/03 15:39:40 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phon.ime
[2011/02/03 15:39:40 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pagecnt.dll
[2011/02/03 15:39:40 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\permchk.dll
[2011/02/03 15:39:40 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs804.dll
[2011/02/03 15:39:39 | 000,036,927 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs411.dll
[2011/02/03 15:39:39 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs404.dll
[2011/02/03 15:39:39 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs412.dll
[2011/02/03 15:39:38 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nsepm.dll
[2011/02/03 15:39:38 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll
[2011/02/03 15:39:37 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nextlink.dll
[2011/02/03 15:39:36 | 000,229,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\multibox.dll
[2011/02/03 15:39:36 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtstocom.exe
[2011/02/03 15:39:34 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msiregmv.exe
[2011/02/03 15:39:33 | 001,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.lex
[2011/02/03 15:39:33 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.dll
[2011/02/03 15:39:30 | 000,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.sys
[2011/02/03 15:39:30 | 000,092,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.dll
[2011/02/03 15:39:30 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migregdb.exe
[2011/02/03 15:39:29 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\metada51.dll
[2011/02/03 15:39:29 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll
[2011/02/03 15:39:29 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\md5filt.dll
[2011/02/03 15:39:29 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mdsync.dll
[2011/02/03 15:39:28 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lmmib2.dll
[2011/02/03 15:39:28 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lpdsvc.dll
[2011/02/03 15:39:28 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logscrpt.dll
[2011/02/03 15:39:28 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lprmon.dll
[2011/02/03 15:39:28 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lonsint.dll
[2011/02/03 15:39:27 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\korwbrkr.dll
[2011/02/03 15:39:26 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth3.dll
[2011/02/03 15:39:26 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth2.dll
[2011/02/03 15:39:26 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdvntc.dll
[2011/02/03 15:39:26 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdusa.dll
[2011/02/03 15:39:26 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdurdu.dll
[2011/02/03 15:39:26 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth1.dll
[2011/02/03 15:39:26 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth0.dll
[2011/02/03 15:39:26 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr2.dll
[2011/02/03 15:39:26 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr1.dll
[2011/02/03 15:39:25 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecat.dll
[2011/02/03 15:39:25 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecnt.dll
[2011/02/03 15:39:25 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnec95.dll
[2011/02/03 15:39:25 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41a.dll
[2011/02/03 15:39:25 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41j.dll
[2011/02/03 15:39:25 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinpun.dll
[2011/02/03 15:39:25 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintel.dll
[2011/02/03 15:39:25 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintam.dll
[2011/02/03 15:39:25 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinmar.dll
[2011/02/03 15:39:25 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinkan.dll
[2011/02/03 15:39:25 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinhin.dll
[2011/02/03 15:39:24 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdibm02.dll
[2011/02/03 15:39:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdax2.dll
[2011/02/03 15:39:24 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinguj.dll
[2011/02/03 15:39:24 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdindev.dll
[2011/02/03 15:39:24 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdheb.dll
[2011/02/03 15:39:24 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdfa.dll
[2011/02/03 15:39:24 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv2.dll
[2011/02/03 15:39:24 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv1.dll
[2011/02/03 15:39:24 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgeo.dll
[2011/02/03 15:39:23 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jupiw.dll
[2011/02/03 15:39:23 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iwrps.dll
[2011/02/03 15:39:23 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd106n.dll
[2011/02/03 15:39:23 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101a.dll
[2011/02/03 15:39:23 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101.dll
[2011/02/03 15:39:23 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda3.dll
[2011/02/03 15:39:23 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda2.dll
[2011/02/03 15:39:23 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda1.dll
[2011/02/03 15:39:23 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarmw.dll
[2011/02/03 15:39:23 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarme.dll
[2011/02/03 15:39:22 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iprip.dll
[2011/02/03 15:39:22 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iscomlog.dll
[2011/02/03 15:39:22 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isapips.dll
[2011/02/03 15:39:21 | 000,315,455 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskf.dll
[2011/02/03 15:39:21 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infocomm.dll
[2011/02/03 15:39:21 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetin51.exe
[2011/02/03 15:39:21 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infoctrs.dll
[2011/02/03 15:39:20 | 000,471,102 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskdic.dll
[2011/02/03 15:39:20 | 000,274,489 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputyc.dll
[2011/02/03 15:39:20 | 000,102,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imlang.dll
[2011/02/03 15:39:20 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imkrinst.exe
[2011/02/03 15:39:19 | 000,262,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputy.exe
[2011/02/03 15:39:19 | 000,233,527 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjprw.exe
[2011/02/03 15:39:19 | 000,208,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpmig.exe
[2011/02/03 15:39:19 | 000,155,705 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdsvr.exe
[2011/02/03 15:39:19 | 000,045,109 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpuex.exe
[2011/02/03 15:39:18 | 000,716,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcus.dll
[2011/02/03 15:39:18 | 000,368,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcic.dll
[2011/02/03 15:39:18 | 000,307,257 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.exe
[2011/02/03 15:39:18 | 000,081,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.dll
[2011/02/03 15:39:18 | 000,057,398 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdadm.exe
[2011/02/03 15:39:17 | 000,811,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81k.dll
[2011/02/03 15:39:17 | 000,340,023 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81.ime
[2011/02/03 15:39:17 | 000,311,359 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsv.exe
[2011/02/03 15:39:17 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrcic.dll
[2011/02/03 15:39:17 | 000,102,463 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsm.dll
[2011/02/03 15:39:17 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmbx.dll
[2011/02/03 15:39:17 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmig.exe
[2011/02/03 15:39:16 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekr61.ime
[2011/02/03 15:39:16 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iislog51.dll
[2011/02/03 15:39:16 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisclex4.dll
[2011/02/03 15:39:16 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iiscrmap.dll
[2011/02/03 15:39:16 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisfecnv.dll
[2011/02/03 15:39:16 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iissync.exe
[2011/02/03 15:39:16 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iismui.dll
[2011/02/03 15:39:15 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iische51.dll
[2011/02/03 15:39:15 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisadmin.dll
[2011/02/03 15:39:10 | 010,129,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxkor.dll
[2011/02/03 15:38:59 | 010,096,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxcht.dll
[2011/02/03 15:38:59 | 000,268,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpext.dll
[2011/02/03 15:38:59 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpod51.dll
[2011/02/03 15:38:59 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpmb51.dll
[2011/02/03 15:38:58 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hostmib.dll
[2011/02/03 15:38:58 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hanjadic.dll
[2011/02/03 15:38:57 | 000,400,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsxp32.dll
[2011/02/03 15:38:57 | 000,192,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxswzrd.dll
[2011/02/03 15:38:57 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gzip.dll
[2011/02/03 15:38:56 | 000,562,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsst.dll
[2011/02/03 15:38:56 | 000,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxstiff.dll
[2011/02/03 15:38:56 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssvc.exe
[2011/02/03 15:38:56 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxst30.dll
[2011/02/03 15:38:56 | 000,154,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsui.dll
[2011/02/03 15:38:55 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsevent.dll
[2011/02/03 15:38:55 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsroute.dll
[2011/02/03 15:38:55 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsdrv.dll
[2011/02/03 15:38:55 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsmon.dll
[2011/02/03 15:38:55 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsext32.dll
[2011/02/03 15:38:55 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssend.exe
[2011/02/03 15:38:55 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsperf.dll
[2011/02/03 15:38:55 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsres.dll
[2011/02/03 15:38:54 | 000,451,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsapi.dll
[2011/02/03 15:38:54 | 000,285,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscomex.dll
[2011/02/03 15:38:54 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscover.exe
[2011/02/03 15:38:54 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclnt.exe
[2011/02/03 15:38:54 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclntr.dll
[2011/02/03 15:38:54 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscfgwz.dll
[2011/02/03 15:38:54 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscom.dll
[2011/02/03 15:38:53 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpsv251.dll
[2011/02/03 15:38:53 | 000,024,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmcgi.exe
[2011/02/03 15:38:53 | 000,020,541 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmdll.dll
[2011/02/03 15:38:53 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpctrs2.dll
[2011/02/03 15:38:53 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpmib.dll
[2011/02/03 15:38:53 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftlx041e.dll
[2011/02/03 15:38:52 | 000,618,605 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4autl.dll
[2011/02/03 15:38:52 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll
[2011/02/03 15:38:52 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe
[2011/02/03 15:38:51 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntagnt.dll
[2011/02/03 15:38:51 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntwin.exe
[2011/02/03 15:38:51 | 000,045,056 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll
[2011/02/03 15:38:51 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\et4000.sys
[2011/02/03 15:38:51 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntcmd.exe
[2011/02/03 15:38:51 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\exstrace.dll
[2011/02/03 15:38:51 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\f3ahvoas.dll
[2011/02/03 15:38:50 | 000,514,587 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\edb500.dll
[2011/02/03 15:38:50 | 000,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll
[2011/02/03 15:38:50 | 000,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll
[2011/02/03 15:38:47 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dayi.ime
[2011/02/03 15:38:47 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\davcdata.exe
[2011/02/03 15:38:46 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cprofile.exe
[2011/02/03 15:38:45 | 000,057,399 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cplexe.exe
[2011/02/03 15:38:45 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\convlog.exe
[2011/02/03 15:38:45 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\controt.dll
[2011/02/03 15:38:45 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\counters.dll
[2011/02/03 15:38:44 | 000,480,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintsetp.exe
[2011/02/03 15:38:44 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintime.dll
[2011/02/03 15:38:44 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\compfilt.dll
[2011/02/03 15:38:44 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintlgnt.ime
[2011/02/03 15:38:43 | 000,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtbrkr.dll
[2011/02/03 15:38:43 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtmbx.dll
[2011/02/03 15:38:43 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtskdic.dll
[2011/02/03 15:38:42 | 001,677,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chsbrkr.dll
[2011/02/03 15:38:42 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgport.exe
[2011/02/03 15:38:42 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgusr.exe
[2011/02/03 15:38:42 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chglogon.exe
[2011/02/03 15:38:41 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chajei.ime
[2011/02/03 15:38:41 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2011/02/03 15:38:41 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\change.exe
[2011/02/03 15:38:40 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_g18030.dll
[2011/02/03 15:38:40 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_iscii.dll
[2011/02/03 15:38:40 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_is2022.dll
[2011/02/03 15:38:34 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\browscap.dll
[2011/02/03 15:38:33 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asptxn.dll
[2011/02/03 15:38:33 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aspperf.dll
[2011/02/03 15:38:33 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\authfilt.dll
[2011/02/03 15:38:32 | 000,369,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asp51.dll
[2011/02/03 15:38:32 | 000,331,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aqueue.dll
[2011/02/03 15:38:32 | 000,108,544 | ---- | C] (Microsoft Corporation) --
 
otl 2

C:\WINDOWS\System32\dllcache\appconf.dll
[2011/02/03 15:38:32 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll
[2011/02/03 15:38:31 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0804.dll
[2011/02/03 15:38:31 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0412.dll
[2011/02/03 15:38:31 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0411.dll
[2011/02/03 15:38:31 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt040d.dll
[2011/02/03 15:38:31 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0404.dll
[2011/02/03 15:38:31 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0401.dll
[2011/02/03 15:38:29 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adrot.dll
[2011/02/03 15:38:29 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll
[2011/02/03 15:38:28 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admexs.dll
[2011/02/03 15:38:28 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admxprox.dll
[2011/02/03 15:38:26 | 000,032,827 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptest.exe
[2011/02/03 15:38:26 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptsat.dll
[2011/02/03 15:38:26 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamregps.dll
[2011/02/03 15:38:25 | 002,134,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpsnap.dll
[2011/02/03 15:38:25 | 000,189,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpadm.dll
[2011/02/03 15:38:25 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\staxmem.dll
[2011/02/03 15:38:24 | 000,020,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.dll
[2011/02/03 15:38:24 | 000,016,437 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.exe
[2011/02/03 15:38:22 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logui.ocx
[2011/02/03 15:38:22 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isatq.dll
[2011/02/03 15:38:21 | 000,829,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmgr.dll
[2011/02/03 15:38:21 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisui.dll
[2011/02/03 15:38:21 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetsloc.dll
[2011/02/03 15:38:21 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infoadmn.dll
[2011/02/03 15:38:21 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmgr.exe
[2011/02/03 15:38:20 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrtl.dll
[2011/02/03 15:38:20 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisext51.dll
[2011/02/03 15:38:20 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iismap.dll
[2011/02/03 15:38:20 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrstas.exe
[2011/02/03 15:38:20 | 000,020,538 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpremadm.exe
[2011/02/03 15:38:20 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisreset.exe
[2011/02/03 15:38:20 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpsapi2.dll
[2011/02/03 15:38:20 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrstap.dll
[2011/02/03 15:38:19 | 000,598,071 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmc.dll
[2011/02/03 15:38:19 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmcsat.dll
[2011/02/03 15:38:19 | 000,188,494 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpcount.exe
[2011/02/03 15:38:19 | 000,109,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98swin.exe
[2011/02/03 15:38:19 | 000,020,541 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpexedll.dll
[2011/02/03 15:38:18 | 000,876,653 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4awel.dll
[2011/02/03 15:38:18 | 000,147,513 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4apws.dll
[2011/02/03 15:38:18 | 000,102,509 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4atxt.dll
[2011/02/03 15:38:18 | 000,049,212 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4awebs.dll
[2011/02/03 15:38:18 | 000,049,210 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4areg.dll
[2011/02/03 15:38:18 | 000,041,020 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4avnb.dll
[2011/02/03 15:38:18 | 000,032,826 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4avss.dll
[2011/02/03 15:38:18 | 000,014,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98sadm.exe
[2011/02/03 15:38:17 | 000,275,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\certwiz.ocx
[2011/02/03 15:38:17 | 000,188,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cfgwiz.exe
[2011/02/03 15:38:17 | 000,184,435 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4amsft.dll
[2011/02/03 15:38:17 | 000,082,035 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4anscp.dll
[2011/02/03 15:38:17 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cnfgprts.ocx
[2011/02/03 15:38:17 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\coadmin.dll
[2011/02/03 15:38:16 | 000,290,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adsiis51.dll
[2011/02/03 15:38:16 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\certmap.ocx
[2011/02/03 15:38:16 | 000,020,540 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.dll
[2011/02/03 15:38:16 | 000,016,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.exe
[2011/02/03 15:38:15 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admwprox.dll
[2011/02/03 15:38:15 | 000,016,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.exe
[2011/02/03 15:38:14 | 000,020,540 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.dll
[2011/02/03 15:38:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom
[2011/02/03 15:38:13 | 000,000,000 | ---D | C] -- C:\Program Files\xerox
[2011/02/03 15:38:13 | 000,000,000 | ---D | C] -- C:\Program Files\microsoft frontpage
[2011/02/03 15:37:49 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$
[2011/02/03 15:37:48 | 000,468,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2011/02/03 15:37:48 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2011/02/03 15:37:47 | 000,380,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieapfltr.dll
[2011/02/03 15:37:47 | 000,268,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2011/02/03 15:37:47 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icardie.dll
[2011/02/03 15:37:47 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieudinit.exe
[2011/02/03 15:37:46 | 002,452,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieapfltr.dat
[2011/02/03 15:37:46 | 000,991,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll.mui
[2011/02/03 15:37:45 | 006,075,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2011/02/03 15:37:37 | 000,017,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2011/02/03 15:37:05 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mapi32.dll
[2011/02/03 15:36:26 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\DRM
[2011/02/03 15:36:09 | 000,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate
[2011/02/03 15:35:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX
[2011/02/03 15:35:38 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helphost.exe
[2011/02/03 15:35:38 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\notiflag.exe
[2011/02/03 15:35:38 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\brpinfo.dll
[2011/02/03 15:35:38 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atrace.dll
[2011/02/03 15:35:38 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\atrace.dll
[2011/02/03 15:35:37 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hcappres.dll
[2011/02/03 15:35:29 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srdiag.exe
[2011/02/03 15:35:28 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msinfo32.exe
[2011/02/03 15:35:28 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wb32.exe
[2011/02/03 15:35:28 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmevtmsg.dll
[2011/02/03 15:35:28 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmevtmsg.dll
[2011/02/03 15:35:28 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cb32.exe
[2011/02/03 15:35:27 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\acctres.dll
[2011/02/03 15:35:27 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\acctres.dll
[2011/02/03 15:35:26 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Services
[2011/02/03 15:35:24 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwres.dll
[2011/02/03 15:35:24 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trialoc.dll
[2011/02/03 15:35:24 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icfgnt5.dll
[2011/02/03 15:35:24 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icfgnt5.dll
[2011/02/03 15:35:24 | 000,000,000 | --SD | C] -- C:\WINDOWS\Tasks
[2011/02/03 15:35:23 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssoap1.dll
[2011/02/03 15:35:23 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwtutor.exe
[2011/02/03 15:35:23 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wisc10.dll
[2011/02/03 15:35:23 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssoapr.dll
[2011/02/03 15:35:23 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isignup.exe
[2011/02/03 15:35:23 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap
[2011/02/03 15:35:22 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieinfo5.ocx
[2011/02/03 15:35:19 | 000,726,078 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srchui.dll
[2011/02/03 15:35:19 | 000,058,434 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srchctls.dll
[2011/02/03 15:35:18 | 003,166,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msgr3en.dll
[2011/02/03 15:35:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\srchasst
[2011/02/03 15:35:17 | 000,765,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vgx.dll
[2011/02/03 15:35:17 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpband.dll
[2011/02/03 15:35:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed
[2011/02/03 15:35:16 | 001,669,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setup_wm.exe
[2011/02/03 15:35:16 | 000,786,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migrate.exe
[2011/02/03 15:35:16 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpvis.dll
[2011/02/03 15:35:16 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpns.dll
[2011/02/03 15:35:16 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\custsat.dll
[2011/02/03 15:35:15 | 000,364,544 | ---- | C] (Microsoft Corporation (written by Digital Renaissance Inc.)) -- C:\WINDOWS\System32\dllcache\npdsplay.dll
[2011/02/03 15:35:15 | 000,327,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll
[2011/02/03 15:35:15 | 000,327,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wucltui.dll
[2011/02/03 15:35:15 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npdrmv2.dll
[2011/02/03 15:35:15 | 000,209,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuweb.dll
[2011/02/03 15:35:15 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmplayer.exe
[2011/02/03 15:35:15 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npwmsdrm.dll
[2011/02/03 15:35:15 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauserv.dll
[2011/02/03 15:35:15 | 000,004,639 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplayer2.exe
[2011/02/03 15:35:14 | 001,929,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaueng.dll
[2011/02/03 15:35:14 | 000,575,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll
[2011/02/03 15:35:14 | 000,575,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuapi.dll
[2011/02/03 15:35:14 | 000,217,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaucpl.cpl
[2011/02/03 15:35:14 | 000,183,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng1.dll
[2011/02/03 15:35:14 | 000,183,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaueng1.dll
[2011/02/03 15:35:14 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauclt1.exe
[2011/02/03 15:35:14 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauclt1.exe
[2011/02/03 15:35:14 | 000,053,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauclt.exe
[2011/02/03 15:35:14 | 000,035,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wups.dll
[2011/02/03 15:35:14 | 000,035,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wups.dll
[2011/02/03 15:35:13 | 000,409,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qmgr.dll
[2011/02/03 15:35:13 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qmgrprxy.dll
[2011/02/03 15:35:13 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qmgrprxy.dll
[2011/02/03 15:35:13 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bitsprx2.dll
[2011/02/03 15:35:13 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx2.dll
[2011/02/03 15:35:13 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bitsprx4.dll
[2011/02/03 15:35:13 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx4.dll
[2011/02/03 15:35:13 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bitsprx3.dll
[2011/02/03 15:35:13 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx3.dll
[2011/02/03 15:35:11 | 004,256,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2res.dll
[2011/02/03 15:35:11 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2res2.dll
[2011/02/03 15:35:11 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2eres.dll
[2011/02/03 15:35:10 | 000,502,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2fxa.dll
[2011/02/03 15:35:10 | 000,402,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2filt.dll
[2011/02/03 15:35:10 | 000,325,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2fxb.dll
[2011/02/03 15:35:10 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2ae.dll
[2011/02/03 15:35:10 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2ext.dll
[2011/02/03 15:35:09 | 003,558,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\moviemk.exe
[2011/02/03 15:35:09 | 000,000,000 | ---D | C] -- C:\Program Files\Movie Maker
[2011/02/03 15:34:54 | 000,565,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobmain.dll
[2011/02/03 15:34:54 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobshel.dll
[2011/02/03 15:34:54 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobdl.dll
[2011/02/03 15:34:53 | 000,122,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobcomm.dll
[2011/02/03 15:34:53 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oobebaln.exe
[2011/02/03 15:34:53 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoobe.exe
[2011/02/03 15:34:53 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobweb.dll
[2011/02/03 15:34:50 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uploadm.exe
[2011/02/03 15:34:50 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pchshell.dll
[2011/02/03 15:34:50 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrslv.dll
[2011/02/03 15:34:50 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\safrslv.dll
[2011/02/03 15:34:50 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrcdlg.dll
[2011/02/03 15:34:50 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\safrcdlg.dll
[2011/02/03 15:34:50 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\racpldlg.dll
[2011/02/03 15:34:50 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\racpldlg.dll
[2011/02/03 15:34:50 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pchsvc.dll
[2011/02/03 15:34:50 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrdm.dll
[2011/02/03 15:34:50 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\safrdm.dll
[2011/02/03 15:34:47 | 000,769,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpctr.exe
[2011/02/03 15:34:47 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe
[2011/02/03 15:34:47 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msconfig.exe
[2011/02/03 15:34:47 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hscupd.exe
[2011/02/03 15:34:46 | 000,129,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fltmgr.sys
[2011/02/03 15:34:46 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fltMc.exe
[2011/02/03 15:34:46 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fltmc.exe
[2011/02/03 15:34:46 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fltlib.dll
[2011/02/03 15:34:45 | 000,380,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rstrui.exe
[2011/02/03 15:34:45 | 000,239,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srrstr.dll
[2011/02/03 15:34:45 | 000,239,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srrstr.dll
[2011/02/03 15:34:45 | 000,171,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srsvc.dll
[2011/02/03 15:34:45 | 000,073,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sr.sys
[2011/02/03 15:34:45 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srclient.dll
[2011/02/03 15:34:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore
[2011/02/03 15:34:44 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ils.dll
[2011/02/03 15:34:44 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ils.dll
[2011/02/03 15:34:44 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msconf.dll
[2011/02/03 15:34:44 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msconf.dll
[2011/02/03 15:34:44 | 000,034,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mnmdd.dll
[2011/02/03 15:34:44 | 000,034,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mnmdd.dll
[2011/02/03 15:34:44 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mnmsrvc.exe
[2011/02/03 15:34:44 | 000,032,768 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\isrdbg32.dll
[2011/02/03 15:34:44 | 000,032,768 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\isrdbg32.dll
[2011/02/03 15:34:44 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmmkcert.dll
[2011/02/03 15:34:44 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmmkcert.dll
[2011/02/03 15:34:43 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\callcont.dll
[2011/02/03 15:34:43 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmas.dll
[2011/02/03 15:34:43 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rrcm.dll
[2011/02/03 15:34:43 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\h323cc.dll
[2011/02/03 15:34:43 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dcap32.dll
[2011/02/03 15:34:43 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmasnt.dll
[2011/02/03 15:34:42 | 000,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mst120.dll
[2011/02/03 15:34:42 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nac.dll
[2011/02/03 15:34:42 | 000,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmwb.dll
[2011/02/03 15:34:42 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmft.dll
[2011/02/03 15:34:42 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmchat.dll
[2011/02/03 15:34:42 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmcom.dll
[2011/02/03 15:34:42 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mst123.dll
[2011/02/03 15:34:42 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\confmrsl.dll
[2011/02/03 15:34:41 | 001,032,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\conf.exe
[2011/02/03 15:34:41 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmoldwb.dll
[2011/02/03 15:34:41 | 000,000,000 | ---D | C] -- C:\Program Files\NetMeeting
[2011/02/03 15:34:40 | 000,510,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab32.dll
[2011/02/03 15:34:40 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoeacct.dll
[2011/02/03 15:34:40 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoeacct.dll
[2011/02/03 15:34:40 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab32res.dll
[2011/02/03 15:34:40 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoert2.dll
[2011/02/03 15:34:40 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoert2.dll
[2011/02/03 15:34:40 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wabimp.dll
[2011/02/03 15:34:40 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab.exe
[2011/02/03 15:34:40 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wabfind.dll
[2011/02/03 15:34:40 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wabmig.exe
[2011/02/03 15:34:39 | 000,691,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcomm.dll
[2011/02/03 15:34:39 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oeimport.dll
[2011/02/03 15:34:39 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\directdb.dll
[2011/02/03 15:34:39 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msimn.exe
[2011/02/03 15:34:39 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetres.dll
[2011/02/03 15:34:39 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetres.dll
[2011/02/03 15:34:38 | 002,479,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoeres.dll
[2011/02/03 15:34:37 | 000,274,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstask.dll
[2011/02/03 15:34:37 | 000,192,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\schedsvc.dll
[2011/02/03 15:34:37 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setup50.exe
[2011/02/03 15:34:37 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oemig50.exe
[2011/02/03 15:34:37 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oemiglib.dll
[2011/02/03 15:34:37 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstinit.exe
[2011/02/03 15:34:37 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstinit.exe
[2011/02/03 15:34:37 | 000,000,000 | ---D | C] -- C:\Program Files\Outlook Express
[2011/02/03 15:34:36 | 000,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcfg.dll
[2011/02/03 15:34:36 | 000,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcfg.dll
[2011/02/03 15:34:36 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\isign32.dll
[2011/02/03 15:34:36 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isign32.dll
[2011/02/03 15:34:36 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwdial.dll
[2011/02/03 15:34:36 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwdial.dll
[2011/02/03 15:34:36 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwphbk.dll
[2011/02/03 15:34:36 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwphbk.dll
[2011/02/03 15:34:35 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwconn1.exe
[2011/02/03 15:34:35 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwhelp.dll
[2011/02/03 15:34:35 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwconn2.exe
[2011/02/03 15:34:35 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwconn.dll
[2011/02/03 15:34:35 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwutil.dll
[2011/02/03 15:34:35 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwdl.dll
[2011/02/03 15:34:35 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwrmind.exe
[2011/02/03 15:34:35 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetwiz.exe
[2011/02/03 15:34:34 | 000,554,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dao360.dll
[2011/02/03 15:34:34 | 000,487,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oledb32.dll
[2011/02/03 15:34:34 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sqlxmlx.dll
[2011/02/03 15:34:34 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oledb32r.dll
[2011/02/03 15:34:33 | 000,315,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdasql.dll
[2011/02/03 15:34:33 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaora.dll
[2011/02/03 15:34:33 | 000,204,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaps.dll
[2011/02/03 15:34:33 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdatl3.dll
[2011/02/03 15:34:33 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaosp.dll
[2011/02/03 15:34:33 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxactps.dll
[2011/02/03 15:34:33 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdatt.dll
[2011/02/03 15:34:33 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdasqlr.dll
[2011/02/03 15:34:33 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaorar.dll
[2011/02/03 15:34:33 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaurl.dll
[2011/02/03 15:34:33 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdasc.dll
[2011/02/03 15:34:33 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaer.dll
[2011/02/03 15:34:33 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaenum.dll
[2011/02/03 15:34:32 | 000,536,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado15.dll
[2011/02/03 15:34:32 | 000,200,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadox.dll
[2011/02/03 15:34:32 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadomd.dll
[2011/02/03 15:34:32 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msjro.dll
[2011/02/03 15:34:32 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado27.tlb
[2011/02/03 15:34:32 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado26.tlb
[2011/02/03 15:34:32 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado25.tlb
[2011/02/03 15:34:32 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado21.tlb
[2011/02/03 15:34:32 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado20.tlb
[2011/02/03 15:34:32 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadrh15.dll
[2011/02/03 15:34:32 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msador15.dll
[2011/02/03 15:34:32 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msader15.dll
[2011/02/03 15:34:32 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdadc.dll
[2011/02/03 15:34:31 | 000,200,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaprst.dll
[2011/02/03 15:34:31 | 000,155,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadds.dll
[2011/02/03 15:34:31 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadco.dll
[2011/02/03 15:34:31 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdarem.dll
[2011/02/03 15:34:31 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcf.dll
[2011/02/03 15:34:31 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcs.dll
[2011/02/03 15:34:31 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdfmap.dll
[2011/02/03 15:34:31 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msaddsr.dll
[2011/02/03 15:34:31 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcer.dll
[2011/02/03 15:34:31 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaremr.dll
[2011/02/03 15:34:31 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaprsr.dll
[2011/02/03 15:34:31 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcor.dll
[2011/02/03 15:34:31 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcfr.dll
[2011/02/03 15:34:30 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadce.dll
[2011/02/03 15:34:30 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\System
[2011/02/03 15:34:29 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedw.exe
[2011/02/03 15:34:29 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hmmapi.dll
[2011/02/03 15:34:28 | 000,634,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iexplore.exe
[2011/02/03 15:34:25 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Explorer
[2011/02/03 15:34:23 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Pictures
[2011/02/03 15:33:56 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Games
[2011/02/03 15:33:44 | 000,000,000 | ---D | C] -- C:\Program Files\ComPlus Applications
[2011/02/03 15:33:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\Registration
[2011/02/03 15:33:36 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Administrative Tools
[2011/02/03 15:33:28 | 000,000,000 | ---D | C] -- C:\Program Files\Online Services
[2011/02/03 15:33:15 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Connect 2
[2011/02/03 15:33:14 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Player
[2011/02/03 15:33:12 | 000,000,000 | ---D | C] -- C:\Program Files\Messenger
[2011/02/03 15:33:11 | 001,817,687 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgres.dll
[2011/02/03 15:33:11 | 000,753,236 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvseres.dll
[2011/02/03 15:33:11 | 000,082,501 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckg.dll
[2011/02/03 15:33:11 | 000,048,706 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvse.dll
[2011/02/03 15:33:11 | 000,042,577 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgzm.exe
[2011/02/03 15:33:11 | 000,042,575 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrzm.exe
[2011/02/03 15:33:11 | 000,042,574 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvsezm.exe
[2011/02/03 15:33:10 | 002,178,131 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlres.dll
[2011/02/03 15:33:10 | 001,175,635 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzres.dll
[2011/02/03 15:33:10 | 000,780,885 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrres.dll
[2011/02/03 15:33:10 | 000,066,113 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvl.dll
[2011/02/03 15:33:10 | 000,057,409 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtz.dll
[2011/02/03 15:33:10 | 000,042,573 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlzm.exe
[2011/02/03 15:33:10 | 000,042,573 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzzm.exe
[2011/02/03 15:33:10 | 000,040,515 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkr.dll
[2011/02/03 15:33:10 | 000,032,339 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniansi.dll
[2011/02/03 15:33:10 | 000,004,677 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zeeverm.dll
[2011/02/03 15:33:09 | 001,039,955 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnresm.dll
[2011/02/03 15:33:09 | 000,217,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnclim.dll
[2011/02/03 15:33:09 | 000,113,222 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zoneclim.dll
[2011/02/03 15:33:09 | 000,041,029 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zcorem.dll
[2011/02/03 15:33:09 | 000,013,894 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zonelibm.dll
[2011/02/03 15:33:08 | 000,036,937 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zclientm.exe
[2011/02/03 15:33:08 | 000,029,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\znetm.dll
[2011/02/03 15:33:08 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\write.exe
[2011/02/03 15:33:08 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\write.exe
[2011/02/03 15:33:08 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Gaming Zone
[2011/02/03 15:32:59 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndvol32.exe
[2011/02/03 15:32:59 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndvol32.exe
[2011/02/03 15:32:58 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avtapi.dll
[2011/02/03 15:32:58 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avtapi.dll
[2011/02/03 15:32:58 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avwav.dll
[2011/02/03 15:32:58 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avwav.dll
[2011/02/03 15:32:58 | 000,044,544 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\hticons.dll
[2011/02/03 15:32:58 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winchat.exe
[2011/02/03 15:32:58 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winchat.exe
[2011/02/03 15:32:58 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avmeter.dll
[2011/02/03 15:32:58 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avmeter.dll
[2011/02/03 15:32:58 | 000,013,312 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\dllcache\htrn_jis.dll
[2011/02/03 15:32:51 | 000,605,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\getuname.dll
[2011/02/03 15:32:51 | 000,605,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\getuname.dll
[2011/02/03 15:32:51 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\calc.exe
[2011/02/03 15:32:51 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\calc.exe
[2011/02/03 15:32:51 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\charmap.exe
[2011/02/03 15:32:51 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\charmap.exe
[2011/02/03 15:32:50 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mshearts.exe
[2011/02/03 15:32:50 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshearts.exe
[2011/02/03 15:32:50 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winmine.exe
[2011/02/03 15:32:50 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmine.exe
[2011/02/03 15:32:50 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sol.exe
[2011/02/03 15:32:50 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sol.exe
[2011/02/03 15:32:49 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\freecell.exe
[2011/02/03 15:32:49 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\freecell.exe
[2011/02/03 15:32:49 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\regini.exe
[2011/02/03 15:32:49 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\regini.exe
[2011/02/03 15:32:49 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qwinsta.exe
[2011/02/03 15:32:49 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qwinsta.exe
[2011/02/03 15:32:49 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsshutdn.exe
[2011/02/03 15:32:49 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsshutdn.exe
[2011/02/03 15:32:49 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tskill.exe
[2011/02/03 15:32:49 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tskill.exe
[2011/02/03 15:32:49 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rwinsta.exe
[2011/02/03 15:32:49 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rwinsta.exe
[2011/02/03 15:32:49 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsdiscon.exe
[2011/02/03 15:32:49 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsdiscon.exe
[2011/02/03 15:32:49 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscon.exe
[2011/02/03 15:32:49 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscon.exe
[2011/02/03 15:32:49 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\shadow.exe
[2011/02/03 15:32:49 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shadow.exe
[2011/02/03 15:32:49 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\reset.exe
[2011/02/03 15:32:49 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\reset.exe
[2011/02/03 15:32:49 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpcfgex.dll
[2011/02/03 15:32:49 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpcfgex.dll
[2011/02/03 15:32:48 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msg.exe
[2011/02/03 15:32:48 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msg.exe
[2011/02/03 15:32:48 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtsadmin.tlb
[2011/02/03 15:32:48 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qappsrv.exe
[2011/02/03 15:32:48 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qappsrv.exe
[2011/02/03 15:32:48 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cdmodem.dll
[2011/02/03 15:32:48 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cdmodem.dll
[2011/02/03 15:32:48 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\logoff.exe
[2011/02/03 15:32:48 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logoff.exe
[2011/02/03 15:32:47 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmi2xml.dll
[2011/02/03 15:32:44 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipicmp.dll
[2011/02/03 15:32:44 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmimsg.dll
[2011/02/03 15:32:44 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmitimep.dll
[2011/02/03 15:32:43 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msiprov.dll
[2011/02/03 15:32:43 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\updprov.dll
[2011/02/03 15:32:43 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmplprov.dll
[2011/02/03 15:32:43 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemdisp.tlb
[2011/02/03 15:32:43 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trnsprov.dll
[2011/02/03 15:32:43 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpcons.dll
[2011/02/03 15:32:43 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.tlb
[2011/02/03 15:32:43 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unsecapp.exe
[2011/02/03 15:32:43 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmtr.dll
[2011/02/03 15:32:43 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmt.exe
[2011/02/03 15:32:43 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.dll
[2011/02/03 15:32:42 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsprov.dll
[2011/02/03 15:32:42 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fwdprov.dll
[2011/02/03 15:32:27 | 000,281,088 | ---- | C] (Cinematronics) -- C:\WINDOWS\System32\dllcache\pinball.exe
[2011/02/03 15:32:27 | 000,000,000 | ---D | C] -- C:\Program Files\MSN
[2011/02/03 15:32:26 | 000,347,136 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\hypertrm.dll
[2011/02/03 15:32:26 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\accwiz.exe
[2011/02/03 15:32:26 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\accwiz.exe
[2011/02/03 15:32:26 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndrec32.exe
[2011/02/03 15:32:26 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndrec32.exe
[2011/02/03 15:32:26 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mplay32.exe
[2011/02/03 15:32:26 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplay32.exe
[2011/02/03 15:32:26 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\access.cpl
[2011/02/03 15:32:26 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\access.cpl
[2011/02/03 15:32:25 | 000,539,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dialer.exe
[2011/02/03 15:32:25 | 000,538,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spider.exe
[2011/02/03 15:32:25 | 000,538,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spider.exe
[2011/02/03 15:32:25 | 000,343,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mspaint.exe
[2011/02/03 15:32:25 | 000,343,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspaint.exe
[2011/02/03 15:32:25 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clipbrd.exe
[2011/02/03 15:32:25 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clipbrd.exe
[2011/02/03 15:32:25 | 000,000,000 | ---D | C] -- C:\Program Files\Windows NT
[2011/02/03 15:32:24 | 000,139,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwd.sys
[2011/02/03 15:32:24 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscfgwmi.dll
[2011/02/03 15:32:24 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscfgwmi.dll
[2011/02/03 15:32:24 | 000,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdtcp.sys
[2011/02/03 15:32:24 | 000,012,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdpipe.sys
[2011/02/03 15:32:23 | 000,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rhttpaa.dll
[2011/02/03 15:32:23 | 000,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rhttpaa.dll
[2011/02/03 15:32:23 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aaclient.dll
[2011/02/03 15:32:23 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\aaclient.dll
[2011/02/03 15:32:23 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsgqec.dll
[2011/02/03 15:32:23 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsgqec.dll
[2011/02/03 15:32:22 | 002,061,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lhmstscx.dll
[2011/02/03 15:32:22 | 000,677,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lhmstsc.exe
[2011/02/03 15:32:22 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdchost.dll
[2011/02/03 15:32:22 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdchost.dll
[2011/02/03 15:32:22 | 000,141,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sessmgr.exe
[2011/02/03 15:32:22 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdshost.exe
[2011/02/03 15:32:22 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdshost.exe
[2011/02/03 15:32:22 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\remotepg.dll
[2011/02/03 15:32:22 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdsaddin.exe
[2011/02/03 15:32:22 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdsaddin.exe
[2011/02/03 15:32:21 | 000,295,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\termsrv.dll
[2011/02/03 15:32:21 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcuiu.dll
[2011/02/03 15:32:21 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtcuiu.dll
[2011/02/03 15:32:21 | 000,087,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpwsx.dll
[2011/02/03 15:32:21 | 000,087,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwsx.dll
[2011/02/03 15:32:21 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpclip.exe
[2011/02/03 15:32:21 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpclip.exe
[2011/02/03 15:32:21 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cfgbkend.dll
[2011/02/03 15:32:21 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cfgbkend.dll
[2011/02/03 15:32:21 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpsnd.dll
[2011/02/03 15:32:21 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpsnd.dll
[2011/02/03 15:32:21 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qprocess.exe
[2011/02/03 15:32:21 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qprocess.exe
[2011/02/03 15:32:21 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icaapi.dll
[2011/02/03 15:32:21 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icaapi.dll
[2011/02/03 15:32:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc
[2011/02/03 15:32:20 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtctm.dll
[2011/02/03 15:32:20 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtctm.dll
[2011/02/03 15:32:20 | 000,427,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcprx.dll
[2011/02/03 15:32:20 | 000,427,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtcprx.dll
[2011/02/03 15:32:20 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxoci.dll
[2011/02/03 15:32:20 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxoci.dll
[2011/02/03 15:32:20 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtclog.dll
[2011/02/03 15:32:20 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtclog.dll
[2011/02/03 15:32:20 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xolehlp.dll
[2011/02/03 15:32:20 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xolehlp.dll
[2011/02/03 15:32:20 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtc.exe
[2011/02/03 15:32:19 | 000,195,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comadmin.dll
[2011/02/03 15:32:19 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxlegih.dll
[2011/02/03 15:32:19 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxlegih.dll
[2011/02/03 15:32:19 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxdm.dll
[2011/02/03 15:32:19 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxdm.dll
[2011/02/03 15:32:19 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrepl.exe
[2011/02/03 15:32:19 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dcomcnfg.exe
[2011/02/03 15:32:19 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dcomcnfg.exe
[2011/02/03 15:32:19 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrereg.exe
[2011/02/03 15:32:19 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxex.dll
[2011/02/03 15:32:19 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxex.dll
[2011/02/03 15:32:18 | 000,625,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\catsrvut.dll
[2011/02/03 15:32:18 | 000,625,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvut.dll
[2011/02/03 15:32:18 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\catsrv.dll
[2011/02/03 15:32:18 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrv.dll
[2011/02/03 15:32:18 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clbcatex.dll
[2011/02/03 15:32:18 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clbcatex.dll
[2011/02/03 15:32:18 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrepl.dll
[2011/02/03 15:32:18 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comrepl.dll
[2011/02/03 15:32:18 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\catsrvps.dll
[2011/02/03 15:32:18 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvps.dll
[2011/02/03 15:32:18 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\colbact.dll
[2011/02/03 15:32:18 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\colbact.dll
[2011/02/03 15:32:18 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\stclient.dll
[2011/02/03 15:32:18 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\stclient.dll
[2011/02/03 15:32:18 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comaddin.dll
[2011/02/03 15:32:18 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comaddin.dll
[2011/02/03 15:32:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Com
[2011/02/03 15:32:17 | 001,267,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comsvcs.dll
[2011/02/03 15:32:17 | 001,267,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsvcs.dll
[2011/02/03 15:32:17 | 000,539,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comuid.dll
[2011/02/03 15:32:17 | 000,539,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comuid.dll
[2011/02/03 15:32:17 | 000,498,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clbcatq.dll
[2011/02/03 15:32:17 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comsnap.dll
[2011/02/03 15:32:17 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsnap.dll
[2011/02/03 15:32:15 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmisvc.dll
[2011/02/03 15:32:15 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiutils.dll
[2011/02/03 15:32:15 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipsess.dll
[2011/02/03 15:32:14 | 000,358,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmic.exe
[2011/02/03 15:32:14 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiadap.exe
[2011/02/03 15:32:14 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipcima.dll
[2011/02/03 15:32:14 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprov.dll
[2011/02/03 15:32:14 | 000,140,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmidcprv.dll
[2011/02/03 15:32:14 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipdskq.dll
[2011/02/03 15:32:14 | 000,126,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiapsrv.exe
[2011/02/03 15:32:14 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiaprpl.dll
[2011/02/03 15:32:14 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipjobj.dll
[2011/02/03 15:32:14 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipiprt.dll
[2011/02/03 15:32:14 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmicookr.dll
[2011/02/03 15:32:14 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiapres.dll
[2011/02/03 15:32:13 | 000,531,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcore.dll
[2011/02/03 15:32:13 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemess.dll
[2011/02/03 15:32:13 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcomn.dll
[2011/02/03 15:32:13 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemupgd.dll
[2011/02/03 15:32:13 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcntl.dll
[2011/02/03 15:32:13 | 000,178,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemdisp.dll
[2011/02/03 15:32:13 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemtest.exe
[2011/02/03 15:32:13 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcons.dll
[2011/02/03 15:32:13 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemsvc.dll
[2011/02/03 15:32:13 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemprox.dll
[2011/02/03 15:32:12 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\provthrd.dll
[2011/02/03 15:32:12 | 000,178,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\repdrvfs.dll
[2011/02/03 15:32:12 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\viewprov.dll
[2011/02/03 15:32:12 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\policman.dll
[2011/02/03 15:32:12 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\stdprov.dll
[2011/02/03 15:32:12 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scrcons.exe
[2011/02/03 15:32:11 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntevt.dll
[2011/02/03 15:32:11 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\framedyn.dll
[2011/02/03 15:32:11 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mofd.dll
[2011/02/03 15:32:11 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ncprov.dll
[2011/02/03 15:32:11 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\krnlprov.dll
[2011/02/03 15:32:11 | 000,016,384 | ---- | C] (Microsoft Corporation) --
 
otl 3

C:\WINDOWS\System32\dllcache\mofcomp.exe
[2011/02/03 15:32:10 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\esscli.dll
[2011/02/03 15:32:09 | 001,358,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cimwin32.dll
[2011/02/03 15:32:09 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmprops.dll
[2011/02/03 15:32:09 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmprops.dll
[2011/02/03 15:32:09 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\licwmi.dll
[2011/02/03 15:32:09 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\licwmi.dll
[2011/02/03 15:32:09 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\servdeps.dll
[2011/02/03 15:32:09 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\servdeps.dll
[2011/02/03 15:32:09 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmfutil.dll
[2011/02/03 15:32:09 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mmfutil.dll
[2011/02/03 15:32:03 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Videos
[2011/02/03 15:31:29 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Accessories
[2011/02/03 10:18:25 | 000,006,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\enum1394.sys
[2011/02/03 10:18:09 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\usbui.dll
[2011/02/03 10:18:09 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbui.dll
[2011/02/03 10:17:45 | 000,014,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\battc.sys
[2011/02/03 10:17:07 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Music
[2011/02/03 10:16:46 | 000,000,000 | -HSD | C] -- C:\WINDOWS\Installer
[2011/02/03 10:16:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC
[2011/02/03 10:16:45 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spcommon.dll
[2011/02/03 10:16:45 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spcplui.dll
[2011/02/03 10:16:43 | 000,774,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spttseng.dll
[2011/02/03 10:16:42 | 000,741,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapi.dll
[2011/02/03 10:16:42 | 000,155,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapi.cpl
[2011/02/03 10:16:42 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapisvr.exe
[2011/02/03 10:16:42 | 000,000,000 | R--D | C] -- C:\Program Files
[2011/02/03 10:16:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeechEngines
[2011/02/03 10:16:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Shared
[2011/02/03 10:16:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files
[2011/02/03 10:16:35 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0408.dll
[2011/02/03 10:16:35 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt040e.dll
[2011/02/03 10:16:35 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt041f.dll
[2011/02/03 10:16:35 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0419.dll
[2011/02/03 10:16:35 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0415.dll
[2011/02/03 10:16:35 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0405.dll
[2011/02/03 10:16:33 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuq.dll
[2011/02/03 10:16:33 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuf.dll
[2011/02/03 10:16:33 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtuq.dll
[2011/02/03 10:16:33 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtuf.dll
[2011/02/03 10:16:33 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdazel.dll
[2011/02/03 10:16:33 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdazel.dll
[2011/02/03 10:16:31 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycc.dll
[2011/02/03 10:16:31 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbduzb.dll
[2011/02/03 10:16:31 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdur.dll
[2011/02/03 10:16:31 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtat.dll
[2011/02/03 10:16:31 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru1.dll
[2011/02/03 10:16:31 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru.dll
[2011/02/03 10:16:31 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmon.dll
[2011/02/03 10:16:31 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkyr.dll
[2011/02/03 10:16:31 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkaz.dll
[2011/02/03 10:16:31 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbu.dll
[2011/02/03 10:16:31 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdblr.dll
[2011/02/03 10:16:31 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdaze.dll
[2011/02/03 10:16:31 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdycc.dll
[2011/02/03 10:16:31 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbduzb.dll
[2011/02/03 10:16:31 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdur.dll
[2011/02/03 10:16:31 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtat.dll
[2011/02/03 10:16:31 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdru1.dll
[2011/02/03 10:16:31 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdru.dll
[2011/02/03 10:16:31 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdmon.dll
[2011/02/03 10:16:31 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkyr.dll
[2011/02/03 10:16:31 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkaz.dll
[2011/02/03 10:16:31 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdbu.dll
[2011/02/03 10:16:31 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdblr.dll
[2011/02/03 10:16:31 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdaze.dll
[2011/02/03 10:16:29 | 000,008,192 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhept.dll
[2011/02/03 10:16:29 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhept.dll
[2011/02/03 10:16:29 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela3.dll
[2011/02/03 10:16:29 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhela3.dll
[2011/02/03 10:16:29 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela2.dll
[2011/02/03 10:16:29 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdgkl.dll
[2011/02/03 10:16:29 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhela2.dll
[2011/02/03 10:16:29 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgkl.dll
[2011/02/03 10:16:29 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe319.dll
[2011/02/03 10:16:29 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe220.dll
[2011/02/03 10:16:29 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe.dll
[2011/02/03 10:16:29 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe319.dll
[2011/02/03 10:16:29 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe220.dll
[2011/02/03 10:16:29 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe.dll
[2011/02/03 10:16:27 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv1.dll
[2011/02/03 10:16:27 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv.dll
[2011/02/03 10:16:27 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdest.dll
[2011/02/03 10:16:27 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlv1.dll
[2011/02/03 10:16:27 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlv.dll
[2011/02/03 10:16:27 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdest.dll
[2011/02/03 10:16:27 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt1.dll
[2011/02/03 10:16:27 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt.dll
[2011/02/03 10:16:27 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlt1.dll
[2011/02/03 10:16:27 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlt.dll
[2011/02/03 10:16:26 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl1.dll
[2011/02/03 10:16:26 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl.dll
[2011/02/03 10:16:26 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpl.dll
[2011/02/03 10:16:26 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu.dll
[2011/02/03 10:16:26 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsl1.dll
[2011/02/03 10:16:26 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsl.dll
[2011/02/03 10:16:26 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdpl.dll
[2011/02/03 10:16:26 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhu.dll
[2011/02/03 10:16:26 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdro.dll
[2011/02/03 10:16:26 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpl1.dll
[2011/02/03 10:16:26 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu1.dll
[2011/02/03 10:16:26 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdro.dll
[2011/02/03 10:16:26 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdpl1.dll
[2011/02/03 10:16:26 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhu1.dll
[2011/02/03 10:16:25 | 000,007,168 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz.dll
[2011/02/03 10:16:25 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz.dll
[2011/02/03 10:16:25 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycl.dll
[2011/02/03 10:16:25 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz2.dll
[2011/02/03 10:16:25 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz1.dll
[2011/02/03 10:16:25 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcr.dll
[2011/02/03 10:16:25 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\KBDAL.DLL
[2011/02/03 10:16:25 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdycl.dll
[2011/02/03 10:16:25 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz2.dll
[2011/02/03 10:16:25 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz1.dll
[2011/02/03 10:16:25 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcr.dll
[2011/02/03 10:16:25 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdal.dll
[2011/02/03 10:16:20 | 000,176,157 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dllcache\dgrpsetu.dll
[2011/02/03 10:16:20 | 000,176,157 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dgrpsetu.dll
[2011/02/03 10:16:20 | 000,103,424 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\EqnClass.Dll
[2011/02/03 10:16:20 | 000,103,424 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqnclass.dll
[2011/02/03 10:16:20 | 000,085,020 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dllcache\dgsetup.dll
[2011/02/03 10:16:20 | 000,085,020 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dgsetup.dll
[2011/02/03 10:16:20 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\spxcoins.dll
[2011/02/03 10:16:20 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxcoins.dll
[2011/02/03 10:16:20 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irclass.dll
[2011/02/03 10:16:20 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irclass.dll
[2011/02/03 10:16:19 | 000,126,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MSVIDEO.DLL
[2011/02/03 10:16:19 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLECLI.DLL
[2011/02/03 10:16:19 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLESVR.DLL
[2011/02/03 10:16:19 | 000,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TAPI.DLL
[2011/02/03 10:16:19 | 000,013,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\WFWNET.DRV
[2011/02/03 10:16:19 | 000,009,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VER.DLL
[2011/02/03 10:16:19 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SHELL.DLL
[2011/02/03 10:16:19 | 000,004,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TIMER.DRV
[2011/02/03 10:16:19 | 000,003,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SYSTEM.DRV
[2011/02/03 10:16:19 | 000,002,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VGA.DRV
[2011/02/03 10:16:19 | 000,002,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MOUSE.DRV
[2011/02/03 10:16:19 | 000,001,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SOUND.DRV
[2011/02/03 10:16:18 | 000,109,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVIFILE.DLL
[2011/02/03 10:16:18 | 000,073,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIAVI.DRV
[2011/02/03 10:16:18 | 000,069,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVICAP.DLL
[2011/02/03 10:16:18 | 000,032,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\COMMDLG.DLL
[2011/02/03 10:16:18 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIWAVE.DRV
[2011/02/03 10:16:18 | 000,025,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCISEQ.DRV
[2011/02/03 10:16:18 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\TASKMAN.EXE
[2011/02/03 10:16:18 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\taskman.exe
[2011/02/03 10:16:18 | 000,009,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\LZEXPAND.DLL
[2011/02/03 10:16:18 | 000,002,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\KEYBOARD.DRV
[2011/02/03 10:16:18 | 000,001,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MMTASK.TSK
[2011/02/03 10:16:17 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\WINSPOOL.DRV
[2011/02/03 10:16:17 | 000,068,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MMSYSTEM.DLL
[2011/02/03 10:16:17 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irenum.sys
[2011/02/03 10:16:17 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\batt.dll
[2011/02/03 10:16:17 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\batt.dll
[2011/02/03 10:16:16 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\storprop.dll
[2011/02/03 10:16:07 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup
[2011/02/03 10:16:07 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu
[2011/02/03 10:16:07 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents
[2011/02/03 10:16:07 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Templates
[2011/02/03 10:16:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Favorites
[2011/02/03 10:16:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Desktop
[2011/02/03 10:15:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2011/02/03 10:15:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot
[2011/02/03 10:15:47 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2011/02/03 10:15:47 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\All Users\Application Data
[2011/02/03 10:15:23 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2011/02/03 10:15:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings
[2011/02/03 10:08:43 | 000,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files
[2011/02/03 10:08:43 | 000,000,000 | R-SD | C] -- C:\WINDOWS\Fonts
[2011/02/03 10:08:43 | 000,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2011/02/03 10:08:43 | 000,000,000 | R--D | C] -- C:\WINDOWS\Web
[2011/02/03 10:08:43 | 000,000,000 | -H-D | C] -- C:\WINDOWS\inf
[2011/02/03 10:08:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\WinSxS
[2011/02/03 10:08:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wins
[2011/02/03 10:08:43 | 000,000,000 | ---D | C] -- C:\WINDOWS
[2011/02/03 10:08:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2011/02/03 10:08:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem
[2011/02/03 10:08:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt
[2011/02/03 10:08:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\UMDF
[2011/02/03 10:08:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\twain_32
[2011/02/03 10:08:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2011/02/03 10:08:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\system32
[2011/02/03 10:08:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\system
[2011/02/03 10:08:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\spool
[2011/02/03 10:08:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt
[2011/02/03 10:08:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup
[2011/02/03 10:08:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\security
[2011/02/03 10:08:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting
[2011/02/03 10:08:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\Resources
[2011/02/03 10:08:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\repair
[2011/02/03 10:08:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ras
[2011/02/03 10:08:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\Provisioning
[2011/02/03 10:08:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\PeerNet
[2011/02/03 10:08:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\pchealth
[2011/02/03 10:08:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe
[2011/02/03 10:08:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\Offline Web Pages
[2011/02/03 10:08:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\npp
[2011/02/03 10:08:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\Network Diagnostic
[2011/02/03 10:08:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\mui
[2011/02/03 10:08:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\mui
[2011/02/03 10:08:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\msapps
[2011/02/03 10:08:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\msagent
[2011/02/03 10:08:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\Media
[2011/02/03 10:08:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\L2Schemas
[2011/02/03 10:08:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\java
[2011/02/03 10:08:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv
[2011/02/03 10:08:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\IME
[2011/02/03 10:08:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\ime
[2011/02/03 10:08:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml
[2011/02/03 10:08:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ias
[2011/02/03 10:08:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\Help
[2011/02/03 10:08:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\export
[2011/02/03 10:08:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc
[2011/02/03 10:08:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US
[2011/02/03 10:08:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en
[2011/02/03 10:08:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\ehome
[2011/02/03 10:08:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers
[2011/02/03 10:08:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache
[2011/02/03 10:08:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn
[2011/02/03 10:08:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp
[2011/02/03 10:08:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\Debug
[2011/02/03 10:08:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cursors
[2011/02/03 10:08:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard
[2011/02/03 10:08:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\config
[2011/02/03 10:08:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\Config
[2011/02/03 10:08:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\AppPatch
[2011/02/03 10:08:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\addins
[2011/02/03 10:08:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi
[2011/02/03 10:08:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3076
[2011/02/03 10:08:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\2052
[2011/02/03 10:08:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1054
[2011/02/03 10:08:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1042
[2011/02/03 10:08:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1041
[2011/02/03 10:08:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1037
[2011/02/03 10:08:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1033
[2011/02/03 10:08:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1031
[2011/02/03 10:08:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1028
[2011/02/03 10:08:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1025
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/02/04 14:58:00 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jon\Desktop\OTL.exe
[2011/02/04 14:52:06 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/02/03 21:47:36 | 000,001,604 | ---- | M] () -- C:\Documents and Settings\Jon\Desktop\Attach.zip
[2011/02/03 21:45:47 | 000,001,732 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\WinZip.lnk
[2011/02/03 21:45:47 | 000,001,660 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WinZip Quick Pick.lnk
[2011/02/03 21:34:47 | 000,312,172 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/02/03 21:34:47 | 000,040,394 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/02/03 21:30:35 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/02/03 19:40:47 | 000,000,933 | ---- | M] () -- C:\Documents and Settings\Jon\Desktop\Spybot - Search & Destroy.lnk
[2011/02/03 19:17:02 | 000,059,392 | R--- | M] () -- C:\WINDOWS\System32\streamhlp.dll
[2011/02/03 19:17:02 | 000,000,710 | ---- | M] () -- C:\Documents and Settings\Jon\Application Data\Microsoft\Internet Explorer\Quick Launch\TrojanHunter Scanner.lnk
[2011/02/03 19:17:02 | 000,000,692 | ---- | M] () -- C:\Documents and Settings\Jon\Desktop\TrojanHunter.lnk
[2011/02/03 18:37:26 | 000,000,264 | ---- | M] () -- C:\WINDOWS\System32\PSUNCpl.dat
[2011/02/03 18:34:39 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011/02/03 18:23:27 | 000,090,296 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/02/03 18:20:36 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/02/03 17:37:55 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/02/03 17:18:32 | 000,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2011/02/03 17:18:24 | 000,001,620 | ---- | M] () -- C:\Documents and Settings\Jon\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/02/03 15:43:38 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\Jon\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2011/02/03 15:41:14 | 000,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD
[2011/02/03 15:40:17 | 000,000,261 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2011/02/03 15:37:23 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2011/02/03 15:37:23 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2011/02/03 15:37:23 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2011/02/03 15:37:23 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2011/02/03 15:37:16 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2011/02/03 15:37:16 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2011/02/03 15:37:15 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2011/02/03 15:37:05 | 000,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2011/02/03 15:33:55 | 000,021,640 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011/02/03 15:31:04 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2011/02/03 10:29:58 | 000,004,444 | ---- | M] () -- C:\WINDOWS\System32\pid.PNF
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/02/04 14:52:06 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/02/03 21:47:36 | 000,001,604 | ---- | C] () -- C:\Documents and Settings\Jon\Desktop\Attach.zip
[2011/02/03 21:45:47 | 000,001,732 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\WinZip.lnk
[2011/02/03 21:45:47 | 000,001,660 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WinZip Quick Pick.lnk
[2011/02/03 19:40:47 | 000,000,933 | ---- | C] () -- C:\Documents and Settings\Jon\Desktop\Spybot - Search & Destroy.lnk
[2011/02/03 19:17:02 | 000,000,710 | ---- | C] () -- C:\Documents and Settings\Jon\Application Data\Microsoft\Internet Explorer\Quick Launch\TrojanHunter Scanner.lnk
[2011/02/03 19:17:02 | 000,000,692 | ---- | C] () -- C:\Documents and Settings\Jon\Desktop\TrojanHunter.lnk
[2011/02/03 19:16:55 | 000,059,392 | R--- | C] () -- C:\WINDOWS\System32\streamhlp.dll
[2011/02/03 18:37:26 | 000,000,264 | ---- | C] () -- C:\WINDOWS\System32\PSUNCpl.dat
[2011/02/03 17:18:32 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2011/02/03 17:18:24 | 000,001,620 | ---- | C] () -- C:\Documents and Settings\Jon\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/02/03 16:20:46 | 000,910,304 | ---- | C] () -- C:\WINDOWS\System32\igmedkrn.dll
[2011/02/03 16:20:46 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4831.dll
[2011/02/03 16:20:46 | 000,002,096 | ---- | C] () -- C:\WINDOWS\System32\igxpxk32.vp
[2011/02/03 16:20:45 | 000,025,504 | ---- | C] () -- C:\WINDOWS\System32\igxpxs32.vp
[2011/02/03 16:20:43 | 000,121,232 | ---- | C] () -- C:\WINDOWS\System32\IScrNBR.bmp
[2011/02/03 16:20:43 | 000,121,232 | ---- | C] () -- C:\WINDOWS\System32\IScrNB.bmp
[2011/02/03 15:58:16 | 000,000,416 | ---- | C] () -- C:\WINDOWS\System32\vcredist_x86.bat
[2011/02/03 15:58:15 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\preflib.dll
[2011/02/03 15:58:14 | 000,753,664 | ---- | C] () -- C:\WINDOWS\System32\bcm1xsup.dll
[2011/02/03 15:58:14 | 000,024,064 | ---- | C] () -- C:\WINDOWS\System32\WLTRYSVC.EXE
[2011/02/03 15:48:07 | 000,016,480 | ---- | C] () -- C:\WINDOWS\System32\rixdicon.dll
[2011/02/03 15:43:38 | 000,000,079 | ---- | C] () -- C:\Documents and Settings\Jon\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2011/02/03 15:43:31 | 000,000,803 | ---- | C] () -- C:\Documents and Settings\Jon\Start Menu\Programs\Internet Explorer.lnk
[2011/02/03 15:43:21 | 000,000,738 | ---- | C] () -- C:\Documents and Settings\Jon\Start Menu\Programs\Outlook Express.lnk
[2011/02/03 15:43:11 | 000,001,599 | ---- | C] () -- C:\Documents and Settings\Jon\Start Menu\Programs\Remote Assistance.lnk
[2011/02/03 15:43:11 | 000,000,788 | ---- | C] () -- C:\Documents and Settings\Jon\Start Menu\Programs\Windows Media Player.lnk
[2011/02/03 15:41:14 | 000,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2011/02/03 15:40:17 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011/02/03 15:39:41 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2011/02/03 15:39:27 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2011/02/03 15:39:20 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2011/02/03 15:39:19 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2011/02/03 15:39:16 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2011/02/03 15:39:04 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2011/02/03 15:38:58 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2011/02/03 15:38:53 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fpencode.dll
[2011/02/03 15:38:43 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2011/02/03 15:37:23 | 000,002,577 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT
[2011/02/03 15:37:23 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2011/02/03 15:37:23 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2011/02/03 15:37:23 | 000,000,000 | ---- | C] () -- C:\CONFIG.SYS
[2011/02/03 15:37:23 | 000,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT
[2011/02/03 15:37:16 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2011/02/03 15:37:16 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2011/02/03 15:37:15 | 000,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2011/02/03 15:36:08 | 000,000,786 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Movie Maker.lnk
[2011/02/03 15:35:54 | 004,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex
[2011/02/03 15:35:35 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2011/02/03 15:35:35 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2011/02/03 15:35:29 | 000,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf
[2011/02/03 15:34:47 | 000,376,832 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msinfo.dll
[2011/02/03 15:33:57 | 000,000,609 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Messenger.lnk
[2011/02/03 15:33:55 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011/02/03 15:33:28 | 000,001,986 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\MSN.lnk
[2011/02/03 15:32:53 | 000,065,954 | ---- | C] () -- C:\WINDOWS\Prairie Wind.bmp
[2011/02/03 15:32:53 | 000,065,832 | ---- | C] () -- C:\WINDOWS\Santa Fe Stucco.bmp
[2011/02/03 15:32:53 | 000,026,680 | ---- | C] () -- C:\WINDOWS\River Sumida.bmp
[2011/02/03 15:32:53 | 000,017,362 | ---- | C] () -- C:\WINDOWS\Rhododendron.bmp
[2011/02/03 15:32:53 | 000,009,522 | ---- | C] () -- C:\WINDOWS\Zapotec.bmp
[2011/02/03 15:32:52 | 000,065,978 | ---- | C] () -- C:\WINDOWS\Soap Bubbles.bmp
[2011/02/03 15:32:52 | 000,026,582 | ---- | C] () -- C:\WINDOWS\Greenstone.bmp
[2011/02/03 15:32:52 | 000,017,336 | ---- | C] () -- C:\WINDOWS\Gone Fishing.bmp
[2011/02/03 15:32:52 | 000,017,062 | ---- | C] () -- C:\WINDOWS\Coffee Bean.bmp
[2011/02/03 15:32:52 | 000,016,730 | ---- | C] () -- C:\WINDOWS\FeatherTexture.bmp
[2011/02/03 15:32:52 | 000,001,272 | ---- | C] () -- C:\WINDOWS\Blue Lace 16.bmp
[2011/02/03 15:32:49 | 000,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h
[2011/02/03 15:32:49 | 000,001,161 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2011/02/03 15:32:48 | 000,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h
[2011/02/03 15:32:42 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc
[2011/02/03 10:29:58 | 000,004,444 | ---- | C] () -- C:\WINDOWS\System32\pid.PNF
[2011/02/03 10:16:49 | 000,001,355 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2011/02/03 10:16:46 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011/02/03 10:16:43 | 001,685,606 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.spd
[2011/02/03 10:16:43 | 000,605,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa
[2011/02/03 10:16:43 | 000,000,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.sdf
[2011/02/03 10:16:42 | 000,643,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa
[2011/02/03 10:16:17 | 000,001,688 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2011/02/03 10:16:05 | 000,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2011/02/03 10:16:05 | 000,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2011/02/03 10:16:05 | 000,144,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\netfx.cat
[2011/02/03 10:16:05 | 000,112,918 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tabletpc.cat
[2011/02/03 10:16:05 | 000,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2011/02/03 10:16:05 | 000,034,747 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mediactr.cat
[2011/02/03 10:16:05 | 000,034,063 | ---- | C] () -- C:\WINDOWS\System32\dllcache\FP4.CAT
[2011/02/03 10:16:05 | 000,026,991 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn7.cat
[2011/02/03 10:16:05 | 000,016,535 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IMS.CAT
[2011/02/03 10:16:05 | 000,014,433 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn9.cat
[2011/02/03 10:16:05 | 000,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2011/02/03 10:16:05 | 000,012,363 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSMSGS.CAT
[2011/02/03 10:16:05 | 000,010,027 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSTSWEB.CAT
[2011/02/03 10:16:05 | 000,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2011/02/03 10:16:05 | 000,007,382 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2011/02/03 10:16:05 | 000,007,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat
[2011/02/03 10:16:04 | 002,144,487 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5.CAT
[2011/02/03 10:16:04 | 001,296,669 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP3.CAT
[2011/02/03 10:16:04 | 000,522,220 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5INF.CAT
[2011/02/03 10:15:20 | 000,090,296 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/02/03 10:14:07 | 000,000,211 | -HS- | C] () -- C:\boot.ini
[2011/02/03 10:14:03 | 000,000,261 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf

========== LOP Check ==========

[2011/02/03 18:34:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2011/02/03 18:37:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Panda Security
[2011/02/03 18:37:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Panda Security URL Filtering
[2011/02/03 19:17:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TrojanHunter
[2011/02/03 21:47:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2011/02/03 18:38:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jon\Application Data\Panda Security
[2011/02/03 19:39:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jon\Application Data\TrojanHunter

========== Purity Check ==========



< End of report >
 
Hi,

Nothing bad really jumping out at me.

Download gmer.zip and save to your desktop.
alternate download site
  • Unzip/extract the file to its own folder. (Click here for information on how to do this if not sure. Win 2000 users click here.
  • When you have done this, disconnect from the Internet and close all running programs.
    There is a small chance this application may crash your computer so save any work you have open.
  • Double-click on Gmer.exe to start the program.
  • Allow the gmer.sys driver to load if asked.
  • If it gives you a warning at program start about rootkit activity and asks if you want to run a scan...click NO.
  • Run Gmer again and click on the Rootkit tab.
  • Look at the right hand side (under Files) and uncheck all drives with the exception of your C drive.
  • Make sure all other boxes on the right of the screen are checked, EXCEPT for "Show All".
  • Click on the "Scan" and wait for the scan to finish.
    Note: Before scanning, make sure all other running programs are closed and no other actions like a scheduled antivirus scan will occur while this scan completes. Also do not use your computer during the scan.
  • When completed, click on the Copy button and right-click on your Desktop, choose "New" > Text document. Once the file is created, open it and right-click again and choose Paste or Ctrl+V. Save the file as gmer.txt and copy the information in your next reply.
  • Note: If you have any problems, try running GMER in SAFE MODE"
Important! Please do not select the "Show all" checkbox during the scan..
 
gmer.txt

GMER 1.0.15.15530 - http://www.gmer.net
Rootkit scan 2011-02-04 18:42:12
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-e SAMSUNG_HM250JI rev.HS100-11
Running: gmer.exe; Driver: C:\DOCUME~1\Jon\LOCALS~1\Temp\awtiapow.sys


---- System - GMER 1.0.15 ----

SSDT \SystemRoot\system32\DRIVERS\PSINProc.sys (PSINProc Filter Driver for XP32/Panda Security, S.L.) ZwTerminateProcess [0xA8D54416]

---- Kernel code sections - GMER 1.0.15 ----

? C:\DOCUME~1\Jon\LOCALS~1\Temp\mbr.sys The system cannot find the file specified. !

---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\Mozilla Firefox\firefox.exe[1460] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 004013F0 C:\Program Files\Mozilla Firefox\firefox.exe (Firefox/Mozilla Corporation)
.text C:\Program Files\Mozilla Firefox\firefox.exe[1460] kernel32.dll!LoadLibraryExW + C4 7C801BB9 4 Bytes CALL 01280001
.text C:\Program Files\Mozilla Firefox\firefox.exe[1460] WS2_32.dll!WSALookupServiceNextW 71AB3181 6 Bytes JMP 71A50F5A
.text C:\Program Files\Mozilla Firefox\firefox.exe[1460] WS2_32.dll!WSALookupServiceEnd 71AB350E 6 Bytes JMP 71A20F5A
.text C:\Program Files\Mozilla Firefox\firefox.exe[1460] WS2_32.dll!WSALookupServiceBeginW 71AB35EF 6 Bytes JMP 71AF0F5A
.text C:\Program Files\Mozilla Firefox\firefox.exe[1460] WS2_32.dll!send 71AB4C27 6 Bytes JMP 719F0F5A
.text C:\Program Files\Mozilla Firefox\firefox.exe[1460] WS2_32.dll!WSARecv 71AB4CB5 6 Bytes JMP 71960F5A
.text C:\Program Files\Mozilla Firefox\firefox.exe[1460] WS2_32.dll!recv 71AB676F 6 Bytes JMP 719C0F5A
.text C:\Program Files\Mozilla Firefox\firefox.exe[1460] WS2_32.dll!WSASend 71AB68FA 6 Bytes JMP 71990F5A
.text C:\Program Files\Mozilla Firefox\firefox.exe[1460] WS2_32.dll!WSAGetOverlappedResult 71AC0D1B 6 Bytes JMP 71930F5A

---- Devices - GMER 1.0.15 ----

AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)

---- EOF - GMER 1.0.15 ----
 
Lets run this quick scan

Download MBRCheck.exe to your desktop.
  • Be sure to disable your security programs
  • Double click on the file to run it
  • A window will open on your desktop
  • if an unknown bootcode is found you will have further options available to you, at this time press N then press Enter twice.
  • If nothing unusual is found just press Enter
  • A .txt file named MBRCheck_mm.dd.yy_hh.mm.ss should appear on your desktop.
  • Please post the contents of that file.
 
MBRCheck_02.04.11_21.22.49.txt

MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows XP Professional
Windows Information: Service Pack 3 (build 2600)
Logical Drives Mask: 0x0000000c

Kernel Drivers (total 123):
0x804D7000 \WINDOWS\system32\ntkrnlpa.exe
0x806E4000 \WINDOWS\system32\hal.dll
0xBA5A8000 \WINDOWS\system32\KDCOM.DLL
0xBA4B8000 \WINDOWS\system32\BOOTVID.dll
0xB9F79000 ACPI.sys
0xBA5AA000 \WINDOWS\system32\DRIVERS\WMILIB.SYS
0xB9F68000 pci.sys
0xBA0A8000 isapnp.sys
0xBA0B8000 ohci1394.sys
0xBA0C8000 \WINDOWS\system32\DRIVERS\1394BUS.SYS
0xBA4BC000 compbatt.sys
0xBA4C0000 \WINDOWS\system32\DRIVERS\BATTC.SYS
0xBA670000 pciide.sys
0xBA328000 \WINDOWS\system32\DRIVERS\PCIIDEX.SYS
0xBA0D8000 MountMgr.sys
0xB9F49000 ftdisk.sys
0xBA5AC000 dmload.sys
0xB9F23000 dmio.sys
0xBA330000 PartMgr.sys
0xBA0E8000 VolSnap.sys
0xB9F0B000 atapi.sys
0xBA0F8000 disk.sys
0xBA108000 \WINDOWS\system32\DRIVERS\CLASSPNP.SYS
0xB9EEB000 fltMgr.sys
0xB9ED9000 sr.sys
0xB9EC2000 KSecDD.sys
0xB9E35000 Ntfs.sys
0xB9E08000 NDIS.sys
0xB9DEE000 Mup.sys
0xBA158000 \SystemRoot\system32\DRIVERS\intelppm.sys
0xB9823000 \SystemRoot\system32\DRIVERS\igxpmp32.sys
0xB980F000 \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
0xBA388000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0xB97EB000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0xBA390000 \SystemRoot\system32\DRIVERS\usbehci.sys
0xB97C3000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0xBA168000 \SystemRoot\system32\DRIVERS\bcm4sbxp.sys
0xBA178000 \SystemRoot\system32\DRIVERS\nic1394.sys
0xB9674000 \SystemRoot\system32\DRIVERS\sdbus.sys
0xBA188000 \SystemRoot\system32\DRIVERS\rimmptsk.sys
0xB9660000 \SystemRoot\system32\DRIVERS\rimsptsk.sys
0xB960F000 \SystemRoot\system32\DRIVERS\rixdptsk.sys
0xBA198000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0xB95C3000 \SystemRoot\system32\DRIVERS\SynTP.sys
0xBA5B2000 \SystemRoot\system32\DRIVERS\USBD.SYS
0xBA398000 \SystemRoot\system32\DRIVERS\mouclass.sys
0xBA3A0000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0xBA1A8000 \SystemRoot\system32\DRIVERS\imapi.sys
0xBA1B8000 \SystemRoot\system32\DRIVERS\cdrom.sys
0xBA1C8000 \SystemRoot\system32\DRIVERS\redbook.sys
0xB95A0000 \SystemRoot\system32\DRIVERS\ks.sys
0xBA560000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0xBA564000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
0xBA76E000 \SystemRoot\system32\DRIVERS\audstub.sys
0xBA1D8000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0xBA568000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0xB9561000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0xBA1E8000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0xBA1F8000 \SystemRoot\system32\DRIVERS\raspptp.sys
0xBA3A8000 \SystemRoot\system32\DRIVERS\TDI.SYS
0xB9550000 \SystemRoot\system32\DRIVERS\psched.sys
0xBA208000 \SystemRoot\system32\DRIVERS\msgpc.sys
0xBA3B0000 \SystemRoot\system32\DRIVERS\ptilink.sys
0xBA3B8000 \SystemRoot\system32\DRIVERS\raspti.sys
0xB9480000 \SystemRoot\system32\DRIVERS\rdpdr.sys
0xBA238000 \SystemRoot\system32\DRIVERS\termdd.sys
0xBA5BC000 \SystemRoot\system32\DRIVERS\swenum.sys
0xB9422000 \SystemRoot\system32\DRIVERS\update.sys
0xBA588000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0xBA248000 \SystemRoot\System32\Drivers\NDProxy.SYS
0xBA268000 \SystemRoot\system32\DRIVERS\usbhub.sys
0xA91B4000 \SystemRoot\system32\drivers\sthda.sys
0xA9190000 \SystemRoot\system32\drivers\portcls.sys
0xBA278000 \SystemRoot\system32\drivers\drmk.sys
0xBA5DE000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0xBA71A000 \SystemRoot\System32\Drivers\Null.SYS
0xBA5E0000 \SystemRoot\System32\Drivers\Beep.SYS
0xBA3F0000 \SystemRoot\System32\drivers\vga.sys
0xBA5E2000 \SystemRoot\System32\Drivers\mnmdd.SYS
0xBA5E6000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0xBA3F8000 \SystemRoot\System32\Drivers\Msfs.SYS
0xBA400000 \SystemRoot\System32\Drivers\Npfs.SYS
0xB9578000 \SystemRoot\system32\DRIVERS\rasacd.sys
0xA9135000 \SystemRoot\system32\DRIVERS\ipsec.sys
0xA90DC000 \SystemRoot\system32\DRIVERS\tcpip.sys
0xA90B4000 \SystemRoot\system32\DRIVERS\netbt.sys
0xA908E000 \SystemRoot\system32\DRIVERS\ipnat.sys
0xA906C000 \SystemRoot\System32\drivers\afd.sys
0xBA288000 \SystemRoot\system32\DRIVERS\netbios.sys
0xA9041000 \SystemRoot\system32\DRIVERS\rdbss.sys
0xA9022000 \SystemRoot\system32\DRIVERS\psinknc.sys
0xA8F12000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0xBA298000 \SystemRoot\System32\Drivers\Fips.SYS
0xA901A000 \SystemRoot\SYSTEM32\DRIVERS\APPDRV.SYS
0xBA2B8000 \SystemRoot\System32\Drivers\Cdfs.SYS
0xA8EFA000 \SystemRoot\System32\Drivers\dump_atapi.sys
0xBA5F2000 \SystemRoot\System32\Drivers\dump_WMILIB.SYS
0xBF800000 \SystemRoot\System32\win32k.sys
0xA8FD6000 \SystemRoot\System32\drivers\Dxapi.sys
0xBA418000 \SystemRoot\System32\watchdog.sys
0xBF000000 \SystemRoot\System32\drivers\dxg.sys
0xBA7B7000 \SystemRoot\System32\drivers\dxgthk.sys
0xBF024000 \SystemRoot\System32\igxpgd32.dll
0xBF012000 \SystemRoot\System32\igxprd32.dll
0xBF04E000 \SystemRoot\System32\igxpdv32.DLL
0xBA308000 \SystemRoot\system32\DRIVERS\wanarp.sys
0xBA318000 \SystemRoot\system32\DRIVERS\arp1394.sys
0xBF1D8000 \SystemRoot\System32\igxpdx32.DLL
0xA8D99000 \SystemRoot\system32\DRIVERS\PSINAflt.sys
0xA8D7F000 \SystemRoot\system32\DRIVERS\PSINProt.sys
0xA8D68000 \SystemRoot\system32\DRIVERS\PSINFile.sys
0xA8D4E000 \SystemRoot\system32\DRIVERS\PSINProc.sys
0xA8DD6000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0xA8AE1000 \SystemRoot\system32\drivers\wdmaud.sys
0xBA2C8000 \SystemRoot\system32\drivers\sysaudio.sys
0xA8716000 \SystemRoot\system32\DRIVERS\mrxdav.sys
0xA866F000 \SystemRoot\system32\DRIVERS\srv.sys
0xA8246000 \SystemRoot\System32\Drivers\HTTP.sys
0xBA4A8000 \??\C:\DOCUME~1\Jon\LOCALS~1\Temp\mbr.sys
0xA7DC8000 \??\C:\DOCUME~1\Jon\LOCALS~1\Temp\awtiapow.sys
0xA7C8D000 \SystemRoot\system32\DRIVERS\bcmwl5.sys
0xA7C62000 \SystemRoot\system32\drivers\kmixer.sys
0x7C900000 \WINDOWS\system32\ntdll.dll

Processes (total 36):
0 System Idle Process
4 System
572 C:\WINDOWS\system32\smss.exe
628 csrss.exe
1016 C:\WINDOWS\system32\winlogon.exe
1060 C:\WINDOWS\system32\services.exe
1072 C:\WINDOWS\system32\lsass.exe
1252 C:\WINDOWS\system32\svchost.exe
1316 svchost.exe
1356 C:\WINDOWS\system32\svchost.exe
1472 svchost.exe
1536 svchost.exe
1740 C:\WINDOWS\system32\WLTRYSVC.EXE
1756 C:\WINDOWS\system32\BCMWLTRY.EXE
1808 C:\WINDOWS\system32\spoolsv.exe
144 C:\WINDOWS\explorer.exe
244 C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe
252 C:\WINDOWS\system32\WLTRAY.EXE
264 C:\Program Files\Dell\QuickSet\quickset.exe
340 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
360 C:\WINDOWS\system32\hkcmd.exe
412 C:\WINDOWS\system32\igfxpers.exe
760 C:\WINDOWS\system32\igfxsrvc.exe
808 C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe
1388 C:\Documents and Settings\All Users\Application Data\Panda Security URL Filtering\Panda_URL_Filtering.exe
1604 C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe
1624 C:\Program Files\TrojanHunter 5.3\THGuard.exe
1632 C:\WINDOWS\system32\ctfmon.exe
656 wmiprvse.exe
2996 alg.exe
948 C:\WINDOWS\system32\svchost.exe
3940 C:\Program Files\WinZip\WZQKPICK.EXE
700 C:\WINDOWS\system32\wuauclt.exe
3604 C:\Program Files\Mozilla Firefox\firefox.exe
1556 C:\WINDOWS\system32\wscntfy.exe
2448 C:\Documents and Settings\Jon\Desktop\MBRCheck.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`00007e00 (NTFS)

PhysicalDrive0 Model Number: SAMSUNGHM250JI, Rev: HS100-11

Size Device Name MBR Status
--------------------------------------------
232 GB \\.\PhysicalDrive0 Windows XP MBR code detected
SHA1: DA38B874B7713D1B51CBC449F4EF809B0DEC644A


Done!
 
Hi,

I was concerned your Master Boot record may have been infected , lots of that going around lately but yours looks fine.

Please download ATF Cleaner by Atribune to your desktop.
  • Double-click ATF-Cleaner.exe to run the program.
  • Under Main choose: Select All
  • Click the Empty Selected button.
Your system may start up slower after running ATF Cleaner, this is expected but will be back to normal after the first or second boot up
Please note: If you use online banking or are registered online with any other organizations, ensure you have memorized password and other personal information as removing cookies will temporarily disable the auto-login facility.







Download the HostsXpert 4.3 - Hosts File Manager.
  • Unzip HostsXpert 4.2.0.0 - Hosts File Manager to a convenient folder such as C:\HostsXpert
  • Click HostsXpert.exe to Run HostsXpert - Hosts File Manager from its new home
  • Click "Make Hosts Writable?" in the upper left corner.
  • Click Restore Microsoft's Hosts file and then click OK.
  • Click the X to exit the program.
  • Note: If you were using a custom Hosts file you will need to replace any of those entries yourself.
 
update

I did step one successfully, but when I try and restore the Microsoft hosts file, I get an error: Cannot create file.

I did reboot and then tried again and I still get the same error. I tested out a google search and it appears to be working correctly now. Not sure if things are cleaned up or not?
 
Well , we can reset the hosts file to make sure.

Make sure HostXpert is still on your desktop , if not redownload it


  1. Please download OTM by OldTimer and save it to your desktop.
  2. Double click the
    OTMdesktopicon.png
    icon on your desktop.
  3. Paste the following code under the
    pasteline.png
    area.
    Do not include the word "Code".

    Code: 
    :Processes
explorer.exe

:Services

:Reg

:Files
c:\windows\system32\drivers\etc\hosts


:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]
  4. Push the large
    btnmoveit.png
    button.
  5. OTM may ask to reboot the machine. Please do so if asked.
  6. Copy/Paste the contents under the
    results.png
    line here in your next reply.
  7. If you are unable to copy/paste from this window (as will be the case if the machine was rebooted), open Notepad (Start->All Programs->Accessories->Notepad), click File->Open, in the File Name box enter *.log and press the Enter key, navigate to the C:\_OTM\MovedFiles folder, and open the newest .log file present, and copy/paste the contents of that document back here in your next post.


Now run HostsXpert


Restore Microsoft's Hosts file <-- You will get a message stating that there is no hosts file available do you want to create one SAY YES


Post the report from OTM and let me know if you feel your system is running ok
 
otm

Well, I was wrong before. The problem was not fixed. Here are the results from the OTM log. Hosts file has been restored.

All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
c:\windows\system32\drivers\etc\hosts moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: Jon
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 771209 bytes
->FireFox cache emptied: 89740134 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32969 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2402044 bytes
%systemroot%\System32 .tmp files removed: 2577 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 89.00 mb


OTM by OldTimer - Version 3.1.17.2 log created on 02052011_155936

Files moved on Reboot...

Registry entries deleted on Reboot...
 
Copy and paste these lines in Note pad.

@Echo on
pushd\windows\system32\drivers\etc
attrib -h -s -r hosts
echo 127.0.0.1 localhost>HOSTS
attrib +r +h +s hosts
popd
ipconfig /release
ipconfig /renew
ipconfig /flushdns
netsh winsock reset all
netsh int ip reset all
shutdown -r -t 1
del %0

Save as flush.bat to your desktop. Double click to run.
*** note: Win Vista and Win 7 need to right click and choose to "run as Administrator" .. the computer will reboot itself.



Let me know how things are running now
 
still the same

I have finished the last step of your instructions, and everything seems to be the same as it was. I am still getting redirected on my google searches. My computer does just drop my wireless connection every once in a while and then reconnects. Not sure if this is related or not.
 
Lets run this program


Download ComboFix from one of these locations:

Link 1
Link 2


* IMPORTANT !!! Save ComboFix.exe to your Desktop


  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
  • See this Link for programs that need to be disabled and instruction on how to disable them.
  • Remember to re-enable them when we're done.

  • Double click on ComboFix.exe & follow the prompts.

  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.

  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.


RC1.png


Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:
RC2-1.png

Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.

*If there is no internet connection when Combofix has completely finished then restart your computer to restore back the connections.
 
combo fix log

ComboFix 11-02-05.01 - Jon 02/06/2011 13:15:21.1.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2038.1658 [GMT -5:00]
Running from: c:\documents and settings\Jon\Desktop\ComboFix.exe
AV: Panda Cloud Antivirus *Disabled/Updated* {5AD27692-540A-464E-B625-78275FA38393}
.

((((((((((((((((((((((((( Files Created from 2011-01-06 to 2011-02-06 )))))))))))))))))))))))))))))))
.

2011-02-05 20:59 . 2011-02-05 20:59 -------- d-----w- C:\_OTM
2011-02-03 21:05 . 2011-02-03 21:05 -------- d-----w- C:\Intel

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-12-16 23:39 . 2010-12-16 23:39 365888 ----a-w- c:\windows\system32\PSUNCpl.cpl
2010-12-16 23:12 . 2010-12-16 23:12 113096 ----a-w- c:\windows\system32\drivers\PSINProt.sys
2010-12-16 23:12 . 2010-12-16 23:12 111944 ----a-w- c:\windows\system32\drivers\PSINProc.sys
2010-12-16 23:12 . 2010-12-16 23:12 130376 ----a-w- c:\windows\system32\drivers\PSINKNC.sys
2010-12-16 23:12 . 2010-12-16 23:12 97352 ----a-w- c:\windows\system32\drivers\PSINFile.sys
2010-12-16 23:12 . 2010-12-16 23:12 141768 ----a-w- c:\windows\system32\drivers\PSINAflt.sys
2010-11-09 14:52 . 2008-04-14 00:42 249856 ----a-w- c:\windows\system32\odbc32.dll
.

------- Sigcheck -------

[-] 2008-08-29 . 362BC5AF8EAF712832C58CC13AE05750 . 1614848 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Panda Malware Icon]
@="{F5D1CF73-C196-48F8-AAAC-B9181E22B4E6}"
[HKEY_CLASSES_ROOT\CLSID\{F5D1CF73-C196-48F8-AAAC-B9181E22B4E6}]
2010-12-16 23:18 320832 ----a-w- c:\program files\Panda Security\Panda Cloud Antivirus\PSUNShell.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Panda Suspect Icon]
@="{9AE343CB-BA45-4618-AF6A-0230EE6FC793}"
[HKEY_CLASSES_ROOT\CLSID\{9AE343CB-BA45-4618-AF6A-0230EE6FC793}]
2010-12-16 23:18 320832 ----a-w- c:\program files\Panda Security\Panda Cloud Antivirus\PSUNShell.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2008-10-24 2220032]
"Dell QuickSet"="c:\program files\Dell\QuickSet\quickset.exe" [2007-07-20 1228800]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-10-26 1024000]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-05-16 138008]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-05-16 162584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-05-16 138008]
"PSUNMain"="c:\program files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe" [2010-12-16 423232]
"Panda Security URL Filtering"="c:\documents and settings\All Users\Application Data\Panda Security URL Filtering\Panda_URL_Filtering.exe" [2010-12-19 223400]
"THGuard"="c:\program files\TrojanHunter 5.3\THGuard.exe" [2010-10-23 1070360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_2"="shell32" [X]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
WinZip Quick Pick.lnk - c:\program files\WinZip\WZQKPICK.EXE [2010-11-30 608584]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=

R1 PSINKNC;PSINKNC;c:\windows\system32\drivers\PSINKNC.sys [12/16/2010 6:12 PM 130376]
R2 NanoServiceMain;Panda Cloud Antivirus Service;c:\program files\Panda Security\Panda Cloud Antivirus\PSANHost.exe [12/16/2010 6:19 PM 140608]
R2 PSINAflt;PSINAflt;c:\windows\system32\drivers\PSINAflt.sys [12/16/2010 6:12 PM 141768]
R2 PSINFile;PSINFile;c:\windows\system32\drivers\PSINFile.sys [12/16/2010 6:12 PM 97352]
R2 PSINProc;PSINProc;c:\windows\system32\drivers\PSINProc.sys [12/16/2010 6:12 PM 111944]
R2 PSINProt;PSINProt;c:\windows\system32\drivers\PSINProt.sys [12/16/2010 6:12 PM 113096]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.bing.com/
FF - ProfilePath - c:\documents and settings\Jon\Application Data\Mozilla\Firefox\Profiles\5cm2omqa.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.bing.com
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=panda&type=PCAFSI1190&p=
FF - prefs.js: network.proxy.type - 0
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
.
- - - - ORPHANS REMOVED - - - -

HKLM-Run-SigmatelSysTrayApp - %ProgramFiles%\SigmaTel\C-Major Audio\WDM\stsystra.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-02-06 13:19
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2011-02-06 13:21:07
ComboFix-quarantined-files.txt 2011-02-06 18:21

Pre-Run: 244,003,897,344 bytes free
Post-Run: 243,974,004,736 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

- - End Of File - - CF6E7A6E1DF0D7C8F7822EE4AD7CDF97
 
Please download SystemLook from one of the links below and save it to your Desktop.
Download Mirror #1
Download Mirror #2
  • Double-click SystemLook.exe to run it.
  • Copy the content of the following codebox into the main textfield:
    Code: 
    :filefind
sfcfiles.dll
  • Click the Look button to start the scan.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
Note: The log can also be found on your Desktop entitled SystemLook.txt
 
You must log in or register to reply here.
Back
Top